The Calendar service in OS X Server uses the MD5 Digest authentication method by default. This doesn't allow users to log into the Calendar server using Active Directory credentials. Apple recommends configuring Kerberos for Active Directory users.
If you require a non-Kerberos solution to support Active Directory users, cleartext authentication can be enabled for the Calendar service using the steps below. If you choose to use cleartext authentication, Apple strongly recommends you use SSL to provide a more secure environment.
To enable cleartext authentication in the Calendar server, use the following Terminal commands. Changes you make to the authentication methods in the Calendar or iCal service are also applied to the Contacts or Address Book service.
- To enable cleartext authentication, use this command:
sudo serveradmin settings calendar:Authentication:Basic:Enabled = yes
- To disable digest authentication, use this command:
sudo serveradmin settings calendar:Authentication:Digest:Enabled = no
- Restart the Calendar server:
sudo serveradmin stop calendar sudo serveradmin start calendar
- Restart the Address Book server:
sudo serveradmin stop addressbook sudo serveradmin start addressbook
After restarting both services, support for cleartext and Kerberos authentication methods take effect.