Mac OS X,  Mac OS X Server,  Mac Security,  Mass Deployment

Setting up a Dual Directory with Snow Leopard Server

In Snow Leopard Server it seems that someone at Apple figured out that a bunch of people were building these weird triangle, or dual directory, thingies. So, if you bind a Mac OS X Server to Active Directory and then open Server Admin and then click on Open Directory you’ll see a button to Kerberize Services. Once you’ve Kerberized the services, if you click on the Change… button for Role you’ll see a different option than you normally see when setting an Open Directory Master. In the Choose Directory Role screen you’ll see a new screen that tells you that you’re connected to another directory. It will then ask if you want to remain connected and setup an Open Directory Master, remain connected and setup an Open Directory replica or whether you would like to disconnect from the existing directory service and go back to a standalone directory model (at which time you would re-run the Open Directory Assistant if this were the direction you were looking to go).

The Introductory Screen to the New Open Directory Setup Assistant
The Introductory Screen to the New Open Directory Setup Assistant

Overall, this is a great new addition and while technically there’s not much different going on here, it at a minimum shows that the developers are acknowledging that there are a number of different setup architectures and that Apple is trying to bring these into more of a supported type of environment.