I’ve blown a few hours here trying to figure out how to bind some older 10.3 clients to my 10.6 server. The problem with manuals is that a 10.3 manual assumes you are going from 10.3 to 10.3. A 10.6 manual will do the same except it is for 10.6.
Every manual and note talks about making sure your client can properly resolved the server via DNS. This means that if your server DNS name is server.name.lan and it’s at IP address 192.168.1.1, you should be able to get successful responses from the following commands:
host server.name.lan
host 192.168.2.1
The is implies that you should be using the DNS name that resolves to your server when binding it. I’ve come to find out that even though my DNS setup is correct, there is some sort of problem when going from the older clients to the newer clients. In OS X 10.3 you need to do the following:
- Bring up /Applications/Utilities/Directory Access
- If all the options are greyed out, then click on the LOCK in the lower left corner and authenticate.
- Make sure LDAPv3 is CHECKED
- Select LDAPv3 and CLICK Configure.
- CLICK New and enter an a Configuration Name (anything will do).
- Go the the “Server Name or IP Address” field and enter the IP of the server, NOT the DNS name.
- In the “LDAP Mappings” drop down SELECT Open Directory Server.
- You will be prompted for a Search Base, you should have/get this from your 10.6 Open Directory Server. Enter that in and CLICK OK.
- Click OK to go back to the main Directory Access screen.
- Click on the Authentication Tab and choose “Custom Search” in the Search Drop Down.
- Click ADD and choose “/LDAPv3/192.168.2.1”
- Click Apply.
- Click on the Contacts Tab and do the same thing you did in steps 11-12.
- Close out.