Results tagged “directory services”

Binding your 10.6 Mac to the Campus OpenLDAP directory

These instructions are Snow Leopard-specific. First, download the Stanford Directory Utility Template installer. It will install a property list file into your home directory, which will make configuring your Mac to use the campus OpenLDAP directory system even easier than before. This template holds the record and attribute matching information, so you don't need to edit much.

Next, launch Directory Utility. It's located in /System/Library/CoreServices folder. Edit the LDAPv3 service to add a new directory system. For the server name, enter ldap.stanford.edu in the field. The program will query the campus OpenLDAP directory, then ask you to choose a template for LDAP mapping. Since you just installed the Stanford LDAP template, choose that from the pull-down menu. Enter cn=accounts,dc=stanford,dc=edu for the searchbase.

You can configure other options as you see fit. You should also install the Kerberos Configuration Utility from the Essential Stanford Software site.

Enhanced by Zemanta

Getting LDAP entries to work in 10.6 Address Book.app

Special thanks to Florian Schoppmann for bringing this issue to the community's attention. I'm extracting the steps to get Address Book and Mail to read from the Stanford LDAP directory. General instructions for setup can be found here:

http://www.stanford.edu/services/email/config/osx5mail/ldap/index.html

Since Address Book in 10.6 does not allow for self-signed certificates, you will need to take the following steps to get it working:

1. Retrieve the certificate by going to Terminal and typing:
openssl s_client -connect mothra.win.stanford.edu:636

2. Copy everything in between

"-----BEGIN CERTIFICATE-----"

and

"-----END CERTIFICATE-----" (including these lines)

to a new file with suffix .pem

3. double click on the file you just saved (.pem) to open it in Keychain Access

4. double click on the new certificate, click on the 'Trust' disclosure triangle and set "When using this Certificate:" to "Always trust".

As Florian says, VoilĂ !

1