
Setting Up the Authentication and Contacts Search Policies
Directory Access defines an authentication search policy and a contacts search policy.
- Mac OS X uses the authentication search policy to locate and retrieve user authentication information and other administrative data from directory domains.
- Mac OS X uses the contacts search policy to locate and retrieve name, address, and other contact information from directory domains. Mac OS X Address Book uses this contact information, and other applications can be programmed to use it as well.
Each search policy consists of a list of directory domains (also known as directory nodes). The order of directory domains in the list defines the search policy. Starting at the top of the list, Mac OS X searches each listed directory domain in turn until it either finds the information it needs or reaches the end of the list without finding the information.
Each search policy, authentication and contacts, can be set to Automatic, Local directory, or Custom path.
- Automatic starts with the local directory domain and can include an LDAP directory supplied automatically by DHCP and NetInfo domains to which the computer is bound. An automatic search policy is the default setting for Mac OS X version 10.2 and later and offers the most flexibility for mobile computers.
- Local directory includes only the local directory domain.
- Custom path starts with the local directory domain and includes your choice of LDAP directories, an Active Directory domain, NetInfo domains, BSD configuration files, and an NIS domain.