Introduction
This article shows you how you can configure the OSX operating system so that you can log into your Mac computer using LogonBox Directory credentials.
If you have not installed LogonBox Directory, now is the time to do so. This discussion assumes you have a server installed, configured, and ready to go with users waiting to log into OSX.
Before you head off configuring OSX to connect to your directory there are a few values you will need to jot down. These are:
Directory Hostname
This will be the FQDN of your LogonBox Directory. This hostname must be resolvable from each client you want to log in from. If your users will be accessing the directory via the Internet then make sure you have firewalled and port-forwarded the directory from your public hostname/IP address.
Directory LDAP DN
The LDAP Distinguished Name is a uniquely formatted string that provides a way to resolve elements in the LDAP. You will need to know the root DN of your server. If you have not changed this, then it will be DC=System,DC=local
.
Directory LDAP Port
Unless you have changed the default LDAPS interface, the port value will be 636 for the ldaps:// protocol.
Service Account
You will need an account that has permission to search the LDAP. We recommend creating a specific user with a minimal set of permissions. See our Creating a Service Account article for more information.
System Configuration
Navigate to the Users & Groups System Preferences pane and click on the Locked icon to enable you to make changes.
This should ask you to authenticate.
And once complete the lock page will show as unlocked.