[K12OSN] Authenticating From an OSX Server

Christopher Butler cbutler at shoreschool.org
Wed May 4 16:50:25 UTC 2005

Bruce -

I just went through this, so if you look back in the archives a bit, find
messages from me (cbutler at shoreschool.org) with subject "Authenticate to
OS X Open Directory" for my problems and successes.

The k12ltsp wiki has an entry under the "Interoperability" section
that really is all you need.

The one thing missing from that is that gdm-binary needs to be restarted
for it to catch the changes made in authconfig.

A brief summary our our setup:
helios: OS X 10.3.4 Open Directory Master
saturn: OS X 10.3.4 Home Directory Server (all home directories on a fiber
channel attached XRAID)
ltsp: K12TLTSP 4.1.1 two-NIC setup with thin clients on

With WGM I have set one of our home directory mounts to be shared via NFS
to the K12LTSP server (I'm still in testing mode, so I am only sharing the
faculty mount at this time.)   For our setup, the path on our server to
the home directory folder is
so the mkdir command I had to do on the LTSP server was
  mkdir -p /Network/Servers/saturn/volumes/SaturnRAID/Home
and the mount command looked similar
  mount saturn:/Network/Servers/saturn/volumes/SaturnRAID/Home \

The authconfig work was easy - just take a look at the Open Directory
settings on your Open Directory Master (in Server Admin) to figure out
what the LDAP Base DN is.

Then, the missing step:
I figured this out after three days (I actually restarted the server
itself).  I think there is a script "gdm-safe-restart" that will do this
for you.

Now, I can log in to a thin client in the 192 network with my OS X
username/password and my OS X home directory shows up as my LTSP home
directory.  Even more fun, from any Mac on campus, I can run
  /usr/X11R6/bin/x -query ltsp :1
and get an X session running with access to all the fun Gnome stuff.

Hope this helps, and please, if you have any questions, feel free to ask.

Christopher Butler
Director of Technology
Shore Country Day School
Beverly, MA 01915
cbutler at shoreschool.org

"Support list for opensource software in schools." <k12osn at redhat.com> on
Wednesday, May 04, 2005 at 12:08 PM -0500 wrote:
>Hello Team,
>I've been watching the thread on authenticating against an LTSP server,
>but I would like to do the exact opposite.  I would like my LTSP servers
>to authenticate from our OSX server.
>Our OSX server, Panther soon to be Tiger, hold all of our student
>accounts as well as many teacher accounts.  I would like to be able to
>log into any LTSP or Windows computer on campus and have that users OSX
>directly mounted and accessible automatically.  
>Since OSX is basically Unix I would think this should be possible, but
>it's a bit beyond my knowledge at this point.  At least without a ton of
>"hunting and pecking" for the right solution.  I'd rather do it right
>the first time.
>Is anyone doing this?  Is there any documentation for this?  Can someone
>point me in the right direction here?
>Let me know what you think.
>- Sez
>K12OSN mailing list
>K12OSN at redhat.com
>For more info see <http://www.k12os.org>

More information about the K12OSN mailing list