Featured Article: Editorial - Mac's Market Share and the Cascade Failure of Windows
Tips for Securing Apple's Open Directory
by , 12:30 PM EDT, August 31st, 2007
Apple's Open Directory for Mac OS X Server is a powerful, capable directory services system that uses open standards like Open LDAP and Kerberos. Despite its capabilities, there are still some methods to secure it over and above the default settings, according to Ryan Faas at Computerworld on Friday.
Mr. Fass, who has written an informative series on Apple's Open Directory system, noted, "For administrators, employing a robust directory services application that supports all their clients is only part of the equation. Directory servers manage user authentication and maintain significant amounts of information about users, groups, servers, workstations and network configurations. This makes securing directory servers a paramount concern for any network admin."
Some of the things that were noted include:
- Use open Directory not crypt passwords.
- Rely on Kerberos at every opportunity
- Disable unused authentication mechanisms
- Require SSL for all communication
- Use Trusted Binding introduced in Mac OS X 10.4
- Secure relevant ports via firewall
Mr. Faas reminded administrators that frequent inspection of the Password Service Server log will reveal failed login attempts and is worthy of attention.
The article, one more in a notable series of articles by the Mr. Fass, is a good refresher for Apple network administrators to make sure they've taken all possible measures to secure their Apple network and do it correctly.
Observer Comments
Recent Headlines - Updated Friday, July 4th, 2008
- Fri., 7:30 AM
- Happy Fourth of July!
- Thu., 4:50 PM
- Apple Slashes $400 from SSD Drive in MacBook Air
- 4:05 PM
- It's Official - Firefox Sets Guinness Record for Downloads
- 3:30 PM
- Apple Files Patent for a Multi-touch Gesture Language
- 2:20 PM
- Editorial - Mac's Market Share and the Cascade Failure of Windows
- 1:35 PM
- iPodObserver - Apple Slurps Up Samsung's NAND Flash for iPhone 3G
- 1:05 PM
- WSJ: Tips for Switching from Windows to Mac
- 12:05 PM
- iPodObserver - Google Intros Google Talk for iPhone
- 11:35 AM
- iPO Just a Thought - iPod nano Versus iPhone: Decisons, Decisions...
- 10:55 AM
- YouTube Ordered to Turn Over All User Records to Viacom
- 10:10 AM
- Hot Forum Topic - Apple vs. Cell Carriers: Who's Winning the Game
- 9:25 AM
- iPodObserver - Rumor: Best Buy, Radio Shack to Sell iPhone 3G
- 8:45 AM
- .Mac Bookmark Sync Deadline Extended to July 6
- 8:10 AM
- Adobe Reader 9 Hits the Streets
The Mac Observer Reader Specials
- Download Typestyler, still the Ultimate Styling Tool for Internet, Print and Video Graphics. Works great in Classic with a Native OS X Version on the way. Free Tryout: www.typestyler.com
- Other World Computing has the Upgrades, Enhancements, and Accessories for getting the most from your Mac. Quality Products, Competitive Prices, Expert Support Staff - www.macsales.com
New iMac 800Mhz Memory 4GB $98, 2GB $50. Click to Maximize your Macs...
Mac observers can now play Party Poker for Mac as well as Mac casino games by going to MacPokerOnline.com.
RamJet Memory: MacBook 1Gig $39, 2Gig $78, 4Gig $195! Mac Pro 2Gig $115, 4Gig $189! 500G Seagate SATA II $139! Click hereFor the latest Apple products use Ciao a comparison website to find laptops like MacBook Air. Then find the best prices on MP3 players and use our comparison tool to evaluate cell phones.
Laptop Hardware Provided by TechRestore - Overnight Mac & iPod Repairs.
Harman Kardon EP 730 In-ear Noise Isolating Earphones With Volume Control: $52.99 Delivered 
Archos 604 30 GB Ultraslim Portable Digital Media Player and Recorder: $169.99 Delivered 
Western Digital 320GB My Passport Essential USB 2.0 Portable Hard Drive: $128.99 Delivered 
Cavalry 1TB Hard Drive - RAID 1 (500GB Mirrored) - Interface (USB 2.0) External Hard Drive: $189.99 
