Re: Apple's OpenDirectory

[Adam Williams <awilliam@whitemice.org>]

> > I am coding a web form to add users to OpenDirectory. From slapcat, I
> > see that Apple stores apple-user-mailattribute in some encrypted
> > format. Can anyone pls tell me
> > 1. how to encrypt user entered data into this attribute.
> > 2. I am storing password as Crypt type. How to store in OpenDirectory
> > format ?
> What is OpenDirectory? What is its format?

It is Apple Mac OS/X's odd LDAP-like directory,  sort of like M$'s
Active Directory.

>From the OpenRADIUS web site -
"Mac OSX Server 10.2 (aka Jaguar) has built-in LDAP server
functionality.  It's not a real LDAP server, but instead it's an LDAP
interface to the Mac OS Server's authentication system.  Jaguar uses
NetInfo, which is a left-over from the NeXT days.  NetInfo was (and
still is) a parallel to LDAP, and was based on X.500 just like LDAP. 
But the implementation isn't quite compatible with LDAP.
So Apple has written a set of API's called OpenDirectory, which is
Apple's new way of handling directories and authentication between
applications. Apple's LDAP installation is a front-end only, and it uses
OpenDirectory API to access the NetInfo directory.  Ya got all that?"