Mac OS X Server - About User Accounts

background image

About User Accounts

User accounts on your server allow users to gain access to services provided by the
server. A user account contains the information needed to prove the user’s identity for
all services that require authentication. A user account also provides a centralized place
to store a user’s contact information and other data.

Each user account has an email address, an iChat instant messaging address, a personal
calendar, and a My Page wiki portal. User accounts can also have access to wikis, blogs,
web calendars, a server-based address book, the server’s shared files, and Time Machine
backup storage, and they can use VPN to access the server remotely. Users can be
members of groups, authorizing them to access group shared folders and group wikis.
Of course, if any of these services isn’t turned on, then users don’t have access to it.

You can add user accounts in the Users pane of Server Preferences by:

Creating new accounts


Importing existing accounts, if your organization has a directory server that your


server is connected to

You can import user accounts individually. You can also automatically import all user
accounts that are members of a group.

User Accounts in Your Server’s Directory
New user accounts you create are stored in your server’s directory. You can use Server
Preferences to create and edit them.

background image


Chapter 6

Managing Users

Imported User Accounts
Imported user accounts remain in your organization’s directory server. You can
supplement imported accounts with contact information, group membership
information, and so forth. The supplemental information is stored in your server’s
directory. When someone uses an imported user account, your server automatically
combines the account information stored in the directory server with supplemental
account information stored in your server’s directory.

If your server has imported user accounts, you can use Server Preferences to edit an
account’s supplemental information in your server’s directory, but not the account
information in your organization’s directory. An administrator of that directory can edit
its account information using tools for the directory server.

Local User Accounts
Users with administrator privileges on their Macs can create local user accounts using
the Accounts pane of System Preferences. These local user accounts are stored on the
user’s computer. Local user accounts have home folders on the computer and can
be used for logging in to the computer. Users can’t use their computers’ local user
accounts to access the server over the network.

Like users’ Macs, your server has local accounts in addition to server accounts and
possibly imported accounts. Your server’s local accounts can be used to log in to it, and
a local account with administrator privileges can be used to administer the server. For
information about administrator privileges, see “About Administrator Accounts,” next.

Types of User Accounts Compared
The following table summarizes key differences among server accounts, imported
accounts, and local accounts.

background image


Chapter 6

Managing Users

Account type

Stored in

Created by

Used for

Server account

Your server’s directory

You (a server
administrator), using
Server Preferences

Group membership,
contact information,
authenticating for

Imported account

Your organization’s
directory server, with
supplements in your
server’s directory

The directory server’s

Group membership,
contact information,
authenticating for

Local account

Each Mac OS X

A user with an
administrator account
on the computer,
using System

Logging in to the
computer and
accessing the home