Назад | Перейти на главную страницу

Active Directory и менеджер рабочих групп Apple

Я думал, что поделюсь своим опытом здесь. Я работаю в малом бизнесе, где всего ~ 20 пользователей. Мне нужна была возможность использовать настройки управляемого клиента для назначения таких вещей, как сервер обновлений программного обеспечения. В основном возможность управлять моими Mac легко и естественным образом.

Сначала я попробовал решение «волшебный треугольник», но оказалось, что это очень сложно. Для этого не только требуется Mac OS X Server, но и есть две точки отказа. Кроме того, каждая рабочая станция Mac должна быть привязана к обоим серверам.

В конце концов я смирился и пошел с документированными изменениями схемы. Вот. Сначала я колебался, потому что инструкции требуют много ручной работы. Однако это было довольно просто и заняло у меня всего полтора часа. Ниже вы найдете файл изменений схемы, который стал результатом моей работы. Я точно выполнил инструкции и дважды проверил все, после шести месяцев работы все работало отлично. Слишком хорошо, чтобы не делиться. Я надеюсь, что сэкономлю кому-нибудь пару часов.

# ==================================================================
#
#  This file should be imported with the following command:
#    ldifde -i -u -f Apple AD Schema Changes.ldf -s server:port -b username domain password -j . -c "cn=Configuration,dc=X" #configurationNamingContext
#  LDIFDE.EXE from AD/AM V1.0 or above must be used.
#  This LDIF file should be imported into AD or AD/AM. It may not work for other directories.
#
# ==================================================================

# ==================================================================
#  Attributes
# ==================================================================

# Attribute: apple-category
dn: cn=apple-category,cn=Schema,cn=Configuration,dc=X
changetype: ntdsschemaadd
objectClass: attributeSchema
attributeId: 1.3.6.1.4.1.63.1000.1.1.1.10.4
ldapDisplayName: apple-category
attributeSyntax: 2.5.5.12
adminDescription: Category for the computer or neighborhood
oMSyntax: 64
systemOnly: FALSE

# Attribute: apple-computeralias
dn: cn=apple-computeralias,cn=Schema,cn=Configuration,dc=X
changetype: ntdsschemaadd
objectClass: attributeSchema
attributeId: 1.3.6.1.4.1.63.1000.1.1.1.20.3
ldapDisplayName: apple-computeralias
attributeSyntax: 2.5.5.12
adminDescription: XML plist referring to a computer record
oMSyntax: 64
systemOnly: FALSE

# Attribute: apple-computer-list-groups
dn: cn=apple-computer-list-groups,cn=Schema,cn=Configuration,dc=X
changetype: ntdsschemaadd
objectClass: attributeSchema
attributeId: 1.3.6.1.4.1.63.1000.1.1.1.11.4
ldapDisplayName: apple-computer-list-groups
attributeSyntax: 2.5.5.12
adminDescription: groups
oMSyntax: 64
systemOnly: FALSE

# Attribute: apple-computers
dn: cn=apple-computers,cn=Schema,cn=Configuration,dc=X
changetype: ntdsschemaadd
objectClass: attributeSchema
attributeId: 1.3.6.1.4.1.63.1000.1.1.1.11.3
ldapDisplayName: apple-computers
attributeSyntax: 2.5.5.12
adminDescription: computers
oMSyntax: 64
systemOnly: FALSE

# Attribute: apple-data-stamp
dn: cn=apple-data-stamp,cn=Schema,cn=Configuration,dc=X
changetype: ntdsschemaadd
objectClass: attributeSchema
attributeId: 1.3.6.1.4.1.63.1000.1.1.1.12.2
ldapDisplayName: apple-data-stamp
attributeSyntax: 2.5.5.5
adminDescription: data stamp
oMSyntax: 22
isSingleValued: TRUE
systemOnly: FALSE

# Attribute: apple-dns-domain
dn: cn=apple-dns-domain,cn=Schema,cn=Configuration,dc=X
changetype: ntdsschemaadd
objectClass: attributeSchema
attributeId: 1.3.6.1.4.1.63.1000.1.1.1.18.1
ldapDisplayName: apple-dns-domain
attributeSyntax: 2.5.5.12
adminDescription: DNS domain
oMSyntax: 64
systemOnly: FALSE

# Attribute: apple-dnsname
dn: cn=apple-dnsname,cn=Schema,cn=Configuration,dc=X
changetype: ntdsschemaadd
objectClass: attributeSchema
attributeId: 1.3.6.1.4.1.63.1000.1.1.1.19.4
ldapDisplayName: apple-dnsname
attributeSyntax: 2.5.5.12
adminDescription: DNS name
oMSyntax: 64
systemOnly: FALSE

# Attribute: apple-dns-nameserver
dn: cn=apple-dns-nameserver,cn=Schema,cn=Configuration,dc=X
changetype: ntdsschemaadd
objectClass: attributeSchema
attributeId: 1.3.6.1.4.1.63.1000.1.1.1.18.2
ldapDisplayName: apple-dns-nameserver
attributeSyntax: 2.5.5.12
adminDescription: DNS name server list
oMSyntax: 64
systemOnly: FALSE

# Attribute: apple-group-homeowner
dn: cn=apple-group-homeowner,cn=Schema,cn=Configuration,dc=X
changetype: ntdsschemaadd
objectClass: attributeSchema
attributeId: 1.3.6.1.4.1.63.1000.1.1.1.14.2
ldapDisplayName: apple-group-homeowner
attributeSyntax: 2.5.5.5
adminDescription: group home owner settings
oMSyntax: 22
isSingleValued: TRUE
systemOnly: FALSE

# Attribute: apple-group-homeurl
dn: cn=apple-group-homeurl,cn=Schema,cn=Configuration,dc=X
changetype: ntdsschemaadd
objectClass: attributeSchema
attributeId: 1.3.6.1.4.1.63.1000.1.1.1.14.1
ldapDisplayName: apple-group-homeurl
attributeSyntax: 2.5.5.5
adminDescription: group home url
oMSyntax: 22
isSingleValued: TRUE
systemOnly: FALSE

# Attribute: apple-imhandle
dn: cn=apple-imhandle,cn=Schema,cn=Configuration,dc=X
changetype: ntdsschemaadd
objectClass: attributeSchema
attributeId: 1.3.6.1.4.1.63.1000.1.1.1.1.21
ldapDisplayName: apple-imhandle
attributeSyntax: 2.5.5.12
adminDescription: IM handle (service:account name)
oMSyntax: 64
systemOnly: FALSE

# Attribute: apple-keyword
dn: cn=apple-keyword,cn=Schema,cn=Configuration,dc=X
changetype: ntdsschemaadd
objectClass: attributeSchema
attributeId: 1.3.6.1.4.1.63.1000.1.1.1.1.19
ldapDisplayName: apple-keyword
attributeSyntax: 2.5.5.12
adminDescription: keywords
oMSyntax: 64
systemOnly: FALSE

# Attribute: apple-mcxflags
dn: cn=apple-mcxflags,cn=Schema,cn=Configuration,dc=X
changetype: ntdsschemaadd
objectClass: attributeSchema
attributeId: 1.3.6.1.4.1.63.1000.1.1.1.1.10
ldapDisplayName: apple-mcxflags
attributeSyntax: 2.5.5.12
adminDescription: mcx flags
oMSyntax: 64
isSingleValued: TRUE
systemOnly: FALSE

# Attribute: apple-mcxsettings
dn: cn=apple-mcxsettings,cn=Schema,cn=Configuration,dc=X
changetype: ntdsschemaadd
objectClass: attributeSchema
attributeId: 1.3.6.1.4.1.63.1000.1.1.1.1.16
ldapDisplayName: apple-mcxsettings
attributeSyntax: 2.5.5.12
adminDescription: mcx settings
oMSyntax: 64
systemOnly: FALSE

# Attribute: apple-neighborhoodalias
dn: cn=apple-neighborhoodalias,cn=Schema,cn=Configuration,dc=X
changetype: ntdsschemaadd
objectClass: attributeSchema
attributeId: 1.3.6.1.4.1.63.1000.1.1.1.20.2
ldapDisplayName: apple-neighborhoodalias
attributeSyntax: 2.5.5.12
adminDescription: XML plist referring to another neighborhood record
oMSyntax: 64
systemOnly: FALSE

# Attribute: apple-networkview
dn: cn=apple-networkview,cn=Schema,cn=Configuration,dc=X
changetype: ntdsschemaadd
objectClass: attributeSchema
attributeId: 1.3.6.1.4.1.63.1000.1.1.1.10.3
ldapDisplayName: apple-networkview
attributeSyntax: 2.5.5.12
adminDescription: Network view for the computer
oMSyntax: 64
systemOnly: FALSE

# Attribute: apple-nodepathxml
dn: cn=apple-nodepathxml,cn=Schema,cn=Configuration,dc=X
changetype: ntdsschemaadd
objectClass: attributeSchema
attributeId: 1.3.6.1.4.1.63.1000.1.1.1.20.1
ldapDisplayName: apple-nodepathxml
attributeSyntax: 2.5.5.12
adminDescription: XML plist of directory node path
oMSyntax: 64
systemOnly: FALSE

# Attribute: apple-service-location
dn: cn=apple-service-location,cn=Schema,cn=Configuration,dc=X
changetype: ntdsschemaadd
objectClass: attributeSchema
attributeId: 1.3.6.1.4.1.63.1000.1.1.1.19.5
ldapDisplayName: apple-service-location
attributeSyntax: 2.5.5.12
adminDescription: Service location
oMSyntax: 64
systemOnly: FALSE

# Attribute: apple-service-port
dn: cn=apple-service-port,cn=Schema,cn=Configuration,dc=X
changetype: ntdsschemaadd
objectClass: attributeSchema
attributeId: 1.3.6.1.4.1.63.1000.1.1.1.19.3
ldapDisplayName: apple-service-port
attributeSyntax: 2.5.5.9
adminDescription: Service port number
oMSyntax: 2
systemOnly: FALSE

# Attribute: apple-service-type
dn: cn=apple-service-type,cn=Schema,cn=Configuration,dc=X
changetype: ntdsschemaadd
objectClass: attributeSchema
attributeId: 1.3.6.1.4.1.63.1000.1.1.1.19.1
ldapDisplayName: apple-service-type
attributeSyntax: 2.5.5.5
adminDescription: type of service
oMSyntax: 22
systemOnly: FALSE

# Attribute: apple-service-url
dn: cn=apple-service-url,cn=Schema,cn=Configuration,dc=X
changetype: ntdsschemaadd
objectClass: attributeSchema
attributeId: 1.3.6.1.4.1.63.1000.1.1.1.19.2
ldapDisplayName: apple-service-url
attributeSyntax: 2.5.5.5
adminDescription: URL of service
oMSyntax: 22
systemOnly: FALSE

# Attribute: apple-user-authenticationhint
dn: cn=apple-user-authenticationhint,cn=Schema,cn=Configuration,dc=X
changetype: ntdsschemaadd
objectClass: attributeSchema
attributeId: 1.3.6.1.4.1.63.1000.1.1.1.1.15
ldapDisplayName: apple-user-authenticationhint
attributeSyntax: 2.5.5.12
adminDescription: password hint
oMSyntax: 64
isSingleValued: TRUE
systemOnly: FALSE

# Attribute: apple-user-class
dn: cn=apple-user-class,cn=Schema,cn=Configuration,dc=X
changetype: ntdsschemaadd
objectClass: attributeSchema
attributeId: 1.3.6.1.4.1.63.1000.1.1.1.1.7
ldapDisplayName: apple-user-class
attributeSyntax: 2.5.5.5
adminDescription: user class
oMSyntax: 22
isSingleValued: TRUE
systemOnly: FALSE

# Attribute: apple-user-homequota
dn: cn=apple-user-homequota,cn=Schema,cn=Configuration,dc=X
changetype: ntdsschemaadd
objectClass: attributeSchema
attributeId: 1.3.6.1.4.1.63.1000.1.1.1.1.8
ldapDisplayName: apple-user-homequota
attributeSyntax: 2.5.5.5
adminDescription: home directory quota
oMSyntax: 22
isSingleValued: TRUE
systemOnly: FALSE

# Attribute: apple-user-homesoftquota
dn: cn=apple-user-homesoftquota,cn=Schema,cn=Configuration,dc=X
changetype: ntdsschemaadd
objectClass: attributeSchema
attributeId: 1.3.6.1.4.1.63.1000.1.1.1.1.17
ldapDisplayName: apple-user-homesoftquota
attributeSyntax: 2.5.5.5
adminDescription: home directory soft quota
oMSyntax: 22
isSingleValued: TRUE
systemOnly: FALSE

# Attribute: apple-user-homeurl
dn: cn=apple-user-homeurl,cn=Schema,cn=Configuration,dc=X
changetype: ntdsschemaadd
objectClass: attributeSchema
attributeId: 1.3.6.1.4.1.63.1000.1.1.1.1.6
ldapDisplayName: apple-user-homeurl
attributeSyntax: 2.5.5.5
adminDescription: home directory URL
oMSyntax: 22
isSingleValued: TRUE
systemOnly: FALSE

# Attribute: apple-user-mailattribute
dn: cn=apple-user-mailattribute,cn=Schema,cn=Configuration,dc=X
changetype: ntdsschemaadd
objectClass: attributeSchema
attributeId: 1.3.6.1.4.1.63.1000.1.1.1.1.9
ldapDisplayName: apple-user-mailattribute
attributeSyntax: 2.5.5.12
adminDescription: mail attribute
oMSyntax: 64
isSingleValued: TRUE
systemOnly: FALSE

# Attribute: apple-user-picture
dn: cn=apple-user-picture,cn=Schema,cn=Configuration,dc=X
changetype: ntdsschemaadd
objectClass: attributeSchema
attributeId: 1.3.6.1.4.1.63.1000.1.1.1.1.12
ldapDisplayName: apple-user-picture
attributeSyntax: 2.5.5.12
adminDescription: picture
oMSyntax: 64
isSingleValued: TRUE
systemOnly: FALSE

# Attribute: apple-user-printattribute
dn: cn=apple-user-printattribute,cn=Schema,cn=Configuration,dc=X
changetype: ntdsschemaadd
objectClass: attributeSchema
attributeId: 1.3.6.1.4.1.63.1000.1.1.1.1.13
ldapDisplayName: apple-user-printattribute
attributeSyntax: 2.5.5.12
adminDescription: print attribute
oMSyntax: 64
isSingleValued: TRUE
systemOnly: FALSE

# Attribute: apple-webloguri
dn: cn=apple-webloguri,cn=Schema,cn=Configuration,dc=X
changetype: ntdsschemaadd
objectClass: attributeSchema
attributeId: 1.3.6.1.4.1.63.1000.1.1.1.1.22
ldapDisplayName: apple-webloguri
attributeSyntax: 2.5.5.12
adminDescription: Weblog URI
oMSyntax: 64
isSingleValued: TRUE
systemOnly: FALSE

# Attribute: apple-xmlplist
dn: cn=apple-xmlplist,cn=Schema,cn=Configuration,dc=X
changetype: ntdsschemaadd
objectClass: attributeSchema
attributeId: 1.3.6.1.4.1.63.1000.1.1.1.17.1
ldapDisplayName: apple-xmlplist
attributeSyntax: 2.5.5.12
adminDescription: XML plist data
oMSyntax: 64
isSingleValued: TRUE
systemOnly: FALSE

# Attribute: ipHostNumber
dn: cn=ipHostNumber,cn=Schema,cn=Configuration,dc=X
changetype: ntdsschemaadd
objectClass: attributeSchema
attributeId: 1.3.6.1.1.1.1.19
ldapDisplayName: ipHostNumber
attributeSyntax: 2.5.5.5
adminDescription: IP address
oMSyntax: 22
systemOnly: FALSE
rangeUpper: 128

# Attribute: macAddress
dn: cn=macAddress,cn=Schema,cn=Configuration,dc=X
changetype: ntdsschemaadd
objectClass: attributeSchema
attributeId: 1.3.6.1.1.1.1.22
ldapDisplayName: macAddress
attributeSyntax: 2.5.5.5
adminDescription: MAC address
oMSyntax: 22
systemOnly: FALSE
rangeUpper: 128

# Attribute: mountDirectory
dn: cn=apple-mountDirectory,cn=Schema,cn=Configuration,dc=X
changetype: ntdsschemaadd
objectClass: attributeSchema
attributeId: 1.3.6.1.4.1.63.1000.1.1.1.8.1
ldapDisplayName: mountDirectory
attributeSyntax: 2.5.5.12
adminDescription: mount path
oMSyntax: 64
isSingleValued: TRUE
systemOnly: FALSE

# Attribute: mountDumpFrequency
dn: cn=apple-mountDumpFrequency,cn=Schema,cn=Configuration,dc=X
changetype: ntdsschemaadd
objectClass: attributeSchema
attributeId: 1.3.6.1.4.1.63.1000.1.1.1.8.4
ldapDisplayName: mountDumpFrequency
attributeSyntax: 2.5.5.5
adminDescription: mount dump frequency
oMSyntax: 22
isSingleValued: TRUE
systemOnly: FALSE

# Attribute: mountOption
dn: cn=apple-mountOption,cn=Schema,cn=Configuration,dc=X
changetype: ntdsschemaadd
objectClass: attributeSchema
attributeId: 1.3.6.1.4.1.63.1000.1.1.1.8.3
ldapDisplayName: mountOption
attributeSyntax: 2.5.5.5
adminDescription: mount options
oMSyntax: 22
systemOnly: FALSE

# Attribute: mountPassNo
dn: cn=apple-mountPassNo,cn=Schema,cn=Configuration,dc=X
changetype: ntdsschemaadd
objectClass: attributeSchema
attributeId: 1.3.6.1.4.1.63.1000.1.1.1.8.5
ldapDisplayName: mountPassNo
attributeSyntax: 2.5.5.5
adminDescription: mount passno
oMSyntax: 22
isSingleValued: TRUE
systemOnly: FALSE

# Attribute: mountType
dn: cn=apple-mountType,cn=Schema,cn=Configuration,dc=X
changetype: ntdsschemaadd
objectClass: attributeSchema
attributeId: 1.3.6.1.4.1.63.1000.1.1.1.8.2
ldapDisplayName: mountType
attributeSyntax: 2.5.5.5
adminDescription: mount VFS type
oMSyntax: 22
isSingleValued: TRUE
systemOnly: FALSE

# Attribute: ttl
dn: cn=ttl,cn=Schema,cn=Configuration,dc=X
changetype: ntdsschemaadd
objectClass: attributeSchema
attributeId: 1.3.6.1.4.1.250.1.60
ldapDisplayName: ttl
attributeSyntax: 2.5.5.9
oMSyntax: 2
isSingleValued: TRUE
systemOnly: FALSE

dn:
changetype: modify
add: schemaUpdateNow
schemaUpdateNow: 1
-


# ==================================================================
#  Classes
# ==================================================================

# Class: apple-computer
dn: cn=apple-computer,cn=Schema,cn=Configuration,dc=X
changetype: ntdsschemaadd
objectClass: classSchema
governsID: 1.3.6.1.4.1.63.1000.1.1.2.10
ldapDisplayName: apple-computer
adminDescription: computer
objectClassCategory: 3
# subclassOf: top
subclassOf: 2.5.6.0
# rdnAttId: cn
rdnAttId: 2.5.4.3
# mayContain: apple-category
mayContain: 1.3.6.1.4.1.63.1000.1.1.1.10.4
# mayContain: apple-computer-list-groups
mayContain: 1.3.6.1.4.1.63.1000.1.1.1.11.4
# mayContain: apple-keyword
mayContain: 1.3.6.1.4.1.63.1000.1.1.1.1.19
# mayContain: apple-mcxflags
mayContain: 1.3.6.1.4.1.63.1000.1.1.1.1.10
# mayContain: apple-mcxsettings
mayContain: 1.3.6.1.4.1.63.1000.1.1.1.1.16
# mayContain: apple-networkview
mayContain: 1.3.6.1.4.1.63.1000.1.1.1.10.3
# mayContain: apple-service-url
mayContain: 1.3.6.1.4.1.63.1000.1.1.1.19.2
# mayContain: apple-xmlplist
mayContain: 1.3.6.1.4.1.63.1000.1.1.1.17.1
# mayContain: macAddress
mayContain: 1.3.6.1.1.1.1.22
# mayContain: ttl
mayContain: 1.3.6.1.4.1.250.1.60

# Class: apple-computer-list
dn: cn=apple-computer-list,cn=Schema,cn=Configuration,dc=X
changetype: ntdsschemaadd
objectClass: classSchema
governsID: 1.3.6.1.4.1.63.1000.1.1.2.11
ldapDisplayName: apple-computer-list
adminDescription: computer list
objectClassCategory: 1
# subclassOf: top
subclassOf: 2.5.6.0
# rdnAttId: cn
rdnAttId: 2.5.4.3
# mayContain: apple-computer-list-groups
mayContain: 1.3.6.1.4.1.63.1000.1.1.1.11.4
# mayContain: apple-computers
mayContain: 1.3.6.1.4.1.63.1000.1.1.1.11.3
# mayContain: apple-keyword
mayContain: 1.3.6.1.4.1.63.1000.1.1.1.1.19
# mayContain: apple-mcxflags
mayContain: 1.3.6.1.4.1.63.1000.1.1.1.1.10
# mayContain: apple-mcxsettings
mayContain: 1.3.6.1.4.1.63.1000.1.1.1.1.16
possSuperiors: organizationalUnit
possSuperiors: container

# Class: apple-configuration
dn: cn=apple-configuration,cn=Schema,cn=Configuration,dc=X
changetype: ntdsschemaadd
objectClass: classSchema
governsID: 1.3.6.1.4.1.63.1000.1.1.2.12
ldapDisplayName: apple-configuration
adminDescription: configuration
objectClassCategory: 3
# subclassOf: top
subclassOf: 2.5.6.0
# rdnAttId: cn
rdnAttId: 2.5.4.3
# mayContain: apple-data-stamp
mayContain: 1.3.6.1.4.1.63.1000.1.1.1.12.2
# mayContain: apple-keyword
mayContain: 1.3.6.1.4.1.63.1000.1.1.1.1.19
# mayContain: apple-xmlplist
mayContain: 1.3.6.1.4.1.63.1000.1.1.1.17.1
# mayContain: ttl
mayContain: 1.3.6.1.4.1.250.1.60
possSuperiors: organizationalUnit
possSuperiors: container

# Class: apple-group
dn: cn=apple-group,cn=Schema,cn=Configuration,dc=X
changetype: ntdsschemaadd
objectClass: classSchema
governsID: 1.3.6.1.4.1.63.1000.1.1.2.14
ldapDisplayName: apple-group
adminDescription: group account
objectClassCategory: 3
# subclassOf: top
subclassOf: 2.5.6.0
# rdnAttId: cn
rdnAttId: 2.5.4.3
# mayContain: apple-group-homeowner
mayContain: 1.3.6.1.4.1.63.1000.1.1.1.14.2
# mayContain: apple-group-homeurl
mayContain: 1.3.6.1.4.1.63.1000.1.1.1.14.1
# mayContain: apple-keyword
mayContain: 1.3.6.1.4.1.63.1000.1.1.1.1.19
# mayContain: apple-mcxflags
mayContain: 1.3.6.1.4.1.63.1000.1.1.1.1.10
# mayContain: apple-mcxsettings
mayContain: 1.3.6.1.4.1.63.1000.1.1.1.1.16
# mayContain: apple-user-picture
mayContain: 1.3.6.1.4.1.63.1000.1.1.1.1.12
# mayContain: ttl
mayContain: 1.3.6.1.4.1.250.1.60

# Class: apple-location
dn: cn=apple-location,cn=Schema,cn=Configuration,dc=X
changetype: ntdsschemaadd
objectClass: classSchema
governsID: 1.3.6.1.4.1.63.1000.1.1.2.18
ldapDisplayName: apple-location
objectClassCategory: 1
# subclassOf: top
subclassOf: 2.5.6.0
# rdnAttId: cn
rdnAttId: 2.5.4.3
# mayContain: apple-dns-domain
mayContain: 1.3.6.1.4.1.63.1000.1.1.1.18.1
# mayContain: apple-dns-nameserver
mayContain: 1.3.6.1.4.1.63.1000.1.1.1.18.2
possSuperiors: organizationalUnit
possSuperiors: container

# Class: apple-neighborhood
dn: cn=apple-neighborhood,cn=Schema,cn=Configuration,dc=X
changetype: ntdsschemaadd
objectClass: classSchema
governsID: 1.3.6.1.4.1.63.1000.1.1.2.20
ldapDisplayName: apple-neighborhood
objectClassCategory: 1
# subclassOf: top
subclassOf: 2.5.6.0
# rdnAttId: cn
rdnAttId: 2.5.4.3
# mayContain: apple-category
mayContain: 1.3.6.1.4.1.63.1000.1.1.1.10.4
# mayContain: apple-computeralias
mayContain: 1.3.6.1.4.1.63.1000.1.1.1.20.3
# mayContain: apple-keyword
mayContain: 1.3.6.1.4.1.63.1000.1.1.1.1.19
# mayContain: apple-neighborhoodalias
mayContain: 1.3.6.1.4.1.63.1000.1.1.1.20.2
# mayContain: apple-nodepathxml
mayContain: 1.3.6.1.4.1.63.1000.1.1.1.20.1
# mayContain: apple-xmlplist
mayContain: 1.3.6.1.4.1.63.1000.1.1.1.17.1
# mayContain: ttl
mayContain: 1.3.6.1.4.1.250.1.60
possSuperiors: 2.5.6.5
possSuperiors: container

# Class: apple-serverassistant-config
dn: cn=apple-serverassistant-config,cn=Schema,cn=Configuration,dc=X
changetype: ntdsschemaadd
objectClass: classSchema
governsID: 1.3.6.1.4.1.63.1000.1.1.2.17
ldapDisplayName: apple-serverassistant-config
objectClassCategory: 1
# subclassOf: top
subclassOf: 2.5.6.0
# rdnAttId: cn
rdnAttId: 2.5.4.3
# mayContain: apple-xmlplist
mayContain: 1.3.6.1.4.1.63.1000.1.1.1.17.1
possSuperiors: organizationalUnit
possSuperiors: container

# Class: apple-service
dn: cn=apple-service,cn=Schema,cn=Configuration,dc=X
changetype: ntdsschemaadd
objectClass: classSchema
governsID: 1.3.6.1.4.1.63.1000.1.1.2.19
ldapDisplayName: apple-service
objectClassCategory: 1
# subclassOf: top
subclassOf: 2.5.6.0
# rdnAttId: cn
rdnAttId: 2.5.4.3
# mustContain: apple-service-type
mustContain: 1.3.6.1.4.1.63.1000.1.1.1.19.1
# mayContain: apple-dnsname
mayContain: 1.3.6.1.4.1.63.1000.1.1.1.19.4
# mayContain: apple-keyword
mayContain: 1.3.6.1.4.1.63.1000.1.1.1.1.19
# mayContain: apple-service-location
mayContain: 1.3.6.1.4.1.63.1000.1.1.1.19.5
# mayContain: apple-service-port
mayContain: 1.3.6.1.4.1.63.1000.1.1.1.19.3
# mayContain: apple-service-url
mayContain: 1.3.6.1.4.1.63.1000.1.1.1.19.2
# mayContain: ipHostNumber
mayContain: 1.3.6.1.1.1.1.19
possSuperiors: organizationalUnit
possSuperiors: container

# Class: apple-user
dn: cn=apple-user,cn=Schema,cn=Configuration,dc=X
changetype: ntdsschemaadd
objectClass: classSchema
governsID: 1.3.6.1.4.1.63.1000.1.1.2.1
ldapDisplayName: apple-user
adminDescription: apple user account
objectClassCategory: 3
# subclassOf: top
subclassOf: 2.5.6.0
# rdnAttId: cn
rdnAttId: 2.5.4.3
# mayContain: apple-imhandle
mayContain: 1.3.6.1.4.1.63.1000.1.1.1.1.21
# mayContain: apple-keyword
mayContain: 1.3.6.1.4.1.63.1000.1.1.1.1.19
# mayContain: apple-mcxflags
mayContain: 1.3.6.1.4.1.63.1000.1.1.1.1.10
# mayContain: apple-mcxsettings
mayContain: 1.3.6.1.4.1.63.1000.1.1.1.1.16
# mayContain: apple-user-authenticationhint
mayContain: 1.3.6.1.4.1.63.1000.1.1.1.1.15
# mayContain: apple-user-class
mayContain: 1.3.6.1.4.1.63.1000.1.1.1.1.7
# mayContain: apple-user-homequota
mayContain: 1.3.6.1.4.1.63.1000.1.1.1.1.8
# mayContain: apple-user-homesoftquota
mayContain: 1.3.6.1.4.1.63.1000.1.1.1.1.17
# mayContain: apple-user-homeurl
mayContain: 1.3.6.1.4.1.63.1000.1.1.1.1.6
# mayContain: apple-user-mailattribute
mayContain: 1.3.6.1.4.1.63.1000.1.1.1.1.9
# mayContain: apple-user-picture
mayContain: 1.3.6.1.4.1.63.1000.1.1.1.1.12
# mayContain: apple-user-printattribute
mayContain: 1.3.6.1.4.1.63.1000.1.1.1.1.13
# mayContain: apple-webloguri
mayContain: 1.3.6.1.4.1.63.1000.1.1.1.1.22

# Class: mount
dn: cn=apple-mount,cn=Schema,cn=Configuration,dc=X
changetype: ntdsschemaadd
objectClass: classSchema
governsID: 1.3.6.1.4.1.63.1000.1.1.2.8
ldapDisplayName: mount
objectClassCategory: 1
# subclassOf: top
subclassOf: 2.5.6.0
# rdnAttId: cn
rdnAttId: 2.5.4.3
# mayContain: mountDirectory
mayContain: 1.3.6.1.4.1.63.1000.1.1.1.8.1
# mayContain: mountDumpFrequency
mayContain: 1.3.6.1.4.1.63.1000.1.1.1.8.4
# mayContain: mountOption
mayContain: 1.3.6.1.4.1.63.1000.1.1.1.8.3
# mayContain: mountPassNo
mayContain: 1.3.6.1.4.1.63.1000.1.1.1.8.5
# mayContain: mountType
mayContain: 1.3.6.1.4.1.63.1000.1.1.1.8.2
possSuperiors: 2.5.6.5
possSuperiors: container    

dn:
changetype: modify
add: schemaUpdateNow
schemaUpdateNow: 1
-


# ==================================================================
#  Updating present elements
# ==================================================================
# Add the new class to the user object
dn: CN=User,CN=Schema,CN=Configuration,DC=X
changetype: modify
add: auxiliaryClass
auxiliaryClass: apple-user
-

# Add the new class to the computer object
dn: CN=Computer,CN=Schema,CN=Configuration,DC=X
changetype: modify
add: auxiliaryClass
auxiliaryClass: apple-computer
-

# Add the new class to the group object
dn: CN=Group,CN=Schema,CN=Configuration,DC=X
changetype: modify
add: auxiliaryClass
auxiliaryClass: apple-group
-

Я давно это искал !!! Большой!

Небольшой вопрос ...

У вас есть apple-configuration как вспомогательный класс (3), но в этом видео они упоминают только apple-user, apple-group и apple-computer как вспомогательные классы.

Также есть 39 атрибутов, а видео определяет 36 атрибутов и 10 классов.

Стоит ли мне беспокоиться об этом?

Руководство, на которое я смотрел, вот такое: http://seminars.apple.com/seminarsonline/modifying/apple/index.html?s=301

Спасибо!

/Брайан

Спасибо, что разместили это!

Профессиональные службы Apple также сделают это за вас. Им потребовался 1 день, чтобы протестировать изменение схемы, развернуть изменение схемы в рабочей среде и обучить администраторов изменениям. Однако APS (профессиональные услуги Apple) может стать дорогим! (в зависимости от вашей компании / города может составлять до 2000 долларов в день)