It seems that an essential step in setting up a network of computers with OS X Server is to "bind" computers to the server.
What does this mean, technically?
What facet of a client is bound and to what is it bound?
What features of OS X Server does binding make available?
-- Randy
Hi
"What does this mean, technically?"
If you're from a Windows background and are familiar with some aspects of an Active Directory environment then 'bind' would be similar to 'joining' PCs to the Domain. With a successful 'join' you have full access as well as the ability to 'manage' the User Experience using Global Policies. In Active Directory there is a requirement for an authenticated bind. In other words you have to provide a user name and password before PC Workstations can participate fully in the AD Domain. By default and assuming an 'out-of-the-box' Deployment, OSX Server allows anonymous binds.
So if you like, Binding is similar to Joining.
"It seems that an essential step in setting up a network of computers with OS X Server is to "bind" computers to the server."
Actually you're mistaken in thinking it's essential. You can pretty much access all of the Technologies available in OSX Server without the 'need' or requirement to bind. As ever it all depends on what you want and what you want to achieve. Apple admittedely have spent a lot of effort on Auto Discovery and Configuration of Client Workstations. Joining or 'Binding' Client Workstations to the LDAP Domain makes this somewhat easier to happen.
If you're not interested in providing a network home folder (or roaming profile) for your users to log in with, or centrally managing the user experience, then there is no real reason to 'bind/join' anything. Single Sign On will still work without it for Services that support it anyway.
"What facet of a client is bound and to what is it bound?
What features of OS X Server does binding make available?"
Looking at these questions in my simple way I think they may have already been answered?
Obviously there is far more to this than the above but put as simply as I can that's pretty much it. As ever DNS is very, very important in how well all of this works. Without it nothing will work well if at all.
My 2p and HTH?
Tony
Tony,
Your reply is appreciated. Thank you.
You make a distinction between Single Sign On and binding, which is interesting. I believe that what I want in network is Single Sign On to enable easy access to various services. I am not interested in a roaming home folder nor in controlling the user experience.
I find the documentation for OS X Server frustrating. There is a lot of it, but it isn't geared to someone who wants to fundamentally understand what is going on. It's more of a "do this and trust us" approach. That probably is fine for many Apple customers but it leaves me with more questions than I am comfortable with.
I am still curious about "binding" and learning exactly what is bound to what. Is it the mac address of the computer binding to the LDAP Server? I really have no clue. But, never mind - for now - if that doesn't help me.
For Single Sign On I now presume the following:
Am I close?
Where can I learn more about this desired configuration?
Thanks -- Randy
Tony,
I went back last night a re-examined the Apple documentation. I think I had a break through.
I now understand that "User Management" is all about controlling the user experience of separate Mac computers and OS installations and is separate from the notion of controlling and managing network services.
I had not understood that.
What I read was that as long as the short name of a "local account" matches a Workgroup "user account" then there the remote user can authenticate to the server and use services.
I'm still nervous about not also having a match between the user identifiers. I will do more research to better understand the risk of not having those match or if that is a requirement.
Randy
What does it mean to "bind" a computer to OS X Server?
