opendirectoryd

launchd job for client access to local or remote directory systems

opendirectoryd [--version]

Requires root privileges. Must be launched by launchd.

dscl command line user interface

opendirectoryd modules have specific capabilities:

Third party plugins developed for "DirectoryService" are supported via dspluginhelperd

Open Directory

Includes a client API abstraction layer, a directory server, and opendirectoryd daemon. This allows clients to utilize a single API to access a variety of directory servers simultaneously or configure their own directory server.

Forms the foundation of how OS X accesses all authoritative configuration information (users, groups, mounts, managed desktop data, etc.). allows use of virtually any directory system via Apple and third party modules.

Configuration of opendirectoryd is done via "System Preferences" under the "Users & Groups" preference pane.
Advanced settings are available by using "Open Directory Utility (dscl)

See Apple Open Source website: developer.apple.com/darwin/projects/opendirectory

Open Directory Server

OpenLDAP which is included as part of Mac OS X Client, Server, and Darwin, provides a robust and scalable platform for serving directory-based information for standalone and networked systems.

NFSv4 Domain name

The following will set the default domain name used to map user and group identities in NFSv4 client/server operations.
dscl . -create Config/NFSv4Domain RealName <Example.com>
Example of user plist as displayed by plistbuddy Opendirectory.
sudo ls -l /private/var/db/dslocal/nodes/Default/users/dgerman.plist
rw-------  1 root  wheel  336094 Mar 17 12:04 /private/var/db/dslocal/nodes/Default/users/dgerman.plist

FILES

/etc/openldap 
 116915 Sep 19 19:00 AppleOpenLDAP.plist
    845 Jul 30 19:26 DB_CONFIG.example
    265 Jul 30 19:26 ldap.conf
    265 Jul 30 19:26 ldap.conf.default
   2151 Jul 30 19:26 slapd.conf.default
   1292 Jul 30 19:27 schema/

   1845 Jul 30 19:27 corba.ldif
   2036 Jul 30 19:27 collective.ldif
  12006 Jul 30 19:27 cosine.ldif
  20612 Jul 30 19:27 core.ldif
   4842 Jul 30 19:27 duaconf.ldif
   3481 Jul 30 19:27 inetorgperson.ldif
   3330 Jul 30 19:27 dyngroup.ldif
   2979 Jul 30 19:27 java.ldif
   6809 Jul 30 19:27 nis.ldif
   2082 Jul 30 19:27 misc.ldif
   6904 Jul 30 19:27 pmi.ldif
   3308 Jul 30 19:27 openldap.ldif
   4032 Jul 30 19:27 ppolicy.ldif
    717 Jul 30 19:27 apple_auxillary.schema
  48470 Jul 30 19:27 apple.schema
   8063 Jul 30 19:27 corba.schema
   6190 Jul 30 19:27 collective.schema
  73994 Jul 30 19:27 cosine.schema
  20501 Jul 30 19:27 core.schema
  10388 Jul 30 19:27 duaconf.schema
   2059 Jul 30 19:27 fmserver.schema
   3289 Jul 30 19:27 dyngroup.schema
  13901 Jul 30 19:27 java.schema
   6267 Jul 30 19:27 inetorgperson.schema
   4059 Jul 30 19:27 krb5-kdc.schema
 177122 Jul 30 19:27 microsoft.ext.schema
 122955 Jul 30 19:27 microsoft.schema
  13124 Jul 30 19:27 microsoft.std.schema
   8455 Jul 30 19:27 netinfo.schema
   2387 Jul 30 19:27 misc.schema
   1514 Jul 30 19:27 openldap.schema
   7834 Jul 30 19:27 nis.schema
  19603 Jul 30 19:27 ppolicy.schema
  20467 Jul 30 19:27 pmi.schema
   5689 Jul 30 19:27 samba.schema

   3512 Jul 30 19:27 README
 README 
This directory contains user application schema definitions for use with slapd(8).

File                    Description
----                    -----------
collective.schema       Collective attributes (experimental)
corba.schema            Corba Object
core.schema             OpenLDAP "core"
cosine.schema           COSINE Pilot
duaconf.schema          Client Configuration (work in progress)
dyngroup.schema         Dynamic Group (experimental)
inetorgperson.schema    InetOrgPerson
java.schema             Java Object
misc.schema             Miscellaneous Schema (experimental)
nadf.schema             North American Directory Forum (obsolete)
nis.schema              Network Information Service (experimental)
openldap.schema         OpenLDAP Project (FYI)
ppolicy.schema          Password Policy Schema (work in progress)
The core.ldif and openldap.ldif are equivalent to their corresponding .schema files and have been provided as examples for use with the dynamic configuration backend.
These are not necessary since slapd will convert any included *.schema files into LDIF when converting a slapd.conf file to a configuration database, but they serve as a model of how to convert schema files in general.
System files provided by Apple and should only change with operating system updates
/System/Library/OpenDirectory/Configurations/ node configuration files
as of OSX 10.8.2
Contacts.plist
 node name = /Contacts comment = Contact search policy
   locked = false           mappings = Dict { }
    modules = Dict {
        session = Array {
            Dict { module = search
                options = Dict {
                    dsAttrTypeStandard:SearchPolicy = dsAttrTypeStandard:NSPSearchPath
                    dsAttrTypeStandard:CSPSearchPath = Array { }
                    dsAttrTypeStandard:LSPSearchPath = Array { /Local/Default }
                    dsAttrTypeStandard:NSPSearchPath = Array { /Local/Default } } uuid = 7963E752-DB53-4C9B-8842-D3F5FDF6C9D8 }
                       }
                 } 
Local.plist
 
    locked =true    enabled =true
    mappings = Dict {
        recordtypes = Dict {
            dsRecTypeStandard:Users = Dict {
                attributetypes = Dict {
σ := dsAttrTypeStandard σUniqueID uid σGeneratedUID generateduid σPassword passwd σAuthenticationHint hint σPasswordPolicyOptions passwordpolicyoptions σAltSecurityIdentities altsecurityidentities σPrimaryGroupID gid σOriginalNFSHomeDirectory original_home σUserPKCS12Data userpkcs12data σExpire expire σUserCertificate usercertificate σUserSMIMECertificate usersmimecertificate σUserShell shell σHomeDirectory home_loc σOriginalHomeDirectory original_home_loc σHomeDirectoryQuota homedirectoryquota σHomeDirectorySoftQuota homedirectorysoftquota σNFSHomeDirectory home σAdminLimits admin_limits σCopyTimestamp copy_timestamp σMCXFlags mcx_flags σMCXSettings mcx_settings σMailAttribute applemail σAuthenticationAuthority authentication_authority σOriginalAuthenticationAuthority original_authentication_authority σSMBKickoffTime smb_kickoff_time σSMBLogoffTime smb_logoff_time σSMBProfilePath smb_profile_path σSMBScriptPath smb_script_path σSMBLogonTime smb_logon_time σSMBAccountFlags smb_acctFlags σSMBUserWorkstations smb_user_workstations σSMBRID smb_rid σSMBGroupRID smb_group_rid σSMBHomeDrive smb_home_drive σSMBSID smb_sid σSMBPasswordLastSet smb_pwd_last_set σSMBPrimaryGroupSID smb_primary_group_sid σSMBHome smb_home σMapGUID mapguid σPrintServiceUserData appleprintservice σChange change σWeblogURI webloguri σMapURI mapURI σXMLPlist XMLPlist σURL URL σOriginalNodeName original_node_name σServicesLocator serviceslocator σRecordName name σKeywords keywords
 σNamePrefix        nameprefix
 σFirstName         firstname
 σNameSuffix        namesuffix
 σLastName          lastname
 σRealName          realname
 σNickName          nickname
 σHomePhoneNumber   homephonenumber
 σMobileNumber      mobilenumber
 σPagerNumber       pagernumber
 σEMailAddress      mail
 σIMHandle          imhandle
 σPicture           picture
 σJPEGPhoto         jpegphoto
 σPostalAddressContacts  postaladdresscontacts
 σAddressLine1      address1
 σPostalAddress     postaladdress
 σStreet            street
 σCity              city
 σState             state
 σCountry           country
 σPostalCode        zip
 σPhoneNumber       phonenumber
 σFAXNumber         faxnumber
 σCompany           company
 σOrganizationName  orgname
 σJobTitle          jobtitle
 σDepartment        department
 σEMailContacts     emailcontacts
 σMapCoordinates    mapcoordinates
 σComment           comment
 σBuilding          native = building
 σPhoneContacts     phonecontacts
 σOrganizationInfo  organizationinfo
 σRelationships     relationships
 σBirthday          birthday
native = users } as of 10/05/16 on smackerpro /var/db/dslocal/nodes ./Default/users:(all names end with .plist) Guest _coreaudiod _ftp _krb_krbtgt _netstatistics _softwareupdate _uucp _amavisd _coremediaiod _gamecontrollerd _krbfast _networkd _sophos _warmd _appleevents_cvmsroot _geod _krbtgt _nsurlsessiond _spotlight _webauthserver _appowner _cvs _iconservices _launchservicesd _nsurlstoraged _sshd _windowserver _appserver _cyrus _installassistant _lda _ondemand _svn _www _ard _devdocs _installer _locationd _postfix _taskgated _wwwproxy _assetcache _devicemgr _jabber _lp _postgres _teamsserver _xserverdocs _astris _displaypolicyd _kadmin_admin _mailman _qtss _timezone daemon _atsserver _distnote _kadmin_changepw _mbsetupuser _sandbox _tokend dgerman _avbdeviced _dovecot _krb_anonymous _mcxalr _screensaver _trustevaluationagent nobody _calendar _dovenull _krb_changepw _mdnsresponder _scsd _unknown root _ces _dpaudio _krb_kadmin _mysql _securityagent _update_sharing rut _clamav _eppc _krb_kerberos _netbios _serialnumberd _usbmuxd use dscl > sudo plistbuddy /var/db/dslocal/nodes/Default/users/dgerman.plistdgerman.plist Command: print Dict { accountPolicyData = Array { <?xml version="1.0" encoding="UTF-8"?> <DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd"> <plist version="1.0"> <dict> <key>creationTime<key> <real>1474026221.296545<real> <key>failedLoginCount<key> <integer>0<integer> <key>failedLoginTimestamp<key> <integer>0<integer> <key>passwordLastSetTime<key> <real>1474026223.4683349<real> <dict> <plist> } jpegphoto = Array { JFIFHH8Photoshop 3.08BIM8BIM%B~" output translated out unprintables } authentication_authority = Array { ;ShadowHash;HASHLIST:<SALTED-SHA512-PBKDF2,SRP-RFC5054-4096-SHA512-PBKDF2> ;Kerberosv5;;dgerman@LKDC:SHA1.357D6B8D92C8E3F98ECFD82037B33C3A01FA81A9;LKDC:SHA1.357D6B8D92C8E3F98ECFD82037B33C3A01FA81A9 } picture = Array { /Library/User Pictures/Flowers/Lotus.tif } _writers_picture = Array { dgerman } HeimdalSRPKey = Array {… } <-- SRP verififer Heimdal is a Kerberos 5 implementation --> hint = Array { initials in hex x2 } shell = Array { /bin/bash } _writers_realname = Array { } realname = Array { Dennis German } name = Array { dgerman dgermanapl@real-world-systems.com com.apple.idms.appleid.prd.5649646d41542f78336a6555502f4f6d776b586648773d3d } _writers_UserCertificate = Array { dgerman } home = Array { /Users/dgerman } KerberosKeys = Array {… } ShadowHashData = Array { bplist00 _SRP-RFC5054-4096-SHA512-PBKDF2_SALTED-SHA512-PBKDF2XverifierTsaltZiterationsOhI*… } uid = Array { 501 } _writers_passwd = Array { dgerman } LinkedIdentity = Array { <?xml version="1.0" encoding="UTF-8"?> <DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd"> <plist version="1.0"> <dict> <key>appleid.apple.com<key> <dict> <key>linked identities<key> <array> <dict> <key>anchor dn<key> <string>CN=Apple Root CA,OU=Apple Certification Authority,O=Apple Inc.,C=US<string> <key>full name<key> <string>dgermanapl@real-world-systems.com<string> <key>name<key> <string>com.apple.idms.appleid.prd.5649646d41542f78336a6555502f4f6d776b586648773d3d<string> <key>principal<key> <string>com.apple.idms.appleid.prd.5649646d41542f78336a6555502f4f6d776b586648773d3d<string> <key>subject dn<key> <string>CN=com.apple.idms.appleid.prd.5649646d41542f78336a6555502f4f6d776b586648773d3d<string> <key>timestamp<key> <date>2016-09-17T16:04:34Z<date> </dict> </array> </dict> <dict> <plist> } generateduid = Array { 9928515E-3778-4B13-9B6C-48BBACDE3B78 } gid = Array { 20 } passwd = Array { ******** } altsecurityidentities = Array { X509:<T>CN=Apple Root CA,OU=Apple Certification Authority,O=Apple Inc.,C=US<S>CN=com.apple.idms.appleid.prd.*hellip; } _writers_hint = Array { dgerman } _writers_jpegphoto = Array { dgerman } }
τ := dsAttrTypeStandard dsRecTypeStandard:Aliases = Dict { attributetypes = Dict { τ:GeneratedUID = Dict { native = generateduid } τ:RecordName = Dict { native = name } } native = aliases } dsRecTypeStandard:People = Dict { attributetypes = Dict { τ:AddressLine1 = Dict { native = address1 } τ:WeblogURI = Dict { native = webloguri } τ:PagerNumber = Dict { native = pagernumber } τ:GeneratedUID = Dict { native = generateduid } τ:PostalCode = Dict { native = zip } τ:Keywords = Dict { native = keywords } τ:Street = Dict { native = street } τ:Relationships = Dict { native = relationships } τ:PhoneContacts = Dict { native = phonecontacts } τ:OrganizationInfo = Dict { native = organizationinfo } τ:MailAttribute = Dict { native = applemail } τ:IMHandle = Dict { native = imhandle } τ:JPEGPhoto = Dict { native = jpegphoto } τ:Building = Dict { native = building } τ:MapGUID = Dict { native = mapguid } τ:LastName = Dict { native = lastname } τ:Country = Dict { native = country } τ:PostalAddressContacts = Dict { native = postaladdresscontacts } τ:NameSuffix = Dict { native = namesuffix } τ:Picture = Dict { native = picture } τ:MobileNumber = Dict { native = mobilenumber } τ:State = Dict { native = state } τ:PhoneNumber = Dict { native = phonenumber } τ:URL = Dict { native = URL } τ:Company = Dict { native = company } τ:OrganizationName = Dict { native = orgname } τ:PostalAddress = Dict { native = postaladdress } τ:EMailAddress = Dict { native = mail } τ:RealName = Dict { native = realname } τ:JobTitle = Dict { native = jobtitle } τ:Birthday = Dict { native = birthday } τ:MapURI = Dict { native = mapURI } τ:NamePrefix = Dict { native = nameprefix } τ:City = Dict { native = city } τ:ServicesLocator = Dict { native = serviceslocator } τ:HomePhoneNumber = Dict { native = homephonenumber } τ:FirstName = Dict { native = firstname } τ:NickName = Dict { native = nickname } τ:Department = Dict { native = department } τ:RecordName = Dict { native = name } τ:XMLPlist = Dict { native = XMLPlist } τ:FAXNumber = Dict { native = faxnumber } τ:MapCoordinates = Dict { native = mapcoordinates } τ:Comment = Dict { native = comment } τ:EMailContacts = Dict { native = emailcontacts } } native = people } dsRecTypeStandard:PresetComputerGroups = Dict { attributetypes = Dict { τ:MCXFlags = Dict { native = mcx_flags } τ:GeneratedUID = Dict { native = generateduid } τ:RecordName = Dict { native = name } τ:Keywords = Dict { native = keywords } τ:MCXSettings = Dict { native = mcx_settings } τ:Comment = Dict { native = comment } τ:NestedGroups = Dict { native = nestedgroups } τ:PrimaryGroupID = Dict { native = gid } τ:JPEGPhoto = Dict { native = jpegphoto } τ:GroupMembership = Dict { native = users } } native = presetcomputergroups } dsRecTypeStandard:ComputerLists = Dict { attributetypes = Dict { τ:Computers = Dict { native = computers } τ:Group = Dict { native = groups } τ:GeneratedUID = Dict { native = generateduid } τ:RecordName = Dict { native = name } τ:Keywords = Dict { native = keywords } τ:MCXSettings = Dict { native = mcx_settings } τ:MCXFlags = Dict { native = mcx_flags } } native = computerlists } dsRecTypeStandard:Groups = Dict { attributetypes = Dict { τ:GeneratedUID = Dict { native = generateduid } τ:TimeToLive = Dict { native = timetolive } τ:RealName = Dict { native = realname } τ:GroupMembership = Dict { native = users } τ:Picture = Dict { native = picture } τ:SMBSID = Dict { native = smb_sid } τ:Password = Dict { native = passwd } τ:Comment = Dict { native = comment } τ:NestedGroups = Dict { native = nestedgroups } τ:XMLPlist = Dict { native = XMLPlist } τ:URL = Dict { native = URL } τ:GroupServices = Dict { native = groupservices } τ:Keywords = Dict { native = keywords } τ:PrimaryGroupID = Dict { native = gid } τ:HomeLocOwner = Dict { native = home_loc_owner } τ:SMBGroupRID = Dict { native = smb_group_rid } τ:MCXFlags = Dict { native = mcx_flags } τ:MCXSettings = Dict { native = mcx_settings } τ:ContactGUID = Dict { native = contactguid } τ:JPEGPhoto = Dict { native = jpegphoto } τ:RecordName = Dict { native = name } τ:ServicesLocator = Dict { native = serviceslocator } τ:SMBRID = Dict { native = smb_rid } τ:HomeDirectory = Dict { native = home_loc } τ:GroupMembers = Dict { native = groupmembers } τ:EMailAddress = Dict { native = mail } τ:OwnerGUID = Dict { native = ownerguid } } native = groups } dsRecTypeStandard:PresetComputers = Dict { attributetypes = Dict { τ:Group = Dict { native = groups } τ:GeneratedUID = Dict { native = generateduid } τ:RecordName = Dict { native = name } τ:Keywords = Dict { native = keywords } τ:MCXSettings = Dict { native = mcx_settings } τ:Comment = Dict { native = comment } τ:PrimaryComputerList = Dict { native = primarycomputerlist } τ:NetworkView = Dict { native = networkview } τ:MCXFlags = Dict { native = mcx_flags } } native = presetcomputers } dsRecTypeStandard:PresetGroups = Dict { attributetypes = Dict { τ:MCXFlags = Dict { native = mcx_flags } τ:HomeLocOwner = Dict { native = home_loc_owner } τ:GroupServices = Dict { native = groupservices } τ:Keywords = Dict { native = keywords } τ:URL = Dict { native = URL } τ:NestedGroups = Dict { native = nestedgroups } τ:GeneratedUID = Dict { native = generateduid } τ:PrimaryGroupID = Dict { native = gid } τ:RecordName = Dict { native = name } τ:JPEGPhoto = Dict { native = jpegphoto } τ:HomeDirectory = Dict { native = home_loc } τ:MCXSettings = Dict { native = mcx_settings } τ:RealName = Dict { native = realname } τ:Comment = Dict { native = comment } τ:ServicesLocator = Dict { native = serviceslocator } τ:GroupMembership = Dict { native = users } } native = presetgroups } dsRecTypeStandard:Hosts = Dict { attributetypes = Dict { τ:GeneratedUID = Dict { native = generateduid } τ:RecordName = Dict { native = name } τ:IPAddress = Dict { native = ip_address } τ:IPv6Address = Dict { native = ipv6_address } } native = hosts } dsRecTypeStandard:Services = Dict { attributetypes = Dict { τ:GeneratedUID = Dict { native = generateduid } τ:RecordName = Dict { native = name } τ:Port = Dict { native = port } τ:Comment = Dict { native = comment } τ:Protocols = Dict { native = protocols } } native = services } dsRecTypeStandard:PresetComputerLists = Dict { attributetypes = Dict { τ:GeneratedUID = Dict { native = generateduid } τ:RecordName = Dict { native = name } τ:Group = Dict { native = groups } τ:Keywords = Dict { native = keywords } τ:MCXSettings = Dict { native = mcx_settings } τ:MCXFlags = Dict { native = mcx_flags } } native = presetcomputerlists } dsRecTypeStandard:PresetUsers = Dict { attributetypes = Dict { τ:Change = Dict { native = change } τ:GeneratedUID = Dict { native = generateduid } τ:RealName = Dict { native = realname } τ:GroupMembership = Dict { native = users } τ:HomeDirectoryQuota = Dict { native = homedirectoryquota } τ:Picture = Dict { native = picture } τ:Password = Dict { native = passwd } τ:Comment = Dict { native = comment } τ:MailAttribute = Dict { native = applemail } τ:Keywords = Dict { native = keywords } τ:AuthenticationAuthority = Dict { native = authentication_authority } τ:PrimaryGroupID = Dict { native = gid } τ:HomeDirectorySoftQuota = Dict { native = homedirectorysoftquota } τ:MCXFlags = Dict { native = mcx_flags } τ:Expire = Dict { native = expire } τ:JPEGPhoto = Dict { native = jpegphoto } τ:RecordName = Dict { native = name } τ:MCXSettings = Dict { native = mcx_settings } τ:ServicesLocator = Dict { native = serviceslocator } τ:PasswordPolicyOptions = Dict { native = passwordpolicyoptions } τ:HomeDirectory = Dict { native = home_loc } τ:UserShell = Dict { native = shell } τ:GroupMembers = Dict { native = groupmembers } τ:PrintServiceUserData = Dict { native = appleprintservice } τ:AdminLimits = Dict { native = admin_limits } τ:NFSHomeDirectory = Dict { native = home } } native = presetusers } dsRecTypeStandard:AutomountMap = Dict { attributetypes = Dict { τ:GeneratedUID = Dict { native = generateduid } τ:Comment = Dict { native = comment } τ:RecordName = Dict { native = name } } native = automountmap } dsRecTypeStandard:Automount = Dict { attributetypes = Dict { τ:GeneratedUID = Dict { native = generateduid } τ:RecordName = Dict { native = name } τ:AutomountInformation = Dict { native = automountinformation } τ:Comment = Dict { native = comment } } native = automount } dsRecTypeStandard:Protocols = Dict { attributetypes = Dict { τ:GeneratedUID = Dict { native = generateduid } τ:RecordName = Dict { native = name } } native = protocols } dsRecTypeStandard:Ethernets = Dict { attributetypes = Dict { τ:GeneratedUID = Dict { native = generateduid } τ:RecordName = Dict { native = name } } native = ethernets } dsRecTypeStandard:ComputerGroups = Dict { attributetypes = Dict { τ:GeneratedUID = Dict { native = generateduid } τ:TimeToLive = Dict { native = timetolive } τ:RealName = Dict { native = realname } τ:GroupMembership = Dict { native = users } τ:Picture = Dict { native = picture } τ:SMBSID = Dict { native = smb_sid } τ:Comment = Dict { native = comment } τ:NestedGroups = Dict { native = nestedgroups } τ:URL = Dict { native = URL } τ:Keywords = Dict { native = keywords } τ:GroupServices = Dict { native = groupservices } τ:PrimaryGroupID = Dict { native = gid } τ:SMBGroupRID = Dict { native = smb_group_rid } τ:HomeLocOwner = Dict { native = home_loc_owner } τ:XMLPlist = Dict { native = XMLPlist } τ:MCXFlags = Dict { native = mcx_flags } τ:MCXSettings = Dict { native = mcx_settings } τ:ContactGUID = Dict { native = contactguid } τ:JPEGPhoto = Dict { native = jpegphoto } τ:RecordName = Dict { native = name } τ:ServicesLocator = Dict { native = serviceslocator } τ:SMBRID = Dict { native = smb_rid } τ:HomeDirectory = Dict { native = home_loc } τ:GroupMembers = Dict { native = groupmembers } τ:EMailAddress = Dict { native = mail } τ:OwnerGUID = Dict { native = ownerguid } } native = computergroups } dsRecTypeStandard:Networks = Dict { attributetypes = Dict { τ:GeneratedUID = Dict { native = generateduid } τ:RecordName = Dict { native = name } } native = networks } dsRecTypeStandard:Computers = Dict { attributetypes = Dict { τ:MCXSettings = Dict { native = mcx_settings } τ:GeneratedUID = Dict { native = generateduid } τ:Keywords = Dict { native = keywords } τ:KerberosServices = Dict { native = kerberosServices } τ:UniqueID = Dict { native = uid } τ:SMBSID = Dict { native = smb_sid } τ:TimeToLive = Dict { native = timetolive } τ:HardwareUUID = Dict { native = hardwareuuid } τ:AltSecurityIdentities = Dict { native = altsecurityidentities } τ:ENetAddress = Dict { native = en_address } τ:SMBGroupRID = Dict { native = smb_group_rid } τ:SMBLogoffTime = Dict { native = smb_logoff_time } τ:MCXFlags = Dict { native = mcx_flags } τ:SMBAccountFlags = Dict { native = smb_acctFlags } τ:URL = Dict { native = URL } τ:PrimaryGroupID = Dict { native = gid } τ:RealName = Dict { native = realname } τ:IPAddressAndENetAddress = Dict { native = ipaddressandenetaddress } τ:SMBLogonTime = Dict { native = smb_logon_time } τ:PrimaryComputerList = Dict { native = primarycomputerlist } τ:Group = Dict { native = groups } τ:IPAddress = Dict { native = ip_address } τ:SMBPrimaryGroupSID = Dict { native = smb_primary_group_sid } τ:IPv6Address = Dict { native = ipv6_address } τ:AuthenticationAuthority = Dict { native = authentication_authority } τ:Category = Dict { native = category } τ:RecordName = Dict { native = name } τ:NodeSASLRealm = Dict { native = saslRealm } τ:SMBRID = Dict { native = smb_rid } τ:XMLPlist = Dict { native = XMLPlist } τ:NetworkView = Dict { native = networkview } τ:SMBKickoffTime = Dict { native = smb_kickoff_time } τ:SMBPasswordLastSet = Dict { native = smb_pwd_last_set } τ:Comment = Dict { native = comment } } native = computers } dsRecTypeStandard:AFPUserAliases = Dict { attributetypes = Dict { τ:GeneratedUID = Dict { native = generateduid } τ:RecordName = Dict { native = name } } native = afpuseraliases } dsRecTypeStandard:Mounts = Dict { attributetypes = Dict { τ:VFSDumpFreq = Dict { native = dump_freq } τ:VFSType = Dict { native = vfstype } τ:VFSLinkDir = Dict { native = dir } τ:GeneratedUID = Dict { native = generateduid } τ:RecordName = Dict { native = name } τ:VFSPassNo = Dict { native = passno } τ:VFSOpts = Dict { native = opts } } native = mounts } dsRecTypeStandard:Config = Dict { attributetypes = Dict { τ:DataStamp = Dict { native = data_stamp } τ:PasswordServerLocation = Dict { native = passwordserverlocation } τ:Keywords = Dict { native = keywords } τ:GeneratedUID = Dict { native = generateduid } τ:RecordName = Dict { native = name } τ:KDCAuthKey = Dict { native = kdcauthkey } τ:PasswordServerList = Dict { native = passwordserverlist } τ:Comment = Dict { native = comment } τ:KDCConfigData = Dict { native = kdcconfigdata } τ:RealName = Dict { native = realname } τ:TimeToLive = Dict { native = timetolive } τ:XMLPlist = Dict { native = XMLPlist } } native = config } dsRecTypeStandard:NetGroups = Dict { attributetypes = Dict { τ:GeneratedUID = Dict { native = generateduid } τ:RecordName = Dict { native = name } } native = netgroups } dsRecTypeStandard:SharePoints = Dict { attributetypes = Dict { τ:GeneratedUID = Dict { native = generateduid } τ:RecordName = Dict { native = name } } native = sharepoints } dsRecTypeStandard:RPC = Dict { attributetypes = Dict { τ:GeneratedUID = Dict { native = generateduid } τ:RecordName = Dict { native = name } } native = rpc } } } module options = Dict { PlistFile = Dict { index = Dict { people = Array { generateduid realname name mail } protocols = Array { name } computers = Array { altsecurityidentities hardwareuuid realname en_address generateduid ip_address ipv6_address name smb_rid smb_sid uid } users = Array { altsecurityidentities generateduid realname name smb_rid smb_sid uid mail } networks = Array { en_address ipv6_address ip_address name } computergroups = Array { mail realname generateduid groupmembers users nestedgroups gid name smb_rid smb_sid } ethernets = Array { name } automountmap = Array { name } sharepoints = Array { name } config = Array { name realname } computerlists = Array { name } automount = Array { name } services = Array { name port } mounts = Array { name } groups = Array { realname generateduid groupmembers users nestedgroups gid mail name smb_rid smb_sid member } hosts = Array { en_address ipv6_address ip_address name } rpc = Array { name } } } } node name = /Local comment = Local Node hide registration = true modules = Dict { default = Array { Dict { module = PlistFile options = Dict { path = /var/db/dslocal/nodes/ } uuid = 3F0022F0-EAFC-4596-BDC7-9E75E3DD2C86 } } authentication = Array { Dict { module = AppleID options = Dict { } uuid = F68E780B-A1CA-466A-9E40-0116CBE7F981 } } } } Command:
Configure.plist
 node name = /Configure comment = Configure node for legacy lookups
    locked = true       enabled = true          mappings = Dict { }      hide registration = true
    modules = Dict {
        default = Array { Dict { module = configure options = Dict { } uuid = 4A23C86D-BFF0-4E36-AE91-77704F6A8DA3 } 
                          Dict { module = keychain  options = Dict { } uuid = C8CA78D4-999E-4418-8202-BC7E817F54D6 } }
                    }

Active Directory.plist
 node name = /Active Directory comment = Top level generic Active Directory node
    enabled = true      locked = true module        options = Dict { } options = Dict { }   hide registration = true 
    modules = Dict {
        default = Array { Dict { module = ActiveDirectory options = Dict { } uuid = 915C8529-71E2-44F9-80D2-704C33FFA2E6 } }
                  }
Search.plist
NIS.plist
LDAPv3.plist
node name = /LDAPv3 comment = Top level generic LDAPv3 node
    locked = true enabled = true mappings = Dict { }
    hide registration = true
    modules = Dict {
        session = Array { Dict { module = ldap options = Dict { } uuid = A1621431-430E-4548-A77B-B6383E12106C }
        }
/System/Library/OpenDirectory/DynamicNodeTemplates/
597 Nov 27 18:58 LDAPv3.plist
/System/Library/OpenDirectory/Mappings/ record/attribute mapping tables
18434 Nov 27 18:49 Open Directory.plist
  3884 Nov 27 18:58 RFC2307.plist
/System/Library/OpenDirectory/Modules/ to be loaded on demand
 102 Jun 20  2012 proxy.bundle/
 102 Jun 20  2012 FDESupport.bundle/
 102 Jul 26  2012 ActiveDirectory.bundle/
 102 Jul 26  2012 NetLogon.bundle/
 102 Aug 23 23:15 ldap.bundle/
 102 Aug 23 23:15 legacy.bundle/
 102 Aug 23 23:15 nis.bundle/
 102 Aug 23 23:15 PlistFile.bundle/
 102 Aug 23 23:15 search.bundle/
 102 Aug 23 23:15 configure.bundle/
 102 Aug 23 23:15 statistics.bundle/
 102 Aug 23 23:15 SystemCache.bundle/
 102 Aug 23 23:15 Kerberosv5.bundle/
 102 Aug 23 23:15 keychain.bundle/
 102 Aug 23 23:22 AppleODClientLDAP.bundle/
 102 Aug 23 23:22 AppleODClientPWS.bundle/
 102 Aug 24 04:28 ConfigurationProfiles.bundle/

./ActiveDirectory.bundle/Contents:
 1141 Nov 27 18:49 Info.plist
  477 Nov 27 18:49 version.plist 
./ActiveDirectory.bundle/Contents/MacOS: 172704 Nov 27 18:49 ActiveDirectory
./ActiveDirectory.bundle/Contents/Resources: 102 Jul 26  2012 English.lproj 
./ActiveDirectory.bundle/Contents/Resources/English.lproj: 42 Nov 27 18:49 InfoPlist.strings 
./ActiveDirectory.bundle/Contents/_CodeSignature: 2104 Nov 27 18:49 CodeResources

./AppleODClientLDAP.bundle/Contents:
 1145 Nov 27 18:49 Info.plist
  466 Nov 27 18:49 version.plist 
./AppleODClientLDAP.bundle/Contents/MacOS: 177056 Nov 27 18:49 AppleODClientLDAP 
./AppleODClientLDAP.bundle/Contents/Resources: 507 Nov 27 18:49 AppleODClientLDAP-Info.plist 
./AppleODClientLDAP.bundle/Contents/_CodeSignature: 1847 Nov 27 18:49 CodeResources 

./AppleODClientPWS.bundle/Contents:
 1142 Nov 27 18:49 Info.plist
  466 Nov 27 18:49 version.plist 
./AppleODClientPWS.bundle/Contents/MacOS: 179792 Nov 27 18:49 AppleODClientPWS 
./AppleODClientPWS.bundle/Contents/Resources: 507 Nov 27 18:49 AppleODClientPWS-Info.plist 
./AppleODClientPWS.bundle/Contents/_CodeSignature: 1846 Nov 27 18:49 CodeResources

./ConfigurationProfiles.bundle/Contents:
1194 Nov 27 18:54 Info.plist
102 Aug 24 04:29 _CodeSignature
463 Nov 27 18:54 version.plist 
./ConfigurationProfiles.bundle/Contents/MacOS: 30960 Nov 27 18:54 ConfigurationProfiles 
./ConfigurationProfiles.bundle/Contents/Resources: 102 Aug 24 04:29 English.lproj
… 
./ConfigurationProfiles.bundle/Contents/Resources/English.lproj: 42 Nov 27 18:54 InfoPlist.strings
…

 2104 Nov 27 18:54 CodeResources

./FDESupport.bundle/Contents:
 1124 Nov 27 18:54 Info.plist
  460 Nov 27 18:54 version.plist 
./FDESupport.bundle/Contents/MacOS: 21232 Nov 27 18:54 FDESupport 
./FDESupport.bundle/Contents/_CodeSignature: 1745 Nov 27 18:54 CodeResources

./Kerberosv5.bundle/Contents:
 1130 Nov 27 18:58 Info.plist
  467 Nov 27 18:58 version.plist 
./Kerberosv5.bundle/Contents/MacOS: 23936 Nov 27 18:58 Kerberosv5 
./Kerberosv5.bundle/Contents/_CodeSignature: 1745 Nov 27 18:58 CodeResources 

./NetLogon.bundle/Contents:
 1120 Nov 27 18:49 Info.plist
  477 Nov 27 18:49 version.plist 
./NetLogon.bundle/Contents/MacOS: 22576 Nov 27 18:49 NetLogon
./NetLogon.bundle/Contents/_CodeSignature: 1745 Nov 27 18:49 CodeResources

./PlistFile.bundle/Contents:
 1127 Nov 27 18:48 Info.plist
  467 Nov 27 18:48 version.plist 
./PlistFile.bundle/Contents/MacOS: 166176 Nov 27 18:48 PlistFile 
./PlistFile.bundle/Contents/_CodeSignature: 1745 Nov 27 18:48 CodeResources

./SystemCache.bundle/Contents:
 1133 Nov 27 18:58 Info.plist
  467 Nov 27 18:58 version.plist 
./SystemCache.bundle/Contents/MacOS: 324192 Nov 27 18:58 SystemCache 
./SystemCache.bundle/Contents/_CodeSignature: 1745 Nov 27 18:58 CodeResources

./configure.bundle/Contents:
 1127 Nov 27 18:48 Info.plist
  467 Nov 27 18:48 version.plist 
./configure.bundle/Contents/MacOS: 49552 Nov 27 18:48 configure 
./configure.bundle/Contents/_CodeSignature: 1745 Nov 27 18:48 CodeResources

./keychain.bundle/Contents:
 1124 Nov 27 18:58 Info.plist
  467 Nov 27 18:58 version.plist 
./keychain.bundle/Contents/MacOS: 21328 Nov 27 18:58 keychain 
./keychain.bundle/Contents/_CodeSignature: 1745 Nov 27 18:58 CodeResources

./ldap.bundle/Contents:
 1112 Nov 27 18:58 Info.plist
  467 Nov 27 18:58 version.plist 
./ldap.bundle/Contents/MacOS: 113408 Nov 27 18:58 ldap 
./ldap.bundle/Contents/_CodeSignature: 1745 Nov 27 18:58 CodeResources

./legacy.bundle/Contents:
 1118 Nov 27 18:58 Info.plist
  467 Nov 27 18:58 version.plist 
./legacy.bundle/Contents/MacOS: 29680 Nov 27 18:58 legacy 
./legacy.bundle/Contents/_CodeSignature: 1745 Nov 27 18:58 CodeResources

./nis.bundle/Contents:
 1109 Nov 27 18:58 Info.plist
  467 Nov 27 18:58 version.plist 
./nis.bundle/Contents/MacOS: 58192 Nov 27 18:58 nis 
./nis.bundle/Contents/_CodeSignature: 1745 Nov 27 18:58 CodeResources

./proxy.bundle/Contents:
 1111 Nov 27 18:58 Info.plist
  457 Nov 27 18:58 version.plist 
./proxy.bundle/Contents/MacOS: 34864 Nov 27 18:58 proxy 
./proxy.bundle/Contents/_CodeSignature: 1745 Nov 27 18:58 CodeResources

./search.bundle/Contents:
 1118 Nov 27 18:58 Info.plist
  467 Nov 27 18:58 version.plist
./search.bundle/Contents/MacOS: 59200 Nov 27 18:58 search 
./search.bundle/Contents/_CodeSignature: 1745 Nov 27 18:58 CodeResources

./statistics.bundle/Contents:
 1130 Nov 27 18:58 Info.plist
  467 Nov 27 18:58 version.plist
./statistics.bundle/Contents/MacOS: 21008 Nov 27 18:58 statistics 
./statistics.bundle/Contents/_CodeSignature: 1745 Nov 27 18:58 CodeResources

/System/Library/OpenDirectory/Templates/
12222 Nov 27 18:49 Active Directory.plist
   545 Nov 27 18:49 Open Directory Server.plist
   253 Nov 27 18:58 LDAPv3.plist
/System/Library/OpenDirectory/record-schema.plist record/attribute schema
/System/Library/OpenDirectory/permissions.plist global record/attribute permissions
User defined files:
/Library/OpenDirectory/Templates/ used for node styles (module layout and mappings)
/Library/OpenDirectory/Mappings/ record/attribute mapping tables
Files that change periodically are located in:
/Library/Preferences/OpenDirectory/Configurations/ by node
/Library/Preferences/OpenDirectory/DynamicData/ stored by nodes
/Library/Preferences/OpenDirectory/.LogDebugAtStartOnce enables debug logging until process exits or system is rebooted (reboot required)
/var/log/opendirectoryd.log*
Legacy locations:
/Library/DirectoryServices/PlugIns/ third party DirectoryService plugins loaded by dspluginhelperd

SEE ALSO

odutil, dspluginhelperd, slapd

BSD March 3, 2011 Replaces "DirectoryService" as a core part of the Open Directory technology.
Several modules are provided that allow access to existing directory systems: