Overview of User, Group, and Computer Accounts in Lion Server - dummies

Overview of User, Group, and Computer Accounts in Lion Server

By John Rizzo

Lion Server has three types of accounts: user, group, and computer accounts. User accounts aren’t necessarily individual people; more than one person may have access to a particular user account, such as a shared administrator account.

A user account has a long name, a short name, a password, and a user ID (UID) number. Depending on the type of user account, you can assign other attributes, such as the user’s home folder location. System processes, which are considered to be users but aren’t actually people (at least, not yet), can also have user accounts.

In the local directory of the Mac OS X client, the first UID is 501. In a network Open Directory domain, the first UID is 1025. System-level users, like root (UID 0) or the directory administrator default (UID 1000), generally have lower level numbers.

A number of individual user accounts, when combined, become a group account. Group accounts have Group IDs (GID). Groups make it possible to better manage access to resources on a larger scale. In Lion Server, many collaboration services, including wikis, blogs, and shared folders, can be accessed with group accounts.

The third type of account, computer accounts, are created for computers bound to the shared directory. Putting computer accounts together creates a computer group, similar to a group of users. Workgroup Manager can handle computer accounts; the Server app does not.