Hello Jordan and/or anyone else,<br><br>Sorry to be such a pest (I know that MacWorld is this week and so time is probably limited for Apple) but I was wondering if my question was better clarified the second time?<br><br>
Thank you!<br><br>-T.M.<br><br><div><span class="gmail_quote">On 1/14/08, <b class="gmail_sendername">Tabitha McNerney</b> &lt;<a href="mailto:tabithamc@gmail.com">tabithamc@gmail.com</a>&gt; wrote:</span><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
<br><br><div><span class="q"><span class="gmail_quote">On 1/13/08, <b class="gmail_sendername">Jordan K. Hubbard</b> &lt;<a href="mailto:jkh@apple.com" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">
jkh@apple.com</a>&gt; wrote:</span><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
<div>I&#39;m sorry, Tabitha, but I&#39;ve read this message twice and I still have no idea just what question it is you&#39;re actually asking here. :-)<div><br></div><div>- Jordan</div></div></blockquote></span><div><br>

Jordan, I&#39;ll try to rephrase my question to hopefully clarify: <br><br>Why doesn&#39;t Apple include, in Mac OS X Server 10.5, a local directory entry of a user user named &quot;_ldap&quot;?<br><br>A follow up question: 
<br><br>What criteria did Apple use for selecting names, in the local directory domain of Mac OS X Server 10.5, which were eligible to receive an underscore prefix? <br><br>What triggered my question was the MacPorts openldap installation on Leopard Server creates a local directory user named &quot;ldap&quot; but I half expected in Leopard to find a prexisting user named &quot;_ldap&quot; in the local directory (courtesy of Apple), considering some of the other underscored prefixed Unix user names that prexist courtesy of Apple as _postfix 
<br><br>Thank you,<br><span class="sg"><br>T.M.<br>&nbsp;</span></div><div><span class="e" id="q_1177829097e70121_5"><br><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
<div><div><span>
<div><div><div>On Jan 13, 2008, at 9:17 PM, Tabitha McNerney wrote:</div><br><blockquote type="cite">Hello Jordan, et al:<br><br>Today I was reading my documentation for running a separate OpenLDAP daemon on an Xserve running Leopard Server. I installed the openldap MacPort (which is based on OpenLDAP version 
2.3.35) and I was somewhat surprised that the installation created a user with short name &quot;ldap&quot; and a UID of 500 (with a group short name of &quot;ldap&quot; and a gid of 502). The reason this surprised me is that Apple ships with Leopard Server a compilation instance of OpenLDAP 
2.3.27 which is of course the basis for OpenDirectory, and which slapd daemon is run by root apparently at boot time (I presume there is a launchd plist for this but I haven&#39;t looked yet).<br><br>Now, therefore, considering the logic of using underscores as prefixes to avoid namespace collisions since the founders of Unix didn&#39;t consider this to be a problem in the 1970s / 1980s, and considering the examples of uids and gids whose corresponding short names that reside in the local domain directory that Apple ships with Leopard Server are, in examples: 
<br><br>_postfix<br>_postdrop<br>_guest<br>_xgridagent<br>_spotlight<br>_mysql<br>_svn<br>_www<br>_jabber<br>_sshd<br><br>and the list goes on ...<br><br>Why oh why do I not see (when I search the local directory domain of my Leopard Server 
10.5.1 instance using WorkgGroup Manager to search on names with underscores in them):<br><br>_ldap ???<br><br>Am I out of my mind that the ommission of &quot;_ldap&quot; is illogical and without basis and is inconsistent with the namespace issue that has been raised herein this discussoin thread thus far? Would it not be possible, for example, for a person to accidentally choose a short user name of &quot;ldap&quot; just as they might also accidentally do so with a name such as &quot;postfix&quot;? Why does life have to be so complicated -- meaning, why do humans create their own unnecessary complexity? We have too many rules we have to remember. Where oh where is my missing friend in Leopard&#39;s local directory domain named, &quot;_ldap&quot;? Thus as a result, the openldap MacPort created a separate user account named &quot;ldap&quot;. Ugh! 
<br><br>Thanks,<br><br>T.M.<br><br><div><span class="gmail_quote">On 1/5/08, <b class="gmail_sendername">Tabitha McNerney</b> &lt;<a href="mailto:tabithamc@gmail.com" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">

tabithamc@gmail.com</a>&gt; wrote:</span><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;"> <br><br><div><span><span class="gmail_quote">On 1/4/08, 
<b class="gmail_sendername"><span name="st">Jordan</span> K. Hubbard</b> &lt;<a href="mailto:jkh@apple.com" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)"> jkh@apple.com</a>&gt; wrote:</span><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">

 This is because the original designers of Unix neglected to take into<br>account the notion of user namespaces - the <span name="st">namespace</span> is flat.&nbsp;&nbsp;That<br>means that system or role specific names can conflict with names that 
<br>users would like to use for themselves ( c.f. &quot;admin&quot; or &quot;operator&quot;)<br>unless you adopt a convention for keeping them separate.&nbsp;&nbsp;That<br>convention is the prefix underscore.<br><br>- <span name="st">

Jordan</span></blockquote> </span><div><br><span name="st">Jordan</span>,<br><br>Thank you very much. Makes perfect sense. Its hard to find fault with the original designers of Unix (they probably never would have guessed, decades later, that individuals in the comfort of their own homes would run Unix on a machine that sits in their lap)! 
<br><br>Best,<br><span><br>T.M.<br></span></div><span><br><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">On Jan 4, 2008, at 5:29 PM, Tabitha McNerney wrote: 
<br> <br>&gt; Hello all --<br>&gt;<br>&gt; I just installed the current version of the Postfix port (version<br>&gt; 2.4.6) on a Leopard Server system.<br>&gt;<br>&gt; After the install, I noticed a username and group name of &quot;_postfix&quot; 
<br>&gt; and &quot;_postdrop&quot; respectively, as in:<br>&gt; drwx--x---&nbsp;&nbsp;2 _postfix&nbsp;&nbsp;_postdrop&nbsp;&nbsp;102 Jan&nbsp;&nbsp;4 23:06 public/<br>&gt; drwx-wx---&nbsp;&nbsp;2 _postfix&nbsp;&nbsp;_postdrop&nbsp;&nbsp;102 Jan&nbsp;&nbsp;4 23:06 maildrop/<br>&gt; This differs from previous Postfix port installations (UID 27 was 
<br>&gt; &quot;postfix&quot; not &quot;_postfix&quot;). This isn&#39;t really a MacPorts specific<br>&gt; issue but I&#39;m wondering if anyone knows why Apple changed their<br>&gt; naming schema on Leopard, for short names such as: 
<br>&gt;<br>&gt; from &quot;postfix&quot; to &quot;_postfix&quot;<br>&gt;<br>&gt; ?<br>&gt;<br>&gt; I wonder if this has something to do with becoming fully UNIX<br>&gt; compliant? POSIX?<br>&gt;<br>&gt; Mr. <span name="st">

 Jordan</span> Hubbard, can you offer some wisdom and perspective on <br>&gt; this subject?<br>&gt;<br>&gt; Thank you,<br>&gt;<br>&gt; T.M.<br>&gt;<br><br></blockquote></span></div><br> </blockquote></div><br></blockquote>

</div><br></div></span></div></div></blockquote></span></div></div><br>
</blockquote></div><br>