Describe the difference between authentication and authorization, and give an example of each.
Authentication is the process by which the system requires you to provide information before it allows you to access a specific account. An example is entering a name and password while connecting to a Lion Server’s Apple Filing Protocol service. Authorization refers to the process by which permissions are used to regulate a user’s access to specific resources, such as files and shared folders, once the user has been authenticated.
What is the difference between user and administrator accounts on Lion Server?
User accounts provide basic access to a computer or server, whereas administrator accounts allow a person to administer the computer. On Lion Server, an administrator account is typically used for changing settings on the server computer itself, usually through the Server app, Server Admin, or Workgroup Manager.
Which applications can you use to configure Lion Server local user and group settings?
You can use the Users & Groups preferences, the Server app, and Workgroup Manager to create and configure local users and groups.
What tool can you use to import and export user accounts?
You can use Workgroup Manager to import and export user accounts. Additionally, you can use the Server app to import network users after you authenticate as a directory administrator.
Which two file formats can you use to import users with
You can use Workgroup Manager to import a character- delimited text file with user information, but you need to use Workgroup Manager to define the characteristics of the information contained in the file. You can also import a text file that has a header line at the beginning of the file that defines its contents, such as a file exported from another OS X Server computer.
Can you export user passwords with Workgroup Manager?
No. You can only import user passwords; you can’t export user passwords when you export users with Workgroup Manager.
What tool can you use to authorize a nonadministrative user to administer or monitor specific services on Lion Server?
You can use Server Admin to give a nonadministrative user the ability to use Server Admin to administer or monitor specific services.
What’s the difference between service ACLs and limited administrator settings?
Service ACLs determine which users can use a given service, whereas limited administrator settings control which nonadministrative users can monitor or change a service with Server Admin.
What’s an easy way to help your users running Lion to quickly configure their computers to use your server’s VPN service?
Select VPN in the Server app sidebar, click Save Configuration Profile, and distribute the resulting .mobileconfig file to your users. When a user of a computer with Lion opens the .mobileconfig file, the Profiles preferences automatically open and prompt the user to install the configuration profile.