OS X Server: Configuring WebDAV sharing for Active Directory accounts
Summary
Learn about configuring WebDAV sharing for Active Directory accounts.
Products Affected
Lion Server, OS X Server (Mountain Lion)
OS X Server's WebDAV Sharing feature uses HTTP Digest authentication by default to secure access to share points and home directories from iWork apps on iOS device; however, this authentication method does not support user accounts defined in Active Directory. This article describes how to enable Basic authentication over SSL to support these users.
Important: To configure WebDAV Sharing for such users, follow these instructions before enabling any WebDAV share points.
Note: The instructions in this article include editing configuration files. In OS X Server (Mountain Lion) the files are stored in the /Library/Server/Web/Config/apache2/ directory. In Lion Server they are stored in the /etc/apache2/ directory. When editing these files, follow the guidelines in this article. You must have root access to edit them. You should make a backup copy of each file prior to editing it.
- Stop the File Sharing service in Server app.
- Optional, but highly recommended: Acquire and install a trusted SSL certificate, and use Server app to configure Web Service to use the certificate. You can use the server's default, self-signed certificate for WebDAV Sharing, but iWork apps in iOS may warn that the certificate is "invalid".
- Edit httpd_webdavsharing.conf.
Find this line:
AuthType DigestChange Digest to Basic. This makes WebDAV Sharing use Basic authentication, which is required for Active Directory users.
- Edit webapps/com.apple.webapp.webdavsharing.plist.
Find these lines:
sslPolicy
0Change the 0 to 1. This makes WebDAV Sharing require SSL, which is the only secure way to use Basic authentication.
- Advise users to configure the iWork clients on their iOS devices with an "https" WebDAV URL, such as:
https://example.com/webdav
- Start the File Sharing service in Server app.
Read more http://support.apple.com/kb/HT4777