Sometimes, it seems like your network must be haunted. Everything works perfectly for days then a lone workstation goes crazy, losing internet access, failing to bind to the server, or even using an IP outside your normal range. A reboot remedies the problem, until it crops up days later on a completely different machine.

Last week in part one of this article, we explored the basics of getting Open Directory up and running on your OS X Server. This week, we’ll set security policy to restrict access to your network services, then create or migrate user accounts to the LDAP directory for distribution and set up your workstations to use them.

It can control your company’s user accounts, their password policies and preferences. It allows access to home directories from anywhere on the network, and mirror that data safely to your server. It forms the basis for features like shared calendaring and contacts, single sign-on to computing resources, and enterprise-level security for all your network services. In the past, Open Directory may have been Apple’s best-kept secret, but it’s now the essential element of business-class Macintosh deployment.

With it’s spacey presentation and it’s promise of effortless data safety, Time Machine is the marquee feature of OS X Leopard, mentioned in every review as worth the price of the upgrade alone. While the ability to minimize data loss on any machine is fantastic, Time Machine presents some unique challenges for the people tasked with maintaining those machines. The minimal configuration options that make Time Machine so easy to use can also make it hard to control. Fortunately, there are more tools available than are exposed in the graphical interface.