OS X Login Authentication Against Leopard Server
It sounds more likely something may be wrong with your configuration - how did you add the Open Directory server in Directory Utility as what you want is precisely how it is supposed to work.
Additionally, before too much else double check your DNS as DNS will cause all sorts of issues with Open Directory.
For instructions you can check the docs: Open Directory Admin PDF, specifically: page 118 quoted:
To connect to a standard or workgroup configuration server:
1 Open Directory Utility (in /Applications/Utilities/).
2 If the lock icon is locked, unlock it by clicking it and entering the name and password of an administrator.
3 Click Directory Servers, then click the Add (+) button.
4 From the “Add a new directory of type” pop-up menu, choose Open Directory.
5 In the “Server Name or IP Address” field, enter the server name or IP address.
6 (Conditional) Before you select the “Encrypt using SSL” checkbox, check with your Open directory administrator to determine if SSL is needed.
7 In the Introduction pane, a list of services offered by the server you are connecting to are displayed, click Begin Setup.
8 Enter the Authentication information for the server you are connecting to.
In the name and password field, enter the administrator name and password for the server you are connecting to.
Enter the password for the user account that appears in “Enter the password for the account username on this computer.”
9 Click Continue.
10 Under Configuration Options, choose to let Directory Utility configure your applications or not.
Select Yes if you want the server to configure your application to use services that it offers.
Select No to bypass this configuration.
11 Click Continue.
12 Click Finish Setup.
Here is something you can do to check where things are at on the client.
Open up a Terminal, and run dscl
. It allows you to access the directory services from the command line, and when run with no options, it is interactive (and feels rather like navigating a filesystem heirarchy, complete with tab completion.)
$ dscl
ls
Your listing will probably include:
- BSD
- LDAPv3
- Local
- [a blank line]
- Search
- Contact
Now, let us see what directories you are bound to through LDAP (which includes OpenDirectory, as it uses OpenLDAP):
cd LDAPv3
ls
You should see an IP address corresponding to the Open Directory Master/Replica you are bound to. If there is nothing here, you aren't bound to anything.
cd [IP address of ODM/ODR -- tab completion can help]
ls
You should see a bunch of directories. If you get nothing, you either aren't bound, the server isn't responding, or there is a network problem.
cd Users
ls
You should see a list of your users. To get details info on one of them:
read [username]
or, for less spew, you can specify which parameters you are interested, like so:
read [username] UniqueID PrimaryGroupID RecordName RealName NFSHomeDirectory UserShell
or, to see info on all of the users, try:
readall . RealName UniqueID
Lastly, you can query the search path (searched for users to authenticate) and the contacts path (users who show up in Directory.app and Address Book.app), by doing, respectively:
readall /Search/Users RealName UniqueID
readall /Contacts/Users RealName UniqueID
Did this indicate anything regarding the binding status of your client?
One other things to try is:
ssh username@localhost
This will let you test if authentication is working. (ssh needs to be enabled first. System Preferences -> Sharing -> Remote Login).