For the record, the root user can login to AFP if one enables root login in the NetInfo database.
Look in the local NetInfo/config/AppleFileServer/ at the allow_root_login property. If it is set to 1 instead of 0 then the root user may use AFP. It's best to leave it at 0 but one doesn't have to do so.
LDAP on Mac OS X 10.2 does use the NetInfo database. Addition schema gets added to LDAP to accomedate the NetInfo data. Open NetInfo Manager on the client side and go to the parent and lo! still NetInfo. LDAP is just the messenger. I'm not sure about Panther but I believe it does this as well. LDAP isn't married to one database, it could use MySQL forinstance.
Errata: I could be wrong as to whether it is NetInfo or LDAP that's on by default but the end result is the same. So turn off LDAP too in Directory Access if you don't need it.
Ditching NetInfo entirely isn't a choice as local accounts in Mac OS X are controlled by NetInfo. I've encountered the same problems with the local.nidb as the original poster but the network.nidb has been extremely reliable for us. While network accounts on Mac OS X.2 Server can be managed via LDAP, the database that supplies the information to LDAP is still the NetInfo database. (I think there may be a Macintosh-based 3rd party solution besides using a non-mac LDAP server but you lose all Apple's shiny admin tools.) Also the translation of data from the NetInfo database to the LDAP protocol has some overhead and slows down network logins as bit. (Panther server is supposed to address this but I haven't had a chance to play with it yet.) Cloning directory servers is also a bit easier with NetInfo.
Aside from a few glitches, I've found NetInfo to be a non-issue.
Requires: Access to NetInfo network admin account and a NetInfo server broadcasting on DHCP.
Macs ship with Directory Access set up to automatically look for NetInfo DHCP server and also have their root account disabled with no password. You can log in directly to such computers with the network admin account , enable root and set the password without using a boot disk.
Lesson: Alway set a password for your root account, even if you never plan on using it. Turn off NetInfo in Directory Access if you don't need it. It will speed up start-up as well.
Slashdot Mirror
For the record, the root user can login to AFP if one enables root login in the NetInfo database.
/config/AppleFileServer/ at the allow_root_login property. If it is set to 1 instead of 0 then the root user may use AFP. It's best to leave it at 0 but one doesn't have to do so.
Look in the local NetInfo
LDAP on Mac OS X 10.2 does use the NetInfo database. Addition schema gets added to LDAP to accomedate the NetInfo data. Open NetInfo Manager on the client side and go to the parent and lo! still NetInfo. LDAP is just the messenger. I'm not sure about Panther but I believe it does this as well. LDAP isn't married to one database, it could use MySQL forinstance.
/etc/openldap/slapd.conf
/etc/openldap/schema/core.schema /etc/openldap/schema/cosine.schema /etc/openldap/schema/nis.schema /etc/openldap/schema/inetorgperson.schema /etc/openldap/schema/misc.schema /etc/openldap/schema/apple.schema /var/run/slapd.pid /var/run/slapd.args
/var/db/netinfo/network.nidb /etc/openldap/schema/netinfo.schema
% sudo cat
##
# slapd.conf file for NetInfo bridge
##
include
include
include
include
include
include
pidfile
argsfile
allows bind_v2
schemacheck off
database netinfo
suffix ""
flags DSENGINE_FLAGS_NATIVE_AUTHORIZATION DSSTORE_FLAGS_ACCESS_READWRITE
datasource
include
Errata: I could be wrong as to whether it is NetInfo or LDAP that's on by default but the end result is the same. So turn off LDAP too in Directory Access if you don't need it.
Ditching NetInfo entirely isn't a choice as local accounts in Mac OS X are controlled by NetInfo. I've encountered the same problems with the local.nidb as the original poster but the network.nidb has been extremely reliable for us. While network accounts on Mac OS X.2 Server can be managed via LDAP, the database that supplies the information to LDAP is still the NetInfo database. (I think there may be a Macintosh-based 3rd party solution besides using a non-mac LDAP server but you lose all Apple's shiny admin tools.) Also the translation of data from the NetInfo database to the LDAP protocol has some overhead and slows down network logins as bit. (Panther server is supposed to address this but I haven't had a chance to play with it yet.) Cloning directory servers is also a bit easier with NetInfo.
Aside from a few glitches, I've found NetInfo to be a non-issue.
Fun Bonus Tip!
Requires: Access to NetInfo network admin account and a NetInfo server broadcasting on DHCP.
Macs ship with Directory Access set up to automatically look for NetInfo DHCP server and also have their root account disabled with no password. You can log in directly to such computers with the network admin account , enable root and set the password without using a boot disk.
Lesson: Alway set a password for your root account, even if you never plan on using it. Turn off NetInfo in Directory Access if you don't need it. It will speed up start-up as well.