Planning names for servers and users in a Lotus Domino site

Portal Express, Version 6.0
Operating systems: i5/OS, Linux, Windows

Plan names for servers and users in a Lotus Domino site

+
Search Tips | Advanced Search

Overview

If the Lotus Domino server name is not the same as the physical machine name, verify that the name is resolvable through DNS. For example, you could name a hub server in Chicago acmehub, which, combined with the machine’s domain, could yield a fully qualified host name of...
acmehub.chicago.acme.com

You would configure an entry in DNS for...
acmehub.chicago.acme.com

...to point to the physical IP address of the server. It is not a requirement to make the Lotus Domino server name the same as the physical machine name, but if it is not, Server Connection documents are required in all other Lotus Domino servers and the Lotus Notes or Lotus Domino Administrator client software running on them.

Table of user identities

Some names in the following table are specified during the Domino server setup procedure you perform after installing the Lotus Domino LDAP server for the first time. If you later perform an upgrade installation, configuration choices from the first-time Domino server setup will be used; you will not see screens presenting these choices again.

Identity Description Example
Organization name for a Lotus Domino LDAP server Specified during the Domino server setup procedure. dom_hub/chicago/foobarcorp
Administrator of a Lotus Domino LDAP server Created during the Domino server setup procedure. wpsadmin
You can make this the same as the user name of an administrator in WebSphere Portal Express, PortalAdminId in the wpconfig.properties file
Administrator of a Lotus Domino LDAP server with ability to run the Domino-WebSphere Portal Express Integration Wizard Created during the Domino server setup procedure. It can be the same one as above, but only if it has the following characteristics:

The user must be an Administrator, allowed to issue a full range of operating system commands to the server.
The user must have authority to run server programs created with all Java and JavaScript features...
Run restricted LotusScript/Java agents

The user must have an Internet password specified in his Person document
The user must be in the Access Control List of the DPICFG.NSF database

Bind user OR IBM WebSphere Application Server administrator OR both This identity is used by IBM WebSphere Portal Express to access the LDAP directory.
Both LDAP directory and security configuration for WebSphere Portal Express involve modifying values in the wpconfig.properties file.
If you keep the default values for the "Bind Distinguished Name" in this properties file, the user name wpsbind will be used for this LDAP access account.
Created during the Domino server setup procedure.
wpsbind
Should be the same as the user ID of an administrator for the WAS. WasUserID in the wpconfig.properties file.
Certifier ID Used to register every Lotus Domino server that you add after the first one in the portal site, including the Lotus Domino servers that run Lotus Sametime and Lotus QuickPlace.
Registering servers with the certifier ID makes all the servers members of the same organization and (Lotus Domino) domain, by stamping each server ID with a certificate defining where the server belongs in the organization..
cert.id
WebSphere Portal Express administrators group You should manually edit the group wpsadmins to...
wpsadmins/foobarcorp
This edit creates a fully distinguished LDAP name of...
cn=wpsadmins/o=foobarcorp

This change must made when using a Lotus Domino LDAP directory, because Lotus Domino does not store groups in the hierarchical format that WebSphere Portal Express expects.
wpsadmins/foobarcorp
Should be the same as the group name of an administrator for all administrators for the WebSphere Portal Express server, PortalAdminGroupId in the wpconfig.properties file.
In the ACL of the Lotus Domino Directory this group should have Author or Editor access, and the Role Types.
These settings allow the administrator group to write and edit Person documents in the Lotus Domino Directory; these are necessary tasks in a portal that uses subscriber management.
Lotus Sametime server administrator Has administrative access to the Lotus Sametime server and can modify Web pages on the server. stadmin
Lotus Sametime server administrator with ability to run the Domino-WebSphere Portal Express Integration Wizard Has administrative access to the Lotus Sametime server, as well as all the characteristics listed above for the Administrator of a Lotus Domino LDAP server with ability to run the Domino-WebSphere Portal Express Integration Wizard.
Lotus QuickPlace server administrator Has administrative access to the Lotus QuickPlace server and can modify Web pages on the server. qpadmin
Lotus Sametime Web Conferencing administrator Created in the Lotus Domino Directory (names.nsf) on the Lotus Sametime Web Conferencing server. It is used only for integration of Lotus Sametime and the Inline QuickPlace portlet.
In the ACL of the STConfig.nsf database, this user name is a Person/Manager, and has, at minimum, role(s) equivalent to those specified for the servlet entry of the meeting API in the servlets.properties file on the Lotus Domino server.
st_webconf_admin

Parent topic:
Information roadmap: Domino Integration

Related concepts
Plan for collaborative servers and portlets

Identity	Description	Example
Organization name for a Lotus Domino LDAP server	Specified during the Domino server setup procedure.	dom_hub/chicago/foobarcorp
Administrator of a Lotus Domino LDAP server	Created during the Domino server setup procedure.	wpsadmin You can make this the same as the user name of an administrator in WebSphere Portal Express, PortalAdminId in the wpconfig.properties file
Administrator of a Lotus Domino LDAP server with ability to run the Domino-WebSphere Portal Express Integration Wizard	Created during the Domino server setup procedure. It can be the same one as above, but only if it has the following characteristics: The user must be an Administrator, allowed to issue a full range of operating system commands to the server. The user must have authority to run server programs created with all Java and JavaScript features... Run restricted LotusScript/Java agents The user must have an Internet password specified in his Person document The user must be in the Access Control List of the DPICFG.NSF database
Bind user OR IBM WebSphere Application Server administrator OR both	This identity is used by IBM WebSphere Portal Express to access the LDAP directory. Both LDAP directory and security configuration for WebSphere Portal Express involve modifying values in the wpconfig.properties file. If you keep the default values for the "Bind Distinguished Name" in this properties file, the user name wpsbind will be used for this LDAP access account. Created during the Domino server setup procedure.	wpsbind Should be the same as the user ID of an administrator for the WAS. WasUserID in the wpconfig.properties file.
Certifier ID	Used to register every Lotus Domino server that you add after the first one in the portal site, including the Lotus Domino servers that run Lotus Sametime and Lotus QuickPlace. Registering servers with the certifier ID makes all the servers members of the same organization and (Lotus Domino) domain, by stamping each server ID with a certificate defining where the server belongs in the organization..	cert.id
WebSphere Portal Express administrators group	You should manually edit the group wpsadmins to... wpsadmins/foobarcorp This edit creates a fully distinguished LDAP name of... cn=wpsadmins/o=foobarcorp This change must made when using a Lotus Domino LDAP directory, because Lotus Domino does not store groups in the hierarchical format that WebSphere Portal Express expects.	wpsadmins/foobarcorp Should be the same as the group name of an administrator for all administrators for the WebSphere Portal Express server, PortalAdminGroupId in the wpconfig.properties file. In the ACL of the Lotus Domino Directory this group should have Author or Editor access, and the Role Types. These settings allow the administrator group to write and edit Person documents in the Lotus Domino Directory; these are necessary tasks in a portal that uses subscriber management.
Lotus Sametime server administrator	Has administrative access to the Lotus Sametime server and can modify Web pages on the server.	stadmin
Lotus Sametime server administrator with ability to run the Domino-WebSphere Portal Express Integration Wizard	Has administrative access to the Lotus Sametime server, as well as all the characteristics listed above for the Administrator of a Lotus Domino LDAP server with ability to run the Domino-WebSphere Portal Express Integration Wizard.
Lotus QuickPlace server administrator	Has administrative access to the Lotus QuickPlace server and can modify Web pages on the server.	qpadmin
Lotus Sametime Web Conferencing administrator	Created in the Lotus Domino Directory (names.nsf) on the Lotus Sametime Web Conferencing server. It is used only for integration of Lotus Sametime and the Inline QuickPlace portlet. In the ACL of the STConfig.nsf database, this user name is a Person/Manager, and has, at minimum, role(s) equivalent to those specified for the servlet entry of the meeting API in the servlets.properties file on the Lotus Domino server.	st_webconf_admin