Reconcile single sign-on across Lotus Domino and another LDAP directory
If WebSphere Portal uses an LDAP server other than Domino, there are two options for configuring single sign-on between Domino and Portal.
- Synchronize the Distinguished Name in the Domino Directory with the names that WebSphere Portal uses to authenticate a user.
- Use Directory Assistance so that Domino can authenticate with the external LDAP directory.
Synchronize the DN in the Domino Directory with the names that WebSphere Portal uses to authenticate
Add the required values to the username field of the Person document for the user.
For example, if the WebSphere Portal user directory is IBM Directory Server (IDS), and a user's distinguished name from IDS is...
uid=wpsadmin,cn=users,dc=acme,dc=com
...add the following to the username field of the Person document for wpsadmin in Domino...
uid=wpsadmin/cn=users/dc=acme/dc=com
This should be added below the top two entries in the user name field of the Domino Person document.
Use Directory Assistance to enable Domino to authenticate with the external LDAP user directory
- Add the Domino Distinguished Name as an attribute for each user.
For example,
NotesDN=CN=wps admin,O=ACME
- Create a Directory Assistance database on the Domino mail server and configure with portal LDAP
For more information on configuring Directory Assistance, see the Lotus Domino Administrator Help on the developerWorks Lotus Domino Documentation page.
- Populate the field...
Attribute to be used as Notes Distinguished Name
...with the attribute you used (NotesDN in the example above).
- Configure the Domino mail server to use the Directory Assistance database.
Parent topic:
Use LTPA keys to configure single sign-on
Related information
Lotus Domino Documentation