+

Search Tips   |   Advanced Search

Deployment procedure without a dedicated agent signer

In the versions prior to Security Directory Integrator 7.1, signer account is not available. Instead, you must provide the Sign or run unrestricted methods and operations privilege to the IDIPWSync group.

To minimize the scope of required privileges in the SDI V 7.1, the deployment procedure is modified to assign a dedicated signer account. Dedicated signer can sign the agents of the Password Synchronizer. The pre- V 7.1 deployment procedure did not have such signer account. The pre- V 7.1 deployment procedure is still supported. You must make the following modification to the Deployment on a single Domino Server deployment procedure:

  1. Skip Step 5, the step for signing the agents.
  2. Skip the task of adding the signer account to the IDIPWSync group in Step 13.
  3. After Step 13, run the following steps:Note: In a multi-server topology, apply these steps on all the servers, where you deploy the Password Synchronizer.

    1. From the Domino Administrator, click the Files tab.
    2. In the Run unrestricted methods and operations field, add the IDIPWSync group.
    3. Click Save & Close.


Parent topic:

Domino HTTP Password Synchronizer