Set up Domino Directory

 

+
Search Tips   |   Advanced Search

 

1. LDAP user registry
2. Lotus Domino server installation and server setup reference
3. Setting up Domino Directory (Current task)
4. Configuring Domino Directory for non-realm support
5. Configuring Domino Directory for realm support
6. Additional LDAP configuration
7. Verifying LDAP

IBM WebSphere Portal supports IBM Lotus Domino versions 6.x 6.5.x, and 7.0 as an LDAP server.

The Lotus Domino 6.5.4 and later directory includes the intrinsic field dominoUNID that we can use to map to extId as a unique ID attribute for Member Manager. The dominoUNID field provides the highest security for the extId attribute. Using dominoUNID also corrects problems with the Person tag encountered in the Who Is Here portlet when the LDAP directory is read-only.

 

Example of the Domino Directory structure

The following schema is an example for Domino Directory and is referenced throughout the documentation for consistency. The example below is designed to help you determine the appropriate values when configuring WebSphere Portal to work with the specific directory layout. The values shown match the default values for this LDAP. If you have an existing schema that varies from this example, replace the example values with the values. For instance, cn is shown as the group prefix; replace cn with the group prefix for the schema.

LDAP suffix="" user prefix="cn" user suffix="o=yourco.com" group prefix="cn" group suffix="" Portal administrator DN="cn=wpsadmin,o=yourco.com" Portal administrator group="cn=wpsadmins"

IBM recommends that Lotus Domino be used as the LDAP server if no existing directory is in place. Also, if you intend to make use of Lotus Collaborative Services, IBM recommends that you use Lotus Domino as the LDAP server. If you intend to use Lotus Domino as the LDAP server for WebSphere Portal, you should configure Domino Directory in the Domino Administrator client or the Notes client before you install WebSphere Portal.

 

Manage multiple directories

If there is a non-Domino LDAP directory server in place, for example IBM Tivoli Directory Server, you could employ several strategies to integrate the existing directory with Lotus Domino and therefore achieve single sign-on (SSO) and awareness across any Domino Integration or Messaging portlets the organization uses. The Domino Directory Assistance functionality may provide a solution for name mapping across LDAP directories. Even when the organization, as a matter of policy, manages modifications primarily through an existing non-Domino LDAP directory, schema in the non-Domino directory can be customized and then work in concert with Directory Assistance, which can manage the name mapping for Lotus applications.

 

Checklist of tasks for setting up a Domino Directory

1. Collaborative Services and user authentication

   Select one of the following methods:

   • Bind Collaborative Services to LDAP for support of automatic mail detection and server selection lists

   • Set a Domino LDAP server to allow anonymous access

2. Add portal administrators to the Domino Directory

3. Update the Access Control List of the Domino Directory

 

Next steps

You have completed this step. Continue to the next step by clicking one of the following topics:

• Configure Domino Directory for non-realm support

• Configure Domino Directory for realm support

 

---