Tuesday, November 22, 2005

Domino using Active Directory via Directory Assistance

After a little faffing around I setup Domino 7 to have no users local to its directory (other than a Domino admin account). All usernames that accessed the Domino applications, via http, were held in Active Directory 2003.

It's simple enough to repeat. Just use "Directory Assistance" with...
Domain type "LDAP"
Make this Domain available to...Notes clients and Internet Authentication and LDAP Clients (last bit for another purpose).
Group Authorization = yes
Enabled = yes
The naming context rules I left as wildcard... */*/*/*/*/* yes and yes
On the LDAP tab..
Hostname = fully.qualifiedhostname.com
credentials = CN=testadmin,CN=Users,DC=company,DC=com

Save the document and then edit the ACL of the Domino application you want people to acess. For a test I added a wildcard access in the ACL with the syntax as follows....
*/CN=Users/DC=company/DC=com (with access set to Author).

Nice and easy for any basic Domino administrator

No comments: