Any ideas?o Two cross-certified Diamond domains (Domain 1 & Domain 2)
o moved an application from Domain 1 to Domain 2
o Author fields contain only the common name part of an hierachical user
o User with ID file of Domain 1 cannot edit documents, where he is listed within an Author field
What I’ve found out:
Looking in the “Groups and roles” list, only the hierarchical name is listed for DB on Domain 2 server, where as both, the hierarchical AND common name, is listed for DB on Domain 1 server - from which the user ID is originated.
My question: How can I learn the Domain 2 server to list the common name as well?
Subject: You can not. The Common Name for an AuthorNames field only works…
If the Server and the User both share the same Identical Org structure.i.e.
Assuming the Db is on Server1/OrgU1/Org1, the common Name User1 will work as an AuthorName if
User1 is really User1/OrgU1/Org1. If User1 is User1/OrgU2/Org1, he will not be able to edit the document.
Subject: RE: You can not. The Common Name for an AuthorNames field only works…
I was of the same understanding, but in a prior post, it was stated that if the O= Organization is the same, access is granted. In other words, the OU= Organization Units are not required to match.
I don’t know if that’s correct or not, but should be considred.
Subject: Sounds logic to me. But…
Server2 in Domain2 is in production, so the Org2 can’t be cahnged.Is it possible, to create a second O= Organization for that server with the same name as in Domain1 ?
I’m thinking of:
o Creating a new certifyer with the same O= name as in “Org1”
o Recertify the server.id, so it will include both O= names “Org2” & “Org1”
Will it work?
Subject: Why not just use the full Canonical Name in the AuthorNames field?
Subject: Because…
… then I have to change the design of a lot of applications.I know, it’s against the rules to cut the hierarchical part within Author fields, but this rubbish apps are not from me.
Subject: RE: Because…
I think you should just fix the application to use correct author fields using CN=Firstname Lastname/OU1=Unit/O=Org, and convert the malformed author fields with some LS agent. The longer you push this problem into the future, the more expensive it will be to fix it in future.
Subject: … fix an original Notes Template?!!
After some investigations, it turns out, that the application, I mentioned, is a modification of the original “Office Library (R5)” template, changing only the design to corporate standards. Even the original template includes the @NAME([CN];xxx) routines and LotusScript Libraries using “s.CommonUserName” for the Author field.
I’m very disappointed to see, that even Lotus/IBM do not live their rules. 