LDAP Lookups for Mail Addressing!?!

HCL Domino Domino Forum
1

I’m confused re: LDAP and Directory Assistance. I thought that enabling DA with LDAP (OPenLDAP in this case) would allow users to address using the remote LDAP server? This is possible, right? It is not just for web authentication only?!? Also, any way to salvage existing LDAP passwords when registering new users? It seems that the user registration tool (Domino Admin client) creates a new password or has an issue if the password is hashed (default) in OpenLDAP (or any other LDAP). It seems we are forcing users to accept new passwords… a big deal with 1000s of users. If the user changes password in Notes or DWA, how does it sync with OpenLDAP? We don’t want to require 2 passwords. The only way I know… register users (new passwords in new Notes IDs) then try and sync with OpenLDAP using Tivoli Directory Integrator (or =). Would this work and is it the only option?

2

Subject: LDAP Lookups for Mail Addressing!?!

I’m confused re: LDAP and Directory Assistance. I thought that enabling DA with LDAP (OPenLDAP in this case) would allow users to address using the remote LDAP server? This is possible, right? It is not just for web authentication only?!?

The tables on slides 17 and 18 of ID107: Getting Started With Active Directory Integration describe what is possible with secondary directories when using a Notes client and a web client.

Also, any way to salvage existing LDAP passwords when registering new users? It seems that the user registration tool (Domino Admin client) creates a new password or has an issue if the password is hashed (default) in OpenLDAP (or any other LDAP). It seems we are forcing users to accept new passwords… a big deal with 1000s of users. If the user changes password in Notes or DWA, how does it sync with OpenLDAP? We don’t want to require 2 passwords. The only way I know… register users (new passwords in new Notes IDs) then try and sync with OpenLDAP using Tivoli Directory Integrator (or =). Would this work and is it the only option?

Domino itself has no out of the box solution for synchronizing passwords with an arbitrary LDAP server. The Tivoli Directory Integrator password synchronization plug-ins might help (I’m haven’t used them yet). References to TDI and other directory-related FAQs at “Domino Directory FAQ” (google it)