I am trying to create an account setting in a users PAB to an ldap server. I can create the account in policy however, it does not allow setting the username and password that will be required, or the base DN for that fact. Is there a way to create this so it can be pushed to all users (300+) without going to each machine.
I find directory assistance is not suitable as it does not allow the view of an address book/list.
Thank You,
Subject: Username and Password for LDAP account, POLICY
Hi Adrian,
Well I saw your post and inquired within my team, and one of my colleagues on the Administration team responded to me. The verdict… not so good. Here’s her response:
Josh, the very nature of policies is to push down settings that apply to a large group (the entire company or some subset thereof). Given that, there is no way for policies to push down individual user names & passwords.
These are the only fields that can be pushed down to create new Account docs in the users local names.nsf:
All other fields need to be populated some other way.
Now the fact that you can’t push down a username and password may not be such a bad thing. You first have to ask yourself the question, do you really want some type of administrator name and password exposed on every single Notes client with an LDAP connection doc? There’s no way of both hiding the password so the user doesn’t see it, but also allow the user’s ID file to unencrypt the password in order to perform an LDAP search.
The fact that you can’t push down values for other field values, such as the search base DN, is an issue that needs to be addressed. I’ll write an enhancement request to include those fields in the policy template. If you wouldn’t mind contacting IBM/Lotus support and raising the issue as well, that’s always helpful. Customers always have more weight put behind their requests than internal requests get. =)
In the meantime, I’ll investigate a work-around and see if I can find a solution for you. Please keep checking back to this thread and I hope to post next week whether I can or can’t give you one.
Thanks!
+Josh Burchard+