Configuration Guides › Directory Configuration Guide › Domino 6.5 Directory Server › How to Configure a Domino User Directory as a User Store › Configure a Connection from the Policy Server to a Domino User Store

Configure a Connection from the Policy Server to a Domino User Store

To configure a connection from the Policy Server to a Domino user store, create a new User Directory object.

To configure a connection from the Policy Server to a Domino 6.5 user store

1. Click Infrastructure, Directory.
2. Click User Directory, Create User Directory.

   The Create User Directory pane opens.

   Note: You can specify user directory properties on this pane. For more information on the fields, settings, and options, click Help.

3. Type the name and a description of the new User Directory object in the fields on the General group box.
4. Verify that LDAP is selected from the Namespace list, and type the IP address and port number in the Server field on the Directory Setup group box.

   Note: If the Policy Server is operating in FIPS mode and the directory connection is to use a secure SSL connection when communicating with the Policy Server, the certificates used by the Policy Server and the directory store must be FIPS compliant.

5. Select the Require Credentials check box, and type the full DN and password of the administrator in the fields on the Administrator Credentials group box.
6. Type the root node and search parameters in the fields on the LDAP Search group box.

   Note: The value that you type in the Root field must match the organization name and country that you specified in Lotus Notes.

   Example: If the organization name is "myorg" and the country is the United States, then you must type o=myorg,c=us in the Root field.

7. Type a beginning text string and an ending text string in the fields on the LDAP User DN Lookup group box.

   Note: The beginning text string, username, and ending text string are combined to create the string that is used for searching the User Directory tree. You must specify the text strings using proper LDAP notation, not the Lotus Notes shorthand.

8. (Optional) Complete the fields on the User Attributes group box.
   1. Type the Universal ID in the Universal ID field.

      Attribute type: string

   2. Type the flag that tracks disabled users in the Disabled Flag field.

      Attribute type: string

   3. Type the location of user passwords in the Password field.

      Attribute type: binary

   4. Type the location where user password history is stored in the Password Data field.

      Attribute type: binary

      Note: This attribute is required by Password Services.

   5. Type the user's anonymous ID in the Anonymous ID field.

      Attribute type: string

   6. Leave the Email field blank.

      Note: The email feature is not implemented in the current version of SOA Security Manager.

   7. Type a response in the Challenge/Response field.

      Attribute type: string

      Note: This string is sent to the user after each challenge.

9. (Optional) Click Create on the Attribute Mapping List group box.

   The Create Attribute Mapping pane opens.

   Note: For more information about user attribute mapping, see the Policy Server Configuration Guide.

10. Click Submit.

    The Create User Directory task is submitted for processing.