Policy Server Guides › Policy Design Guide › User Directories › Configure User Directory Connections › Configure Domino Directory Connections

Configure Domino Directory Connections

After meeting the prerequisites described in the previous section, you can configure the connections.

Note: When you create or modify a Policy Server object in the Policy Server User Interface, use ASCII characters. Object creation or modification with non-ASCII characters is not supported.

To configure Domino Directory connections

1. Open the User Directory Dialog.
2. In the Directory Setup tab, select LDAP from the Namespace drop-down list.
3. In the Directory Setup tab, enter connection information for your LDAP directory.

   As you enter information in the Directory Setup tab, verify the following:

   • The value in the Root field of the LDAP Search group box matches the organization name you assigned in Lotus Notes. The Root also includes a country if you specified a country in Lotus Notes. For example, if you have an organization called myorg, and it is located in the United states, the Root for this example must be entered as o=myorg,c=us.
   • The values in the Start and End fields of the LDAP User DN Lookup group box form search strings using proper LDAP notation, rather than the shortened notation used in Lotus Notes. For information about search strings see LDAP Search Filters. For information about how the Start and End fields are used by the Policy Server to locate a user in the directory.
4. To configure the directory connection to include multiple servers for failover and load balancing, click the Configure button in the Directory Setup group box.
5. (Optional) In the Credentials and Connection tab, specify administrator credentials that the Policy Server will use to connect to the LDAP directory, and specify whether the connection to the directory will use SSL.

   Note: For Oracle Directory Enterprise Edition (formerly Sun Java System Directory Server Enterprise Edition) servers, we recommend using an administrator account other than cn=Directory Manager. Using cn=Directory Manager may cause performance issues due to security policies applied to this account. Instead, create a new user with sufficient privileges to manage the directory and specify that user in the Connect Username field.

6. (Optional) In the User Attributes tab, specify directory attributes that will be reserved for use by SiteMinder features.

More information:

Navigate to the User Directory Dialog

User Directory Dialog—LDAP Namespace—Directory Setup Tab

User Disambiguation in an LDAP Directory

Load Balancing/Failover Configuration for LDAP Directory Connections

User Directory Dialog—LDAP Namespace—Credentials and Connection Tab

Specify Directory Attributes