This forum is closed to new posts and responses. Individual names altered for privacy purposes. The information contained in this website is provided for informational purposes only and should not be construed as a forum for customer support requests. Any customer support requests should be directed to the official HCL customer support channels below:

HCL Software Customer Support Portal for U.S. Federal Government clients
HCL Software Customer Support Portal


~Yentl Nimnitherakol
May 17, 2017, 2:24 AM
9 Posts

Rollout of Authentication for Web users with AD

  • Category: Security
  • Platform: Windows
  • Release: 9.0.1
  • Role: Administrator
  • Tags: Directory Assistance,AD,LDAP
  • Replies: 2

Hi gang,

 

I am working on configuring and environment for web users, including travelers, to authenticate with their AD Password, instead of Their Domino Internet Password.

 

This environment has over 7,000 users, so a rollout without a pilot is not an option.  I have setup Directory Assistance to point to an OU within AD.  I can update the person doc as needed and the once I remove the Intranet password, the user authenticates with AD. 

 

Most users, who still have an Intranet password, still authenticate with their Domino Password.  However there were 2 users in this OU, who could not authenticate with their Internet Password, even though their person doc was not changed.

I had always thought it would authenticate at the first match it finds and if the internet password is blank, then use Directory Assistance to check other the other directories.

Any thoughts?

TIA,

Walt

 

~Yentl Nimnitherakol
Jul 10, 2017, 3:03 PM
9 Posts
RE: Rollout of Authentication for Web users with AD

Bumping this to the top, any thoughts?

Thanks,

Walt

~Denise Zenjipypuletsi
Oct 13, 2017, 5:02 AM
1 Posts
Rollout of Authentication for Web users with AD

Walt

We used Directory Assistance for our Traveler & Inotes users. Both our Traveler & Inotes Servers are in a different Domino Domain so the servers have an empty address book apart from the usual connections and admin users. You will need to create 2 documents one for Notes lookups, and the other for Active Directory Authentication. For AD Authentication you need to make sure that the mail field in AD is the same as the Notes Users Internet address as you will need to map that field as the attribute to be used as the Notes Distinguished Name, and check the  enabled name mapping box

https://www.ibm.com/support/knowledgecenter/en/SSKTMJ_8.5.3/com.ibm.help.domino.admin85.doc/H_PLANNING_TO_USE_DIRECTORY_ASSISTANCE_FOR_INTERNET_CLIENT_AUTHENTICATION_STEPS.html


This forum is closed to new posts and responses. Individual names altered for privacy purposes. The information contained in this website is provided for informational purposes only and should not be construed as a forum for customer support requests. Any customer support requests should be directed to the official HCL customer support channels below:

HCL Software Customer Support Portal for U.S. Federal Government clients
HCL Software Customer Support Portal