This forum is closed to new posts and responses. Individual names altered for privacy purposes. The information contained in this website is provided for informational purposes only and should not be construed as a forum for customer support requests. Any customer support requests should be directed to the official HCL customer support channels below:

HCL Software Customer Support Portal for U.S. Federal Government clients
HCL Software Customer Support Portal


~Yentl Deswezenader
Jun 15, 2016, 5:58 PM
5 Posts

dominoUNID field in names.nsf

  • Category: Contacts
  • Platform: Linux
  • Release: 9.0.1
  • Role: Administrator
  • Tags:
  • Replies: 3

We are trying to get LDAP working (for our Connections deployment) and we are receiving the error: 

CWWIM548E: The LDAP attribute used as an external identifier 'dominounid' has a null value entry for xxxx/O=xxxx

When I look at each Person document in names.nsf, dominoUNID does not appear as a field.  Everything that I have read indicates that this field was part of Domino from Domino 7 forward.  Our names.nsf database is at the current version.  I have reloaded the LDAP schema by using the tell ldap reloadschema command.  I have added dominounid attribute in the domain Configuration Settings document.  We are still not able to connect.  My question is, Can anyone provide instructions on how we get the dominounid field to appear and get it populated for each Person document in names.nsf?


Thank you.

 

 

Anita

~Tanita Nonfreeski
Jun 21, 2016, 2:59 PM
9 Posts
LDAP Browser

When I work with Domino LDAP, I always use Softerra LDAP Browser free tool. This way you can see all the fields Domino LDAP provides. http://www.ldapadministrator.com/download.htm?download=browser

I have no exprerence with Connections but I used to work with Sametime and QuickPlace which also utilized Domino LDAP. 

With that said, maybe you can modify the configuration in Connections LDAP connection filters to use an existing field such as UID. Just a thought.

~Manny Nontumilitader
Jun 23, 2016, 6:46 AM
34 Posts
ldapsearch

Hi,

i checked in my environment (Domino 9.0, Connections 5.5).

With Softerra LDAPBrowser i can't see the dominoUNID (logged in with a bind user), but when i check with ldapsearch i get:

ldapsearch -x -h ns1.panastoeps.local -D "CN=LDAP Bind,ou=internal,o=example" -w "password" -b "o=example" dominoUNID
# extended LDIF
#
# LDAPv3
# base <o=example> with scope subtree
# filter: (objectclass=*)
# requesting: dominoUNID
#

# example
dn: O=example
dominounid: D518BBB566C7E3B3C1257E7C0038A1B6

# First Admin, example
dn: CN=First Admin,O=example
dominounid: 355CC60935C89D40C1257E7C0038A307

...

I would always use a connection with a user/password and no anonymous bind! (Configuration document only changes fields for anonymous bind).

What's your ldap configuration? Special tuning like timeouts or min search characters set?

How is your names.nsf ACL configured? Max Internet Access? Do you use XACL?

Regards

Christoph

~Vera Zekfoogengon
Jun 29, 2016, 1:22 AM
196 Posts
How to get the value of dominoUNID to be displayed

dominoUNID is an example of a field that is not displayed when you do a LDAP search such as a ldapsearch -h acme.com "cn=Jane Doe" * type of query.  Although it would seem that * would display all fields, it does not. * displays a subset of the available fields. Instead, you need to specify that the value of the dominoUNID field should be displayed when returning the results. In our example, this would be ldapsearch -h acme.com "cn=Jane Doe" dominoUNID . Similarly, createTimestamp, modifyTimestamp,and modifiersName are attributes whose values can only be displayed by specifying them at the time of your search.

There is a useful technote on this:

http://www-01.ibm.com/support/docview.wss?uid=swg21674921


This forum is closed to new posts and responses. Individual names altered for privacy purposes. The information contained in this website is provided for informational purposes only and should not be construed as a forum for customer support requests. Any customer support requests should be directed to the official HCL customer support channels below:

HCL Software Customer Support Portal for U.S. Federal Government clients
HCL Software Customer Support Portal