HCL Domino Ideas Portal

Welcome to the #dominoforever Product Ideas Forum! The place where you can submit product ideas and enhancement request. We encourage you to participate by voting on, commenting on, and creating new ideas. All new ideas will be evaluated by HCL Product Management & Engineering teams, and the next steps will be communicated. While not all submitted ideas will be executed upon, community feedback will play a key role in influencing which ideas are and when they will be implemented.

For more information and upcoming events around #dominoforever, please visit our Destination Domino Page

Add a new idea Subscribe
Status Shipped
Workspace Domino
Categories Integration
Created by Guest
Created on Dec 12, 2019

RELATED IDEAS

Active Directory integration using unique Distinguished Name but with Display Name as the name displayed for the user

We have an ISV solution built on XPages that allows authentication with Active Directory (via Directory Assistance) and also has custom name pickers for picking user names and groups from Active Directory. This works great.
Now we have a customer that has their Active Directory set up so that Common Name is a unique identifier for each user (using a 7 character format) where the actual (and more usable) user name is stored in the Display Name attribute of their Active Directory. With our current setup in Directory Assistance the user name when logged on is then the unique (but not user friendly) identifier based on the Distinguished Name which Common Name is part of. Also, picking names from their Active Directory using our custom name picker means that the names displayed are the same unique but not user friendly names.
Currently it is not possible in Domino to integrate with Active Directory so that the unique Distinguished Name (with the Common Name part) is used as the actual identifier of the user while the Display Name is used as the name displayed for the user.

This idea is a request to enhance the capabilities of Domino, Directory Assistance and integration with Active Directory to support the scenario above.
  • Attach files
  • Guest
    Reply
    |     Apr 27, 2020

    Status is now "Shipped" but I do not understand how the above problem can be solved with Dir Sync.

    The specific problem is that Common Name is a unique identifier for each user (using a 7 character format such as 123BEJO) where the actual (and more usable) user name is stored in the Display Name attribute of their Active Directory.

  • Guest
    Reply
    |     Feb 21, 2020

    You can activate DirSync to create the users automatically in Domino Directory. You can configure Domino to authenticate against AD by using cn. You should change your name pickers code to use the information in Domino Directory.

  • Guest
    Reply
    |     Jan 8, 2020

    How can your suggestion solve this specific idea? I have talked to HCL support (case number CS0070625) and they could not solve it and suggested that I created an idea for it

  • Admin
    Thomas Hampel
    Reply
    |     Jan 8, 2020

    You dont have to sync passwords ( and in my opinion you should never sync them) -- you can still authenticate against AD but then do the name mapping based on the Domino Directory person document.

  • Guest
    Reply
    |     Jan 8, 2020

    Unfortunately not because the new Dir Sync feature in 11 does not sync AD passwords (not possible) and we want to integrate directly with AD

  • Admin
    Thomas Hampel
    Reply
    |     Jan 8, 2020
    Cant you leverage the new DirSync function of V11 to resolve your problem?
Copyright © 2023 HCL Technologies Limited