Skip to Main Content
HCL Domino Ideas Portal

Welcome to the #dominoforever Product Ideas Forum! The place where you can submit product ideas and enhancement request. We encourage you to participate by voting on, commenting on, and creating new ideas. All new ideas will be evaluated by HCL Product Management & Engineering teams, and the next steps will be communicated. While not all submitted ideas will be executed upon, community feedback will play a key role in influencing which ideas are and when they will be implemented.

For more information and upcoming events around #dominoforever, please visit our Destination Domino Page

Status Assessment
Workspace Domino
Categories Administration
Created by Guest
Created on Dec 24, 2021

Configure Domino Directory Assistance LDAP in a way that it will allow IMAP/SMTP users to authenticate the same way as for HTTP.

Domino IMAP/SMTP users cannot authenticate using the Directory Assistance configuration using LDAP to the Central Cloud Directory(for example IBM).

Business and security requirement is that all users need to use only one set of credentials to authenticate to all Cloud services (SSO).

Users are authenticating against a shared Central Cloud Directory. It worked for HTTP without adding any attribute but does not work for IMAP/SMTP.

Looking forward to using SSO for IMAP/POP3 clients without adding any attribute like mailfile, homemail server to LDAP.

  • Attach files
  • Guest
    Reply
    |
    Jan 24, 2022

    @Thomas, thank you for the reply. But that is a workaround, not a solution. It should work out of the box just like for HTTP. This requires extra work and something like TDI to sync data between Domino and LDAP.

  • Admin
    Thomas Hampel
    Reply
    |
    Jan 22, 2022

    This can be done by configuring a "name mapping" between Domino and your LDAP.

    Key element is to define an attribute in LDAP which contains the Notes name of the user. Here in this example the LDAP field is called NotesDN. The value of this field is the fully canonical Notes user name but "/" replaced with"," . e.g.:
    CN=Paul Test,OU=Country,O=Org

    https://blog.thomashampel.com/blog/tomcat2000.nsf/dx/moving-from-passwords-to-singlesignon-part-1.htm

    If there is no such field in LDAP and you can not add this attribute at all, then Domino will need to be enhanced with a function to use a different attribute instead.