HCL Domino Ideas Portal

Welcome to the #dominoforever Product Ideas Forum! The place where you can submit product ideas and enhancement request. We encourage you to participate by voting on, commenting on, and creating new ideas. All new ideas will be evaluated by HCL Product Management & Engineering teams, and the next steps will be communicated. While not all submitted ideas will be executed upon, community feedback will play a key role in influencing which ideas are and when they will be implemented.

For more information and upcoming events around #dominoforever, please visit our Destination Domino Page

Add a new idea Subscribe
Status Needs Review
Workspace Domino
Categories Security
Created by Guest
Created on Jan 22, 2025

RELATED IDEAS

HCL Domino does not support using email addresses in groups

While switching the Authentication provider to Microsoft Entra using OIDC. The user identities returned from Entra are in email address format. It seems that email addresses added to group memberships are not being used for authorization to applications. It this is because the view $ServerAccess in the NAB removes any members that contain ‘@’.

Currently, Domino, in its traditional design, does not directly support using email addresses as members of groups for access control purposes. It relies on canonical Domino names (e.g., CN=John Doe/O=Organization) or short names. Domino's group membership and access control mechanisms were designed long before email addresses became the ubiquitous identifier they are today. The internal structures and views like $ServerAccess are optimized for Domino names, which have a hierarchical structure.

The idea is to use the email address format in such purpose.

  • Attach files
Copyright © 2023 HCL Technologies Limited