#dominoforever | Product Ideas Portal

 

Welcome to the #dominoforever Product Ideas Forum! The place where you can submit product ideas and enhancement request. We encourage you to participate by voting on, commenting on, and creating new ideas. All new ideas will be evaluated by HCL Product Management & Engineering teams, and the next steps will be communicated. While not all submitted ideas will be executed upon, community feedback will play a key role in influencing which ideas are and when they will be implemented.

For more information and upcoming events around #dominoforever, please visit our Destination Domino Page

Active Directory integration

In a test environment I have integrated the active direcotry to give AD user access to a web application.

I did following tests to give AD users the access:

  • AD User in DB ACL -> user has access
  • AD Group in DB ACL -> members of the group has access
  • Notes Group includes AD Users in DB ACL -> user has access
  • Notes Group includes AD Group in DB ACL -> members of the group has no access

I did a cross check with the "effective access" function.

  • Notes group with AD Users in DB ACL - for one user all memberOf entries incl. the Notes group are shown
  • Notes Group with AD Group in DB ACL - for one user all memberOf entries and AD groups are shown. But not the Notes group.

I can reproduce this behaviour in 9.0.1FP9iFix2 and 10.0.1FP2

For a easier access administration I would like to use AD groups in Notes Groups, too.

Martin Vogel, sirius-net GmbH

  • Avatar32.5fb70cce7410889e661286fd7f1897de Guest
  • Sep 20 2019
  • Shipped
  • Attach files
  • Admin
    Thomas Hampel commented
    7 Jan 06:58am

    Using AD objects in ACL's directly has a performance impact. You'll have to use the Notes username instead. Please use the DirSync feature of Domino V11 to get this done.