Quick course in extId and LDAP with Workplace
Tags :Technical
I have received numerous requests for assistance
with LDAP after my Lotusphere presentation. Well one key item re-appears
time and time again with the requirement for a unique, never changing id
in the schema for Workplace. So here we go, I thought I would share.
*******************
Lotus Workplace requires an immutable ID
in the LDAP directory to map Lotus Workplace member entries to LDAP person
records. When a user first logs in, an id is assigned to the user.
This id is used to retrieve user-specific information, such as the contact
list, and is also used internally for Team Space and Web Conference Access
Control. This id is used by Lotus Workplace as an internal representation
of a user.
Now to take some info straight from a technote:
If the LDAP directory
that you are using with Lotus Workplace already has an attribute whose
value is unique, static, and never reused, you simply map that attribute
to the extId attribute in Lotus Workplace. Most directory servers supported
by Lotus Workplace products 1.1 have such an attribute, with the exception
of Domino and IBM Directory Server 4.1. However, the default Websphere
Member Manager settings for Lotus Workplace must be modified manually during
installation in order to use this attribute for the
Lotus
Domino, Novell, Sun, and
Microsoft Active Directory. If you do not make these changes, some Workplace
features will not operate properly, and you may see any or all of the following
problems:
- Errors when creating Team spaces or Web conferences
- Inability to add members to a Team space or Web conference with restricted access
- Inability to add contacts to the My Contacts lists
- Loss of access to Lotus Workplace data when a user's name changes
If your directory server does not contain a suitable extId attribute, Lotus Workplace can be configured to generate one. This typically requires you to modify your LDAP schema.
So what you see is that there must be: this field in either your existing LDAP schema; you must generate it on the fly; and you might manually configure Workplace to work with certain types of directories. I see this process possibly getting easier in 2.0 or even sooner, but for now this step must be done.
This also has another feature, that when name changes are performed in things like Workplace Messaging, the system can do it 'lazy' in the background since the extId never changes!!!
blog comments powered by Disqus
On Friday, March 12th, 2004 by Chris Miller