Implementing single-signon with Notes/WinNT

Posted on 1998-11-30
Last Modified: 2013-12-18
Our users currently have independant Notes accounts (a separate username/password for Notes, in addition to their Windows Networking accounts).  We'd like to implement single-signon, so that Notes accepts its authentication from NT.  Has anyone done this?  (Notes server OS is Win NT 4.0, clients are 95 and NT now, will be all NT in near future.  Notes 4.0 server, 4.5 and 4.6 clients.)

It seems that Lotus would favor account creation through Notes (which would automatically create the Network account).  This is probably acceptable for new accounts, but how would we migrate existing users to connect the existing independant accounts?

We're interested in 'Been there, done that - and watch out for THIS' info.  TIA
Question by:frankr
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 2

Author Comment

ID: 1117688
Edited text of question

Expert Comment

ID: 1117689
I have implemented this on about 4 different domains it works well, but I have never found any tool that would syncronize everything for you. If there was such a tool then getting all authentication in one place would be mute because you could just automate the syncronization.

The most succesful way to implement this is to create and manage your accounts through notes. This is good because you have better control over who does what.

What should happen is when you get everything up and running and you choose to use Notes to create and edit accounts then Notes will create any NT accounts which are missing from NT but exist in the Name and Address book.

Author Comment

ID: 1117690
For the time being, I'm rejecting without prejudice.  If a better answer isn't forthcoming, I'll ask for a repost and accept it.  The following isn't a critique of the answer as much as it is a refinement of the question (and in many ways a critique of Lotus approach to the problem).

The daunting part of this is that we're looking for a way around the need to re-create all the NT (and Notes?) accounts.  That's not a trivial task.  The root of the problem lies in the Lotus approach to establishing the association between the accounts (i.e. at account creation time).  The events involved here (account creation, account association, and authentication) are very distinct, and SHOULDN'T be indivisible.

The Notes paradigm for this operation is poor, particularly in existing production environments.  We also use Oracle, and I've implemented this environment without having to re-create all my NT accounts.  We already had NT accounts for our users before we installed Notes (it's just another application, after all, not the OS).  Creating a Notes account and an NT account in a single operation should be an OPTION available to me, not a requirement.
[Live Webinar] The Cloud Skills Gap

As Cloud technologies come of age, business leaders grapple with the impact it has on their team's skills and the gap associated with the use of a cloud platform.

Join experts from 451 Research and Concerto Cloud Services on July 27th where we will examine fact and fiction.


Accepted Solution

lawrencekoo earned 200 total points
ID: 1117691
You need to reinstall your Notes server by selecting custom installation and install the authentication support with NT (everything else preserved).  After this, whenever you goto the user manager of NT, you would get a new menu item called Lotus Notes which allowed you to create a corrsponding account for the user in Notes and vice versa.

Author Comment

ID: 1117692
Thanks, Lawrence.  Is this still an answer of the variety "you can't establish a relationship between pre-existing NT and Notes  accounts, you have to create one or the other"?  That's the impression I get from your answer, am I correct?

Expert Comment

ID: 1117693
Yes you are correct, you can't connect existing users of NT and Notes together, you have to either create'em from user manager or Notes, afterwards you can even synchronize the password.

Author Comment

ID: 1117694
I was afraid there wasn't a good answer to this question (at least the one I was looking for).

Thanks for responding.

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

You’ve got a lotus Domino web server, and you have been told that “leverage browser caching” is a must do. This means that we have to tell the browser everywhere in the web to use cache. In other words, we set (and send) an expiration date in the HT…
Article by: Rob
Notes 8.5 Archiving Steps and Tips This article covers setting up a Notes archive, and helps understand some of the menu choices making setting up and maintaining a Notes archive file easier.
In this video, viewers are given an introduction to using the Windows 10 Snipping Tool, how to quickly locate it when it's needed and also how make it always available with a single click of a mouse button, by pinning it to the Desktop Task Bar. Int…
Monitoring a network: why having a policy is the best policy? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the enormous benefits of having a policy-based approach when monitoring medium and large networks. Software utilized in this v…

635 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question