jimmlegs
asked on
How Can I Authenticate Web Access to a Domino Database Against Active Directory
Hi Experts,
My situation is a weird one. My company has a Notes production environment that is working fine and users can authenticate using their Active Directory user accounts and passwords. ADSync is not being used nor has it been installed anywhere and the accounts do seem synchronized, i.e., when a user changed their Windows password it flows over to Notes for authentication (I do not know if it is a real-time sync or if AD is being dumped out to a Domino directory periodically).
A new Notes dev box was built by another engineer (I have absolutely no Notes experience) who then walked out before the project was completed. We have the database on the dev server and it is accessible via the Domino Designer however when trying to access it via a web browser it is using the notes ID file for authentication. I have been spinning my wheels for a month now trying to wrap my head around the Domino server architecture but have had no luck at all.
How can I get the authentication for the web portion of a Domino database to run against an MS Active Directory as opposed to the Notes ID file.
Thank you very much in advance!!!!!
Jimmlegs
My situation is a weird one. My company has a Notes production environment that is working fine and users can authenticate using their Active Directory user accounts and passwords. ADSync is not being used nor has it been installed anywhere and the accounts do seem synchronized, i.e., when a user changed their Windows password it flows over to Notes for authentication (I do not know if it is a real-time sync or if AD is being dumped out to a Domino directory periodically).
A new Notes dev box was built by another engineer (I have absolutely no Notes experience) who then walked out before the project was completed. We have the database on the dev server and it is accessible via the Domino Designer however when trying to access it via a web browser it is using the notes ID file for authentication. I have been spinning my wheels for a month now trying to wrap my head around the Domino server architecture but have had no luck at all.
How can I get the authentication for the web portion of a Domino database to run against an MS Active Directory as opposed to the Notes ID file.
Thank you very much in advance!!!!!
Jimmlegs
They may have used directory assistance which can be configured to use a remote LDAP source such as Active Directory
http://lnweb90.worldbank.org/help/help8_admin.nsf/f4b82fbb75e942a6852566ac0037f284/eb655592461d987a852572fa004e422f?OpenDocument
http://lnweb90.worldbank.org/help/help8_admin.nsf/f4b82fbb75e942a6852566ac0037f284/eb655592461d987a852572fa004e422f?OpenDocument
ASKER
I will review both submissions and update this post. I do not think the ADSync will fly. Management is leery of installing any 3rd parties with AD and from their standpoint if we aren't currently using it in production then we shouldn't need it in development.
Another thing is that it seems to sync specific accounts, for instance, my AD account has never been synced with Notes and I can therefore cannot log on using those credentials however any users that are in there can authenticate with their AD Credentials and when they change their password in Windows it automatically flows to domino.
I will review the above links shortly.
Thanks,
Another thing is that it seems to sync specific accounts, for instance, my AD account has never been synced with Notes and I can therefore cannot log on using those credentials however any users that are in there can authenticate with their AD Credentials and when they change their password in Windows it automatically flows to domino.
I will review the above links shortly.
Thanks,
If your Notes password changes when changing your windows password, you must have 'Single Sign On' activated on the Notes client, so that is normal behaviour.
A couple of things to check:
1. On the server document of the Development Server compare the Security settings to the 'Live' server
2. I suspect that on the 'Live' server your have the field 'Internet Authentication' you have the setting 'More name variations with Less Security'
3. You may also have the option to 'Synch' internet password set on the Notes Client also
A couple of things to check:
1. On the server document of the Development Server compare the Security settings to the 'Live' server
2. I suspect that on the 'Live' server your have the field 'Internet Authentication' you have the setting 'More name variations with Less Security'
3. You may also have the option to 'Synch' internet password set on the Notes Client also
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
This might help a lot:
http://www.ibm.com/developerworks/lotus/library/domino-adsync/index.html