Enabling the discovery service for the HCL Connections™ Mail Plug-in
The discovery service enables the HCL Connections™ Mail Plug-in to access HCL Domino® or Microsoft™ Exchange mail services. The discovery service must be configured before running the HCL Connections™ Mail Plug-in.
Before you begin
To configure the discovery service, you need the following information:
- Administrator-level user names and passwords for each LDAP server that you plan to connect to
- Server name information for your LDAP servers and your Exchange domains
- Exchange only: User name and password that is used to authenticate to the Exchange Autodiscovery servers
Procedure
- If you are using only Domino® mail servers, skip to step 3.
- If you are using Exchange mail servers, create a keystore
certificate file. Do the following steps for each Exchange Autodiscovery
server that your Active Directory server recognizes:
- Ask your Exchange administrator for the certificates from the Exchange Autodiscovery servers.
- Open a command prompt, and then enter the following command: keytool -import -file certificatefile.cer -alias server name -keystore name of keystore file.
- Enter a six-character password twice. You need this password again for the configuration of Exchange servers in the socialmail-discovery-config.xml file.
- When asked to trust this certificate, enter Y.
- Add the IP addresses of the Exchange Autodiscovery servers to the hosts file of the WebSphere® Application Server and Connections server.
- In the folder in which you installed the HCL Connections™ Mail Plug-in (specified during step 8 of Installing the HCL Connections™ Mail Plug-in), locate the socialmail-discovery-config-template.xml and the socialmail-discovery-config.xsd file. Copy both files to the following folder: WAS-root/AppServer/profiles/Dmgr01/config/cells/cell-name/LotusConnections-config.
- Rename the copied socialmail-discovery-config-template.xml file to socialmail-discovery-config.xml.
- In the socialmail-discovery-config.xml file,
replace the example information with your information. For each server
configuration in your environment, you must have a ServerConfig tag
with a unique name attribute.
Example:
<ServerConfig name="domino1"> </ServerConfig>
- Within each ServerConfig tag, insert the following tags,
depending on the type of mail server:
- Domino mail servers only:
Table 1. Insert these tags for Domino® mail servers Property Value <ConfigType></ConfigType> Enter DOMINO <DirectoryServer></DirectoryServer> Enter the IP address or fully qualified host name of the Domino® LDAP server that is used to determine the validity of email addresses and to return users’ mail setup data. Example:
9.119.6.07
orserverName.company.com
Note: If Domino® servers are clustered, then the load-balancer or dispatcher that is used with Domino® must be configured to support LDAP look-up.Optional: <port></port> To specify a port for the URL specified in the DirectoryServer tag, enter the port number. The protocol for this port must match the protocol used to access Connections.
<DirectoryUser></DirectoryUser> Enter the name of a Domino® user that has full read access to the LDAP service. Note: Enter only the username. For example, do not include "cn=" or "domain/".<DirectoryPW></DirectoryPW> Enter the password for the Domino® user specified in the DirectoryUser tag. Optional: <FixedServer></FixedServer> To specify a mail server that might not be the user’s primary server, enter the IP address or fully qualified host name. Example:
9.119.6.08
orhttps://serverName.company.com
If this server includes a non-default port, the protocol must match the protocol used to access Connections.
Example:
9.119.6.08
orhttps://serverName.company.com:843
<MailPattern type=" "/> For each domain of email addresses that use this server configuration, enter a <MailPattern type=" " /> containing the domain. The domain is the portion of the email address that follows the at (@) symbol. Example:
<MailPattern type="example.com"/>
Optional: <SecureLDAP></SecureLDAP> Only used in combination with the Domino mail servers. SecureLDAP configures the discovery service to use TLS for service communication.
Enter true
Example:
<SecureLDAP>true</SecureLDAP>
Example, including the optional SecureLDAP property:
<ServerConfig name="domino-config"> <ConfigType>DOMINO</ConfigType> <DirectoryServer>domino.example.com</DirectoryServer> <DirectoryUser>username</DirectoryUser> <DirectoryPW>password</DirectoryPW> <port>636</port> <SecureLDAP>true</SecureLDAP> <MailPattern type="example.com"/> </ServerConfig>
Table 2. Insert these tags for Domino® mail servers that use iNotes® redirector for mail Property Value <ConfigType></ConfigType> Enter REDIRECT <RedirectURL></RedirectURL> Enter the URL to an iNotes® redirection application. The URL must include the redirect database name, unless the redirect database is set as the Home URL for the server.
Example:
http://domino22.example.com/dwaredir.nsf
orhttp://domino22.example.com
If this URL includes a non-default port, the protocol must match the protocol used to access Connections.
Example:
http://domino22.example.com:843
<MailPattern type=" "/> For each domain of email addresses that use this server configuration, enter a <MailPattern type=" " /> containing the domain. The domain is the portion of the email address that follows the at (@) symbol. Example:
<MailPattern type="example.com"/>
Example:
<ServerConfig name="domino-redirect"> <ConfigType>REDIRECT</ConfigType> <RedirectURL>http://domino22.example.com</RedirectURL> <MailPattern type="example.com" /> <MailPattern type="example2.com" /> </ServerConfig>
- Exchange mail servers only:
Table 3. Insert these tags for Microsoft™ Exchange mail servers Property Value <ConfigType></ConfigType> Enter EXCHANGE. <DirectoryServer></DirectoryServer> Enter the IP address or fully qualified host name of the Active Directory LDAP server that is used to determine the validity of email addresses and to return users’ mail setup data. Example:
9.119.6.77
orservername.example.com
<DirectoryServerDomain></DirectoryServerDomain> Enter the domain for access to the Active Directory Server. <DirectoryUser></DirectoryUser> Enter the name of an Exchange user that has read access to the Active Directory. Note: Enter only the username. For example, do not include "cn=" or "domain/".<DirectoryPW></DirectoryPW> Enter the password for the Exchange user specified in the DirectoryUser tag. <CertificateFile></CertificateFile> Enter the file path and file name to the keystore file that was created in step 2. <CertificateFilePW></CertificateFilePW> Enter the six-character password that was created in step 2. <ADDomainUser></ADDomainUser> Enter the domain qualifier and user name used to authenticate to the Autodiscovery servers. Example:
SMDEV2010\Administrator
<ADDomainPW></ADDomainPW> Enter the password used to authenticate to the Autodiscovery servers. <MailPattern type=" "/> For each domain of email addresses that use this server configuration, enter a <MailPattern type=" " /> containing the domain. The domain is the portion of the email address that follows the at (@) symbol. Example:
<MailPattern type="example.com"/>
Example:
<ServerConfig name="exampleexchangeconfig"> <ConfigType>EXCHANGE</ConfigType> <DirectoryServer>exchange.example.com</DirectoryServer> <DirectoryUser>username</DirectoryUser> <DirectoryPW>adminExpw</DirectoryPW> <DirectoryServerDomain>exchange.example.com</DirectoryServerDomain> <CertificateFile>c:\example\exchangecertificate</CertificateFile> <CertificateFilePW>exampleCellManager01/certificateFileAuth</CertificateFilePW> <MailPattern type="example.com"/> <MailPattern type="example2.com"/> </ServerConfig>
- Domino mail servers only:
- To encrypt user names and passwords
in the socialmail-discovery-config.xml file,
follow these steps:
- Delete examples from the xml file that do not apply to your environment.
- Save and close the socialmail-discovery-config.xml file.
- Synchronize the changes from the deployment manager to the nodes. Complete the steps in the following topic: Applying common configuration property changes
What to do next
To test the discovery service, log in to Connections, and then enter the following URL into your browser, where test-user-email is a user’s email address: http://yourserver/connections/resources/discovery/DiscoveryServlet?email=test-user-email
You should receive a response like the following example:
<SocialMailDiscovery>
<ConfigType>DOMINO</ConfigType>
<server>domino-mail.example.com</server>
<mailfile>mail/user-email.nsf</mailfile>
<fullapp>http://dominomail.example.com/mail/testuser.nsf</fullapp>
</SocialMailDiscovery>
.
.
.
</ConnectionsServices>
</SocialMailDiscovery>