Home
Configuring
Use this information to configure your network, users, servers (including Web servers), directory services, security, messaging, widgets and live text, and server clusters.
Configuring users and servers
Topics in this section describe how to set up users and servers.
Configuring directory services
This section describes how to plan, set up, and use HCL Domino® directory services.
Directory Sync
Directory Sync allows you to sync people and group data from an external LDAP directory into the Domino® directory. Currently data from Active Directory can be synced.

Configuring
Use this information to configure your network, users, servers (including Web servers), directory services, security, messaging, widgets and live text, and server clusters.
- Configuring a network
  This section presents the planning concepts and setup procedures necessary for a successful HCL Domino® deployment over a network. It provides information on network protocols from a Domino perspective but does not attempt to provide general network information.
- Configuring users and servers
  Topics in this section describe how to set up users and servers.
  - Understanding the Server document
    The Server document is set up when you register a server. It contains many of the settings that define how your server operates.
  - Policies
    Use Domino® policy settings to control how users work with Notes®. A policy is a document that identifies a collection of individual policy settings. Policy settings documents define a set of defaults that apply to the users and groups to which the policy is assigned. You can change policy settings and they will be automatically applied to the assigned users and groups.
  - Defining default settings for Notes® user registration
    Before you register new Notes® users, you can specify default settings that apply to all users. Default settings simplify user registration and ensure user settings consistency. You can define many default settings, such as what mail server users have or what certifier ID to use for user registration. You can also specify a default workstation execution control list (ECL) to protect data from unauthorized workstation access.
  - Using groups
    Groups are lists of users, groups, and servers that have common traits. They are useful for mailing lists and access control lists. Using groups can simplify administration tasks.
  - Replicas
    You can make a database available to users in different locations, on different networks, or in different time zones, by creating replicas of the database.
  - Calendars and scheduling
    The calendar and scheduling features allow users to check the free time of other users, schedule meetings with them, and reserve resources, such as conference rooms and equipment.
  - Editing the notes.ini file
    The Domino and Notes notes.ini files contain the settings required for the server and client to operate correctly. If you modify or add settings in a notes.ini file, do so cautiously and never edit the file directly with a text editor.
  - Configuring directory services
    This section describes how to plan, set up, and use HCL Domino® directory services.
    - The Domino® Directory
      The Domino® Directory, which some previous releases referred to as the Public Address Book or Name and Address Book, is a database that Domino creates automatically on every server. The Domino Directory is a directory of information about users, servers, and groups, as well as custom entries you may add. Registering users and servers in a domain automatically creates corresponding Person documents and Server documents in the Domino Directory for the domain. These documents contain detailed information about each user and server.
    - The LDAP service
      Lightweight Directory Access Protocol (LDAP) is a standard Internet protocol for searching and managing entries in a directory, where an entry has one or more attributes associated with a distinguished name. A distinguished name -- for example, cn=Phyllis Spera,ou=Sales,ou=East,o=Renovations -- is a name that identifies an entry within a directory tree.
    - LDAP schema
      A directory entry contains information about a particular entity, or object -- for example, a person or a group -- and is associated with a distinguished name. An LDAP schema is a set of rules that define what can be stored as entries in an LDAP directory. Each LDAP directory has a default schema, which organizations can customize, or "extend," by adding elements to it. The elements of a schema are attributes, syntaxes, and object classes. LDAP directory servers provide the ability to enforce the schema to ensure that directory changes made using LDAP operations conform to it.
    - ldapsearch utility
      Domino® and Notes® provide a command-line search utility, LDAPSEARCH.EXE, that you use to search entries in any LDAP directory. The ldapsearch utility connects to a directory server and returns results that match search criteria you specify. It is available on Domino server and Notes client platforms.
    - Directory assistance
      Directory assistance allows a server to look up information in a directory other than a local primary Domino® Directory (NAMES.NSF).
    - Directory Sync
      Directory Sync allows you to sync people and group data from an external LDAP directory into the Domino® directory. Currently data from Active Directory can be synced.
      - Configuring Directory Sync
        Complete the following steps to configure Directory Sync.
      - Creating a Directory Assistance document enabled for Directory Sync
        The first step to configure Directory Sync is creating a Directory Sync-enabled Directory Assistance document in the directory assistance database.
      - Creating a Directory Sync Configuration document
        After you create a Directory Assistance document that is enabled for Directory Sync, create a Directory Sync Configuration document in the Domino® directory. You use this document to select Directory Sync configuration options and then to enable Directory Sync.
      - Active Directory password synchronization
        WARNING: This feature impacts your Active Directory domain controller configuration; proceed only with a working backup of your domain controller. See further details in this topic.
      - Renaming Domino® users when their names change in Active Directory
        When you use Directory Sync and the common name of a registered Domino® user changes in Active Directory, follow this procedure to change the name in the Domino directory Person document, too.
      - Registering Active Directory users in Domino®
        When you use Directory Sync, you can register Active Directory users in Domino® to create mail files and Notes® IDs for them.
      - Deleting users and groups
        When users or groups are deleted in Active Directory, they are also deleted in the Domino® directory when a full resync is done. One exception is that Active Directory users who are registered in Domino through user registration are not deleted from Domino.
      - Changing the Directory Sync configuration
        To change the Directory Sync configuration, disable Directory Sync, edit the Directory Sync Configuration document, and then enable Directory Sync again.
      - Resyncing all data
        You can resync all of the Active Directory data.
      - Monitoring Directory Sync
        Use the following methods to monitor Directory Sync, in addition to monitoring the output of Directory Sync (Dirsync) at the server console and in log.nsf.
    - Directory catalogs
      A directory catalog is an optional directory database that typically contains information aggregated from multiple Domino® directories. Clients and servers can use a directory catalog to look up mail addresses and other information about the people, groups, mail-in databases, and resources throughout an organization, regardless of the number of Domino domains and Domino Directories the organization uses.
    - Extended ACL
      An extended access control list (ACL) is an optional directory access-control feature available for a directory created from the PUBNAMES.NTF template -- a Domino® Directory or an extended directory catalog. An extended ACL is tied to the database ACL, and you access it through the Access Control List dialog box using a Notes® or Domino Administrator client.
    - Setting up Domino® Active Directory synchronization (Deprecated)
      When the Domino® server is installed on a Microsoft™ Windows™ 2003 server, as an administrator, you typically need to maintain two separate directories for the same set of people and groups. Maintaining user and group information involves adding entries to both directories, deleting entries, ensuring that passwords are the same when users use Notes® Single Logon, coordinating group membership in both directories, and ensuring that user or group settings, such as email addresses and telephone numbers, are identical.
  - Configuring messaging
    This section provides an overview of messaging and describes how to set up mail routing, how to set up and customize mail servers, and how to track mail.
  - Configuring iNotes®
    HCL iNotes® provides HCL Notes® users with browser-based access to Notes mail and to Notes calendar and scheduling features. Administrators specify mail policy and security policy settings as well as notes.ini file settings to complete the full implementation of HCL iNotes.
  - Configuring Web servers
    This section describes how to set up the HCL Domino® Web server, and the Domino Web Navigator.
  - Setting up a cluster
    Setting up a cluster includes the tasks of creating and verifying that it is working correctly, and then setting up user access, mail, replications, size quotas, directory assistance, roaming, web navigation, and use of a private LAN in the cluster.
  - Configuring Widgets and Live Text
    Widgets and Live Text enables end users to see and act on Live Text in supported documents, including HCL Notes® mail, using XML extensions (widgets) created specifically for their use.
  - Domain Search
    Notes® client and Web users can use Domain Search to search an entire Domino® domain for database documents, files, and attachments that match a search query.

Directory Sync

Directory Sync allows you to sync people and group data from an external LDAP directory into the Domino® directory. Currently data from Active Directory can be synced.

Directory Sync makes it easy for your HCL Domino® users to address mail to and see details about users in your organization who do not use Notes® such as Microsoft™ Outlook users registered in Active Directory. With this feature, Active Directory users automatically have Person documents in the Domino® directory so that Notes® users can find their addresses and other information. Without Dirsync, Notes® users must know the addresses of the Active Directory users before they can send mail to them, unless Person documents are added for them manually.

A task called Dirsync synchronizes fields that you specify from Active Directory to the Domino® directory. The content of the fields is always controlled through Active Directory.

A hidden GUID field in a Domino® directory Person document links it to a unique record in Active Directory.

Directory Sync includes the following components:

LDAP directory assistance document created in a directory assistance database that is enabled for Directory Sync. A Domino® server uses this document to connect to the Active Directory server for syncing.
Directory Sync Configuration document created in the Directory Sync view of the Domino® directory. This document controls which Active Directory fields to sync to Domino® as well as other options.
A server task, Dirsync, that runs only on the Domino® administration server, that connects to the Active Directory server regularly to pull person and group changes into the Domino® directory.
The ability to register Active Directory users in Domino®.
The ability for administrators to rename registered Domino® users when their names change in Active Directory. When a user's common name in Active Directory changes, an administration process request, Rename Common Name is created. Administrators approve the request to initiate a standard administration process rename request.

Note: Only Active Directory users with distinguished names that contain 256 or fewer characters can be synced.

Note: This feature replaces the older Active Directory Synchronization feature, which is now deprecated. The new Directory Sync feature is a simpler, more effective synchronization tool.