LTPA in an IBM Domino/iNotes/Traveler server environment

If you use HTTP access services in an IBM® Domino® or iNotes® environment, there are several notes to review about integration.

To use HTTP access services in an IBM Domino, iNotes, or Notes® Traveler environment:
  • Use a RADIUS/SecureID or LDAP-bind authentication profile.
  • Set the LTPA token realm or domain to a domain common to the external address of the IBM SafeLinx server and the internal address of the Domino server.
  • For LDAP-bind authentication profiles, specify the LDAP user attribute to query in the LTPA token user identification field. Typically, the value of this field is set to distinguished name, but the values you use depends on your environment.
  • Select Enable SSO. Next, set the SSO domain to the fully qualified external address of the IBM SafeLinx server. Optionally, to require the use of secure SSO connections, select Enable SSO over SSL connections only.
  • Export the key to a key file and import this key file on the Domino server. You can use a key that you generate from SafeLinx, or import a key from another source, for example from WebSphere® Application Server.