Disabling optimized user searches in an LDAP directory

The Sametime® Community Server uses search optimization to speed up performance for user login and searches across an LDAP directory, allowing the system to handle a high load of searches. When the user authentication login or user search in the directory is an email address, the usual search filter is not used by the Sametime Community Server; instead only the mail attribute is searched. Using a Java™ customized search filter automatically disables the mail search optimization.

About this task

Disable this feature in either of the following use cases:
  • In a deployment where a special LDAP attribute defines which users are allowed to use Sametime. For example, the attribute name might be STUser, and only users with value of 1 in this attribute can use Sametime. The existence of such a special attribute would mean that the regular search filter, which contains the special attribute, should be used rather than the optimized mail filter.
  • In a deployment where user search names look like a mail address. For example, names that contain the symbol @ and then a period or dot (.) somewhere after it, such as username@example.com. These names should then be searched in an LDAP attribute rather than the regular mail attribute.

Procedure

  1. Determine what the mail attribute is:
    1. Log in to the WebSphere® Integrated Solutions Console, and click Sametime System Console.
    2. Click Sametime Prerequisites > Connect to LDAP Servers.
    3. Click Edit for the selected server.
    4. Click Next and select Configure advanced LDAP settings.
    5. Click Next. In the Person Attributes section, the Email address field defines the mail attributes for users.
  2. Disable this feature. On the Sametime Community Server, edit sametime.ini file and add the following flag to the [Directory] section:

    USE_SEPARATE_FILTER_FOR_MAIL_SEARCHES=0

  3. Restart the Sametime Community Server.