Using HCL Connections Photos for the Sametime Business Card

Calculating the Connections Profiles Photo URL

The Connections user photo can be retrieved from the /profiles/photo.do API (REST: GET) which can process different key values from the parameter sent to uniquely identify the user details.

These parameters include:

<protocol>://<connections server>:<port>/profiles/photo.do? distinguishedName=

<protocol>://<connections server>:<port>/profiles/photo.do? email=

<protocol>://<connections server>:<port>/profiles/photo.do? uid=

<protocol>://<connections server>:<port>/profiles/photo.do? userid=

<protocol>://<connections server>:<port>/profiles/photo.do? key=

This configuration depends on which unique user identifier (userId) has been configured on the Sametime Community Server LDAP settings. To see this value, use the HCL Notes or Admin client to open the stconfig.nsf. In the LDAPServer document the field name is the “The attribute of the person entry that defines the internal ID of a Sametime user”, this is blank by default, which uses the distinguishedName attribute. If populated with another attribute, use this value instead. This value must be available to the Connections server as well.

Example

In many cases the Sametime Community Server is configured to use the DN as the Sametime userId.

For example,the DN is: CN=Foo Bar,OU=Users,O=Example,C=US In this case the "distinguishedName" key should be used. The protocol is either http or https.

For example:http://connections.example.com:9080/profiles/photo.do?distinguishedName=

If the Connections server protocol is http and port is 9080, below is an example of the resulting URL after appending the user’s DN and encoding the spaces:

http://connections.example.com:9080/profiles/photo.do?distinguishedName=CN%3DFoo%20Bar%2COU%3DUsers%2CO%3DExample%2CC%3DUS

The Community server requires the absolute URL to be added to the person document or LDAP record as an attribute. Many LDAP servers (including Domino LDAP and Microsoft Active Directory) have an attribute that exists for this purpose called photoURL. Populate the full URL for the photo in the photoURL for each person record in the directory. For native Domino directories, the photoURL is located on the person document, miscellaneous tab.

LDAP Server Requirements

Some LDAP servers may not display the photoURL attribute to an anonymous bind (for example, Domino LDAP). Use an authenticated bind to the LDAP server when configuring LDAP services, or configure the LDAP server to render the photoURL to anonymous users.

URL accessibility

If the photo URL is a protected resource, Single Sign On (SSO) must be configured between Sametime Community and Connections servers. If the URL is available to anonymous users, SSO is not required.  When configuring SSO, the Connections server and Sametime server must share a common directory.

Related: Configuring SSO between Connections and Sametime

Configuring the Community Server userinfoconfig.xml file

If you have not already configured the userinfoconfig.xml file, review the applicable topic for your environment and complete the configuration before setting the photoURL.