Lotus Domino Administrator 6.5 Help - Creating a Directory Assistance document for a Domino Directory or Extended Directory Catalog

DIRECTORY SERVICES

Creating a Directory Assistance document for a Domino Directory or Extended Directory Catalog
To set up directory assistance for a Domino Directory or an Extended Directory Catalog, create a Directory Assistance document for the directory in the directory assistance database as follows:

Note Do not create a Directory Assistance document for a condensed Directory Catalog.

1. Make sure you have read about directory assistance services and concepts.

2. Make sure that you have created and replicated a directory assistance database and have set up servers to use it.

3. From the Domino Administrator, choose File - Open Server, and select a server that you have set up to use the directory assistance database.

4. Click the Configuration tab.

5. In the left pane, expand Directory - Directory Assistance. If you see "Server Error: File does not exist," the server you selected in step 3 is not set up to use the directory assistance database.

6. Click Add Directory Assistance.

7. On the Basics tab, complete these fields:

Field Enter

Domain type Choose Notes.

Domain name The name of the Domino domain associated with the directory. If the directory isn't associated with a Domino domain because you created it manually rather than through server setup, make up a unique domain name for it. For more information, see the topic "Directory assistance and domain names."

Company name (Optional) The name of the company associated with this directory. Multiple Directory Assistance documents can use the same company name.

Search order (Optional) A number affecting the order in which servers search this directory relative to other directories configured in the directory assistance database. For more information, see the topic "How naming rules relate to directory searcher orders."

Make this domain available to Choose one or both:

"Notes Clients and Internet Authentication/Authorization"
"LDAP Clients"
Choose "Notes Clients and Internet Authentication/Authorization" to use the directory for Notes mail addressing, Internet client authentication, or to look up the members of groups for database authorization. By default, the option is enabled. To prevent servers from using the directory for these services, do not choose this option.
If the domain specified in the "Domain name" field is the same Domino domain (the primary domain) of the servers that use directory assistance, the servers use the directory for these three services automatically, even if you do not choose this option.
Choose "LDAP Clients" to enable the LDAP service running on servers to search the directory when processing LDAP requests. By default, the option is enabled. To prevent the LDAP service from searching the directory, do not choose this option.
Fore more information, see the topic "Directory assistance services."

Group Authorization Choose one:

Yes to search the members of groups in the directory when authorizing database access. You must also select "Make this domain available to: Notes Clients and Internet Authentication/Authorization."
No (default) to prevent searching the members of groups in the directory when authorizing database access.
You do not have to enable a rule that is "Trusted for Credentials."
Enable this option in only one Directory Assistance document, Notes or LDAP, in the directory assistance database.
If the domain specified in the "Domain name" field is the same Domino domain (the primary domain) of the servers that use directory assistance, the servers use the directory to look up groups for database authorization automatically, even if you choose No for this option.
For more information, see the topic "Directory assistance and group lookups for database authorization."

Enabled Choose Yes to enable directory assistance for this directory.

8. Click the Naming Contexts (Rules) tab, and for each rule you want to define, complete the following fields. By default, an all-asterisk rule is enabled with "Trusted for Credentials" set to No.

Field Enter

N.C. # A naming context (rule) that describes names in the directory. For more information, see the topic "Directory assistance and naming rules."

Enabled Choose one:

Yes to enable a rule
No to disable a rule

Trusted for Credentials Choose one:

Yes to allow servers to use credentials in this directory to authenticate Internet clients whose distinguished names in the directory correspond to the rule.
No (default) to prevent servers from using this directory to authenticate Internet clients whose distinguished names correspond to the rule.
For more information, see the topic "Trusted naming rules."
If the domain specified in the "Domain name" field on the Basics tab is the same Domino domain (the primary domain) of the servers that use directory assistance, the servers trust all user names in the directory for client authentication, even if you do not choose this option.

9. Click the Replicas tab. Use either the "Database links" field or the "Replica#" fields to specify replicas of the directory for servers to use. If you make any entry in a Replica# field, then directory assistance ignores all entries in the "Database links" field.

To set up directory assistance to use cluster failover to locate an available replica of the directory, specify only one replica of the directory within the cluster.

For more information on failover, see the topic "Directory assistance and failover for a Domino Directory or Extended Directory Catalog."

Field Enter

Database links For each replica you want to specify:

Open the replica of the directory, and choose Edit - Copy As Link - Database Link.
Select the "Database links" field, and choose Edit - Paste.
Using database links may delay server startup. When you restart a server that uses directory assistance, server tasks retrieve database information from the remote servers to which the links refer. Use database links only if the servers to which the links refer are consistently available.

Replica# The server name and file name of a replica of the directory -- for example:
Server Name: Mail1/West/Acme
Domino Directory File Name: EASTNAMES.NSF
Selected Enabled next to each replica you specify.

10. Click Save & Close.

Setting up directory assistance

Glossary

Help on Help

Open Full Help Window

Glossary

Help on Help

Open Full Help Window

Field	Enter
Domain type	Choose Notes.
Domain name	The name of the Domino domain associated with the directory. If the directory isn't associated with a Domino domain because you created it manually rather than through server setup, make up a unique domain name for it. For more information, see the topic "Directory assistance and domain names."
Company name	(Optional) The name of the company associated with this directory. Multiple Directory Assistance documents can use the same company name.
Search order	(Optional) A number affecting the order in which servers search this directory relative to other directories configured in the directory assistance database. For more information, see the topic "How naming rules relate to directory searcher orders."
Make this domain available to	Choose one or both: "Notes Clients and Internet Authentication/Authorization" "LDAP Clients" Choose "Notes Clients and Internet Authentication/Authorization" to use the directory for Notes mail addressing, Internet client authentication, or to look up the members of groups for database authorization. By default, the option is enabled. To prevent servers from using the directory for these services, do not choose this option. If the domain specified in the "Domain name" field is the same Domino domain (the primary domain) of the servers that use directory assistance, the servers use the directory for these three services automatically, even if you do not choose this option. Choose "LDAP Clients" to enable the LDAP service running on servers to search the directory when processing LDAP requests. By default, the option is enabled. To prevent the LDAP service from searching the directory, do not choose this option. Fore more information, see the topic "Directory assistance services."
Group Authorization	Choose one: Yes to search the members of groups in the directory when authorizing database access. You must also select "Make this domain available to: Notes Clients and Internet Authentication/Authorization." No (default) to prevent searching the members of groups in the directory when authorizing database access. You do not have to enable a rule that is "Trusted for Credentials." Enable this option in only one Directory Assistance document, Notes or LDAP, in the directory assistance database. If the domain specified in the "Domain name" field is the same Domino domain (the primary domain) of the servers that use directory assistance, the servers use the directory to look up groups for database authorization automatically, even if you choose No for this option. For more information, see the topic "Directory assistance and group lookups for database authorization."
Enabled	Choose Yes to enable directory assistance for this directory.

Field	Enter
N.C. #	A naming context (rule) that describes names in the directory. For more information, see the topic "Directory assistance and naming rules."
Enabled	Choose one: Yes to enable a rule No to disable a rule
Trusted for Credentials	Choose one: Yes to allow servers to use credentials in this directory to authenticate Internet clients whose distinguished names in the directory correspond to the rule. No (default) to prevent servers from using this directory to authenticate Internet clients whose distinguished names correspond to the rule. For more information, see the topic "Trusted naming rules." If the domain specified in the "Domain name" field on the Basics tab is the same Domino domain (the primary domain) of the servers that use directory assistance, the servers trust all user names in the directory for client authentication, even if you do not choose this option.