Resource Configuration Notes (Sun Identity Manager 8.1 Resources Reference)

Sun Identity Manager 8.1 Resources Reference

Resource Configuration Notes

This section provides instructions for configuring Domino resources for use with Identity Manager, including:

General instructions for setting up the Domino resource for use with Identity Manager
Instructions for installing the Gateway to support Domino

General Configuration Instructions

Use these procedures to set up a Domino resource adapter:

Setting Up a Domino Resource Adapter

Create the Identity Manager administrator in Domino. Use a certifier ID that has access to all organizations needed to manage users.

Add the user to the access control list (ACL) of the address book for the server, names.nsf.
1. Give the user Editor access.
2. Assign the user the following roles:
  - GroupModifier
    - UserCreator
      - UserModifier

Add the user to the ACL of the registration log, certlog.nsf, with Depositor access.

Add the user to the ACL of the Administration Requests, admin4.nsf, with Depositor access.

Add the newly created user to server security:
1. Open the Security panel to edit the server configuration.
2. If access to the Domino server is restricted, make sure the Identity Manager proxy account has access to the server. This is done by specifying the account name or a group to which the proxy account belongs in the Access Serverfield.
3. If there is a before or after action that calls a Domino agent, the user might need to be added to the Run unrestricted LotusScript/Java agentsor Run restricted LotusScript/Java agentfield, depending on how the agent being called is configured.

Installing the Gateway to Support Domino

For the gateway to talk with Domino, there must be a Notes client already installed on the gateway machine

Add the following string values to HKEY_LOCAL_MACHINE\SOFTWARE\Waveset\Lighthouse\Gateway in the Windows registry to ensure Domino works properly:

notesInstallDir. This is the location where the client is installed and where the notes.dll file is location. Typically, the location is something like C:\Lotus\Notes\.
notesIniFile. The full path to the Lotus Notes initialization file, including the file name. You should copy the file from its default location (such as C:\Lotus\Notes\notes.ini) to the directory containing the Identity Manager gateway. Therefore, you should set the value of this registry key to a value similar to C:\GatewayDir\notes.ini.

Note –

Make sure the Notes client is running with a network-enabled profile. If you change the network connection after you copy the ini file, you must re-copy it or run the client through the command line, as in:

C:\Lotus\Notes\notes.exe=PathToIniFile