This section contains conceptual information and high-level tasks for setting up cross domain searches.
By default, users can search only within their home domain for users, groups and resources to invite to events. Cross domain searches, however, allow users in one domain to search for users, groups and resources in other domains, as long as certain requirements are met.
The following is a list of requirements you must meet to successfully implement cross domain searches:
Each domain can specify an access control list (ACL) in the domainAccess property of the icsExtendedDomainPrefs attribute that grants or denies cross domain searches from other domains. Thus, a domain can allow or disallow either specific domains, or all domains, from searching it.
To specify more than one domain, supply a semicolon separated list of domain names for the value of the domainAccess property.
There can be only one instance of the domainAccess property in an LDAP domain entry. If you use LDAP tools to add ACLs to a domain entry, you must ensure that you are not inadvertently creating a duplicate of the domainAccess property.
For a description of domainAccess, see D.9.3 LDAP Attributes and Property Names. For general information about ACLs, see 1.8.3 Access Control Lists (ACLs) in Calendar Server Version 6.3.
Each domain can specify the external domains its users can search. The icsDomainNames LDAP attribute specifies the external domains that a domain’s users can search when looking for users and groups (as long as the ACL for the external domain allows the search).
For example, if icsDomainNames for the various.org domain lists sesta.com and siroe.com, users in various.org can perform cross domain searches in sesta.com and siroe.com. For a description of icsDomainNames, see D.9.3 LDAP Attributes and Property Names.
For instructions on how to enable cross domain searches, see 13.3 Enabling Cross Domain Searches.