Blog

Blog Search

Search this site

Advertisements

Everything Else

Sponsor

Wood Watch Review

Google Custom Searches

Custom Blogger Search
Custom Sametime Search
Custom XPages Search

Subscribe

Subscribe via RSS

Recent Tweets

Hosting by

You are here: Home › Blog

Quick course in extId and LDAP with Workplace


Tags :


I have received numerous requests for assistance with LDAP after my Lotusphere presentation.  Well one key item re-appears time and time again with the requirement for a unique, never changing id in the schema for Workplace.  So here we go, I thought I would share.

*******************
Lotus Workplace requires an immutable ID in the LDAP directory to map Lotus Workplace member entries to LDAP person records.  When a user first logs in, an id is assigned to the user. This id is used to retrieve user-specific information, such as the contact list, and is also used internally for Team Space and Web Conference Access Control.  This id is used by Lotus Workplace as an internal representation of a user.

Now to take some info straight from a technote:

If the LDAP directory that you are using with Lotus Workplace already has an attribute whose value is unique, static, and never reused, you simply map that attribute to the extId attribute in Lotus Workplace. Most directory servers supported by Lotus Workplace products 1.1 have such an attribute, with the exception of Domino and IBM Directory Server 4.1. However, the default Websphere Member Manager settings for Lotus Workplace must be modified manually during installation in order to use this attribute for the Lotus Domino, Novell, Sun, and Microsoft Active Directory. If you do not make these changes, some Workplace features will not operate properly, and you may see any or all of the following problems:
  • Errors when creating Team spaces or Web conferences
  • Inability to add members to a Team space or Web conference with restricted access
  • Inability to add contacts to the My Contacts lists
  • Loss of access to Lotus Workplace data when a user's name changes

If your directory server does not contain a suitable extId attribute, Lotus Workplace can be configured to generate one. This typically requires you to modify your LDAP schema.


So what you see is that there must be: this field in either your existing LDAP schema; you must generate it on the fly; and you might manually configure Workplace to work with certain types of directories.  I see this process possibly getting easier in 2.0 or even sooner, but for now this step must be done.

This also has another feature, that when name changes are performed in things like Workplace Messaging, the system can do it 'lazy' in the background since the extId never changes!!!