Have Directory Assistance (DA) application created and specified in the server document. Have one or more secondary Domino Directory applications specified for DA. Having the following error message on the console
"Directory Assistance is reloading internal tables due to remote server failure".
1. DA is referencing a replica on a server that has gone down.
- This is normal behavior, this is what it is supposed to do. It will then fail-over to the second replica specified if available.
2. DA is referencing a replica that has corrupted for some reason.
- Replace the replica with a new one from the other Domain, or fixup and updall the replica.
- Find out the cause of corruption (e.g. A/V scan or bad backup rule where Domino apps are being backed up with a "cold" agent rather than a "hot" agent or a volume shadow method.)
3. The Domain names given in D.A. are causing conflict. You cannot reference/give a DA directory application a domain name that exists already - e.g. is the name of the primary Domino directory. You cannot reference/give a DA directory application a Domain name in one DA entry and a different Domain name in another. When you specify the Domain name for a specific Domino Directory it must be consistent across DA on that server.
4. You have a corrupt da.ntf, which has more than one ($DirectoryAssistance) view. Replace the template with the new version.
5. You have a Directory enabled for LDAP but not for Notes client use in R7. Enable it for both.
6. You have a Directory enabled for LDAP in R8/8.5 and are seeing errors.
a. Verify that the network connectivity is consistent.
b. Verify that you can do a LDAP look-up/search successfully from the server:
load ldapsearch -h "mydomain.com" -D "cn=MyIDName,ou=MyOU,ou=MYParentOU,dc=Mindwatering,dc=com" -w "MyPassword" -b "dc=MindwateringDCBase" "(cn=a*)"
c. Verify that your login is correct to the LDAP server.
Sample DA Document for LDAP:
Domain type: LDAP
Domain name: MyLDAP (must be unique)
Company name: Mindwatering
Search order: 2
Make this domain available to: Notes Clients & Internet Authentication - Check / LDAP Clients - Check
Group Authentication: No
Naming Contexts (Rules) tab:
N.C. 1: * (leave all *)
Trusted for Credentials: Yes
Optional Authentication Credential: Username: CN=Admin,DC=myou,DC=mindwatering,DC=com
Optional Authentication Credential: Password: mysecretpassword
Base DN for search: o=MyOU,DC=Mindwatering (varies, other examples: dc=MyOU,dc=Mindwatering / dc=Mindwatering / o=Mindwatering - make as specific as possible for quicker searches)
Channel encryption: None (if no encryption)
Port: 389 typical, or 636 typical if encrypted
Timeout: 60 seconds (Note: I generally change to 30 seconds so that router and look-up delays if unavailable are shorter.)
Maximum number of entries returned: 100
Dereference alias on search: Always
Preferred mail format: Internet Mail Address
Attribute to be used as Notes Distinguished Name:
Type of search filter to use: Custom (depends, OpenLDAP is pretty compliant. For AD, you often have to choose custom and enter the appropriate authentication filter. It gets better in R8.0x, at least until MS improves it again.)
Authentication Filter: <varies> (search this support application specifically for this for examples)
7. Sametime Browsing of Names w/setup as LDAP:
Add the following to the sametime.ini under the [Debug] section:
ST_LDAP_BROWSE_ENABLED=1 (must be first one added under Debug, allows browsing of LDAP for user ST look-ups)
VPDIR_IGNORE_BROWSE=0 (disable, to allow directory browsing)
Temporary Work-around for Mail Routing
Tells router to ignore look-up for name resolution and continue rather than hanging/waiting.
Other Testing Hints:
(Don't leave debug parameters running long term in production, not good for performance or your log.nsf size)
> set config DebugRouterLookup=3
> show xdir
> tell router show queues