Problem:
Server versions: Domino 6.02CF1 & Sametime 3.1
Cannot login to Sametime using anything but Notes Client SSO when user is not in a primary address book.
(User can login to Domino server's HTTP server -- web pages on that server.)
Things to Consider:
1. Multiple Directories
Domino supports multiple directories via Directory Assistance documents:
Multiple Domino Directories are supported via Directory Assistance.
LDAP is supported in a similar fashion. (Note: Only first priority LDAP document can expand groups for access).
Directory Assistance and LDAP is tricky.
SSL and LDAP is a nightmare. Use the Sametime Redbook's step-by-step example to complete the task. Be prepared to redo multiple parts or all of the installation multiple times to get it "right".
Not only is easy to miss a step, but sometimes the steps do not "work". I was able to get this to work with two LDAP sources, but it took two days. As both were actually Domino directories in different Domains, I should have done the Directory Catalog option I discovered a day or two later (see next paragraph below). I do have one other LDAP directory, that is non-Domino, that I would have liked to have been able to include (on an Apple XServe), but it was not a core business need to do so at that time.
Directory assistance and Sametime was less than reliable: e.g. The server is started, it would work, but then reboot, and it would no longer work. I gave up after several days of changing parameters, and several reinstallations of Sametime. The final solution that has worked GREAT was a very simple one, which I did not occur to me, using an Extended Directory Catalog. For more on this topic.... 
To test and see if you have a chance at getting Sametime authentication, make sure the users can access a web page on that server by logging in. If they cannot do that, then Sametime doesn't stand a chance, either.
2. Reliability Issues with Sametime Versions
I also found that Domino 6.03 and Sametime 3.1 were instable with the 3.1 service pack added running on NT 4 SP6a.
Regular periodic crashes of the Sametime services and the HTTP task occurred without yet being under a production load.
Sametime 3.1 on Windows 2003 was not successful (even after you changed the server installation to run in compatibility mode.)
Do NOT upgrade a Sametime 3.0 server to R5.12 Domino unless you have all the interim patches & fix/service packs. Make sure you install the fixes and packs in the proper order, too.
Otherwise, you will be restoring from back and starting over. (I missed one once and could not apply the one I missed because the server was already past it.)
3. Easy things to miss:
a. check the domain name of the server & that you have it specified in the correct locations.
b. check that Internet Password really is still abc123 and is not out of sync with Notes Password. (Login to a web page on that server).
c. did the community services task not start or crash
d. did you answer the right question of whether Sametime is using LDAP or Domino Directory for authentication. (If LDAP was chosen. Only uses in the Domino Directory to authenticate successfully were those set as admins of the Sametime server.)
e. did you remember to resign the template and run the design task on the server? Otherwise the agents that are used for logins cannot execute and die. Note: You can instead choose to add the Lotus development team to the server documents allowed to run agents security tab.
previous page
|