Chat now with support
Chat with Support

Coexistence Manager for Notes 3.8.2 - User Guide

About the CMN Documentation Suite Introduction CMN Directory Connector
Directory Connector overview Installation and configuration DC Management Console Connector Creation Wizard Connector Advanced Settings Starting and stopping the Directory Connector service
CMN Mail Connector
Mail Connector features overview Coexistence mail routing basics Deployment of CMN Mail Connector Installation Configuration Mail Connector Management Console
CMN Free/Busy Connector The Log Viewer Appendix A: Known limitations Appendix B: Troubleshooting Appendix C: CMN Logs

Step 1: Devise a strategy for your directory updates

CMN’s Directory Connector lets you define as many connectors as you need to facilitate separate directory updates among multiple directory servers on either or both sides, and/or for different administrative entities in your organization, or for different geographic locations, etc. If two or more connectors are defined for the same direction, you must direct them to copy their data to different, separate target containers.

Individual DC connectors can be configured to perform any number and combination of three primary operations:

Provision: If no object in the target corresponds to an object in the source, the connector will create the new object in the target.
Update: If an existing object in the target corresponds to an object in the source but the object’s attribute data differs, the connector will overwrite target object data with corresponding source object data —or— will append the source data to the target data for some attribute(s) if so configured by the <AppendAttributes> parameter for the connector (see Configuring the <AppendAttributes> parameter below).
Delete: If the connector sees no object in the source that corresponds to an object in the target, it will delete the object in the target. For example, if User XYZ is copied from source to target, and then is deleted from the source, the next run of the same connector will remove User XYZ from the target.

Think through your strategic options and decide now, before you define any connectors, how you want your directories to be updated. Decide in advance the number and scope of DC connectors you will need to accommodate your particular environment, circumstances and preferences, and the number and names of Domino target containers and AD target OUs you will need.

The <AppendAttributes> parameter lets you specify a list of one or more target attributes whose values will be appended to, rather than replaced by, a connector running in Update mode. That is, for each object in the directory, the value of each designated attribute in the source will be added to any existing value in the target.

This parameter is optional, and is configured separately for each DC connector in the connector's section of the DC Configuration.xml file. To designate the attribute(s) that should function this way in Update mode for a particular connector, find (or add) the <AppendAttributes> tags for the connector, and enter the names of the target attributes separated by a pipe character ("|") between the tags, like this:

<AppendAttributes>cn|mail|proxyaddresses</AppendAttributes>

Step 2: Configure LDAP to permit Domino read and write access for CMN's Directory Connector

CMN’s Directory Connector requires LDAP read and write access to the Domino server to enable its connectors’ queries and data transmissions. The account used to access Domino must have Add and Delete access to the names.nsf database on the Domino server.

To configure LDAP for CMN’s Directory Connector:

1
In the Domino Administrator, on the Configuration tab: In the navigation tree at left, expand Directory, then expand LDAP, and then select Settings.
NOTE: The LDAP configuration document you edit or create here will not replace your existing Domino configuration document. Domino will simply draw the new/updated LDAP configuration settings into your existing configuration.
3
If you will configure any Exchange-to-Notes connectors: In the LDAP Settings, set Allow LDAP users write access to Yes. (This step is unnecessary if you will configure only Notes-to-Exchange connectors.)
4
If configuring a coexistence with a Domino 6.5.x server (only): You must also disable constraint checking on LDAP writes.
5
Save & Close the document, and then restart the Domino server.

LDAP writes to the Domino directory also require that the directory ACL have the Maximum Internet name and password set to Editor, and have all Roles selected (checkboxes marked). These settings act as a global filter that everything must check against.

Step 3: Make the showInAddressBook attribute visible in GC

Step 3: Make the showInAddressBook attribute visible in GC

CMN requires replication of this attribute to the Global Catalog so that ou=users will appear in the source list of OUs in the Connector Creation Wizard (when creating an Exchange-to-Notes connector). The procedure:

2
In the console tree, under Active Directory Schema/Attributes, click Attributes.
3
In the details pane: Right-click the showInAddressBook attribute, and select Properties.
4
Select the checkbox for: Replicate this attribute to the Global Catalog.

Step 4: Run the DC Management Console and Connector Creation Wizard to create connector(s)

Use CMN’s Directory Connector Management Console and its Connector Creation Wizard to define and manage the connectors that will update the directories you want to keep current, and to schedule the connectors to run. The DC Management Console and Connector Creation Wizard perform different but related functions as shown in this illustration, and in the chart following:

The Connector Creation Wizard is run separately for each DC connector you want to create (or edit).

Two later sections of this chapter, DC Management Console and Connector Creation Wizard, provide the operational details necessary to use these tools.

Note that this step alone does not start the Directory Connector service, and that the defined connectors will run only if the Directory Connector service is running. For more information, see Starting and stopping the Directory Connector service later in this chapter.

Related Documents