Configure people awareness to work across Domino Directory and a non-Domino portal LDAP directory
Lightweight Third-Party Authentication (LTPA) is the recommended way to enable single sign-on (SSO) between WebSphere Portal and IBM Lotus Sametime and synchronize users' distinguished names (DN) when each product uses a different user or LDAP directory.
For instructions on setup, remapping user distinguished names (DN), and enabling Sametime-based people awareness, see these documents:
- If Lotus Sametime authenticates with native Domino and WebSphere Portal uses a different LDAP server to authenticate, see Technote 1231292, How to configure SSO between WebSphere Portal and Instant Messaging when each use a different User Directory.
- If Lotus Sametime authenticates with Domino LDAP and WebSphere Portal uses a different LDAP server to authenticate, see Technote 1205909, How to configure SSO between WebSphere Portal and Lotus Instant Messaging when each use a different LDAP directory.
If you do not want to synchronize users' distinguished names, you can edit the WebSphere Portal CSEnvironment.properties file to support Sametime-based people awareness by completing the steps below. Keep in mind that if the users' names distinguished names are not synchronized, single sign-on to meetings is not available.
- Locate the property CS_SERVER_SAMETIME_1.nameFormatForResolve.
- Remove the comment tag (#) from the beginning of the line, if a comment tag is present.
- Change the value for this property to loginName or cn.
For example, CS_SERVER_SAMETIME_1.nameFormatForResolve=loginName
The value loginName is the preferred setting.
The value loginName in the LDAP for WebSphere Portal should be present in the Domino Directory as the Short Name/UserID field.
If cn is specified, the Common Name in the LDAP for WebSphere Portal should be present in the Domino Directory, as one of the entries in the User Name field.
- Locate the property CS_SERVER_SAMETIME_1.dnNameSeparator.
- Remove the comment tag (#) from the beginning of the line, if a comment tag is present.
- Change the value for this property to /.
For example, CS_SERVER_SAMETIME_1.dnNameSeparator=/.
- Locate the property CS_SERVER_SAMETIME_1.useLTPAToken.
- Remove the comment tag (#) from the beginning of the line, if a comment tag is present.
- Change the value for this property to false.
Parent topic:
Collaborative Services environment properties
Related information
IBM developerWorks article: Single Sign-on in a Multi-directory World
Technote 1231292
Technote 1205909