72.4 Accessing S/MIME Certificates in an LDAP Directory

Just as the POA can access user password information in an LDAP directory, the GroupWise Windows client can access recipients’ digital certificates in an LDAP directory. See Searching for Recipient Encryption Certificates Using LDAP in Sending S/MIME Secure Message in the GroupWise 7 Windows Client User Guide.

When a certificate is stored on an LDAP server, the GroupWise Windows client searches the LDAP server every time the certificate is used. Certificates from LDAP servers are not downloaded into the local certificate store on the user’s workstation. To facilitate this process, the user must select a default LDAP directory in the LDAP address book (Windows client > LDAP Address Book > Directories > Set as Default) and enable searching (Windows client > Tools > Options Security > Send > Advanced Options > Search for Recipient Encryption Certificates in the Default LDAP Directory). An advantage to this is that recipients’ certificates are available no matter what workstation the GroupWise user sends the message from.