Accessing S/MIME Certificates in an LDAP Directory

Just as the POA can access user password information in an LDAP directory, the GroupWise client can access recipients' digital certificates in an LDAP directory. See "Searching for Recipient Encryption Certificates Using LDAP" in "Sending Secure Message (S/MIME)" in the GroupWise 6.5 Windows Client User Guide.

When a certificate is stored on an LDAP server, the GroupWise client searches the LDAP server every time the certificate is used. Certificates from LDAP servers are not downloaded into the local certificate store on the user's workstation. To facilitate this process, the user must select a default LDAP directory in the LDAP address book (LDAP Address Book > Directories > Set as Default) and enable searching (Tools > Options Security > Send > Advanced Options > Search for Recipient Encryption Certificates in the Default LDAP Directory). An advantage to this is that recipients' certificates are available no matter what workstation the GroupWise user sends the message from.