Novell Doc: Identity Manager Drivers - Preparing Lotus Notes for Synchronization

2.3 Preparing Lotus Notes for Synchronization

Complete the setup tasks in this section to ensure that your Lotus Notes system works with Identity Manager.

2.3.1 Collecting Configuration Information

You need to provide a number of system-specific details when you import the driver configuration for Lotus Notes. Some of these details can be collected before you complete the following procedures, and others are defined during the process.

See the list in Section 2.4.2, Creating a Driver Object and Importing the Driver Configuration.

2.3.2 Creating Lotus Notes Accounts and Groups

Create a Notes User ID to be used exclusively by the driver and give it manager-level ACL access to the target Notes database (usually names.nsf), the output database ( ndsrep.nsf) created by ndsrep, and certlog.nsf. If you are synchronizing with the names.nsf database, you should select (turn on) all ACL roles (GroupCreator, GroupModifier, NetCreator, NetModifier, PolicyCreator, PolicyModifier, PolicyReader, ServerCreator, ServerModifier, UserCreator, UserModifier).
If a Deny Access group doesn’t already exist, create this group using the Lotus Domino Administrator tool. This group is used to hold disabled user accounts.
Copy and save the Universal ID (UNID) for the Deny Access group you just created.

This string is used by the driver to uniquely identify this object, and you need to specify it when you are importing the driver configuration.

To get the string:
1. View the Document Properties of the group. (You can select the object and right-click to select Document Properties.)
2. Click the Meta tab (the fifth tab from the right).
3. Go to the end of the text in the Identifier field, and copy the character string from the last forward slash to the end. This will always be 32 alphanumeric characters.
  
  For example, if text in the Identifier field is Notes://myserver/87256E530082B5F4/85255E01001356A8852554C200753106/16A28402CCEB7A9C87256E9F007EDA9B then the UNID would be 16A28402CCEB7A9C87256E9F007EDA9B
4. Paste this information into a file for later use when you run the Create Driver Wizard, as noted in Section 2.4.2, Creating a Driver Object and Importing the Driver Configuration.

2.3.3 Providing Access to Certifiers and ID Files in the Lotus Notes Infrastructure

The Notes driver user needs access rights to the following:

Its own user certifier ID file for the driver user in Notes
The certifier ID files for the certifiers that you want the driver to create users for
The server ID file (optional; depends on your configuration)
File access to a place where the driver can create new user certifier ID files (optional; depends on whether you want the driver to have this ability)