Working on
When LDAP user is not in admin group, users cannot use domino groups in sametime.
Architecture :
Sametime community server, Sametime system console (SSC) 8.5.2 IFR1
Websphere in SSC sees groups correctly. The problem might be related to LDAP filters for Community Server.
I accessed the Sametime Administration Tool (sametime.ics.com/stcenter.nsf) and changed LDAP filters.
The thing with domino LDAP is that, by default, groups are not at the same hierarchical level than users. So you are tempted to use an overall global filter in the O=ICS fashion. But it is almost certain (depending on your domino configuration but 90 % at least are that way) that you will miss group, because they are at the upper level of LDAP.
In the LDAP lookup section of the administration tool, I removed the base lookup (in french here) :
(For confidentiality reasons I also removed the server name from the screenshot)
I accessed the Sametime Administration Tool (sametime.ics.com/stcenter.nsf) and changed LDAP filters.
The thing with domino LDAP is that, by default, groups are not at the same hierarchical level than users. So you are tempted to use an overall global filter in the O=ICS fashion. But it is almost certain (depending on your domino configuration but 90 % at least are that way) that you will miss group, because they are at the upper level of LDAP.
In the LDAP lookup section of the administration tool, I removed the base lookup (in french here) :
(For confidentiality reasons I also removed the server name from the screenshot)
And in the "General properties" of the LDAP section I added again the LDAP base filter for persons lookup (first field here) :
Restart server
However, after a test, still the same. LDAP user has to be into admin group. This might be ok for a test environnement, but I want my test environnement to be bullet proof, for the day it'll be a production one.
More information next time ...
No comments:
Post a Comment