Existing Sametime® customers that use Lightweight Directory Access Protocol (LDAP) have the Sametime Administrator in the local Domino® Directory. Until now, they were not required to have a Sametime Administrator in LDAP. This is now required for policies.
Existing Sametime customers that use LDAP may have the Sametime Administrator defined in the local Domino Directory. Until now, those customers did not need to have a Sametime Administrator defined in LDAP; this is now required for Policy Administration.
Add the Distinguished Name (DN) of an LDAP user to the Access Control List (ACL) of stconfig.nsf with the following access: Person/Manager - with all privileges and all roles.
- Make sure that you change the commas to slashes when entering the name into the ACL.
- In the third example below (Sametime Administrator), note that the canonical format changes to the hierarchical format. Since the LDAP hierarchy matches Domino's hierarchy, the ACL will automatically normalize the name to the hierarchical format.
For example, if you enter 'cn=Sametime Administrator/ou=Austin/O=IBM', the ACL will automatically show 'Sametime Administrator/Austin/IBM'. When using Domino LDAP you will see this behavior, since the hierarchy of Domino LDAP matches the hierarchy system of standard Domino.
Below are examples of what the DN looks like in LDAP, and what it should look like in the ACL:
|LDAP Distinguished Name (DN)||How name should appear in ACL|
|3||cn=Sametime Administrator,ou=Austin,O=IBM||Sametime Administrator/Austin/IBM|
With the above setup, the LDAP account specified in the ACL can now be used to administer the server and, more importantly, administer and assign policies.