Planning directory services
Before preparing your environment, answer questions described in this topic to help you make decisions about directory services.
About this task
| Question | Considerations |
|---|---|
How many directory synchronization servers will you use? |
Directory synchronization servers are on-premise hub servers that handle replication of Domino directories between your on-premises environment and the service. You can configure multiple directory synchronization servers to provide failover. For pilot deployments, one directory synchronization server might suffice. |
Which servers will be directory synchronization servers? |
Use existing Domino® servers or install and set up new servers. If a directory synchronization server is also the administration server for the on-premises hub domain, see the next row in this table for version requirements. Otherwise, a directory synchronization server can run any Domino version. Directory synchronization servers must comply with certifier requirements for the service. For more information, see Planning security. |
Do you need to upgrade the administration server for the on-premises hub domain? |
The on-premises hub domain administration server must run Domino 8.5.1 Fix Pack 2 or a later version. The Domino Directory template must be at least version 8.5.1 Fix Pack 2 . The administration server is the server that handles administration process requests for the domain Domino Directory. |
Do you have directory servers in your environment that access directories through the Lightweight Directory Access Protocol (LDAP)? |
These directories can be used in the service only if they are a Domino directory or an extended directory catalog that is replicated to the service. |
Which directories will you replicate to the service? |
If a Domino directory contains services users, you must replicate the full directory to the service. If a Domino directory contains only on-premises users but no service users, replicate the directory contents to the service if you want service users to address mail or schedule meetings with the on-premises users. In this case, you can replicate the full Domino directory to the service or you can aggregate the directory contents into an extended directory catalog and replicate the directory catalog to the service. |
Do you want service users to be able to select the names of users and devices in internal foreign domains from the corporate directory? |
To enable service users to select the names of users and devices associated with an internal foreign domain that is not a Domino domain, add Person documents for the users and devices to a directory that is replicated to the service. In the Mail system field of the Person document, select Other Internet Mail to ensure that mail addressed to the names is routed to the on-premises hub domain. If you do not create Person documents for users and devices in foreign domains, service users can still send mail to the users and devices if they know their addresses. |
If you replicate multiple directories to the service, are there policies with the same name in two or more directories? |
A policy name must be unique across all directories that are replicated to the service. |
If you replicate multiple directories to the service, are there groups with the same name in two or more directories? |
It is a good practice to make group names unique across directories that replicate to the service. |