HCL Sametime wiki: Integration with other products: How to configure SSO between Domino and Sametime Community

How to configure SSO between Domino and Sametime Community

Added by

~Autumn Zeknuburgon | Edited by ~Nicole Cisponetherettu on December 16, 2013 | Version 4

Actions ▼

Abstract

Abstract

No abstract provided.

Tags: Sametime, SSO

As you may know, Single Sign On(SSO) is a mechanism that allow a single user authentication to access multiple systems . That means, with SSO, you need to enter credential only one time .Once authenticated by the first system after you login, then you can enter the second system without inputting any password.

Many Sametime products can be configured to work with SSO. For example, you can configure SSO between sametime community server and sametime meeting server. Once you login to sametime community, then you can login sametime meeting server automatically. Of course, you also can configure SSO between sametime community server and Lotus domino. Once you launch and login Lotus Notes, then you can login sametime automatically without inputting any password.

But how to configure the SSO between Lotus Domino and Sametime community ? Here is a guidance for your reference.

Prerequisite :
Setup Domino server first.
Installing Sametime community server onto the domino server.
Both domino server and sametime community server are started up.

Steps:
1. Launch domino administrator client using domino admin account;
2. Ctrl+O to open stconfig.nsf DB. In the search filters areas, add one attribute, such as "facsimileTelephoneNumber=%s" in the Search Filters area. See Figure 1:

Figure 1

2. Ctrl+O to open directory assistant database : da.nsf. In the SSO Configuration section, input the field which you input in stconfig.nsf. For example , here to input the parameter "facsimileTelephoneNumber" in the filed "Attribute to be used as name in an SSO token(map to Notes LTPA_UsrNm)". See Figure 2.

Figure 2

3. Open the web SSO configuration document, in the Domino Server Name field, input the domino server name. Attention, if you are using two domino server, please input the two domino servers' name. One is primary domino server, another one is an additional domino server which community server is installed in the second domino server. See Figure 3.

Figure 3.

4. Open sametime.ini file where sametime community server located, add the variable ST_DB_LDAP_ALLOW_SEARCH_ON_DN=1 under [Directory] section. If [Directory] doesn't exist, please add it.
5. At last, after completing above steps, restart both domino and sametime community server to make it effective.

Then by now, we have completed the SSO configuration between Lotus Domino server and Sametime community. However, if a user need to login ST by Domino SSO, the user must be registered in Lotus Domino and LDAP directory. After registering users in Lotus Domino, we need to edit the user's information in the LDAP directory. Adding the "facimileTelephonyNumber" attribute for the domino user to enable SSO in Notes.For example. See Figure 4.

Figure 4

Finally, we use the registered domino user to launch Lotus Notes client. Go to Notes preference->Sametime->Server Communities, in the Login In tab, select Authentication Type "Domino Single Sign On", tick "Use token based single sign on", then click OK button to save the setting in preference. See Figure 5.

Figure 5

With the next start Notes client, you don't need to input any password in Sametime sidebar then you can login Sametime successfully. If you tick "Automatcially log in" option, then you can login Sametime automatically after you launch Notes.