Sametime, LDAP and Notes 6.51
Added a new Sametime server Monday night. Nice speedy new hardware, and upgraded to Sametime 3.1 IF1 (Have to wait for new version of LVC before LIMWC 6.51 can go out). I decided it was a good time to start using LDAP for authentication of the Sametime clients, since that would allow for Quickplace interop. Evidently, I missed a technote when searching the KB - LDAP and Notes 6.5x clients don't play well together.
The Notes 6.5x client defaults to the Notes abbreviated name for login - LDAP doesn't get that. Hell, it didn't get using the shortname without editing the search filters! The other thing that using LDAP wreaks havoc on is the presence awareness in the Notes client - oops! Sure, there's a technote on extending LDAP to use the abbreviated name, but it's not working correctly either. It seems to be truncating the field value so only part of the name is displayed, so this means that we still can't login using the abbreviated name.
I'm on the phone now with IBM and hopefully will have some good news later.
UPDATE:
After 90 minutes talking to IBM, we nailed it down to a couple of issues.
First, I used the search filters in the technote. The search filter has a problem returning more than about 200 characters, and since there were 5 attributes being returned, it went over the limit. Cleaning out a couple of filters that weren't necessary resolved that.
Second, Sametime and anonymous bind to LDAP don't work "that well." Binding with a user ID to LDAP resulted in the notesmail attribute popping up, and so authentication and presence awareness are working.
Hopefully, the technotes referenced previously will be amended to add these suggestions since they are already in the internal technotes that were used by the support tech I spoke with.
The Notes 6.5x client defaults to the Notes abbreviated name for login - LDAP doesn't get that. Hell, it didn't get using the shortname without editing the search filters! The other thing that using LDAP wreaks havoc on is the presence awareness in the Notes client - oops! Sure, there's a technote on extending LDAP to use the abbreviated name, but it's not working correctly either. It seems to be truncating the field value so only part of the name is displayed, so this means that we still can't login using the abbreviated name.
I'm on the phone now with IBM and hopefully will have some good news later.
UPDATE:
After 90 minutes talking to IBM, we nailed it down to a couple of issues.
First, I used the search filters in the technote. The search filter has a problem returning more than about 200 characters, and since there were 5 attributes being returned, it went over the limit. Cleaning out a couple of filters that weren't necessary resolved that.
Second, Sametime and anonymous bind to LDAP don't work "that well." Binding with a user ID to LDAP resulted in the notesmail attribute popping up, and so authentication and presence awareness are working.
Hopefully, the technotes referenced previously will be amended to add these suggestions since they are already in the internal technotes that were used by the support tech I spoke with.
posted by Ted at
2:35 PM
0 Comments:
Post a Comment
<< Home