Yesterday, I worked with a client to configure Lotus Connections to use a different ID for authentication. By default, Lotus Connections authenticates with either the user's email address or the user id.
Typically this involves a two step process:
- Configure WebSphere to use a different LDAP attribute for authentication
- Re-populate the Lotus Connections Profiles database to put in a new value for PROF_UID
We didn't want to do this because we wanted to minimize impact to the existing environment. Additionally, we had the challenge that the attribute that the customer wanted to use for authentication was a non-standard attribute (something called aintsouserid). Therefore, I suggested we use a new feature in Lotus Connections v2. In v2, the developers were kind of enough to add an extra column to the Profiles table: PROF_LOGIN. Whatever you put in there, can be used by Lotus Connections for authentication.
So here's what we did to configure Lotus Connections to authenticate using a new value without doing too much work:
- Followed the details on specifying a custom LDAP ID for Lotus Connections in the Lotus Connections InfoCenter. (we only followed steps 1-4). We followed these steps so WebSphere could recognize what aintsouserid was.
- Modified the WebSphere configuration to use aintsouserid as the attribute for login. (basically, step 9 from this article).
- Modified the TDI configuration (map_dbrepos_from_source.properties) to map PROF_LOGIN to aintsouserid
- Re-ran TDI to populate the PROF_LOGIN data for all users
And voilá. Hope this helps!