立即与支持人员聊天
与支持团队交流

Identity Manager 8.2.1 - Administration Guide for Connecting to HCL Domino

Managing HCL Domino environments Synchronizing a Domino environment
Setting up initial synchronization of a Domino environment Domino server configuration Setting up a gateway server Creating a synchronization project for initial synchronization of a Notes domain Adjusting the synchronization configuration for Domino environments Running synchronization Tasks following synchronization Troubleshooting Ignoring data error in synchronization
Managing Notes user accounts and employees Managing memberships in Notes groups Login information for Notes user accounts Using AdminP requests for handling Domino processes Mapping of Notes objects in One Identity Manager
Notes domains Notes user accounts Notes groups Notes certificates Notes templates Notes policies Notes mail-in databases Notes server Reports about Notes objects
Handling of Notes objects in the Web Portal Basic data for managing a Domino environment Configuration parameters for managing a Domino environment Default project template for Domino Processing methods of Domino system objects Domino connector settings

Configuring single object synchronization

Changes made to individual objects in the target system can be immediately applied in the One Identity Manager database without having to start a full synchronization of the target system environment. Individual objects can only be synchronized if the object is already present in the One Identity Manager database. The changes are applied to the mapped object properties. If a membership list belongs to one of these properties, the entries in the assignment table will also be updated. If the object is no longer present in the target system, then it is deleted from the One Identity Manager database.

Prerequisites

  • A synchronization step exists that can import the changes to the changed object into One Identity Manager.

  • The path to the base object of the synchronization is defined for the table that contains the changed object.

Single object synchronization is fully configured for synchronization projects created using the default project template. If you want to incorporate custom tables into this type of synchronization project, you must configure single object synchronization for these tables. For more information about this, see the One Identity Manager Target System Synchronization Reference Guide.

To define the path to the base object for synchronization for a custom table

  1. In the Manager, select the HCL Domino > Basic configuration data > Target system types category.

  2. In the result list, select the Domino target system type.

  3. Select the Assign synchronization tables task.

  4. In the Add assignments pane, assign the custom table for which you want to use single object synchronization.

  5. Save the changes.

  6. Select the Configure tables for publishing task.

  7. Select the custom table and enter the Root object path.

    Enter the path to the base object in the ObjectWalker notation of the VI.DB.

    Example: FK(UID_NDODomain).XObjectKey

  8. Save the changes.
Related topics

Accelerating single object synchronization

To smooth out spikes in data traffic, handling of processes for single object synchronization can be distributed over several Job servers. This accelerates single object synchronization.

Load balancing is not used for provisioning processes in Domino, to prevent inconsistent data being generated in the target system through parallel processing. If the maximum number of instances on the process task or process component is set to 1 or -1, load balancing cannot take place.

NOTE: You should not implement load balancing for single object synchronization on a permanent basis. Parallel processing of object might result in dependencies not being resolved because referenced objects from another Job server have not been completely processed.

Once load balancing is no longer required, ensure that the synchronization server runs the processes for single object synchronization.

To configure load balancing

  1. Configure the servers and declare them as Job servers in One Identity Manager.

    • Job servers that share processing must have the No process assignment option enabled.

    • Assign the Domino connector server function to the Job server.

    All Job servers must access the same Notes domain as the synchronization server for the respective base object.

  2. In the Synchronization Editor, assign a custom server function to the base object.

    This server function is used to identify all the Job servers being used for load balancing.

    If there is no custom server function for the base object, create a new one.

    For more information about editing base objects, see the One Identity Manager Target System Synchronization Reference Guide.

  3. In the Manager, assign this server function to all the Job servers that will be processing single object synchronization for the base object.

    Only select those Job servers that have the same configuration as the base object's synchronization server.

Once all the processes have been handled, the synchronization server takes over single object synchronization again.

To use the synchronization server without load balancing.

  • In the Synchronization Editor, remove the server function from the base object.

For detailed information about load balancing, see the One Identity Manager Target System Synchronization Reference Guide.

Detailed information about this topic

Specify user types

New users are registered in Domino by default as Full Client User. The user type for registering is specified by the synchronization variable UserType. Possible values:

  • 174: LIMITED CLIENT USER

  • 175: DESKTOP CLIENT USER

  • 176: FULL CLIENT USER

To modify the default user type

  • In the synchronization project, edit the UserType variable and enter your value.

    ClosedEditing variables in synchronization projects

For more information about variables and variable sets, see the One Identity Manager Target System Synchronization Reference Guide.

Related topics

Creating mailbox files

If and in what way mailbox files are created in Domino depends on the user account data and the configuration parameter settings.

Prerequisites

  • The mailbox's path and file name are given in the user account.

    If this information is missing, the mailbox file cannot be created.

  • The directory where the mailbox files are stored on the mail server is given in the TargetSystem | NDO | MailFilePath configuration parameter.

Configuring access levels

By default, the access level Manager is set for the mailbox file's owner.

To set another access level

  • In the Designer, set the TargetSystem | NDO | Accounts | MailFileAccessRole configuration parameter and select an access level as the value that is given to all new mailbox files. Possible values are Manager, Editor, Designer.

Creating a mailbox file

By default, the mailbox file is created after the Notes user has registered with the target system. This uses a template given in the user account. If there is no template given in the mailbox file, the template in the TargetSystem | NDO | DefTemplatePath configuration parameter is used. The template must exist on the gateway server.

The mailbox file can also be created when the Notes user registers. In this case, the template of the Notes server's on which the user is registered is used.

To create a mailbox file during registration

  • Edit the UserCreateMailDb variable in the synchronization project. Enter the value 1.

    ClosedEditing variables in synchronization projects

NOTE: The One Identity Manager Service does not access to mailboxes created like this. Different actions, for example, loading mailbox sizes, are therefore not possible.

Ensure that the template of the mailbox file on the Domino server has permissions set to transfer to the synchronization user so that the Domino connector has read access to the new mailbox files.

Related topics
相关文档

The document was helpful.

选择评级

I easily found the information I needed.

选择评级