Lotus Domino Server
Connector name |
|
Connector type | Executable |
Type (UI field value) | Lotus Domino Server |
Target system versions supported/tested | The |
Connector status / support | Customer-Verified Clients may contact Bravura Security support for assistance with this connector. Troubleshooting and testing must be completed in the client's test environment as Bravura Security does not maintain internal test environments for the associated target system. |
The Lotus Notes product runs on a special applications and messaging server called the Lotus Domino Server. Lotus uses the Domino name to refer to a set of Notes server applications. Notes itself refers to the overall product.
There are two types of users for Lotus Notes:
Lotus Notes client users People who use the Notes client to access Domino servers and databases and have a Notes ID file, a Person document, and optionally a mail file.
ID files are containers of private and public encryption keys. The ID file itself is encrypted using the user’s password. Users authenticate to a Domino server and the databases it houses, using certificates found in their ID file. Users have access to their own private and public keys, while servers only know a given user’s public key.
Bravura Pass manages passwords used to decrypt users’ personal Notes ID files.
non-Notes, Internet-only users People who do not own a Notes ID file and therefore cannot use the Lotus Notes client; these users may instead have web access to Domino servers and databases. Lotus Domino users have a Person document, and optionally a mail file.
Bravura Pass manages passwords stored on a Notes / Domino server. These are a straight-forward password hash in a field in an .nsf database on the server.
Bravura Security Fabric uses the Lotus Domino Server agent (agtdmno) to perform operations for both types of user. For non-Notes users, the agent performs operations in a names.nsf database.
If you require greater flexibility, and need to create and manage accounts in a generic Domino database, see Lotus Domino Server (Script) .
The following Bravura Security Fabric operations are supported by this agent:
user verify password
get server information
user change password
administrator reset password
verify+reset password
create account
delete account
disable account*
enable account*
check account enabled*
add user to group
delete user from group
create group
delete group
rename account
update attributes
list account attributes
move contexts**
List:
accounts
attributes
groups
members
Note
Operations marked with * require special configuration. For details, see Configuring a deny-access group.
** MoveContext requires special configuration, For details, see Implementing cross certification.
The following sections show you how to:
Define an account for the target system administrator in the Domino Directory
Configure the Lotus Notes ID Files client on the Bravura Security Fabric server
Create template accounts
Set the Domino target system address in Bravura Security Fabric
Configure batch files to retrieve and deliver ID files
Configure agent behavior
This chapter also describes how Bravura Security Fabric handles special attributes, used when creating or modifying accounts on a Lotus Domino Server target.
See also
Bravura Security Fabric can also send email via the Lotus Notes / Domino mail system using the plugin-email-domino plugin program. See Plugins in the Bravura Security Fabric documentation for details.