Getting ST reconfigured or setup (a-new) for LDAP instead of Domino Directory is less than straightforward.
There are steps for converting in a tech note. But after completing them on several systems they did not work or in one case locked the whole server up when ST was restarted.
Why use LDAP, because it's is the new way to go. For example, if want awareness in Quickr 8, you have to switch your ST server over. Yes, the old Domino Directory way was simple, but don't do it anymore. For this new way, you better have at least a good part of your day open to hammer away.
So, want to take an existing server and convert it to LDAP - There is a TechNote but we've had little success with it. What has worked EVERY time was a reinstall. Simply un-install w/Add Remove programs, delete the sametime.ini and related files and run the new install. Choose the LDAP option in the setup wizard and complete the LDAP fields.
NOTE: Do not choose "this" ST server. Choose a different one with a SSL key already configured and ready.
After you setup, you'll notice that it works fine with LDAP un-encrypted on port 389. However, that usually violates corporate security on two fronts - login w/o encryption and even worse LDAP user/password look-ups w/o it.
Bone up on your LDAPSearch syntax. One of best example sets is in the Administrator help 6.x and higher help files. Search for LDAPSearch.
Get LDAP working in DA before even starting. If you can LDAPSearch successfully w/ port 636 (or 389 if that's the port your using), then you have the server ready.
Follow the SSL steps in the ST Admin help file. (Have it available as you go to read on-line or print it out the section.) You are going to install and setup the GSKit. You also need to look at a TechNote document and muddle through this. One corrects a documentation typo and talks about what else is needed to get this working. See the following link:
http://www-1.ibm.com/support/docview.wss?uid=swg21099766
Note:
As of 2014, LDAP Sametime uses SSL instead of TLS 1.2. You have to patch Sametime to continue using LDAPS (636).
previous page
|