This document describes the test configuration deployed by the Domino System Verification Test (SVT) team that focused on end-to-end interoperability testing for the 8.5.3 Notes/Domino release on IBM® Lotus® Domino® on V6R1MO
operating system (iSeries™ or System i™ hardware). This configuration also included a Sametime 8.0.2 server. The goal for this setup was testing integration and interoperability. Our goal is to provide you with hints and tips for your own deployment.
This configuration included multiple Domino 8.5.3 Servers and an IBM Lotus Sametime 8.0.2 sever. One of the Domino 8.5.3 servers was the Lightweight Directory Access Protocol (LDAP) authentication server for Sametime.
This configuration was a basic setup. The main purpose was to verify end-to-end interoperability with Notes/Domino and Sametime. The Domino servers were on hosted on the V6R1MO
operating system and the Sametime servers were hosted on Windows 2003 Server operating system. All server operating systems involved in this configuration were Series i V5R4.
The authentication of Sametime was done with a connection to a Domino 8.53 sever running Domino hosted LDAP.
The following table lists the specifications for the computers used in the infrastructure:
Domino 8.5.3 LDAP for authentication
In the following sections we will discuss more details of the configurations and some things we learned while testing.
The Sametime server was configured to use Domino 8.5.3 LDAP. The Sametime community server had no local populated directory of their own, except for the definition of their administrative user, During installation, the 'Enable HTTP tunnelling' option was chosen.
Within the stconfig.nsf database, all of the IP addresses of other Sametime Community server, Portal Servers, and Domino servers we added to the 'Community Connectivity' document, in the 'Community Trusted IPs' field.
Within the Sametime administration utility,
Under 'Policies' - 'Sametime Default Policy' - 'Must set this community as the default community' was unchecked.
The 'LDAP' Basics, Authentication, Searching, and Group Contents pages were all reviewed and modified as necessary to match our Domino LDAP configuration
The Domino servers were clustered, using the standard Domino Administrator user interface. Mail file replicas were created across the cluster.
Domino Web Access (Lotus iNotes) / Sametime Configuration
The mail85.ntf template supports Domino Web Access as well as traditional Notes client mail access. Sametime awareness and chat within Lotus iNotes using various resources.
To accomplish Sametime integration into Lotus iNotes, several items from the Domino 8.5.3 Admin Help topic "Setting up Domino Web Access (iNotes) with Sametime" were followed.
The Domino Server is set up and users with the mail85.ntf template are created.
The Sametime Cluster is set up.
The Sametime and Domino each have created connection documents to the other.
The Domino Server's configuration document is updated to include the Sametime cluster information as documented in the Domino Admin Help topic: "Editing the Configuration Settings document for Domino Web Access"
Configure the Java servlet support
For setting up Sametime within iNotes refer to this help:
The Single Sign-on (SSO) / LTPA domain was started at the WebSphere Portal Deployment manager. From WebSphere, the LTPA keys were created and exported to be used within the rest of the environment.
To create and export your LTPA keys on a WebSphere Server:
WebSphere Administrator: Security - Global Security - Authentication Mechanisms/LTPA - Single Signon (SSO). Set the domain name field to the greatest common domain name that all the servers in the environment share. i.e. if WebSphere Portal is on wp2345.massachusetts.ibm.com, Sametime is on st2345.kentucky.ibm.com, Domino is on dom1234.massachusetts.ibm.com and the http servers are on http567.ibm.com, set the Domain name to ibm.com and Click Apply.
Go to Security - Global Security - Authentication Mechanisms/LTPA. Set a password, Generate keys, Export keys (defining a Key file name).
For the Sametime and Domino environments, go into the Domino Administrator, Servers View - All Server documents. From there, click the Web button and select Create Web SSO Configuration.
In the Web SSO Configuration document, set:
DNS domain to the Domain name value previously set on WebSphere
Map names in LTPA tokens to Enabled
Expiration time to the same expiration value had in WebSphere
For the field labeled Participating servers, add all the servers in the Domino environment within which you are working
Click the Keys button, and select Import WebSphere LTPA keys. Follow the prompts to import the WebSphere keys. Once the WebSphere LTPA keys are imported, verify and adjust the realm within this Web Configuration document is set to the DNS name of the TDS LDAP and LDAP port number separated by a \:, i.e.: yourldap.server.com\:389.
In each Domino server's server document, Internet Protocols page, Domino Web Engine page, set Session authentication to: Multiple Servers (SSO)
Repeat this procedure for each Domino environment, including the Domino servers hosting Sametime.
The Domino servers must be restarted for this to properly take effect.
This configuration hosted testing of various items such as:
NOTE: Every customer 's configuration is different. Our results were obtained in a controlled test environment. Customer environments are usually less optimal and may not get the same results. Understanding your environment (usage scenario, network, etc...) is crucial before recommending scaling numbers, hardware and solutions.
- End to end Single Sign on
- Domino Web Access (Lotus iNotes) and its integration with Sametime.
- Calendar and Scheduling with Lotus Notes 8.5.3 clients and Lotus iCalendering
- Mail with Lotus Notes 8.5.3 and Mozilla Thunderbird
- Mail archiving
- Roaming which included standalone, failover and ID Vault.
- Symphony Productivity Tools
Installation Notes, Hints and tips