Supporting multiple Lotus Domino domainsAdded by IBM on November 14, 2011 | Version 1 (Original)
|Typically, the Lotus Notes® Traveler server deploys in the same Domino® domain as production mail servers. However, there are a number of reasons why you may want to separate your Lotus® Traveler server domain and your production mail server domains.
Typically, the Lotus Notes
® Traveler server deploys in the same Domino
® domain as production mail servers. However, there are a number of reasons why you may want to separate your Lotus
® Traveler server domain and your production mail server domains.
- If you want to keep the Lotus Traveler server's directory (names.nsf) separate from production to prevent design changes from a higher level directory from synchronizing to a lower level directory server. In this environment, the directories would not sync unless it was explicitly enabled.
- To minimize the amount of data from the production servers that is accessible from the Lotus Notes Traveler server.
There are several items you must consider to make this possible. This checklist applies to any Lotus Notes
Traveler installation. However, when installing in the same Domino
domain, many of these items typically work without any additional configuration.
Parent topic: Choosing a deployment configuration
- The Lotus Notes Traveler server must be able to physically connect to mail servers in the other domains. Use the Domino server trace command on the Lotus Notes Traveler server to verify that a physical connection can be made between the servers. For example, from within the Domino administrator console, use the command trace test_server/your_domain, where test_server and your_domain are the actual identifiers of the mail server and domain.
- The server ID file used by the Lotus Notes Traveler server must be cross-certified with any other Domino domains that the Lotus Notes Traveler server needs a connection to.
- The remote mail servers must grant server access to the Lotus Notes Traveler server. You can verify this using the Domino Administrator client. On the remote mail server, open the server configuration document, click the Security tab, and verify that this server is not restricted in the Server Access section.
- The Lotus Notes Traveler service queries the Domino directory service whenever mobile users register with or connect to the Lotus Notes Traveler server. The Domino directory must return the home mail server and the mail file path name for each user that registers with the Lotus Notes Traveler server. If the Lotus Notes Traveler server is in the same domain as the mail users, then typically the local names.nsf is already populated with person records for each user and this information is available by default. However, if the users are in other domains, then you must either configure Domino directory assistance to find these other users or otherwise ensure that their person records are available in the local names.nsf.
- If you plan on implementing mobile security policies, use Lotus Notes Traveler default settings to define security policies. See Default device preferences and security settings). Use these settings instead of Lotus Notes Traveler settings that are part of the Domino admin policy setup. Otherwise you must define the Lotus Notes Traveler settings separately in every different Domino domain for them to work correctly. If you are using Lotus Notes Traveler default settings, then these settings and security policies apply to any user that connects to the Lotus Notes Traveler server regardless of the Domino domain that the user belongs to. For more information, see Assigning device preferences and security settings to devices.