Lotus Notes Domino administrators tend to face one major problem during Domino implementation -- locating a single authoritative source for access or identity management. However, with the release of the Tivoli Directory Integrator (TDI), which is bundled into Notes Domino 8, this should no longer be a problem.
Tivoli Directory Integrator is a directory integration engine for Notes Domino that lets administrators apply rules for data synchronization in any direction. TDI provides different "assembly lines," or integration components, that use the TDI API to connect various stores and enable rules.
For example, suppose that an organization uses Microsoft Active Directory for file and print services, an LDAP store for Web authentication, an SAP for human resources (HR) and Lotus Domino. In such a situation, TDI allows granular control of user properties across all systems; TDI serves as the arbiter and synchronizing "master."
In Lotus Notes Domino, every email message and/or calendar invitation that's sent requires a directory lookup to find the recipient prior to delivery. In most organizations, the email directory and the authoritative directory are different. Lotus Domino 8 includes licensing that enables TDI to synchronize these directories easier and more cost efficiently than the previous method.
Previous iterations of Domino included the ADSync tool. This tool performs a similar function as TDI; however, it isn't as flexible or scalable. ADSync only synchronizes Active Directory and Domino; TDI can synchronize data on nearly any system.
TDI provides a single user interface (UI) for ID generation and management. If a Notes user is created on one side, IDs and ancillary entries are created on the other. This might happen with two systems, for example, or with several systems and entries flowing to user-specific attributes on all other systems, as defined by TDI.
With the addition of TDI, Notes Domino 8 allows you to import several different directories while simultaneously providing services. Although administering directory integration is less difficult, it still must be taken seriously.
Disparate directories in organizations today are more prevalent. Logistically, directory integration functionality has become more complicated; however, using TDI alleviates the technical aspects.
Do you have comments on this tip? Let us know.
Please let others know how useful it is via the rating scale below. Do you have a useful Lotus Notes, Domino, Workplace or WebSphere tip or code snippet to share? Submit it to our monthly tip contest and you could win a prize.
|ABOUT THE AUTHOR:|
| Deepali Shah
Deepali Shah is an Lotus Notes/Domino consultant with over eight years of experience in system administration and Notes/Domino infrastructure setup. She is CCNA certified and teaches systems administration and security-related topics at Symbiosis University.