After enabling my WorkPlace server with
the Domino LDAP service yesterday I discovered that my TeamSpaces and Document
library was no longer working and giving me an exception error. This
was a problem that I had run into with WorkPlace WSE 2.5 when it was released
last year and I tracked it down to a problem with the security roles that
were mapped to the LWP_CAI application. Due to one of the settings I had
made during the ‘Enable LDAP’ process the security mapping could not find
my portal admin group.
Again this is down to where Domino puts
it’s groups in the hierarchical tree. Domino groups are not hierarchical
( although you can manually put /org in your group names ) therefore they
appear at the same level of the /O=yourOrg.
During the LDAP Enable process one of
the settings is the LDAPSuffix. This setting tells the poral server where
to start all LDAP searches. According to the helper file you should set
this to o=yourOrg but for a Domino LDAP server you should leave this blank
so that when the portal server is looking up your portal admin group it
will search the entire Domino LDAP source instead of only searching in
your users root org.
Right, now I should be able to get the
SSO running.
Dec's Dom Blog 