Adding user accounts

You can add user accounts at any time for either an existing person or a new person in the organization.

This section describes the adapter attributes that define the accounts on the account form. For specific procedures, see the IBM® Security Identity Manager product documentation.

During the add operation, the Lotus Notes® Adapter performs the following steps:
  1. If you clear the Only SameTime Account check box in the Notes® account form, and type a value for the Sametime® Server attribute, then the adapter creates a user having both Domino® and Sametime accounts.
    To create users having Domino and Sametime accounts, the adapter:
    1. Registers the Domino account on the Lotus® Domino server with the user's ID and mail file.
    2. Stores the value of the Sametime Server attribute specified from the Notes account form in the Sametime server attribute on the user's person document.
    3. Sets the other optional attributes on the user's person document.
    4. Sets the ACL for the Sametime account of the user. To set the ACL for the Sametime account, the adapter:
      • Adds the user to the ACL group on the Domino registration server.
      • Adds the ACL group in the stconf.nsf and stsrc.nsf database files on the Sametime server, if it does not already exists.
    5. Adds the user's entry in the NoteIDsAddressBook.nsf database file along with the user's ID file and the password.
  2. If you select the Only SameTime Account check box in the Notes account form, and type a value for the Sametime Server attribute, then the adapter creates a user having only a Sametime account.
    To create users having only Sametime accounts, the adapter:
    1. Registers the user on the Lotus Domino server with the value of the Mail system attribute on the user's person document as None. The adapter does not create user ID and mail files.
    2. Logs a debug message indicating that the mail system for this user is none.
    3. Creates a new attribute SametimeOnlyAccount in the user's person document and sets the SametimeOnlyAccount attribute to TRUE.
    4. Sets the Sametime server attribute value on the user's person document.
    5. Sets the other optional attributes on the user's person document.
    6. Stores the user password specified from IBM Security Identity Manager in the Internet password attribute in the user's person document and ignores the value of the Internet/HTTP password attribute in the Notes account form.
    7. Sets the ACL for the Sametime account of the user. To set the ACL for the Sametime account, the adapter:
      • Adds the user to the ACL group on the Domino registration server.
      • Adds the ACL group in the stconf.nsf and stsrc.nsf database files on the Sametime server.
      For example, specify the following attribute values in the Notes account form.
      User ID: Thomas Daniel
      First Name: Thomas
      Last Name: Daniel
      Path of Certifier: c:\Lotus\Domino\cert.id
      Certifier Password: ********
      Only SameTime Account: TRUE
      Sametime Server: SameTimeServer1/IBM
      ACL for SameTime Account: Designer
      To set the ACL for the Sametime account of this user, the adapter:
      1. Creates a group with name ITIMST_SameTimeServer1_Designer on the Lotus Domino server.
      2. Adds the user's CN Thomas Daniel to the ITIMST_SameTimeServer1_Designer group.
      3. Adds the ITIMST_SameTimeServer1_Designer as the Designer ACLs in the stconf.nsf and stsrc.nsf database files on the SameTime server SameTimeServer1/IBM.
      Note: If the value of the ACL for SameTime Account attribute in the Notes account form is None, the adapter does not create any group for the users. The stconf.nsf and stsrc.nsf database files do not contain any ACLs for the Sametime accounts of the users.
  3. If you clear the Only SameTime Account check box in the Notes account form, and do not specify a value for the Sametime Server attribute, then the adapter creates a user having Domino only account.