IBM® Security Verify Directory Integrator process privileges and Domino on Linux
Use the instructions provided here to get the access to Domino server and execute tasks as root user.
The privileges of the IBM® Security Verify Directory Integrator server process are determined by the user that starts the server.
For security reasons, the Domino Server forbids execution of commands using root privileges. To run the Domino server, you must run with the user configured during the installation process, normally the Lotus Notes user. The IBM® Security Verify Directory Integrator server is required to run with the user configured during installation only when the Domino libraries enforcing this restriction are loaded. The IBM® Security Verify Directory Integrator server is able to run with root privileges only if no Domino or Lotus Notes connectors are used in an AssemblyLine.
It is possible, however, that you require both of the following privileges:
- To access a Domino server
- To execute certain tasks as root user
If you need to access a Domino server while executing certain tasks as a root user, you must:
- The Lotus Notes user designs a single process that is responsible only for communicating with the Domino server. To achieve this single process, start the following server instances:
- Give one server instance root privileges
[TDIserverRoot]
- Start another server instance by the Lotus Notes user
[TDIserverNotes]
- Give one server instance root privileges
- The
[TDIserverNotes]
requires a configuration with an AssemblyLine accessed by the[TDIserverRoot]
. This AssemblyLine behaves as a proxy and handles the communication with the Domino server. The[TDIserverRoot]
can use either the AssemblyLineConnector or the AssemblyLineFC to access the remote proxy AssemblyLine on the[TDIserverNotes]
.
The [TDIserverRoot]
could use either the AssemblyLineConnector or the AssemblyLineFC to access the remote proxy assembly line on the [TDIserverNotes]
.