How to Configure Search to Honor Lotus Notes Security Settings (288816)

MORE INFORMATION

Notes uses a different security model than Microsoft Windows NT 4.0 or Microsoft Windows 2000. To configure SharePoint Portal Server to honor the security settings on Notes databases that have been indexed, you must configure a view in Notes to map Notes identification numbers (IDs) to Windows domain accounts.

If you do not configure security mapping, SharePoint Portal Server is only able to honor the default security settings on Notes databases. Therefore, if you set the default Notes access control list (ACL) to default = no access, indexing of the database is not successful unless you configure a secure crawl.

To configure Search to honor Notes security settings:

1. Design a new view in the server Name and Address Book.
   
   If you do not want to modify the Name and Address Book, you can use any database that contains user information. If you do so, you must maintain synchronization with the Name and Address Book. Do not modify the default view in the Name and Address Book; you must design a new view.
   
   NOTE: If the entries in the database ACL are the unspecified user type, security mapping fails.
2. In the View design window, delete any existing columns, and then insert a new column named "NotesID" (or a similarly descriptive name).
   
   This column must map to the Owner field in the Name and Address Book.
3. Insert a new column named "WindowsID" (or a similarly descriptive name).
   
   This column must map to a field in the Person document that contains the user's Windows domain account. This field can be any field. If the field does not exist, you can configure the domain account in any field, for example, the Comment field. The format must be domain\username.
   
   IMPORTANT: Make sure that there are no duplicate entries. For example, you must not have one domain account mapping to two separate Notes IDs. If there are duplicate entries in either column, Search is unable to resolve user names, and users are denied access to search results.
4. Record the name of the Notes server and database (for example, Names.nsf) that contain the view, the name of the view that you created, and the names of the two new columns.
5. Open SharePoint Portal Server Administration from the Administrative Tools menu.
6. Right-click your server name, click Properties, click the Other tab, and then click Run Wizard.
7. When you are prompted to verify the Notes data directory and location of the Notes.ini file on the server, make sure that the Ignore Lotus Notes security while building an index check box has not been selected, and then click Next.
8. Type the information that you recorded in step four.
9. Perform a full update of any existing Notes content sources.

When users click the search results, the Notes Domino server displays an authentication prompt. Users must type their Domino Internet user name and password to gain access to the document.