External Collaboration allows internal and external users
to work together in your IBM® Connections
deployment.
About this task
The External Collaboration feature is enabled by default,
defined in the LotusConnections-config.xml file
with the visitorModelEnabled property set to true.
To complete the configuration, you must register external users manually
and then add them to the Profiles database. External users must have
a special LDAP attribute and Profiles role to identify them as external.
For an overview of external collaboration, see the Managing
external user access topic.To configure external collaboration,
complete the following steps:
Procedure
- Determine where external users are registered in your directory.
If necessary, add a new branch to your existing LDAP directory. For
more information, see the Using an LDAP branch
to store external users topic.
- Add external users to your LDAP directory. The registration
process differs for each organization and cannot be described here.
For more information, see your organization's registration guidelines.
- Synchronize your LDAP with the Profiles database. For more
information, see the Registering external users with Profiles topic.
- (Optional) Allow internal users to collaborate with external
users by changing their Profiles roles. For more information, see
the Setting user roles topic.
Internal users cannot, by default, create communities that can have external users as members.
All external users must be populated to Connections Profiles via Tivoli Directory Integrator first.
After an external user is created, then internal users can invite the external user to collaborate
on Communities, Files and Activities, as long as those communities/files/activities are external.
- If your deployment does not use an authentication mechanism
such as IBM Tivoli® Access Manager or SiteMinder, disable
anonymous access to IBM Connections.
For more information, see the Forcing users to log in before
they can access an application topic.
- If you have enabled single sign-on for Tivoli Access Manager
with SPNEGO, the authentication on the Tivoli Access Manager server
must be set to forms-based authentication when SPNEGO is not present
and the external visitor users in the database must match the Tivoli
Access Manager imported users. For more information, see the Enabling
single sign-on for Tivoli Access Manager with SPNEGO topic.