Using administrative accounts to manage client plug-ins
Using administrative accounts (sometimes called "managed" accounts) in a Domino® policy lets you provide Notes® users with pre-defined settings for Eclipse-based client features and plug-ins such as IBM® Connections or IBM® Sametime®. Administrative accounts simplify the use of sidebar applications such as Connections and Sametime®, and can meet authentication needs for embedded browser-based components such as Feeds, Widgets and Live Text. You can assign values such as a Connections server name and address, simplifying the user's experience and reducing help desk calls.
About this task
You create and manage administrative account documents in the Domino® Directory (names.nsf). Then you can use a Domino® policy to assign accounts to client users' Contacts application. Administrative account settings are preset for, and by default are not editable by, client users, but if necessary, you can enable some settings as editable. For some applications, Sametime® and custom or third-party features and plug-ins, you can attach a custom desktop icon.
Creating administrative accounts using the Domino® Directory
About this task
Use the Accounts view in the Domino® server's Domino® Directory to create, edit, delete, or view an administrative account.
Procedure
- From the Domino® Administrator client, open the Domino® Directory on the server.
- Select .
- Click Add Account. On the Basics tab, complete the following fields:
- Account name – Specify a unique name.
This account name is visible to Notes® users ( ) but is not editable. A column in the user's Accounts preferences page displays a lock icon for administrative accounts.
- Account type – Select or create an account
type value.
Options include Sametime®, Connections, and Other. You can also specify a new key word such as MyCustomAppAcct1. If you select Connections or Sametime®, additional options appear.
- Account server name – Specify the server name, for example a Domino® server name or a Web server address such as http://your_server_address\/activities.
- Account protocol – Specify HTTP or Other.
Other can be any protocol that the plug-in uses; for example, VP protocol.
Predefined authentication types for HTTP protocol include the following; you can also add custom authentication types:- Basic authentication
- Form based authentication
- PORTAL
- Tivoli® Access Manager (TAM)
- SiteMinder
- TAM with SPNEGO Authentication (Simple and Protected GSSAPI Negotiation Mechanism)
- Domino® LTPA (lightweight 3rd party authentication)
- SM-FORM
- USERNAME_TOKEN
- PORTAL-FORM
- OS-CRED
- TAM-SPNEGO
- TAM-FORM
- J2EE-FORM
- HTTP
- Is primary account – Specify whether the
account is the user's primary account.
If the account is a Sametime® or Connections account type, there are multiple Account Type-specific settings available on the form .
Note: For a Connections account, always select this option. You can configure only one primary Connections account for a single client user.
- You can use the Edit list option to add Name Value pairs.
- You can use the Advanced tab to specify certain settings as editable by the user.
- Account name – Specify a unique name.
- Click Save & Close.
Assigning administrative accounts using a Domino® policy
About this task
- Overwrite preexisting account document, if found in
Contacts applicationUse this option to overwrite the same name account in the user's Contacts application (local names.nsf). Or, disable to keep the existing account but rename the managed account to a unique name -- and continue to assign the administrative account settings to the user.Restriction: This option should not be used with the client's Switch ID feature. When multiple users of the same client are assigned to the same policy, one user could overwrite another user's account settings.
- Update linksUse this option to assign all or selected administrative account settings to target users.Note: No changes are assigned if the only update to the desktop setting document is to select this option. The administrator must update one of the listed accounts or click the Update Links button in order for the updated desktop setting to take effect.
- Trusted Sites
You can add any trusted sites you want to use for administrative accounts.
For Tivoli® Access Manager (TAM) or SiteMinder accounts, a trusted site specification is required. By default, the login form on the authentication server for an TAM or SiteMinder administrative account must be accessed using SSL and the server must be contained in a list of trusted sites. Click New to add or Edit to modify a specified trusted site for any such account specified.