Welcome to the #dominoforever Product Ideas Lab! The place where you can submit product ideas and enhancement request. We encourage you to participate by voting on, commenting on, and creating new ideas. All new ideas will be evaluated jointly by the IBM & HCL Product Management & Engineering teams, and the next steps will be communicated. While not all submitted ideas will be executed upon, community feedback will play a key role in influencing which ideas are and when they will be implemented.

For more information and upcoming events around #dominoforever, please visit our Destination Domino page.


active directory syncronization

make active directory synchronization easy and documented

  • Avatar32.5fb70cce7410889e661286fd7f1897de Guest
  • Jul 17 2018
  • Investigating
  • Attach files
  • Avatar40.8f183f721a2c86cd98fddbbe6dc46ec9
    Guest commented
    July 18, 2018 14:35

    Get rid of the Domino Directory (for users) and move the user management to AD/LDAP completely.

  • Avatar40.8f183f721a2c86cd98fddbbe6dc46ec9
    Guest commented
    July 18, 2018 14:42

    Yes Please, syncronize password is important.

    Or a feafure for sync automatically from AD

  • Avatar40.8f183f721a2c86cd98fddbbe6dc46ec9
    Guest commented
    July 19, 2018 10:28

    I don't think getting rid of the domino directory is a great idea - but fixing it so it actually works like a decent LDAP server would make integration and synching way easier between systems

  • Avatar40.8f183f721a2c86cd98fddbbe6dc46ec9
    Guest commented
    July 28, 2018 15:59

    I don't know if this is discouraging, but IBM had proved many times in the past they refuse to provide good experience when client is using competitor's products like AD/Outlook, some important features will be broken. Named a few: ADSync, DAMO, IMSMO, SPNEGO authentication..

    Leave it to 3rd party vendor solutions.

  • Avatar40.8f183f721a2c86cd98fddbbe6dc46ec9
    Guest commented
    July 31, 2018 06:27

    >>> Leave it to 3rd party vendor solutions.

    Sorry, I don't agree.  Only a small minority of customers will purchase 3rd party solutions. The lack of integration with AD makes Notes/Domino vulnerable to being replaced, and customers will get rid of Notes rather than investigate & purchase 3rd party solutions.

    We need easy to implement SSO for Notes client and for web access on Domino (what would you think if you had to put in a password to use Excel every day!!)

  • Avatar40.8f183f721a2c86cd98fddbbe6dc46ec9
    Guest commented
    August 2, 2018 12:01

    SAML should remove the need for password synch.

    As for 3rd party vendor solutions - IBM have their own offering (ESSO) which ironically, in my experience at least, doesn't play nice with the Notes client

  • Avatar40.8f183f721a2c86cd98fddbbe6dc46ec9
    Guest commented
    August 6, 2018 06:36

    Yes syncronize is important!

    all company use AD as primary for user!

    we need a simple feature for sync (not TDI or other complex tool)

  • Avatar40.8f183f721a2c86cd98fddbbe6dc46ec9
    Guest commented
    August 11, 2018 06:16

    Password synchronisation is a nightmare from a security point. Additional to the timing this means AD needs write access to Domino or Domino read access to AD passwords,this is with TDI only possible by replacing Windows DLLs to write the password in a second store, because the hashes within ID are not possible to be decrypted. 

     

    You can today use the AD password for all HTTP password requests through Directory assistance or using SAML and ADFS. ID passwords can be replaced with SAML. So authentication is done by AD and Domino has no need to know the password. It just need to trust the backend service. 

     

    Using open and standardized protocols like saml is way better than writing passwords from one service to another! I support an idea to implement more IDPs and getting offline support for ID SAML. 

  • Avatar40.8f183f721a2c86cd98fddbbe6dc46ec9
    Guest commented
    August 13, 2018 08:04

    +1 for the above comment in general but to also point out SAML is NOT yet available for ICAA client.  This should be top of the priorityy list.

  • Avatar40.8f183f721a2c86cd98fddbbe6dc46ec9
    Guest commented
    September 2, 2018 12:15

    Seamless AD integration is very important. I have a lot of customers that is moving to Sharepoint/Office 365 but still uses Notes as a web platform. When a user is created in the AD - the same user must have automatic and instant access to Notes Web applications without logging in (SSO) 

  • Avatar40.8f183f721a2c86cd98fddbbe6dc46ec9
    Guest commented
    September 25, 2018 06:28

    When a user is created in the AD - the same user must have automatic and instant access to Notes Web applications without logging in (SSO) 

    That's already possible with SAML / SPNEGO / Directory Assistance

  • Avatar40.8f183f721a2c86cd98fddbbe6dc46ec9
    Guest commented
    October 15, 2018 00:10

    Definitely a good idea. Currently manage this though in house bespoke solution. Painful to keep in sync with environmental changes. Has management rethinking association with Domino/IBM.