DIRECTORY SERVICES

Directory assistance in conjunction with a condensed Directory Catalog
Condensed Directory Catalogs are optimized for small size and client use. Although a server can use a condensed Directory Catalog, under most circumstances it's best for a server instead to use an Extended Directory Catalog.

If you do set up servers to use a condensed Directory Catalog, you may also want to set up directory assistance for the individual Domino Directories aggregated into the directory catalog, so that:


Note Do not create a Directory Assistance document for a condensed Directory Catalog itself, only for the directories aggregated into the directory catalog.

Using directory assistance to look up information not aggregated into a condensed Directory Catalog

While you always aggregate fields containing mail addressing information into a condensed Directory Catalog to support the common task of looking up users' mail addresses, typically you would not aggregate fields containing information such as the following, because this would make the directory catalog too large:


Instead, set up directory assistance for an IBM® Lotus® Domino™ Directory aggregated into the directory catalog, so servers can use directory assistance to look up the missing information directly in the Domino Directory. Each entry in a condensed Directory Catalog includes the replica ID of the Domino Directory from which the entry was derived and the UNID for the entry, a unique ID associated with a replicated document. In the cases where the condensed Directory Catalog doesn't aggregate a field being searched for, a server uses this directory catalog information and information available through directory assistance to access quickly the complete entry in the Domino Directory. Searching a Domino Directory by keying off entries in a condensed Directory Catalog is faster than using directory assistance alone to locate and search the Domino Directory.

If you set up directory assistance for a Domino Directory but do not aggregate the directory into a condensed Directory Catalog, a server can use directory assistance to search the Domino Directory after searching the directory catalog.

Note If a Domino Directory is aggregated into a condensed Directory Catalog, but particular entry from the directory is not aggregated, for example a selection formula excludes the entry, servers cannot use directory assistance to look up the missing entry directly in the Domino Directory.

Using directory assistance trust for client authentication one or some directories aggregated into a condensed Directory Catalog

To indicate that a server should trust for client authentication all directories aggregated into a condensed Directory Catalog, select the option "Trust the server based condensed directory catalog for authentication with internet protocols" on the Basics tab of the server's Server document in the IBM® Lotus® Domino™ Directory. In this case, directory assistance is not required to indicate trust.

However to tell a server to trust for client authentication only one or some directories aggregated in a condensed Directory Catalog, create a Directory Assistance document in a directory assistance database for each of the aggregated Domino Directories to be trusted. In the Directory Assistance document for each such directory, do the following:


Note You are not required to store user passwords, and you shouldn't store X.509 certificates, in a condensed Directory Catalog. Instead you can set up directory assistance for the secondary Domino Directories that are aggregated to enable servers to find the passwords/X.509 certificates.