Step 1: Open the domain Configuration Settings document in the directory
To open the domain Configuration Settings document for the primary Domino Directory:

1. From the Domino Administrator, open a server within the domain that runs the LDAP service.

2. Click the Configuration tab.

3. In the left pane, expand Directory, then LDAP, and then select Settings.

4. Do one of the following:

If you see the prompt "Unable to locate a Server Configuration document for this domain. Would you like to create one now?" click Yes, then click the LDAP tab on the document.

If you do not see the prompt, click "Edit LDAP Settings."

1. From the Domino Administrator, open the directory.

2. Select the Servers - Configurations view.

3. If you do not see a domain Configuration Settings document in the view, a document named * - [All Servers], skip to step 4. If you do see this document, do the following:

1. Open the document
2. Click the LDAP tab.
3. Click Edit Server Configuration.

1. Click Add Configuration.
2. On the Basics tab select Yes next to "Use these settings as the default settings for all servers."
3. Click the LDAP tab.

1. Next to "Choose fields that anonymous users can query via LDAP" select "Select Attribute Types" to open the LDAP Attribute Type Selection dialog box.

The "Queriable Attribute Types" box at the right of the dialog box shows the attributes anonymous LDAP users can access.

1. In the Object Classes box, select an object class that contains the attribute.
2. Click "Display Attributes" to display in the "Selectable Attribute Types" box all the attributes defined for the selected object class(es).
3. Select the attribute in the "Selectable Attribute Types" box that you want to allow anonymous LDAP users to access, and click Add to add the attribute to the "Queriable Attribute Types" box. You can select more than one attribute.

Or, to add all the attributes listed in the "Selectable Attribute Types" box, click Add All.

When you allow anonymous access to an attribute, the access applies to all object classes for which that attribute is defined.

3. To remove an attribute from the "Queriable Attribute Types" box to prevent anonymous LDAP users from accessing the attribute, select the attribute and click Remove. Or, to remove all attributes, click Remove All.

Tip To revert the "Queriable Attribute Types" box to the attributes the LDAP service allows for anonymous LDAP access by default, click "Use Default Values."

5. Click Save & Close to save the changes in the Configuration Settings document.

6. Do the following for each server in the domain that runs the LDAP service:

1. If you made the changes to a Domino Directory replica on a different server, replicate the changes to the server.
2. Enter the following command on the server to put the changes into effect:
Restart Server

Configuring anonymous LDAP search access to a directory
Anonymous LDAP search access and upgrades from previous releases
Customizing the LDAP service configuration
The LDAP Service

Glossary