Administration Manual

6. In the N otes client, o pen HP EAs-D SSO.

The EAs-D SSO da tabase opens to the following window.

7. In the Notes File menu, select Database > Access Control.

8. Per form the following steps in the ACL window:

a. Check that the ID has Manager access and the RIM SSO Admin role.

b. SettheDefaultaccessleveltoReader.

c. If all members of the LocalDomainAdmins group are trusted with SSO information, enter that

group into the ACL and give it Manager rights with the RIM SSO Admin role.

As an alternative, identify a group with a smaller list of members who are trusted with SSO

information and enter that group instead.

d. Click OK when all changes to the ACL are complete.

9. Configure the SSO Shared Secret:

a. In the HP EAs-D SSO database window, click Conﬁgure SSO Shared Secret.

A d efault secret is displayed. You can change this secret to any text string between 32 and 56

characters long using the characters A-Z, a-z, 0-9,. (period), and/or +.

The secret is shared by all Domino servers and the IAP. It is the basis for the cryptographic

authentication that allows the IAP to accept Domino credentials for sign-on. This secret should

be known only to a small set of administrators.

UserswiththeRIMSSOAdminroleintheEAs-DSSOdatabaseACLcanviewandchangethe

secret. NotethatifyouchangethesecretinDomino,youmustalsochangeitontheIAP.(See

“Confi guring SSO on the IAP” on page 102.)

b. Cli

ck OK to save the secret.

HP Email Archiving software for IBM Lotus Domino Version 2.0