In order to run the Query Directory Information scenario or check the Directory Applet availability for your Sametime Community, the target server must allow for directory browsing. GSX Monitor will alert if browsing is not enabled on the Sametime server.
Below we will look at where this is configured and how to allow Lightweight Directory Access Protocol (LDAP) browsing.
Symptoms
- Can't query Lotus Instant Messaging directory. Directory service is down.
- Can't query directory using ID.
- Sametime Community is down.
- This community does not offer directory browsing.
How it Works
During initialization, the Sametime server downloads the entire directory contents from a Domino or an LDAP directory. This information is cached on the server for the Directory Applet and the Directory Browsing functionality built into the Sametime clients. This is what GSX Monitor is querying when scanning the Sametime Community Directory.
Sometimes the Sametime Directory browsing feature is disabled. For example, the default settings for Sametime has disabled the directory browse feature when configured to authenticate against an LDAP directory. It can also be disabled on purpose by the Sametime administrators because it is technically not feasible to download the entire directory and perform periodic directory refreshes; this is particularly true when using large LDAP directories with more than 50,000 users. Finally, in certain environments, it could be considered a security risk to allow users to browse the LDAP server.
This feature can be disabled without affecting other Sametime services, simply with this option disabled, users cannot view the contents of the directory using instant messaging clients.
How to Solve the Issue
The Sametime server must have directory browsing enabled for the Scenario to run and the Applet to scan successfully.
If it is not possible to allow LDAP browsing then both the Directory Applet scanning and the scenario Query Directory Information cannot be selected for scanning.
To enable directory browsing for all authenticated users we need to modify the sametime.ini file.
The Sametime.ini file is located in the Sametime server installation directory. On Microsoft Windows servers, the default location for this file is: C:\Lotus\Domino\.
- Navigate to the sametime.ini file.
- Locate the [Debug] section in the sametime.ini.
- Add the following lines:
- ST_LDAP_BROWSE_ENABLED=1
- If the line already exists as ST_LDAP_BROWSE_ENABLED=0 then change this value to 1.
- This must be the first entry in the [Debug] section.
- VPDIR_IGNORE_BROWSE=0
- If the line already exists as VPDIR_IGNORE_BROWSE=1 then change this value to 0.
- This parameter has no effect when Sametime is configured to use LDAP.
- Save your changes.
- Restart the Sametime server for the changes to take effect.
This modification allows Sametime users to browse the LDAP directory.
Related IBM Articles:
- Sametime Community Directory searching and browsing options.
- Directory Browsing on a Sametime server for LDAP and Domino directories.