Domino Consulting - HCL Domino Administrator 11.0.1 Help

SECURING

Creating and replicating the IdP Catalog

Create the IdP Catalog (idpcat.nsf) and replicate it to any servers participating in SAML federated authentication. If you will enable Web federated login or Notes federated login, also replicate it to the ID vault server.

About this task

Note the requirements for the IdP Catalog:

You must use the file name idpcat.nsf and put the catalog in the data directory.
Do not enable document locking on the catalog.

Procedure

1. From the Domino® Administrator client, create the IdP Catalog application (idpcat.nsf), using the template with the file nameidpcat.ntf.

CAUTION:

If your server is running on UNIX™ or IBM® i, make sure the file name is all lower-case.

2. Use a restrictive access control list (ACL). Assign access only to the Domino ID vault server and to Domino SAML administrator(s) who are trusted to manage security.

3. Replicate the IdP Catalog to the other servers that participate in SAML authentication. These servers are automatically given access to the IdP Catalog, regardless whether they have access through the ACL.

Parent topic: Preparing for SAML authentication
Previous topic: Importing and cross-certifying the IdP Internet certificate
Next topic: Exporting a metadata .xml file from your IdP

Help on Help

All Help Contents

Help on Help

All Help Contents