| Authentication goal | How to accomplish with Extended Directory Catalog(s) | How to accomplish with condensed Directory Catalog(s) |
| S1, S2, S3, S4 trust all names in A, B, C, D for authentication. | Aggregate A, B, C, and D into one EDC. Create one DA database used by all servers. Create one DA document for the EDC with the */*/*/*/*/* naming rule enabled and trusted for credentials. | Aggregate A, B, C, and D into one CDC used by all servers. In the Server documents for each server, enable the option "Trust the server based condensed directory catalog for authentication with internet protocols." |
| S1, S2, S3, S4 trust no names in A, B, C, D for authentication. | Same as above except do no enable a rule that is trusted for credentials in the DA document for the EDC. | Same as above except do not enable "Trust the server based condensed directory catalog for authentication with internet protocols" in the Server documents. |
| S1, S2, S3, S4 trust all names in A and B for authentication, but no names in C and D. | Aggregate A and B into EDC1, and aggregate C and D into EDC2. Create one DA database used by all servers. Create a DA document for EDC1 with the */*/*/*/*/* naming rule enabled and trusted for credentials. Create a DA document for EDC2 with the */*/*/*/*/* naming rule enabled but not trusted for credentials. | Aggregate A, B, C, and D into one CDC used by all servers. Do not enable the option "Trust the server based condensed directory catalog for authentication with internet protocols" in the Server documents.
Create one DA database used by all the servers. Create separate DA documents for A, B, C, and D. In the DA documents for A and B, enable the rule */*/*/*/*/* and trust the rule for credentials. In the DA documents for C and D, do not trust any rule for credentials. |
| S1, S2, S3, S4 trust only names ending in west/acme or east/acme, regardless of which Domino Directory contains the name. | Aggregate A, B, C, and D into one EDC. Create one DA database used by all servers and create one DA document for the EDC. In the DA document, create the rule */*/*/west/acme/* and the rule */*/*/east/acme/* and enable trusted for credentials for both rules. Do not trust any other naming rule for credentials. | Aggregate A, B, C, and D into one CDC used by all servers. Do not enable the option "Trust the server based condensed directory catalog for authentication with internet protocols" in the Server documents.
Create one DA database used by all the servers. Create separate DA documents for A, B, C, and D. In each DA document, create the rule */*/*/west/acme/* and the rule */*/*/east/acme/* and enable trusted for credentials for both rules. Do not trust any other naming rule in any of the DA documents for credentials. |
| S1 & S2 trust and use only names in A and B.
S3 & S4 trust and use only names in C and D. | Aggregate A and B into EDC1. Create a DA database, DA1, and in it create a DA document for EDC1 with the */*/*/*/*/* naming rule enabled and trusted for credentials. Set up S1 and S2 to use DA1.
Aggregate C and D into EDC2. Create another DA database, DA2, and in it create a DA document for EDC2 with the */*/*/*/*/* naming rule enabled and trusted for credentials. Set up S3 and S4 to use DA2. | Aggregate A and B into CDC1 and set up S1 and S2 to use CDC1. Enable the option "Trust the server based condensed directory catalog for authentication with internet protocols" in the S1 and S2 Server documents.
Aggregate C and D into CDC2 and set up S3 and S4 to use CDC2. Enable the option "Trust the server based condensed directory catalog for authentication with internet protocols" in the S3 and S4 Server documents. |