In the Basics section of the Connection document, select the type of connection and complete the remaining fields in the Basics section. These

fields will vary on the type of connection you choose. In our case, for

The Basics section of the screen (as the name suggests) is trivial. Just make sure that the Source server name is fully qualified with the Source domain name.

4. Complete the Scheduled Connection section:

• In the Schedule field, make sure ENABLED is selected.

Should you wish to disable the Connection document, select DISABLED from the pull-down of the Schedule field in the Scheduled Connection section of the screen.

• In the Call at Times field, enter a range of times (for example 12:00 AM - 2:00 AM) and or specify times (for example 12:00 AM, 3:00 AM) when you want the source server to connect to the destination server. Separate multiple specific times with a comma. The default is 8:00 AM to 22:00 PM.

• (Optional) If you enter a range of times to connect, then in the Repeat Interval of field, optionally enter how soon after a successful connection the source server attempts to connect again. The default is 360 minutes.

• In the Days of week field, enter the days of the week that you want the source server to connect to the destination server. The default is every day of the week.

5. In the Routing and Replication section:

• In the Tasks field, make sure Mail Routing is selected.

• In the Route at once if field, enter a value to determine the number of pending messages that force mail routing to occur. The default is 5.

• In the Routing cost field, leave the default value of 1.

Lotus Domino uses routing costs to select the most efficient, least expensive way to route mail messages from one server to another. The Mail Router computes and stores information about these costs in its internal routing tables. If there is more than one possible route for mail to travel between the source server and the destination server, the Mail Router uses information in the tables to calculate a least-cost route to the destination.

Save the Connection document (press the Esc key on the keyboard and click on Yes in the Confirmation window to save the changes). On returning to the Workspace, make sure the Public Name and Address Book icon is selected, and select View -> Server -> Connections to see the Connection document in the Name and Address Book. Figure 105 shows the Connection document for noteserv/ibm to itsosmp/itso in the Public Name and Address Book.

Figure 105. Lotus Notes - Connection Document in Name & Address Book

The second server (the domain hub) in domain itso will also need a Connection document to the first server (the main hub) in domain ibm. Without it, users on that domain would not be able to send mail or reply to users on other domains through the main hub. The Connection document for the second server is shown in Figure 106.

Figure 106. Mail Routing Connection Document for Second Server

Now that the Connection documents are in place, we need to authorize the two servers to communicate with each other. This is done by using cross certificates.

5.2.3 How Cross Certification Works

Cross Certification at the Organization Level (Scenario 1)

The Braegen organization certifier (/braegen) cross certifies the IBM organization certifier (/ibm). The cross certificate issued by Braegen is stored in Braegen’s Public Address Book. The IBM organization certifier (/ibm) cross certifies the Braegen organization certifier (/braegen) and the cross certificate issued by IBM is stored in IBM’s Public Address Book. This allows all users and servers from Braegen to authenticate with IBM and vice versa.

Cross Certification at the Organizational Unit Level (Scenario 2)

The Braegen Group maintains a customer support server SUPPORT exclusively for use by external customers, one of which is Visual Concepts. The Braegen organizational unit certifier (/support/braegen/ca) cross certifies the Visual Concepts organizational unit certifier (/audio/visual/us), and the cross certificate issued by /support/braegen/ca is stored in Braegen’s Public Address Book. The Visual Concepts organizational unit certifier (/audio/visual/us) cross certifies the Braegen organizational unit certifier (/support/braegen/ca), and the cross

certificate issued by /audio/visual/ca is stored in Visual Concept’s Public Address Book.

This cross certification enables Michael White/audio/visual/US and Erin Smyth/audio/visual/us to authenticate with the server

SUPPORT/support/braegen/ca. However, it does not allow all users to authenticate with the Braegen server PRODUCTION/DEV/braegen/ca.

5.2.4 Cross Certification and Authentication

Having set up the Connection document, the next step is to cross-certify the Certifier ID on the servers in the two Lotus Domino domains. For this, we will be following example 1: Cross Certification at the Organization Level. Without this cross certification in place, the Lotus Domino Servers will not route any mail.

The steps for cross-certifying certificates are as follows:

1. Server A creates a Safe Copy of its Certifier ID and makes this file available to Server B.

2. Server B cross-certifies the Certifier ID for Server A.

3. Server B creates a Safe Copy of its Certifier ID and makes this file available to Server A.

4. Server A cross-certifies the Certifier ID for Server B.

The next two sections, 5.2.4.1, “Creating a Safe Copy of the Certifier ID” on page 127 and 5.2.4.2, “Cross Certifying the Certifier ID” on page 129 describe this process by using two servers, noteserv/ibm and itsosmp/itso, as examples.

5.2.4.1 Creating a Safe Copy of the Certifier ID

This section outlines how to create a Safe Copy of the Certifier ID file, with the assumption that there is no intermediary gateway in place for distributing the ID file by mail:

1. Select File -> Tools -> Server Administration... to display the Lotus Notes - Administration dialog box, as shown in Figure 86 on page 97.

2. Select the server that you want to administer and click Administration -> ID File... to display the Choose ID File to Examine dialog box, as shown in Figure 107.