Short Description: Forces Domino to match Web user names to only one Person document in the Domino Directory.
NoAmbiguousWebNames=1 forces Domino to match Web user names to only one Person document in the Domino Directory. Setting this flag results in an authentication failure (that is, "Error 401 Authentication Exception") any time more than one Person document matches a Web user name. Users will have to log in with a unique user name to authenticate.
For example, if a user enters "jdoe" in the Name and Password dialog box, Domino searches the $User view of the Directory for any matches. As an example, assume that it finds two matches (John Doe/Lotus and John Doe/Acme). In this case, the user would receive an "Error 401 Authentication Exception" because the name entered (jdoe) is ambiguous. At this point the user would need to enter their full hierarchical name (John Doe/Acme) in the Name and Password dialog box so that they could be authenticated correctly.
Please note that if your site is using NoAmbiguousWebNames=1 and has users with the same name (either in the same Domino Directory or in different directories, if Directory Assistance is being used), this could cause problems with authentication. For example, if you have two "John Smiths" in two different directories, and if either one enters "John Smith" in the Name and Password dialog box, neither will be authenticated because this name is ambiguous. The administrator would need to edit the Person document and change the user name fields so that each has a different middle initial (for example, John M. Smith and John S. Smith). Alternately, the administrator could change the short name field so that each is unique (for example, jmsmith and jssmith). The users can then use this "unique" name when prompted to authenticate via the Name and Password dialog box.
SPR# DCUM3RSJ84 - Provide two new NOTES.INI variables to enable server administrators to have more control over how Web users authenticate: NoAmbiguousWebNames -- When this variable is set, the Web user name will have to match one and only one name in the Address Book before a match on the HTTP password in the Person record is attempted.
NoAmbiguousWebNames=0 / 1
Ask Professor INI - Security variables