SECURITY

Enabling programs that store IDs in databases to use a vault
You can enable IBM® Lotus® Notes® API programs that can store Lotus Notes IDs in databases to use an ID vault. Doing this allows the users of such programs, for example, IBM® Lotus® iNotes™ users or IBM® Lotus® Notes® Traveler® users, to take advantage of the ID management features that an ID vault provides. The users' mail servers must run IBM® Lotus® Domino® 8.5.1 or higher.

When this feature is enabled for Lotus iNotes or Lotus Notes Traveler users, the users can:


When a copy of a Notes ID file is in both a mail database and the ID vault, synchronization of the two copies happens automatically when necessary as soon as a user provides a password to perform a secure mail operation. Lotus iNotes users additionally are able to synchronize the two ID file copies manually if they enable the "ID Vault Sync" option in Lotus iNotes Security Preferences.

To assign users of programs that store IDs in databases to an ID vault:

1. Create and configure an ID vault. Assign the ID vault to a policy that is used by Lotus iNotes or Lotus Notes Traveler users.

2. Click the ID vault tab in the Security Settings policy document.

3. Select "Yes" in the field "Allow Notes-based programs to use the Notes ID vault."

If a user to whom the policy applies has a Notes ID file in the ID vault but not in the database, the ID file is downloaded from the ID vault to the database. If the user has an ID file in the database but not in the ID vault, the ID file is uploaded from the database to the ID vault. Copies of an ID in the ID vault and in the database are synchronized.

Note The "Forgotten password help text" field, configured in the ID vault Security Settings policy and used to provide password reset instructions in the Lotus Notes logon window, does not apply to Lotus iNotes users or Lotus Notes Traveler users.