USER AND SERVER CONFIGURATION


Recertifying a user ID
Before a user ID reaches its expiration date, recertify the user ID using the original certifier ID. The user ID is recertified without renaming the user.

Use the Certificate expiration view to determine which certifiers need to be recertified. Access this view from Files - Certlog.nsf - By Expiration date. All certifiers are listed by expiration date.

To recertify a user ID using a certifier other than the certifier used to create the user ID, You need to move a user name in the name hierarchy.

To recertify a user ID

Follow these steps to use the Administration Process to recertify a hierarchical ID that is about to expire.

1. To recertify a user ID, you must have:

2. From the Domino Administrator, click the People & Groups tab.

3. Select the user to be recertified with the same certifier.

4. From the tools pane, select People - Recertify.

5. Complete these fields:
FieldAction
ServerDo one of these:
  • If you are using the Lotus Domino server-based CA, choose the server that is used to access the Domino Directory to look up the list of certifiers.
  • If you are supplying a certifier ID, select the server that is used to locate the list of certifiers so that the Certifier ID file can be updated with the latest set of certificates for itself and all of its ancestors. This is also the server on which CERTLOG.NSF is updated.
Use the CA processChoose this option if you have configured the Lotus Domino server-based CA.
  • Select a CA configured certifier from the list and click OK.
Supply certifier ID and passwordChoose this option if you are using a certifier ID and password.
  • Choose the certifier ID that certified the user's ID and click Open. For example, to rename Joe Smith/Sales/NYC/ACME, use the certifier ID named SALES.ID.
  • Click "Certifier ID" to select an ID other than the one displayed.
  • Enter the password for the certifier ID and click OK.
6. Verify the certifying ID information and complete the following fields:
FieldAction
New certificate expiration date(Optional) Specify a certifier ID expiration date other than the default two years from the current date.
Only renew certificates that will expire before(Optional) Enter a date to recertify only a subset of selected user IDs, according to their current expiration dates.
Edit or inspect each entry before submitting request(Optional) Select the option to edit or inspect each entry before submitting the request if you want to view each certificate before it is renewed.
7. If you selected the option to view each entry prior to its being submitted, the Recertify Person dialog box appears with non-modifiable information in the primary and common name fields. Review the information that displays, then select one of the following:

8. When the Processing Statistics dialog box appears, review the information to verify that all name changes have succeeded. Click OK. If any fail, check the Certifier Log (certlog.nsf) to determine the reason for the failure.

Related topics