USER AND SERVER CONFIGURATION


Using Advanced Notes user registration with the Domino Administrator
Advanced registration offers all the settings included in Basic registration and also allows you to change default settings and apply advanced settings to users.

Note You can modify user settings at any time once you add the user to the User Registration Queue by selecting the user from the queue and then making changes. You can also modify certain settings for multiple users at once by selecting the users in the queue and making changes. You can cancel user registration and clear all fields at any time by clicking the red X.

Storing user IDs in Notes ID vault

The user registration interface now contains the setting "In Notes ID vault" on the ID Info tab. This setting is not modifiable in the user registration interface. If a user's effective policy has a Security policy settings document that assigns the user to a vault, the "In Notes ID vault" value is selected. If the server you are using is a pre-Domino 8.5 server, the field label changes to "ID vault not supported for this version of Domino."

Hosted environments

If you are working in a hosted environment, when registering users, ensure that you are using a certifier that was created for the hosted organization into which you are registering the users. This applies regardless of whether you are using a certifier and password or the server-based CA.

Roaming users

If you are registering Domino server roaming users, on the ID Info tab of the Register Person - New Entry dialog box, choose "In Domino Directory" as the location for storing user IDs if you want roaming users to access their IBM® Lotus® Notes® IDs from their Contacts application. If you do not choose the "In Domino Directory" option, roaming users must either store their Notes ID on a file server or physically carry their Notes ID with them on a diskette or other storage media. If you elect to store the user ID in a file and in the IBM® Lotus® Domino® Directory, the user IDs are stored in the user's Contacts application.

Note If you create Domino server-based roaming users and do not elect to store their user IDs in the Domino Directory, but later decide to store those user IDs in the Domino Directory, disable the roaming user option, select the option to store the user ID in the Domino Directory, and then enable the roaming user option again.

To use Advanced registration with the Domino Administrator

1. Make sure you have the following access before you begin registration:

2. From the Domino Administrator, click the People & Groups tab.

3. From the Servers pane, choose the server to work from.

4. Select Domino Directories, and then select People.

5. From the Tools pane, click People - Register.

6. Enter the certifier password and click OK.

Note The Certifier Information Recovery Warning dialog box appears. Review the information in the dialog box, select the check box and click OK.

7. Click Advanced.

8. From the Basic tab, complete these fields:
FieldEnter
Registration serverClick Registration Server to change the registration server (which is the server that initially stores the Person document until the Domino Directory replicates), select the server that registers all new users, and then click OK. If you have not defined a registration server in Administration Preferences, this server is by default one of these:
  • The local server if it contains a Domino Directory
  • The server specified in NewUserServer setting of the NOTES.INI file
  • The administration server
First name, Middle name, Last nameThe user's first and last names and (if necessary) middle name. The user's Short name and Internet address are automatically generated. To change the Short name or Internet address, click the appropriate space and enter the new text.
Short nameA short name in the format FirstInitialLastName is automatically created as you enter the user's name. For example, JSmith is the short name for John Smith. You can modify this field.
PasswordA password for the user ID.
Password optionsClick Password options to set a level for the password in the Password Quality Scale. The default level is 8. For more information, see The password quality scale.

Choose the password encryption strength (or password key width). The encryption key that protects the Notes keys that are stored in the user ID file is derived from the password. The stronger the encryption strength of the password, the stronger the encryption key that protects the Notes keys.

  • Base strength on RSA key size - encryption strength is determined by the size of the RSA key stored in the ID file. If the RSA key size is less than 1024 bits, the password encryption strength is 64 bits; if RSA key size is 1024 or greater, the password key size is 128 bits.
  • Compatible with all releases (64 bits)
  • Compatible with 6.0 and later (128 bits)
Click the check box "Set Internet password" to give Internet users name and password access to a Domino server and to set an Internet password in the Person document. This field is automatically selected if you select the Other Internet, POP, Lotus iNotes, Domino Web Access or IMAP mail types.
Mail systemClick to change the user's mail system from the default of Lotus Notes to an Internet-based system or Lotus iNotes.
Explicit policySelect the explicit policy to apply to this user. For more information on policies, see Organizational and explicit policies.
Policy synopsisClick to see a summary of this user's effective policies.
Enable roaming for this personClick to enable roaming capabilities for this user. Doing so enables the Roaming tab.

Note If you are enabling roaming user for a current release Notes user, see the topic "Using Domino policy to register and configure roaming users" in this guide.

Create a Notes ID for this personClick to create a Notes ID for this person during the registration process.
9. Click the Mail tab and complete any of these fields. Domino uses default values (if available) for any fields you do not modify.
FieldEnter
Mail systemChoose one of the available mail types and complete the necessary associated fields:
  • Lotus Notes (default)
  • Other Internet
  • POP
  • IMAP
  • Lotus iNotes
  • Other
  • None
If you select Lotus Notes, POP, or IMAP, the Internet address is automatically generated.

If you select Other Internet, POP, or IMAP, the Internet password is set by default.

If you select Lotus iNotes, you can change other user registration selections to Lotus iNotes defaults by clicking Yes when prompted.

If you select Other or Other Internet, enter a forwarding address. This address is the user's current address, where the user wants mail to be sent. For example, if a user temporarily works at a different location and/or uses a different mail system, the user can have her mail forwarded to that new address. Or, a user may resign from the company but leave a forwarding address so that mail addressed to the old address is forwarded to the new location.

Mail serverThe user's mail server. If you have not defined a mail server in Administration Preferences, this server is (by default) the local server if it contains a Domino Directory; otherwise, it is the Administration server.
Mail file nameThe file name of the mail file. By default, the path and file name are mail\<firstinitial><first7charactersoflastname>.nsf.
Create file in background(Optional) Click Create file in background to force the Administration Process to create the files in the background. Use this option to save time during the user registration process. If you do not choose to create the file in the background, mail files are created during the user registration process.
Mail file templateA mail template from the list of available mail templates. For a description of the template, select the template and click About. The default is Mail R# (MAIL85.NTF).
Create full text indexClick to generate a full-text index of the mail database.
Mail file replicasClick to open the Mail Replica Creation Options dialog box on which you can select the servers to which the mail file will replicate. This option only applies to clustered servers.
Mail file owner accessSelect the level of access in the access control list to assign to the user of the mail database from the Mail file owner access list. By default, mail users have Editor with Delete documents access to their own mail files; all other users have no access. This option can be used to prevent mail users and/or owners from deleting their own mail file. If the mail owner access is Designer or Editor, the administrator ID currently being used is added to the mail file ACL as Manager.
Set database quotaClick to enable, and then specify a size limit (maximum of 10GB) for a user's mail database.
Set warning thresholdClick to generate a warning when the user's mail database reaches a certain size, and then enter the warning size (maximum of 10GB).
10. Click the Address tab, and enter values in any of these fields. Domino uses default values (if available) for any fields you do not modify.
FieldEnter
Internet addressThe Internet e-mail address assigned to this user.
Internet DomainThe domain to be used in the Internet address -- for example, Acme.com.
Address name formatThe format of the Internet address. The default format is FirstNameLastName@Internet domain without a separator -- for example, RobinRutherford@Acme.com.
SeparatorThe character inserted between names and initials in the Internet address. The default is None.
Forwarding AddressWhen you select the mail system "Workplace Messaging," this field is populated with the user's Internet Address.
11. Click the ID Info tab, and enter values in any of these fields. Domino uses default values (if available) for any fields you do not modify.
FieldEnter
Create a Notes ID for this personClick to create a Notes ID for this user.
Certifier Name listChoose a certifier ID to use when creating the user name during user registration when a Notes user ID is not being created for the user.

This field appears if the check box "Create a Notes ID for this person" is not selected.

If you are working in a hosted environment and are registering a user to a hosted organization, be sure to register that user with a certifier created for that hosted organization.

Use CA processClick to use the Lotus Domino server-based certification authority (CA) to register this user. The certifier ID and password will not be needed to complete the user registration process if you use the Lotus Domino CA.

If you are working in a hosted environment and are registering a user to a hosted organization, be sure to register that user with a certifier created for that hosted organization.

This field appears if the check box "Create a Notes ID for this person" is selected.

Certifier IDClick if you want to use a certifier ID and password instead of the server-based CA. To change to a different certifier ID, click Certifier ID, select the new ID, enter the password, and then click OK.

If you are working in a hosted environment and are registering a user to a hosted organization, be sure to register that user with a certifier created for that hosted organization.

This field appears if the check box "Create a Notes ID for this person" is selected.

License typeChoose either North American or International. The license type determines the type of ID file created and affects encryption when sending and receiving mail and encrypting data. North American is the stronger of the two types.

This field appears if the check box "Create a Notes ID for this person" is selected.

Certification expiration dateThe expiration date of the user ID in mm-dd-yy format. The default is two years from the current date.

This field appears if the check box "Create a Notes ID for this person" is selected.

Location for storing user IDChoose one:
  • In Domino Directory (default). The ID file is stored as an attachment to the user's Person document. If you are registering roaming users, choose this option to store their Notes IDs in the Domino Directory. If you do not choose this option for roaming users, the users must either store their Notes IDs on a file server or carry their Notes IDs with them on diskette or other storage media. When you choose this option, the user's IDs are stored in their personal Name and Address Books.
  • In file (default location: <datadirectory>\ids\people\user.id). Click Set ID file to change path.
  • In mail file. This option is only available with Lotus iNotes and allows Notes users to read their encrypted mail while using Lotus iNotes. This field appears if the check box "Create a Notes ID for this person" is selected.
  • In Notes ID vault. The field is not modifiable. This value is set in the security policy settings document. If this field is checked, the user ID will be stored in the Notes ID vault, an optional, server-based database that holds protected copies of Notes user IDs.
  • ID vault not supported for this version of Domino. This setting displays if you are using a pre-Domino 8.5 server.
Public key specificationThe public key specification that you use impacts when key rollover is triggered. Key rollover is the process used to update the set of Notes public and private keys that is stored in user and server ID files.

Choose one:

  • Compatible with all releases (630 Bits)
  • Compatible with 6.0 and later (1024 Bits)
  • Compatible with 7.0 and later (2048 bits)
For information about the significance of the public key specification and key rollover, see the topic User and server key rollover.
12. (Optional) To add the user to an existing group:


13. (Optional) If you selected "Enable roaming for this person," click the Roaming tab, and complete any of these fields. The fields do not appear if you did not click "Enable roaming for this person" and "Create a Notes ID for this person." on the Basic tab." Domino uses default values (if available) for fields you do not modify. 14. Click the Other tab, and complete any of these fields. Domino uses default values (if available) for fields you do not modify.
FieldEnter
Setup profileName of a Notes R5 User Setup profile to assign.

Note If you are using policies, you cannot use a user setup profile.

Unique org unitA word that distinguishes two users who have the same name and are certified by the same certifier ID.
LocationDepartmental or geographical location of the user.
Local administratorThe name of a user who has Author access to the Domino Directory but who does not have the UserModifier role. This setting allows the local administrator to edit Person documents.
CommentA comment about the user, regarding the user's registration.
Alternate name languageChoice of alternate name language. The certifier ID used to register this user must contain the alternate name language for it to appear here.

For more information, see Adding an alternate name and language.

Alternate nameThe alternate name of the user. The certifier ID used to register this user must contain the alternate name language for it to appear here.
Alternate org unitA word that distinguishes two users who have the same name and are certified by the same certifier ID. The certifier ID used to register this user must contain the alternate name language.
Preferred languageChoose a preferred language for the user, that is, the language that the user prefers to use.
Windows user optionsClick to set user options for Microsoft Windows. Opens the "Add Person to Windows" dialog box on which you can specify whether to add the user to the Microsoft Windows. Enter the Microsoft Windows account name for the user, and select the name of the Microsoft Windows group to which you are adding the user.
15. Click the green check mark. The user name appears in the Registration status view (the user registration queue).

16. Click Register and then click Done.

Related topics