SECURITY


Adding or removing vault administrators
Vault administrators can add and remove other vault administrators, add and remove vault replicas, delete IDs from a vault, mark IDs inactive, restore inactive IDs, and delete a vault. Specifying more than one vault administrator is recommended for administrative backup.

The names of vault administrators are added to the vault database ACL and to the vault document in the Security - ID Vaults view of the Domino Directory.

Note A vault administrator assigned to the Auditor role in the vault database ACL can extract an ID from a vault to gain access to a user's encrypted data.

When you create a vault, you must specify at least one vault administrator. To add or remove vault administrators after a vault is created, perform the following steps:

1. Open the Domino Administrator and the and click the Configuration tab.

2. Click the Security - ID Vaults view and select the vault document of the vault you are managing.

3. Click Tools - ID Vaults - Manage, select the task "Add or remove vault administrators."

To be added as a vault administrator, a user must have "Administrators" access to the server that is open in the Domino Administrator.

You can specify individual names only, not group names.

Related topics