For example, if Alice Brown/Marketing/Acme leaves a job in the Marketing department for a job in Sales, you can certify her user ID with the /Sales/Acme certifier, which, in effect, moves her to that Organizational Unit. Her full hierarchical name then becomes Alice Brown/Sales/Acme.

You can also move a user to another Organization, however to do so, your Domino Directory must contain cross-certificates between the Organizations involved. So, for example, if Alice Brown/Marketing/Acme leaves a job at Acme to work for the Acme subsidiary AcmeSub that has its own Organization Certifier, you can certify her ID with the /AcmeSub certifier so that her name becomes Alice Brown/AcmeSub. Using this example, the Domino Directory must have cross-certificates between /Acme and /AcmeSub.

There are two parts to moving a user name:

1. Request the move using the originating certifier.

2. Complete the move by using the target (new) certifier to approve the request and issue the new certificate.

You can use an agent to notify a user of changes to private design elements during a name change by using the Administration Process to perform the name change.

Changing primary and alternate name information during the move

If an alternate name has been assigned, the administrator who performs the approval phase of the move automatically has the option to change primary name information. If an alternate name has not been assigned, you can designate whether the administrator who completes the move can modify primary name fields. To use the Domino alternate name functionality, Domino 5.0.2 or later must be running on all servers involved with the name change, the user's workstation, and the administrator's workstation.

Synchronizing the name change between Notes and Active Directory

While completing the move, you also have the option of synchronizing the name change between IBM® Lotus® Notes® and Active Directory. To do so, select "Rename NT user account" on the Rename Person dialog box.

To move a user name in the name hierarchy

1. To move a user name in the name hierarchy, you must have:

• Access to the certifier you are using
• At least Editor access to the Administration Requests database

3. Click People and select a user name.

4. From the tools pane, click People - Rename.

5. The "Honor old names for up to <x> days" field is set to 21 days by default. You can change that value if desired.

6. Click "Request Move to New Certifier."

7. In the Choose a Certifier dialog box, complete these fields:

Field	Action
Server	Do one of these: If you are using the Lotus Domino server-based CA, choose the server that is used to access the Domino Directory to look up the list of certifiers. If you are supplying a certifier ID, select the server that is used to locate the list of certifiers so that the Certifier ID file can be updated with the latest set of certificates for itself and all of its ancestors. This is also the server on which CERTLOG.NSF is updated.
Supply certifier ID and password	Choose this option if you are using a certifier ID and password. Choose the certifier ID that certified the user's ID and click Open. For example, to rename Joe Smith/Sales/NYC/ACME, use the certifier ID named SALES.ID. Click "Certifier ID" to select an ID other than the one displayed. Enter the password for the certifier ID and click OK.
Use the CA process	Choose this option if you have configured the Lotus Domino server-based CA. Select a CA-configured certifier from the list and click OK.

8. In the Request Move For Selected People dialog box, do the following:

Field	Action
Old Certifier	Verify the information. If it is incorrect, cancel the procedure and begin again.
New Certifier	Enter or select the new certifier. This is the name hierarchy that issues a certificate for the user in the new hierarchy. For example, to certify Joe Smith from /Sales/NYC/ACME into /Service/NYC/ACME, enter /Service/NYC/ACME or select from the list.
Edit or inspect each entry before submitting request	Selected by default. Do one: Keep selected. The Rename Person dialog box appears with non-modifiable fields of Primary and Alternate Name information. Review the information for accuracy. Go to Step 9. If you do not want to verify each entry, clear the check box. Review the processing information that displays to verify that all name changes were successful. If any fail, check the Certifier Log to determine the reason for the failure. Go to Step 10, then complete the procedure "To approve the name change."

9. (Optional) Click the "Allow the primary name to be changed when the name is moved" check box if you want the opportunity to change the user's name when you approve the move.

10. For each name selected, choose one of the following:

• OK - to submit the name change.
• Skip - if you are renaming more than one user name and you want to continue to the next name without submitting a name change for the current name.
• Cancel Remaining Entries - to cancel this name change and name changes for any other names you selected and have not yet submitted.

1. From the Domino Administrator, click Server - Analysis - Administration Requests.

2. Choose the Name Move Requests view. This view categorizes submissions by certifier. Each name awaiting approval is listed under its new certifier. Select the name(s) to move.

3. Click Complete move for selected entries.

4. To complete the move, in the Choose a Certifier dialog box, make the following selections:

Field	Action
Server	Do one of these: If you are using the Lotus Domino server-based CA, choose the server that is used to access the Domino Directory to look up the list of certifiers. If you are supplying a certifier ID, select the server that is used to locate the list of certifiers so that the Certifier ID file can be updated with the latest set of certificates for itself and all of its ancestors. This is also the server on which CERTLOG.NSF is updated.
Use the CA process	Choose this option if you have configured the Lotus Domino server-based CA. Select a CA-configured certifier from the list and click OK.
Supply certifier ID and password	Choose this option if you are using a certifier ID and password. Choose the certifier ID that certified the user's ID and click Open. For example, to rename Joe Smith/Sales/NYC/ACME, use the certifier ID named SALES.ID. Click "Certifier ID" to select an ID other than the one displayed. Enter the password for the certifier ID and click OK.

5. If you are moving a user name from one hierarchy to another hierarchy, a cross certificate is required. If your local Domino Directory does not contain a cross certificate for the certifier, you are prompted to create one. Click Yes.

6. In the "Certificate Expiration Date" dialog box, do the following and then click OK:

Field	Action
Certifier	The name hierarchy of the certifier that will issue the new certificate (non-modifiable).
New certificate expiration date	(Optional) Specify a certifier ID expiration date other than the default two years from the current date.
Edit or inspect each entry before submitting request	Selected by default. You can remove the check mark if you do not want to verify the entries.

7. In the Rename Person dialog box, make changes to the primary name as needed.

Field	Action
New Primary Name Information
First, Middle, and Last Name	This is the name with which the user was registered. Make changes to the user's name as appropriate.
Qualifying Org. Unit	(Optional) A name to differentiate this user from another user with the same user name, certified by the same certifier. This adds a differentiating component that appears between the common name and the certifier name.
Short Name	(Optional) Created at registration, the default is first initial, last name. You can change this name optionally. It does not change automatically based on changes to the primary name fields. You must make this change manually.
Internet Address	(Optional) Created at registration, the default is first initial, last name. You can change this name optionally. It does not change automatically based on changes to the primary name fields. You must make this change manually.
Rename Windows User Account	Available to Microsoft® Windows® Active Directory users only. Check this box if you want to synchronize the name change in both the Domino Notes and Active Directory accounts.

8. Complete the following fields as desired. These modifiable fields display only if the user ID has an alternate name assigned to it.

New Alternate Name Information	Available only if you are renaming a user whose certifying organization has alternate names assigned.
Common Name	The common name in the alternate language.
Qualifying Org. Unit	(Optional) A name to differentiate this user from another user with the same user name, certified by the same certifier. This adds a differentiating component that appears between the common name and the certifier name.
Original Language	The alternate language currently assigned to the user (non-modifiable).
New Language	Select from the list to assign a new alternate language. This option is available only if the user is moving into an Organizational Unit or Organization that has an alternate language assigned.

9. Choose one of the following:

• OK - to submit the name change approval.
• Skip - if you are renaming more than one user and you want to continue to the next name without submitting a name change for the current name.
• Cancel Remaining Entries - to cancel this name change and name changes for any other names you selected and have not yet submitted.

The user name change in hierarchy continues just as a change to a Notes user's common or alternate name is completed.

Related topics

Changing Notes user names with the Administration Process
Renaming a Notes user's common or alternate name
Managing users
Registering users
The Administration Process
Adding cross-certificates to the Domino Directory or Personal Address Book

Glossary