Provisioning IBM SmartCloud
® (SmartCloud Notes
) users in a hybrid environment is a three step process.
1. Register the user through the on-premises Domino
® Administrator client. When provisioning existing IBM
users without migrating their mail files, check that the Person documents have all the necessary information as specified in the procedure for registering new users.
2. Provision the user onto SmartCloud Notes
3. Perform the post-provisioning tasks:
- Confirm the user ID has been uploaded to the SmartCloud Notes ID Vault.
- (optional) Delete the user's on-premises mail file.
- Send the SmartCloud Notes login information to the user.
These steps are described in detail in the procedure below. This procedure assumes you will not be using IBM Domino
server-based Certificate Authority to register users, but will instead be selecting the certifier ID created for the SmartCloud Notes
- This procedure will create a new mail file for the user on the SmartCloud Notes servers. It will not migrate the mail files of existing IBM Notes users. Data Migration is performed as a service offering of IBM Software Services for Collaboration (ISSC) or by a SmartCloud Notes Onboarding Certified Business Partner. Please contact your customer service representative for more information on these options.
- Before you begin this exercise, check that the certifier you will use to certify users meets the guidelines for certifiers described here: Certifier requirements in a hybrid environment
In this exercise, you will:
- Provision a new or existing user onto SmartCloud Notes.
- Troubleshoot provisioning problems.
To add or register a user on to the system.
A primary or additional paid offering that is part of your IBM SmartCloud for Social Business (SmartCloud for Social Business) service.
Parent topic: Managing IBM SmartCloud Notes user accounts
Next topic: Exercise 2.5 Removing a user from IBM SmartCloud Notes LNNHcourse
Procedure A: Register the user through the on-premises Domino Administrator client
1. Log into the Domino
Administrator client as a Domino
2. Click the People & Groups
3. Check that you are connected to the server for the Domino
Directory that has been configured for synchronization with the SmartCloud Notes
4. From the Tools
pane, click People
5. If prompted, select the certifier ID that was created to register your on-premises users. Enter the certifier password and click OK
6. Click Advanced
7. On the Basics
tab, complete these fields:
First, Middle and Last names
Enter the user's information.
This will be generated from the values in the names field. You can change it.
Enter an initial password. When you send the credentials to the user, prompt them to change this password.
Select IBM Notes (default).
Select any policies that apply to this user.
Click the Password Options button and...
- Set required password strength on Password Quality Scale.
- Select Encryption Strength.
- Check the Set internet password checkbox.
- Click OK.
8. On the Mail tab, make a note of the mail server and mail file names. You will delete this mail file from the server at the end of the provisioning process because the user will be using only their SmartCloud Notes mail file. The SmartCloud Notes mail file will be created as part of the provisioning process.
9. On the Address tab, complete these fields:
The internet e-mail address assigned to this user. This will be the user's SmartCloud Notes login name.
The domain to be used in the Internet address, for example, llntrain2.com. This should be the internet domain that was configured with the SmartCloud for Social Business service.
Address name format
The format of the internet address. The default format is FirstNameLastName@internetdomain without a separator -- for example, SamCurman@llntrain2.com.
The character inserted between names and initials in the internet address. The default is None.
10. On the ID Info tab, complete these fields:
Create a Notes ID for this person
Check the Create a Notes ID for this person checkbox.
Registering the user with an ID file enables a SmartCloud Notes web user to sign, encrypt, and decrypt mail.
After provisioning, the user may set up a IBM Notes client to connect to the SmartCloud Notes service. Checking this box enables the ID file to be uploaded to the SmartCloud Notes ID vault.
For users who will not be using a Notes client after provisioning, you should upload their Notes ID to the vault manually. See Procedure D: Manually uploading a Notes ID into the vault.
Check that you are using a Certifier ID that trusts the SmartCloud Notes mail server OU certifier, created for the service and vice versa.
Example: The top level certifier, /LLNTrain2 trusts the OU certifier /Hybrid/LLNTrain2 that is used by the Service to certify your company's SmartCloud Notes mail servers. The certifier id file, LLNTrain2.id is chosen and will certify a new user.
Choose either North American orInternational. The license type determines the type of ID file created and affects encryption when sending and receiving mail and encrypting data. North American is the stronger of the two types.
Public key specification
The public key specification that you use impacts when key rollover is triggered. Key rollover is the process used to update the set of Notes
public and private keys that is stored in user and server ID files.
- Compatible with all releases (630 Bits)
- Compatible with 6.0 and later (1024 Bits)
Location for storing user ID
- In Domino Directory (default). The ID file is stored as an attachment to the user's Person document. When you choose this option, the user's IDs are stored in their personal Name and Address Books.
- In file (default location:-datadirectory-\ids\people\user.id). Click Set ID Fileto change path.
11. (Optional) Add the user to an existing group:
- Click the Groups tab with the user highlighted (you can highlight multiple users).
- Select the group or groups to assign and click Add.
12. Click the green check mark. The user name appears in the Registration status view (the user registration queue).
13. Click Register
. Click OK
on the confirmation pop-up dialog, and then click Done
Your user should now be visible in the directory.
Procedure B: Provision the user onto SmartCloud Notes
1. Navigate to the service and click Sign In
2. Enter the company administrator e-mail address and password and click Log In
3. Click Administration
-> Manage Organization
4. You will arrive at the User Accounts
page. Click Lotus Notes
located in the left navigation pane.
5. Click User Provisioning
in the SmartCloud Notes
Administration panel.. Do not click User Provisioning with Mail File Transfer unless you have contracted for data migration services from ISSC. Contact your customer service representative for more information.
6. You will see a list of all users that are registered in an on-premises Domino
Directory that have been synchronized with SmartCloud Notes
. Select the users that will be using SmartCloud Notes mail files, and then click Provision Selected. The users that remain unselected will be "on-premises" users and may continue to use their on-premises mail files. If users are registered in on-premises directories that are not configured for synchronization with SmartCloud Notes, they will not appear in this list
7. In the Provisioning Options
window, specify the following options, then click Next
Select your IBM SmartCloud Notes option. Users who have the full SmartCloud Notes subscription have a 50 GB quota on their mail file. Users who have the SmartCloud Notes Entry subscription have a 1 GB quota. Mail files have a 1 GB quota.
Other - Traveler
(optional) Select this option if your company purchased the IBM SmartCloud Traveler for Notes subscription and you want to enable users to connect to the SmartCloud Notes service using a mobile device supported by Traveler.
Other - E-mail Retention
(optional) Not used in this exercise This option will be visible if your company purchased SmartCloud Archive Essentials. Select this option to enable the user's mail to be archived.
Other - IBM SmartCloud Notes for Hosted BlackBerry Server
Not used in this exercise Select this option if your company purchased this subscription and you want to enable the user to access his/her SmartCloud Notes mail file on their BlackBerry® smartphone.
Note: IBM SmartCloud Notes for Hosted Blackberry Server is not available to users with the SmartCloud Notes Entry subscription.
8. Select a mail template for the user mail file that corresponds to the language of the selected user or users. Click Select
by the mail template, then click Next
. The currently selected template will be bolded.
9. If an extension forms file is available for your company, you see the Select Extension Forms File option. To apply an extension forms file to web clients, select a forms file. Read more about this feature in the online documentation topic, Provisioning users without transferring mail files
10. Provide an initial password for the user, then click Next
. This is the password users will use when they log on to SmartCloud for Social Business for the first time. Make a note of this password to provide to the user or users.
11. Review the subscription and user information, and then click Confirm
then Request Provisioning
on the User Provisioning Requests page to provision users, or click Back
to make changes to your selections. A validation step reports any preliminary errors that need to be addressed before users can be added to the provisioning queue.
Procedure C: Post-provisioning steps
Option 1 - Verification through the User Provisioning screen
a. From the SmartCloud Notes Administration window, clickUser Provisioning.Option 2 - Verification through the Users screen
b. Verify that the user no longer appears in the user list.
c. Check the Provisioning Status page for Done and Pending status.
a. From the SmartCloud Notes Administration window, clickUser Accounts.Option 3 - Verification through the person document
b. Verify that the user appears in the user accounts list.
a. Open the person document in the Domino Administrator client.
b. Verify that the mail server is pointing to the SmartCloud Notes service environment.
1. To verify the users have been provisioned use one of the two methods listed below:
2. (Optional) Delete the user's on-premises mail file. If you provisioned a new user, the mail file created during the registration process will not be used. You may want to delete it. If you provisioned an existing IBM Notes user, you or the user may want to archive their mail file for later manual or local searches.
3. Prepare a welcome memo containing information necessary to access and use SmartCloud Notes and send it to the newly provisioned user.
Procedure D - Manually uploading a Notes ID into the vault
1. From Organization Account Settings
click Lotus Notes
, then click the name of the user whose Notes
ID you would like to upload.
2. Under Available Options for this user
choose Upload Notes ID File
. Notice that this page also shows you if the Notes
ID is or is not in the vault currently.
3. Browse to the Notes
ID file for the user and enter the password.
A user cannot log into SmartCloud Notes
. The credentials they are using are:
Login: Sam Curman/LLNTrain2
The user needs to use their internet address to login, e.g. SamCurman@llntrain2.com.
Check the Person document to ensure they have an internet address. If they do not, create one and then reprovision the user.
When provisioning new SmartCloud Notes users in a hybrid environment, the provisioning appears to have been successful, however when a user logs in to SmartCloud Notes for the first time, the following error displays: 1003: You are not authorized to access that resource.
From the SmartCloud for Social Business Admin panel, when I click User Accounts from the left hand navigation pane, I see a button labeled Add User Account in the User Accounts screen. I do not know if I am able to use this button to create new SmartCloud Notes
You should not use the Add User Account
button to provision new SmartCloud Notes
users in a Hybrid company. For a Hybrid company, users are registered on-premises, as shown in Procedure A above, then provisioned into SmartCloud Notes
as shown in Procedure B. Registering the user on-premises provides the user with a IBM Notes
ID, required by the IBM Notes
The Add User Account
button is used to create new user accounts for other web-based SmartCloud for Social Business services, such as SmartCloud Engage or SmartCloud Connections. The Add User Account
button is also used for provisioning new users in a SmartCloud Notes
Service - only company. For more information about provisioning new users in a Service-only company see the course: SmartCloud Notes
in a Service-only environment, Exercise 1.7 Selecting a Hybrid Account Setup LNNHcourse
Will the mail file of an existing IBM Notes user be moved as part of the provisioning process?
Not through the steps outlined in this exercise. Data migration is a service you must contract through ISSC. Contact your customer service representative for more information.
True or False: The password I set when I register a new user through the Domino Administrator client will automatically be their password for logging into the SmartCloud Notes website.
False. You need to set their SmartCloud Notes password on the Provisioning Options screen. Barring any security restrictions, you may use the same password in both locations.