Skip to main content link. Accesskey S
  • Log In
  • Help
  • IBM Logo
  • IBM Notes and Domino wiki
  • All Wikis
  • All Forums
  • Home
  • Product Documentation
  • Community Articles
  • Learning Center
  • IBM Redbooks
Community Articles Product Documentation Learning Center IBM Redbooks This category IBM iNotes 9.0 Social Edition - Administering IBM iNotes 9.0 Social Edition - Using IBM Notes 9.0 Social Edition IBM Notes Traveler 9.0 - Administering IBM Notes Traveler 9.0 - Using Lotus Notes 8.5.3 Documentation Lotus Notes Traveler 8.5.3 Administration Documentation Lotus Notes Traveler 8.5.3 Usage Documentation Custom Search Scope...
Search
Community Articles > Lotus Domino > Domino security > Troubleshooting ID vault test deployments
  • New Article
  • Share Show Menu▼
  • Subscribe Show Menu▼

About the Original Author

IBM contributorNancy E Kho
Contribution Summary:
  • Articles authored: 15
  • Articles edited: 14
  • Comments Posted: 1

Recent articles by this author

Encrypting SAML assertions
Setting up encrypted assertions Your organization may require SAML assertions to be encrypted if assertions include attributes that contain sensitive personal data, for example, social security numbers. IBM Domino® 9.0 Social Edition encrypts entire SAML assertions; partial encryption of specific ...

Notes Shared Login FAQ
What is Notes shared login? Notes shared login (NSL) allows you to start IBM® Lotus Notes® and use your User ID without having to provide a Notes password. You only need to log in to Microsoft® Windows® using your Windows password. Does Notes shared login have any limitations? See the help ...

Adding an ID vault password reset authority from a different organization
If a password reset authority is in an organization different from the organization assigned to your vault, you may need to take additional steps in order for the password reset authority to be able to reset passwords successfully. If not already created, you will need to create crosscertificates ...

Upgrading from Notes client single logon to Notes shared login
Lotus Notes 8.5 supports both Notes client single logon (introduced in an earlier release) and Notes shared login (new in 8.5). Notes single logon is not a supported configuration if you use the ID vault. Therefore, if you use the ID vault, use Notes shared login instead, which is designed to work ...

Notes ID vault on-the-go: Integration with other programs
The Notes ID vault works wherever you are! Beginning in Lotus Domino 8.5.1, you can enable IBM Lotus Notes API programs, such as Lotus iNotes, Lotus Notes Traveler, and RIM Blackberry, to use an ID vault and take advantage of its ID management features. This feature can be enabled in the ID Vault ...

Community articleTroubleshooting ID vault test deployments

Added by Nancy E Kho | Edited by IBM contributor Nancy E Kho on January 5, 2010 | Version 2
expanded Abstract
collapsed Abstract
No abstract provided.
Tags: Notes ID Vault
User ID files not being uploaded to the ID vault

If you are an administrator attempting a test deployment of the ID vault and do not see certain user IDs being uploaded to the vault, check the following:
1. Is your test deployment user using Lotus Notes 8.5 or higher? To use a vault, Lotus Notes clients must run Release 8.5 or later.
2. Have the necessary vault trust certificates been created? In the Domino Administrator, under the "People & Groups" tab, under "Certificates," check that the expected "Vault Trust Certificates" exist.


Using a password reset application with the ID vault

If you are an administrator having trouble deploying a password reset application for use with the ID vault, try the following:

1. Check that the basic ID vault and user have been set up correctly.
To do this, you may can try resetting the user's password in the Notes Administrator. This will ensure that (1) the user's ID is indeed in the vault and that (2) an ID vault policy has been applied to the user.
(This may be especially pertinent if you are seeing the "Entry not found in Index" error in the server log.)
- The message "The Notes ID ... is not vaulted." indicates that an ID vault policy has not been applied to the user.
- The message "User's ID has not been uploaded to the Notes ID vault." indicates the user's ID is not in the ID vault yet.

2. Check the rights of the password reset agent signer. (If not already signed, sign the agent using Domino Designer.)
- In the Server document (in the Domino Directory) of the server(s) on which the agent will run, check that the agent signer has "Run restricted LotusScript/Java agents" access.
- In the ID vault wizard in the Domino Administrator, check that the signer of the password reset agent is an authorized password resetter with "Password reset agent authority."
- In the ID vault wizard in the Domino Administrator, check that the server(s) on which the agent will run is an authorized password resetter.

3. In Domino Designer, check the security settings of the agent.
- Under "Properties - Security" settings of the agent, double check that "Run as web user" has not been checked.

4. Within the agent code, check that ResetUserPassword is called with the correct server name and user name values.
- Is the user's full name being used? For example "John Smith/Acme" and not just "John Smith."
expanded Attachments (0)
collapsed Attachments (0)
expanded Versions (10)
collapsed Versions (10)
Version Comparison     
VersionDateChanged by              Summary of changes
10Oct 20, 2010 5:41:46 PMNancy E Kho  IBM contributor
9Oct 20, 2010 5:30:01 PMNancy E Kho  IBM contributor
8Oct 20, 2010 4:17:52 PMNancy E Kho  IBM contributor
7Mar 18, 2010 11:53:06 AMNancy E Kho  IBM contributor
6Mar 18, 2010 11:53:02 AMNancy E Kho  IBM contributor
5Jan 6, 2010 3:15:14 PMNancy E Kho  IBM contributor
4Jan 6, 2010 11:02:13 AMNancy E Kho  IBM contributor
3Jan 5, 2010 2:09:43 PMNancy E Kho  IBM contributor
This version (2)Jan 5, 2010 10:21:43 AMNancy E Kho  IBM contributor
1Jan 4, 2010 2:43:33 PMNancy E Kho  IBM contributor
Copy and paste this wiki markup to link to this article from another article in this wiki.
Go ElsewhereStay ConnectedHelpAbout
  • IBM Collaboration Solutions wikis
  • IBM developerWorks
  • IBM Software support
  • Twitter LinkIBMSocialBizUX on Twitter
  • FacebookIBMSocialBizUX on Facebook
  • ForumsLotus product forums
  • BlogsIBM Social Business UX blog
  • Community LinkIBM Collaboration Solutions
  • Wiki Help
  • Forgot user name/password
  • Wiki design feedback
  • Content feedback
  • About the wiki
  • About IBM
  • Privacy
  • Accessibility
  • IBM Terms of use
  • Wiki terms of use