Creating an organization certifier for external members in a different organizationAdded by IBM on December 16, 2010 | Version 1 (Original)
|Certifier IDs are required to ensure offline user authentication works when users are in different organizational hierarchies from the IBM® Lotus® Quickr™ server.
Certifier IDs are required to ensure offline user authentication works when users are in different organizational hierarchies from the IBM® Lotus® Quickr™ server.
About this task
If external offline members are in a different organization hierarchy than the IBM Lotus Domino® server on which IBM Lotus Quickr runs, create an organization certifier ID for that organization and then cross-certify that certifier ID with the Domino server's certifier ID. For example, if the Domino server certifier is the /Org certifier, but external users are within the /Acme organization, create an /Acme organization certifier ID and then cross-certify /Acme with /Org.
To create the organization certifier:
- From the Domino Administrator, select your server, for example, ServerA/Org.
- Click the Configuration tab.
- On the right pane of the Domino Administrator, click Registration, and then click Organization to open the Register Organization Certifier dialog box.
- Click Registration Server and choose the Domino server's name, for example, ServerA/Org, and then click OK.
- In the Organization name field, type the organization name of the external users, for example, Acme.
- Optional: Type a country code.
- In the Certifier password field, type a password for the new organization certifier ID.
- Click Set ID File and specify a file name, for example acme.id, and local path name in which to save the new certifier ID file.
Note: For security reasons, back up doladmin.nsf and delete the ID file from your system directory after this ID is attached to an Offline Security Policy document.
- Optional: Complete additional fields in the Register Organization Certifier dialog box. Click ? for information on these fields.
- Click Register to create the organization certifier ID locally and to register the certifier in the Domino Directory of the Domino server.
- Perform the following steps to cross-certify the certifier ID you created with the Domino server certifier:
- If you are using a remote Domino Administrator client, copy the Domino server's certifier ID to the local machine. By default, the server's certifier ID file is called cert.id and is located in the Domino data directory on the server.
- Verify that the Domino server is selected in the Domino Administrator.
- From the Domino Administrator, click Configuration.
- Click Certification, and then click Cross Certify.
- Click Certifier ID and select the Domino server certifier ID, for example, cert.id, and then click OK.
- Type the password for the Domino server's certifier ID. The administrator who set up the Domino server created this password.
- In the Choose ID to be Cross-Certified dialog box, select the organizational certifier ID you created, for example, acme.id,
- In the Issue Cross Certificate dialog box, click Cross Certify to create a cross-certificate in the Domino Directory of the Domino server.
Parent topic: Creating certifier IDs for offline use