We are in the process of implementing SSO for our Notes clients. Up until now we have used the Notes client logon service which synchronizes the notes password with the windows password. This fails frequently when the new Windows password fails (not complex enough, etc) or an admin has to reset the Windows password. Also it appears that it will not be supported on Windows 10. We are now testing Notes Shared Logon. We have some questions:
1. Are the private/secret keys copied regularly to the global vault?
2. If a user was to have his/her laptop destroyed (run-over, stolen, submerged, etc) will the ID in the vault be sufficient to allow the user to see all encrypted emails on a new laptop?
3. Does re-certification work the same way as before - can an admin re-certify everyone without user interaction?
Thank you in advance for any reply:-)