An ID vault stores copies of IBM SmartCloud Notes
) users IDs. Should a user lose or corrupt their ID file, a secure copy can be recovered from the ID vault.
creates the ID vault when your customer account is created. In order for a user's ID file to be uploaded to the ID vault, you must issue a Vault Trust Certificate from a parent certifier of the user ID file to the ID vault certifier. The Vault Trust Certificate certifies that the parent certifier trusts the ID vault to store the IBM Notes
ID file. After the Vault Trust Certificate is issued, only IDs of users with SmartCloud Notes
accounts are uploaded to the ID vault.
A Vault Trust Certificate should be issued as part of your SmartCloud Notes
configuration. You can issue the certificate after the on-premises directory has been synchronized with the SmartCloud Notes
In this article you will learn about:
- Issuing a Vault Trust certificate
- Troubleshooting ID vault issues
The ID vault is a server-based database that holds protected copies of IBM Notes user IDs. An ID vault allows administrators and users to easily manage Notes user IDs. Users are assigned to a vault through policy configuration, and copies of user IDs are uploaded to a vault automatically once the policy has taken effect.
In a SmartCloud Notes hybrid environment, this feature is enabled by default and administered on the SmartCloud Notes servers by IBM. In other words, this feature is part of SmartCloud Notes that is administered "in the cloud".
Vault Trust Certificate
A Vault Trust Certificate is a special-purpose cross-certificate that determines what IDs are allowed in a vault
1. After the on-premises directory has been synchronized with the SmartCloud Notes directory, log on to Domino® Administrator and open the on-premises hub server that you use for directory synchronization.
2. Click the Configuration tab and then click Security -> ID Vaults.
Select the ID vault document for the SmartCloud Notes ID vault.
3. Click Tools
-> ID Vaults
. This will bring up the Manage Notes ID Vault
4. On the Manage Notes ID Vault
dialog, click Next
5. Select the task Add or remove organizations that trust the vault
and click Next
6. Click the Add or Remove
button. This will open the Trusted Vault Organizations
7. From the list of Available organizations
, select the organizations or organizational units to which the SmartCloud Notes
users belong. Click the Add
button to add the organization or organizational unit to the list Organizations that trust the ID vault
. When you are finished adding organizations and organizational units, click OK
8. Click Next
9. Verify the actions to be performed and click Configure
10. Click Browse
to select the organizational certifier, and then click OK
11. Enter the certifier password, and click OK
12. In the You have successfully completed the management of the Notes ID vault
window, click Done
13. To verify that the Vault Trust Certificate was issued, locate it on the Configuration
tab by expanding Security
, and then expanding Vault Trust Certificates
I deleted my pre-existing on-premises ID vaults. Now, my on-premises users are reporting that ID vault is not working.
All user IDs under the parent certifier that issues the Vault Trust Certificate are authorized for storage in the ID vault. However, only the IDs of users with SmartCloud Notes accounts are uploaded to the ID vault.
You will want to keep any on-premises ID vaults in use by on-premises users.
What should you do if you cannot locate the SmartCloud Notes ID vault document in my on-premises directory?
Verify that you are connected to the on-premises hub server that you use for directory synchronization.
Verify that your on-premises directory has been synchronized with the SmartCloud Notes directory. Synchronization replicates the SmartCloud Notes ID vault document to your on-premises directory.