HCL Notes and Domino wiki: Domino security: ID vault and Notes shared login FAQ

ID vault and Notes shared login FAQ

Added by Michael Stewart on April 27, 2021 | Version 1

Actions ▼

Abstract

Abstract

No abstract provided.

Tags: Notes ID Vault, Notes Shared Login

For more information about Notes shared login, see the Notes Shared Login FAQ.

As an administrator, how should I deploy the ID vault with Notes shared login?

Both the ID vault and Notes shared login can be enabled at the same time for users. However, to be even more careful, customers may want to assign the ID vault policy first, to store all ID files in the vault and have a back up. Then assign the Notes shared login policy later on. Also, another benefit of assigning the ID vault policy first is that ID in the ID vault will have the user's password associated with it. This is helpful in the case where an ID needs to be downloaded from the ID vault, or a password-protected ID file needs to be resynchronized with the ID file in the ID vault..

If an ID file is put into the vault before Notes shared login is enabled, the ID file in the vault will have the user's password associated with it. If Notes shared login is enabled before the ID file is put into the vault, the ID file in the vault will have no password associated with it. In the case that a user needs to download a new copy of the ID file from the ID vault, a password needs to be supplied. If there is not one set in the ID vault or if the password has been forgotten, the password must be reset in the ID vault.

If I am vaulted and have enabled Notes shared login, what should I do if I am setting up Lotus Notes on a new machine?

When going through new user setup, type the password associated with your ID file in the ID vault (if you are using Notes shared login on all of your machines, this password is likely to be the password associated with your ID when it was first uploaded to the ID vault.) If there was no password associated with your ID when it was put into the ID vault or you do not know your password, contact your administrator to reset that password. (If your administrator has disabled automatic downloads, you will also need to contact your administrator first for authorization to download your ID file.)
If the password is correct, you will be able to download your ID file from the ID vault to your new machine.

You can also create a password-protected copy of your NSL-protected ID to use on other computers. To do this, go to the user security panel (File - Security - User Security), and under "Your ID Settings" on the "Security Basics" tab, click on the "Copy ID" button. You will then be prompted to set a password on the new copy of the ID file. You can then copy this password-protected ID file to a new computer to use.

If your security policy indicates that you should be using Notes shared login, Notes shared login will automatically start protecting your ID file on your new machine.

What happens if I am vaulted and Notes shared login is then enabled, and I lose my ID file?

When you become vaulted, the ID vault will be set to recognize the password you are using at that time. If you then enable Notes shared login, the ID vault will continue to recognize the password you were using before switching to using Notes shared login. If you lose your ID file, you can log in using the password you had been using before to obtain a copy of your ID file from the ID vault. Afterwards, Notes shared login will automatically start protecting your ID file again.

I was vaulted and then enabled Notes shared login. I also have a Linux machine, and I changed my password on that machine. (Notes shared login is currently only supported on Windows.) What happens if I lose my ID file on my machine that was enabled with Notes shared login?

When you changed your password on a password-protected ID file, your local ID file was resynchronized with the ID file in the vault, and the ID vault now recognizes your new password instead. If you lose your ID file, you can log in using the new password to obtain a copy of your ID file from the ID vault. Afterwards, Notes shared login will automatically start protecting your ID file again.

What happens if I am vaulted, Notes shared login is then enabled, and then Notes shared login is disabled?

When you become vaulted, the ID vault will be set to recognize the password you are using at that time. If you then enable Notes shared login, the ID vault will continue to recognize the password you were using before switching to using Notes shared login. After disabling Notes shared login, you can continue to use the password you had used before.

I was vaulted and then enabled Notes shared login. I also have a Linux machine, and I changed my password on that machine. (Notes shared login is currently only supported on Windows.) What happens when Notes shared login is disabled?

When you changed your password on a password-protected ID file, your local ID file was resynchronized with the ID file in the vault, and the ID vault now recognizes your new password instead. After disabling Notes shared login, you can use the new password.

What happens if I became vaulted after enabling Notes shared login, but have switched back from Notes shared login to using a password-protected ID?

If you became vaulted after enabling Notes shared login, your ID file in the vault is not associated with any password-based authentication information. After disabling Notes shared login, the first password that you use to protect your local ID file will also become your ID vault password.