Advanced registration offers all the settings included
in Basic registration and also allows you to change default settings
and apply advanced settings to users.
Before you begin
Make sure you have the following access before you begin registration:- Access to the certifier ID and its password, if you are not using
the Domino® server-based certification
authority (CA).
- Access to the Domino Directory
from the computer you work on.
- Editor access or Author access with Create Documents role and
the UserCreator privilege in the Domino Directory
on the registration server.
- Create new databases access on the mail server if you plan to
create user mail files during registration.
- Create explicit policies and settings documents if you plan to
use policy-based system administration.
- Access to the certification log (CERTLOG.NSF)
on the registration server.
About this task
You can modify user settings at any time once you add
the user to the User Registration Queue by selecting the user from
the queue and then making changes. You can also modify certain settings
for multiple users at once by selecting the users in the queue and
making changes. You can cancel user registration and clear all fields
at any time by clicking the red X.
Keep the following information
in mind when selecting user registration options:
- Storing user IDs in the Notes® ID
vault – The user registration interface contains the setting In
Notes ID vault on the ID Info tab.
This setting is not modifiable in the user registration interface.
If a user's effective policy has a Security policy settings document
that assigns the user to a vault, the In Notes ID vault value
is selected. If the server you are using is a pre-Domino 8.5 server,
the field label changes to ID vault not supported for this
version of Domino.
- Hosted environments – If you are working in a hosted environment,
when registering users, ensure that you are using a certifier that
was created for the hosted organization into which you are registering
the users. This applies regardless of whether you are using a certifier
and password or the server-based CA.
- Roaming users – If you are registering Domino server roaming users, on the ID
Info tab of the Register Person - New Entry dialog box,
choose In Domino Directory as the location
for storing user IDs if you want roaming users to access their Notes IDs from their Contacts
application. If you do not choose the In Domino Directory option,
roaming users must either store their Notes ID
on a file server or physically carry their Notes ID with them on a diskette or other storage
media. If you elect to store the user ID in a file and in the Domino Directory, the user IDs
are stored in the user's Contacts application.
Note: If
you create Domino server-based
roaming users and do not elect to store their user IDs in the Domino Directory, but later decide
to store those user IDs in the Domino Directory,
disable the roaming user option, select the option to store the user
ID in the Domino Directory,
and then enable the roaming user option again.
Procedure
- From the Domino Administrator,
click the People & Groups tab.
- From the Servers pane, choose the
server to work from.
- Select Domino Directories, and then
select People.
- From the Tools pane, click .
- Enter the certifier password and click OK.
When the Certifier Information Recovery Warning dialog box appears,
review the information in the dialog box, select the check box and
click OK.
- Click Advanced.
- From the Basics tab, complete these
fields:
Table 1. Basics tab Field
|
Enter
|
Registration server
|
Click Registration Server to change the registration
server (which is the server that initially stores the Person document
until the Domino Directory
replicates), select the server that registers all new users, and then
click OK. If you have not defined a registration server in Administration
Preferences, this server is by default one of these:
- The local server if it contains a Domino Directory
- The server specified in NewUserServer setting of the NOTES.INI file
- The administration server
|
First name, Middle name, Last name
|
The user's first and last names and (if necessary)
middle name. The user's Short name and Internet address are automatically
generated. To change the Short name or Internet address, click the
appropriate space and enter the new text.
|
Short name
|
A short name in the format FirstInitialLastName
is automatically created as you enter the user's name. For example,
JSmith is the short name for John Smith. You can modify this field.
|
Password
|
A password for the user ID.
|
Password options
|
Click Password options to set a level for the
password in the Password Quality Scale. The default level is 8.
For more information, see The password quality scale in
the related links.
Choose the password encryption strength
(or password key width). The encryption key that protects the Notes keys that are stored in
the user ID file is derived from the password. The stronger the encryption
strength of the password, the stronger the encryption key that protects
the Notes keys.
- Base strength on RSA key size - encryption strength is determined
by the size of the RSA key stored in the ID file. If the RSA key size
is less than 1024 bits, the password encryption strength is 64 bits;
if RSA key size is 1024 or greater, the password key size is 128 bits.
- Compatible with all releases (64 bits)
- Compatible with 6.0 and later (128 bits)
Enable the check box Set Internet password to
give Internet users name and password access to a Domino server and to set an Internet password
in the Person document. This field is automatically selected if you
select the Other Internet, POP, iNotes®,
or IMAP mail types.
|
Mail system
|
Click to change the user's mail system from
the default of Notes to an
Internet-based system or iNotes.
|
Explicit policy
|
Select the explicit policy to apply to this
user. For more information on policies, see Organizational and
explicit policies in the related links.
|
Policy synopsis
|
Click to see a summary of this user's effective
policies.
|
Enable roaming for this person
|
Click to enable roaming capabilities for this
user. Doing so enables the Roaming tab.
Note: If you are enabling
roaming user for a current release Notes user,
see the topic Creating a Roaming policy settings document in
the related links.
|
Create a Notes ID
for this person
|
Click to create a Notes ID for this person during the registration
process.
|
- Click the Mail tab and complete
any of these fields.
Table 2. Mail tab Field
|
Enter
|
Mail system
|
Choose one of the available mail types and
complete the necessary associated fields:
- Notes (default)
- Other Internet
- POP
- IMAP
- iNotes
- Other
- None
If you select Notes,
POP, or IMAP, the Internet address is automatically generated.
If
you select Other Internet, POP, or IMAP, the Internet password is
set by default.
If you select iNotes,
you can change other user registration selections to iNotes defaults by clicking Yes when prompted.
If
you select Other or Other Internet, enter a forwarding address. This
address is the user's current address, where the user wants mail to
be sent. For example, if a user temporarily works at a different location
and/or uses a different mail system, the user can have her mail forwarded
to that new address. Or, a user may resign from the company but leave
a forwarding address so that mail addressed to the old address is
forwarded to the new location.
|
Mail server
|
The user's mail server. If you have not defined
a mail server in Administration Preferences, this server is (by default)
the local server if it contains a Domino Directory;
otherwise, it is the Administration server.
|
Mail file name
|
The file name of the mail file. By default,
the path and file name are mail/firstinitialfirst7charactersoflastname.nsf
|
Create file in background
|
Click this to force the Administration Process
to create the files in the background. Use this option to save time
during the user registration process. If you do not choose to create
the file in the background, mail files are created during the user
registration process.
|
Mail file template
|
A mail template from the list of available
mail templates. For a description of the template, select the template
and click About. The default is Mail R# (MAIL85.NTF).
|
Create full text index
|
Click to generate a full-text index of the
mail database.
|
Mail file replicas
|
Click to open the Mail Replica Creation
Options dialog box. This option applies only to clustered
servers. - Create mail database replica(s) – Lets
you add or remove servers in the list of mail database replicas. If
the server on which the mail database resides is not a clustered server,
you see the message No cluster mates found for mail server.
- Add Server(s) – Select one or more servers
to add to the list of servers on which mail replicas will be created.
- Remove Server(s) – Select one or more servers
to be removed from the list of servers on which mail replicas will
be created.
- Create mail replica(s) in background –
Enable this option to allow continued use of the Domino Administrator client after you click
OK to start creation of the replicas you have specified.
|
Mail file owner access
|
Select the level of access in the access control
list to assign to the user of the mail database from the Mail file
owner access list. By default, mail users have Editor with Delete
documents access to their own mail files; all other users have no
access. This option can be used to prevent mail users and/or owners
from deleting their own mail file. If the mail owner access is Designer
or Editor, the administrator ID currently being used is added to the
mail file ACL as Manager.
|
Set database quota
|
Click to enable, and then specify a size limit
(maximum of 10GB) for a user's mail database.
|
Set warning threshold
|
Click to generate a warning when the user's
mail database reaches a certain size, and then enter the warning size
(maximum of 10GB).
|
- Click the Address tab, and enter
values in any of these fields.
Table 3. Address
tab Field
|
Enter
|
Internet address
|
The Internet email address assigned to this
user.
|
Internet Domain
|
The domain to be used in the Internet address
-- for example, Renovations.com.
|
Address name format
|
The format of the Internet address. The default
format is FirstNameLastName@Internet domain without a separator --
for example, RobinRutherford@Renovations.com.
|
Separator
|
The character inserted between names and initials
in the Internet address. The default is None.
|
- Click the ID Info tab, and enter
values in any of these fields.
Table 4. ID Info
tab Field
|
Enter
|
Create a Notes ID
for this person
|
Click to create a Notes ID for this user.
|
Certifier Name list
|
Choose a certifier ID to use when creating
the user name during user registration when a Notes user ID is not being created for the
user.
This field appears if the check box Create
a Notes ID for this person is not selected.
|
Use CA process
|
Click to use the Domino server-based certification authority
(CA) to register this user. The certifier ID and password will not
be needed to complete the user registration process if you use the Domino CA.
This
field appears if the check box Create a Notes ID for this
person is selected.
|
Certifier ID
|
Click if you want to use a certifier ID and
password instead of the server-based CA. To change to a different
certifier ID, click Certifier ID, select the new ID, enter the password,
and then click OK.
This
field appears if the check box Create a Notes ID for this
person is selected.
|
License type
|
Choose either North American or International.
The license type determines the type of ID file created and affects
encryption when sending and receiving mail and encrypting data. North
American is the stronger of the two types.
This field appears
if the check box Create a Notes ID for this person is
selected.
|
Certification expiration date
|
The expiration date of the user ID in mm-dd-yy format.
The default is two years from the current date.
This field
appears if the check box Create a Notes ID for this person is
selected.
|
Location for storing user ID
|
Choose one:
- In Domino Directory (default).
The ID file is stored as an attachment to the user's Person document.
If you are registering roaming users, choose this option to store
their Notes IDs in the Domino Directory. If you do not
choose this option for roaming users, the users must either store
their Notes IDs on a file
server or carry their Notes IDs
with them on diskette or other storage media. When you choose this
option, the user's IDs are stored in their Contacts file.
- In file (default location: datadirectory\ids\people\user.id).
Click Set ID file to change path.
- In mail file. This option is only available with iNotes and allows Notes users to read their encrypted mail while
using iNotes. This field
appears if the check box Create a Notes ID for this person is
selected.
- In Notes ID vault. The
field is not modifiable. This value is set in the security policy
settings document. If this field is checked, the user ID will be stored
in the Notes ID vault, an
optional, server-based database that holds protected copies of Notes user IDs.
- ID vault not supported for this version of Domino. This setting displays if you are using
a pre-Domino 8.5 server.
|
Public key specification
|
The public key specification that you use impacts
when key rollover is triggered. Key rollover is the process used to
update the set of Notes public
and private keys that is stored in user and server ID files.
Choose
one:
- Compatible with all releases (630 Bits)
- Compatible with 6.0 and later (1024 Bits)
- Compatible with 7.0 and later (2048 bits)
For information about the significance of the public key
specification and key rollover, see the topic User and server key
rollover.
|
- Optional: To add the user to an existing group:
- Select (highlight) one or more users and then click the Groups tab.
- Select the group or groups to assign and click Add.
Note: You cannot add a user to an auto-populated group during
user registration. If you attempt to do so, a message displays indicating
that you must edit the group directly.
- Optional: If you selected Enable
roaming for this person and Create a Notes
ID for this person on the Basics tab,
click the Roaming tab, and complete any of
these fields.
Note: These settings apply to Domino server roaming. If you
are enabling file server roaming, see the related links for information
on using policy settings documents to register and configure roaming
users and creating a Roaming policy settings document.
Table 5. Roaming tab Field
|
Description
|
Put roaming user files on mail server
|
Click to store the user's roaming information
on the same server used for mail.
|
Roaming server
|
Click to open the Choose Roaming User dialog
box on which you specify the server that stores the user's Domino server-based roaming information.
If you select Put roaming user files on mail server, the Roaming Server
defaults to the user's mail server.
|
Personal roaming folder
|
Specify the top-level directory name, under
which the roaming file path will reside. This is the parent directory
for the user's roaming data, by default its name is roaming.
|
Sub-folder format
|
Specify the directory path, relative to the
folder name specified previously, in which the user's roaming data
will reside. This is typically the user's name. This determines the
default personal roaming folder for each user on the roaming server.
|
Create roaming files in background
|
Check this option to create the user's roaming
files the next time the Administration Process (AdminP) runs. Creating
roaming files in the background forces the Administration Process
to create the files and saves time during the user registration process.
|
Clean-up option
|
Choose one of the following clean-up options
to occur on clients that have been installed and configured for multiple
users.
- Do not clean-up (default) -- Roaming user data will never be deleted
from the Notes client to which
the user roamed.
- Clean-up periodically -- Enables the Clean up every
N days field in which you specify the number of days that
should pass before roaming user data is deleted from the Notes client.
- Clean-up at Notes shutdown
-- Roaming user data will be deleted from the Notes client immediately upon Notes shutdown.
- Prompt user -- The user is prompted on exiting the client as to
whether they want to clean up their personal files. If the user chooses
Yes, the data directory on that client is deleted. If the user chooses
No, the user is prompted as to whether they want to be asked again
on that client. If the user chooses No, the user is not prompted again.
If the user chooses Yes, the user is prompted again the next time
the user exits Notes.
|
Roaming Replicas
|
Click this button to open the Roaming Files
Replica Creations Options dialog box on which you can designate to
which servers a user's roaming files should replicate. This option
only applies to clustered servers.
|
- Click the Other tab, and complete
any of these fields.
Table 6. Other tab Field
|
Enter
|
Setup profile
|
Name of a User Setup profile to assign.
If
you are using policies, you cannot use a user setup profile.
|
Unique org unit
|
A word that distinguishes two users who have
the same name and are certified by the same certifier ID.
|
Location
|
Departmental or geographical location of the
user.
|
Local administrator
|
The name of a user who has Author access to
the Domino Directory but
who does not have the UserModifier role. This setting allows the local
administrator to edit Person documents.
|
Comment
|
A comment about the user, regarding the user's
registration.
|
Alternate name language
|
Choice of alternate name language. The certifier
ID used to register this user must contain the alternate name language
for it to appear here.
For more information, see Adding an
alternate name and language.
|
Alternate name
|
The alternate name of the user. The certifier
ID used to register this user must contain the alternate name language
for it to appear here.
|
Alternate org unit
|
A word that distinguishes two users who have
the same name and are certified by the same certifier ID. The certifier
ID used to register this user must contain the alternate name language.
|
Preferred language
|
Choose a preferred language for the user, that
is, the language that the user prefers to use.
|
Windows user
options
|
Click to set user options for Microsoft Windows.
Opens the Add Person to Windows dialog box
where you can specify whether to add the user to Microsoft Windows,
and optionally, to a Windows group.
Do the following: - Click Add this person to Windows. When
you choose this option, the other fields become available.
- (Optional) Modify the name shown in Windows user name.
It displays the default Window user name composed of the user's first
initial and last name. For example, JSmith is the default for John
Smith.
- (Optional) Under Add person to Windows group,
select one or more groups to which you want to add this user.
|
- Click the green check mark. The user name appears in the
Registration status view (the user registration queue).
- Click Register and then click Done.