To provision a user in a hybrid environment, the user must
be registered in an on-premises IBM® Domino® directory.
If a user you are provisioning is new at your company, perform this
procedure to register the user on-premises.
Before you begin
You can apply a policy to the user so that the policy is
in effect when the user is provisioned for IBM
SmartCloud® Notes®.
To do so, create an explicit policy before you continue. Then, select
the policy during this procedure. If you do not apply a policy during
user registration, you can apply it later. For more information, see
Using administrative policies.
The Domino directory
in which you register the user must be configured as a synchronized
directory that is used for user provisioning. For more information,
see Configuring directory synchronization.
Procedure
- From an on-premises Domino Administrator
client, open a server that is in the Domino domain in which you want
to register the user.
- Click the tab People & Groups.
- Click Tools and click .
- Use any of the following methods to specify the certifier
to use to certify the new user ID.
- If you are prompted to provide a password for the certifier that
you want to use, enter the password. Otherwise, click Cancel.
- Click Certifier ID, select the certifier
ID, and click OK.
- Click Use the CA Process and select the
certifier.
Note: There must be a trust relationship between this certifier
and the OU certifier you uploaded to the service to certify your mail
servers. For example, if your mail server OU certifier is /SCN/Renovations,
there is an automatic trust relationship if the user ID certifier
is /Renovations. However, if the user ID certifier
is /Zetabank, you must create cross-certificates
to establish trust.
- Complete the following fields in the Basics tab
of the Register Person window.
| Field |
Value |
|---|
| Registration Server |
The name of the server to use to register the
user. The domain Domino directory
for this server must be configured as a synchronized directory that
is used for user provisioning. |
| First name, Middle
name, Last name |
The user's name.
If you plan to use
the integration server to provision users, a first name and a last
name are required. Otherwise, only a last name is required.
If you specify a last name only, after the user is provisioned, the one name is displayed in the
SmartCloud Notes directory and in the
mail file. However, in Connections Cloud account settings
and user accounts, the name is also the first name. For example, if you register a user
with the last name HelpDesk, when you log on to the service as an
administrator and click User Accounts, the name is shown as
HelpDesk
HelpDesk.
|
| Short name |
A short version of the name that is generated
automatically. You can change the default value. You cannot enter
an email address here.
|
| Password |
A password for the Notes ID.
|
| Password Options |
- Password Quality Scale
- Encryption Strength
- Set internet password (optional). The service
does not use the Internet password. However, it might be required
for access to on-premises web applications.
|
| Mail system |
IBM Notes Select this
option regardless of the type of client you plan to use with the service.
|
| Explicit policy |
(Optional) Select an explicit policy to apply
to the user. Organizational policies are not supported. |
| Enable roaming for this person |
Do not select this option. Roaming is not supported. |
| Create a Notes ID for this person |
Select. |
- Select the Advanced box in the Register
Person window.
- Click Mail and complete the fields
that are displayed to create a required, temporary on-premises mail
file. When the user is provisioned for the service, a new mail file
is created in the service. Make a note of the location of the temporary
mail file; after user provisioning is complete you can delete it.
- Click Address and complete the fields
that are described in the following table.
| Field |
Value to specify |
|---|
| Internet address |
The user's Internet mail address, for example, sdaryn@renovations.com. |
| Internet domain |
The domain portion of the user's Internet address,
for example, renovations.com. The domain must
be one that is verified by the service. |
| Address name format; Separator |
Select options to determine the format of the
Internet address. |
- Click ID info and complete the fields
that are described in the following table.
| Field |
Value to specify |
|---|
| Create a Notes ID for this person |
Select this option.
|
| Certifier ID |
Confirm the certifier to use to create the ID.
There must be a trust relationship between this certifier and the
certifier you provided to certify your mail servers in the service. |
| Public key specification |
Select one of the listed specifications. |
| License type |
Select North American or International.
The license type determines the type of ID file that is created. It
affects encryption of sent and received mail and of data. North American
is the stronger type. |
| Location for storing user ID |
Select any of the following options: - In Domino directory to store the ID file
as an attachment in the Person document.
- In file to store the ID in a file that
you provide to the user.
- In Notes ID vault to store in an on-premises
ID vault. This option is useful only to retrieve the ID during initial
setup of a Notes client
on-premises. After the client connects to the service, the ID is uploaded
to the ID vault in the service. Then, the on-premises ID vault is
no longer used.
|
- Optional: Click Groups and
assign the user to groups in the Domino directory.
- Click the green check mark to add the user to the registration
queue.
- Select the Registration Queue and click Register.
Results
A Person document for the user is added to the Domino directory
of the registration server. After the Person document replicates to
the service during directory synchronization, a company administrator
can provision the user from the User Provisioning window of SmartCloud Notes Administration.
To provision the user, the administrator first searches for the user
name.