Uploading a Notes ID to the vault
In a hybrid environment, if a service user has an IBM® Notes® ID file, the ID must be stored in the ID vault in the service. In some cases, for users who have a Notes ID, but who will not use the Notes client, you might need to upload the Notes ID to the vault manually. If it is not stored in the vault, IBM Verse, web client, and IBM Traveler users cannot perform secure mail operations. Other limitations also apply, as outlined in this topic.
Before you begin
If you are unsure whether to store a Notes ID in the vault for web client users, read Planning for Notes IDs.
About this task
Upload a Notes ID
to the ID vault for users who have an ID file, but who do not use
the Notes client:
- If they are starting with new mail files.
- If the mail file was transferred to the service without an imported Notes ID. In this case, if you do not store the ID in the vault, the user cannot read old encrypted messages if there are any.
Note: Alternatively, web client users can upload Notes IDs
themselves. For more information, see the topic about importing a Notes ID
in the SmartCloud Notes web section
of the SmartCloud Notes user
documentation.
Typically, this procedure is not necessary
in these situations:
- For Notes client users, because the ID is automatically uploaded to the vault at some point after the client connects to the service.
- For web client or IBM Verse users whose existing on-premises mail files were transferred to the service, and whose Notes ID was imported into the mail file before the transfer. In this case, the Notes ID is uploaded to the vault the first time a user performs a secure mail operation, such reading encrypted mail.
- For web client or Verse users who never had a Notes ID and who do not want to perform secure operations.
For users who have a Notes ID, if the
ID is not stored in the service vault, the following limitations apply:
- Web client, Verse, and IBM Traveler users cannot perform secure operations when their IDs are not in the vault. Secure mail operations include signing mail, and reading or sending encrypted mail.
- Notes ID password resets and ID recovery are not available.
- If a user's name changes, the user's Notes name cannot be changed.
You can also use this procedure to replace a Notes ID
in the vault.
Note: You cannot use this procedure to upload an ID file
that is enabled for Notes shared
login (NSL). To allow the ID to be uploaded manually, disable NSL.
Or, use the Notes client
with the service, so that the ID file can be uploaded to the vault
automatically. For more information about Notes shared
login, see the security section of the IBM Domino® documentation.