I have to move several hundred users from various OUs to a new single OU and would like to maintain copies of all the recerted users’ IDs. I thought the best way to do this would be to create the new cert with ID recovery enabled and when they were moved over the ID would be automatically emailed to my mailinDB and I could recover PWs that way. I tried this on a test user moving to an existing ID recovery enabled cert and the user moved over OK but the ID never appeared in my MIDB. Newly registered people with this cert do have their IDs sent through OK.Am I going about this the right way or is there a better option?
I assume you used the admin client to move the test user to the new OU and there were no error messages in admin4.nsf. Was the test user that you recertified able to successfully authenticate with their old ID and accept the prompts to accept the new cert?
Visit http://www.binarytree.com/domains. They have a tool that will do the complete rename for you, assist the users in accepting the rename, and then pull copies of the ID files back from the user’s workstations and reset the password in that ID to a standard password for you.
It can then export those ID’s to either a network share or another database.
I actually did it through my regular notes client, actions->rename selected user-> Request Move to new certifier. It all seemed to go through OK and the user was recerted OK. Unfortunately, I don’t have the entries in admin4.nsf anymore as I did this a few weeks ago and any errors would have long gone.
Perry,
I’ll take a look at the BinaryTree offerring if I can’t get this to work.
I would still like to know if the principle of what I am doing is correct and that it should work and I should persevere to find a solution, or whether I have misunderstood how ID recovery works and that it is not suitable for this scenario.