Minimum permissions on IDVault

Hubertus · February 3, 2026, 7:10am

Please complete the details below then remove this line:

Domino/Notes Version: 14.5FP1
Operating System: Windows Server 2025

Problem/Query: Minimum permissions on IDVault

A customer wants to enable their support staff to reset passwords.
What are the minimum permissions that need to be configured?
They should not be able to administer IDVault.

We used the configuration wizard “Permissions to reset the password”. But that doesn’t seem to be enough.

And of course, we have enabled the role “auditor”.

Many thanks and kind regards

Hubertus

tristanhcl · February 3, 2026, 4:32pm

Kindly refer to the link below for your reference:

ID vault management roles

Assigning password reset authority

Password reset authority authorizes people or applications to reset passwords and to specify ID download counts.

Before you begin

To complete this task you must have the following access:

Administrator access to the server in the HCL Domino® domain
Editor access to the Domino® Directory
Physical access to the certifier ID file of each user organization whose passwords will be reset. The certifier ID file is used to issue Password Reset Certificates to the password reset authorities.