Subject: Can ID Vault capture IDs for all DWA 8.01 users
We have about 3200 users using DWA 8.01, who do not have access to Notes Client. Can ID Vault be made to ‘capture’ the ID files for all of these users. Our environment is version 8.01 across-the-board.
Subject: 8.5.1
When you upgrade to 8.5.1, the ID files attached to the mail file will be automatically pulled into the ID Vault to which the user is assigned.
Subject: 4-eyes-priciple
Hello, how can we have the 4-eyes-priciple in ID Vault, so that no admin alone is able to use the notes id of someone else?consider ID Vault ID and password reset authority, which could give so. access to any notes user IDs.
SECURE_DISABLE_Auditor=1 is used.
Is the only way to put 2 passwords on the ID Vault ID and the ID, which can reset passwords?
Subject: Response
If SECURE_DISABLE_AUDITOR is used, no admin can extract an ID file. If you do not use the INI parameter, then all Vault Administrators are effectively Auditors, since they can add the Auditor role to their own ACL entry. Thus you would need to ensure that all IDs that are made Vault Administrators require two passwords to unlock.
Subject: the same to passwort reseter
But does this also mean, that I have to put 2 password on the ID, which is able to make password resets? Because the admin could enable the ID-downlaod for the user in the policy document, reset the password of the ID and set-up a new notes client with the username and the resetted password, so (s)he could access the encrypted email of a user.
Subject: I went through the setup, but can’t get back?
I learned that this can be setup [ID Vault] and as clients come up to version 8.5 and get the policy, they would be included in the vault.
I got to the part on setting up the ID Vault Password, and then prompted for the ‘certificates’ in our directory.
When I go back with the Admin Client and expand ID Vault - it’s like nothing is there. Do I need to start over again?
Subject: Do you not see the Vault certs?
Are you not seeing the new certificate types in your NAB (Password Reset Certificates and Vault Trust Certificates)? I’ve seen that in my mixed environment when my 8.5 NAB design was replaced by 8.0. Please ensure your design is 8.5.