This might be quite a complicated one, but could do with some pointers.
We are at a watershed in our Domino/Notes deployment. For two or three years now we’ve been running a 5 server with about 50 active users, most of whom only use calendaring but some of whom use Notes mail as well. But we know that as we were feeling our way we made mistakes in the setup - so we have additional servers in the Directory, users in strange Organisational Units that we don’t want to continue and many individual databases, including peoples’ mail databases with wrong names in delegation profiles and ACLs.
So…we’d like to set up our 6 server (which for logistical reasons has to be a replacement not an addition) from scratch, and set up new users in a new structure. But we also want our existing users, either via their new user names or their old ones somehow, to have access to their old data, indeed for preference to have their old data copied to their new mail files etc.
It is important we try to get the whole setup right this time as this is the beginning of a 200 user roll out as a pilot for a possible university (faculty and admin if not students as well) wide rollout of between 2000 and 20000 potential diary/mail users.
Can you understand what we are trying to do? What would be the best way to ensure that existing users can continue to have their current data even if they are all new users according to the R6 system with new ids and probably new FQNs?
What would be the best way to ensure that existing users can continue to have their current data:
Recertify them via move to new certifier keeping their existing public keys intact. This will allow you to keep the existing mail file including the encrypted documents. Much of the legwork is done for you via Adminp.
The server name is relatively unimportant as long as it is hierachial and within a server group listed in the mail file ACL or explicitly added to ACL. R5 or R6 is irrelevant.
This sounds like the sort of thing we’ve been playing around with. Thanks for that. Let me try to tease some more out…
We only have one physical machine. It is called abc/Brookes. We will back everything up and have everybody’s current id files in store.
We know there are lots of errors about. And that the OU hierarchy we originally created is rubbish.
So we want to start again, scrap everything we have and allow the server to set up as the first server in the domain, called the same thing. Then we want to create all the existing users in a decent OU hierarchy.
So we will have newly created person docs and newly created ids at that point. Are you saying we should not do that? If I recertify each id with the appropriate new OU certificate instead of registering all the old users first they can keep their (restored) mail files? What is the ‘merge’ certificates thing? Could we use their new id to incorporate their old ones somehow?
I suspect that there is very little encryption to be honest - very very few of the 50 or so use mail anyway - just calendaring at the moment. But the calendaring information is important to most of them.