Fellow Admins,
This morning I was setting up a second PC for an existing user. During workstation setup I was prompted for a username and servername. In the next step I was asked for a password. At no point was I asked for an id file. The setup was successful; the user has a full valid certificate and can read encrypted email on the second PC.
So what’s going on here? Why was I not prompted to supply an id file. Without the id file, I guess notes has pulled the public key and cert details from the domino directory and created a new id file… user.id is found in the user’s notes data dir. Is that what has happend?
Is this is a new feature of r7 that I just don’t know about? Doesn’t this weaken security a bit?
Thanks for any comments/feedback.
Subject: Setup Workstation without an ID File
No, the Notes client cannot create an ID file for you at installation. Two possibilities I can think of:
-
your user is a ‘roaming user’ and the ID file comes down in embedded in the names.nsf file from the server
-
the ID file was attached to the user’s person document in the address book. If so, the install will detach it from the NAB and put it in the local data directory. Normally, it also deletes the ID attachment from the NAB, but you should check to make sure.
HTH…
Subject: RE: Setup Workstation without an ID File
“No, the Notes client cannot create an ID file for you at installation.”
In fact, technically it can. You can still setup Notes as a stand-alone email program (and there were times when I did that). If you choose to not connect to a Domino server, the Notes client will create an ID file on its own. But, this is of course not derived from your companies certifier and as such useless for anything but private use.
At least that’s what plain common sense should dictate. I know of one of my former companies customers, who had set up the majority of clients this way and then lowered all security settings on their servers, to allow access by those crippled clients. I wont tell any names, but the company had the term “nuclear” in its name … D’oh!
Subject: RE: Setup Workstation without an ID File
Yes It’s a roaming user. I didn’t realise that was one of the roaming features. Thanks for you help.