HELP!!! Someone within our organisation has somehow obtained a copy of an ID file with admin rights to our Domino network. They are now going through other people’s email. I cannot prove who it is even though I think I know. Can anyone tell me how to stop this user from using this ID file??
FS
Subject: why don’t you put the name in the deny group
And create another ID with admin rights…You can also turn on tcpip tracing so you can see the IP address of the connecting user (and the name) and nail it down to a workstation…
Just curious, how did the person end up with the ID and password?
Subject: RE: why don’t you put the name in the deny group
Yeah - before denying them rights, make sure you have prrof of who is accessing the mail files.
You should read the portion of the Admin guide titled “Verifying user passwords during authentication” here:
where it describes exactly your particular scenario and how to deal with it.
Subject: RE: why don’t you put the name in the deny group
Perhaps he had it attached in the person doc and they use the same default password for every new ID.
Subject: Try public key checking
Turn on the “Compare Public Key” setting on your servers and request a new key pair for the “legitimate” copy of the admin ID file. This will prevent any old copies of the admin ID from authenticating to the servers, and will also find any public key mismatches that might be causing encryption failures within your domain. 