Customizing user registration

You can define specific options to customize how IBM® Domino® registers users. If you choose to use a certifier ID and password instead of the Domino server-based certification authority (CA), Domino uses the certifier ID specified in Administration Preferences; or if there is none, it uses the ID specified in the CertifierIDFile setting in the NOTES.INI file.

Before you begin

Make sure to have the following before you begin customizing user registration:
  • Access to the certifier ID and its password, if you are not using a certifier enabled for the CA process.
  • Editor access or Author access with Create Document role and the UserCreator privilege in the Domino Directory. The UserCreator role is required regardless of your access level.
  • Access to the Domino Directory from the computer you work on. Local or remote access to USERREG.NSF.
  • Create new databases access on the mail server to create user mail files during registration.
  • Create document access to CERTLOG.NSF on the registration server.
  • GroupModifier role or at least Editor access to add users to groups.
Note: Do not modify the ACL for USERREG.NSF using the File > Application > Access Control menu commands. Use the User Registration Database Access button on the Advanced Person Registration Options dialog box.

Procedure

  1. From the Domino Administrator, click the People & Groups tab.
  2. From the Servers pane, choose the server to work from.
  3. Select Domino Directories, and then click People.
  4. From the Tools pane, click People > Register. Enter the password for the certifier that you are currently using.
    Note: While registering a user, you can specify whether you want to register the user with the server-based CA, or with a certifier ID and password. This selection is made on the ID Info panel in advanced user registration.
  5. Click the Options button, and then choose any of these options in the Advanced Person Registration Options dialog box:
    Table 1. User registration options
    Field Description
    Do not continue on registration errors Stops registration if you have multiple users selected and the registration encounters an error. The default is to continue on registration errors.
    Keep successfully registered users in the queue Keeps successfully registered users in the queue. The default is to remove successfully registered users from the queue.
    Try to register queued people with error status Tries to register queued users, even if their registration status contains errors. For example, if you choose this option, a user whose password is insufficiently complex will be registered. The default is not to register queued users who have error status.
    Allow registration of previously registered people Allows registration of users who were previously registered in IBM Notes®. The default is not to register previously registered Notes users.
    Search all directories for duplicate names Checks every directory to see if the user's name already exists.
    Enforce short name uniqueness Forces all short names to be different from one another.
    Don't prompt for a duplicate person If you enable this option, these additional options appear. Choose one:
    • Skip the person registration -- Skips the user registration for both short name and full name single matches.
    • Update the existing address book entry -- Overwrites the existing user if the single match found is on the full name. Short name uniqueness is then required.

    The default is to prompt for duplicate users.

    Don't prompt for a duplicate mail file If you enable this option, these additional options appear. Choose one:
    • Skips the person registration.
    • Generates a unique mail file name by appending a number beginning with 1, then 2, etc., to a non-unique mail file name until a unique name is found.
    • Replaces the existing mail file -- option does not apply when the mail file is being created in the background via the Administration Process, or if the current ID does not have delete access to the mail file that is being replaced.

    The default is to prompt for a duplicate mail file.

    Don't prompt for a duplicate roaming directory If you enable this option, these additional options appear. Choose one:
    • Skips the person registration.
    • Generates a unique roaming directory name by appending a number beginning with 1, then 2, etc., to a non-unique roaming file name until a unique name is found.

    The default is to prompt for a duplicate roaming directory.

    Generate random user passwords Enable this check box to automatically set random passwords for the users you are registering. If you select this option, you do not need to specify passwords for the users you are registering.
    User Registration Database Access Displays the Registration Database Access Control Settings dialog box, where you can assign access to administrators as follows:
    • Current® Administrators – Select an administrator to add or remove from the displayed list
    • Access control setting for selected administrator/group – Select an administrator and assign either a Manager, Editor with delete privileges, or Editor without delete privileges access level.
      Note: See the related topics for more information on access levels.
  6. Click OK.