Home
IBM® Domino 10.0.1 Documentation
Welcome to the IBM® Domino 10.0.1 Administrator Help.
Securing
This section describes IBM® Domino® security features, including execution control lists, IDs, and SSL.
Domino® server and Notes® user IDs
Domino® uses ID files to identify users and to control access to servers. Every Domino server, Notes® certifier, and Notes user must have an ID.
Notes® ID vault
The ID vault is an optional, server-based database that holds protected copies of Notes® user IDs. An ID vault allows administrators and users to easily manage Notes user IDs. Users are assigned to a vault through policy configuration, and copies of user IDs are uploaded to a vault automatically once the policy has taken effect.
Creating and configuring an ID vault
To make an ID vault operational you must create the vault database on a server, create the vault ID file, specify at least one vault administrator, specify which user organizations trust the vault, assign password reset authority, and use policies to assign user IDs to the vault.
Adding or removing vault administrators
Vault administrators can add and remove other vault administrators, add and remove vault replicas, delete IDs from a vault, mark IDs inactive, restore inactive IDs, and delete a vault. When you create a vault, you must specify at least one vault administrator. However, specifying more than one vault administrator is recommended for administrative backup.

Adding or removing vault administrators

Vault administrators can add and remove other vault administrators, add and remove vault replicas, delete IDs from a vault, mark IDs inactive, restore inactive IDs, and delete a vault. When you create a vault, you must specify at least one vault administrator. However, specifying more than one vault administrator is recommended for administrative backup.

About this task

To be added as a vault administrator, a user must have Administrators access to the server that is open in the IBM® Domino® Administrator. You can specify individual names only, not group names.

Note: A vault administrator assigned to the Auditor role in the vault database ACL can extract an ID from a vault to gain access to a user's encrypted data.

Procedure

Open the Domino Administrator and the and click the Configuration tab.
Click the Security > ID Vaults view and select the vault document of the vault you are managing.
Click Tools > ID Vaults > Manage, and then select the task Add or remove vault administrators.

Results

The names of vault administrators are added to the vault database ACL and to the vault document in the Security > ID Vaults view of the Domino Directory.