Assigning users to a vault

Only IDs with a parent certifier that has issued a Vault Trust Certificate can be uploaded to an ID vault. To upload IDs to a vault, you specify the vault name in the ID Vault tab of a Security Settings document that is added to a policy document.

About this task

You can add the Security Settings document to any type of policy.

Use any of the following methods to add a vault name to a user policy:

Create or edit a policy manually. This is the recommended approach unless your policy structure is very simple.
Add or edit a policy when you create a vault: from the Configuration tab of the IBM® Domino® Administrator, click Tools > ID Vaults > Create, and complete Step 7 in the tool.
Add or edit a policy after you create the vault using the ID Vaults > Manage tool: from the Configuration tab of the Domino Administrator, select the vault document in the Security > ID Vaults view of the Domino Directory, click Tools > ID Vaults > Manage, and perform the task Create or edit vault policy settings.

There will be a slight delay before policy changes take effect on a server. Restart a vault server to put the policy changes in its Domino Directory replica into effect immediately.

On an ID vault database, select the Advanced ACL option Do not modify names fields.

Note: The ID Vaults > Create and ID Vaults > Manage tools both provide the option to create a group of home servers and assign the group to a dynamic policy.