Enabling automatic restart of ID file synchronization

When a password on a Notes client ID doesn't match the password on the ID in the vault, ID synchronization between the client and the vault fails. When ID synchronization fails, changes made to the client ID, such as the addition of new encryption keys, are not changed in the ID in the vault. You can enable automatic archiving of ID vault user documents when this situation occurs for longer than seven days. Archiving renames the ID vault user documents, allowing ID files on clients to be uploaded again to the ID vault. This ensures that the most recent information stored in the local ID file is stored in the ID in the vault.

Before you begin

Best practice is to schedule regular backups of your ID vault.

About this task

Mismatched passwords that stop ID synchronization typically occur in the following situations:

An administrator resets a user's password in the ID vault but the user doesn't use the new password on the client.
A user changes the password on the client ID and the ID successfully syncs to the ID vault. The user then uses an older ID file on the same or a different computer that has a different password.

Procedure

To automatically replace the ID file in the ID vault with the current ID on the Notes client when synchronization remains stopped for longer than seven days, add the following setting to the server notes.ini file:

ENABLE_AUTORECOVERY_FROMBADPASSWORD=1

Results

When Notes client ID vault synchronization fails because of mismatched passwords, the mismatch is flagged in the user's ID vault document.
If more than seven days occur without successful ID vault synchronization, the user's ID vault document is archived by renaming it to begin with a tilde (~) .
At the next ID vault synchronization attempt, because the user's ID vault document isn't found due to the archiving, the ID file is uploaded again from the client to the ID vault and the passwords are again in sync.