Home
Administering
This documentation provides information about the administration tools for managing and monitoring servers and databases.
Administration tools
Topics in this section describe the tools you can use to administer a Domino® server.
The Administration Process
The Administration Process is a program that automates many routine administrative tasks.
Administration Process requests
An administration request is created by the administrator performing an action; it represents an administration task and is run by the server task AdminP (Administration Process). When an administration request is generated, it appears in the Administration Requests database.
AdminP Administration Process Requests -- One Domain
These topics describe the AdminP (Administration Process) requests for a single domain.
Store Certificate Revocation List in Domino® or LDAP Directory
The Domino® CA process issues and maintains certificate revocation lists (CRLs) for each Internet certifier.

Administering
This documentation provides information about the administration tools for managing and monitoring servers and databases.
- Administration tools
  Topics in this section describe the tools you can use to administer a Domino® server.
  - The Domino® Administrator
    The Domino® Administrator is the administration client for Notes® and Domino. You can use the Domino Administrator to perform most administration tasks.
  - The Server Controller and the Domino® Console
    The Server Controller is a Java-based program that controls a Domino® server. Starting the Server Controller starts the Domino server it controls. When a server runs under a Server Controller, you can send operating system commands, Controller commands, and Domino server commands to the Server Controller.
  - The Administration Process
    The Administration Process is a program that automates many routine administrative tasks.
    - Specifying the administration server for the Domino® Directory
      Choosing the administration server for the Domino® Directory depends on your network setup, the available equipment, and the anticipated changes that will be made to the Domino Directory via the Administration Process.
    - Setting up the Administration Process
      You complete a set of tasks to set up the Administration Process.
    - Administration Process support of secondary Domino® Directories
      Domino® supports the use of secondary Domino Directories for maintaining user names and groups that you want to store in a directory other than your primary Domino Directory, NAMES.NSF. For example, you may want to maintain Notes® users with Notes IDs in NAMES.NSF, but maintain Web-only users in a secondary Domino Directory.
    - Processing administration requests across domains
      The Administration Process for the Domino® Directory must be set up on a server in each domain.
    - Setting up ACLs for the Administration Process
      Each administrator who uses the Administration Process to perform tasks must have the appropriate access rights and roles in the Domino® Directory (NAMES.NSF), secondary directories -- if applicable, Administration Requests database (ADMIN4.NSF), and the Certification Log database (CERTLOG.NSF).
    - Modifying the Action field in the Access Control List (ACL)
      The Access Control List (ACL) dialog box for Notes® (.NSF) applications contains an Administration Server field and an Action field on the Advanced panel. Use caution when modifying these fields.
    - The Administration Requests database
      Use the views in the Administration Requests database (ADMIN4.NSF) to sort and examine requests in many ways.
    - Managing Administration Process requests
      Managing administration process requests involves approving requests, forcing requests when they must be processed immediately, and checking the Administration Requests database for errors.
    - Customizing the Administration Process
      You can customize the Administration Process.
    - Using AdminQ to process web user requests
      Use Administration Quick (AdminQ) to expedite the processing of Administration Process (AdminP) requests that affect the user IDs of web users, for example, HCL Verse users. The users must have IDs in an ID vault.
    - Statistics generated during administration request processing
      The Administration Process records statistics to help you monitor the request processing activity of the administration process tasks.
    - Administration request messages
      The response Log documents in the Administration Requests database contain error messages that describe any errors that occur during the processing of an administration request. Error messages also appear on the console of the administration server. Administrators who want to be notified when one of these events occurs on a server, can create an Event Handler document in EVENTS4.NSF to define how they want to be notified.
    - Administration Process requests
      An administration request is created by the administrator performing an action; it represents an administration task and is run by the server task AdminP (Administration Process). When an administration request is generated, it appears in the Administration Requests database.
      - AdminP Administration Process Requests -- One Domain
        These topics describe the AdminP (Administration Process) requests for a single domain.
        Add Internet Certificate to Person Record
        You can add an Internet Certificate to a user's Person Record using this AdminP (Administration Process) request.
        Add Resource
        You can add a resource, that is a room or reservation, to the Resource Reservations database using this AdminP (Administration Process) request and the Domino® Administrator.
        Adding servers to a cluster
        You can add servers to a cluster using this AdminP (Administration Process) request.
        Approve person's name change request
        You can approve a person's name change request using this AdminP (Administration Process) request.
        Certify new person key request
        You can recertify a user's Notes ID using this AdminP (Administration Process) request.
        Certify new server key request
        You can certify new server key request using this AdminP (Administration Process) request.
        Change HTTP password in Domino® Directory
        Notes® users can change their HTTP password if the administrator has set the Allow users to change Internet password over HTTP field to Yes in the Password Management Options section on the Password Management tab of the Security Settings document. If the value in that field is No, the user is not able to change the HTTP password. The user has the ability to change the HTTP Internet password during authentication when attempting to access a Notes database via a Web browser.
        Change user password in Domino® Directory
        You can change user passwords in the Domino® Directory using this AdminP (Administration Process) request.
        Copying server public key
        You can copy a server public key using this AdminP (Administration Process) request.
        Create IMAP delegation requests
        The Create IMAP delegation requests administration request is generated from an IMAP client when a user sets delegation preferences for their mail file. This is done from the user's desktop by clicking Tools > Preferences and then selecting mail delegation settings on the Delegation > Mail Delegation tab.
        Create mail files during setup
        You can create mail files during setup using this AdminP (Administration Process) request.
        Create Mail-in database
        You can create a Mail-in database using this AdminP (Administration Process) request.
        Create replica
        You can create a database replica using this AdminP (Administration Process) request by selecting a database and then choosing Database - Create Replica from the tools pane in the Domino® Administrator.
        Creating a Notes® roaming user
        You create a roaming user during the user registration process.
        Delegate mail file
        You can delegate a mail file using this AdminP (Administration Process) request.
        Delegate mail file on administration server
        You can delegate mail file on administration server using this AdminP (Administration Process) request.
        Delegate Web mail file
        You can delegate a Web mail file on an administration server using this AdminP (Administration Process) request.
        Delete Database
        You can delete (retract) a database and, optionally, delete all replicas of the database.
        Delete group in Domino® Directory
        You can delete a group in the Domino® Directory using these AdminP (Administration Process) requests.
        Delete person in Domino® Directory
        You can delete a person in Domino® Directory using these AdminP (Administration Process) requests.
        Delete policy record in Domino® Directory
        You can delete an explicit policy using the Administration Process by performing a Delete Policy action from the Domino® Administrator. From the People & Groups tab, click Policies, select the explicit policy you are deleting and click Delete Policy.
        Delete resource
        You can use the Administration Process to delete a resource from the Domino® Directory.
        Deleting a Notes® roaming user
        You can delete a roaming user in Domino® Administrator just as you would delete any user name. When you delete a roaming user, multiple administration requests are generated.
        Delete server name in Domino® Directory
        You can delete a server name using the Administration Process by performing a Delete Server action in the Domino® Directory or from the Domino Administrator.
        Downgrading a user from roaming to non-roaming user
        You can use the Domino® Administrator to downgrade a user from roaming to nonroaming.
        Find name in domain
        You can locate user names and group names in a domain.
        Maintain Trends Database Record
        The Maintain trends database record request is executed as part of a mail file or database move action initiated due to resource balancing initiated by the Domino® Activity Trends tool.
        Modify CA Configuration in Domino® Directory
        You can modify a CA configuration in the Domino® Directory.
        Modify ID recovery information in Domino® Directory
        You can modify recovery information for a Notes® ID.
        Modify resource
        You can modify a resource or a room in the Domino® Directory.
        Modify User information stored in the Domino® Directory
        You can modify user information that is stored in the Domino® Directory.
        Move a mail file from one server to another
        You can use the Administration Process to move a person's mail file from one server in your domain to another by performing a Move Mail File action in the Domino® Directory or the Domino Administrator. The Maintain trends database record request is executed as part of a mail file move initiated due to resource balancing initiated by the Activity Trends tool.
        Move database from a cluster server
        You can use the Administration Process to move a database from a cluster server to another server by choosing Database > Move from the tools pane. This request creates a replica of the original database on another server.
        Move database from a non-cluster server
        You can use the Administration Process to move a database from a non-cluster server to another server by choosing Database > Move from the tools pane. This request creates a replica of the original database on another server, then creates a request requiring administrator's approval to delete the database from the source server.
        Moving a roaming user
        You can use the Domino® Administrator to move a roaming user's files from one server to another server. While performing the procedure to move a roaming user's roaming files (journal.nsf, bookmark.nsf, names.nsf), you have the option to move the user's mail file as well. When you move users' mail files and roaming files, Domino generates several types of administration requests to process the changes.
        Place server's Notes® build number into Server record
        Use the Administration Process to put the server's Notes® build number into the Server document.
        Recertify Certificate Authority in Domino® Directory
        You can recertify a certificate authority with the Administration Process by selecting the CA in the Domino® Directory and then choosing Tools > Certification > Certify from the Configuration tab in the Domino Administrator.
        Recertify servers
        You can recertify servers using the Administration Process from the Domino® Administrator.
        Recertifying users
        You can recertify users using the Administration Process from the Domino® Administrator.
        Remove Certificate from Domino® or LDAP Directory
        The Remove Certificate from Domino or LDAP directory request is generated when an administrator revokes a certificate and it is removed from the Domino® Directory or LDAP directory. Certificates are revoked if they can no longer be trusted, for example, if the subject of the certificate leaves the organization or if the key has been compromised.
        Remove servers from a cluster
        You can remove servers from a cluster using the Domino® Administrator.
        Rename common name of Active Directory user
        If you use the Directory Sync feature, when the names of users change in Active Directory, this request changes the users' common names in Domino.
        Rename group
        You can rename a group using the Administration Process by performing a Rename Group action from the Domino® Administrator.
        Rename person
        You can rename a user with the Administration Process by choosing People > Rename from the tools pane of the Domino® Administrator.
        Rename person - name change refused
        If a user refuses to accept a proposed name change, a series of administration requests are generated. These requests require the administrator's attention and one requires the administrator's approval. The sequence of requests is generated only when the name change is refused by the user.
        Rename person - name change ignored by user
        If a user ignores a proposed name change, and does not accept or reject the name change, a series of administration requests are generated. These requests require the administrator's attention and one requires the administrator's approval. The sequence of requests is generated only when the name change is ignored by the user.
        Rename Web user
        You can rename a Web user with the Administration Process by selecting the Web user you are renaming, and choosing People > Rename from the tools pane of the Domino® Administrator. The timing shown for each request is the default, which you can customize through the Server Tasks - Administration Process section of the Server document.
        Server registration requests
        Administration Process requests are carried out during server registration .
        Set Directory Assistance Field
        An Administration Request updates the name of the Directory assistance database.
        Set directory filename
        The Set Directory Filename request adds the file name of a server's primary Domino® Directory to the hidden view ($Directories), and places the directory name in the Server document.
        Set password fields
        You can update the password fields in a user's Person document using the Administration Process.
        Set user name and enable schedule agent
        The "Set user name and enable schedule agent" request is generated when a user sets the Out of Office agent. A user must have Editor access to the mail file set this agent.
        Set Web Admin fields
        The Set Web Admin fields request applies only to pre-Domino 6 servers.
        Set Web user name and enable scheduled agent
        The Set Web user name and enable schedule agent request is generated when a Web user sets the Out of Office agent. A user must have Editor access to the mail file to set this agent.
        Sign database with server's ID file
        Use the Administration Process to sign a database using the server ID file.
        Store CA Policy Information in the Domino® Directory
        The Store CA policy information in the Domino Directory request is issued during CA recovery, when you modify the list of registration authorities or certificate authorities in the Domino® Directory, when you update the CA's ICL attachment or the information that surrounds it in the Domino Directory.
        Store certificate in Domino® or LDAP Directory
        The Store certificate in Domino® or LDAP Directory request is generated when a request for a new Internet certificate is approved by the CA.
        Store Certificate Revocation List in Domino® or LDAP Directory
        The Domino® CA process issues and maintains certificate revocation lists (CRLs) for each Internet certifier.
        Store directory type in Server record
        The Store Directory Type in Server Record request adds a value to a new field in the Server document called Configuration Directory Only to indicate whether or not the directory is a Configuration directory.
        Store server's CPU count
        If a discrepancy is located of the CPU count value is 0, Administration Process posts a Store Server CPU Count request.
        Store server's DNS host name in Server record
        The Administration Process posts a request to populate the SMTPFullHostName field in the Server document.
        Update client information in Person record
        Updates the Notes® client license information as well as the Notes client platform, Notes client build, and the Notes client machine.
        Update domain catalog configuration
        Update the domain catalog configuration.
        Update external domain information
        Update the external domain information to allow a connection to a server in another domain.
        Update license tracking information in Domino® Directory
        Once each day, an administration request sends to the administration process, information regarding new users and information regarding users who have not accessed the server within the last 30 days.
        Update server's protocol information
        Update the server's protocol for the Notes® network ports in the Server document.
        Updating a user from non-roaming to roaming
        You can use the Domino® Administrator to update a user from a non-roaming state to a roaming state by selecting the user and choosing People > Roaming from the Tools pane.
        Web set Soft Deletion Expire Time
        You change the expiration time for soft delete using the Administration Process.
      - Cross-Domain Administration Requests
        With Domino®, you can use the Administration Process to initiate and run an administration request on one domain and then send that request to another specified domain for additional processing on that domain. Requests that can be processed across domains are called cross-domain requests.
      - Time-based execution requests
        Time-based requests apply to move database or create replica actions that are part of a recommended resource balancing plan as determined by the Activity Trends tool. These time-based execution requests enable you to enter the exact time that the administration request executes, as opposed to waiting for the standard scheduled processing time.
  - Domino® server commands
    This section describes the Domino® server commands that are available, as well as methods of issuing those commands.
  - Domino® server tasks
    The information in this topic describes Domino® server tasks and their defaults in the NOTES.INI file.
  - IBM® i server commands
    You can use IBM® i server commands to manage Domino® with IBM i.
- Managing users
  The Administration Process helps you manage users by automating many of the associated administrative tasks. For example, if you rename a user, the Administration Process automates changing the name throughout databases in the Notes® domain by generating and carrying out a series of requests, which are posted in the Administration Requests database.
- Monitoring servers
  This section describes how to use the tools and features that help you monitor a Domino® system.
- Managing servers
  Manage Domino® servers by performing any of these tasks.
- Managing databases
  Topics in this section describe how to set up and manage Domino® databases.

Store Certificate Revocation List in Domino® or LDAP Directory

The Domino® CA process issues and maintains certificate revocation lists (CRLs) for each Internet certifier.

A certificate revocation list is a time-stamped list of revoked certificates and the time of their revocation -- for example, certificates belonging to terminated employees. You configure the CRL when you create a new Internet certifier.

Triggered by: Once a CRL is configured, the CA issues them on a regular basis and they operate unattended. The CA process determines that it is time to publish a CRL and generates this request according to a predetermined schedule. For example, this request is generated when an Internet Certificate is created.

Carried out on: Administration server for the Domino® Directory.

Carried out: Immediately

Result: Certificate revocation list is created in the Domino® Directory.

Note: The CA process does not support the ability to publish CRLs to an LDAP directory.