ID vault management roles

Domino® administrator access is required to perform all vault configuration and management tasks, with the following exceptions.

  • Vault administrators can add and remove other vault administrators, can add and remove vault servers, and can delete a vault. Vault administrators have Manager access to the vault. A person must have Domino® administrator access to a server to be designated a vault administrator.
  • A vault administrator assigned the Auditor role in the vault database can extract ID files to gain access to users' encrypted data.
  • Only people with password reset authority can use the Domino® Administrator to reset passwords on behalf of users and specify an ID download count limit.