Registering new users in Active Directory and in Domino® Directory simultaneously

You can register new users in Notes® at the same time that you register them in the Active Directory, or you can register existing Active Directory users in Notes®. If any of the users or groups being registered already exist in Notes®, and the Synchronize if new user/group already exists in Notes option on the Notes Synchronization Options tab is checked, a duplicate user or group is not created. Instead, synchronization is performed.

Before you begin

Before starting any operation in ADSync, review all of the ADSync settings, especially Notes® Settings and Container Mappings.

About this task

Registration uses certifier IDs or the Domino® server-based certification authority (CA). Only certifiers listed in the registration server's Domino® Directory are used. If you are using certifier IDs, you are prompted for the path and password, once per certifier per Microsoft Management Console (MMC) session.

If you create users and groups without additional prompts, all defaults are used, and the entire registration queue is processed. When users are created, random passwords are generated and placed in the database, NTSYNC45.NSF, located in the root directory of the local Notes® data directory.

To register new Windows 2003 users in Domino®

Procedure

  1. From the MMC, right-click Users > New > User.
  2. Complete the Active Directory registration fields on the first two New Object - User windows that display.
  3. Complete these Notes® registration fields on the third New Object - User window that displays.
    Table 1. Active Directory and Notes® registration fields

    Fields

    Action

    Register in Domino® Directory

    Click this check box to register this user in the Microsoft Windows Active Directory and in the Domino® Directory. Other fields on this dialog box are enabled when you click this check box.

    First name, Middle name, Last name

    Enter the user's first name and last name, and optionally, enter a middle name.

    Note: The user's Short name and Internet address are automatically generated. To change the Short name or Internet address, click the appropriate space and enter the new text.

    Org unit

    Enter an organizational unit if your enterprise uses them. For example, if user John Smith is part of engineering, the organizational unit may be Eng. The user name would be John Smith/Eng.

    Organizational units are useful for differentiating between users of the same name. For example, John Smith/Eng/Renovations and John Smith/Doc/Renovations, where one employee is a member of Engineering and the other is a member of Documentation. Each is assigned a different organizational unit name.

    Certifier context

    Choose the certifier to use to certify this user.

    Organizational Policy

    Non-modifiable. Displays the name of the organizational policy that is assigned if there is one. If there are no organizational policies, this field displays None.

    Explicit Policy

    Choose an explicit policy from the list. If you do not specify an explicit policy, registration will not complete and you are prompted to specify one.

    Use common password

    Click this check box if you want to use one password for Windows, Notes®, and Notes® Internet. The existing Windows password is then replaced by the password you enter here.

    To preserve the existing Windows 2003 password, enter that password as the common password.

    If the Use common password check box is selected, the Notes® password for the user name field and the Confirm password field are enabled.

    Password

    Enter the new password.

    Confirm password

    Enter the same password again to confirm it.

    Internet address

    The default Internet address as derived from the Windows user login name, for example, KCarter@domain.com. When the user is registered in Notes®, the domain name from the user's registration policy settings document is appended.

    Short name in Notes®

    The short name by which the user will be known in Notes®. By default, the short name consists of the user's first initial and last name.

  4. Click Next.
    Note: If you do not complete all required fields, a message indicates which fields need to be completed. You must go back and complete the required fields.
  5. Review the settings you specified for the user you are registering and click Finish.

What to do next

You can examine the Windows 2003 event viewer for more information about any errors that may occur. Look for NUMEEvent messages in the Application Log. All ADSync operations are recorded in the Application Log.