Eric B
asked on
Lotus Notes Admin - No registration server or certification server available to recertify a user
Ok, it seems to be a doozy! I have taken over the role of Lotus Admin in an environment where Lotus is a very old version, its only used for database purposes (no mail) and has limited admin accessibility. I can log in and it does seem that I am an admin. There is no NotesAdmin id file that I can see so I cannot log in as NotesAdmin. I have a power user whos about to expire and I cannot recertify the user because either I dont know how ( i have tried every standard procedure) or I cannot because of bad config. When I try to create a new user, it does not create user.id file. When I copy another user, it copies that users ID file making the login useless for security reason. May as well give access to my user id. I need a way to "hack" or reconfigure stuff to maybe create new reg server. I need "hi-end" help and not links to possible solutions. Lotus Admins only, please respond.
you need access to the certifying ID files to recertify a user. Do you have access to these files?
ASKER
No I do not. I have admin access to the server but thats it. I can detach any id file but there isnt one for NotesAdmin.
ASKER
Thanks to famousnametaken for the quick intervention.
I would search the server for *.id and look for one called cert.id or something like that.
You don't necissarily need a NotesAdmin account or the ID file for it if you have sufficient rights. But the main thing will be the certifier IDs.
You don't necissarily need a NotesAdmin account or the ID file for it if you have sufficient rights. But the main thing will be the certifier IDs.
ASKER
where on the server?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Ok, I will try and login to my unix server and look. back with a reply in a bit.
I"m more familiar with Domino on Windows. I'm not sure if you will find them on Unix
ASKER
I found them. now what?? :)
ASKER
I dont have the password to the cert.id file when I try to certify nor do I have the notesadmin.di password. I am trying to locate them as we speak.
ASKER
Will have to leave this until monday. Thanks for your help and will pick this up on monday.
ok, if you can get the passwords to the cert ID then the rest is not that bad.
ASKER
ok, hacking using passware as we speak!! :) may take all weekend. Hopefully by then I will find the password. I hate having to hack a legitimate server but thats the only way for now.
Can you give us some more info on the H/W and the rest? Apparently Unix, but what O/S exactly? What Notes and Domino releases?
I think you'd better ask the former Admin of the server for the passwords. It is impossible to re-create keys without the certifier-key. You NEED that password and preferably also the password of the admin-ID. If you can't find them, ask your manager('s manager) for help. We can help with all the rest.
I think you'd better ask the former Admin of the server for the passwords. It is impossible to re-create keys without the certifier-key. You NEED that password and preferably also the password of the admin-ID. If you can't find them, ask your manager('s manager) for help. We can help with all the rest.
ASKER
The problem is that there has been a complete staff change. Luckily, I am "friends" with the last administrator so I am trying to get the passwords from him. I am running an old version of Notes (4.x) running on a SUN box with windows clients. If the above statement is correct, then I will have no choice but to obtain the cert password. Will let you know if successful.
Thanks.
I will be awarding points accordingly even though no solution has been really helpful! :) (Although brwwigins, has pointed me in the right place to get the cert files, so points will be awarded at least to him :)
Thanks.
I will be awarding points accordingly even though no solution has been really helpful! :) (Although brwwigins, has pointed me in the right place to get the cert files, so points will be awarded at least to him :)
Would you have liked it better when we would have said: "Oh, but it's easy, cracking a Notes/Domino server!". Domino is secure and you need one key to enter the server as an ordinary user, another one (usually) to enter as administrator and yet another one to create new users.
ASKER
to tell u the truth, i am dissapointingly impressed on their tight security!! :) Now if I was planning to keep the domino server I would be alot happier knowing the security is tight but since I am migrating....LOL
Ah, that HURTS man! You shouldn't have said that. We're trying to help you and you're moving away from Notes?
Just curious... Is there something better then??
Just curious... Is there something better then??
ASKER
to be honest, I love notes but the company was using it for the wrong reasons! Now we have an inhouse app that we want to port some of the info for diff reasons. 1st, cheaper for us cuz we dev software, 2nd, we only need some info.
Is there something better?? Hard to tell as I do not know everything it can do. It does seem better than exchange (which i know a bit about)
Is there something better?? Hard to tell as I do not know everything it can do. It does seem better than exchange (which i know a bit about)
ASKER
Ok peeps, heres the latest. I have my cert.id and my notesadmin.id. I have the password but my notesadmin user has expired!!!!
Now for some strange reason, I cannot recertify. It tells me I do not have authorization. Strange since yesterday I was ble to. I am at a loss!
Help
Now for some strange reason, I cannot recertify. It tells me I do not have authorization. Strange since yesterday I was ble to. I am at a loss!
Help
ASKER
Ok I found (i think) how to do it and now it says that "Entry not found in index"!!!!
ASKER
I think I got it!! Will get back to u all!
ASKER
Youppi!! Ok, now the question is, can I change someones password whos left the company and whos password I do not have? I do have their certifier ID.
The only way you could change the password if you don't know it is to use password recovery (which is not setup by default). Even then you would have to know the password to the recovery ID. Otherwise, there is not really a way to reset a password since you are authenticating with the local ID file instead of a central server somewhere.
so did you finally get the ID re-certified that you originally needed?
so did you finally get the ID re-certified that you originally needed?
ASKER
I did! Thank you. Now if I can find that password for the user i need I would be all set! :)
ASKER