Link to home
Create AccountLog in
Avatar of stghelpdesk
stghelpdesk

asked on

Notes User ID Certificate Expiring soon on 6.5

I have about 200 users Notes ID expiring soon. I need to extend them. How can I do that from Domino. I need step by step b/c I am  new to Notes Admin stuff. We are not using Notes for e-mail but for databases. we are in Domino 6.5.  
Avatar of Sjef Bosman
Sjef Bosman
Flag of France image

There are several ways. By far the best is that the users read carefully the warning they get and follow the instructions. If they do that, you'll get mails from every user with their certificate attached, for you to refresh and send back.

See also the Help database, the document "Renewing Notes certificates before expiration". It tells the users exactly what they should do, only they usually don't read it for they don't understand the tightness of the Notes security layer. Usually, the message is completely ignored until it's too late.

To forewarn your users, send them a mail telling them that the action is VERY important, and that they should follow it by the letter. You could add a description of what should be done.

See also: http://mail1.harmonsgrocery.com/help/help65_client.nsf/b3266a3c17f9bb7085256b870069c0a9/821b3a3a0c94277185256dff00621105?OpenDocument
Avatar of stghelpdesk
stghelpdesk

ASKER

Can I as administrator renew users certificates without user intervention?
meaning can I  extend Notes ID expiring date. without users intervention.
Yes, you can do it through the Notes Administrator Client.  

Launch the Domino Administrator and select the People & Groups tab. Click People and using the Tools pane, select People, and then select Recertify. There is also a section on the left that groups users based on when their certificate expires.  I think you can select multiple people to recertify at once.

In the Choose a Certifier dialog box, pick your certifier id and then click OK to continue. If the option to use a certifier ID was selected, a dialog box appears requesting the password. Enter the password and click OK to continue.

The Renew Certificates in Selected Entries dialog box appears. In the New Certificate Expiration Date field, change the date to reflect the desired expiration date and then click OK to continue.

The Recertify User dialog box appears showing the common name and the qualifying org unit. Click OK to continue.

The user ID recertification is processed and the Processing Statistics dialog box appears displaying the results of the change process. Click OK to close the dialog box and continue.

http://searchdomino.techtarget.com/generic/0,295582,sid4_gci1217230,00.html
Thanks, How can I comfirm it working. Also How can I comfirm User ID got new expire date?
See Attch file
notes-users.gif
You did type the F9 key to update the view?
yes I did.  How dose user ID on everybody computer get new exipre data? and How can I verily it updated? I just do not want them to lock out of lotus notes
Stg, after you clicked "Recertify Selected People", entered your certifier password, and clicked Ok to Renew Certificates, did the window that appeared at the end say Succeeded for the entries you tried to recertify?  

There is a log file database named Certlog located under the Files tab of Lotus Administrator.  You can go in there and look at all of your users.  It will show the "Certificate not valid before" and "Certificate not valid after" dates for everyone.  

Hope this helps.  
And ask one user to log in. His certificate will update immediately, and he'll receive a message that his certificates were updated.
See the error i am getting on console after i run tell  adminp process all. (See attched file) Also users are not getting any message when they log on for certificates were updated
error.gif
Did you recertify with the correct certifier, i.e. the one used to certify your Domino environment and the server?
yes. I got all the certifiers from ex-notes admin. How can i make sure this was used to certify my domino and server? I was given all the ceritifer. i used them to create new users.
The name of the certifier used to create a user.id file can be found in the id-file itself. Open your own under File/Security/User Security, and check the names of the certificates you have. You can do the same with other id-files, by opening them from the Domino Admin client in a similar way.
I open ID file It has correct Certifier HP/Prcins That what I am using. We have 700 Users I will 450 without problem. Last 250 giving me problem. they all have same HP/PRCINS
any answer for this  I open ID file It has correct Certifier HP/Prcins That what I am using. We have 700 Users I will 450 without problem. Last 250 giving me problem. they all have same HP/PRCINS
I am getting this error do you know what that is in recerity
New-Picture--1-.bmp
New-Picture.bmp
Are you sure that you try to recertify the user on a server with a Name&Address book that contains that user's Person document?? You can't just pick any server to recertify, it has to be a server in the correct domain, with the user's Person document in names.nsf, corresponding to the ID information in the cert.id file.
I only have one Notes Server So this only server i can recertify on it
ASKER CERTIFIED SOLUTION
Avatar of Sjef Bosman
Sjef Bosman
Flag of France image

Link to home
membership
Create a free account to see this answer
Signing up is free and takes 30 seconds. No credit card required.
See answer