stghelpdesk
asked on
Notes User ID Certificate Expiring soon on 6.5
I have about 200 users Notes ID expiring soon. I need to extend them. How can I do that from Domino. I need step by step b/c I am new to Notes Admin stuff. We are not using Notes for e-mail but for databases. we are in Domino 6.5.
ASKER
Can I as administrator renew users certificates without user intervention?
ASKER
meaning can I extend Notes ID expiring date. without users intervention.
Yes, you can do it through the Notes Administrator Client.
Launch the Domino Administrator and select the People & Groups tab. Click People and using the Tools pane, select People, and then select Recertify. There is also a section on the left that groups users based on when their certificate expires. I think you can select multiple people to recertify at once.
In the Choose a Certifier dialog box, pick your certifier id and then click OK to continue. If the option to use a certifier ID was selected, a dialog box appears requesting the password. Enter the password and click OK to continue.
The Renew Certificates in Selected Entries dialog box appears. In the New Certificate Expiration Date field, change the date to reflect the desired expiration date and then click OK to continue.
The Recertify User dialog box appears showing the common name and the qualifying org unit. Click OK to continue.
The user ID recertification is processed and the Processing Statistics dialog box appears displaying the results of the change process. Click OK to close the dialog box and continue.
http://searchdomino.techtarget.com/generic/0,295582,sid4_gci1217230,00.html
Launch the Domino Administrator and select the People & Groups tab. Click People and using the Tools pane, select People, and then select Recertify. There is also a section on the left that groups users based on when their certificate expires. I think you can select multiple people to recertify at once.
In the Choose a Certifier dialog box, pick your certifier id and then click OK to continue. If the option to use a certifier ID was selected, a dialog box appears requesting the password. Enter the password and click OK to continue.
The Renew Certificates in Selected Entries dialog box appears. In the New Certificate Expiration Date field, change the date to reflect the desired expiration date and then click OK to continue.
The Recertify User dialog box appears showing the common name and the qualifying org unit. Click OK to continue.
The user ID recertification is processed and the Processing Statistics dialog box appears displaying the results of the change process. Click OK to close the dialog box and continue.
http://searchdomino.techtarget.com/generic/0,295582,sid4_gci1217230,00.html
ASKER
Thanks, How can I comfirm it working. Also How can I comfirm User ID got new expire date?
ASKER
See Attch file
notes-users.gif
notes-users.gif
You did type the F9 key to update the view?
ASKER
yes I did. How dose user ID on everybody computer get new exipre data? and How can I verily it updated? I just do not want them to lock out of lotus notes
Stg, after you clicked "Recertify Selected People", entered your certifier password, and clicked Ok to Renew Certificates, did the window that appeared at the end say Succeeded for the entries you tried to recertify?
There is a log file database named Certlog located under the Files tab of Lotus Administrator. You can go in there and look at all of your users. It will show the "Certificate not valid before" and "Certificate not valid after" dates for everyone.
Hope this helps.
There is a log file database named Certlog located under the Files tab of Lotus Administrator. You can go in there and look at all of your users. It will show the "Certificate not valid before" and "Certificate not valid after" dates for everyone.
Hope this helps.
And ask one user to log in. His certificate will update immediately, and he'll receive a message that his certificates were updated.
ASKER
See the error i am getting on console after i run tell adminp process all. (See attched file) Also users are not getting any message when they log on for certificates were updated
error.gif
error.gif
Did you recertify with the correct certifier, i.e. the one used to certify your Domino environment and the server?
ASKER
yes. I got all the certifiers from ex-notes admin. How can i make sure this was used to certify my domino and server? I was given all the ceritifer. i used them to create new users.
The name of the certifier used to create a user.id file can be found in the id-file itself. Open your own under File/Security/User Security, and check the names of the certificates you have. You can do the same with other id-files, by opening them from the Domino Admin client in a similar way.
ASKER
I open ID file It has correct Certifier HP/Prcins That what I am using. We have 700 Users I will 450 without problem. Last 250 giving me problem. they all have same HP/PRCINS
ASKER
any answer for this I open ID file It has correct Certifier HP/Prcins That what I am using. We have 700 Users I will 450 without problem. Last 250 giving me problem. they all have same HP/PRCINS
ASKER
Are you sure that you try to recertify the user on a server with a Name&Address book that contains that user's Person document?? You can't just pick any server to recertify, it has to be a server in the correct domain, with the user's Person document in names.nsf, corresponding to the ID information in the cert.id file.
ASKER
I only have one Notes Server So this only server i can recertify on it
ASKER CERTIFIED SOLUTION
membership
Create a free account to see this answer
Signing up is free and takes 30 seconds. No credit card required.
See also the Help database, the document "Renewing Notes certificates before expiration". It tells the users exactly what they should do, only they usually don't read it for they don't understand the tightness of the Notes security layer. Usually, the message is completely ignored until it's too late.
To forewarn your users, send them a mail telling them that the action is VERY important, and that they should follow it by the letter. You could add a description of what should be done.
See also: http://mail1.harmonsgrocery.com/help/help65_client.nsf/b3266a3c17f9bb7085256b870069c0a9/821b3a3a0c94277185256dff00621105?OpenDocument