Creating an ID vault
The ID Vault tool enables you to perform all of the steps necessary to make a vault operational. However you can choose to perform some of the required steps at a later time using another tool.
Specifying the organizations that trust an ID vault
You add or remove Vault Trust Certificates, from the Configuration tab of the Domino Administrator.
Assigning password reset authority
Password reset authority authorizes people or applications to reset passwords and to specify ID download counts.
Assigning users to a vault
Only IDs with a parent certifier that has issued a Vault Trust Certificate can be uploaded to an ID vault. To upload IDs to a vault, you specify the vault name in the ID Vault tab of a Security Settings document that is added to a policy document.
Enabling programs that store IDs in databases to use a vault
You can enable Notes API programs that can store Notes IDs in databases to use an ID vault. Doing this allows the users of such programs to take advantage of the ID management features that an ID vault provides.
Adding or removing ID vault servers
After you create an ID vault on one server, you can replicate it to other servers in the HCL Domino domain for better availability. You use the ID Vaults -> Manage tool to add or remove vault replicas or to specify a different vault primary server. Always use this tool to manage vault replicas rather than traditional database replication tools.
Adding or removing vault administrators
Vault administrators can add and remove other vault administrators, add and remove vault replicas, delete IDs from a vault, mark IDs inactive, restore inactive IDs, and delete a vault. When you create a vault, you must specify at least one vault administrator. However, specifying more than one vault administrator is recommended for administrative backup.
Providing instructions for users who forget their passwords
You can specify instructions to display in the Notes login window to users (even non-vaulted ones) who forget their passwords.
Specifying whether to require users to change passwords that have been reset
Use the Security Settings document to control whether users are required to change their passwords after they have been reset.
Requiring authorization for ID downloads
To help thwart unauthorized downloads of Notes client ID files from a vault, require authorization for ID downloads.
Changing the password on the vault ID file
Use the ID Vaults -> Manage tool to change the password on a vault ID file.
Creating or editing ID vault policy settings documents manually
You use policy settings to assign IDs to an ID vault and to specify a few other optional ID vault settings. You can specify policy settings using the ID Vaults -> Create or ID Vaults -> Manage tools, or you can create or edit these policy settings manually as described in this topic.