Before a user ID reaches its expiration date, recertify
the user ID using the original certifier ID. The user ID is recertified
without renaming the user.
Before you begin
To recertify a user ID, you must have:
- Author with Create documents access and the UserModifier role,
or Editor access to the Domino® Directory
- At least Author with Create documents access to the Certification
Log (CERTLOG.NSF)
About this task
Use the Certificate expiration view to determine which
certifiers need to be recertified. Access this view from . All certifiers
are listed by expiration date.
To recertify a user ID using
a certifier other than the certifier used to create the user ID, you
need to move a user name in the name hierarchy.
Follow these
steps to use the Administration Process to recertify a hierarchical
ID that is about to expire.
Procedure
- From the Domino Administrator,
click the People & Groups tab.
- Select the user or users to be recertified with the same
certifier.
- From the Tools pane, select .
- Complete these fields:
Table 1. Recertification
options
Field |
Action |
Server |
Do one of these:
- If you are using the Domino server-based
CA, choose the server that is used to access the Domino Directory to look up the list of certifiers.
- If you are supplying a certifier ID, select the server that is
used to locate the list of certifiers so that the Certifier ID file
can be updated with the latest set of certificates for itself and
all of its ancestors. This is also the server on which CERTLOG.NSF is
updated.
|
Use the CA process |
Choose this option if you have configured the Domino server-based CA. Select
a CA configured certifier from the list and click OK. |
Supply certifier ID and password |
Choose this option if you are using a certifier
ID and password.
- Choose the certifier ID that certified the user's ID and click
Open. For example, to rename Joe Smith/Sales/NYC/ACME, use the certifier
ID named SALES.ID.
- Click Certifier ID to select an ID other
than the one displayed.
- Enter the password for the certifier ID and click OK.
|
- Verify the certifying ID information and complete the following
fields:
Table 2. Scheduling and other options
Field |
Action |
New certificate expiration date |
Specify a certifier ID expiration date other
than the default two years from the current date. |
Only renew certificates that will expire before |
Enter a date to recertify only a subset of
selected user IDs, according to their current expiration dates. |
Inspect each entry before submitting request |
Select the option to edit or inspect each entry
before submitting the request if you want to view each certificate
before it is renewed. |
- If you selected the option to view each entry prior to
its being submitted, the Recertify User dialog
box appears with non-modifiable information in the primary and common
name fields. Review the information that displays, then select one
of the following:
- OK - to submit the name change.
- Skip - if you are recertifying more than one user ID and you
want to continue to the next without submitting a recertification
for the current name.
- Cancel Remaining Entries - to cancel this recertification,
as well as those for any other names you selected and have not yet
submitted.
- When the Processing Statistics dialog
box appears, review the information to verify that all name changes
have succeeded. Click OK. If any fail, check the Certifier Log (CERTLOG.NSF)
to determine the reason for the failure.