Using Notes Shared Login to secure server ID files
Starting with HCL Domino 12.0.1, you can secure the server ID files of Domino servers on Windows using the Notes Shared Login (NSL) functionality.
About this task
As with NSL for user ID files, a complex "secret" protects the server ID rather than a Notes password. This secret is encrypted using a Microsoft Windows security mechanism and saved locally on the Windows server. The feature relies on Windows account credentials to secure the server ID file and to start the Domino server.
This feature prevents an unauthorized user from copying and using a server ID file, for example, to use it to set up another server. It also avoids the need to provide Notes passwords for server IDs when starting the Domino server.
If a server ID file is Notes password-protected prior to the use of this feature, after the feature is enabled, the Notes password is no longer used.
Procedure
| Option | Description |
|---|---|
| Disabled | Do not use NSL for server ID files. (Default) |
| Use OS credentials | Enable NSL by encrypting the server ID file using the credentials of
a specific Windows account. Only the credentials associated with that
account can be used to decrypt the ID file and start the Domino server.
Use this option if Windows is configured to required a specific Windows
account to start the Domino server. Note:
|
| Use local machine credentials | Enable NSL by encrypting the server ID file using the credentials of any Windows account that is allowed to log on to the Windows server. Any of these accounts can be used to decrypt the ID file and start the server. Use this option if the Domino server is not required to start under a particular account. |
Results
Server ID protection: Enabled
Server ID protection: Disabled