Adding a new user to Notes often means adding the same user to Windows NT (or 2000). This often results in the Notes administrator creating two accounts for each new user. Account synchronization, a feature of Notes R5 and R6, solves this problem.
There are three parts to the account synchronization feature:
- Creating NT user accounts as you create Notes accounts with Domino Administrator.
- Creating Notes accounts as you create NT accounts with NT User Manager.
- Single sign-on, or the ability to type your password one time, and have that password work for both your NT account and Notes ID.
The information below describes how to use these features in R5, followed by some additional information about small differences in R6.
All these features are installed during installation of the Notes client software. You must select Customize during the install and then check off the options Client Single User Logon and Domino Directory NT Sync. Note that if you are installing the Notes client as past of a server installation, you might not see this option. Be sure to install the client separately to see this choice.
Creating NT Accounts from Notes
To create NT accounts while creating a Notes account, use the Domino Administrator. While registering a new person, click on the Advanced option (upper left of the screen), then press the Othe r option that appears below it. You will see a checkbox that says Add this person to Windows NT, and fields to enter his/her NT username.
Creating Notes Accounts from NT
To create a Notes account while creating an NT account, use the User Manager in NT (usually in Programs / Admin Tools). You must first do some setup before using the feature however.
- Pull down the function Notes / Notes Sync Options. You can leave the default choices, or change them as you want.
- Pull down Notes / Registration Setup. You may be prompted for your Notes certifier ID, which should be in the A drive. Set these options as you want, or leave the defaults as is.
- Pull down Notes / Mail ID Registration Options. You can leave the default choices, or change them as you want.
After doing this setup, you may now use either of the pull-down choices Notes / Add Selected NT Users to Notes or Notes / Sync Selected NT Users with Notes.
Once you have installed single sign-on (above) there is nothing else to do to use it. NT will save the password that you enter to NT and attempt to re-use the password when you start Notes.
If your default Notes ID has the same password as your NT account, you can start Notes without retyping your password. If you happen to have a different Notes ID installed, you will simply be prompted to enter that other Notes password instead.
Using these features with Notes 6 is very similar to R5, with the following additional points.
The Notes Single Logon (NSL) service in Notes 6 manages password sync bi-directionally. In R5, the Notes client had to drive all password syncs. If the Windows password was changed independently, the user got an annoying message about mismatched passwords the next time s/he started Notes, and had to change the Notes password manually to match. In Notes 6, once the Windows and Notes passwords are synced, NSL catches a password change from either Notes or Windows, and pushes it to the other. This is particularly nice when the user changes the Windows password. Notes does not have to be running at the time, and the machine can even be rebooted before the next time Notes starts. NSL holds onto the change, and updates the Notes ID password the next time Notes starts (and so, if configured, the user's Domino HTTP password too).
To enable/disable synchronization, go to File - Security - User Security. Click Security Basics. Use the option Login to Notes using your operating system login under Your Login and Password Settings.
For More Information
You can find more information about these topics in the Domino Admin Help. Go to the Index view, and then see User Accounts / Creating in Windows NT and User Information / Synchronizing in Notes and Windows NT.
My thanks to Mike Fulbright (Notes admin extraordinaire) at Alcoa and to Andrea Russell at Lotus/IBM for helpful information about this topic.
Chuck Connell is president of CHC-3 Consulting ,
which helps organizations with all aspects of Domino and Notes, especially administration and
security. Chuck helps companies to outsource their Domino administration needs via the Web site DominoAdministration.com and runs the
popular security site DominoSecurity.org.
This was first published in December 2002