Currently we put IDs on a secure FTP site for local IT to install and set up the new employees' workstations. I want to find something better, but I know putting the ID in the directory is not a good option. What is a best practice for allowing remote IT to set up the Notes client, but keep them from "handling" the ID file that would allow them to make a copy if they wanted to?
Sorry, the point of my question is that the Local IT at remote offices do setup the Notes client so they DO know the password. Management does not expect the users to run the setup process, so when the users sits down at the computer, it has to be ready to go -- which means the Local IT has to know the password and they could make a copy of the ID and password if they wanted to. How can I get around this?
How about if the local IT people use their own, more privileged ID to set up the user's machine? Would this work for you? The last operation they perform is to reset the location choice (lower right of screen) to a user location -- which specifies the user's ID file.
—Chuck Connell, Security and Administration Expert
Do you have comments on this Ask the Expert question and response? Let us know.
Dig Deeper on Lotus Notes Domino Password Management
Related Q&A from Chuck Connell
Is it possible to encrypt a user's name before sending an email? SearchDomino.com expert Chuck Connell weighs in. Continue Reading
Learn how to change authentication timeout interval for Domino Web Access logins. Continue Reading
SearchDomino.com expert Chuck Connell provides a resource for a Lotus Notes administrator who wants to filter out email containing the word "spam," ... Continue Reading