IBM Support

LO48467: ID VAULT - CANNOT RESET VAULTED ID - SERVER ERROR: MISSING OR INVALID PASSWORD RESET TRUST CERTIFICATE.

Subscribe

You can track all active APARs for this component.

 

APAR status

  • Closed as user error.

Error description

  • Domino Server 8.5.1HF19
Notes Client 8.5

These are the steps to reproduce this issue (reproduced on
Linux Redhat 5.3
& i5/OS with Domino 8.5.1

1- You have to set up an ID Vault server & one OU and a second
server one with another O

2- Cross certify OU with the  O=/ORG  (even if the O is also
cross certified ) ...
You can use another test O

3- Copy the person doc from the other O to the names.nsf

4-Add this new person to the LocalDomainAdmins

Select the OU and add the LocalDomainAdmins Group as Reset
password Authority for OU

You will got the following summary messages

YOU HAVE COMPLETED THE CREATION OF THE NOTES ID VAULT
'VAULTNAME' WITH
WARNINGS.

In the process of creating the vault the following tasks have
been run.
    Created Notes ID vault Document
    Created Notes ID vault Trust Certificates
    Created Notes ID vault Password Reset Authorities
...........


Policy work done.

You can find the Notes ID vault document in the Security/ID
vaults view of
the Domino directory.

You can find the Notes ID vault certificates in the
Security/Certificates/Certificates view of the Domino
directory.

You can make changes to the Notes ID vault configuration by
using the 'ID Vaults - Manage tool' in the Domino
Administrator.

Reminders:


Organizations whose users can use this vault:
    Vault Trust Certificates to establish trust of the vault for
ID storage can
be added using the 'ID Vaults - Manage tool' in the Domino
Administrator.


Users who can reset passwords:
    Password reset certificates can be added using the 'ID
Vaults - Manage
tool' in the Domino Administrator.


Notes ID vault policy:
    Notes ID vault policies can be added using the 'ID Vaults -
Manage tool' in
the Domino Administrator or you can manually add in the Domino
directory.


6- Register a new person in the OU to reset his password

7- Reset his password

Error message:

Local fix

  • 



Problem summary


    

  • 



Problem conclusion


    

  • 



Temporary fix


    

  • 



Comments


    

  • This APAR is associated with SPR# DPBE82AH3K.
The problem was caused by a user error.

    



APAR Information




    

  • APAR number
    LO48467
    • 

  • Reported component name
    DOMINO SERVER
    • 

  • Reported component ID
    5724E6200
    • 

  • Reported release
    700
    • 

  • Status
    CLOSED  USE
    • 

  • PE
    NoPE
    • 

  • HIPER
    NoHIPER
    • 

  • Special Attention
    NoSpecatt
    • 

  • Submitted date
    2010-02-02
    • 

  • Closed date
    2010-03-17
    • 

  • Last modified date
    2010-03-17
    • 





    

  • APAR is sysrouted FROM one or more of the following:
    

    • 

  • APAR is sysrouted TO one or more of the following:
    

    • 



Fix information


    



Applicable component levels


    








      
              
                            

              

              [{"Business Unit":{"code":"BU055","label":"Cognitive Applications"},"Product":{"code":"SSKTMJ","label":"Lotus Domino"},"Component":"","ARM Category":[],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"7.0","Edition":"","Line of Business":{"code":"","label":""}}]
              

                                                                    

          
 
        

      

    

      

        

          

            
Document Information


            

            


                        

            Modified date:
            

            17 March 2010
            

            
                      

        


        

        


      

    

  



    

  

  
    
            

          
Page Feedback