IBM Support

LO89222: LOCAL NOTES ID IS NOT UPDATED AFTER USER IS RENAMED WHEN USER IS NSL ENABLED VIA "MACHINE SPECIFIC FORMULA"

Subscribe

You can track all active APARs for this component.

 

APAR status

  • Closed as fixed if next.

Error description

  • Local Notes ID is not updated after user is renamed when user is
shared-login
enabled.

Detail:
Domino Testuser/OU/Org1 is set a security policy with
Notes shared
login enabled. User logs in to Notes without a password as a
result.
Domino Testuser then gets re-named to Domino
MyTestuser/OU/Org1 and
adminp updates the directory with new username, IDvault is
updated, also ACL of
mail file is updated. User logs in , but the local user ID
still shows Domino Testuser. User looses access to his
mailbox.

Note:  I can reproduce this issue in Notes853, 853FP6, 901FP6
with multi-user
mode.

Reproducible steps:
1. Set up Domino901FP3 64 bit on windows.
2. Create security settings:
1) enable ID vault.
2) "Password Management"-"Notes shared login"-"Enable Notes
shared login with
operating system:" : NO
"Machine specific formula below":(I simplify the formula):
@if(@GetMachineInfo([IsMultiUser]);"1";"0")
3. Create a organizational policy, enable the security setting
for all users.
4. Register test user : NSL05/IBM.
5. Set up Notes901FP6 with multiple-users mode on win7 SP1.
Initialize Notes
with user NSL05, confirm the NSL works normal .
6. Rename user NSL05 with option of "Change Common name", change
both "Last
name" & "Short name" to "testNSL05".
7. user NSL05 login and access server, run tell adminp process
all , then check
the adminp request list, they are normal without any error.
8. Close the Notes client then launch again, the NSL works fine.
But if user
NSL05 try to open his database, it will prompt error of "You are
not authorized
to access the database", fails to open the mail DB.
9. Then I check the user security . On the "security basics"
tab, the "Name"
show as NSL05/IBM.  After one day, when I check it again, the
Name have been
changed to "testnsl05/IBM" , but the error still occur, user can
not open his
mail database.

Trouble shooting:
After testing and confirming with customer,  found that this
issue is caused
by the setting of "Machine specific formula" in  "Security
setting"-"Password
Management"-"Notes shared login", the formula is as
below. If I set "Enable Notes shared login with operating
system:" as "yes" and
empty the formula, the local ID can sync with server normally.
********************************
@if((@GetMachineInfo([IsMultiUser])&@GetMachineInfo([IsStandard]
)&!@Begins(@GetM
achineInfo([SysEnvVariable];"CenITexVirtual");"Y"));"1";"0")


The formula makes sure that NSL only applies to a
multi-user/Standard client
configuration which is not citrix/VDI.

Local fix

  • 1.
1) Open the "user security" via Notes client. Switch to tab of
"security basics"
2) Click the button of "ID vault sync", it will attempt to sync
with ID vault.
Then click "OK" button. It will prompt a page of changing
password of ID file.
After changing password, it will prompt you that the NSL is
disabled and you
need to input password when next login.
3)Exit Notes and re-launch again, input the password of user ID,
you can login successfully.
4)Exit Notes and re-launch again, NSL works normally again, and
customer can open his mail database.

or

2)If I set "Enable Notes shared login with operating
system:" as "yes" and
empty the formula, the local ID can sync with server normally.
********************************
@if((@GetMachineInfo([IsMultiUser])&@GetMachineInfo([IsStandard]
)&!@Begins(@GetM
achineInfo([SysEnvVariable];"CenITexVirtual");"Y"));"1";"0")

Problem summary

  • This APAR is closed as FIN. We have deferred the fix to a
 future release.

Problem conclusion

  • 



Temporary fix


    

  • 



Comments


    

  • This APAR is associated with SPR# XBXBAAP665.
This APAR is closed as FIN. We have deferred the fix to a
 future release.

    



APAR Information




    

  • APAR number
    LO89222
    • 

  • Reported component name
    NOTES CLIENT
    • 

  • Reported component ID
    5724E6255
    • 

  • Reported release
    853
    • 

  • Status
    CLOSED  FIN
    • 

  • PE
    NoPE
    • 

  • HIPER
    NoHIPER
    • 

  • Special Attention
    NoSpecatt / Xsystem
    • 

  • Submitted date
    2016-06-07
    • 

  • Closed date
    2018-04-07
    • 

  • Last modified date
    2019-05-21
    • 





    

  • APAR is sysrouted FROM one or more of the following:
    

    • 

  • APAR is sysrouted TO one or more of the following:
    

    • 



Fix information


    



Applicable component levels


    








      
              
                            

              

              [{"Business Unit":{"code":"BU055","label":"Cognitive Applications"},"Product":{"code":"SSKTWP","label":"Lotus Notes"},"Component":"","ARM Category":[],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"8.5.3","Edition":"","Line of Business":{"code":"","label":""}}]
              

                                                                    

          
 
        

      

    

      

        

          

            
Document Information


            

            


                        

            Modified date:
            

            21 May 2019
            

            
                      

        


        

        


      

    

  



    

  

  
    
            

          
Page Feedback