Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

Certification ID Lost !!!! Please Help !!!

788 views
Skip to first unread message

Alexander

unread,
Oct 8, 2001, 1:52:38 PM10/8/01
to
Hello Everybody !!!!

Please I need help urgent !! I'm not so very experience in the Domino
Administration, so I will try to explain my problem.
The Server ID file is gone, I mean, the CERT.ID file, the one required
to creat a new user, something like that.
I'd like to know how I can get this file again, if there is any way
for me copy this file from the administrator.....

And, another big problem...... the user that is administrator is gone
too. Is there any way to create them without reinstall the server ?

Well, that's all..... I hope you can help me.


Thank you very much

Dominic Wyss

unread,
Oct 8, 2001, 5:37:29 PM10/8/01
to
> The Server ID file is gone, I mean, the CERT.ID file, the one required


the server ID is NOT the Cert.id.
if you don't have the cert.id, you're in bad luck.
without the certifier you can't register new users...

> too. Is there any way to create them without reinstall the server ?

no.

reinstall, create a new cert.id and recreate all users.

--
bye
Domi

peterhr.r...@bigfoot.com

unread,
Oct 9, 2001, 3:25:50 AM10/9/01
to
On Mon, 08 Oct 2001 23:37:29 +0200, Dominic Wyss <ne...@doomi.ch>
wrote:

How about installing a new server on NT workstation, just to get a new
set of root certifiers and ID's. Once the ID's heve been created and
saved - throw the new server away. (note all the new id's must exactly
match the names CN. OU and O's from the old server

Then ensure there are no encrypted databases on the old server, down
domino, sneak in the new ID's - bring it back up. You would then have
to visit all the users an certify their ID files to the new
(replacement) OU id's

I don't know if this would work - It may be worth testing out on a
backup of the live server and certainly take backups first.

If you do go to do a server reinstall, I would test run on another
machine first - to ensure that all the pitfalls were known.

Are you sure you cannot find the CERT-ID on a backup tape, etc. THe
effort in going throgh a pile of backups will be less then trying to
replace all the security information associated with the server and
all the clients.

Jacqueline Roe

unread,
Oct 9, 2001, 3:44:35 AM10/9/01
to
Some good ideas Peter, but there is no point in looking for the cert id if
he doesn't know the password. Did your former administrator leave you
information on passwords etc?

How many users are we talking, do your naming conventions break down into
different locations etc? This is perhaps the way to determine your course
of action. 100 users, sure, recreate your environment. 1000+ users over
several locations and the whole thing becomes terribly messy requiring
additional resources.

Where is your former administrator, and has someone in HR contacted him
(her) to ask for the files and information you seek.? This is most
unprofessional behaviour.

Good luck!

<peterhr.r...@bigfoot.com> wrote in message
news:l095stc99tp674ib4...@4ax.com...

Alexander

unread,
Oct 9, 2001, 1:45:24 PM10/9/01
to
No, he did not leave me anything.......I'll try out to install in
another machine...... I do not have many users.....

Thank you everybody.......

"Jacqueline Roe" <J...@J-Youngs.demon.co.uk> wrote in message news:<1002613608.11494....@news.demon.co.uk>...

Axel from Vienna

unread,
Oct 11, 2001, 2:08:07 AM10/11/01
to
ma...@gfs-software.com.br (Alexander) wrote in
news:5dd99bc6.01100...@posting.google.com:

> No, he did not leave me anything.......I'll try out to install in
> another machine...... I do not have many users.....
>

In this case he/she should be putted an a black-list, 'cause this is really
an unprofessional way of bahavior.

>> > I don't know if this would work - It may be worth testing out on a
>> > backup of the live server and certainly take backups first.

It doesn't work. You can't rebuild a CERT.ID (would be a great security leak
- wouldn't it?) The only way to get handle this task is to build a new cert
and a crosscertify all server and user (don't forget your external
notesconnection) - so they can continue to work.

Depending on your dominostructure you should rebuild all certifier (the one
for OU's too) otherwise you get into deep troubles when moving users between
OU's.

And please - dont name the CERT.ID CERT.ID (how will you tell the difference
between them? Name them something like C-company.ID and a OU-Cert C-
OU_company.id


--
regards Axel ...
,,,
(- o) (Do it with a blink!)
---------oOO-(_)-OOo--------------------
****************************************
** ASC's Vienna Axel Schreiber **
** email: a...@asc.web.id **
****************************************
** Another CLP is stumbling around :-)**
** http://domino.asc.web.id **
****************************************

0 new messages