SECURING
About this task
Note: The Notes shared login feature is recommended instead of the Client Single Logon (Windows only) feature. The Client single logon feature is not supported with the Notes ID vault, and cannot be used in combination with Notes federated login.
When you login into the Notes client on the test user's computer, the security policy change to enable the user for this feature is detected on client. The result is that the client is enabled to use Notes federated login. Notes, however, that the client is enabled for this feature only if server is configured properly for SAML.
Usually you will set the policy to copy the user's Organizational certifier certificate over to the Notes client user's Contacts (personal name and address book), or this can be done manually with the indicated procedure. The user's Organization certifier certificate, resident in the Domino® Directory and in the user's Contacts, is required for Notes federated login to function.
Results
Check the User Security dialog box to examine the configuration.
When only Notes federated login was enabled, the Notes client user would have seen this message in the User Security dialog box:
Your ID is not stored on disc. Your ID will be downloaded from ID vault, during which your designated federated Identity Provider may prompt you for login credentials.
When both Notes federated login and Notes single login are enabled, the Notes client user sees this message in the User Security dialog box:
Your ID works with Notes on this computer only. You can make a password protected copy of your ID to use on other computers. Click ’Copy ID’
If you think someone has stolen your ID, click ’Compromised ID’
Your ID is stored on disc. If it is deleted or becomes corrupted, your ID will be downloaded from ID vault, during which your designated federated Identity Provider may prompt you for login credentials.
Parent topic: Supporting federated login on the Notes client Previous topic: Using a security settings policy to apply a Notes federated login configuration to client users Next topic: Cautioning client users about SAML and logout
Related concepts Using Notes Client Single Logon to synchronize Notes and Windows OS passwords