OK, I'm sure that Robert and Chris are right on the money, but in my defense, I read the question to say that the user.id was present on the client machine before the configuration started. In the scenario referred to by Robert and Chris, there was no ID present on the client machine until the configuration process and the ID that it brought down is a copy of the actual ID that was created for that user. This is not a spontaneously-created ID that happens to allow you to access the user's mail file -- it's their actual ID file. When you register a new user, do you store the ID in the NAB, save a copy of the ID somewhere else, or both? What is your intended method of introducing the ID file onto the client machine? Patrick Robert Laing <rlaing@xxxxxxxxx > To Sent by: Lotus Domino on the iSeries / AS400 domino400-bounces <domino400@xxxxxxxxxxxx> +ptrapp=nex-tech. cc com@xxxxxxxxxxxx Subject Re: New install for existing user & 07/12/2005 01:54 user.id question PM Please respond to Lotus Domino on the iSeries / AS400 <domino400@midran ge.com> My understanding of the process is this: If an ID exists in the NAB, during the install the client will detach the ID file from the NAB and save it locally with the default name of user.id -- the password associated with this ID would be the password assigned when the user was created. If an ID does not exist in the NAB, an ID file must be provided when the client initially connects to the server. If no ID file is provided during installation, there can be no connection to the server. Bob GKern@toledoclini c.com Sent by: To domino400-bounces domino400@xxxxxxxxxxxx +rlaing=gemko.com cc @midrange.com Subject New install for existing user & 07/12/2005 02:34 user.id question PM Please respond to Lotus Domino on the iSeries / AS400 <domino400@midran ge.com> Our pc guy just did a Notes Client 6.5.1 fresh install on a new pc for an existing Notes user. During the install a user.id was created and placed in the data directory. Then the pc guy was finishing the install via the connection wizard. At one point he was asked to authenticate and since the registered users' id file didn't exist on the new pc, the user.id file (containing a default password) was used to authenticate with the server and up came the user's mail. We found this to be somewhat of a security issue and I would like to know how/if the user.id file can be excluded from the install? Regards, Jerry Gerald Kern IBM Certified AS/400 RPG IV Developer & RPG IV Programmer MIS Project Leader, Lotus Notes/Domino Administrator The Toledo Clinic, Inc. 4235 Secor Road Toledo, OH 43623-4299 Phone 419-479-5535 gkern@xxxxxxxxxxxxxxxx ***** This email message, including any attachments, is for the sole use of the intended recipient(s) and may contain confidential and privileged information. Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply email and destroy all copies of the original message._______________________________________________ This is the Lotus Domino on the iSeries / AS400 (Domino400) mailing list To post a message email: Domino400@xxxxxxxxxxxx To subscribe, unsubscribe, or change list options, visit: http://lists.midrange.com/mailman/listinfo/domino400 or email: Domino400-request@xxxxxxxxxxxx Before posting, please take a moment to review the archives at http://archive.midrange.com/domino400. _______________________________________________ This is the Lotus Domino on the iSeries / AS400 (Domino400) mailing list To post a message email: Domino400@xxxxxxxxxxxx To subscribe, unsubscribe, or change list options, visit: http://lists.midrange.com/mailman/listinfo/domino400 or email: Domino400-request@xxxxxxxxxxxx Before posting, please take a moment to review the archives at http://archive.midrange.com/domino400.