Another new feature with HCL Domino 11 is the ability to directly authenticate Domino HTTP users against the ID Vault instead of the HTTP Password.
There are 3 basic options to enable this feature from the Server Configuration Document:
- Check Password from ID Vault
- Check Password from Domino Directory
- Check Password from ID Vault and then from Domino Directory
I would probably recommend going with this last option as you may have some users without Notes Clients or even ID Files and this would allow them to continue to authenticate as they’re used to. However, the documentation states that this type of authentication should be ignored if someone is a web user with no Notes ID.