Solved

Recover from mistake deleted Manager in ACL

Posted on 2000-02-20
11
331 Views
Last Modified: 2013-12-18
Hi

I have by mistake deleted the only person who was manager in the ACL of a database.

I have also Enforce a consistent access control list active.

The database was only for testpurpose but if it was real it would be a severe situation.

Is it possible to recover with for example an another program, not neccesary manufactured by Lotus that can change the settings to normal values bypassing Notes security?

If anyone have an answer I will upgrade the points.
0
Comment
Question by:tord_f
  • 4
  • 3
  • 2
  • +1
11 Comments
 
LVL 9

Expert Comment

by:Arunkumar
ID: 2540558
Hi tord,

At the server the database can be viewed in two ways, Local as well as Server.

The server view of the database has all the security enforced.  Where as the local view of the database does not have any security to it.

So, on the server machine open the specific database on local, then change the DB ACL security to whatever you want.  Once you apply the changes on local, automatically the changes will be reflected on the server view too.

Cool !!!

Good Luck !

-Arun


PS:  You can also write an Agent that runs to update the ACL on the local db on Server
0
 
LVL 6

Expert Comment

by:ghassan99
ID: 2541239
Arun,
If 'enforce consistent ACL is set...', you cant even open it on the server!  And you cant bypass this especially on R5.

tord_f,
Try to make a copy of the DB without inheriting the ACL.

-Gus
0
 
LVL 9

Expert Comment

by:Arunkumar
ID: 2545696
Oops !!!

I am sorry I did not get that properly.

:(
Arun



0
 
LVL 24

Expert Comment

by:HemanthaKumar
ID: 2547199
Hi tord

I have some idea to go about, but before I tell u those things, I need a clarification.

Do you have access to the server id on which the database is located ?

~Hemanth

0
 

Author Comment

by:tord_f
ID: 2547387
Hi HemanthaKumar

I am administrator of the server and I have access to all id-files that belong to it.

My idea is if it possible with Notes or any other program to restore the ACL.

Like that DOS-program that can read NTSF-filesystem without care of NTFS-rights.
0
Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

 
LVL 24

Expert Comment

by:HemanthaKumar
ID: 2547429
Hi tord

I have some idea to go about, but before I tell u those things, I need a clarification.

Do you have access to the server id on which the database is located ?

~Hemanth

0
 
LVL 24

Accepted Solution

by:
HemanthaKumar earned 150 total points
ID: 2547434
HI Tord here is the trick

1. Create a new blank database locally

2. Create an agent called 'ACLUPdater' with the following
code in the initialise method

     Dim LocalDBName As String
     Dim MName As NotesName
     Dim Sess As New NotesSession()

     On Error Goto CantchangeACL

     LocalDBPath = <Path to Dead Database on server>
     UserName = <Your Notes Name>

     Set LocalDB = New NotesDatabase("",LocalDBPath)
     Set MName = New NotesName(UserName)
     Call LocalDB.Grantaccess(MName.Canonical,ACLLEVEL_MANAGER)

3. Save the agent as a shared Scheduled Hourly Agent
that runs on the server that the dead database is on.

4. Create another Agent Called 'AdjustServerName'
with the following code in the initialise method

     Dim Sess As New NotesSession()
     Dim ThisDb As NotesDatabase

     Set ThisDB = Sess.CurrentDatabase
     Set agent = thisdb.GetAgent("ACLUpdater")
     Call agent.Save

5. Save this agent a shared menu triggered.

6. Switch to the server ID and run the ''AdjustServerName' agent

7. Switch back to your ID and copy the database to the
server with the dead Database.

8. Make sure the server can run 'unrestricted agents' on
itself (i.e. put the server name in the "allowed to run
unrestricted agents list" in the servers document )

9. If you needed to do step 9, restart amgr on the server.

10. Wait for the ACLUpdater agent to run . . . And you
will be a manager of that database again !!


Lemme know if u have any problems,

Good Luck
~Hemanth
0
 
LVL 6

Expert Comment

by:ghassan99
ID: 2549735
Its a good work Hemanth...(copy & paste)but give credit!  We all received this tip from Lotus411.com newsletter yesterday, now didnt we?!!!

Title: Get That Access Back!!!
Author:  Simon Hendry, Dept. of Families Youth & Comm Care

Just a thought!

-Gus

0
 
LVL 24

Expert Comment

by:HemanthaKumar
ID: 2550362
Hi GUS

That's right, I don't want to take any credit for that. Hope this forum is to help other people in providing solutions and getting them on right track.

Anyway thanx for ur comment.

~Hemanth
0
 

Author Comment

by:tord_f
ID: 2551777
Adjusted points to 150
0
 
LVL 6

Expert Comment

by:ghassan99
ID: 2552383
Yep thats right, I do this sometimes.  A good programmer is someone who knows where to get the answers from, not only understand the software...;)

Cheers,
-Gus

0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

  In today’s Arena we can’t imagine our lives without Internet as we are highly used to of it. If we consider our life style just for only 2 min we found that face to face communication is swapped by e-communication.  Every Where from Works place to…
For beginners of Lotus Notes user this is important to know about the types of files and their location supported by IBM Notes. Mostly users are unaware about how many file types are created and what their usages are. This Article is fully dedicated…
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
This video demonstrates how to create an example email signature rule for a department in a company using CodeTwo Exchange Rules. The signature will be inserted beneath users' latest emails in conversations and will be displayed in users' Sent Items…

948 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

22 Experts available now in Live!

Get 1:1 Help Now