Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Need help with Domino DB security issue

Posted on 2002-05-09
1
Medium Priority
?
174 Views
Last Modified: 2013-12-18
Domino Database security seems to be bypassed by Lotus Sametime's (Sametime is an app. that runs on Domino) "Add invitee" Java applet.  I can't keep the applet from being able to browse the secondary directory no matter what ACL settings I use.  This is a problem since I want to use a secondary directory for each company accessing the server but I don't want them seeing each others directories.


Example case:
Suppose I create a secondary domino directory, "secondDir.nsf" . I next create/install a directory assistance DB and add secondDir.nsf to it. Finally, I create a group, SecondDirGroup, and add to it a few person names.

Now, if I set secondDir.nsf's ACL to allow only access by SecondDirGroup (removing all other entries and setting "enforce a consistent ACL..."), I can still access secondDir.nsf from Sametime's invite attendee Java applet using a login that is not anyone in SecondDirGroup. That is I can see everyone and every group listed in secondDir.nsf.

Any ideas?
0
Comment
Question by:Taurus
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
1 Comment
 
LVL 63

Accepted Solution

by:
SysExpert earned 600 total points
ID: 7021843
I would check the Lotus Sametime/IBM support site and if there is not an answer there, open up a ticket with Lotus regarding this issue.

Because of the integration, this may be a problem.

Other options.

Use a *.dir link and put the , SecondDirGroup in a seperate directory.

the *.dir file can include access control lists.

I hope this helps !
0

Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

For Desktop Techs: How to retain a user's Notes configuration data when swapping out the end user's computer. (Assuming that you are not upgrading to a completely different version of Notes client) All you need to do is: 1) install Notes o…
This article covers general Notes 8.5 troubleshooting information including recreating the Notes\Data folder.
Monitoring a network: how to monitor network services and why? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the philosophy behind service monitoring and why a handshake validation is critical in network monitoring. Software utilized …
In this video, Percona Director of Solution Engineering Jon Tobin discusses the function and features of Percona Server for MongoDB. How Percona can help Percona can help you determine if Percona Server for MongoDB is the right solution for …

660 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question