zdima
asked on
Keeping contractors from accessing databases
I have a group of contractors from another company that will be working with us
for about three months that need me to generate Notes ID files for them so that they
can share data in a Notes database. If I register them as a user,
they would also have access to databases that have Reader access as a default in the ACL.
However, I don't want them to access any database on the Domino server except for that
one database that they will be working on. What's the easiest way of doing this?
Adding their group name to have No Access on every database would be cumbersome.
I'm running R5.0.10 on a W2K server.
Thanks,
zdima
for about three months that need me to generate Notes ID files for them so that they
can share data in a Notes database. If I register them as a user,
they would also have access to databases that have Reader access as a default in the ACL.
However, I don't want them to access any database on the Domino server except for that
one database that they will be working on. What's the easiest way of doing this?
Adding their group name to have No Access on every database would be cumbersome.
I'm running R5.0.10 on a W2K server.
Thanks,
zdima
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
>> Just I am supposed to type Qwaletee.
>> U had this also.
Huh? What does that mean?
>> U had this also.
Huh? What does that mean?
By the way, assuming you end up adding a no access group to the ACL, you can remove some, but not all of the tedium as follows:
Use the administrator client
Go to the FILES tab
Select multiple files (i.e., all file)
You can then manage multiple ACLS together, and make the change once to all selected files
Repeat for each subdirectory (and sub-subdirectory, etc.)
At least you won;t have to open the ACL window separately for each database in each directory.
Use the administrator client
Go to the FILES tab
Select multiple files (i.e., all file)
You can then manage multiple ACLS together, and make the change once to all selected files
Repeat for each subdirectory (and sub-subdirectory, etc.)
At least you won;t have to open the ACL window separately for each database in each directory.
Another way:
You can write a script that goes to each database, and adds the no access group. Most startup-effort of all solutions, but once you get it running, BAM it does everything for you.
You can write a script that goes to each database, and adds the no access group. Most startup-effort of all solutions, but once you get it running, BAM it does everything for you.
Mean I log in to give response to this thread, and ur answer is there.
U had this also means, last time within a fraction of minute, u replied before me for a lot of questions. This time also u are the winner.
Qwaletee, u r rocking EE.
U had this also means, last time within a fraction of minute, u replied before me for a lot of questions. This time also u are the winner.
Qwaletee, u r rocking EE.
Along the lines of:
Dim dbs as New NotesDbDirectory ( "Your serevr name" )
Dim db as notesDatabase
Set db = dbs.getFirstDatabase (TEMPLATE_CANDIDATE )
do until db is nothing
Dim acl as NotesACL
Set acl = db.acl
Dim entry as notesACLEntry
Const group = "CONTRACTORS_NO_ACCESS" )
Set entry = acl.getEntry ( group )
if entry is nothing then
acl.createEntry group , ACLLEVEL_NOACCESS
acl.save
end if
Set db = dbs.getNextDatabase
loop
Dim dbs as New NotesDbDirectory ( "Your serevr name" )
Dim db as notesDatabase
Set db = dbs.getFirstDatabase (TEMPLATE_CANDIDATE )
do until db is nothing
Dim acl as NotesACL
Set acl = db.acl
Dim entry as notesACLEntry
Const group = "CONTRACTORS_NO_ACCESS" )
Set entry = acl.getEntry ( group )
if entry is nothing then
acl.createEntry group , ACLLEVEL_NOACCESS
acl.save
end if
Set db = dbs.getNextDatabase
loop
Madheeswar
An asset should not be questioned.. ;-)
Partha
An asset should not be questioned.. ;-)
Partha
So, which way did you go?
ASKER
Well, just setting up another Domino server was out of the question so we went with
adding No Access for the default on all the databases. This setup would benefit us in
the future anyway for any other situations like this.
Thanks!
adding No Access for the default on all the databases. This setup would benefit us in
the future anyway for any other situations like this.
Thanks!
And you added */... instead?
ASKER
Actually, I changed my mind with changing the default access after I posted my comment above.
I ended up leaving the default access to whatever the databases were set to. Instead, I created a
new certifier like */Contractor/MyCompany and added that to all the database ACLs with No Access.
I ended up leaving the default access to whatever the databases were set to. Instead, I created a
new certifier like */Contractor/MyCompany and added that to all the database ACLs with No Access.
U had this also.