Solved

How to change ACL access of multiple database

Posted on 2006-07-21
7
387 Views
Last Modified: 2013-12-18
...still figuring out the reason why this thing happened, but when we try to register a person to Domino Directory, the database [mail] will be created with the following default entries in the ACL

-Default-        Unspecified / Designer
Anonymous    Unspecified / Designer

...this cause a major concern because ANYBODY can open, edit/change the person mail.  Is there a way to change the ACL access to its default value "No Access" for the two entries in the database? So that when registering new person to Domino Directory we don't need to update this value manually.

...Also, for those database that have Designer access for -Default- and Anonymous...can i change them all together in one-go or can only be done one-at-a-time?

...appreciate your help.
0
Comment
Question by:marjun_mjr
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
7 Comments
 

Author Comment

by:marjun_mjr
ID: 17152477
...ok, i think i find the solution;

...i open the mail template and look at its ACL and noticed that the default entries for -Default- and Anonymous has been change to "Designer"...I change it to "No Access" and now, everytime I register a new person those entries are no longer have "Designer" access.

...Now since it does not refresh/change the ACL access of the already created database [with Designer access to -Default and Anonymous], is there a way to change them in one-go???  

...regards
0
 
LVL 63

Accepted Solution

by:
Zvonko earned 200 total points
ID: 17152992
Open Admin client on server machine localy and change it localy as Manager.
It is not a good idea to do that often, but for one time clean up it will go.
0
 
LVL 18

Expert Comment

by:marilyng
ID: 17153199
Marjun, it also depends on what version of notes you have.  In R5, each person who registered people uses the templates on their local client to spawn the new databases.

So, in the TEMPLATE (NTF) files for the MAIL databases on the server, you need to add:
[-Default-]   In brackets     person type is unknow, access is No Access
[Anonymous] In brackets   person type is unknown, access is No Access

So now your TEMPLATES ACLS read:

-Default-
Anonymous
SomeOther
SomeServer
[-Default-]
[Anonymous]
[SomeAdminstrationGroup]

If you adjust your templates on the server using Administrator, you can globally add these changes to all the templates.  Then instruct all of your people who do registrations to replicate templates in the replication page.  This way the template ACL changes are rolled down to their local mail file templates.

Any NEW database created from the templates will have the BRACKETED ACL list automatically included in the ACL.

If you do this for all the templates on the server, and make sure the clients replicate the templates, then user's local templates will also have your default ACL.
0
 
LVL 63

Assisted Solution

by:SysExpert
SysExpert earned 200 total points
ID: 17155273
I would use one of the ACl tools to do an audit.
See

Then simply use the Admin client to manually change the ACL if there are not a lot, otherwise an agent can do this.

see

http://www-10.lotus.com/ldd/sandbox.nsf/Search?SearchView&Query=ACL&SearchOrder=0&Start=1&Count=100
ACL scanner is what I use ( slight modified views ), there are also tools that can make mass changes. Test carefully before using one of these !!!!

I hope this helps !
0
 
LVL 63

Expert Comment

by:Zvonko
ID: 17158051
0

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

You’ve got a lotus Domino web server, and you have been told that “leverage browser caching” is a must do. This means that we have to tell the browser everywhere in the web to use cache. In other words, we set (and send) an expiration date in the HT…
IBM Notes offer Encryption feature using which the user can secure its NSF emails or entire database easily. In this section we will discuss about the process to Encrypt Incoming and Outgoing Mails in depth.
Finds all prime numbers in a range requested and places them in a public primes() array. I've demostrated a template size of 30 (2 * 3 * 5) but larger templates can be built such 210  (2 * 3 * 5 * 7) or 2310  (2 * 3 * 5 * 7 * 11). The larger templa…
Attackers love to prey on accounts that have privileges. Reducing privileged accounts and protecting privileged accounts therefore is paramount. Users, groups, and service accounts need to be protected to help protect the entire Active Directory …

749 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question