• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 405
  • Last Modified:

How to change ACL access of multiple database

...still figuring out the reason why this thing happened, but when we try to register a person to Domino Directory, the database [mail] will be created with the following default entries in the ACL

-Default-        Unspecified / Designer
Anonymous    Unspecified / Designer

...this cause a major concern because ANYBODY can open, edit/change the person mail.  Is there a way to change the ACL access to its default value "No Access" for the two entries in the database? So that when registering new person to Domino Directory we don't need to update this value manually.

...Also, for those database that have Designer access for -Default- and Anonymous...can i change them all together in one-go or can only be done one-at-a-time?

...appreciate your help.
0
marjun_mjr
Asked:
marjun_mjr
2 Solutions
 
marjun_mjrAuthor Commented:
...ok, i think i find the solution;

...i open the mail template and look at its ACL and noticed that the default entries for -Default- and Anonymous has been change to "Designer"...I change it to "No Access" and now, everytime I register a new person those entries are no longer have "Designer" access.

...Now since it does not refresh/change the ACL access of the already created database [with Designer access to -Default and Anonymous], is there a way to change them in one-go???  

...regards
0
 
ZvonkoSystems architectCommented:
Open Admin client on server machine localy and change it localy as Manager.
It is not a good idea to do that often, but for one time clean up it will go.
0
 
marilyngCommented:
Marjun, it also depends on what version of notes you have.  In R5, each person who registered people uses the templates on their local client to spawn the new databases.

So, in the TEMPLATE (NTF) files for the MAIL databases on the server, you need to add:
[-Default-]   In brackets     person type is unknow, access is No Access
[Anonymous] In brackets   person type is unknown, access is No Access

So now your TEMPLATES ACLS read:

-Default-
Anonymous
SomeOther
SomeServer
[-Default-]
[Anonymous]
[SomeAdminstrationGroup]

If you adjust your templates on the server using Administrator, you can globally add these changes to all the templates.  Then instruct all of your people who do registrations to replicate templates in the replication page.  This way the template ACL changes are rolled down to their local mail file templates.

Any NEW database created from the templates will have the BRACKETED ACL list automatically included in the ACL.

If you do this for all the templates on the server, and make sure the clients replicate the templates, then user's local templates will also have your default ACL.
0
 
SysExpertCommented:
I would use one of the ACl tools to do an audit.
See

Then simply use the Admin client to manually change the ACL if there are not a lot, otherwise an agent can do this.

see

http://www-10.lotus.com/ldd/sandbox.nsf/Search?SearchView&Query=ACL&SearchOrder=0&Start=1&Count=100
ACL scanner is what I use ( slight modified views ), there are also tools that can make mass changes. Test carefully before using one of these !!!!

I hope this helps !
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Get expert help—faster!

Need expert help—fast? Use the Help Bell for personalized assistance getting answers to your important questions.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now