[Webinar] Streamline your web hosting managementRegister Today

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 2483
  • Last Modified:

Lotus Notes Mail activity log

I am needing to know how a person shows up in the User Detail activity log on a person's Mail Database in Lotus Notes. The one where up go to File>application>properties and click the i tab and select User Detail in the activity section. We have noticed on several peoples mail database users preforming some reads; like 3-5 on different dates. No one has access in the ACL to the database or calendar or anything like that. This person is not a Domino administrator either. So we find it very odd they appear in the log at all.
So my main question is what are the different ways someone would show up in that log without having access to the mail database or calendar?
Thanks for your input.
0
JohnMantsch
Asked:
JohnMantsch
  • 8
  • 7
  • 6
  • +1
2 Solutions
 
larsberntropCommented:
Select open mail file, then do File:Application:Design Synopsis, click the "Choose DB Info", and chek thebox for "Access lists"

Post result.  I think default access may still allow access to some parts of the db, like Public documents.
0
 
JohnMantschAuthor Commented:
No, we checked the ACL already. The default is no access.. There is the domino servers and others such as Unity; No other user is listed and then only the Domino Admins have access, wbut the person that shows up as having done serveral reads is not in the Admin group.
How else would someone show up in that log other than actually opening your mail file and reading emails?
0
 
larsberntropCommented:
There is more to the ACL. Please select or open mail file, then do File:Application:Design Synopsis, click the "Choose DB Info", and check the box for "Access lists", post results.

Someone might have used "Open another person's calendar" and read the public documents available.
0
Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

 
larsberntropCommented:
Oh, and be sure to check the User Detail activity log against the ACL Log.  User might have had more access in the past?
0
 
JohnMantschAuthor Commented:
I did do that. No users were given access int he past. This happend just a couple days ago.
The ACL log was last updated a month ago.

Access List Information
User/Group Name:      -Default-
Access Level:      No Access
Role(s):      [None Assigned]
User/Group Name:      OtherDomainServers
Access Level:      No Access
Role(s):      [None Assigned]
User/Group Name:      UnityServers
Access Level:      Manager
Can Delete Documents:      Yes
Role(s):      [None Assigned]
User/Group Name:      Domino_Admin
Access Level:      Manager
Can Delete Documents:      Yes
Role(s):      [None Assigned]
User/Group Name:      Anonymous
Access Level:      No Access
Role(s):      [None Assigned]
User/Group Name:      LocalDomainAdmins
Access Level:      Manager
Can Delete Documents:      Yes
Role(s):      [None Assigned]
User/Group Name:      LocalDomainServers
Access Level:      Manager
Can Delete Documents:      Yes
Role(s):      [None Assigned]
User/Group Name:      CN=dommail2/O=VPB
Access Level:      Manager
Can Delete Documents:      Yes
Role(s):      [None Assigned]
User/Group Name:      CN=John Mantsch/O=VPB
Access Level:      Manager
Can Delete Documents:      Yes
Role(s):      [None Assigned]
User/Group Name:      Telephony Server Group
Access Level:      Manager
Can Delete Documents:      Yes
Role(s):      [None Assigned]
0
 
Sjef BosmanGroupware ConsultantCommented:
For instance: Appointments are public documents, and usually Default has No Access but does have access to Public Documents.
0
 
JohnMantschAuthor Commented:
Ok, well forgive my lack of knowledge; but how does one view an appointment you create in your calendar if they do not have access to your calendar?
I appriciate your help on this by the way. :-D
0
 
Sjef BosmanGroupware ConsultantCommented:
Because it's a document with one special field: $PublicAccess, which is set to 1. By definition this document is visible for anyone having public access  to the database, provided they use a view allowing public access as well. That's the way the mail template is designed and constructed.

The owner of the calendar can manage these access rights, using the Calendar preferences dialog box.

There is a good reason for this behaviour: it alows Notes to assist you when planning a new meeting, because it has access (more correctly: the current user has access) to all individual calendars.
0
 
larsberntropCommented:
I thought the public Access would show up in the ACL synopsis, but it is left out...
0
 
akhafafCommented:
Hi there,,

Firstly, let me ask you what you get in the logs ( log.nsf) ???
Secondly, for more details of about how access is provided to a user's calender you can refer to this .
http://publib.boulder.ibm.com/infocenter/domhelp/v8r0/index.jsp?topic=%2Fcom.ibm.notes85.help.doc%2Fpref_delegate_mailcaltodocon_t.html

Finally, did you try something ??? on the top left you can find a " Switch to "  " Another database" can you just switch to another database and check what you get ...

Best Wishes
0
 
larsberntropCommented:
Hrmph.  My first comment contained a reference to Public Documents, and no points.

Unfriendly.
0
 
Sjef BosmanGroupware ConsultantCommented:
Agreed.
0
 
akhafafCommented:
larsberntrop &  sjef_bosman  I also agree with both of you just be happy and simle :)
0
 
Sjef BosmanGroupware ConsultantCommented:
I simle all day long ;-))
0
 
akhafafCommented:
Unfortunately, there is not extra points for simles in EE :)

LooooooooooooooooooooooooooooooooooooooooooooL
0
 
larsberntropCommented:
I think points should be split between larsberntrop & sjef_bosman
0
 
Sjef BosmanGroupware ConsultantCommented:
Please note that JohnMantsch is a new EE member, and therefore probably knows neither habits nor rules of the EE community...
0
 
JohnMantschAuthor Commented:
I agree points should have been given to larsberntrop. I apologize for not completely reading all the rules and guidelines thoroughly.
No one completely answered my question. The answer about public access was good on WHY; but not how someone can access a calendar entry without access to the calendar.
I am new here and did not take the time to figure everything out before I posted that question. I really meant to award partial points but made a mistake.
Please award 75 points to both larsberntrop & sjef_bosman and reopen the question for the rest of the 100 points.
Public access in not checked in the ACL for Default and Anonymous. The person that showed up in the log has no access to the mail or calendar. So if they cannot open the calendar; what actions does a user take to show up in the activity log for the mail database?
Thank you for your help; and I apologize again for the misunderstanding.
0
 
akhafafCommented:
John,,, Did you try the suggetions In my previous comment ??? it could help you getting a clearer view ...
0
 
JohnMantschAuthor Commented:
akhafa:
The log.nsf is not logging security events, just replication and miscellaneous events.
I do not see a swith to another databse on the top left of the calendar.  Only Switch to Mail, To Do, or Contacts.
Thank you
0
 
akhafafCommented:
John,,,

- In the Miscellaneous events you can see if this user has attempted to access another's database ..
http://publib.boulder.ibm.com/infocenter/domhelp/v8r0/index.jsp?topic=%2Fcom.ibm.help.domino.admin.doc%2FDOC%2FH_VIEWING_THE_LOG_FILE_LOGNSF_OVERVIEW.html

- I am so sorry ,, In fact that was a feature in the Lotus Notes 6.x and 7.x but what I was really up to is if the user tries to access another user's database you will get it in the User Detail activity log ...
0
 
JohnMantschAuthor Commented:
Thank you akhafa: I will keep an eye on that log; for now it goes back only 7 days.
So you are saying that even if a person does not have access to a person's mail database; if the attempt to open it; that activity shows up in the users activity log?
0
 
akhafafCommented:
You can keep your eyes on the " Server Console " also because it will show you e.g. John Smith attmpts to access johnsmith.nsf database...
0
 
akhafafCommented:
With respect to everybody  but I think JohnMantsch has mentioned in comment # 38801671  that he will try my suggestion which could give him a clear image about what he is looking for and come back in 7 days !!!!!!!!!!!
0
 
JohnMantschAuthor Commented:
Thanks everone; this question is closed.
0

Featured Post

Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

  • 8
  • 7
  • 6
  • +1
Tackle projects and never again get stuck behind a technical roadblock.
Join Now