Solved

Lotus Notes view shows different data in Design as in user mode?!

Posted on 2014-07-29
9
819 Views
Last Modified: 2014-08-04
- Lotus Notes 8.5.3 on Win7 x64
- Local copy of a Notes database.  It is not encrypted.  All design elements were signed by my id.  I have Manager access under my name and all the roles enabled.
- Create a view in Designer.  The view displays in the first column the Form (categorized), then in the next column the Unique ID.  Nothing strange.  Selection is SELECT @All.
- Refresh the view in Designer.  It does NOT show a category called ASRD as shown in the image below:
Same view as shown in the Lotus Notes Designer- On the same machine, open the view in regular Notes client.  It shows a category called "ASRD" with 569 documents.  When I try to expand the category, nothing shows: see image below
View as shown in Lotus Notes client
I am thoroughly puzzled.  Either you see it, or you don't... why would Designer shows something different from the Notes client?
0
Comment
Question by:FKoutchouk
  • 6
  • 3
9 Comments
 
LVL 46

Accepted Solution

by:
Sjef Bosman earned 500 total points
ID: 40228016
A simple reason could be that there are Reader fields in the database. Apparently there are documents for which you are not a reader. You could activate the Full Admin rights if you're an Admin, and then look again, reopen the view.

There is a view option to hide empty categories, i.e. categories with zero visible documents. It might be activated.
0
 
LVL 1

Author Comment

by:FKoutchouk
ID: 40228179
Readers field was the right answer.  Turns out, nothing can be done when the NSF is on the local drive.
- Figure out in the form the default group value for the Readers field (not obvious, but feasible)  e.g. SecretAdminGroup
- Copy NSF as-is to any Domino server
- Create group "SecretAdminGroup" on that Domino server, add your Notes name in it
- Done.   All documents composed with that Form are now visible.
Now of course you have to repeat for every form.
Unless you can think of a better way, of course.
0
 
LVL 46

Expert Comment

by:Sjef Bosman
ID: 40238788
I wonder if it works when the option to maintain a Consistent ACL is enabled. When that's the case, Roles work and so should Reader fields. I'm not quite sure, but Reader fields also play their part during replication: when your name is absent in the Reader field, you cannot even replicate the document to your local database. So what could be done is:
- verify that you can see the documents in the database on the server
- enable Consistent ACL
- replicate (maybe delete the Replication History and then replicate)
- then verify if the documents are there, in the local database
0
 
LVL 1

Author Comment

by:FKoutchouk
ID: 40239028
Thanks Sjef.   Assuming Manager access, a Copy, rather than a Replica, will pull down the documents to the local workstation.  So the count is right, even though some of the documents cannot be open.  
IMO it is a dangerous feature, because all one needs to do is:  create a Domino server, cross certify manager id, create a group of that name (visible in the Designer) and voila, security circumvented.
I will close this issue now.  Thank you all for your help.
0
What Should I Do With This Threat Intelligence?

Are you wondering if you actually need threat intelligence? The answer is yes. We explain the basics for creating useful threat intelligence.

 
LVL 1

Author Comment

by:FKoutchouk
ID: 40239030
I've requested that this question be closed as follows:

Accepted answer: 0 points for FKoutchouk's comment #a40228179

for the following reason:

spot on.
0
 
LVL 1

Author Comment

by:FKoutchouk
ID: 40239029
Issue closed with workaround.
0
 
LVL 1

Author Closing Comment

by:FKoutchouk
ID: 40239031
Spot on
0
 
LVL 46

Expert Comment

by:Sjef Bosman
ID: 40239416
Of course, security can be circumvented, any direct access to the database and server should be prohibited. But that's where encryption comes in: even a stolen database is useless when encryption is activated on the database.

Thanks!
0
 
LVL 1

Author Comment

by:FKoutchouk
ID: 40239433
By copy, I meant a regular Lotus Notes client copy, not a file system copy.  Encryption key associated to specific documents -- and not available to my Manager id, would have been the answer, yes.
0

Featured Post

Better Security Awareness With Threat Intelligence

See how one of the leading financial services organizations uses Recorded Future as part of a holistic threat intelligence program to promote security awareness and proactively and efficiently identify threats.

Join & Write a Comment

You’ve got a lotus Domino web server, and you have been told that “leverage browser caching” is a must do. This means that we have to tell the browser everywhere in the web to use cache. In other words, we set (and send) an expiration date in the HT…
Article by: Rob
Notes 8.5 Archiving Steps and Tips This article covers setting up a Notes archive, and helps understand some of the menu choices making setting up and maintaining a Notes archive file easier.
It is a freely distributed piece of software for such tasks as photo retouching, image composition and image authoring. It works on many operating systems, in many languages.
Access reports are powerful and flexible. Learn how to create a query and then a grouped report using the wizard. Modify the report design after the wizard is done to make it look better. There will be another video to explain how to put the final p…

758 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

21 Experts available now in Live!

Get 1:1 Help Now