Solved

Lotus Notes view shows different data in Design as in user mode?!

Posted on 2014-07-29
9
826 Views
Last Modified: 2014-08-04
- Lotus Notes 8.5.3 on Win7 x64
- Local copy of a Notes database.  It is not encrypted.  All design elements were signed by my id.  I have Manager access under my name and all the roles enabled.
- Create a view in Designer.  The view displays in the first column the Form (categorized), then in the next column the Unique ID.  Nothing strange.  Selection is SELECT @All.
- Refresh the view in Designer.  It does NOT show a category called ASRD as shown in the image below:
Same view as shown in the Lotus Notes Designer- On the same machine, open the view in regular Notes client.  It shows a category called "ASRD" with 569 documents.  When I try to expand the category, nothing shows: see image below
View as shown in Lotus Notes client
I am thoroughly puzzled.  Either you see it, or you don't... why would Designer shows something different from the Notes client?
0
Comment
Question by:FKoutchouk
  • 6
  • 3
9 Comments
 
LVL 46

Accepted Solution

by:
Sjef Bosman earned 500 total points
ID: 40228016
A simple reason could be that there are Reader fields in the database. Apparently there are documents for which you are not a reader. You could activate the Full Admin rights if you're an Admin, and then look again, reopen the view.

There is a view option to hide empty categories, i.e. categories with zero visible documents. It might be activated.
0
 
LVL 1

Author Comment

by:FKoutchouk
ID: 40228179
Readers field was the right answer.  Turns out, nothing can be done when the NSF is on the local drive.
- Figure out in the form the default group value for the Readers field (not obvious, but feasible)  e.g. SecretAdminGroup
- Copy NSF as-is to any Domino server
- Create group "SecretAdminGroup" on that Domino server, add your Notes name in it
- Done.   All documents composed with that Form are now visible.
Now of course you have to repeat for every form.
Unless you can think of a better way, of course.
0
 
LVL 46

Expert Comment

by:Sjef Bosman
ID: 40238788
I wonder if it works when the option to maintain a Consistent ACL is enabled. When that's the case, Roles work and so should Reader fields. I'm not quite sure, but Reader fields also play their part during replication: when your name is absent in the Reader field, you cannot even replicate the document to your local database. So what could be done is:
- verify that you can see the documents in the database on the server
- enable Consistent ACL
- replicate (maybe delete the Replication History and then replicate)
- then verify if the documents are there, in the local database
0
 
LVL 1

Author Comment

by:FKoutchouk
ID: 40239028
Thanks Sjef.   Assuming Manager access, a Copy, rather than a Replica, will pull down the documents to the local workstation.  So the count is right, even though some of the documents cannot be open.  
IMO it is a dangerous feature, because all one needs to do is:  create a Domino server, cross certify manager id, create a group of that name (visible in the Designer) and voila, security circumvented.
I will close this issue now.  Thank you all for your help.
0
Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

 
LVL 1

Author Comment

by:FKoutchouk
ID: 40239030
I've requested that this question be closed as follows:

Accepted answer: 0 points for FKoutchouk's comment #a40228179

for the following reason:

spot on.
0
 
LVL 1

Author Comment

by:FKoutchouk
ID: 40239029
Issue closed with workaround.
0
 
LVL 1

Author Closing Comment

by:FKoutchouk
ID: 40239031
Spot on
0
 
LVL 46

Expert Comment

by:Sjef Bosman
ID: 40239416
Of course, security can be circumvented, any direct access to the database and server should be prohibited. But that's where encryption comes in: even a stolen database is useless when encryption is activated on the database.

Thanks!
0
 
LVL 1

Author Comment

by:FKoutchouk
ID: 40239433
By copy, I meant a regular Lotus Notes client copy, not a file system copy.  Encryption key associated to specific documents -- and not available to my Manager id, would have been the answer, yes.
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Problem "Can you help me recover my changes?  I double-clicked the attachment, made changes, and then hit Save before closing it.  But when I try to re-open it, my changes are missing!"    Solution This solution opens the Outlook Secure Temp Fold…
This article covers general Notes 8.5 troubleshooting information including recreating the Notes\Data folder.
This is used to tweak the memory usage for your computer, it is used for servers more so than workstations but just be careful editing registry settings as it may cause irreversible results. I hold no responsibility for anything you do to the regist…
Hi friends,  in this video  I'll show you how new windows 10 user can learn the using of windows 10. Thank you.

920 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

14 Experts available now in Live!

Get 1:1 Help Now