Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

  • Congratulations Chris Miller on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

HELP - Lotus Domino and ACL Problem

Status
Not open for further replies.

ToaDz

IS-IT--Management
Oct 19, 2003
26
AU
Hello all,

Hope someone out there can help me with this problem:

Background and Installation:

I have just installed Lotus Domino 5.0.11 on a server labelled DOMINOSRV running Windows 2000 Server. The installation went smoothly.

During the installation under "Administrator's Identity", I entered my name, John.

Towards then end of the installation, I configured the "Set Default Database Access". I selected "Add a group" and entered "Administrator" in the "Please enter the name you want added to the access control lists" text box. I also placed a cross in the "Also add 'Anonymous' with No Access" check box.

I then installed Lotus Domino Administrator on another PC labelled PCSRV and also copied the CERT.ID from DOMINOSRV to PCSRV.

I am able to create and register users using Domino Administrator without any problems.

Problem:

Every time I try to manage the "Access Control" on a users mail file (Domino Administrator | File tab | mail | Right-click on user's name and nsf file name | Access Control | Manage) I am unable to open the Access Control List for the user.

When I check on the Domino console on DOMINOSRV it states "ATTEMPT TO ACCESS DATABASE mail\username.nsf by John was denied".

Why is this happening? I thought that I was the administrator and that I would have access to the Access Control List to all users mailbox.

I hope this makes sense.

Any advice or comments would be greatly appreciated!

Regards,

John B.
 
Create a group called "Administrator"
Add "John" as a member of the group.

Find me @ onlinecorporatesoftware.com
 
You have failed to understand my initial question. Your answer does not help me at all. Nevermind, I will search elsewhere for more useful information and someone who knows what they are talking about.
 
Dear ToaD z

I understand your frustration at your own lack of knowledge and inability to make youself understood, but aggressive comments will ultimately be unhelpful to your cause. (You are really looking for someone who "knows what YOU are talking about")

You made yourself administrator of the server. In R6 a "Full Access" administrator overrides ACL limitations but not in R5.

The install asked for the name of a group to default in all ACL's, and you specified "Administrator". It probably did that, but if you are not in the group then you won't have access in the ACL.

Either do as I suggested and add yourself to that group or else hire somebody who does "know what they are talking about". If you are indeed "IT Management" don't you have staff who can do this for you, they probably know how to request help from other techo's without being rude.

Goodbye
 
I have the same problem, but now that i am in the Administrator group, i still can't access the databases of other users. Do you have an explenation? because it IS frustrating...
 
I will be more specific: i am in an group called administrator with the rights to create and to modify documents. I do not inherit the rights from that group. But i have my own rights (those are the same) but i still cannot open the database of another user.
 
Please confirm:
1. Database is on server
2. Your name is a member of group "Administrator"
3. Database ACL specifies group and name with (at least) Reader access.
4. You are accessing via server not local replica

If all 4 are true, check the following:
1. Your name is correct (rename entry, select from address book)
2. The id file specifies the exact name in the user id properties dialog
3. The entry for your name is Person or Unspecified
4. The entry for the group is Person Group, Mixed Group or Unspecified

 
Hello,
Keep in mind that you can be a "Admin" in Notes and still be restricted from a users DB. You need to check the ACL on the users DB in question.

Either logon as them or check from the server. If you account is not on the ACL, add it and test again. Right-click, Database, Access Control.

If you find that this happens with all your users, I would create an Administrators group, add your name and run an agent that adds the group to ALL DB's on your box.

As Admin's, we like to have access to each and every DB. Especially when you need to make multiple changes via the Admin client.

BTW, if you need the Agent, let me know. I can email it to you.

I hope this helps.

Rgds,

John Judge
 
Status
Not open for further replies.

Part and Inventory Search

Sponsor

Back
Top