Tek-Tips is the largest IT community on the Internet today!
Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!
-
Congratulations SkipVought on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!
new server - names.nsf ACL 1
- Thread starter fluid11
- Start date
-
1
- #2
no...
make sure
anonymous = no access
default = no access
and add acl for your OU, your domain, your admins, ...
do the same for all databases that are on your server... --------------------------------------------------------------------
How can I believe in God when just last week I got my tongue caught in the roller of an electric typewriter?
---------------------------------------------------------------------
I have not failed, I've just found 10,000 ways that don't work
---------------------------------
make sure
anonymous = no access
default = no access
and add acl for your OU, your domain, your admins, ...
do the same for all databases that are on your server... --------------------------------------------------------------------
How can I believe in God when just last week I got my tongue caught in the roller of an electric typewriter?
---------------------------------------------------------------------
I have not failed, I've just found 10,000 ways that don't work
---------------------------------
- Thread starter
- #3
Thanks.
I'm new to Domino. In Lotus Administrator, under Files...are these all of my databases? There's 19 of them on a new installation. Should I edit all 19 of them? What rights should I grant the Users OU?
Thanks a lot for your help,
Chris
I'm new to Domino. In Lotus Administrator, under Files...are these all of my databases? There's 19 of them on a new installation. Should I edit all 19 of them? What rights should I grant the Users OU?
Thanks a lot for your help,
Chris
yes... these are all your files, you should edit all of them.
Make sure LocalDomainServers have manager rigths to all of these databases
I should give your users reader rights to names.nsf,
(and give your admins manager rights ...)
a user shouldn't have access to other files... --------------------------------------------------------------------
How can I believe in God when just last week I got my tongue caught in the roller of an electric typewriter?
---------------------------------------------------------------------
I have not failed, I've just found 10,000 ways that don't work
---------------------------------
Make sure LocalDomainServers have manager rigths to all of these databases
I should give your users reader rights to names.nsf,
(and give your admins manager rights ...)
a user shouldn't have access to other files... --------------------------------------------------------------------
How can I believe in God when just last week I got my tongue caught in the roller of an electric typewriter?
---------------------------------------------------------------------
I have not failed, I've just found 10,000 ways that don't work
---------------------------------
- Thread starter
- #5
How's this look...
Secure databases with ACLs
- edit all of the databases and give the following rights
• Anonymous – No Access to all databases
• Default – No Access to all databases
• LocalDomainServers – Manager rights to all databases
• Admin Group – Manager rights to all databases
• Users OU – Read rights to names.nsf
• Users OU – No Access to all other databases
Secure databases with ACLs
- edit all of the databases and give the following rights
• Anonymous – No Access to all databases
• Default – No Access to all databases
• LocalDomainServers – Manager rights to all databases
• Admin Group – Manager rights to all databases
• Users OU – Read rights to names.nsf
• Users OU – No Access to all other databases
yes...
(but don't take away their rights from their own mailbox,
and don't take away rights to mail.box
(I believe they have to be author to that file... don't change the ACL on that file...) --------------------------------------------------------------------
How can I believe in God when just last week I got my tongue caught in the roller of an electric typewriter?
---------------------------------------------------------------------
I have not failed, I've just found 10,000 ways that don't work
---------------------------------
(but don't take away their rights from their own mailbox,
and don't take away rights to mail.box
(I believe they have to be author to that file... don't change the ACL on that file...) --------------------------------------------------------------------
How can I believe in God when just last week I got my tongue caught in the roller of an electric typewriter?
---------------------------------------------------------------------
I have not failed, I've just found 10,000 ways that don't work
---------------------------------
Guest_imported
New member
- Jan 1, 1970
- 0
- 0
- 0
you shod put Anonymous to NO ACCESS and default to no access
but only if you have config the configuration document in the names and address book to allow anonymous connection
and you shod put
Anonymous = NOACCESS
AND
default = NOACCESS
AND
You self to the Administrator group in all Templates on the domino server
Best Regards Kristian
but only if you have config the configuration document in the names and address book to allow anonymous connection
and you shod put
Anonymous = NOACCESS
AND
default = NOACCESS
AND
You self to the Administrator group in all Templates on the domino server
Best Regards Kristian
One more thing. You can add the Admin group, with appropriate rights assigned, to the ACLs of all your templates like this --> [Admin]
Putting brackets around the group name will add the group to the ACL of all new databases you create with the templates! (Placing the Admin group in the ACL of the template without the brackets--like you normally add groups/people to ACLs--only gives Admins access rights to the template itself.) This is very helpful for creating email databases, mail.box files if you have to delete and re-create them, etc. because you don't have to manually add the groups to the ACLs after db creation.
DDickey
Putting brackets around the group name will add the group to the ACL of all new databases you create with the templates! (Placing the Admin group in the ACL of the template without the brackets--like you normally add groups/people to ACLs--only gives Admins access rights to the template itself.) This is very helpful for creating email databases, mail.box files if you have to delete and re-create them, etc. because you don't have to manually add the groups to the ACLs after db creation.
DDickey
- Status
Similar threads
- Locked
- Question