Configuring a database ACL http://publib.boulder.ibm.com/infocenter/domhelp/v8r0/topic/com.ibm.he...

IBM Lotus Domino Administrator 8.0

Versions 8.0, 8.0.1, and 8.0.2

Configuring a database ACL

Plan the database access for the application before adding users, groups, or servers to a database ACL. After you
add a name to the ACL, assign an access level to the name. Although assigning a user type is optional, it provides
an additional level of security. Add access level privileges and roles if the application requires them. After you
configure a database ACL, users can click the Effective Access button on the ACL dialog in the IBM® Lotus®
Notes ® client to view their level of access to a database.

You can make changes to multiple ACLs on a server through the Multi-ACL Management dialog box in the
Administration Client. For information about using the ACL dialog in the Notes client to edit an ACL for a single
database, see Notes 8 Help.

To configure a database ACL:

1. Make sure that you have:

Manager access in the database ACL.
Created the roles and groups that you want to use in the ACL.
2. From the IBM® Lotus ® Domino® Administrator Server pane, select the server that stores the databases.
3. Click Files, and select one or more databases from the Domino data directory.

Note You can add the same entry to more than one database. You can also edit and remove entries from
multiple databases. See the topic "Editing entries in multiple ACLs" later in this chapter.

4. From the Tools pane, select Database - Manage ACL.

5. Add entries for Notes users, servers, groups, and authenticated Internet users.
6. Set the access level for each entry.
7. (Optional) For additional security, select a user type for each entry.
8. (Optional) Refine the entries by restricting or allowing additional access level privileges.
9. (Optional) Assign roles to ACL entries. The role displays a check mark when selected.
10. (Optional) Enforce a consistent ACL across all replicas of the database.
11. (Optional) Assign an administration server to enable the Administration Process to automatically update ACL
entries.
12. (Optional) To prevent users whose access levels are Depositor or No Access from using the operating
system to copy the database, encrypt the database with the server ID through the local Encryption option.
This ensures that the database, even when copied, is illegible to anyone who doesn't have access to the
server ID.
13. Click OK to save your changes.

Related topics
Roles in the ACL
Editing entries in multiple ACLs
Access levels in the ACL
User types in the ACL
Access level privileges in the ACL
Enforcing a consistent access control list
Using the Administration Process to update ACLs
Default ACL entries
Acceptable entries in the ACL
Managing database ACLs

Library | Support | Terms of use | Submit Feedback

Last updated: Thursday, August 14, 2008

© Copyright IBM Corporation 1987, 2008.
This information center is built on Eclipse. (http://www.eclipse.org)

1 of 1 11/23/2010 9:08 AM