Hi List,I have 12 servers with hundreds of applications and mail files, I would like to automate the addition of
Anonymous with No Access in the ACLs for 95% of these databases, as most of our stuff is by default available over the net.
Q1. Is this the right approach. There is a default permission, but I am primarily concerned with what is accessible over the web, is Anonymous == Default?
Q2.Should I bother with Anonymous, or can I get away with just setting the default to no access?
Q3. Does default set permissions for the client and/or web.
Q4. Is there a way to set Anonymous to “No Access” server wide.
Q5. If I have to write an agent, where would I put this agent to run server wide, does it matter?
Q6. Is there a way to have the right no access permissions set on creation of a database, so any developer cannot help but have the correct permissions int he first place.
As you can tell, I am at your mercy, I’m reading and learning, and doing the best I can, but hundreds of applications across 12 servers is taking a LONG time, and I would appreciate any help, I am not scared of hard work, but love elegance over braun!!
Thanks, m
Subject: acls on multiple databases
Anonymous is not quite the same as Default – Default includes both Notes client and web access, and includes authenticated users not listed elsewhere in the ACL. If Default has no access, then anonymous users will have no access unless you override that with an Anonymous entry having different permissions.
You can block anonymous users server-wide (disallow anonymous access on the server document in the NAB), but that’s an absolute setting – you would need a separate server if you want to open one or more databases to the internet for anonymous access, since the server setting would take precedence over the database ACL.
Subject: RE: acls on multiple databases
if your are the admin of your server, you could add the Anonymous access by right clicking the root of your data folder.
Subject: RE: acls on multiple databases
Thank you so much Jean-Yves!
I have done this, and modified all the databases to Add Anonymous with no access, it worked with no errors.
I have a single database that I want to allow anonymous access for, I have opened it and set the ACL to allow both default and anonymous as readers, but the server still demands crendentials. I have verified the ACL using the effective access button in the admin client. Also for good measure I went to the Server consol and
tell adminp process all
Have you any idea why modifying all databases worked, while re-modifying just one does not.
ps. I am using the command line to telnet to the webserver (without a proxy) to make sure there are no caching issues getting in the way, so I am certain the server is still requesting crendentials.
Subject: RE: acls on multiple databases
Are you sure that the server allows anonymous access?
Subject: RE: acls on multiple databases
yes, you are right steve!I dont know how, but before I made this change to all the databases (by following J-Y and right clicking the root and modifying the anonymous acl) the server did permit anonymous access for the databases because that was the issue I was trying to solve.
Only after the ACL change did the server have its “tcp/ip authentication allow anonymous access set to no”
Thanks for your input! Now to test the other databases can be accessed by users with passwords and the jobs done!
Subject: RE: acls on multiple databases
Steve??? 
…Stan is the man!!!
JYR
Subject: RE: acls on multiple databases
strangely stan (sorry not steve i am tooo tired), not only did that happen, but also that virtual servers tcp/ip authentication “username and password” option was set to “no” whereas before the change all the users could access inotes using their username and password fine.
Do these effects make sense to you, I can confirm that all I did was to right click the root directory and modify all 300 odd databases at once by adding Anonymous and setting it to no access. I was doing this on a per database basis but it was taking so long I jsut wanted a way to set them all at once - should it be the case that selected 300 databases and making a batch change should affect the virtual servers authentication options
Thanks for your insight I really appreciate it.