When you delegate your mail and calendar, marking a calendar entry as Private doesn’t work. The delegates can still read the entry. Is there a work-around for this? A private entry should only be visisble to the person who created it…
Any help appreciated…
Subject: Private Entries
Private entries are only private to a delegate if they have access to your Calendar only. If the Delegate has access to your mail, then they’ll have access to private calendar entries.
Subject: Private Entries… revisited
Looks like they named it wrong then… should have been called “Sometimes Private”…
I think the Notes guys need to be aware that if its marked private… only the person who wrote the entry should be able to view it… regardless of delegation…
Is there ANY kind of work-a-round for this???
Subject: No workaround
because it’s working as designed. If you give access to Mail, then you’re allowing the viewing of Private entries. If you don’t want the delegate to see your Private entries, then only allow them Calendar access.
We do have enhancements written to change this behavior but it’s not a small change - it would change the basis of the ACL.
Subject: workarounds
the private option just makes it a private instead of a public document, nothing more, so it’s not really private in a secure sense, it’s just cosmetic (like the do not allow copy/forward thing).
two workarounds;
right click on the entry and select document properties, go to the security tab, untick “all readers and above”, tick your own name (will lock out all users except yourself and the db’s administration server), close the document properties dialog.
create an agent, call it “Make Entry Private”, to add a reader field with your name in it to the entry, should lock out everyone else of that document (except the db’s administration server and you). run it against the documents you want “hidden”
once youve replicated the change up to the server then all you have to do is wait for the delegate to replicate with it as well and then the private document will be removed from their replica (because they no longer have reader access to it).
note: both cases rely on having an administration server set for the database (and as its a mail file it should already have one), a normal server in the acl wont be able to read the document if it’s not in the reader list, whereas an admin server can see everything (regardless of reader or role requirements)