What shuold be the minimum Default Access on Domino Directory? In all places where I worked thus far, I always had Default READER with Anonymous as NoAccess, nothing more. In my current position, I noticed that the default access on the directory is Author which I don’t think is correct and safe.
We use webmail (dwa7) and that allows users to change their internet password. Is Author access required to enable users to modify their internet password? Any ideas / opinions?
Regards and Thanks
Subject: Default ACL (Domino Public Address Book)
Author is normal, though maybe not universally accepted. AUTHOR grants only minimal access which can be broadened with roles. Also, if a user has author ACL access, simply clicking to add their name to a person doc or group doc allows them to edit it.
Subject: Default ACL (Domino Public Address Book)
While I’d rather assign it to a group that had everyone in it there is nothing wrong with using Author access as long as there are no rights to add or delete documents. The advantage to this is that users will be able to edit any document where their name appears in an author names field. This lets you delegate management of group documents by adding users names to Owner/Administrator fields.
I can’t stress strongly enough though if you give users Author access that they must NOT have ADD/DELETE rights.
HTH,
Rob
Subject: Default ACL (Domino Public Address Book)
I’ve always done this - but I could be wrong…
Anonymous: No Access
Default: No Access
*/Your_O-level_Cert: Author
This way, if someone walks away with the nab (or another database), they won’t be able to easily get into it unless they have a valid-to-your-domain ID.
Just a suggestion, I’m more of a developer these days…
-Chris