Expanded Membership Model

hcl-bot · February 14, 2011, 12:13pm

Has anyone used the “Expanded Membership Model” in Domino?We have run into a problem with the ACL over the limit of 32K accepted by IBM.

Groups should be the right solution (right now for various inherited reasons we have individual entries), but I just want to explore this option as well before going through the exercise of matrix-ing a huge number of combinations between groups and roles.

TIA

hcl-bot · February 17, 2011, 1:26pm

Subject: user groups

Best practices for security are “put users and computers(servers) in groups, put groups in ACLs”. Also, organizing users by their business function (not department, but function) usually gets you granuarly down to the groups of people who should have different access/roles within applications.