How to avoid users opening replica on specific server

hcl-bot · June 21, 2003, 3:22am

Hi

I know this might sound like an imbecile question, but I feel I’ve tried every possibility to find a solution for my problem, without ány luck, so please could some wise guy or woman GG help me in the right direction on this one…

My scenario is that I have several Domino servers running replicas of databases inside a LAN and across a WAN. My problem is that the Notes client sometimes pick the replica which it accesses trough the WAN…meaning SLOWWWWWW performance…and some times it behaves nicely and stays within the LAN…is there any way that I can prohibit the client from picking this replica which is outside our LAN…need to say that our servers inside the LAN are clustered…but the replication to the WAN server is NOT clustered…meaning it runs normal replication…I’ve tried to find out whether it’s possible to put another ACL into the WAN replica to keep LAN users from accessing this…but I havent been able to figure out how to do this, all ACL changes replicates back to the other replicas…

Thanks in advance…

Reg Anders /Nilpeter

hcl-bot · June 22, 2003, 10:56am

Subject: How to avoid users opening replica on specific server

There are two ways to solve your problems:

The simple one, if the WAN server acts like a hub server: If your users inside the LAN are not required to access databases on the WAN server, then just edit the server document of the WAN server, Security tab, and specify only a few people and/or groups that are allowed to use the server (don’t forget the Administrators, who should be allowed to access the WAN server)
The second way. Edit the Replication Settings of the database on EVERY server (or at least on the WAN server and the servers replicating with this one). On the Advanced tab, uncheck the Access control list checkbox in the Replicate section. Now change the ACL of the database on the WAN server and exclude users. Don’t forget to give servers a proper access to all replicas of the database. The disadvantage of this method is that if there are changes of the ACL of this database (e.g. you need to add a role), you will have to apply the change to all replicas of the database.

If you do not uncheck the Replicate\Access Control List on all replicas, then a manual replication will transfer the ACL from the server where this option is unchecked to the server where this option is not unchechecked.

hcl-bot · June 27, 2003, 11:39am

Subject: How to avoid users opening replica on specific server

First, put the WAN server name in the ACL of the database explicitly and make it designer access.

Change the ACL of the WAN server replica to restrict who can access it and change the entry for the other servers (usually LocalDomainServers) to be designers in its ACL so they cannot change the ACL.

The downside is that you’ll have to make modifications to the ACL on the WAN server replica manually if it needs to be updated in the future, since ACL changes will no longer propagate, the ACL on the internal servers should still replicate between them.

hcl-bot · June 21, 2003, 10:32am

Subject: How to avoid users opening replica on specific server

Hello Anders,

are your servers placed on different Notes Named Networks ?

If not, I think that putting them on different networks could help solve your problems.

/Brian