After upgrading from 6.5.4 to 8.5, several of our users are receiving an error message “You are not authorized to perform that operation” when trying to access some of their local replicas. The users have access to the server copy of the database. The only way to remedy the problem is to delete the local database and recreate a new local replica. A few days (or weeks) later, the same error occurs and the user must recreate the local replica again. Has anyone else experienced this problem after upgrading to Notes 8.5?
More Info: Switching to another ID allows the affected database(s) to be opened locally. Also, I’ve noticed that the ACL’s are completely blanked out and the default access says “No Access”. The server replica of the database has the setting “Enforce consistent ACL across all replicas” so the end user would not have access to change the ACL. This problem has happened to at least 10 of our remote users and its happening across different databases. The problem is only happening to our users who have upgraded from 6.5.4 to 8.5.
Any help or suggestions on how to fix this would be greatly appriciated.
you said "switching to another ID allows them to be opened"Is it a specific other ID per machine, or does switching to ANY other Id on that machine work? I wonder if they are somehow getting encrypted to a specific ID? The default for local replicas is to encrypt them…
Hi Maria, I tried two different IDs other than the ID that created the replica. Both will open the affected database. Also, I’ve never modified the encrytion settings.
We disabled the McAfee Email Virus Scanner from the user’s machine who were having the problem and this seems to have fixed the issue. More specifically, our users were running McAfee version 8.5i with the Email Scanner (NCDaemon.EXE)enabled. After disabling the Email Scanner, the problem has not reappeared. McAfee has stated that version 8.5i is not supported with Lotus Notes 8.5 and that we should upgrade to McAfee version 8.7. However, we have not been able to verify/test that 8.7 plays nice with Lotus Notes 8.5.
Subject: Are you users in the ACL by Name or Group, and do you have people sharing the machine ?
When you grant access to a database by GROUP, and a user creates a Local Replica, there is a hidden ACL entry with the same access as they have via the group. (This is needed as opening local databases does not use the group access.)
As such, that database is only available to THAT user, and not other users who may use that machine who’s access is via a group.