Hello,i want to bring the mailbox-access rights of our users from Manager to Editor access. I have tested everything (with Author access to admin4)and it worked fine. My question is can i reduce the admin4 access to depositor, because every user has only to drop requests in. I have tested this and it worked also fine. Does anyone have experiences about known risks to this topic??
Thanks for any response
Regards Konrad
Subject: OOO Agent Author/Depositor rights in Admin4 necessary??
This should work fine – we suggest that the default access on admin4.nsf be author because before some Administration request are created, the core notes code will check to ensure that one to do the exact same operation has not already been posted (it doesn’t keep track of requests that have been created). Depositor should work fine for your application
Subject: RE: OOO Agent Author/Depositor rights in Admin4 necessary??
David, thank you very much for your response. We discussed in the moment another issue, because we think that the general access to the admin4.nsf (deopsitor or author) is a security problem. It seems to be possible to drop faked requests into the admin4 database. What do you think abouut that?
Thanks ins advance