I want to restrict users from modifying entries in their own person document in the Domino Directory, except for the Internet password field.Is it possible to set the ACL for the users to reader but to grant them write access to this field without making too many changes to the template?
Subject: Reader Access to Domino Directory
Your best bet is probably to lock down the address book and provide an external process for changing the internet password. Something like a request to change the password and an agent (signed by someone with access to make the change).
If you use this method, you shouldn’t have to chance the design of the address book at all.
This is how our ID Manager product does this exact thing. http://www.helpsoft.com.
Subject: Reader Access to Domino Directory
Thanks a lot, Brian.I will try it like that.
Subject: Reader Access to Domino Directory
I now created an agent which i want to place in the users’ mail database. The agent should switch the user’s ACL-level from reader to author, then set the new Password and after that switch ACL-access level back to reader.
I thought this might work if i sign the user’s database with th Domino server ID, but it doesn’t.(If the user is granted Manager access before starting the process, in the script debugger you will see that evrything works fine.
Any idea of a solution?