does somebody know a possibility to write-protect the root data folder?
In the notes.ini our Directory is set to
Directory=/export/notes/data
So the problem is some of our Lotus Newbies create their first database in /export/notes/data. After 3 weeks I have to clean all the mess and I want to avoid this work.
The subfolders are protected fine with acl, but when I want to protect the root folder I get the message :
“You cannot apply an ACL to the root data folder. Select a folder under the root folder”
Is there a possibility. Because we are running Linux I tried to write protect the folder for the user notes with
chmod u-w data
with the result that people couldn’t make attachments to mails.
If somebody has an idea I would really appreciate it.
To my knowledge, there is no such way in Domino itself. I would never change the permissions on the directories, because of those unexpected side-effects. Domino does a lot of things in your local data directory: f.e. write to bookmark.nsf, wite to notes.ini, desktop.dsk, to name just a few.I never saw a company where somebody was worried about local databases that were created in Notes. Why is it a bad thing they experiment locally? And why not let them clean up what they created themselves?
first thanks for the reply. I thought nobody has a solution (or answer) to my question.
The thing is that there are a lot of Newbies in my group. Without even thinking what they are doing they create a database in the root folder without cleaning it up afterwards.
So I have to look manually into the root folder hoping that there are no important databases of our staff. That’s annoying.
I think such an expensive software like Lotus should provide such a possibility for an administrator (and I am pretty sure Lotus have it)
I can not imagine that the staff of IBM will scroll through a hundred of unused databases (where the half is called testXYZ.nsf) in the root folder just to open one personal database.
Maybe there is a possibility (I can not imagine that IBM did not implement it) Or maybe some ideas for a workaround.
I cannot imagine that IBM is using any secret tool to prevent users from creating databases directly in the data directory. If they have the right to create databases, that’s what they have. After all, is a dead database in some subfolder really better than one in the data directory? I don’t think so.
Also consider the fact, that there is an annoying bug with the remote debugger on Linux (probably any Unix) servers: You can only remotely debug agents in databases that are NOT in a sub-directory. Even if it is less than ideal that we have to work around this bug in the first place, there can be very valid reasons for very experienced developers to put a database into the data directory.