User types in the ACL
About this task
A user type identifies whether a name in the ACL is for a person, server, or group. When you assign a user type to a name, you specify the type of ID required for accessing the database with that name. The user types are Person, Server, Mixed Group, Person Group, Server Group, and Unspecified. The -Default- group in the ACL is always assigned Unspecified as the user type.
User types provide additional security for a database. For example, assigning the Person user type to a name other than '"unspecified" prevents an unauthorized user from creating a Group document with the same person name, adding his or her name to the group, and then accessing the database through the group name.
Designating a name as a Server or Server Group prevents a user from using the server ID at a workstation to access a database on the server. Be aware, though, that designating a name as a Server or Server Group is not a foolproof security method. It is possible for a user to create an add-in program that acts like a server and uses a server ID to access the server database from a workstation.
Instead of manually assigning a user type to each name, you can automatically assign a user type to all unassigned names in the ACL. The user type assigned to each name is determined by the Domino® Directory entry for that name. Using this method, a group is always designated as Mixed Group, and not as a Person Group or a Server Group. To assign a Person Group or Server Group to a name, you must select the name and manually assign that user type.
To manually assign a user type to a name
Procedure
- Make sure that you have Manager access in the database ACL.
- Select the database icon from your Bookmarks pane.
- Choose File - Database - Access Control.
- Select a name to which you want to assign a user type.
- Select a user type and click OK.
To automatically assign user types to unspecified users
Procedure
- Make sure that you have Manager access in the database ACL.
- Select the database icon from your Bookmarks pane.
- Choose File - Database - Access Control.
- Click the Advanced icon.
- Click "Look Up User Types for 'Unspecified' Users."
- Click OK.