Home
IBM® Domino 10.0.1 Documentation
Welcome to the IBM® Domino 10.0.1 Administrator Help.
Securing
This section describes IBM® Domino® security features, including execution control lists, IDs, and SSL.
Server access for Notes® users, Internet users, and Domino® servers
To control user and server access to other servers, Domino® uses the settings you specify on the Security tab in the Server document as well as the rules of validation and authentication. If a server validates and authenticates the Notes® user, Internet user, or server, and the settings in the Server document allow access, the user or server is allowed access to the server.
Customizing access to a Domino® server
After you set up basic access for IBM® Notes® users and IBM Domino® servers, you can customize access to restrict specific users and servers to specific activities.
Controlling server access by browser clients that use Java™ and JavaScript™
These settings are for use only with IBM® Lotus® Domino® 5.x and earlier servers. They should not be used with a Domino 6 or later server and are included for the purpose of backwards compatibility only, to be used to manage prior releases of Domino servers with the current IBM Notes® client.

IBM® Domino 10.0.1 Documentation
Welcome to the IBM® Domino 10.0.1 Administrator Help.
- What's new in IBM® Domino® 10?
  Learn about all of the new features for administrators in IBM® Domino® 10.
- Overview
  Welcome to IBM® Domino® Administrator Help.
- Installing
  Use this documentation to install the IBM® Domino® server and subsequently deploy the IBM Notes® client.
- Planning
  Use this topic as an overview of planning task.
- Configuring
  Use this information to configure an IBM® Domino® network, users, servers (including Web servers), directory services, security, messaging, widgets and live text, and server clusters. Also use this information to set up IBM iNotes® on a server using Domino Off-Line Services (DOLS).
- Securing
  This section describes IBM® Domino® security features, including execution control lists, IDs, and SSL.
  - Overview of Domino security
    Setting up security for your organization is a critical task. Your security infrastructure is critical for protecting your organization's IT resources and assets. As an administrator, you need to give careful consideration to your organization's security requirements before you set up any servers or users. Up-front planning pays off later in minimizing the risks of compromised security.
  - Server access for Notes® users, Internet users, and Domino® servers
    To control user and server access to other servers, Domino® uses the settings you specify on the Security tab in the Server document as well as the rules of validation and authentication. If a server validates and authenticates the Notes® user, Internet user, or server, and the settings in the Server document allow access, the user or server is allowed access to the server.
    - Setting up Notes® user, Domino® server, and Internet user access to a Domino® server
      You can specify Notes® users and Domino® servers that are allowed to access the server, as well as users who access the server using Internet protocols (HTTP, IMAP, LDAP, POP3). If your system uses multiple Domino Directories, Domino searches only the first Domino Directory specified in the Names setting in the NOTES.INI file for Notes users. If you have enabled the server access settings for Internet protocols, you can also specify users from secondary Domino directories and external LDAP directories in the Allow or Deny access lists.
    - Customizing access to a Domino® server
      After you set up basic access for IBM® Notes® users and IBM Domino® servers, you can customize access to restrict specific users and servers to specific activities.
      - Denying Notes® users access to all servers in a domain
        To deny Notes® users access to all servers in a domain, lock out their user IDs and enable password checking. When locked-out users try to access the server, Domino® tries to verify the passwords they enter by comparing them against those stored in Person documents. Domino denies the users access because their IDs are locked out.
      - Restricting administrator access
        You can specify various access levels for different types of administrators in your organization. For example, you may want to give only a few people 'system administrator' access, while all of the administrators on your team are designated as database administrators.
      - Comparing public key values
        The signatures on user and server certificates exchanged during authentication are always checked. You can enable an additional level of verification for public keys, by having the value of the key passed in the certificates checked against the value of the key listed in the IBM® Domino® Directory. It is possible for users to authenticate with a server, but have a mismatch between the value of the public keys in their certificates and what is listed for them in the Domino Directory.
      - Setting up anonymous server access for Notes® users and Domino® servers
        When a server is set up for anonymous access, Notes® users and Domino® servers do not need a valid certificate to access the server, since the server does not validate or authenticate them. Use anonymous access to allow users and servers outside your organization to access a server without first obtaining a certificate for the organization. You can also set up anonymous access for Internet/intranet users.
      - Controlling access to a specific server port
        Use a port access list to allow or deny IBM® Notes® user and IBM Domino® server access to a specific network port. If you use a port access list and a server access list, users and servers must be listed on both to gain access to the server.
      - Controlling creation of databases, replicas, and templates
        To manage available disk space, control which users and servers are allowed to create databases and replicas on a server. If your system uses multiple Domino® Directories, IBM® Domino searches only the first Domino Directory specified in the Names setting in the NOTES.INI file.
      - Controlling the use of headline monitors
        Notes® users can set up their headlines to search server databases automatically for items of interest. You can control which users can or cannot access this server for headlines. This task applies toIBM® Notes users only.
      - Controlling access to a pass-through server or pass-through destination
        A pass-through server allows users and servers to use a pass-through connection to connect to another server. The server to which users connect is called a pass-through destination. You can control which users and servers can access a pass-through server and pass-through destination.
      - Controlling agents and XPages that run on a server
        You can control the types of agents and XPages that users can run on a server. The fields in this section are organized hierarchically with regard to privileges. For example, Sign or run unrestricted methods and operations has the highest level of privilege and Run Simple and Formula agents has the lowest. A user or group name in one list automatically receives the rights of the lists beneath. Therefore a name has to be entered in only one list, which then gives that user the highest rights.
      - Controlling server access by browser clients that use Java™ and JavaScript™
        These settings are for use only with IBM® Lotus® Domino® 5.x and earlier servers. They should not be used with a Domino 6 or later server and are included for the purpose of backwards compatibility only, to be used to manage prior releases of Domino servers with the current IBM Notes® client.
      - Controlling Web browser access to files
        You can use File Protection documents and Web realms to control Internet/intranet access to files on the servers.
      - Restricting access to a server's data directory
        By default, any Notes® user who can access a server can access the server's entire data directory. You can restrict Notes user access to a server's data directory or a subdirectory of the data directory by defining an access list, or ACL file, for it. ACL files are an option for protecting server directories, and contain the names of users authorized to access those directories.
      - Physically securing the Domino® server
        Physically securing servers and databases is just as important as preventing unauthorized user and server access. Therefore, locate all Domino® servers in a ventilated, secure area, such as a locked room. If servers are not secure, unauthorized users might circumvent security features -- for example, ACL settings -- access applications on the server, use the operating system to copy or delete files, and physically damage the server hardware itself.
    - Validation and authentication for Notes® and Domino®
      Whenever a Notes® client or Domino® server attempts to communicate with a Domino server to replicate, route mail, or to access a database, two security procedures use information from the client or server ID to verify that the client or server is legitimate. Validation establishes trust of the client's public key. If validation occurs successfully, authentication begins. Authentication verifies user identity, and uses the public and private keys of both the client and the server in a challenge/response interaction.
  - The database access control list
    Every .NSF database has an access control list (ACL) that specifies the level of access that users and servers have to that database. Although the names of access levels are the same for users and servers, those assigned to users determine the tasks that they can perform in a database, while those assigned to servers determine what information within the database the servers can replicate. Only someone with Manager access can create or modify the ACL.
  - Domino® server and Notes® user IDs
    Domino® uses ID files to identify users and to control access to servers. Every Domino server, Notes® certifier, and Notes user must have an ID.
  - The execution control list
    You use an execution control list (ECL) to configure workstation data security. An ECL protects user workstations against active content from unknown or suspect sources, and can be configured to limit the action of any active content that does run on workstations.
  - Domino® server-based certification authority
    You can set up a Domino® certifier that uses the CA process server task to manage and process certificate requests. The CA process runs as a process on Domino servers that are used to issue certificates. When you set up a Notes® or Internet certifier, you link it to the CA process on the server in order to take advantage of CA process activities. Only one instance of the CA process can run on a server; however, the process can be linked to multiple certifiers.
  - SSL security
    Secure Sockets Layer (SSL) is a security protocol that provides communications privacy and authentication for Domino® server tasks that operate over TCP/IP.
  - SSL and S/MIME for clients
    Clients can use a Domino® certificate authority (CA) application or a third-party CA to obtain certificates for secure SSL and S/MIME communication.
  - Encryption
    Encryption protects data from unauthorized access.
  - Name-and-password authentication for Internet/intranet clients
    Name-and-password authentication, also known as basic password authentication, uses a basic challenge/response protocol to ask users for their names and passwords and then verifies the accuracy of the passwords by checking them against a secure hash of the password stored in Person documents in the Domino® Directory.
  - Multi-server session-based authentication (single sign-on)
    Multi-server session-based authentication, also known as single sign-on (SSO), allows Web users to log in once to a Domino® or WebSphere® server, and then access any other Domino or WebSphere servers in the same DNS domain that are enabled for single sign-on (SSO) without having to log in again.
  - Using Security Assertion Markup Language (SAML) to configure federated-identity authentication
    Federated identity is a means of achieving single sign-on, providing user convenience and helping to reduce administrative cost. In Domino® and Notes®, federated identity for user authentication uses the Security Assertion Markup Language (SAML) standard from OASIS.
  - Using a credential store to share credentials
    In this release, the on-premises Domino® server can use a credential store application (credstore.nsf). The credential store is a secure repository for document encryption keys and other tokens necessary for Notes® client users to grant access to applications that use the OAuth (open authorization) protocol. OAuth allows user credentials to be shared with compliant applications so that users avoid extra password prompts.
- Administering
  This documentation provides information about the administration tools for managing and monitoring IBM Domino® servers and databases.
- Tuning
  Use this information to improve IBM® Domino® server, Domino Web server, and messaging performance through the use of resource balancing and activity trends, Server.Load commands, advanced database properties, cluster statistics, and the Server Health Monitor.
- Troubleshooting
  This section describes how to find and solve problems with IBM® Domino® server and Administrator client.
- Glossary

Controlling server access by browser clients that use Java™ and JavaScript™

These settings are for use only with IBM® Lotus® Domino® 5.x and earlier servers. They should not be used with a Domino® 6 or later server and are included for the purpose of backwards compatibility only, to be used to manage prior releases of Domino® servers with the current IBM® Notes® client.

Procedure

From the Domino® Administrator, click Configuration, and open the Server document.
Click the Security tab.
In the Programmability Restrictions section, complete one or both of these fields, and then save the document:
- Run restricted Java/JavaScript/COM - Enter the names of authenticated browser users and/or groups allowed to run server programs created with a specific set of Java™ and JavaScript™ features.
  Leave the field blank (default) to deny access to all users and groups.
- Run unrestricted Java/JavaScript/COM - Enter the names of authenticated browser users and/or groups allowed to run server programs created with all Java™ and JavaScript™ features. Leave the field blank (default) to deny access to all users and groups.

What to do next

For a list of restricted Java™ and JavaScript™ classes, see IBM® Domino® Designer Help in the IBM® Notes® and Domino® wiki.