Editing administration ECLs

You can configure the default admin ECL in the Domino® Directory. This edits the default admin ECL used to create workstation ECLs. You may want to maintain multiple admin ECLs to apply to different groups of users.

Procedure

  1. From the Domino® Administrator, click the Files tab.
  2. From the Servers pane, choose the server to work from.
  3. Open the Domino® Directory (NAMES.NSF).
  4. Choose Actions > Edit Administration ECL.
  5. Optional: Select -Default- and then select access options.
  6. Optional: Select -No Signature- and then select access options.
  7. To add an entry, click Add, enter the name of a person or server, and then click OK.
    1. Enter an asterisk (*) to allow access to all users, even those not listed in the Domino® Directory, access.
    2. Enter an asterisk (*) followed by a certifier name -- for example, */Renovations -- to allow access to users certified by that certifier.
      Note: Add entries to the ECL even if you want to deny access to a person, group, or organization. Then you can overwrite existing entries in workstation ECLs and essentially undo any trust users have granted. For example, to revoke access previously granted to someone, add that person to the administration ECL, but don't give them any privileges. When the updated administration ECL is distributed, it will overwrite the workstation ECLs with the updated privileges for that person.
  8. To remove an entry, select it from the list and click Remove.
    Note: Removing an entry will not deny access to that entry when existing client ECLs are refreshed. To ensure that this entry no longer has access, leave the entry in the list and instead, remove all rights.
  9. To rename an entry, select it from the list and click Rename.
    Note: It may be better to leave the existing entry and add a new entry with the new name instead. Active content signed with the user's previous name will then still be allowed the same access it had before.
  10. To let users modify their workstation ECLs or enable Java applets from trusted senders, select Allow users to modify.
  11. Click OK.