Setting a subject's access to an extended ACL target
You can set a subject's access to an extended ACL target in a Domino® Directory or an extended directory catalog.
Procedure
- Review the guidelines for setting up an extended ACL.
- Open the Domino® Directory or extended directory catalog.
- Make sure you have enabled extended access for the directory.
- If more than one administrator manages the extended ACL,
enable the advanced database property Allow document locking.
Document-locking ensures that only one administrator can modify the
extended ACL at a time.
- Choose
- Select Allow document locking.
For more information on locking documents, see HCL Notes® Help.
- Choose
to open the Access
Control List dialog box. Make sure you have one of the following:
- Manager access.
- Editor or Designer access and the Administer extended ACL access to the target for which you are setting the subject's access. Either a database manager or someone with Administer access to the target must give you this access.
- With Basics selected, click Extended Access.
- In the Target box next to the Extended Access
at target dialog box, expand target
categories as necessary and select the target.Tip: Deselect Show only containers to show the documents under each target category. Select the option to show only the target categories. You can choose a single document as a target, but doing so is discouraged.
- Next to People, Servers, Groups for
the Access List box, select one:
- Show Modified -- to show only subjects whose access to the selected target is set at the target.
- Show All -- (default) to show subjects whose access to the selected target is set at a higher target using the This container and all descendants scope, as well as to show subjects whose access to the selected target is set at the target.
- To add the subject for which you are setting access to
the selected target, do one:
- Click and type or select a subject name, then click OK. If the subject is a user, server, or group that is not in the directory for which you are controlling access, this prompt appears: "Subject can not be found in the directory. To continue, please specify the subject's type: Person, Server, Group." Select one of the options presented, then click OK.
- Click to add the subject -Default-.
- Click to add the subject Self.
- Click
If a subject's access to the selected target is set at a higher target through the scope This container and all descendants and you add the subject to the selected target with new access settings, the new access settings then control the subject's access to the selected target.
to add the subject Anonymous.
- For the Scope of Target field of
the Extended Access at target box,
select one of the following to specify the scope of the subject's
access at the selected target.
- This container and all descendants (default) -- to apply the subject's access to the selected target and to all targets included in its subcategories.
- This container only -- to apply the subject's access to the selected
target only and not to targets in its subcategories.Note: If you selected a single document as a target in Step 7, the This container and all descendants option is not available.
- In the Attributes section of the Extended Access
at target box, for each of the following
select Allow or Deny to set the selected subject's default access
to the selected target.
- Browse
- Create
- Delete
- Read
- Write
- Administer
- Optional: Set form-specific access to make exceptions to the default access.
- Click OK to save the extended ACL changes and close the Extended Access at target box.