Setting up a database ACL for server-to-server replication
You add the names of servers to a database ACL in the same way that you add the names of people. The access level given to a server in an ACL determines what, if any, changes that server can replicate to the replica.
Default server groups in an ACL
- LocalDomainServers - This group represents servers that are in the same Domino® domain as the server that stores the replica. Typically you assign this group a higher access level in the database ACL than the OtherDomainServers group.
- OtherDomainServers - This group represents servers that are not included in the Domino® domain of the server that stores the replica. Typically you would assign this group a more restricted access level in the database ACL than LocalDomainServers. For example, assigning this group Reader access in the ACL ensures that the local Domino® domain retains control over the database.
Access level privileges
For each access level, you can select or deselect these privileges:
- Create documents
- Delete documents
- Create personal agents
- Create personal folders/views
- Create shared folders/views
- Create LotusScript/Java agents
- Read public documents
- Write public documents
In general, for servers, enable all the privileges that the selected access level allows. This ensures that the server has access that is as high as users might have and can replicate all user changes. However, to prevent certain changes from replicating without deselecting privileges for each user, you can deselect a particular privilege for a server entry in the ACL.
For example, to prevent all document deletions made in a database on a particular server from replicating, deselect Delete documents in the ACL entry for the server. Then when users who have "Delete documents" access in the ACL delete documents, the deletions do not replicate.
Furthermore, in a hub-and-spoke configuration, the potential exists for replication back to the hub to affect the following design elements: views, folders, shared columns, and navigators. To prevent the spoke servers from replicating design elements changes to the hub. deselect the privilege Create shared folders/views in the ACL entry for each spoke server.
| Access level | Allows a server to push these changes | Assign to |
|---|---|---|
| Manager |
|
Servers you want to use as a source for ACL changes. For tight database security, give this access to as few servers as possible. In a hub-and-spoke server configuration, you typically give the hub server Manager access. |
| Designer |
|
Servers you want to use as the source for design changes. Use Manager access instead if you want one server to control ACL and design changes. |
| Editor |
|
Servers that users use only to add and modify documents. In a hub-and-spoke configuration, you typically give the spoke servers Editor access. |
| Author | New documents |
No servers. You do not typically use this access for servers. |
| Reader | No changes; server can only pull changes |
Servers that should never make changes. Servers in the OtherDomainServers group are often given Reader access. |
| Depositor | New documents. Also prevents the server from pulling changes. |
No servers. You don't typically use this access for servers. |
| No Access | No changes. Also prevents the server from pulling changes. |
Servers to which you want to deny access. Servers in the OtherDomainServers group are sometimes given No Access. |