DIRECTORY SERVICES


Setting overall access levels in the Domino Directory ACL
The IBM® Lotus® Domino® Directory, like all IBM® Lotus® Notes® databases, has an access control list (ACL) that controls the overall access that users and servers have. The following table shows the default name entries in the Domino Directory ACL and the default access settings for each entry.
Default name entryAccess levelUser type
-Default- Author access without the "Create documents" privilege or administration rolesUnspecified
AnonymousNo accessUnspecified
LocalDomainAdminsManager access with no administration rolesPerson group
LocalDomainServersManager access with all administration roles except PolicyCreator and PolicyModifierServer group
OtherDomainServersReader access Server group
Server in the domain on which the directory was created. Manager access with all administration rolesServer
Administrator specified during server setupManager access with all administration rolesPerson
You might want to customize the database ACL. For example, to have stricter control over database access, you might change the access for the -Default- entry to No Access and explicitly add the names of groups of users to the ACL that you want to allow access.

Note The default access for the -Default- entry allows users only to change some of the fields in their Person documents.

Related topics