ADMINISTRATION TOOLS


Setting up access to the Web Administrator database
IBM® Lotus® Domino® automatically sets up default database security when the IBM® Lotus® Domino® Web Administrator database (WEBADMIN.NSF) is created for the first time. At that time, all names listed in either the Full Access Administrators or Administrators fields of the Server document are given Manager access with all roles to the Web Administrator database. In addition, the HTTP server task periodically (about every 20 minutes) updates the Web Administrator database ACL with names that have been added to the Server document in either the Full Access Administrators or Administrators fields, but only if the names are not already on the ACL list.

For more information on how the HTTP server task synchronizes names in the Server document with those on the Web Administrator database ACL, see "Giving additional administrators access to the Web Administrator" in this guide.

Default database security

The default ACL settings for the Web Administrator database are listed below. You do not need to change these settings if the administrator's name appears in the Administrators field of the Server document.

Access control list
Default nameAccess level
User and group names listed in either of these fields on the Server document:
  • Full Access Administrators
  • Administrators
Manager with all roles
The name of the serverManager
-Default-No access
AnonymousNo access
OtherDomainServersNo access

Authenticating administrators

You can use either an Internet password or an SSL client certificate to access the Web Administrator. The Web Administrator uses either name-and-password or SSL authentication to verify your identity. The method the Web Administrator uses depends on whether you set up the server or the Domino Web Administrator database (WEBADMIN.NSF), or both to require name-and-password or SSL authentication.

To access the Web Administrator database, you must have name-and-password authentication or SSL client authentication set up on the server. Name-and-password authentication is enabled for the HTTP protocol by default.

To use name-and-password authentication, you must have an Internet password in your Person document. To use SSL client authentication, you must have a client certificate, and SSL must be set up on the server.

Related topics