SECURITY


Controlling agents and XPages that run on a server
You can control the types of agents and XPages that users can run on a server. The fields in this section are organized hierarchically with regard to privileges. "Sign or run unrestricted methods and operations" has the highest level of privilege and "Run Simple and Formula agents" has the lowest. A user or group name in one list will automatically receive the rights of the lists beneath. Therefore a name has to be entered in only one list, which then gives that user the highest rights.

Tip Create a group for each class of users to be used in every category.

For a list of restricted LotusScript and Java features and information about agents and XPages, see IBM® Lotus® Domino® Designer Help.

1. From the IBM® Lotus® Domino® Administrator, click Configuration, and open the Server document.

2. Click the Security tab.

3. In the Programmability Restrictions section, complete one or more of these fields, and then save the document:
FieldAction
Sign or run unrestricted methods and operationsEnter the names of users and groups who are allowed to select, on a per agent basis, one of three levels of access for agents signed with their IDs. Users with this privilege select one of these access levels when they are using Domino Designer to build an agent:
  • Do not allow restricted operations
  • Allow restricted operations
  • Allow restricted operations with full administration rights.
Only users who can sign or run unrestricted methods and operations may activate an agent option other than "Do not allow restricted operations." These privileges are given by default to the current server and to IBM® Lotus® Notes® Template developers.

If users in this list are also listed as a database administrator in the Server document, they are allowed to perform database operations without having to be listed explicitly in the database ACL. (for example, they can delete databases without being listed in the ACL of those databases).

Note To have the ability to run unrestricted agents with full administration rights, the agent signer should be listed in this field, or in the Full Access Administrator field, as well as have this access level selected in the Agent properties security tab. Being listed in Full Access Administrator list alone is not sufficient to run agents in this mode.

Note XPages: To have the ability to run unrestricted XPages, the XPage builder should be listed in this field. Note that XPages do not execute with full administration rights. If XPage builders are listed in the Full Access Administrator field, their XPages will have unrestricted rights without full administration rights.

Sign agents to run on behalf of someone elseEnter the names of users and groups who are allowed to sign agents that will be executed on anyone else's behalf. The default is blank, which means that no one can sign agents in this manner.

Note This privilege should be used with caution, as the name for whom the agent is signed on behalf of is used to check ACL access.

Sign agents or XPages to run on behalf of the invoker of the agentEnter the names of users and groups who are allowed to sign agents or XPages that will be executed on behalf of the invoker, when the invoker is different from the agent or XPage signer. This setting is ignored if the agent or XPage signer and the invoker are the same. This is used currently only for Web agents and XPages. The default is blank, which means that everyone can sign agents or XPages that are invoked in this manner (this is for backwards compatibility).
Run restricted LotusScript/Java agentsEnter the names of users and groups allowed to run LotusScript and Java agents, but excluding privileged methods and operations, such as reading and writing to the file system. Leave the field blank to deny access to all users and groups.
Run simple and formula agentsEnter the names of users and groups allowed to run to run simple and formula agents, both private and shared. Leave the field blank to allow all users and groups to run simple and formula agents, both private and shared.
Sign script libraries to run on behalf of someone elseEnter the names of users and groups who are allowed to sign script libraries in agents or XPages executed by someone else. For the purposes of backwards compatibility, the default value is to leave the field empty, to allow all.
Related topics