The Access Control List
Every database includes an access control list (ACL), which IBM® Notes® uses to determine the level of access users and servers have to a database. Levels assigned to users determine the tasks that users can perform on a database. Levels assigned to servers determine what information within the database the servers can replicate.
About this task
Only someone with Manager access can modify the ACL. The Designer and Manager of the database can coordinate to create one or more roles to refine access to particular views, forms, sections, or fields of a database. For details on using the Access Control List in databases that you manage or design, see the IBM Domino® Designer Help.
ACLs apply only to databases stored on servers, not databases stored locally. If you make a change to a local database and replicate the database up to the server, replication honors the level of access you have in the ACL on the server. For example, if you have Reader access to a database on a server and you add new documents to your local replica of the database, your new documents will not get added to the database when you replicate the local replica up to the server again. Reader access does not allow you to create new documents. However, it is possible for database designers to enforce a consistent ACL across all replicas of a database, so even local databases would honor the ACL. For more information on enforcing ACLs in replicas, see Enforcing a consistent access control list.
To view the ACL for a database, open the database, and choose File > Application > Access Control. Select a person or server in the list to view the assigned access level. To view all people or servers assigned to a particular level in the ACL, select the level you would like to view from the "People, Servers, Groups" drop-down list.
Click any of these topics:
- To add a user to the access control list and set the access level
- Access levels for a database
- Additional privileges in the access control list
- To remove a user from the access control list
- To rename a user in the access control list
- To display a name's effective access in the access control list
- Creating and managing roles