The "effective access" a person, server, or a group has
to documents in a database is not always apparent. For example, if
there are two groups with different levels of access to documents,
and someone is a member of both groups, you may wonder what access
the person actually has.
About this task
With one click, you can determine a person's effective
access to the documents.
Note: The Effective Access
list on a local replica of a database may differ from the Effective
Access list on a server replica. You my not have the same access to
the IBM® Lotus® Domino® Directory
to read groups when working in local replicas.
Procedure
- Open the database that you want to check.
- Click File > Application > Access
Control.
- Click Basics and then click the
"Effective Access" button.
- Select the person, server, or group whose effective access
you want to determine and then press Enter or click the "Calculate
Access" button.
- Access in the top left of the dialog box shows the selected
name's effective database access as determined by the database ACL.
- The checked boxes on the left side of the dialog box indicate
the access rights for the selected name.
- The "Groups" and "Roles" boxes on the right of the dialog
box show all the individual and group name entries and roles that
could potentially control the selected name's access to the documents
in the database.
- "Full Access Administrator" is checked if the person, server,
or group has full administrator rights to the database. For example,
if a person has this privilege, that person can delete the database
even if he or she does not have Manager access to the database.
Results
Note: A user may still have access to a database
by running an agent with the "Unrestricted with Full Access" privilege,
even if his or her name is not listed in the database's ACL. This
privilege exists, but is not reflected in Effective Access because
this privilege bypasses the ACL and reader lists. For example, an
administrator may want to run this type of agent on a database he
or she does not have access to in order to update a full-text index
on that database.