| If you add a user name to a group and to a database ACL, two things have to happen before it's effective:
1. The hidden view $ServerAccess in the PAB has to be updated. Typically this happens within 30 seconds or a few minutes at most, by the background Update task.
2. The user has to start a new session to the server. This is because the user's group memberships are evaluated at session initiation time. The user can stop and restart Notes, can simply hit F5, or can just wait a while for the session to be dropped. Also the server console operator can drop a session with the Drop command.
One other thing: it's important for security reasons to put full hierarchical names in groups and ACLs. This will prevent someone with the same common name but a different OU (for example) from getting access where they shouldn't.
Charlie Brown
Domino Directory Product Manager
charlie_brown@lotus.com
previous page
|