Extended ACL - example 1

The Renovations company uses this name hierarchy within its Domino® Directory: the organization O=Renovations, and two subordinate organizational units within it, OU=Sales and OU=Engineering. The Renovations company wants to prevent users registered under OU=Sales from accessing documents within OU=Engineering, and wants to prevent users registered in OU=Engineering from accessing documents within OU=Sales.

About this task

Renovations does the following to accomplish these security goals:

Procedure

  1. Sets the -Default- access in the Domino Directory database ACL to Reader.
  2. Denies the subject */Sales/Renovations all access to the target OU=Engineering.
  3. Denies the subject */Engineering/Renovations all access to the target OU=Sales.