Setting a subject's access to an extended ACL target

You can set a subject's access to an extended ACL target in a Domino® Directory or an extended directory catalog.

Procedure

  1. Review the guidelines for setting up an extended ACL.
  2. Open the Domino Directory or extended directory catalog.
  3. Make sure you have enabled extended access for the directory.
  4. If more than one administrator manages the extended ACL, enable the advanced database property Allow document locking. Document-locking ensures that only one administrator can modify the extended ACL at a time.
    1. Choose File > Application > Properties
    2. Select Allow document locking.

    For more information on locking documents, see IBM® Notes® 9.0.1 Social Edition Help.

  5. Choose File > Application > Access Control to open the Access Control List dialog box. Make sure you have one of the following:
    • Manager access.
    • Editor or Designer access and the Administer extended ACL access to the target for which you are setting the subject's access. Either a database manager or someone with Administer access to the target must give you this access.
  6. With Basics selected, click Extended Access.
  7. In the Target box next to the Extended Access at target dialog box, expand target categories as necessary and select the target.
    Tip: Deselect Show only containers to show the documents under each target category. Select the option to show only the target categories. You can choose a single document as a target, but doing so is discouraged.
  8. Next to People, Servers, Groups for the Access List box, select one:
    • Show Modified -- to show only subjects whose access to the selected target is set at the target.
    • Show All -- (default) to show subjects whose access to the selected target is set at a higher target using the This container and all descendants scope, as well as to show subjects whose access to the selected target is set at the target.
  9. To add the subject for which you are setting access to the selected target, do one:
    • Click Add > Name and type or select a subject name, then click OK. If the subject is a user, server, or group that is not in the directory for which you are controlling access, this prompt appears: "Subject can not be found in the directory. To continue, please specify the subject's type: Person, Server, Group." Select one of the options presented, then click OK.
    • Click Add > Default to add the subject -Default-.
    • Click Add > Self to add the subject Self.
    • Click Add > Anonymous to add the subject Anonymous.

      If a subject's access to the selected target is set at a higher target through the scope This container and all descendants and you add the subject to the selected target with new access settings, the new access settings then control the subject's access to the selected target.

  10. For the Scope of Target field of the Extended Access at target box, select one of the following to specify the scope of the subject's access at the selected target.
    • This container and all descendants (default) -- to apply the subject's access to the selected target and to all targets included in its subcategories.
    • This container only -- to apply the subject's access to the selected target only and not to targets in its subcategories.
      Note: If you selected a single document as a target in Step 7, the This container and all descendants option is not available.
  11. In the Attributes section of the Extended Access at target box, for each of the following select Allow or Deny to set the selected subject's default access to the selected target.
    • Browse
    • Create
    • Delete
    • Read
    • Write
    • Administer
  12. Optional: Set form-specific access to make exceptions to the default access.
  13. Click OK to save the extended ACL changes and close the Extended Access at target box.