Privileges - ACL settings

The database Access Control List (ACL) defines privileges for users.

Depending on the access level assigned to a user, some ACL permissions are granted, denied, or optional. Privileges listed in the ACL are:

Create documents

This privilege allows users to create documents in a database. This privilege is:

  • Permanently granted to Managers, Designers, Editors, and Depositors
  • Permanently denied to Readers
  • Optionally granted to Authors
Delete documents

This privilege allows users to delete documents from a database. This privilege is:

  • Permanently denied to Readers and Depositors
  • Optionally granted to Managers, Designers, Editors, and Authors
Create personal agents

This privilege allows an IBM® Notes® developer or user to create agents that perform automated procedures in a database. This privilege is:

  • Permanently granted to Managers and Designers
  • Optionally granted to Editors, Authors, and Readers

Clear this option on server databases to prevent certain users from creating personal agents that take up server disk space and processing time. Use the Agent Restrictions settings in the Security tab of the Server document in the Directory to prevent users from running personal agents on a server, even if the Create personal agents permission in a server database ACL is selected.

Create personal folders/views

This privilege is:

  • Permanently granted to Managers and Designers
  • Permanently denied to Depositors
  • Optionally granted to Editors, Authors, and Readers

Personal folders and views created on a server are more secure and are available on multiple servers. Also, administrative agents can operate only on folders and views stored on a server. If this permission is not selected, users can still create personal folders and views that are stored on their local workstations. Clear this option to save disk space on a server.

Create shared folders/views

This privilege is:

  • Permanently granted to Managers and Designers
  • Permanently denied to Authors, Readers, and Depositors
  • Optionally granted to Editors

Deny this privilege to Editors to save disk space on a server and maintain tighter control over database design.

Create LotusScript®

This privilege is:

  • Permanently granted to Managers
  • Permanently denied to Depositors
  • Optionally granted to Designers, Editors, Authors, and Readers

Clear this option on server databases to prevent certain users from running restricted and unrestricted LotusScript agents that take up server disk space and processing time. Use the Agent Restrictions settings in the Security tab of the Server document in the Directory to prevent users from running restricted and unrestricted LotusScript agents on a server, even if the Create personal agents permission in a server database ACL is selected.

Read Public Documents

This privilege is:

  • Permanently granted to Managers, Designers, Editors, Authors, and Readers
  • Optionally granted to Depositors
Write Public Documents

This privilege is:

  • Permanently granted to Managers, Designers, and Editors
  • Optionally granted to Authors, Readers, and Depositors

Users without the Write Public Documents privilege are prompted for a password when accessing a database with public documents. After entering the user name and Internet password, the user is given the Default access level to the database.