Notes/Domino 6 and 7 Forum : RE: Violation at ACL

Hi,

Can you give a little more detail. Was the person listed by name or group affiliation? If the delete documents ACL setting is off AND they were listed by name here are some things to consider....

Is there an agent that could have done this? Perhaps the user ran across it and ran it?

Is there more than one server involved? If so it is possible that somehow the ACL on one of them was changed. Keep in mind that during replication it is the servers themselves making changes ( like sending a deletion stub ) and odds are that good ol' LocalDomainServers has Manager Access with Delete Document rights to the database.

So User A deletes document off of DB on Server A

User A has NO ACCESS to DB on Server B but when replication happens the document is deleted from Server B. Why? Because Server A is listed with the appropriate rights to Server B's replica.

This is generally a good thing.... It allows for distributed data that can be controlled by site. You just need to be careful.

I think I wandered off topic here, but I'll end the way I started.... Could you give some more detail?

Ron

Notes/Domino 6 and 7 Forum

Document Options

Search this forum

Forum views and search

Member Tools

RSS Feeds