APPLICATION MANAGEMENT


Access levels in the ACL
Access levels assigned to users in a database ACL control which tasks users can perform in the database. Access level privileges enhance or restrict the access level assigned to each name in the ACL. For each user, group, or server listed in the ACL, you select the basic access level and user type. To further refine the access, you select a series of access privileges.

Note If you are designing a template (an .NTF file) for others to use to create applications, make sure the default access is at least Reader so that users and/or servers can successfully read from the template when creating or refreshing .NSF files based on that template.

Access levels assigned to servers in a database ACL control what information within a database the servers can replicate.

To access a database on a particular server, a IBMR LotusR NotesR user must have both the appropriate database access specified in the ACL as well as the appropriate access specified in the Server document in the IBMR LotusR Domino(TM) Directory.

For more information on server access levels, see Administering the Domino System.

For more information on database access for Internet users, see Maximum Internet name-and-password access.

Caution Administrators who are listed in the Full Access Administrators, Administrators, and Database Administrators fields in the Server document are allowed to delete any database on the server, even if they are not listed as managers in the database ACL.

This table shows the user access levels, listed from highest to lowest.
Access levelAllows users to Assign to
ManagerModify the database ACL.

Encrypt the database.

Modify replication settings.

Delete the database.

Perform all tasks allowed by lower access levels.

Two people who are responsible for the database.
DesignerModify all database design elements.

Create a full-text search index.

Perform all tasks allowed by lower access levels.

A database designer and/or the person responsible for design updates.
EditorCreate documents.

Edit all documents, including those created by others.

Read all documents unless there is a Readers field in the form. If there is a Readers field, the Editor must be listed to be able to read or edit the document.

Any user allowed to create and edit documents in a database.
AuthorCreate documents if the user or server also has the Create documents access level privilege. When you assign Author access to a user or server, you must also specify the Create documents access level privilege.

Edit the documents where there is an Authors field in the document and the user is specified in the Authors field.

Read all documents unless there is a Readers field in the form. If there is a Readers field, the Author must be listed to be able to read documents.

Users who contribute documents to a database.
ReaderRead documents where there is a Readers field in the form and the user name is specified in the field.Users who only need to read documents in a database but not create or edit documents.
DepositorCreate documents.Users who contribute documents but who do not need to read or edit their own or other users' documents. For example, use Depositor access for a ballot box application.
No AccessHave no access, with the exception of options to "Read public documents" and "Write public documents." These are privileges that designers may choose to grant.Terminated users, users who do not need access to the database, or users who have access on a special basis.

Note You may want to specifically assign No Access to individuals who should not have access to a database, but who may be members of a group that does.


To view ACL entries by access level

You can view ACL entries by access level to see which users, server, or groups are assigned to a specific access level.

1. Make sure that you have Manager access in the database ACL.

2. Select the database icon from your Bookmarks pane.

3. Choose File - Database - Access Control.

4. Click the arrow next to "People, Servers, Groups" and select an access level. The ACL displays only those names with the selected access level.

5. Click OK.

See Also