RNUG Lotus User Group (www.vlaad.lv)

NOT ACCESS SERVER DENY_GROUP does not prevent WEB users from accessing server (potential security hole if you rely on DENY group)

Vladislavs Tatarincevs  29 July 2008 11:58:25
According to IBM technote,
when you put some person in DENY ACCESS group, he still will be able to access their mail from WEB.

'Not Access Server' field is not preventing Web users from accessing server
http://www-1.ibm.com/support/docview.wss?uid=swg21182264

By default users will be denied to access server from Notes, but still will be able to access server by web browser.
If you want HTTP task to respect DENY group   should set ENFORCE Server Access Settings to YES.



Image:NOT ACCESS SERVER DENY_GROUP does not prevent WEB users from accessing server (potential security hole if you rely on DENY group)
Comments
No Comments Found

Discussion for this entry is now closed.

Archives