Domino Server Security Setting

SNTT

Going through the Notes discussion forum yesterday, I came upon a discussion questioning why access is different between NRPC and HTTP clients. The question was why a user couldn’t access a server using a Notes client, but could using a browser. The responses thus far had pointed the user to the correct place to look - a deny access group that the user had been added to inadvertantly. I was surprised to see the responder say that NRPC and HTTP access is controlled differently, but not mention that it had been changed in a recent release. So here’s today’s post, consider it an early SNTT, show and tell Tuesday.

Somewhere around 6.5.4, Domino added the ability for the internet protocolsto adhere to the server access settings used by NRPC. This means that the HTTP task, POP3, IMAP, etc will restrict access to the server from anyone listed in the Deny Access groups you have created, if they are listed in the Deny Access field of the server document. This should be a default setting for any servers you have setup, the only time it might be different is if there is a reason to allow some users only client access and everyone else browser access.

On the Ports - Internet Ports tab, click on the tab for each protocol and set the Enforce Server Access Settings field to “Yes” to have that protocol use the Server Access fields to determine who can have access.

HTTP Access Setting

domino  SNTT 

See also