Novell Home

Using Manager Groups in Notes

Novell Cool Solutions: Feature
By Perry Nuffer

Digg This - Slashdot This

Posted: 17 Jan 2007
 

Problem

A Forum reader recently asked:

"One of our customers is attempting to use a group for the mail-acl-manager-name name and is wondering what the correct format should be. We have tried cn=$groupname, but that is not working. Also, the trace shows this on the add - "Notes: createMailFile - Mail ACL Manager Group: null". Is Mail ACL Manager Group an option we can use? I can't seem to find it anywhere in the docs."

And here's the response from Novell's Perry Nuffer ...

Solution

I believe there is an undocumented custom parameter included in the IDM3 version of the NotesDriverShim named mail-acl-manager-group. The ACL entry type created is MIXED_GROUP, to easily allow for support of groups that contain a variety of Notes object types.

Another lesser known feature that was added in the IDM3 NotesDriverShim, is the ability to specify multiple entries for the mail-acl-manager-name, mail-acl-manager-id, and mail-acl-manager-group tags, with the value entries separated by semi-colons. So the XML attribute may look like
mail-acl-manager-name="CN=Moe Manager/OU=west/O=acme;CN=Larry Manager/OU=east/O=acme;CN=Curly Manager/OU=south/O=acme"
and
mail-acl-manager-group="LocalDomainAdmins;EastManagers;WestManagers"

If you're using IDM3, try inserting the following GCV into your configuration:

<definition display-name="Add User E-Mail: Mail ACL Manager Group"
item-separator=";" name="account.email.aclmanagergrp" type="list">
  <description>Enter the desired Notes E-Mail Database Manager Group Name.
Leave blank to not attach extra group manager ACLEntries to the mailfile
database. If ACL access of the mail database is less than MANAGER, then an
e-mail manager needs to be set using this setting or the 'Mail ACL Manager
Person' setting. More than one name can be specified when separated by a
semicolon (i.e. LocalDomainAdmins;mailAdminGroup)</description>
  <value>
    <item>LocalDomainAdmins</item>
    <item>MailAdmins</item>
  </value>
</definition>

And then use the following rule somewhere within the subscriber creation policy set or subscriber command transformation policy set:

<rule>
  <description>    Add User E-Mail: ACL Manager Group</description>
    <conditions>
      <and>
        <if-global-variable name="account.email.aclmanagergrp"
op="available"/>
        <if-global-variable name="account.email.aclmanagergrp"
op="not-equal"/>
      </and>
    </conditions>
    <actions>
      <do-set-xml-attr expression="../add[@class-name='User']"
name="mail-acl-manager-group">
        <arg-string>
          <token-global-variable name="account.email.aclmanagergrp"/>
        </arg-string>
      </do-set-xml-attr>
    </actions>
</rule>


Novell Cool Solutions (corporate web communities) are produced by WebWise Solutions. www.webwiseone.com

© 2014 Novell