Keeping Expired Users Out of Lotus Notes
Novell Cool Solutions: Tip
By Perry Nuffer
Digg This -
Posted: 29 Mar 2006
The default action of the Notes driver is that when we disable/inactivate users in eDirectory, the corresponding action in Lotus Notes adds the user to an explicit "deny access" group. However, when we try to logon as the "disabled" user into Lotus Notes, the logon is successful. The user can even access his/her Inbox. How can we fix this so the expired user, when logged in to Lotus Notes, will not longer have access to the Lotus Notes System?
This sounds like a Domino server configuration issue. To resolve this problem,
1. Check the Not Access Server: field of the Current Server Document.
2. Using Domino Administrator, click the Configuration Tab.
3. Highlight Server > Current Server Document.
4. Click the Security view tab of the Current Server Document.
5. Scroll down to the Server Access section and validate the your deny access group is contained within the 'Not access server:' field.
6. If the group name being used to deny access is not present, edit this "Not access server" field and insert the group name.
This should disallow access for members of this group that use the Notes Client.
If you also want to disallow access for these members via the web,
1. Using Domino Administrator click the Configuration Tab.
2. Highlight Server > Current Server Document.
3. Click the Ports view tab of the Current Server Document.
4. Click the sub-tab Internet Ports and its sub-tab of Web.
5. Set the 'Enforce server access settings:' field to 'Yes'.
6. Save any changes you made and restart the Domino server.
Novell Cool Solutions (corporate web communities) are produced by WebWise Solutions. www.webwiseone.com