SnTT: Changing ACL for Mail File Owner
Thursday 12th October, 2006Had to dig up something from the archives for this week. If you remember a while back there was an issue with Domino where after 21 days a rename would revert back to the original name. Here's a script I created to try and work around that issue because I noticed even though AdminP would revert the name in the ACL, AdminP did not revert the name for the Mail File Owner in the Profile Document.
Views To Assist In Diagnosis of Name Reverting After 21 Days in Notes
Frequently Asked Questions - Renaming Users with the Administration Process (AdminP)
Renamed users are reverted back to their old names after 21 days
Adminp Person Rename Reversions Are New in Domino 6.x
This Script runs locally against the Domino Server through all mail files in a specified folder, it pulls the Mail File Owner's name and then applies that to the ACL with a specified level of access. Since then, I have used this same Script with modifications to pull other information from the Calendar Profile document and write out reports to a text file.
This Script was based on a script by Terje Nygård who wrote the initial part of this code which can be found on the Lotus Sandbox
Sub Initialize
Dim session As New NotesSession
Dim dbdir As New NotesDbDirectory("")
Dim db As NotesDatabase
Dim dbacl As NotesACL
Dim dbaclentry As NotesACLEntry
Dim currentLog As New NotesLog( "Add Mail File Owner to ACL" )
'Set value to the variables mailcat, acl_add, acl_type and acl_level>
mailcat = Lcase(Inputbox("Which directory should this agent run in?"))
'=============If you want to specify a different User Type, you can using the Inputbox or hard code the variable
' acl_type = Inputbox("(0)Unspecified, (1)Person, (2)Server, (3)Mixed Group, (4)Person Group or (5)Server Group?")
acl_type = "1"
acl_level = Inputbox("(0)No Access, (1)Depositor (2)Reader, (3)Author, (4)Editor, (5)Designer or (6)Manager?")
If acl_level >= "3" Then
acl_delete = Ucase(Inputbox("Enable 'Delete Documents'? (Y/N)"))
End If
'=============NEXT LINE MUST BE SET TO NAME OF DOMINO SERVER
Set dbdir = session.GetDbDirectory("ServerName/HERE")
Set db = dbdir.GetFirstDatabase(DATABASE)
On Error Resume Next
'
currentLog.OverwriteFile = True
'=============SET TO LOCAL DIRECTORY FOR LOG FILE
Call currentLog.OpenFileLog( "c:\aclrunlog.txt" )
Call currentLog.LogAction("=============")
Call currentLog.LogAction("Running agent: Set Mail File Owner ACL Access")
'Prints out current database
While Not(db Is Nothing)
db.Open "",""
Set dbacl = db.ACL
Print "Current database: " + db.Title
'Logging
'=============Remark Out Line to reduce logging all dbs THAT EXIST on server to outfile
' Call currentLog.LogAction("DB On Server: " + db.Title)
'Check if the database is in the current specified mail catalog>
If Instr(Lcase(db.filepath), mailcat+"\") > 0 Then
'=============Remark Out Line to reduce logging all dbs FOUND in specified folder to outfile
Call currentLog.LogAction("Found DB: " + db.Title + ", in Specified Folder " + mailcat)
Print "Found database: " + db.FilePath
'Gets Mail File Owner Name from CalendarProfile and sets value to acl_add variable
Dim doc1 As NotesDocument
Dim mailfileowner As String
Set doc1 = db.GetProfileDocument("CalendarProfile")
mailfileowner = doc1.Owner(0)
acl_add = mailfileowner
'=============If you want to only update the ACL with the Mail File Owner if the Mail File Owner Name is missing from the ACL, unremark the line "Set dbaclentry = . . .", "IF dbacl is . . ." and "End IF" statments below
' Set dbaclentry = dbacl.Getentry(acl_add)
' If dbaclentry Is Nothing Then
'Create ACL entry based on specified input
Set dbaclentry=dbacl.Createaclentry(acl_add, acl_level)
Set dbaclentry=dbacl.GetEntry(acl_add)
dbaclentry.Usertype=acl_type
dbaclentry.Level=acl_level
Call dbacl.Save
'Set Delete Documents access or not
If acl_delete = "Y" Then
dbaclentry.CanDeleteDocuments = True
Else
dbaclentry.CanDeleteDocuments = False
End If
Call dbacl.Save
'Logs results
Call currentLog.LogAction("Updated ACL in: " + db.filepath)
Call currentLog.LogAction("with ACL Entry: " + acl_add + " - with ACL Type: " + acl_type + " - with ACL Level: " + acl_level + " - with Delete rights: " + acl_delete)
' End If 'End check if database ACL already contains Mail File Owner Name
'End check if database is in current specified directory
End If
Call currentLog.LogAction(" ")
'Next database
Set db = dbdir.GetNextDatabase
Wend
Call currentLog.LogAction("=============")
Call currentLog.LogAction(" Work Complete.")
Call currentLog.LogAction("=============")
Call currentLog.Close
End Sub
Views To Assist In Diagnosis of Name Reverting After 21 Days in Notes
Frequently Asked Questions - Renaming Users with the Administration Process (AdminP)
Renamed users are reverted back to their old names after 21 days
Adminp Person Rename Reversions Are New in Domino 6.x
This Script runs locally against the Domino Server through all mail files in a specified folder, it pulls the Mail File Owner's name and then applies that to the ACL with a specified level of access. Since then, I have used this same Script with modifications to pull other information from the Calendar Profile document and write out reports to a text file.
This Script was based on a script by Terje Nygård who wrote the initial part of this code which can be found on the Lotus Sandbox
Sub Initialize
Dim session As New NotesSession
Dim dbdir As New NotesDbDirectory("")
Dim db As NotesDatabase
Dim dbacl As NotesACL
Dim dbaclentry As NotesACLEntry
Dim currentLog As New NotesLog( "Add Mail File Owner to ACL" )
'Set value to the variables mailcat, acl_add, acl_type and acl_level>
mailcat = Lcase(Inputbox("Which directory should this agent run in?"))
'=============If you want to specify a different User Type, you can using the Inputbox or hard code the variable
' acl_type = Inputbox("(0)Unspecified, (1)Person, (2)Server, (3)Mixed Group, (4)Person Group or (5)Server Group?")
acl_type = "1"
acl_level = Inputbox("(0)No Access, (1)Depositor (2)Reader, (3)Author, (4)Editor, (5)Designer or (6)Manager?")
If acl_level >= "3" Then
acl_delete = Ucase(Inputbox("Enable 'Delete Documents'? (Y/N)"))
End If
'=============NEXT LINE MUST BE SET TO NAME OF DOMINO SERVER
Set dbdir = session.GetDbDirectory("ServerName/HERE")
Set db = dbdir.GetFirstDatabase(DATABASE)
On Error Resume Next
'
currentLog.OverwriteFile = True
'=============SET TO LOCAL DIRECTORY FOR LOG FILE
Call currentLog.OpenFileLog( "c:\aclrunlog.txt" )
Call currentLog.LogAction("=============")
Call currentLog.LogAction("Running agent: Set Mail File Owner ACL Access")
'Prints out current database
While Not(db Is Nothing)
db.Open "",""
Set dbacl = db.ACL
Print "Current database: " + db.Title
'Logging
'=============Remark Out Line to reduce logging all dbs THAT EXIST on server to outfile
' Call currentLog.LogAction("DB On Server: " + db.Title)
'Check if the database is in the current specified mail catalog>
If Instr(Lcase(db.filepath), mailcat+"\") > 0 Then
'=============Remark Out Line to reduce logging all dbs FOUND in specified folder to outfile
Call currentLog.LogAction("Found DB: " + db.Title + ", in Specified Folder " + mailcat)
Print "Found database: " + db.FilePath
'Gets Mail File Owner Name from CalendarProfile and sets value to acl_add variable
Dim doc1 As NotesDocument
Dim mailfileowner As String
Set doc1 = db.GetProfileDocument("CalendarProfile")
mailfileowner = doc1.Owner(0)
acl_add = mailfileowner
'=============If you want to only update the ACL with the Mail File Owner if the Mail File Owner Name is missing from the ACL, unremark the line "Set dbaclentry = . . .", "IF dbacl is . . ." and "End IF" statments below
' Set dbaclentry = dbacl.Getentry(acl_add)
' If dbaclentry Is Nothing Then
'Create ACL entry based on specified input
Set dbaclentry=dbacl.Createaclentry(acl_add, acl_level)
Set dbaclentry=dbacl.GetEntry(acl_add)
dbaclentry.Usertype=acl_type
dbaclentry.Level=acl_level
Call dbacl.Save
'Set Delete Documents access or not
If acl_delete = "Y" Then
dbaclentry.CanDeleteDocuments = True
Else
dbaclentry.CanDeleteDocuments = False
End If
Call dbacl.Save
'Logs results
Call currentLog.LogAction("Updated ACL in: " + db.filepath)
Call currentLog.LogAction("with ACL Entry: " + acl_add + " - with ACL Type: " + acl_type + " - with ACL Level: " + acl_level + " - with Delete rights: " + acl_delete)
' End If 'End check if database ACL already contains Mail File Owner Name
'End check if database is in current specified directory
End If
Call currentLog.LogAction(" ")
'Next database
Set db = dbdir.GetNextDatabase
Wend
Call currentLog.LogAction("=============")
Call currentLog.LogAction(" Work Complete.")
Call currentLog.LogAction("=============")
Call currentLog.Close
End Sub
[2]