DIRECTORY SERVICES
Extended ACL guidelines
Plan an extended ACL on paper before you implement it. After you have planned the extended ACL on paper, test it in a non-production environment before deploying it. When planning an extended ACL use a sparse access control model that minimizes the number of extended ACL subjects you specify:
Use categories as targets -- / (root) or subcategories below / (root) -- rather than individual documents. To subcategorize documents below / (root), you may have to give some documents, for example Group documents, hierarchical names manually.
As a general rule use the default target scope "This container and all descendants" as the target scope to extend subjects' access to target subcategories.
Use names that represent groups of users -- Self, groups, wildcard subjects, -Default- -- as subjects rather than the names of individuals.
When you use a sparse access control model IBM® Lotus® Domino™ can check extended ACL access settings quickly and you can manage extended ACL access settings easily.
See also
Setting up and managing an extended ACL
Elements of an extended ACL
Extended ACL
Glossary
Feedback on
Help
or
Product Usability
?
Help on Help
All Help Contents
Glossary