I would like to secure as much as possible the NAB of my company domain, especially in checking "enforce consistant ACL". Could you tell me what are the good and the bad aspects of this feature ?
Good question. This feature is so commonly misunderstood that I hope to write a column about it sometime. Until then, below is the section of the Domino R5 Admin Help that pertains to the feature. You can see this (and more information) by going to the Admin Help file and selecting Contents / Security / The database access control list / Setting up a database ACL. Then scroll down until you see the link for Enforce Consistent.
Note the important point that this feature does not disable the ability of users to modify the ACL of a local copy of a database. A local user can still change an ACL and see parts of the database that you don't want them to. The feature does disallow such a local replica from replicating back to the server. In essence, Domino says "If you have modified the ACL of a local copy of the database, I don't trust that copy anymore."
So, to answer your question... This feature is a good security option and it definitely helps with overall Domino/Notes security. The drawback is that people often misunderstand the feature and think that it does more than it really does. It does NOT provide local security if a user can get a local copy of a database.
Enforcing a consistent access control list
You can ensure that an ACL remains identical on all database replicas on servers, as well as on all local replicas that users make on workstations or laptops.
Select the "Enforce a consistent Access Control List" setting on a replica whose server has Manager access to other replicas to keep the access control list the same across all server replicas of a database. If you select a replica whose server does not have Manager access to other replicas, replication will fail because the server has inadequate access to replicate the access control list.
Enforcing a consistent access control list does not provide additional security for local replicas. To keep data in local replicas secure, encrypt the database.
Note: If a user changes a local or remote server database replica's ACL when the enforce a consistent access control list option is selected, the database stops replicating. The log file records a message indicating that replication could not proceed because the program could not maintain a uniform access control list on replicas.
This was first published in January 2002