Home > Domino Tips > Administrator > ACL > How to remove "Enforce uniform/consistent access" flag even without access to the database!
Domino Tips:
EMAIL THIS
 TIPS & NEWSLETTERS TOPICS 

ACL

How to remove "Enforce uniform/consistent access" flag even without access to the database!


Pierre Jandot
10.07.2002
Rating: -3.92- (out of 5) Hall of fame tip of the month winner


Digg This!    StumbleUpon Toolbar StumbleUpon    Bookmark with Delicious Del.icio.us   


If you have ever faced the problem of a lost database due to an erroneous ACL and "Enforce a consistent ACL across all replicas" was set...

You may still recover this database by running this script locally on the affected machine.

Actually, althought direct access and LotusScript access are denied, programs written with Notes API, can access and change this flag.

Below is the code (hope will help... it should!).

You can create an EXE file to convert this into a tool (I did but I can't submit it here)...



Code

*---------------------------------------------------
'* RemoveUnifAccess. Last updated by: Pierre JANDOT [PJandot@lyon.micropole-univers.com] 06/10/2002
'*
'* Removes the "Uniform access" ACL flag, even from
'* a database you can't access...
'*---------------------------------------------------
Option Public
Option Declare

'*------------------------------------------------------------
'* API declaration
'*------------------------------------------------------------

'*-- nNotes DLL: Open database
Declare Private Function NSFDbOpen Lib "nNotes" Alias "NSFDbOpen" (_
Byval dbname As Lmbcs String,_
dbhandle As Long )_
As Integer

'*-- nNotes DLL: Read a database's ACL
Declare Private Function NSFDbReadACL Lib "nNotes" Alias "NSFDbReadACL" (_
Byval dbhandle As Long,_
rethACL As Long )_
As Integer

'*-- nNotes DLL: Get ACL general flags
Declare Private Function ACLGetFlags Lib "nNotes" Alias "ACLGetFlags" (_
Byval hACL As Long,_
Flags As Long )_
As Integer

'*-- nNotes DLL: Set ACL general flags
Const ACL_UNIFORM_ACCESS = &h00000001
Declare Private Function ACLSetFlags Lib "nNotes" Alias "ACLSetFlags" (_
Byval hACL As Long,_
Byval Flags As Long )_
As Integer

'*-- nNotes DLL: Write a database's ACL
Declare Private Function NSFDbStoreACL Lib "nNotes" Alias "NSFDbStoreACL" (_
Byval dbhandle As Long,_
Byval hACL As Long,_
Byval objid As Long,_
Byval meth As Integer ) _
As Integer 

'*-- nNotes DLL: Free memory
Declare Private Function OSMemFree Lib "nNotes" Alias "OSMemFree" (_
Byval hmem As Long )_
As Integer

'*-- nNotes DLL: Close database
Declare Private Function NSFDbClose Lib "nNotes" Alias "NSFDbClose" (_
Byval dbhandle As Long )_
As Integer

'*-- nLib DLL: String function
Const ERR_MASK = &h3FFF
Declare Private Function OSLoadString Lib "NLib.DLL" (_
Byval hmod As Long,_
Byval coderr As Integer,_
Byval liberr As String, _
Byval lgbuf As Integer ) As Integer

Sub Initialize

On Error Goto AbnormalTerm

'*-- Designate (local) database to open
Dim bastoproc As String
bastoproc$ = Inputbox$ ( "Local database to process:",_
"Remove uniform access", "" )
If bastoproc$ = "" Then Exit Sub

'*-- Open database
Dim errmsg As String
Dim hdb As Long
If OpenDB% ( "", bastoproc$, hdb&, errmsg$ ) = False Then _
Goto AbnormalTerm

'*-- Get ACL
Dim retcod As Integer
Dim hACL As Long
retcod% = NSFDbReadACL ( hdb&, hACL& )
If (retcod% <> 0) Then Goto AbnormalTerm

'*-- Get ACL flags
Dim flags As Long
retcod% = ACLGetFlags ( hACL&, flags& )
If (retcod% <> 0) Then Goto AbnormalTerm

'*-- Remove "Uniform access" flag
flags& = flags& And (Not ACL_UNIFORM_ACCESS)
retcod% = ACLSetFlags ( hACL&, flags& )
If (retcod% <> 0) Then Goto AbnormalTerm

'*-- Write back ACL
retcod% = NSFDbStoreACL ( hdb&, hACL&, 0&, 0 )
If (retcod% <> 0) Then Goto AbnormalTerm

'*-- Free ACL object memory
retcod% = OSMemFree ( hACL& )
If (retcod% <> 0) Then Goto AbnormalTerm

'*-- Close database
If CloseDB% ( hdb&, errmsg$ ) = False Then Goto AbnormalTerm

Exit Sub

AbnormalTerm :
If errmsg$ = "" Then
If (retcod% <> 0) Then
errmsg$ = "ERR: " & GetErrLib$ ( retcod% )
Else
errmsg$ = "ERR: " & Error$ & " (l=" & Erl & ")"
End If
End If
Msgbox errmsg$
If hdb& <> 0 Then Call CloseDB% ( hdb&, errmsg$ )
Exit Sub

End Sub

'*========================================
'* Call : OpenDB, CloseDB
'* Get text associated with an error code
'*----------------------------------------
Function GetErrLib (_
errcod As Integer ) _ ' Error code
As String ' Returned error text
'*========================================

'*-- Get error text
Dim retlen As Integer
Dim errlib As String
errlib$ = String ( 256, 0 )
retlen% = OSLoadString ( 0, (errcod% And ERR_MASK), errlib$, 255 )

GetErrLib$ = "0x" & Hex$ ( errcod% ) & "= '" &_
Mid$ ( errlib$, 1, retlen% ) & "'"

End Function '* GetErrLib

'*=============================================
'* Call : Initialize
'* Opens a database
'*---------------------------------------------
Function OpenDB (_
serv As String,_ ' Server name
chem As String, _ ' File access to database
hdb As Long,_ ' Returned handle
msgerr As String ) _ ' Possible error
As Integer ' True iif OK
'*=============================================

OpenDB% = False

'*-- Construct access
Dim netpath As String
If Len (serv$) > 0 Then
netpath$ = serv$ & "!!" & chem$
Else
netpath$ = chem$
End If

'*-- Open
Dim retcod As Integer
retcod% = NSFDbOpen ( netpath$, hdb )
If (retcod% <> 0) Then
msgerr$ = "ERR: " & GetErrLib$ ( retcod% )
Exit Function
End If

OpenDB% = True

End Function '* OpenDB

'*=================================================
'* Call : Initialize
'* Closes a database
'*-------------------------------------------------
Function CloseDB (_
hdb As Long,_ ' Handle of database to close
msgerr As String ) _ ' Possible error
As Integer ' True iif OK
'*=================================================

CloseDB% = False

'*-- Fermer
Dim retcod As Integer
retcod% = NSFDbClose ( hdb& )
If (retcod% <> 0) Then
msgerr$ = "ERR: " & GetErrLib$ ( retcod% )
Exit Function
End If

CloseDB% = True

End Function '* CloseDB

Rate this Tip
To rate tips, you must be a member of SearchDomino.com.
Register now to start rating these tips. Log in if you are already a member.


Submit a Tip




Digg This!    StumbleUpon Toolbar StumbleUpon    Bookmark with Delicious Del.icio.us   


RELATED CONTENT
ACL
Update the ACL from the Roles view with LotusScript
Controlling access to the Domino Directory with Extended ACL
Security expert offers Notes/Domino downloads
Seven tips to strengthen your Domino e-mail security
Meet the Extended ACL
Managing groups entries in ACL
Retrieve documents from Notes database, which are locked by Readers field
Bulk ACL fixer
Changing an ACL on a non-NT platform
Anonymous access doesn't always work

RELATED RESOURCES
2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems
Search Bitpipe.com for the latest white papers and business webcasts
Whatis.com, the online computer dictionary

DISCLAIMER: Our Tips Exchange is a forum for you to share technical advice and expertise with your peers and to learn from other enterprise IT professionals. TechTarget provides the infrastructure to facilitate this sharing of information. However, we cannot guarantee the accuracy or validity of the material submitted. You agree that your use of the Ask The Expert services and your reliance on any questions, answers, information or other materials received through this Web site is at your own risk.

HomeNewsTopicsITKnowledge ExchangeTipsAsk the ExpertsMultimediaWhite PapersDomino IT Downloads
About Us  |  Contact Us  |  For Advertisers  |  For Business Partners  |  Site Index  |  RSS
SEARCH 
TechTarget provides enterprise IT professionals with the information they need to perform their jobs - from developing strategy, to making cost-effective IT purchase decisions and managing their organizations' IT projects - with its network of technology-specific Web sites, events and magazines.

TechTarget Corporate Web Site  |  Media Kits  |  Reprints  |  Site Map




All Rights Reserved, Copyright 1999 - 2008, TechTarget | Read our Privacy Policy 		  TechTarget - The IT Media ROI Experts