Can I exclude the Notes admin from a group?

Is there a way to exclude the Notes administrator from a group and not allow the Notes administrator to add him/herself back into the group?
The term "Notes Admin" is a little unclear, because it is used in different ways at different organizations. So let me give you a couple different answers.
  • You certainly can create a group that can only be edited by certain people. You set the list of editors on the Administration tab within that group document. This only works, however, for people who have Author access to the Domino Directory. Anyone with higher access can bypass this restriction. So you can create a group, say Group1, that can only be edited by people within that group or any other group you choose.

  • In general, however, the "Notes Admin" account is given Manager access to the Domino Directory (names.nsf). This is sort of necessary, so that admin people can do what they need to run the system. Anyone with Manager access (or physical access to the server room) can do whatever they want to any groups.
You might think about what user roles you want here. Maybe you want to create a user named GroupEditor, for example. Give this account Author access to names.nsf and give it the ACL roles [GroupCreator] and [GroupModifier]. List [GroupModifer] as the Administrator in all the group documents. Then give true Manager access to a smaller set of people whom you really trust.

Dig Deeper on Lotus Notes Domino Access, Permissions and Authentication

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.




  • iSeries tutorials

    Search400.com's tutorials provide in-depth information on the iSeries. Our iSeries tutorials address areas you need to know about...

  • V6R1 upgrade planning checklist

    When upgrading to V6R1, make sure your software will be supported, your programs will function and the correct PTFs have been ...

  • Connecting multiple iSeries systems through DDM

    Working with databases over multiple iSeries systems can be simple when remotely connecting logical partitions with distributed ...