Manage Learn to apply best practices and optimize your operations.

Retrieving all by role name

How to retrieve all users by their role names.

View expert and member feedback to this tip.

This code will present a dialog listing of all roles specified for the database. Choose one of the listed roles to generate the next dialog, which lists all users associated with that role. You can take it from there...just a quick example of role retrieval via LotusScript.
Sub Click(Source As Button)
 Dim workspace As New NotesUIWorkspace
 Dim session As New NotesSession
 Dim db As NotesDatabase
 Dim nacl As NotesACL
 Dim nacle As NotesACLEntry
 Dim naclEnter As NotesACLEntry
 Dim initialRecipients() As String
 Dim availableRoles() As String
 Dim pickUser As String
 Dim pickRole As String 
 Dim people As Integer
 Dim numRoles As Integer
 numRoles = 0
 people = 0
 Set db = session.CurrentDatabase
 Set nacl = db.ACL
 Set nacle = nacl.GetFirstEntry 
 Forall r In nacl.Roles
  Redim Preserve availableRoles(numRoles + 1)
  availableRoles(numRoles) = Cstr(r)
  numRoles = numRoles + 1
 End Forall
 If numRoles <> 0 Then
  pickRole = workspace.Prompt
"Please select role to examine.", 
availableRoles(0), availableRoles)
  Msgbox "No roles defined for this database", 
0 + 16, "Error"
  Exit Sub
 End If
 If pickRole = "" Then
  Msgbox "Exiting at your request", 0 + 16, "Done"
  Exit Sub
 End If
 Do While Not (nacle Is Nothing)
  Set naclEnter = nacl.GetEntry( nacle.Name )
  intFlag = naclEnter.IsRoleEnabled(pickRole)
  If intFlag Then
   this = Strright(nacle.Name, "CN=")
   this1 = Strleft(this,"/O=")
   Redim Preserve initialRecipients(people + 1)
   initialRecipients(people) = this1
   people = people + 1
  End If
  Set nacle = nacl.GetNextEntry(nacle)
'now send mail, or perhaps create a list:
 pickUser = workspace.Prompt
(PROMPT_OKCANCELLIST, "Those with the " &
 pickRole & " role", "This is a list of those with the " 
&  pickRole & " role.",  
initialRecipients(0), initialRecipients) If pickUser = "" Then Msgbox "Exiting at your request", 0 + 16, "Done" Exit Sub End If Msgbox pickUser End Sub


  • This tip may not consider situations where there are no roles in the database (at least, under ND6). This case displays a blank dialog.

  • The code here assumes that all ACL entries are of the form CN=Name/O=Org, which doesn't work for groups, usernames with an OU= component or entries of the form "*/Org". One should use NotesName class to get the common name.

  • I disagree with the idea of displaying just the common name even if it were done correctly because there might be other users with the same common name. Instances like this are what those extra username components are for.


  • This code does not handle ACL entries that are not hierarchical (e.g., groupnames).

    ' z this1 = Strleft(this,"/O=")
    this1 = Strleft(this,"/")

    Do you have comments of your own? Let us know.

  • Dig Deeper on LotusScript



    • Favorite iSeries cheat sheets

      Here you'll find a collection of valuable cheat sheets gathered from across the iSeries/ community. These cheat ...

    • HTML cheat sheet

      This is a really cool cheat sheet if you're looking to learn more about HTML. You'll find just about everything you every wanted ...

    • Carol Woodbury: Security

      Carol Woodbury