I hear what you are saying and here are our safety measures.

We use a generic Admin ID and manage ECLs with policies which means it
should not be an issue.  Users only have Editor access therefore, they
can't remove us from the ACL.

As for OOO and other agents, you have this issue whether you sign it with
server ID or an Admin ID.  We have a application which will report which
agents are enabled and verify no agents are going to run (esp OOO) before
signing.  If any are, disable them.

Right now, the painful piece is going to every server, pick the db(s) and
issue a sign.  We will be signing 1100 files very soon do to an OU change.

Regards,
Eric


--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------

This is a PRIVATE message. If you are not the intended recipient, please
delete without copying and kindly advise us by e-mail of the mistake in
delivery. NOTE: Regardless of content, this e-mail shall not operate to
bind CSC to any order or other contract unless pursuant to explicit written
agreement or government initiative expressly permitting the use of e-mail
for such purpose.
--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------




                                                                           
             Arjen ter Horst                                               
             <a.terhorst@saxio                                             
             n.nl>                                                      To 
             Sent by:                  Lotus Domino on the iSeries / AS400 
             domino400-bounces         <domino400@xxxxxxxxxxxx>            
             +ewaters2=csc.com                                          cc 
             @midrange.com                                                 
                                                                   Subject 
                                       Re: Signing Mail Files With An      
             07/08/2005 08:47          Admin ID                            
             AM                                                            
                                                                           
                                                                           
             Please respond to                                             
              Lotus Domino on                                              
               the iSeries /                                               
                   AS400                                                   
             <domino400@midran                                             
                  ge.com>                                                  
                                                                           
                                                                           




I wouldn't advice to sign with an admin id, but use the current server id
instead.
The current server is always trusted, whereas for the administrator
sometimes an ACL or ECL can be wrongly set.

Also your enabled out-of-office agents would run under the admin id, as
will other agents.

Arjen ter Horst

Lotus Domino administrator
InformatiseringsCentrum Saxion Hogescholen






This thread ...

Replies:

Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2019 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].