This forum is closed to new posts and responses. Individual names altered for privacy purposes. The information contained in this website is provided for informational purposes only and should not be construed as a forum for customer support requests. Any customer support requests should be directed to the official HCL customer support channels below:

HCL Software Customer Support Portal for U.S. Federal Government clients
HCL Software Customer Support Portal


~Tip Fezrebergoopsi
Jul 15, 2015, 9:49 AM
3 Posts

Traveler and multiple address book - Big security issue ?

  • Category: Notes Traveler
  • Platform: Windows
  • Release: 9.0.1
  • Role: Administrator,End User
  • Tags: address book,directory assistance,security
  • Replies: 6

Hi All,

i have a big issue on Traveler with DA and multiple address book.

In few words, a user that does not have access to some customer address bok (linked via DA) is able to see these documents when looking for contacts with traveler.

I have updated to latest version of Traveler (9.0.1.6). But no way.. I have also inserted all the server as "No Access" in the specific database... no way !! The user via his mobile is able to lookup contact, in a database that does not have access !!

Any suggestion ? Any hints ??

Thanks in advance.

GianClaudio

~Vanessa Optoogenoden
Jul 15, 2015, 6:15 PM
22 Posts
RE: Traveler and multiple address book - Big security issue ?
GianClaudio,

Please open a PMR in order for IBM to collect logs to analyze your environment.  The Traveler server does call Domino API's to perform a lookup of contact information, therefore it is difficult to say why the entries would be returned to the mobile device without obtaining more details.

~Tip Fezrebergoopsi
Jul 16, 2015, 6:34 AM
3 Posts
RE: Traveler and multiple address book - Big security issue ?

Thanks for the reply .. but opening a PMR can require some time... and I need a solution... by yesterday :-(((

THere are some debug paramether that I can use to see/check this strange behaviour ?

Cheers.

GianClauio

~Fritz Ekfoobergflar
Jul 16, 2015, 12:36 PM
202 Posts
If you need a response by yesterday this is not the place
The quickest way to get a response is to either
1) Hire a consultant that knows what they are doing
2) Open a support issue with IBM

This forum is a free forum, with questions being answered by people if they have the time and inclination, it's not an official IBM support channel.
~Tip Fezrebergoopsi
Jul 16, 2015, 1:21 PM
3 Posts
RE: Traveler and multiple address book - Big security issue ?

@Carl: Thansk for the reminder... after 17 year of working with Domino, i have forgot...

@All: sorry for that

~Tate Renubergetsi
Aug 4, 2015, 7:31 PM
12 Posts
RE: Traveler and multiple address book - Big security issue ?

GianClaudio, 

You can use Extended ACL and notes.ini parameter NTS_LOOKUP_ENFORCE_ACL=1 to work this around. 

On the Target Field of xACL, Please select the Domain that you want users to be restricted to look up to. (It should be specified in the secondary directory). After that click the "Add" button on the Access List field on what groups and/or specific users are prohibited to access that domain. After that, set the Attributes field of your choice. I recommend that you "Deny" all of the attributes. 

Better yet open a PMR if you need a more detailed explanation with this. Hope it helps!


This forum is closed to new posts and responses. Individual names altered for privacy purposes. The information contained in this website is provided for informational purposes only and should not be construed as a forum for customer support requests. Any customer support requests should be directed to the official HCL customer support channels below:

HCL Software Customer Support Portal for U.S. Federal Government clients
HCL Software Customer Support Portal