Complete IBM Domino ACL management, over entire servers at once

Traditionally, managing this aspect of security has required lots of digging through and analysis of individual databases’ ACL entries.

But there is a better and more thorough way to deal with ACLs—a power-up for the modern IBM Domino administrator when it comes to the process of ACL management.

Server-wide ACL audits

Server-wide ACL audits

Get a quick and thorough analysis of your entire ACL structure.

ACL modifications of any size

ACL modifications of any size

Modify a few, or modify them all—even across databases.

Database-level ACL property management

Database-level ACL property management

Mass-manage database-level ACL properties (found in the the Advanced and Log tab of the native client's ACL controls).

Powerful role controls for multiple databases and users

Powerful role controls for multiple databases and users

Create, evaluate, and manage roles on any number of databases at once.

Server-Wide ACL Evaluation

Server-wide ACL audits

ACLs are a central player in a smooth running and secure IBM Notes and Domino environment. And yet, when you manage them through the Domino Administrator client, it usually ends up being one-by-one inspection/modification.

What if you could see and compare an entire server’s worth of ACLs all at once?

aclEZ eliminates your workflow limitations thanks to the ability to see all ACL entries from as many databases as you want, on any given server, all in one central interface—a better way to look at your ACLs.

This means you have access to an unmatched amount of ACL data so you can quickly solve current access problems and prevent future security problems. (Need to modify a large quantity of ACLs? Find out how.)

Analyze ACLs fast

Locate and analyze any given ACL entry by their name, type, access level, and more.

Drill down easily

See detailed ACL information quickly—sort, group, and filter your ACL entries by any combination of attributes.

Weed out bad ACL entries

Spot invalid entries instantly through an automatic background check that compares all ACL entries with Person, Group, and Server documents in the NAB(s) of your choice.

Assess mail owner and administration server ACLs

Identify all ACL entries belonging to Mail Owners and/or Administration Servers, and analyze their access levels.

Spot ACL inconsistencies

Compare ACLs across all mailbox and database instances to locate inconsistencies

Report your security situation 

Craft robust security reports in only a couple of clicks. Copy/paste your data or export to HTML, Excel, XML, or .csv.

See all ACLs across an entire server, all in one central grid interface.


aclEZ's main grid where the data is categorized by database path, database title, and access
Use #57

Get a global snapshot of access rights.

aclEZ's unique ability to scour ACL entries spanning an entire server (and then display them in a central workspace) offers you powerful analytic capabilities. Intuitive filters and grouping can bring some surprising facts to light in only a few steps.

Use #59

See the Default access level for all databases on a server.

When's the last time you've looked at all your Default access level ACL entries at once? aclEZ lets you have a complete overview of this across an entire server in only a couple of clicks.

aclEZ's main grid with multiple entries selected and the data categorized by name and access
aclEZ's main grid with data categorized by NAB presence and entry type showing unspecified entry types
Use #107

Find and understand outdated ACL entries in all the databases on your server.

Employees come and go, and that can leave you with some outdated (and problematic) ACL entries. See all of these entries instantly thanks to an automatic background check for presence in your Domino Directory.

Easy ACL Adjustments, No Matter the Scope

ACL modifications of any size

Modifying more than one ACL at a time in the Domino Administrator client normally requires a bit of a workaround.

aclEZ lets you modify any aspect of any number of ACLs—quickly and easily—across an entire server simultaneously.

But isn't that a bit dangerous? The flexible grid interface is a powerful tool that lets you sort, filter, and group your ACL data for a complete global overview of the current context of ACL information and any changes you make. This level of insight, coupled with aclEZ's two-step data saving process, allows you to work in confidence throughout your entire process.

Who doesn't want an improvement in both speed and accuracy when it comes to modifying ACLs? You don't have to dig very deep to find a multitude of scenarios that could benefit from the power and flexibility of aclEZ.

Create ACLs individually or en-masse

Create new ACL entries for as many databases as you want, on any given server, simultaneously

Copy/paste ACL entries

Copy a selection of ACL entries—sourced from as many databases as you want—to as many databases as you choose.

Change ACL properties on any scale

Modify ACL entry properties such as Access Level, Type, and more—across multiple databases at once.

Deprecate any number of ACLs at once

Remove ACL entries from as many databases as you want ­in just one easy step.

Search and replace ACL information

Rename multiple ACLs, or even perform a search and replace in ACL names across multiple databases—all in only a couple of clicks.

Modify ACLs faster, and with complete insight


aclEZ's main grid with entries selected, and the Attributes panel shown and readied to edit.
Use #7

Fix Default Web Access through Anonymous ACL Entries.

Do you have applications accessible through the web? Which ones, and how much access is provided? Difficult to figure out right? Not at all. aclEZ lets you find databases that have an Anonymous ACL entry (which defines default anonymous web access) in only a couple of steps. Just point and click to change it all.

Use #14

Create and deploy an entirely new administration group across all databases.

With aclEZ's mass-editing features, you have quick solutions to once-difficult situations. Need to create a new administration group and deploy it over multiple databases? Propagating a new ACL entry from your names.nsf file is a snap with aclEZ.

aclEZ's main grid with entries selected and ready to have a new ACL entry deployed to multiple databases
aclEZ's main grid with multiple entries selected and ready to be deleted
Use #33

Remove old, decommissioned servers from ACLs.

Either due to an incomplete process or human error, decommissioned servers usually remain as defunct entries in most database ACLs. This type of clutter makes it harder to oversee which servers can access what applications. Tidy up your ACLs once and for all.

Database-Level Overview of All ACL Properties

Database-level ACL property management

Normally, exploring the database-level, global ACL property content (found in the Advanced and Log tabs of the ACL management dialog) to assess or correct a situation takes a fair amount of time.

With aclEZ, you have a complete one-stop overview for database-level ACL properties such as administration server settings, the Mail Owner (if applicable), and more all in a dedicated flexYgrid-enabled interface.

Easily oversee the global (database-level) ACL properties of as many databases as you want to load from a given server. This means numerous troubleshooting paths are available for quickly uncovering issues.

Evaluate database-level properties across entire servers

See database-level property details (such as Maximum Internet name and password, and administration server) for multiple databases simultaneously, all through one dedicated interface.

Enable/disable ACL properties across multiple databases

See and modify the state of properties like 'Enforce ACL across all replicas' for any number of databases on a server in only a couple clicks.

Access multiple ACL logs simultaneously

Access the ACL logs for multiple databases at once—in one interface—through one single-click operation.

Verify mail owner information on a large scale

Display Mail Owner information for all mailboxes on a server, and identify mailboxes whose owners are no longer with the company.

Report your findings easily

Create detailed reports at any time through pre-formatted file exports, or by copying and pasting your data from the grid.

Get a handle on global ACL properties


aclEZ's Global ACL Properties panel with data categorized by administration server
Use #44

Uncover databases with incorrect administration servers.

Ensuring your databases’ Administration Server settings are set up correctly is a critical yet challenging step, a tedious audit proposition through the native Notes toolkit. But with aclEZ, you can arrange the situation for an entire server within a short session.

Use #112

Ensure global ACL consistency.

Not enforcing ACL consistency can result in incorrect replication and a complete lack of roles on any local replicas. but in the native client, you have to do this one database at a time. Fix inconsistencies quickly with aclEZ's extensive Global ACL Properties access.

aclEZ's Global ACL Properties panel with entries selected and data categorized by 'Enforce ACL across all replicas'
aclEZ's Global ACL Properties panel with mail owners categorized by NAB presence
Use #300

Identify orphan mailboxes.

Orphan mailboxes can arise from many situations, like users leaving your company or transferring to new positions. Whatever the reason , unused mailboxes create dead weight and clutter for your server. For storage concerns, it's important to clean out mailboxes that are no longer being used. aclEZ lets you quickly track down these problem mailboxes to resolve the issues fast.

Use #198

Capture a snapshot of all ACL histories.

Every time an ACL entry is modified—whether through the Domino Administrator, Notes client, or aclEZ—a trace is left in the ACL History. Traditionally, this history has only been accessible on a per-database basis, through in the ACL dialog box. aclEZ lets you handle multiple ACL histories in only a few clicks.

l
Server-Wide Role Management

Powerful role controls for multiple databases and users

Role creation and management in IBM Domino has always been an intricate, time-consuming process as the native solutions lack a way to view the existing role information for more than one database and user at a time.

aclEZ also lets you mass-manage role creation and maintenance by giving you central access to view the roles applied on any amount of databases simultaneously, across your entire server.

Move beyond the traditional ways of creating, editing, and deploying roles with aclEZ's powerful server-wide features.

Audit all roles on a server

Find and assess where any given role is used across an entire server.

See all user roles at once

Identify all the roles assigned to a specific user.

Mass-manage roles easily

Create, edit, or delete roles for any number of databases and users simultaneously.

Turn roles on/off directly

Enable/disable roles en-masse on as many databases and users as you choose

Report your role structure

Craft complete reports of your role structure in only a few clicks.

Work with roles in a better way


aclEZ's Roles panel where all selected roles are being enabled for all available entries
Use #22

Ensure an administration group has all applicable roles assigned.

Roles are an important part of application development, yet once an application is created they are hard to oversee. If you need to make sure all applicable roles are assigned to your administration group, aclEZ has got you covered!

Use #347

Deploying and assigning a new administration role across all business critical applications.

Have you ever needed to create and assign the same role across a set of databases? Depending on the number of databases you need to work on, this ranges from a cumbersome process at best, to nearly impossible at worst. Through its clear flexYgrid layout and mass-editing capabilities, aclEZ makes all of this easy:

aclES's Roles panel where a role is being created
aclEZ's main grid with data categorized by NAB presence and entry type showing unspecified entry types
Use #15

Find and understand outdated ACL entries in all the databases on your server.

Employees come and go, and that can leave you with some outdated (and problematic) ACL entries. See all of these entries instantly thanks to an automatic background check for presence in your Domino Directory.

Share |