Domino on Linux/Unix, Troubleshooting, Best Practices, Tips and more ...

Syncing Confidential Contacts with Traveler & Co

Daniel Nashed  18 March 2013 08:55:41

In Notes 8.5 you can mark a contact as confidential to avoid that another person with access to your mailfile can see the contact.
Contact sync marks contacts in the mailfile as public documents so reader access to the calendar does already provide access to contacts...

The Confidential flag sets a reader names field "Readers" which avoids that someone with access to the mail-file can see those contacts.
This functionality adds hard coded also "LocalDomainServers" to the "Readers" field to allow replication among servers and also access by other servers like a Traveler server.

But in some cases your Traveler server is not on LocalDomainServers for security reasons. So the server will not see those contacts and cannot sync them.

So we have multiple implications here:

- Administrators need full access admin to see those contacts in case of troubleshooting
- If your servers are not in LocalDomainServers confidential contacts are not replicated
- Traveler Servers which are not in LocalDomainServers cannot sync confidential contacts

We ran into this a couple of times and IMHO we really would need a more granular way to manage access for contacts, calendar and mail in future.
This new functionality should have added at least an optional role to the Readers field.

-- Daniel


Comments

1Florian  16.08.2013 0:01:53  Syncing Confidential Contacts with Traveler & Co

Hi Daniel

Did you simply add a new value to the "Readers"-field in the "Contact" form like:

@If(@IsDocBeingSaved & Confidential = "1"; @Trim(@Unique(Owner : "LocalDomainServers" : "TRAVELER-SERVER/ACME" )); Confidential = "" ; ""; Readers)

Yes.. Roles makes more sense.. :-)

Do you already have an Enhancement Request this issue?

how do you refresh existing private contacts? compute after validation for the "Readers"-field and a server agent?

thanks


  • [IBM Lotus Domino]
  • [Domino on Linux]
  • [Nash!Com]
  • [Daniel Nashed]