Daniel Nashed 18 March 2013 08:55:41
In Notes 8.5 you can mark a contact as confidential to avoid that another person with access to your mailfile can see the contact.
Contact sync marks contacts in the mailfile as public documents so reader access to the calendar does already provide access to contacts...
The Confidential flag sets a reader names field "Readers" which avoids that someone with access to the mail-file can see those contacts.
This functionality adds hard coded also "LocalDomainServers" to the "Readers" field to allow replication among servers and also access by other servers like a Traveler server.
But in some cases your Traveler server is not on LocalDomainServers for security reasons. So the server will not see those contacts and cannot sync them.
So we have multiple implications here:
- Administrators need full access admin to see those contacts in case of troubleshooting
- If your servers are not in LocalDomainServers confidential contacts are not replicated
- Traveler Servers which are not in LocalDomainServers cannot sync confidential contacts
We ran into this a couple of times and IMHO we really would need a more granular way to manage access for contacts, calendar and mail in future.
This new functionality should have added at least an optional role to the Readers field.
- Comments