Welcome to Port3101.org : Your BES Connection Mark forums read | View Forum Leaders
Port3101.org : Your BES Connection

LinkBack Thread Tools Display Modes
KB01469 - Minimum Access Control List permissions for the BES (Domino)
  #1 (permalink)  
Old 08-30-2009, 12:03 PM
hdawg's Avatar
Join Date: Nov 2008
Posts: 2,257
Blog Entries: 147
Default KB01469 - Minimum Access Control List permissions for the BES (Domino)

KB01469 - Minimum Access Control List permissions for the BlackBerry Enterprise Server


  • BlackBerry® Enterprise Server versions 2.0 to 4.1
  • IBM® Lotus® Domino®


Every IBM Lotus Domino messaging and collaboration server database, including databases used by the BlackBerry Enterprise Server, has an Access Control List (ACL) that specifies the levels of access that users and servers have to a database. Database access levels and privileges are assigned to the ACL and control which tasks can be performed in the database.
For each user, group, or server listed in the ACL, select the basic access level and user type, and refine the access level by selecting various access privileges. A role created by the database or application developer can further refine the permissions.


The minimum ACL permissions for the BlackBerry Enterprise Server are as described in the following table.
Component Permission Levels
BlackBerry profiles database The BlackBerryAdmins group and the BlackBerry Enterprise Server (the IBM Lotus Domino messaging server that runs the BES add-in task) require Manager access, as well as the DeleteDocuments privilege and the [Admin] role to the profiles database (BlackBerryProfiles.nsf). The BlackBerry device users are granted Author access to the profiles database. These are default permissions.
BlackBerry device users' mail file The BlackBerry Enterprise Server requires Editoraccess, as well as the CreateDocuments and WritePublic privileges. For Read/Unread marks synchronization in BlackBerry Enterprise Server software version 4.0, the BlackBerry Enterprise Server must have Manager access to the mail files of BlackBerry device users. Manager access is required because the unread table is a private view in the user's mail file database. Editor or Designer access does not allow access to private views.
BlackBerry state database Manager access (including all optional privileges) is required by the Server ID that runs the BES add-in task. This is required for message redirection and for BlackBerry state database management. Manager access is the default setting.

Checking Permission Levels in the ACL
To check a database ACL for the permissions granted to the BlackBerry Enterprise Server, perform the following steps:
  1. In IBM® Lotus Notes®, open the database used by the BlackBerry Enterprise Server.
  2. Click File>Database>Access Control. The ACL appears.
  3. Select the BlackBerry Enterprise Server name. Or, if you have added the BlackBerry Enterprise Server to the LocalDomainServers group, select the LocalDomainServers group.
  4. Verify that the permissions described above are selected for the BlackBerry Enterprise Server. Check the Access drop-down list, the privileges check boxes (listed below theAccess drop-down list), and the Roles list box.

Additional Information

Refer to the IBM® Lotus® Domino® Administrator Help files for more information on Access Control Lists.
Reply With Quote
Sponsored Links


Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is On
Trackbacks are On
Pingbacks are On
Refbacks are On

Similar Threads
Thread Thread Starter Forum Replies Last Post
parental control jonmic Power Users 1 11-11-2010 01:59 PM
Application Control SVF Power Users 3 01-31-2010 10:02 PM
KB04784 - "Unable to get address book list" displayed in IBM Domino console hdawg Featured BlackBerry KB Articles 0 09-02-2009 10:08 PM
KB18427 - How to control Facebook for BlackBerry 1.6 organizer data access hdawg Featured BlackBerry KB Articles 0 07-02-2009 09:52 AM

All times are GMT -4. The time now is 03:24 PM.
Powered by vBulletin® Version 3.8.9
Copyright ©2000 - 2018, vBulletin Solutions, Inc.


SEO by vBSEO 3.3.2 PL2