#dominoforever | Product Ideas Portal

Welcome to the #dominoforever Product Ideas Forum! The place where you can submit product ideas and enhancement request. We encourage you to participate by voting on, commenting on, and creating new ideas. All new ideas will be evaluated by HCL Product Management & Engineering teams, and the next steps will be communicated. While not all submitted ideas will be executed upon, community feedback will play a key role in influencing which ideas are and when they will be implemented.

For more information and upcoming events around #dominoforever, please visit our Destination Domino Page

Directory Assistance : prevent unauthorized access to content of additional departmental addressbooks

DA should be enabled to only autodiscover names from directories attached where users have access to.


Szenario:

Imaging there are need to have a set of departmental address books where only members of a defined departmental group are allowed to read and use the stored contact information.

Here you set up ACL to prevent unauthorized access for users who do not have any business need.

This will work perfectly until you add these departmental address book to directory assistance on a Domino Server.

Once added - any user - who is creating a new message can type a name into the to field. DA will provide matching names including those found in a departmental only address book and you can view details of the names found.

This could be reported as an issue related to Data Privacy regulations.

I tried to set a reader field to the document for an additional address book in DA but this doesn't help. DA still provides names and worse details of persons found in other directories I don't have access.


DA should check access level of a user against an added directory at first before providing names, address information and details.

Optionally there should be a "permissions" option in DA for each attached directory :

DirType= public =>available to all users, or

DirType= private => only for defined names/groups

DirType= system => not available to any user but for system services (f.e. LDAP, SMTP)


  • Guest
  • Feb 11 2022
  • Under Consideration
  • Attach files
  • Guest commented
    18 Feb 07:14am

    Well, we modify the template of the secondary directory, and use Extended Directory Catalog for that. It partially makes the trick. We could discuss it. PM me (twitter @dperarnaud)