Welcome to the #dominoforever Product Ideas Forum! The place where you can submit product ideas and enhancement request. We encourage you to participate by voting on, commenting on, and creating new ideas. All new ideas will be evaluated by HCL Product Management & Engineering teams, and the next steps will be communicated. While not all submitted ideas will be executed upon, community feedback will play a key role in influencing which ideas are and when they will be implemented.
For more information and upcoming events around #dominoforever, please visit our Destination Domino Page
LDAP is not flushing old entries in its database and also auto populates mail address for Domino Groups
A Domino Group initially added an internet address, then it was removed from the document and now when doing ldapsearch, we noticed that address is still being populated in the mail= field. Another scenario was on a newly created test group where they only populated the group name and group type (e.g. testgroup) then when they do an ldapsearch on that group, they noticed that mail= shows an internet address (e.g. email@example.com).
I would like to forward this as a SECURITY and at least enhancement request. All organizations have a spam filter and uses LDAP as a means to register valid email that are allowed to have access to the outside ( in and out) .
In the group document. the email it is meant to have a intergroup and/or external/internal access.
THEREFOR the admin will get a false sense of security that these groups are not exposed to the internet since the email field is BLANK yet in LDAP, the email is automatically create.
So if you create and ALL STAFF group, span could be sent to this address and therefore to everyone.
THIS IS INSECURE and deceptive since it is not present or filled in the group document.
This also causes the use a user license since the work around is to create a user then include that user in a group.