The Perils of Using Default Access List

Thursday November 12, 2009

The Perils of Using Default Access List Posted by anair@alitek.com on 11/12/2009 01:22 PM	My rating: (1 rating )
The famous Default Access List that stays with every object in LES.Every now and then people get into all kinds of arguments on how to use a ACL effective for the organization.Recently as of today somebody had a 911 on it and my dear friend John Simon commented.I did and Jim Coursey wrote an exctensive good reply.I wanted to see if I had forgotten what I learned so I wrote this little document to help.Discussion Thread on thishttps://knowledge.opentext.com/knowledge/llisapi.dll/open/16960219Most experienced Livelink administrators understand ACL’s really well and are guided by Open Text or some other experienced persons in setting up a organizational security model .However when writing this we are in a severe economic downturn so most new people have no inkling on how livelink works,how security works and that sort.All they get is the standard OT training and I really don’t think they cover this at all.Most think of Scare Point as the ultimate and it is just a call to the SP admin who logs on clicks a link adds the AD group to the ACL and lo and behold you have a link where you can all communicate/ collaborate while the system is up and running.This is just written for upcoming people so that they understand what they can avoid.I got into this after a user started having qns on some stuff that RecMan poses and my good friend and mentor John Simon COP said something very straightforward.I added to the reply and Jim Coursey also contributed.The trouble is the default access list that Livelink provides out of the box is really geared for a system administrator who understands the livelink owner role.However in a roll out all these get really muddled and then you have a chaotic security model that nobody can ever comprehend. .I wrote an article to complement John’s KISS(Keep It Simple ,S*****)  method  it and hopefully somebody may find it useful.This has already been attempted at OT by another article but mine has some screen shots for the impatient 🙂 https://knowledge.opentext.com/knowledge/llisapi.dll?func=ll&objId=3498977&objAction=ArticleView Please do let me know if this article has factual errors.I would not want to mislead anyone.So post why you think this is problematic and why you would like to give Owner a lot of unwanted perms.
Attachments: Perils of using the high privs associated with Owner.docx (254 KB) Download
Hide Recent Comments Re The Perils of Using Default Access List – kenneth.huie@mantech.com  Wed Nov 18 11:04:09 2009 Appu,   This is a great write up!  I appreciate your document and the references you provided. You are so right, this is such a huge topic in that its impact is often not fully understood and the results of incorrect usage of the OWNER … Attachments: Access Control TIP.doc (23 KB) Download

Advertisement