SECURING
When you set up the first server in a domain, HCL Domino® creates a default administration ECL, which you can then customize to create other named administration ECLs.
An administration ECL functions as a template for workstation ECLs. Whenever a new HCL Notes® client is installed, the setup program copies either the default administration ECL or, if the administrator has created other admin ECLs, a named administration ECL, from the Domino Directory to Contacts on the Notes client workstation. The user's Notes ID is added to the workstation ECL, with all access allowed. For example, when John Doe's Notes client is being set up, John Doe is automatically added to the client ECL signer list.
If the home server is unavailable when a Notes client is installed -- for example, when a user is disconnected -- the workstation ECL is created with default settings, rather than being created from an administration ECL.
Note: Technically, when a server is initially installed, there is no default Admin ECL. When a client attempts to edit the workstation ECL, or refresh it from an admin ECL that does not exist, the client creates an ECL with default settings that are coded into the client. The Admin ECL exists on disk, once an administrator modifies and saves it. Once the modified administration ECL is saved to disk, then that is the default ECL that is copied to user workstations.
You use administration ECLs to define and deploy customized ECLs for your users. For example, you may create one administration ECL to define workstation ECL settings for contractors in your organization, and a different administration ECL to define workstation ECL settings for full-time workers. You can control ECL changes or allow users to modify their own ECLs. Furthermore, you can update your users' workstation ECLs as security requirements change -- automatically, through the use of a security settings document deployed through a policy, or manually, by asking users to refresh their workstation ECLs.
To create customized ECLs that can be deployed for specific groups of users, you must use a security settings document that is deployed through a server policy.
Guidelines for creating effective administration ECLs
Your goal as an administrator is to limit the number of trusted signers for active content, and the access that active content has to user workstations. To accomplish this goal, limit the number of trustworthy signers in your organization and ensure that workstation ECLs trust only those signers.
Use these guidelines to create secure ECLs:
Default ECL settings When you first edit the ECL, it includes the following signatures and access options. By default, the ECL does not allow access to protected operations for active content that is unsigned, or for active content that is signed by a signer who is not listed in the ECL.
Creating administration ECLs Before you register users, edit the administration ECL to create a template for user workstation ECLs. Creating and deploying an administration ECL provides a good starting point for managing and maintaining secure workstation ECLs.
Editing administration ECLs You can configure the default admin ECL in the Domino Directory. This edits the default admin ECL used to create workstation ECLs. You may want to maintain multiple admin ECLs to apply to different groups of users.
Collecting information for a new administration ECL Before you can create an Admin ECL to distribute, identify the individual people and/or organizations that you can trust to create and sign active content.
Administration ECL key In order to provide more flexibility to users, especially in organizations that do not allow users to modify their own ECLs, administrators can set the execution rights of the current ECL owner during workstation ECL refresh and replace.
Related tasks Creating a security policy settings document The execution control list Creating administration ECLs Defining default settings for Notes user registration