可以自动设置服务器上所有数据库的ACL,经典(*)
下面的两个 Lotusscript 代理可以自动设置服务器上所有数据库的ACL
第一个代理将在一个指定的服务器上,在每个数据库的ACL中给 Admin 组赋予管理员权限.
第二个代理将所有数据库的最大匿名访问权限设置为你指定的某级权限。ACL中没有匿名用户的数据库将加入 Anonymous 项,同时设置为“不能存取者“。
Sub Initialize
%REM
******************************************************
********** Set Admin Access in ACLs **********
********** V1.0 - 08/01/02 **********
********** by Phil Chapman **********
******************************************************
Gives Manager access to the user or group whose
name is stored in 'AdminName' for DBs on a server.
Sign this agent with the server's ID before using.
Place this agent in a database on a server (e.g. names.nsf)
and schedule it to run periodically to keep all databases
updated, or run once and then disable to allow manual
setting of ACLs for DBs requiring restricted access.
%END REM
Dim session As New Notessession
Dim directory As NotesDbDirectory
Dim db As NotesDatabase
Dim TotalCount As Integer
Dim ModCount As Integer
Dim SkipCount As Integer
Dim acl As NotesACL
Dim entry As NotesACLEntry
Dim AdminName As String
TotalCount = 0
ModCount = 0
SkipCount = 0
On Error Goto ErrorHandler
' Set the name of your admin user or group here:
AdminName = "_Administrators"
Print "Starting scan of all databases..."
Set Directory = New Notesdbdirectory("")
Set db=directory.getfirstdatabase(TEMPLATE_CANDIDATE)
' Get the next database
While Not (db Is Nothing)
Call db.Open( "","")
Set acl = db.ACL
' Get the Admin entry from the ACL
Set entry = acl.GetEntry(AdminName)
' If no Admin entry create one.
If (entry Is Nothing) Then
Call db.GrantAccess(AdminName, ACLLEVEL_MANAGER)
Print "Added ACL entry in " + db.filename
ModCount = ModCount + 1
Else
' If Admin access is lower than Manager fix it
If (entry.Level < ACLLEVEL_MANAGER) Then
Call db.GrantAccess(AdminName, ACLLEVEL_MANAGER)
Print "Modified ACL entry in " + db.filename
ModCount = ModCount + 1
End If
' UnComment the next two lines to write all skipped databases to the Notes Log
' Else
' Print "ACL already set in " + db.filename + " - skipping"
End If
PostError:
TotalCount = TotalCount + 1
Set db = directory.getnextdatabase
Wend
Print "Finished database scan."
Print "Databases checked: " + Str$(TotalCount)
Print "Databases skipped: " + Str$(SkipCount)
Print "ACLs updated: " + Str$(ModCount)
Exit Sub
ErrorHandler:
Print "Can't modify " + db.filename
SkipCount = SkipCount + 1
Resume PostError
End Sub
Sub Initialize
%REM
*************************************************************
********** Set Anonymous Access in ACLs **********
********** V1.0 - 08/01/02 **********
********** by Phil Chapman **********
*************************************************************
Sets Anonymous access to 'MaxAccess'
(configurable), for all DBs on a server. If Anonymous
access not set, sets it to 'No access'.
Sign this agent with the server's ID before using.
Place this agent in a database on a server (e.g. names.nsf)
and schedule it to run periodically to keep all databases
protected, or run once and then disable to allow manual
setting of ACLs for DBs allowing anonymous access.
%END REM
Dim session As New Notessession
Dim directory As NotesDbDirectory
Dim db As NotesDatabase
Dim MaxAccess As Integer
Dim TotalCount As Integer
Dim ModCount As Integer
Dim SkipCount As Integer
Dim acl As NotesACL
Dim entry As NotesACLEntry
TotalCount = 0
ModCount = 0
SkipCount = 0
On Error Goto ErrorHandler
' Set the maximum access level for Anonymous
MaxAccess = ACLLEVEL_AUTHOR
Print "Starting scan of all databases..."
Set Directory = New Notesdbdirectory("")
Set db=directory.getfirstdatabase(TEMPLATE_CANDIDATE)
' Get the next database
While Not (db Is Nothing)
Call db.Open( "","")
Set acl = db.ACL
' Get the Anonymous entry from the ACL
Set entry = acl.GetEntry("Anonymous")
' If no Anonymous entry create one.
If (entry Is Nothing) Then
Call db.GrantAccess("Anonymous", ACLLEVEL_NOACCESS)
Print "Added ACL entry in " + db.filename
ModCount = ModCount + 1
Else
' If Anonymous access is enabled ensure it doesn't exceed MaxAccess
If (entry.Level > MaxAccess) Then
Call db.GrantAccess("Anonymous", MaxAccess)
Print "Modified ACL entry in " + db.filename
ModCount = ModCount + 1
End If
' UnComment the next two lines to write all skipped databases to the Notes Log
' Else
' Print "ACL already set in " + db.filename + " - skipping"
End If
PostError:
TotalCount = TotalCount + 1
Set db = directory.getnextdatabase
Wend
Print "Finished database scan."
Print "Databases checked: " + Str$(TotalCount)
Print "Databases skipped: " + Str$(SkipCount)
Print "ACLs updated: " + Str$(ModCount)
Exit Sub
ErrorHandler:
Print "Can't modify " + db.filename
SkipCount = SkipCount + 1
Resume PostError
End Sub