Restrict company-wide e-mail in Lotus Domino

If you don't want to read the score of the corporate volleyball team every week, restrict who is allowed to send company-wide e-mail. Here's how one TechRepublic member does this in Lotus Domino.

By Declan Lynch

We’ve all seen it happen: Somebody sends an e-mail to the entire 10,000+ workforce asking, “Who took the stapler from my desk?” Someone is bound to complain, especially since 90 percent of the people who received this fascinating e-mail probably work in a different office or even a different country.

This article will explain how to restrict who can send e-mails to company-wide groups if your company uses Lotus Domino. You may remember a recent TechRepublic article that explained how to set similar limits in Microsoft Exchange. Although the Domino solution is not as easy to execute as the Exchange solution, it can be accomplished if you follow the instructions below.

Create a new address book on the Domino server
Given the flexibility of the Domino system, it’s possible to implement many different solutions. However, I recommend creating a new address book on the Domino server because it is easy to implement and simple to control.

The new address book should be based on the “public address book” template. If you have multiple Domino servers, then this new address book can easily be replicated to the other servers.

Set up your corporate groups
Step two involves setting up your corporate groups in the new address book. Most organizations will likely have an “all users” group for each office. In your new address book, you can create groups that nest these office-level groups. There is no limit to the number of groups you can create in your new address book.

Set the access control list on the new address book
The easiest way to control the access control list (ACL) is to create a new group in your main address book and add it as a reader to the ACL of the new address book (NAB). By using a group, you won’t be forced to alter the ACL each time a new user needs access to the corporate-wide groups. All you have to do is update the main group in the NAB. The default access to the new database should be set to No Access.

One way to give users access to this new address book is to add the name of the new address book to the NAMES= line in the NOTES.INI file on the server. But keep in mind, this method will cause the address book to show up on every user's client. As an alternative, we use a little-known trick of cascading the address book directly on the client of the user who needs access to the corporate groups.

Normally, when you cascade a second address book on a client, the address book must be physically on the user's computer; however, the task of making sure that all these local copies of the address book are up-to-date when a change is made is a big job. Instead, we point the client to use the address book from the server.

To do this, we edit the user preferences and add ‘servername!!databasename.nsf’ to the local address book field, where servername is the name of the Domino server which holds the database and databasename.nsf is the actual filename of the new address book. The double exclamation marks that separate the server name from the database name tell the client that the cascaded address book is actually sitting on the server and not on the local machine.

Now, when a new senior staff member needs access to the corporate groups, all you have to do is add them to the broadcast group in your main NAB and then update his or her User Preferences. If you’re a bit adventurous, you could even write a bit of Lotus Script to do the update so you don’t even have to visit the user's desk.
What other annoying office habits are you asked to control or fix with technology? Post a comment below or send us an e-mail.

Editor's Picks