Extended ACL

An extended access control list (ACL) is an optional directory access-control feature available for a directory created from the PUBNAMES.NTF template -- a Domino® Directory or an extended directory catalog. An extended ACL is tied to the database ACL, and you access it through the Access Control List dialog box using a Notes® or Domino Administrator client.

You use an extended ACL to apply restrictions to the overall access the database ACL allows a user -- you cannot use it to increase the access the database ACL allows. Use an extended ACL to set access to:

An extended ACL allows you to:
For information on using xACLs to limit access to Internet passwords, see information on securing Internet passwords in the related topics.

Note: Server processes such as the Router task do not enforce extended ACL restrictions. However, in the case of the Router task specifically, you can prevent some users from sending mail to a group by editing the Readers field for the group and including only the names of users you want to allow to send mail to the group. When users omitted from the Readers field attempt to send mail to the group, the Router will not deliver the mail.

Related concepts
Elements of an extended ACL
Extended ACL guidelines
Enabling extended access
Setting up and managing an extended ACL

Related tasks
Securing Internet passwords
Restricting users from sending mail to groups in the Domino Directory
Using an extended administration server
Setting overall access levels in the Domino Directory ACL
Configuring a database ACL
Extended ACL examples