local admin training
TRANSCRIPT
CSC Proprietary
Lotus Notes
Local Admin Training
Global Collaborative Computing Services
Computer Sciences Corporation
June 20, 2007
Slide 2Revised 6/20/2007 CSC Proprietary
For Reference Only
Local Admin Training
Presentation Purpose
Local Administrator Training Feedback from Participants
Local Admin role Primary/Backup Audit
SBU/Site
Slide 3Revised 6/20/2007 CSC Proprietary
For Reference Only
Local Admin Training
Outline
Introduction: Roles and Processes Server Naming Conventions ADO: Admin Defined Organization DuPont’s Address Book Local Admin Request Database New Groups Group Deletion Notes IDs (Standard) Coordinating Notes Client Installations Generic/Shared/Training IDs Notes Developer IDs Mail In Group Accounts User Deletion Web Users Databases: Quality Assurance and Access Control Basics Database Move to Production Server Database Design Change Database Move to Notes Development Server Database Deletion Requesting Team Database Miscellaneous Requests from Users Helpful Databases and Web Sites
Slide 4Revised 6/20/2007 CSC Proprietary
For Reference Only
Local Admin Training
Service Delivery Model
CSC - AccentureGCCS - CAD - CT (CSC)
EC&C (Accenture)
RegionCAD
EC&C
Developers
LocalAdmin
ServerOperation &
Client Installation
Users
Servers/Workstation
s
Databases
Slide 5Revised 6/20/2007 CSC Proprietary
For Reference Only
Local Admin Training
Service Delivery Model (Cont’d)
GCCS = Global Collaborative Computing Services (formerly M&G--Messaging & Groupware)
Notes operations Requests placed through
Local Admin Request Database Helpdesk
CAD = Collaborative Application Development Notes and Internet Web application development Requests placed through Helpdesk
CT = Collaborative Technologies Notes Implementation Requests placed through Helpdesk
EC&C = Electronic Commerce and Collaboration Notes application development Requests placed through Helpdesk
Slide 6Revised 6/20/2007 CSC Proprietary
For Reference Only
Local Admin Training
Roles & Processes
Administration Local Admin
Request and manage groups Maintain integrity of ADO groups Request new/replacement Notes Ids Distribute new/replacement IDs/passwords (check with current Local
Admin to see how your business handles this) Manage user information Coordinate Notes client installations Request Mail In databases Request group and user (account) deletions Request mail file move (for example, someone moves to a different
region) Request Lotus Notes groups to be used in database access control and
Email distribution lists Request Web User Request database moves and design changes Request team databases Maintain secure access to databases
Development Create documented applications
Operations Install/reconfigure Notes on client’s workstation
Slide 7Revised 6/20/2007 CSC Proprietary
For Reference Only
Local Admin Training
Process to Introduce Notes
Step 1: Groupware Project Contact Collaborative Technologies Establish organized plan for bringing users into Notes Establish initial ADOs and groups Bring 10 to 30 people into Notes (request IDs) Train at least one Local Admin At completion: Group is self sufficient
Step 2: Add more users and applications
Slide 8Revised 6/20/2007 CSC Proprietary
For Reference Only
Local Admin Training
DuPont Notes Service
Dale McCashew is the Corporate Notes Service Owner and arbiter of conflicting needs within the DuPont Group.
Notes ID Forecasts Each Region or SBU has an IS Demand Manager:
Europe and USA forecast IDs by SBU Asia Pacific, Canada, Mexico, and South America forecast IDs by region
The IS Demand Manager is only required to submit a forecast for Lotus Notes IDs if anticipated need exceeds 200:
If a Region or SBU anticipates a need for 200 or less new IDs, no forecast is necessary.
If a Region or SBU anticipates a need for more than 200 new Notes IDs for any single month, a forecast is required.
> At least 3 weeks prior to the month when the IDs are needed, the IS Demand Manager needs to send an email with the estimate for that month to the following group: M&G ID Creators.
> Any changes to this forecast should be addressed to this same group. Notes ID Creation
The maximum number of Lotus Notes IDs CSC can currently create is 35 per workday.
Slide 9Revised 6/20/2007 CSC Proprietary
For Reference Only
Local Admin Training
Server Naming Conventions
Server Names are made up of: Characters 1 to 3 = Location of Server
AR=Argentina, AS=Asturias (Spain), BHG=Bad Homburg (Germany), BZ=Brazil, CDC=Corporate Data Center (US/Canada), CO=Colombia, ESE=Experimental Station (US), EU=Europe, HK=Hong Kong, MEC=Mechelen (Belgium), MX=Mexico, NS=North Sydney (Australia), SG=Singapore, SH=Shanghai (China), SL=Seoul (Korea), TI=Taipei (Taiwan), TK=Tokyo (Japan), VE=Venezuela
Characters 4 to 5 = LN for Lotus Notes Characters 6 to 8 = Server type
D# = Development 02 or other numbers = Application MH# = MailHub M# = Mail
Examples: CDCLND05 = development server MXLN01 = application server located in Mexico CDCLNMH1 = Mail Hub Server located at Corporate Data Center CDCLNM1 = Mail server located in Corporate Data Center (Newark, DE)
Slide 10Revised 6/20/2007 CSC Proprietary
For Reference Only
Local Admin Training
ADO: Admin Defined Organization
All ADOs are created by GCCS Submit request through your helpdesk
An ADO allows groups and person documents to be maintained by specific, authorized persons. Those persons are the Local Admins who are members of the ADO~Admin group.
Every database, person, and group is associated with an ADO Groups and person documents are owned by ADO Placement of database in directory structure is determined by ADO
Only Local Admins are members of ADO groups An individual must attend a Local Admin training session provided by
GCCS before being added to an ADO~Admin group Generic IDs, Mail In accounts, and groups are not permitted in
ADO~Admin groups Only a current Local Admin can add other Local Admins to their
ADO group. Each business decides who its Local Admins will be.
IT IS YOUR RESPONSIBILITY TO CONTACT A LOCAL ADMIN AND ASK TO BE ADDED TO ADO GROUP(S)
Slide 11Revised 6/20/2007 CSC Proprietary
For Reference Only
Local Admin Training
DuPont’s Address Book--Demo
ADO~Admin Group (Admin Defined Organization) “Admin Defined Organization” (ADO) name
Common practice is SBU, organization, & group acronym + Admin Example: IS~GIU~EMS~Admin
Stored in DuPont’s Address Book - “Admin - ADO Groups” view and in “Groups” view
Special ADO~Admin group for each ADO Group Name, Owner, and Administrator fields are not changed
ACL or Email Distribution Group Stored in DuPont’s Address Book - “Groups” view Can only edit groups owned by your ADO(s) Can add nonLocal Admin editors for groups (added to Administrator field)
Select from dropdown list: DuPont’s Address Book
Slide 12Revised 6/20/2007 CSC Proprietary
For Reference Only
Local Admin Training
DuPont’s Address Book--Demo (Cont’d)
Person document Stored in DuPont’s Address Book - “People” View Contains name, personal information (SBU, location, phone numbers...),
and system information Basic section contains shortname, mail file server, mail file name Can only edit persons owned by your ADO(s) Local Admin of existing ADO responsible for changing ADO as
necessary Change ADO by editing Administrator field in Administration section Select new ADO from list (do not type information in), press OK
Local Admin of existing ADO responsible for changing SBU and site codes as necessary (account owner can change site code, but not SBU)
SBU and site codes are provided by DuPont Finance and added to the Lotus Notes environment at their request. Requests for new SBU and site codes should be directed to DuPont Finance.
Slide 13Revised 6/20/2007 CSC Proprietary
For Reference Only
Local Admin Training
Local Admin Request Database
Add icon to your desktop File Database Open
Server Name: CDCLN77/DuPont Path: IS\System\Admin Database Name: Local Admin Requests
Must be in a IS~System~Admin~Local~# group before you are able to add the icon
Must be a member in at least one ADO~Admin group before you can perform any of the functions in this database
Normal Turnaround Time 2 workdays approximately for all functions except Request Team
Database 3 or 4 workdays approximately for Request Team Database
Slide 14Revised 6/20/2007 CSC Proprietary
For Reference Only
Local Admin Training
Groups Overview
Why use groups? Database access management (ACL’s)
All members must be from DuPont’s Address Book Distribution lists for Email
Members can be from ECD JustMail and other non Notes Address Book as well as DuPont’s Address Book
Groups are global: Can be used by any user worldwide within DuPont Notes domain
There are thousands of Notes groups ADO structure developed to help find specific group
Manage your groups wisely NonADO~Admin groups should contain at least three people Limit membership size to 300 people
Group limited to 64K (about 250 to 300 names) Groups can be nested to 6 levels deep (there are currently approximately 60,000 users
and 38,000 groups) Delete if obsolete
Slide 15Revised 6/20/2007 CSC Proprietary
For Reference Only
Local Admin Training
Groups Overview (Cont’d)
Think through the groups and group names in your ADO as a team
Groups are not renamed. To change your group’s name, you have to request a new group with the new name. After it is created, you can copy and paste the members’ names from the old group to the new. And, finally, you need to request the deletion of the old group.
Make request using Local Admin Requests database Local Admin receives email verification when group is added to
DuPont’s Address Book Group member names should be added to the group by the Local
Admin or designated editor after the group is created
Slide 16Revised 6/20/2007 CSC Proprietary
For Reference Only
Local Admin Training
Groups Overview (Cont’d)
GROUP NAMEExample: IS~GIU~EMS~LN Support
2 Parts: IS~GIU~EMS = ADO (cannot be removed)
LN Support = Short descriptive name (20 character limit)
Short descriptive name is what Local Admin defines: Most meaningful part of name Carefully choose the short descriptive name (easy to remember; easy to
type; easy to find) Other examples:
Admin Assistants HRIS Leadership ERDC First Aid VC96
Slide 17Revised 6/20/2007 CSC Proprietary
For Reference Only
Local Admin Training
New Group--Demo
Click “New Group” in Navigator pane Select ADO
you will only see ADO groups that you are a member of Group Used for: Leave Notes as default Enter short descriptive name
spaces and some special characters allowed (see Group Naming in Notes Central database)
> Using a period in name is discouraged> A space can cause a problem with internet addressing
Enter description or purpose not part of group name; used to make entry descriptive
Select appropriate group type multipurpose, mail only, or ACL only
Add members after group is created (more efficient for everyone!) Add editor if desired Use button “Click here to see name as it will appear in DuPont’s Address
Book” to preview submission Click “Submit Request” on action bar
Slide 18Revised 6/20/2007 CSC Proprietary
For Reference Only
Local Admin Training
Delete Group--Demo
Request the deletion of group when it is no longer needed for email distribution and/or database access control
Click “Delete Group” on action bar Select Group’s ADO Select “Group to be deleted” from DuPont’s Address Book Comments – Not required. Enter any special instructions or information
(e.g., who requested or approved the deletion), but not a specific date to delete.
Click “Submit Delete Request” on action bar Resulting Actions:
Group document is deleted from DuPont’s Address Book within 2 workdays If the Group name is nested in other any other groups in DuPont’s Address
Book, it will be deleted from those groups.> Note: The automated process may not remove the group name from an application
database Access Control List. This may need to be done manually by the database manager.
Local Admin is notified via email when group has been deleted Use caution when deleting ADO~Admin groups
Be sure the ADO~Admin group is not used before it is deleted> Person Doc Owner> Group Doc Owner> Member of a database ACL
Slide 19Revised 6/20/2007 CSC Proprietary
For Reference Only
Local Admin Training
Notes ID Overview
DuPont issues two types of Notes IDs: Standard—used for mail accounts and database access Developer—used for database development
An ID is an important file that contains: User name Certifier(s) Private and Public keys Password
User must have ID file on PC Copy of original ID file is maintained in GCCS archive User should maintain copy of ID file in safe place Passwords expire every 90 days. Changes such as new password, rename, and recertification occur only on
the copy of the ID the user has used to access the Notes server ID is to be used by ID owner only
Slide 20Revised 6/20/2007 CSC Proprietary
For Reference Only
Local Admin Training
Notes ID Overview (Cont’d)
Each Notes ID requires a license. Licenses are determined by the software installed on the user’s workstation.
When an account is created, the ID is created as a standard Notes license with the understanding that only the Notes 7 Client is installed on user’s workstation.
A user who needs to do Notes development should get the Notes Designer Client also installed on his/her workstation.
Notes Designer Client requires a separate license If a user needs to do Notes development work and already has a license
(i.e., Developer ID) but needs to install the designer client, he/she will need to contact Dale McCashew, ITSU, for the software.
Slide 21Revised 6/20/2007 CSC Proprietary
For Reference Only
Local Admin Training
Notes ID Overview (Cont’d)
Local Admin receives request for a new ID Verifies that user does not have a DuPont Notes ID
check DuPont’s Address Book for name Determines which ADO should own the person document
Make request through Local Admin Requests database Choose “Request New ID” After it is created, the ID is mailed to the Local Admin who submitted
the request Local Admin gives ID to user Local Admin coordinates installation Local Admin informs client of Janitor/Records Mgmt
Slide 22Revised 6/20/2007 CSC Proprietary
For Reference Only
Local Admin Training
Request New ID (Standard)--Demo
FIRST STEP: Check to see if user’s name appears in DuPont’s Address Book.
If it does, ask the user whether it is her/her account: If it is the same user, TRANSFER THE ACCOUNT:
Request an ADO~Admin group change from the current Local Admin if necessary (call Local Admin or send email). You cannot make any of the changes below until your ADO~Admin group manages the account.
Request a mail move if necessary (contact helpdesk) You or the user can request the ID and password (contact helpdesk) You MUST update SBU if not done before the account is transferred. You MUST update Internet Domain if applicable to your SBU You or the user MUST update the site information The user should also update other information (such as address or
telephone number)
If it is not the same user, REQUEST A NEW ID: Return to Local Admin Request database to request the new ID
Note: If you are transferring a user to another ADO~Admin group, please notify that group (send email to entire group or call one of the local admins in the group).
Slide 23Revised 6/20/2007 CSC Proprietary
For Reference Only
Local Admin Training
Request New ID (Standard)--Demo (Cont’d)
Click the Request New ID button in the Local Admin Requests database
Select appropriate ADO for new user (dropdown list) You will only see ADOs that you are a member of
Enter name “First Name & Initial,” and “Last Name” fields Use Proper case Avoid special characters (can use the hyphen, underscore, and
apostrophe on keyboard) Use two part first/middle name Be sure name is spelled correctly Follow DuPont’s naming standards Be sure name is unique (cannot have two users with the same name)
myAccess ID Soon to be required – can leave it blank now. Press the Help button next
to the field for more information.
Slide 24Revised 6/20/2007 CSC Proprietary
For Reference Only
Local Admin Training
Request New ID (Standard)--Demo (Cont’d)
PERSON NAME EXAMPLES
First Name Last NameJon R ManchesterBettina Laraine Adams-MelvinBenjamin F du_PontR David RhodesJohn A O'Brien_JrRoger D van_der_WeeleHorace Red Smith_IIIMichael Smith_PhD
Avoid using single name or initials in First Name field:John JonesJ J Jones_Jr.
Do not request names as follows:Horace (Red) Smith_IiiDr. Michael Smith [Belle Works]
Note: Do not predict what a new person’s internet address will be. It’s possible there is already a person listed in the ECD with the same name who has another type of email account. If so, a Uniqueness Qualifier ( - 1 ) will be added to the new account.
Slide 25Revised 6/20/2007 CSC Proprietary
For Reference Only
Local Admin Training
Request New ID (Standard)--Demo (Cont’d)
Policies for Person Names Each name must be unique
Exact full name cannot already exist in DuPont’s Address Book Michael R Smith/AE/DuPont and Michael R Smith/EUR/DuPont have the
same full name; one would have to modify name) First Name & Middle Initial Field
Contains first name and middle initial or middle name. Use client’s formal business name whenever possible.
Do not use a period or comma. May use a hyphen (-) and an apostrophe (') on keyboard, but no other special characters.
Do not include prefix: Dr, Mr, Mrs, Ms... Avoid using initials only.
Last Name Field Do not use a space; replace with underscore (_) so computer can parse. Do not use a period or comma. May use a hyphen (-) and an apostrophe
(') on keyboard, but no other special characters. Suffix, if there is one, should be appended to the last name with an
underscore. Use proper case (with exceptions; i.e., van_der_Weele).
Slide 26Revised 6/20/2007 CSC Proprietary
For Reference Only
Local Admin Training
Request New ID (Standard)--Demo (Cont’d)
Mail Servers: ARLNM# = Argentina, SA BZLNM# = Brazil, SA CDCLNM# = U.S. and Canada COLNM# = Colombia, SA EULNM# = Europe HKLNM# = Hong Kong MXLNM# = Mexico City, MX NSLNM# = North Sidney, Australia SGLNM# = Singapore SHLNM# = Shanghai, China SLLNM# = Seoul, Korea TILNM# = Taipei, Taiwan TKLNM# = Tokyo, Japan VELNM# = Venezuela, SA
Slide 27Revised 6/20/2007 CSC Proprietary
For Reference Only
Local Admin Training
Request New ID (Standard)--Demo (Cont’d)
*Site: (except CSC DE) select Site Code from Corporate Table *SBU: (except LNS) select SBU Code from Corporate Table Company Name: If user is a DuPont employee, must be “DuPont”. All others
must use their Contracting, Joint Venture, Third Party, or Subsidiary Firm Name (if CSC employee, Company name is CSC).
Company Name field has 8 character limit If the user is a DuPont Contractor, Joint Venture, or Third Party employee, an
approved DISO form 2E must be submitted by the DISO Coordinator to NotesidELISForms. DISO form must be received before ID can be created.
CSC and Accenture are exceptions when the IDs are requested by CSC and Accenture (SBU codes will be LNS and AT, respectively). If the IDs are requested by a DuPont business, a DuPont SBU code should be used, and a DISO form is required.
The company name helps to determine if a person requires a DISO form. If the company name is DuPont or DPE (formerly DDE), the person is classified as a DuPont person and does not require a DISO form. If the company name is anything other than DuPont or DPE, that person is deemed a contractor and a DISO form is required (see exception for CSC and Accenture).
Web site to DISO form 2E: http://www2.lvs.dupont.com/DISO/form2e.html When myAccess ID has been fully implemented, the DISO 2E form will no
longer be required.
*Refer to “Every user must have valid Company Name, Organization, Site & SBU Info” in Notes Central.
Slide 28Revised 6/20/2007 CSC Proprietary
For Reference Only
Local Admin Training
Request New ID (Standard)--Demo (Cont’d)
Notes Client License: Lotus Notes (this is the default) If someone wants a developers license, you will need to pick Request New
Developer List in ECD? (“Yes” is default) Web Account: If required, a web account can be requested as well as the
Lotus Notes account. (“No” is default) Comment field: If the user is a contractor, please enter the name of the
sponsor in the comments field and include the sponsor’s SBU or function, e.g., Dale McCashew/DuPont – ITSU.
Validate “Single Name” (bottom of screen) Double check spelling of name!! Click “Submit Request” on action bar You can check the status of your ID request by clicking on the Status
Inquiry button
Note: Local Admins should not forward their mail. We cannot issue IDs created from thetool to any mail that is forwarded. The ID and password will not forward properly to otheremail systems.
Slide 29Revised 6/20/2007 CSC Proprietary
For Reference Only
Local Admin Training
Coordinate Client Installation
Save Notes ID file to appropriate storage media and give to user Can be a secure network drive/flash drive or other storage media
Send user password and “Notes ID Handling Instructions” Instructions are in Help - Using this Database - Notes ID Handling Instructions in
“Local Admin Requests” database Coordinate the Notes Installation
Install software for user Provide instructions for user to install Have user call support center for installation Provide guidance on reconfiguring existing installation (change user’s personal
address book) Inform user of Records Manager/Janitor Encourage user to keep a copy of the original Notes ID locked up for future
use (in case user forgets the password or the PC experiences a hard drive crash). For security, ID and password should be stored in separate places.
Encourage user to keep Person document in DuPont’s Address Book up to date
Slide 30Revised 6/20/2007 CSC Proprietary
For Reference Only
Local Admin Training
Coordinate Client Installation (Cont’d)
Records Manager/Janitor When you request new email accounts in the DuPont domain, we
ask that you develop a process within your organization to communicate the Lotus Records Manager/Janitor training information and documentation to new DuPont employees and contractors. We have had several calls from contractors who were not aware of records management or how the Lotus Records Manager/Janitor works on an individual's email account.
Link to LRM/Janitor documents: http://crim.dupont.com/web.asp?page=615
Link to Corporate Records & Information Program Guide: http://crim.dupont.com/web.asp?page=751
Slide 31Revised 6/20/2007 CSC Proprietary
For Reference Only
Local Admin Training
Generic/Shared/Training IDs
Generic/Shared/Training IDs are allowed to some extent in the DuPont Notes environment.
Local Admin must provide appropriate approval information in the Comments field of the Request for New ID
Must include Owner’s name Statement: “{Owner} has been notified of the DISO/Lotus requirements” ID Owner must maintain appropriate licensing/security for the ID
See DISO Policy for Information Security Policy - Identification & Authentication - Shared Lotus Notes IDs Chart
http://www2.lvs.dupont.com/DISO/2_tech_ln.html Naming caution: If the account will be listed in the ECD, limit the
characters in the Name fields as follows due to a limitation in the X.400 (internet address):
First Name & Initial: 16 Characters Last Name: 24 Characters
Slide 32Revised 6/20/2007 CSC Proprietary
For Reference Only
Local Admin Training
Notes Developer IDs Overview
In order to secure our Lotus Notes environment and to register and track all Lotus Notes developers in the DuPont domain, DuPont has implemented a solution that requires all Notes developers to have two Lotus Notes IDs.
A standard Notes ID for users who are NOT Lotus Notes Application Developers, e.g, Fred Jones/AE/DuPont
A Developer ID for those people who have a standard Notes ID but who will be doing Notes development.
Given this, it is possible for one person to have two ID's, a "Standard ID" and a "Developer ID".
In order for any user to have a "Developer ID", the user MUST already have a Standard ID.
Slide 33Revised 6/20/2007 CSC Proprietary
For Reference Only
Local Admin Training
Request New Developer--Demo
Before you can request a Notes Developer ID, a request must be submitted in the Developer Tracking Database
Developer Tracking Database is on CDCLN77\IS\BC\DevTrkDB.nsf Click on Load New User. Click on down arrow next to Account
and choose name from DuPont address book. If the user is a contractor, you must go to the comments line and add the user’s sponsor.
Click on Load Info. Save this (Save and Exit), then open the name you just saved and click on Submit for Approval. This information will be sent to approver. Once that approval is given, the approver should notify you.
After you receive the approval notification, you can submit the Notes Developer ID request through the Local Admin tool.
Slide 34Revised 6/20/2007 CSC Proprietary
For Reference Only
Local Admin Training
Request New Developer–Demo (Cont’d)
REQUEST NOTES DEVELOPER ID Click on Request New Developer. This opens up the request for a
"Developer" ID for an existing user. The "First Name" of the new Developer ID will consist of the user's common name e.g. "Linda W Morris". The last name will always be "Developer". Thus, the full developer name would be:
Linda W Morris Developer/AE/DEV/DuPont. Click on button next to First Name & Initial. You will need to select
user’s name from DuPont’s Address Book. (Notice that the Last Name field is Developer).
You may pick any available mail server in your region. Select the user’s SBU and site from the dropdown lists. Note that nonDuPont users will be identified by adding a “Contractor”
organizational unit to their name. Remaining fields are the same as for Request New ID. In order for any user to have a "Developer ID", the user MUST already
have a Standard ID.
Slide 35Revised 6/20/2007 CSC Proprietary
For Reference Only
Local Admin Training
Request New Developer–Demo (Cont’d)
The examples below show the naming structure for the US (AE) region; however, the same naming rules apply for all regions.Scenario ID NameDuPont employee who is NOT a Joe B Smith/AE/DuPont
Developer (has one ID only)
DuPont employee who has a new Joe B Smith/AE/DuPont
developer ID along with his normal ID Joe B Smith Developer/AE/DEV/DuPont
(has two ID’s)
Contractor who has a new developer ID Joe Smith/Contractor/AE/DuPont
along with his normal ID (has two ID’s) Joe Smith Developer/Contractor/AE/DEV/DuPont
If the user is a “Contractor” (the company name is not DuPont), please type in the name of the sponsor in the Comments field and include the sponsor’s SBU or function, e.g. Dale McCashew/DuPont–ITSU.
Slide 36Revised 6/20/2007 CSC Proprietary
For Reference Only
Local Admin Training
Mail In Group Account Overview
Create Mail In database instead of generic ID whenever possible No ID is created; no license to purchase Names can be revised, just like a generic ID or person
Before you create a Mail In database on a mail server, you should create a group to use for the access to the Mail In account if you don’t have an appropriate group. This group will have Editor access.
Group must be “Multipurpose” or “Database Access Only” Every person listed in the group you add to the ACL of the database can access it using
their personal Notes ID (they must have a DuPont Notes ID). Can list in ECD whether the Mail In database is on a mail server or application server.
However, it should only be listed in the ECD if there is a compelling business reason to do so.
The default for List in ECD is “No” Mail In databases on mail servers will be standard mail files with standard ACLs.
Server name and file name in person doc will show exact location of Mail In database Mail In databases on application servers will be placed in the SBU or ADO structured
directories (not in the mail directory). If not listed in the ECD, the server name and file name in the person doc will show the exact
location of the Mail In database If listed in the ECD, the server name in the person doc will be a mail server. Mail will then be
forwarded to the Mail In database in the Application domain. After a Mail In database has been created, the ECD Listing designation can be changed, if
necessary. The Owner on the Administrators tab or the any member of the ADO~Admin group should open a PQR with the Helpdesk to add or remove “List in ECD”.
Slide 37Revised 6/20/2007 CSC Proprietary
For Reference Only
Local Admin Training
Mail In Group Account--Demo
Requirement for mail-in group accounts on mail servers: If one does not already exist, submit a request for a new group that will be placed in the ACL with editor access. The group should exist before you request the mail-in group account.
Request form is similar format as ID Request: Name
First Name: Naming standards not as strict; can omit First Name Last Name: Must have entry in Last Name field.
Note: If listing in ECD, remember character limitations:First Name & Initial = 16 charactersLast Name = 24 characters
Server for database: Select appropriate server If a new mail database is to be created, select an appropriate mail server If using an existing application database and the account IS to be listed in the ECD, select an appropriate mail server If using an existing application database and the account IS NOT to be listed in the ECD, select the application server
the database is on> Note: If the mail server selected is not available, the new database will be created on a different mail server in
the same region. Work (same as ID Request)
DuPont Site: Required for billing Location Text: Optional SBU: Required for billing Organization: Optional Company: Required
There is an 8 character limit ECD Other Phone
Slide 38Revised 6/20/2007 CSC Proprietary
For Reference Only
Local Admin Training
Mail In Group Account—Demo (Cont’d)
Notes Mail Create New Mail Database: Designate whether you want a new mail database
created or whether you are using an existing database Select Yes if a new mail file is to be created (not using an existing file) Select Yes if using an existing application database and the account IS to be listed in
the ECD. Select No if using an existing application database and the account IS NOT to be
listed in the ECD. If No: If you select “No”, you will need to provide the path on the application
server and the name of the file (e.g., helpdesk\notesupp.nsf). Do not enter the server name – it is already selected in the Name section.
List Person in ECD: Designate whether you want the mail-in account listed in the ECD or not
Select Yes only if you have selected a mail server AND you have a compelling business reason to list it.
Group to be placed in ACL with Editor Access: If creating a new mail database, select the group to be placed in the ACL with editor access (editor access is highest available).
Comment Field: Always enter Owner’s name and phone number If using an existing application database and the account IS to be listed in the ECD,
enter “Forward mail to database <path\filename> on <server>”. Example: Forward mail to database IS\System\admintest.nsf on CDCLN47 – owner is John Q Public/AE/DuPont, phone is 302-777-7777.
Validate Single First Name & Initial if appropriate Submit Request
Slide 39Revised 6/20/2007 CSC Proprietary
For Reference Only
Local Admin Training
Delete User--Demo
Use the Delete User function to delete a person’s ID, a generic/shared/training ID, a developer ID, or a Mail In account.
Request the deletion of account if it is no longer needed for email/database access (see DISO Standard: System Access – Termination & Transfer – Terminated Users)
Click “Delete User” on action bar can select up to 50 names in one request)
Select “User to be deleted” from DuPont’s Address Book Comments: “Other Mail” or “Left Company” or other special instructions:
May request supervisor access to the mail file for two weeks Do not request deletion for a future date. Deletion will be done when request
is received. Click “Submit Delete Request” on action bar
Slide 40Revised 6/20/2007 CSC Proprietary
For Reference Only
Local Admin Training
Delete User--Demo (Cont’d)
Resulting Actions: Name is immediately added to TERMINATIONS group
User cannot access mail or databases Name is removed from all ACLs of databases they currently access
within 2 workdays Person document is deleted from DuPont’s Address Book within 2
workdays ID file is deleted from Archive within 2 workdays Mail file is deleted within 5 workdays (unless access requested for
Supervisor; then file is deleted from the server in two weeks) If needed for longer than 2 weeks, the supervisor can make a local copy of
the mail file, as long as DISO rules about retention are not breached Local Admin is notified via email when user has been deleted
To restore a user’s account that was accidentally deleted, contact your helpdesk within 14 days of the deletion date.
Mail files can only be restored for up to 14 days from backup tapes
Remember: Do not delete account if user has moved from one SBU/site to another.Transfer the account.
Slide 41Revised 6/20/2007 CSC Proprietary
For Reference Only
Local Admin Training
Web User Accounts Overview
Application servers in the Notes domain are "Web" enabled so that developers can write applications which allow users to access them from the Web using a browser.
Existing and new Notes users will not be given automatic Web access. Web access will be granted only when they are required.
NonAnonymous Web users will be "registered" as part of the Web request process.
Registration of a Web user requires a valid email address which will be used by the Web password process.
Slide 42Revised 6/20/2007 CSC Proprietary
For Reference Only
Local Admin Training
Web User Accounts Overview (Cont’d)
The DISO required documentation rules apply as follows: Scenario 1: If the person already has a CURRENT /DuPont ID and
wants to be added to the Web.... Lotus Notes Local Admin will make the request (the DISO2E form is
NOT required for contractors or noncontractors) Scenario 2: If the person doesn't have a CURRENT ID and wants
BOTH an ID and Web access.... Lotus Notes Local Admin can make the request for a new ID and a web
account at the same time (the DISO2E form is required for contractors) Scenario 3: If the person only wants a /DuPont ID....
Lotus Notes Local Admin will make the request for a new ID (the DISO2E form is required for contractors)
IF they later want Web access, the Lotus Notes Admin must request it (the DISO2E form is NOT required for either contractors or noncontractors)
Scenario 4: If the person doesn't have a CURRENT ID and only wants access to the WEB....
Lotus Notes Local Admin will make the request for Web Access (the DISO2E form is required for contractors and noncontractors).
Slide 43Revised 6/20/2007 CSC Proprietary
For Reference Only
Local Admin Training
Web User Accounts Overview (Cont’d)
The Request Web User function will allow you to request that a user be registered for Web access.
You will be able to choose existing Notes users from any one of the five DuPont Lotus Notes Address Books:
DuPontDuPont LegalDPTSolaePioneer
You will also be able to choose people from the ECD—Justmail, Other nonNotes Address Book.
You may request as many as 250 people names (no groups) at one time. You will be able to sort your request list and calculate the number of users
being requested. You will be able to view the directory of current Web users from the main
navigator panel. Click the “Web User Inquiry” button and interrogate a list of current Web users.
Slide 44Revised 6/20/2007 CSC Proprietary
For Reference Only
Local Admin Training
Request Web User--Demo
Click the Request Web User button in the Local Admin Request database.
ADO: Select the ADO under which the request is to be made. User(s): Select as many as 250 people (no groups or Mail In accounts)
Select the appropriate Address book Select the required user(s) Select the 2nd Address book (if required) and the users from that book. Continue selections until maximum of 250 people have been selected.
If you have a list of names in Address book format (e.g., listed one per line as in a Notes group), you can paste these names directly into the “User(s)” field. (Note: names in invalid format will be weeded out.)
Send me email confirmation…: The default is “Yes”, which means you will receive an Email when each account is created (250 Emails if you submitted a request with 250 names). If you select “No”, you will not receive a confirmation Email when any of the accounts are created.
Comments: Enter comments as you wish. Be brief, as these will appear in the comments field on the person document created when the person is registered as a Web user.
Slide 45Revised 6/20/2007 CSC Proprietary
For Reference Only
Local Admin Training
Request Web User–Demo (Cont’d)
Other buttons on the form (optional functions): Current Web User(s): Shows a list of users with Web accounts. Calculate: Calculate the number of names in the “User(s)” field and updates the count at the
top of the form. Sort: Sorts the content of the “User(s)” field in ascending order. Check if input User exists: Checks the contents of the “User(s) field against the current list
of Web users and tells you who already has an account. You can then manually remove existing Web accounts from the “User(s) field before submitting the request.
Weed Out: Checks the contents of the “User(s) field and automatically weeds out the following names:
Entries that have “Mail In” in the name Entries that already have a Web account Any other invalid names
Submit Request button. The submit button does the following: Checks the contents of the “User(s) field and automatically performs the “weed out”
function. Sends request for Web account(s). Submission Confirmation: Immediately generates an email to the Local Admin showing
which accounts were submitted and which were not. A brief explanation is included for any accounts that were not submitted (e.g., Sherry A Burbidge/Contractor/AE/DuPont – Already Submitted).
Slide 46Revised 6/20/2007 CSC Proprietary
For Reference Only
Local Admin Training
Request Web User–Demo (Cont’d)
Three things may happen in the registration process: If you selected “Yes” to receive email confirmation when each
account is created, you will receive an Email when each user is actually put into the registration Address Book.
The user will receive an Email telling them they have been registered.
The Email will include the user name to be entered when they are challenged for authentication.
The user will be sent a second Email with critical logon information: The second Email contains the browser/logon password It will tell them that they will be forced to change that initial password
on first access It will also tell them to contact their local helpdesk if they have any
questions.
Note: Web password resets will be done without Local Administratorinvolvement. The web user should call the Helpdesk to reset lockouts.
Slide 47Revised 6/20/2007 CSC Proprietary
For Reference Only
Local Admin Training
Moving DBs & Quality Assurance Basics
Local Admin gets database from user or developer The recommended way is to first move new database to the test environment on
CDCLND05 test server. From there it can go on to the Staging Server CDCLND07. When it is ready to go production, you will need to tell us whether it will be self managed or change managed.
You should do the following before a database is moved to any server (test, staging, or production server):
Local Admin performs quality assurance checks (these are mandatory):
Verify that About and Using Documents exist Verify that database complies with DuPont’s DISO Standards Verify that database has a sponsor to pay for server space Verify that the data owner/application developer have completed their
tasks as designated on the Move Database request form.
Slide 48Revised 6/20/2007 CSC Proprietary
For Reference Only
Local Admin Training
Moving DBs & Quality Assurance Basics (Cont’d)
Database Quality Assurance Checklist About and Using Documents completed (Sponsor must be listed) Application usability: look at application Security: Review Access Control List (ACL)
Default Access is No Access (otherwise follow instructions in the DISO Standard)
Groups are used instead of individual names where possible (no more than 4 individual names allowed)
Terminations listed as Person Group with No Access IS~System~Admin~Global listed as Person Group with Manager Access ACL management group listed (change managed servers) Anonymous: No Access (otherwise follow instructions in the DISO
Standard) Check guidelines in DISO Standards
Templates: Using and About Documents Documents must be complete and relevant Must include purpose of application, target audience, owner, who to
contact, how to use...
Slide 49Revised 6/20/2007 CSC Proprietary
For Reference Only
Local Admin Training
Moving DBs & Quality Assurance Basics (Cont’d)
Access Control Basics Notes security has many parts Key part is the Access Control List (ACL) Each database in Notes has its own ACL The ACL is used to control the access level people or servers have
to the database Each user or server may either be listed individually or as part of
a group
Slide 50Revised 6/20/2007 CSC Proprietary
For Reference Only
Local Admin Training
Moving DBs & Quality Assurance Basics (Cont’d)
Maintaining Access Control List of Databases Changed Managed Databases
Owners/developers must have a special group created and then must place it in the database ACL before they ask you to request the move. The highest level of access this group can be assigned in the ACL is "Editor". The membership list of this group should contain the names of those people designated to "manage" the ACL. The name of the group should end in "ACLMGR”. For example "EP~EU~~Megaline ACLMGR".
ACLMGR must be in all caps ACL Manager Tool
A database has been created called “ACL Management” for designated ACL managers. You should inform anyone designated to manage the ACL of a database that they should access ACL Management to submit their ACL change requests. There is adequate "online" help within ACL Management. Press the “Help on how to use this database” button for detailed instructions.
Location of database:Server = CDCLNS02/DuPontPath = is\system\ACLMan\ACLMan.nsf
Slide 51Revised 6/20/2007 CSC Proprietary
For Reference Only
Local Admin Training
Moving DBs & Quality Assurance Basics (Cont’d)
ACL User Types Examples of user types:
Default = Unspecified LocalDomain Servers = Server Group ADO Group name = Person Group John Q Public/EUR/DuPont = Person
Slide 52Revised 6/20/2007 CSC Proprietary
For Reference Only
Local Admin Training
Moving DBs & Quality Assurance Basics (Cont’d)
Access Levels1. No Access: Denies access to database
2. Depositor: Allows users to compose or paste new documents into the database; however, they will not be allowed to access their documents or other documents.
3. Reader: Allows users to read existing documents only. Users will not be able to create new documents nor edit existing ones.
4. Author: Allows users to edit documents for which they are listed as owners. The ability to create or delete documents can be optionally given or taken away using the check boxes at the bottom of the ACL dialog box. A user can be added as an owner of a document by another user. Even if they did not create the document, they will be able to edit it.
Slide 53Revised 6/20/2007 CSC Proprietary
For Reference Only
Local Admin Training
Moving DBs & Quality Assurance Basics (Cont’d)
Access Levels (Cont’d)5. Editor: Allows users to create new documents and edit existing
ones regardless of whether they are listed as owners or not. The ability to delete documents can be optionally given or taken away using the check box at the bottom of the ACL dialog box.
1. The highest level of access allowed in production on mail servers and change managed application servers is now “Editor” (not “Manager”). An “ACL management” database will allow designated Custodians to manage ACLs without the need to have “Manager” access in the database itself.
6. Designer: Gives users all the privileges of an Editor as well as allowing them to change the design of the database (Forms, Views, etc.) (Only allowed on self managed application servers)
7. Manager: Gives users all the privileges of a Designer as well as allowing them to change the administrative options of the database (ACL, Replication, etc.) (Only allowed on self managed application servers)
Slide 54Revised 6/20/2007 CSC Proprietary
For Reference Only
Local Admin Training
Moving DBs & Quality Assurance Basics (Cont’d)
People Definitions and Responsibilities Sponsor: The business person who has championed the database and authorizes payment for the
database support. Billing information (SBU and Site) is derived from the sponsor’s person doc in the NAB The sponsor must be a DuPont employee
Owner: The person who is accountable for ensuring the asset/database and its content complies with all published standards. The same person can fulfill the roles of "Sponsor" and "Owner" if that is appropriate.
The owner must read the DISO standards (located on the DISO Web Site) and verify that the database meets DISO standards
The owner must verify that the risk classification is correct The owner must verify that the database does not contain Sarbanes Oxley sensitive
information. The owner must approve a database move or team database request before any action can be
taken on the request. Custodian: The person or persons (can have more than one) to whom the “Owner” may delegate
responsibility for the day to day management of the database (e.g., maintaining the database ACL and granting access to the database). Database owners may elect to fill this role themselves.
Developer: This is the person we will contact for technical information (if required). The developer must verify that the Access Control List (ACL) meets DISO standards The developer must verify that the “About” document of the database meets required format
and content The developer must verify that the “Using” document of the database meets required format
and content.
Slide 55Revised 6/20/2007 CSC Proprietary
For Reference Only
Local Admin Training
Move Database--Demo
Click “Move Database” in Navigator pane. ADO: Select from list of ADO groups that you are a member of Management Type: Self Managed or Change Managed (this will determine the server
that it will be put on) Move type: Since only new moves to production can be done with this form the "Move
type" field is no longer editable and defaults to "New Database" Database Name: Descriptive name – 40-character limit Database Icon Name: Exact name to be displayed on database icon – 20-character limit. Database: Attach database or paste database link here. To server: The main server that the database should reside on Directory on To Server: The directory into which the database should be placed on the
server. Must be based on SBU or ADO. If you do not specify the directory, the database will be put in the root directory.
Additional Servers: Dropdown list of additional servers that the database can be placed on.
Special instructions: Servers not included in the dropdown list can be added in the Special Instructions field (e.g., the external server if the database needs to be replicated to another domain).
Slide 56Revised 6/20/2007 CSC Proprietary
For Reference Only
Local Admin Training
Move Database—Demo (Cont’d)
People Responsible: Select the appropriate Sponsor, Owner and Custodian(s) from the dropdown lists.
Owner Accountability: Owner Approval—DISO: Default is YES Owner Approval—Risk:
Select DISO risk from dropdown list Select YES or NO for Sarbanes Oxley sensitivity
Owner Approval—Comments: Optional field Developer contact: Select from dropdown list. This is the person to contact if there
are technical questions. Developer contact phone: List DUCOM number and external number Submit Request for Owner Approval: When the request is submitted, a note is
sent to the database owner requesting approval. Once the owner approves the request, the request is sent to CSC for implementation. If the owner denies approval, the owner and Local Administrator must discuss what must be done to achieve owner approval. The Local Admin and the developer also receive a copy of the approval request. (Note: If the Local Admin who submits the request is the owner, no further approval is required.)
Slide 57Revised 6/20/2007 CSC Proprietary
For Reference Only
Local Admin Training
Move Database–Demo (Cont’d)
Owner’s Options in Owner Approvals database: "Approve" Button - The request document is emailed to CSC who will begin the move. An
email is also generated automatically from the Owner to the Local Administrator and developer telling them that the request has been approved. Note the timing for the database move begins, as it does now, when CSC receives the approved email request.
"Deny" Button - An email is generated automatically from the Owner to the Local Administrator and developer telling them that the request has been denied. The request is terminated. If the database still needs to be moved to production, the Owner and Local Administrator or developer must discuss what needs to be fixed/changed and the Local Administrator must submit a new request in the Local Admin Request database.
"Close" Button - If the owner opens the linked document and decides he or she wants time to think about how to respond, the owner can close the link and address the request for approval at a later time. In this case, the owner must retain the email containing the link in order to be able to reopen the request form.
Your options before the owner approves the request: Change the name of the database owner
click the drop-down menu and select the new Owner from the NAB click the "Send email to New Owner" button. This will send an email to the new Owner requesting
approval. Add or change information (other than the owner) you originally entered on the request
make your changes click on the "Save and Close" button
Send a reminder to the database owner requesting approval click the "Send Reminder email to Owner".
If you access the form and decide not to make changes click on the "Cancel" button
Slide 58Revised 6/20/2007 CSC Proprietary
For Reference Only
Local Admin Training
Request Database Design Change--Demo
Use this function to request design changes to databases in the Production and Staging environments.
ADO: Select from your list of ADO~Admin groups Management Type: Change Managed or Self Change Managed Move Type: Design Change. You must type in a short description of the
change (max 100 characters). Break/Fix: Default is “No”. Database: Attach database or paste database link. To Server: Select server from dropdown list. Directory on to Server: Enter directory Special Instructions: Use this field to communicate any special
requirements/steps for implementing the design change. Developer Contact: Person we should contact for technical information.
Select from DuPont’s Address Book. Developer Phone Number: Developer’s DUCOM and external
numbers.
Slide 59Revised 6/20/2007 CSC Proprietary
For Reference Only
Local Admin Training
Move Database Notes Develop--Demo
Click Move Database Notes Develop button ADO: Select from your list of ADO~Admin groups Database: Attach database or paste database link To Server: Select development server from dropdown list Directory on To Server: Enter directory in SBU or ADO format (e.g.,
AUTO\IS\COAT Estimated time to complete development: 90 Days
A reminder email will be sent to you near the end of the 90 days. You may request a 30, 45, 60, or 90 day extension at that time if not the database is not ready to be moved into production.
Calculated development completion date: Automatic 90 day calculation.
Sponsor: Select sponsor from dropdown list Owner: Select owner from dropdown list Custodian: Select custodian(s) from dropdown list
Slide 60Revised 6/20/2007 CSC Proprietary
For Reference Only
Local Admin Training
Move Database Notes Develop–Demo (Cont’d)
Developer Contact: Select from dropdown list.
Key Users: Access to the Notes development server is normally restricted to developers only. However, each developer may specify a maximum of five "Key Users" per database to help in the development of their database(s) on the development server. It is the developer’s responsibility to ensure this number is not exceeded. Users can be removed from the list at any time by sending an email to “Database Moves/Mail In/DuPont” account, specifying which users are to be removed. This number will be validated after you request each move for a particular developer. If more than five Key Users are found, the developer will be contacted and asked to reduce the number.
Select up to five Key Users from the dropdown box Leave field blank if no “Key Users” are required. If names are selected for this field, the following message will be displayed:
You have selected Key User(s) needing access to the development server(s). The maximum is 5 in total at any one time. This will be validated when your request is processed and if exceeded will slow the move of this database. Continue?
Developer contact phone: DUCOM and external numbers Submit Request
Slide 61Revised 6/20/2007 CSC Proprietary
For Reference Only
Local Admin Training
Delete Database from Production--Demo
Click Delete Database from Production You should use this function when you want a database removed from a
production server. ADO: Select the appropriate ADO~Admin Group Database Name: Select the database title from the dropdown list Server(s): Select the server(s) you wish the database deleted from
The option to ask for “ALL replicas” to be deleted has been removed. You now have to specify exactly which servers you want the database deleted from.
The other fields in the form will automatically populate, depending on the database title you select.
Submit Request: Once you hit the submit button, three events happen in the background:
Request is sent to CSC Copy of request is sent to your mail file for your records Details about the deletion is sent to the database Owner
Slide 62Revised 6/20/2007 CSC Proprietary
For Reference Only
Local Admin Training
Request Team Database--Demo
Requirement for all Team Databases: If one does not already exist, submit a request for a group that will manage the ACL (group name must end in “ACLMGR”). The group should exist before you request the Team Database.
Click the Request Team Database button ADO: Select the appropriate ADO~Admin group Going to: Select the server group
Other: Change Managed Servers South Amer/AUTO: Self Managed Servers
Management Type: Change Managed or Self Managed, depending on which “Going to” selection you made
Template name: DuPont Team Database Master To Server: Select server from dropdown list (your choices depend on which “Going
to” selection you made) Database title: Recommended number of characters is 20 or less so the title will fit
neatly on database icon This title will go directly into the Application DB Registry If this is to be a Mail In database, this title also becomes the name of the Mail In account
listing in DuPont’s Address Book.
Slide 63Revised 6/20/2007 CSC Proprietary
For Reference Only
Local Admin Training
Request Team Database–Demo (Cont’d)
Database Path: Directory/Filename where application is to be created The first level directory must be based on SBU or ADO Must include the database file name, including the “.nsf”
Additional Server(s): Select additional server(s) for replicas from dropdown list. Enter nothing in this field unless you were instructed otherwise
Special instructions/comments/test results: Add special instructions or servers that do not appear in dropdown list
Team databases can be placed on self managed servers, but they will be locked down just as if they were on a change managed server
Enter nothing in this field unless you were instructed otherwise Sponsor: Select from dropdown list. Owner: Select from dropdown list. Custodian: Select from dropdown list. DISO risk classification: Select from dropdown list.
Get classification from owner You will not be able to submit the move request without it
Sarbanes Oxley sensitivity: Must select “Yes” or “No”. Get information from owner
Slide 64Revised 6/20/2007 CSC Proprietary
For Reference Only
Local Admin Training
Request Team Database–Demo (Cont’d)
Team Database Information Mail In Functionality?: Click the “Create Mail In account for Team database” button if you want
Mail In functionality. Skip this field if Mail In functionality is not needed Name: Automatically enters database title List in ECD: “Yes” or “No”
The default for List in ECD is “No” Select “Yes” only if you have a compelling business reason to do so.
SBU: Select the SBU responsible for the account (usually the Sponsor’s SBU) Site: Select the site responsible for the account (usually the Sponsor’s site) Internet Domain Name: Default is Dupont.com (may or may not have other choices) Company Name: DuPont (cannot be changed)
Database type: Document Library or Meeting Mgmt (with Document - Discussion) Document Library provides repository functionality only Meeting Mgmt (with Document - Discussion) provides:
Document Library Meeting agendas, minutes Action item tracking Discussion capability
Select group that will manage the ACL: Group name must end in “ACLMGR” Use the dropdown list to select the ACLMGR group that will manage the ACL For this team database
If you do not have an ACLMGR group already established, you will have to request the creation of this group before submitted the request for a Team database. Use the “Request Group” button in the Local Admin Request database.
ACLMGR must be in all caps
Slide 65Revised 6/20/2007 CSC Proprietary
For Reference Only
Local Admin Training
Request Team Database–Demo (Cont’d)
Select access groups: Use the dropdown list to select all the groups that will access this team database
You can select groups by clicking in the margin next to the group name. A check mark will appear indicating that you have selected the group.
Select access levels for selected groups: Use the dropdown list to select all access levels for all groups that will access this team database
You will see a list of all the groups you selected in the previous field in combination with all the access level choices
For each group, highlight all access levels that the requester selected for each group (click on the selection to highlight it)
Some groups may require more than one role (e.g., “create keywords” and “view all private docs”). Others will require only one role.
Submit Request: If you selected “Mail In Functionality, you have actually submitted two requests: One to create the team database and one to create a Mail In account using that database
Like the “Move Database” request, this request requires approval by the owner. Notification is sent to the owner to approve the request in the Owner Approvals database. You will also receive a copy of that notification.
You will receive notification when the team database has been created. At this point, it is a functional team database without Mail In capabilities
You will receive a second notification when the Mail In account has been created
Slide 66Revised 6/20/2007 CSC Proprietary
For Reference Only
Local Admin Training
Request Team Database–Demo (Cont’d)
More information about using a Team Database is available at the following website: http://www4.lvs.dupont.com/nd6/teamtemp.html
More on Database Access: Access to a team database will be implemented via groups only. No individuals
names will be listed in the ACL. The groups accessing this database must be set up in the DuPont Address Book in advance.
Access Level: Edit all documents: Cannot read or edit docs marked private. Multiple groups can
be listed. Edit own documents only: Recommended access for team members. Author
access (can read but not edit docs created by another person – cannot read or edit docs marked private). Multiple groups can be listed.
Read only access: Can read all docs except those marked private. Multiple groups can be listed.
Change the ACL: Limit to 1-2 who will ensure that the database owner authorizes all additions to the ACL. Limit to a single group with a name that ends with ACLMGR (required group).
Edit keywords: Limit to 1-2 who will manage the organization of the db content. Limit to a single group (required group). Edit all docs including private: Limit to 1-2 who will manage turnover of authors of docs marked private. This is necessary in the event that a team member who has created private docs leaves the team. Limit to a single group (required group).
Slide 67Revised 6/20/2007 CSC Proprietary
For Reference Only
Local Admin Training
Miscellaneous Requests
All Problems, Questions, or Requests that cannot be submitted through the Local Admin Request database must be submitted through your helpdesk. A partial list is included below:
Replacement IDs (for forgotten passwords, lost IDs) User Name Changes (renames) Certificate Recertification
If account owner is moving from DuPont status to contractor status, an approved DISO form is required.
Mail Move Requests (allow 7 workdays) Access or application problems Restore accounts that were accidentally deleted (must request within 14
days of deletion Local Admin Training
Local Admin training for Asia Pacific is conducted by Jupri Ahmad. Local Admin training for Europe is conducted by Frank Bittorf and
Arvind Gurkha. Local Admin training for the United States, Canada, Mexico and South
America is conducted by Ashok Mehta. Internet Domain Changes: The internet domain must be changed by a
Local Admin before changing ADO and SBU.
Slide 68Revised 6/20/2007 CSC Proprietary
For Reference Only
Local Admin Training
Helpful Databases and Web Sites
ACL Manager Tool: Server:CDCLNS02 – Path:IS\System\ACLMan\ACLMan.nsf Developer Tracking Database: Server:CDCLN77 – Path:IS\BC\DevTrkDB.nsf Local Admin Request Database: Server:CDCLN77 – Path:IS\System\Admin/X500.nsf Local Admin Team Database: Server:CDCLN38 – Path:IS\LocAdm.nsf
This database is used as a tool to: Communicate any changes or additions that the local admins need to be aware of (this will include all
current Newsletters). Provide instructions which are broken down in categories to help you perform your Local
Administrator duties. Allows you to ask questions. You will see an Inbox that has been provided so that you are able to
communicate with the Lotus Notes group if you need a better understanding of a procedure to perform your Local Administrator duties.
FAQs Notes Central web site: http://www4.lvs.dupont.com/nd6/ Corporate Records & Information Program Guide web site:
http://crim.dupont.com/web.asp?page=751 DISO Form 2E web site: http://www2.lvs.dupont.com/DISO/form2e.html DISO Information Security Policy – Identification & Authentication – Shared Lotus
Notes Ids Chart web site: http://www2.lvs.dupont.com/diso/2_tech_ln.html LRM/Janitor Documents web site: http://crim.dupont.com/web.asp?page=615 Corporate Records & Information Program Guide web site:
http://crim.dupont.com/web.asp?page=751 Team Database information web site: http://www4.lvs.dupont.com/nd6/teamtemp.html