Web - IMAP Users Terminated Still Able to Access Servers

Mindwatering Incorporated

Author: Tripp W Black

Created: 04/28/2008 at 02:00 PM

 

Category:
Domino Server Issues Troubleshooting
Authentication

The Web, LDAP (Directory), DIIOP, and POP/IMAP mail users by default don't get "hit" with the server layer of the security "onion".
To make the server access applied to the Internet protocols, make the following change(s) on the Server document for each server.

Go to:
Server Document --> Ports tab --> Internet Ports tab --> Web tab --> Enforce server accessing settings: Yes (instead of No).
Server Document --> Ports tab --> Internet Ports tab --> Directory tab --> Enforce server accessing settings: Yes (instead of No).
Server Document --> Ports tab --> Internet Ports tab --> Mail tab --> IMAP, POP, and both SMTP columns --> Enforce server accessing settings: Yes (instead of No).
Server Document --> Ports tab --> Internet Ports tab --> DIIOP tab --> Enforce server accessing settings: Yes (instead of No).
Server Document --> Ports tab --> Internet Ports tab --> Remote Debug Manager tab --> Enforce server accessing settings: Yes (instead of No).



Testing IMAP I/O:

- Notes.ini Settings:
IMAPDebug=[0,1,2,3,4]
IMAPDebugIO=[0,1,2,3,4]

0 being off (default) and 4 being the most verbose logging.
All data will be logged to the file IBM_TECHNICAL_SUPPORT\console.log

Steps:
1. Edit the notes.ini directly or use the console command:
> Set Config notesiniparameter=value

2. Restart the IMAP task, which you can do by issuing this command to the console :
> restart task imap

For performance and disk usage reasons, the debug notes.ini settings should be removed after testing is complete.




previous page