Parameter:
Allow_AccessShort description: Local access list: explicitly allowed users/groups for this server (override of the server ACL).
Profile
Parameter | Allow_Access |
Category | Security / TLS |
Available since | R4 |
GUI equivalent | Server document (Security → Server Access) |
Possible values | Comma-separated hierarchical user/group names, e.g. Admins/Domain, John Doe/Domain |
Description
Allow_Access is a local access filter that can be set directly in notes.ini. If entries are present, only the listed users/groups may access the server at all — regardless of the server document ACL. Useful for emergency lockdowns, isolated test servers, or short-term maintenance windows.In normal operation, access control is maintained via the server document (fields Access server, Not access server);
Allow_Access is the fast, immediately effective emergency brake.Example configuration
Allow_Access=Admins/Domain,John Doe/Domain
Notes & pitfalls
- If the entry is set, all unlisted users are rejected — including server mates!
- Verify server-to-server connections beforehand (replication, mail routing, cluster).
- Use hierarchical names, not short names.
- Works together with
Deny_Access(deny list).
- The change takes effect after a
set configreload or a server restart.
Sources (HCL Product Documentation)
- HCL Domino 11.0.1 – Controlling access to a specific server port: help.hcl-software.com/domino/11.0.1/admin/conf_controllingaccesstoaspecificserverport_t.html