We all know Domino registers users. You need the certifier for the correct O or OU and the user is created with the hierarchical Full Name as the certified user. So, the hierarchical Full Name is the unique key.
When you add users to a group, the hierarchical Full Name is added to the group.
When you add users to a read/author group, the hierarchical Full Name is added to those fields.
When you add users to the ACL, the hierarchical Full Name is added.
Don’t you all hate the DELETE/RENAME Adminp actions? It can take days before finishing, depending the amount of servers you have. And somtimes……it fails or got stuck in the flow.
When you delete or rename users, ADMINP has to search and delete/rename those users from groups, fields, ACLs, etc. This takes a long time to do and sometimes fails which can lead to strange behaviors in the security or accessing databases.
Possible Solution
Why not register users using a unique hash as their unique key? And when you add users to a group, field, acl, etc. you add the hash-key. Now the user is connected by it’s unique hash-key. ( Like Microsoft AD does using SID ).
Now when you remove a user, it only needs to search for orphaned entries and delete those.
Now when you rename a user, you only have to edit the Person Document. The hash-key never changes.
HCL Only needs to show the Full Name everywhere and not the hash-key. But this method is already in place for Alternate Names and works fine.
Visits: 135
Cool idea!