1

Usually after bugfixes on my Notes applications, we would often receive complaints that the applications were not sending notifications, not updating as expected, not able to access certain modules of the applications, etc...

Eventually, we found out that they were caused by the users clicking through when the Execution Security Alerts (ESA) popped up. And since the default selected option was 'Do NOT execute action', the applications could not work as expected.

Can anyone advise on whether it is possible to remove, disable or accept by default the ESA?

Void
  • 123
  • 5

1 Answers1

2

You should setup a special user account whose sole purpose is sign code with the rights to run.

You then lock that in the policies so it can only run ny default. Details here.

http://publib.boulder.ibm.com/infocenter/domhelp/v8r0/index.jsp?topic=%2Fcom.ibm.help.domino.admin.doc%2FDOC%2FH_DYNAMICALLY_PUSHING_ADMIN_ECLS_OVER.html

After that sign only approved applications with the signature. I would suggest not allowing the developers even access to this signature (only select admins). Set up a change log system as well with this.

This makes your applications more secure, prevents casual coding changes to production servers.

Simon O'Doherty
  • 320
  • 1
  • 7
  • Thank you for your answer. Good tips, I'll see how I can implement this in my environment. – Void Jan 28 '13 at 01:41