As a follow-up to my previous tool that let you analyze the ACL of a database, I built another tool for my admin. For different reasons, we need to keep the mailbox of terminated users, sometimes for a shorter time but sometimes for long periods of time. As far as I understand it, if a traditional approach was used to remove a user from the system, the mail file would also be deleted. So the admin put the terminated user in the Deny Access group and change the ACL of the mailfile to include a manager, supervisor or replacement.
But because of this process, AdminP will not remove the terminated user from all the groups he/she is listed in. When you have hundreds of groups, many of them nested, this could be a real headache. So I was asked to build something simple that allows us to remove one or more specified users from all groups in the Domino Directory. Below is the result. Enjoy!
First you create a form with 3 fields:
'SaveOptions' has a default value of "0" (to prevent the form from being saved).
'Users' is a Names field, getting it's values using the addresses dialog. The field is multi-value and using New Line as separator.
'LogResult' is a multi-value text field, again with New Line as separator.
Finally I add a button to the action bar to remove the user(s). The Lotusscript code is listed below. It is using my class for mail notifications that I blogged about last year to send a confirmation to the user running the agent. This is useful for example when you need to log all data changes done to a system.
Sub Click(Source As Button)
Dim ws As New NotesUIWorkspace
Dim uidoc As NotesUIDocument
Dim session As New NotesSession
Dim nab As NotesDatabase
Dim view As NotesView
Dim doc As NotesDocument
Dim members As Variant
Dim newmembers List As String
Dim delmembers List As String
Dim users As Variant
Dim userlist List As String
Dim user As NotesName
Dim nmcnt As Integer
Dim newarray() As String
Dim ret As Integer
Dim removelog List As String
Dim userarr As Variant
Dim mail As NotesMail
Dim mailtext As String
Dim updated As Boolean
' *** Make sure the operator is sure
ret = Msgbox("Are you sure?",4+32+256,"WARNING")
If ret = 7 Then
' *** Get a list of users in field 'Users'
Set uidoc = ws.CurrentDocument
users = Split(uidoc.FieldGetText("Users"),Chr$(13))
Forall u In users
Set user = New NotesName(u)
userlist(Fulltrim(user.Common)) = Fulltrim(user.Common)
' *** Get all groups in NAB and process them one by one
Set nab = New NotesDatabase(session.CurrentDatabase.Server,"names.nsf")
Set view = nab.GetView("Groups")
Set doc = view.GetFirstDocument
Do While Not doc Is Nothing
Print "Processing " & doc.GetItemValue("Listname")(0)
updated = False
' *** Get members in the group and create a list of the ones to keep
members = doc.GetItemValue("Members")
nmcnt = 0
Forall m In members
Set user = New NotesName(m)
If Iselement(userlist(Fulltrim(user.Common))) = False Then
' User is not among the ones to delete
newmembers(Fulltrim(user.Common)) = Fulltrim(m)
nmcnt = nmcnt + 1
delmembers(Fulltrim(user.Common)) = Fulltrim(m)
updated = True
' *** Build array of members to keep
Redim newarray(nmcnt) As String
nmcnt = 0
Forall nm In newmembers
newarray(nmcnt) = nm
nmcnt = nmcnt + 1
' *** Write array of new members back to document and save it
If updated = True Then
Call doc.ReplaceItemValue("Members", Fulltrim(newarray))
Print "Updating " & doc.GetItemValue("Listname")(0)
Forall dm In delmembers
removelog(doc.GetItemValue("Listname")(0)) = removelog(doc.GetItemValue("Listname")(0)) & dm & ";"
Set doc = view.GetNextDocument(doc)
' *** We are all done
mailtext = ""
Forall rl In removelog
Call uidoc.FieldAppendText("LogResult", "Group '" & Listtag(rl) & "':" & Chr$(10))
mailtext = mailtext & "Group '" & Listtag(rl) & "':" & Chr$(10)
userarr = Split(Cstr(rl),";")
Forall u In userarr
Set user = New NotesName(u)
Call uidoc.FieldAppendText("LogResult", user.Common & Chr$(10))
mailtext = mailtext & user.Common & Chr$(10)
' Call uidoc.FieldAppendText("LogResult", Chr$(10))
Set mail = New NotesMail()
mail.MailTo = session.CommonUserName
mail.Subject = "[Notification] - Users removed from NAB"
mail.Principal = "IT Programs"
Msgbox "Done removing specified user(s) from Domino Directory.",64,"Finished"
Is the break-through for smart watches almost here?
Thu, Aug 28th 2014 8:25a Karl-Henry Martinsson In a few days, Motorola will present their highly anticipated Moto 360 smart watch, and at the IFA trade show in Berlin next week LG will show off their latest entry in the battle for the hearts (and wrists) of geeks everywhere, the G Watch R. Both watches are round, as opposed to previous entries […] [read] Keywords:
jQuery – A flexible way to show/hide sections
IBM ConnectED 2015 – registration open
Tue, Aug 19th 2014 8:45a Karl-Henry Martinsson IBM ConnectED, the conference formerly known as Lotusphere and Connect, has now opened the registration for the 2015 event. The “early bird” conference fee is $1,595 and on October 4 it goes up to the full price, $1,795. This is less than Lotusphere/Connect in the past, but the conference is also 20% shorter at 4 days […] [read] Keywords: ibm
I am a victim of identity theft
Tue, Aug 12th 2014 7:53p Karl-Henry Martinsson This weekend I found out that I am a victim of identity theft. It is very unsettling, and feels like a total violation of my privacy. My girlfriend Chrissy and I were discussing the potential of me getting a new car in the next few months. I am having some repairs coming up on my […] [read] Keywords:
The joy of programming
ConnectED 2015 – Smaller and shorter but more technical
Thu, Jul 24th 2014 1:40p Karl-Henry Martinsson If you read the official IBM announcment for ConnectED 2015 posted by Mat Newman, you will notice a few interesting details. First of all, the event is shorter than previous years. It starts on Sunday and ends on Wednesday instead of Thursday. On Sunday IBM has scheduled the Leadership Alliance meeting, which previously been held in […] [read] Keywords: ibm
Recover lost SSL keyring password
Thu, Jul 24th 2014 10:45a Karl-Henry Martinsson About two years ago, our Network (as well as Domino) administrator left the company after 10 years. The other day our SSL certificate for one of our websites expired, and we wanted to use a newer wildcard certificate instead of a server specific certificate. The problem was that we did not have the password for […] [read] Keywords: domino
IBM Connect becomes IBM ConnectED in 2015
Wed, Jul 23rd 2014 12:25p Karl-Henry Martinsson IBM has announced the new name for the yearly conference in Orlando, the one most of us know (and still call) Lotusphere. For the last two years it was named Connect, and for 2015 IBM again changes the name, this time to ConnectED. The conference will be more technical than the last few years, according […] [read] Keywords: ibm
Code snippet – DateClass
Mon, Jul 21st 2014 6:45p Karl-Henry Martinsson Here is a small Lotusscript class I wrote some years ago. I use it in a number of other classes where I need to use date functionality of different kind. For example, I have a class that communicates with a FoxPro database, using a COM object. Some of the methods in that class uses XML while […] [read] Keywords: domino