Handling execution security alerts caused by custom templates

The service signs a custom mail file template with a unique customer signature. IBM® Notes® users that use a custom mail file template see an execution security alert if the Execution Control List (ECL) on the client does not allow access to the signature.

About this task

The first time Notes users authenticate with the service after the application of a custom template, they see an execution security alert. The alert states that the template signer, customerID LotusLive Template Signer/customercertifier, is attempting to perform an ECL update action. Selecting Start trusting the signer prevents all future alerts for the template signature.

For more information about execution security alerts, see the topic about the execution control list in the Domino® documentation.

In a hybrid environment, you can prevent the security alerts by using a Security Settings document that is assigned to an explicit policy. To do so, perform the following steps before you deploy the custom template:

Procedure

  1. Read the topic on using administrative policies to understand the requirements for using policies with the service.
  2. From the Domino Administrator, open a server with the directory in which you want to configure the policy.
  3. Select the People & Groups tab, and then open the Settings view.
  4. Choose one of the following options:
    • To add a Security Settings document, click Add Settings > Security, and type a name for the new document.
    • To edit an existing Security Settings document, click Edit Settings.
  5. Click the Execution Control List tab.
  6. In the Admin ECL field, click Edit.
  7. Click Add.
  8. Type */customercertifier, where customercertifier is the name of the certifier that you uploaded to the service and that is used to name your mail servers in the service.

    For example, type */SCN/Renovations.

  9. Select the certifier name that you added, select the allowed access levels, and click OK.

    You must select Workstation security and then select Access to Workstation Security ECL. If you are unsure which other access levels to allow, select the same access levels that are specified for Notes Template Development.

  10. In the Update Mode field, select Refresh.
  11. In the Update Frequency field, select When Admin ECL Changes.
  12. Click Save & Close.
  13. Make sure that the Security Settings document is assigned to an explicit policy that is used for users in the service.
  14. Before you deploy the custom template, allow time for the policy change to replicate to the service.