APPLICATION MANAGEMENT
Select the "Enforce a consistent Access Control List" setting on a replica whose server has Manager access to other replicas to keep the access control list the same across all server replicas of a database. If you select a replica whose server does not have Manager access to other replicas, replication fails because the server has inadequate access to replicate the ACL.
If a user replicates a database locally, the database ACL recognizes that user's access as it is known to the server. This happens automatically for local replication, regardless of whether "Enforce a consistent Access Control List" is enabled.
Note Local replicas with "Enforce a consistent Access Control List" enabled attempt to honor the information in the ACL and determine who can do what accordingly. However, they have some limitations. One limitation is that group information is generated on the server, not at the local replica. When a database is replicated locally, information about the group membership of the person doing the replication is stored in the database for use in ACL checking. If a person/identity other than the one doing the replication accesses the local replica, there will be no group membership information available for that person, and the ACL can use only the person's identity, not group membership, to check access.
Additionally, enforcing a consistent access control list does not provide security for local replicas. To keep data in local replicas secure, encrypt the database on the Database Basics tab of the Database properties box.
Note If a user changes a local or remote server database replica's ACL when the "Enforce a consistent Access Control List" option is selected, the database stops replicating. The log (LOG.NSF) records a message indicating that replication could not proceed because the program could not maintain a uniform ACL on replicas.
To enforce or disable a consistent access control list
Use this method to enforce or disable a consistent ACL for a single database.
1. Make sure that you have Manager access in the database ACL.
2. Select the database icon from your Bookmarks pane. If the database has multiple replicas, select the database icon from a server that has Manager access in the database ACL of the other replicas.
3. Choose File - Database - Access Control.
4. Click Advanced.
5. Do one of the following:
See Also