After discovering that blank password logins to WebAccess were possible, as discussed in in this thread, I set out to limit who could use WebAccess in some other way. The documentation describes using the /var/opt/novell/groupwise/webaccess/gwac.xml file to prevent or allow individuals or groups to utilize the WebAccess portal.

I am unable to get this feature to work at all. With even the most basic configuration as below, my gwac.xml has no effect in "prevent"ing or "allow"ing access.

<?xml version="1.0" encoding="UTF-8"?>

<gwac access="allow">
        <distributionList name="AllowWebAcc.MyPostOffice.MyGWDomain" />
The documentation says that this configuration should prevent access via the WebAccess portal to all except members of the specified distribution group. Has anyone gotten this working?