Query results for : Notes
Available now: HCL Notes/Domino 11.0.1 Fix Pack 9- 17 July 2024 - (0) Comments
Thomas Hampel
17 July 2024HCL just released Fix Pack 9 for HCL Notes/Domino 11.0.1
More details of what has been fixed are provided in the Release Notes or if you prefer reading the classic Fix List Database style see this => Notes/Domino Fix List
Before installing this update, please verify the system requirements:
- HCL Notes 11.0.1 Fix Pack 7, Fix Pack 8, and Fix Pack 9 System Requirements
- HCL Domino 11.0.1 Fix Pack 7, Fix Pack 8, and Fix Pack 9 System Requirements
These kits are also available on MHS at the following URLs:
- Domino 11.0.1 FP9 : https://my.hcltechsw.com/downloads/domino/domino/11.0.1fp9
- Notes : https://my.hcltechsw.com/downloads/domino/domino/11.0.1fp9
- Client for Application Access : https://my.hcltechsw.com/downloads/domino/caa/3.0.10
WARNING
HCL Notes/Domino 11.0.x will be End of Support by 26. June 2025 (=next year) !!
It's time to plan your upgrade, which as you know is quite an easy and straightforward upgrade.
Available now: HCL Notes/Domino 12.0.2 Fix Pack 4- 16 May 2024 - (0) Comments
Thomas Hampel
16 May 2024HCL just released Fix Pack 4 for HCL Notes/Domino 12.0.2
More details of what has been fixed are provided in the Release Notes or if you prefer reading the classic Fix List Database style see this => Notes/Domino Fix List
Before installing this update, please verify the system requirements:
- HCL Notes 12.0.2, 12.0.2 Fix Pack 4 System Requirements
- HCL Domino 12.0.2 Fix Pack 4 System Requirements
These kits are available for download at our new MyHCLSoftware download portal at the following URLs:
https://my.hcltechsw.com/downloads/domino/notes/12.0.2fp4
https://my.hcltechsw.com/downloads/domino/domino/12.0.2fp4
Bonus:
If you are already running Domino V14 and have the new AutoUpdate feature enabled, you'll see whats shown in the screenshot below:
Learn more on how to use this feature, by joining our Domino V14 Deep Dive webinar series on Jan. 31 on Domino v14 Auto Notify, Update & Install
Available now: HCL Notes/Domino 14.0 Fix Pack 1- 17 April 2024 - (0) Comments
Thomas Hampel
17 April 2024HCL just released Fix Pack 1 for HCL Notes/Domino 14, providing 92 fixes and updates for client and server.
More details of what has been fixed are provided in the Release Notice or if you prefer reading the classic Fix List Database style see this => Notes/Domino Fix List
Before installing this update, please verify the system requirements:
- HCL Domino 14.0 and 14.0 Fix Pack 1 System Requirements (KB0108740) +for IIBMi see KB0108946
- HCL Notes 14.0 and 14.0 Fix Pack 1 System Requirements (KB0108739)
- HCL iNotes 14.0 and 14.0 Fix Pack 1 Browser Requirements (KB0108942)
These kits are available for download at our new MyHCLSoftware download portal at the following URLs:
https://my.hcltechsw.com/downloads/domino/notes/14.0fp1
https://my.hcltechsw.com/downloads/domino/domino/14.0fp1
Bonus:
If you are already have the new AutoUpdate feature enabled, you'll see whats shown in the screenshot below:
For how to use this feature, see Domino V14 Deep Dive webinar Auto Notify, Update & Install
Available now: HCL Notes/Domino 12.0.2 Fix Pack 3- 17 January 2024 - (0) Comments
Thomas Hampel
17 January 2024HCL just released Fix Pack 3 for HCL Notes/Domino 12.0.2
More details of what has been fixed are provided in the Release Notes or if you prefer reading the classic Fix List Database style see this => Notes/Domino Fix List
Before installing this update, please verify the system requirements:
- HCL Notes 12.0.2, 12.0.2 Fix Pack 3 System Requirements
- HCL Domino 12.0.2 Fix Pack 3 System Requirements
These kits are available for download at our new MyHCLSoftware download portal at the following URLs:
https://my.hcltechsw.com/downloads/domino/notes/12.0.2fp3
https://my.hcltechsw.com/downloads/domino/domino/12.0.2fp3
Bonus:
If you are already running Domino V14 and have the new AutoUpdate feature enabled, you'll see whats shown in the screenshot below:
Learn more on how to use this feature, by joining our Domino V14 Deep Dive webinar series on Jan. 31 on Domino v14 Auto Notify, Update & Install
Happy Birthday - (Lotus) Notes turns 34 today- 27 November 2023 - (0) Comments
Thomas Hampel
27 November 2023Happy Birthday Lotus Notes!
Today, 34 years ago, release 1.0 of Lotus Notes was built/compiled marking the beginning of an incredible journey
And in just a few days, a new episode of this journey is going to start when HCL Domino 14 (and Sametime 12.0.2) will be released.
Find out about the cool new features in the latest release during our exclusive webcast launch on December 7 @ 10am ET.
To attend live, please Register now!
Is HCL Notes/Domino using Oracle Java?- 13 October 2023 - (0) Comments
Thomas Hampel
13 October 2023The short answer: No!
Background:
On January 23, 2023, Oracle announced (again) yet another new licensing model for Oracle Java that represents a dramatic price increase for large organizations.
This can lead to interesting discussions since e.g., a 40,000-employee organization could be asked spending USD $2.5M annually just on Oracle Java alone.
What Java version is used by Notes and Domino?
Notes and Domino are providing the Java runtime as part of the product, so customers do NOT need to download or install the Java runtime environment separately.
Since the JVM/JDK is part of the licensed product, it is covered under the product license of HCL or previously the product license of IBM.
With the acquisition of the product by HCL, dependencies to IBM Java were removed and got replaced with OpenJDK effectively in version 11.0.0 of HCL Notes/Domino.
Java updates are provided by HCL (and previously by IBM) typically as part of regular fix packs.
Here is a simplified overview of what Java version is used in the product:
Notes/Domino | Java Version | Java Vendor | JVM | Remarks |
14.0.x | 17 LTS | IBM Semeru | OpenJ9 | Open Edition |
12.0.x | 8 | AdoptOpenJDK, later IBM Semeru | OpenJ9 | renamed to Adoptium |
11.0.x | 8 | AdoptOpenJDK, later IBM Semeru | OpenJ9 | renamed to Adoptium |
10.0.x | 8 | IBM | IBM J9 | see IBM FAQ |
9.0.1 | 8 | IBM | IBM J9 | see IBM FAQ |
9.0.0 | 6 | IBM | IBM J9 |
a more comprehensive overview of which Java flavour and patchlevel is included in which release of Domino is provided later on in this blog post.
For details, please refer to
- For HCL Notes/Domino version 11 and later: KB0037886 - What is the impact to JVM support in Notes/Domino with Oracle's announcement to charge?
- For IBM Notes/Domino version 9 and 10: IBM FAQ to Oracle’s Java Products Commercial Licensing
- AdoptOpenJDK statement on Oracle's support announcement
Special cases and exceptions?
- MacOS : old versions of the IBM Notes Client before(!) 9.0.1 IF17 did not include any Java runtime. Customers may have manually installed a JVM, e.g. the Oracle runtime.
Starting with Notes Client 9.0.1 IF17 the product includes the IBM Java runtime. Customers are encouraged to upgrade to a more current version of the HCL Notes Client for MacOS. - IBMi (=iSeries) : HCL Domino will use the version provided by the platform.
- HCL Client for Application Access (HCAA), formerly known as IBM Client for Application Access (ICAA), does not provide a Java VM, it uses a JVM that you choose to install yourself.
Only for acessing Domino applications that are running Java code >in< the HCAA client, a JVM needs to be provided.
What about Nomad, Verse, Enterprise Integrator, SAP Connector, etc?
These products are addons to Domino and unless otherwise specified they leverage the JVM provided by Domino.
IBM? OpenJDK? Semeru? Adoptium? Eclipse? - Are you confused as well?
It's not easy to even get a basic understanding of the various project names, forks, branches and takeovers, but I'll try providing a short intro without covering the entire history of Java nor what Java itself is.
In the context of Notes and Domino, this is what you need to know:
- OpenJDK is a free and open-source implementation of the Java Platform, Standard Edition (Java SE), it is a Java Development Kit (JDK)
- OpenJ9 is a java virtual machine (JVM), contributed to the Eclipse project by IBM
- AdoptOpenJDK was a project for producing vendor neutral builds of OpenJDK
- AdoptOpenJDK merged into Eclipse Adoptium, to provide a prebuilt OpenJDK, that release is now named Temurin
With this move, Adoptium is, according to them, is not allowed to release OpenJ9-based or GraalVM-based runtimes - IBM comes to the rescue and provides OpenJ9 builds at no charge as the IBM Semeru runtime which includes the OpenJ9 Java VM
- IBM Semeru comes in two flavours:
a) IBM Semeru Runtime Open Edition, which is open source (GPLv2) licensed and is not TCK (Technology Compatibility Kit) certified
b) IBM Semeru Runtime Certified Edition, which is Java TCK-certified - Former "IBM Java" has been moved into IBM Semeru Runtime Certified Edition at Java version 11
- HCL Notes and Domino are using IBM Semeru Open Edition.
For better understanding of the above, here is a chart that explains:
As outlined above, HCL Notes and Domino is embedding IBM Semeru and does not use any Oracle Java.
Table: Java versions is used by Notes and Domino
Source: KB0037886 - What is the impact to JVM support in Notes/Domino with Oracle's announcement to charge?
Notes/Domino Version | Java Runtime Vendor | Java Version | |
V12 | 12.0.2 Fix Pack 2 | IBM Semeru Runtime Open Edition 8 | Semeru jdk8u372-b07 |
12.0.2 Fix Pack 1 | Semeru jdk8u362-b09 | ||
12.0.2 | AdoptOpenJDK 8 | OpenJDK jdk8u345-b01 | |
12.0.1 Fix Pack 1 | OpenJDK jdk8u312-b07 | ||
12.0.1 | OpenJDK jdk8u302-b08 | ||
12.0.0 | OpenJDK jdk8u282-b08 | ||
V11 | 11.0.1 Fix Pack 8 | OpenJDK jdk8u372-b07 | |
11.0.1 Fix Pack 7 | OpenJDK jdk8u352-b08 | ||
11.0.1 Fix Pack 6 | OpenJDK jdk8u332-b09 | ||
11.0.1 Fix Pack 5 | OpenJDK jdk8u312-b07 | ||
11.0.1 Fix Pack 4 | OpenJDK jdk8u302-b08 | ||
11.0.1 Fix Pack 3 | OpenJDK jdk8u282-b08 | ||
11.0.1 Fix Pack 2 | OpenJDK jdk8u265-b01 | ||
11.0.1 Fix Pack 1 | OpenJDK jdk8u252-b09 tzdata 2020a | ||
11.0.1 | OpenJDK jdk8u242-b08 tzdata2019c | ||
11.0.0 | OpenJDK jdk8u222-b10 | ||
V10 | 10.0.1 FP8 | IBM Java 8 | IBM Java 8.0 SR7FP6_tzdata2022a |
10.0.1 FP7 | IBM Java 8.0 SR6FP25_tzdata2021a | ||
10.0.1 FP6 | IBM Java 8.0 SR6FP10_tzdata2020a | ||
10.0.1 FP5 | IBM Java 8.0 SR6FP5_tzdata2019c | ||
10.0.1 FP4 | IBM Java 8.0 SR5FP40_tzdata2019c | ||
10.0.1 | IBM Java 8.0 SR5FP21 | ||
10.0.0 | IBM Java 8.0 SR5FP16ifix | ||
V9 | 9.0.1 Fix Pack 10 Interim Fix | IBM Java 8.0 SR6FP25 | |
9.0.1 Fix Pack 10 | IBM Java 8.0 SR5FP21 tzdata2018e | ||
9.0.1 Fix Pack 9 | IBM Java 8.0 SR4FP5 | ||
9.0.1 Fix Pack 8 | IBM Java 8.0 SR3FP12 | ||
9.0.1 Fix Pack 7 | IBM Java 6 | IBM Java 6.0 SF16FP30 | |
9.0.1 Fix Pack 6 | IBM Java 6.0 SF16FP20 | ||
9.0.1 Fix Pack 5 | IBM Java 6.0 SF16FP15 | ||
9.0.1 Fix Pack 4 | IBM Java 6.0 SR16FP4 | ||
9.0.1 Fix Pack 3 | IBM Java 6.0 SR16FP2 | ||
9.0.1 Fix Pack 2 | IBM Java 6.0 SR16 | ||
9.0.1 Fix Pack 1 | IBM Java 6.0 SR15FP1 | ||
9.0.1 | IBM Java 6.0 SR14 + ifix | ||
9.0.0 | IBM Java 6.0 SR12+ ifix |
Remarks:
IBM SDK, Java Technology Edition, Version 6 has reached end of life, see https://www.ibm.com/support/pages/java-sdk-downloads-version-60
How to check which Java version is used?
From the program directory of the Notes client or Domino server:
cd jvm/bin
./java -version
Example:
Checking the Java version used by the HCL Notes Client 14.0 (Early Access version) on Windows:
C:\Program Files\HCL\Notes>cd jvm/bin
C:\Program Files\HCL\Notes\jvm\bin>java -version
openjdk 17.0.4.1 2022-08-12
IBM Semeru Runtime Open Edition 17.0.4.1 (build 17.0.4.1+1)
Eclipse OpenJ9 VM 17.0.4.1 (build openj9-0.33.1, JRE 17 Windows 7 amd64-64-Bit
Compressed References 20220812_237 (JIT enabled, AOT enabled)
OpenJ9 - 1d9d16830
OMR - b58aa2708
JCL - 1f4d354e654 based on jdk-17.0.4.1+1)
References:
- AdoptOpenJDK statement on Oracle's support announcement
- KB0037886 - What is the impact to JVM support in Notes/Domino with Oracle's announcement to charge?
- IBM FAQ to Oracle’s Java Products Commercial Licensing
- KB0073999 - Interim Fixes & JVM patches for 9.0.1.x versions of IBM Notes/Domino & add-ons
- IBM Semeru Runtime vulnerabilities
Finally:
I hope this brief explanation will help to better understand the usage of Java in our product and provides you with enough of a justification to upgrade to the most current version of HCL Notes and Domino.
so upgrade NOW !
Available now: HCL Notes/Domino 12.0.2 Fix Pack 1- 17 April 2023 - (0) Comments
Thomas Hampel
17 April 2023HCL just released Fix Pack 1 for HCL Notes/Domino 12.0.2
More details of what has been fixed are provided in the Release Notes or if you prefer reading the classic Fix List Database style see this => Notes/Domino Fix List
Before installing this update, please verify the system requirements:
- HCL Notes 12.0.2 and 12.0.2 Fix Pack 1 System Requirements
- HCL Domino 12.0.2 and 12.0.2 Fix Pack 1 System Requirements
The following kits/packages are now available for download on Flexnet for entitled customers:
Notes Client
HCL Notes 12.0.2FP1 Basic Configuration for Windows English 32-bit
HCL Notes 12.0.2FP1 for Windows 32-bit
HCL Notes 12.0.2FP1 for Windows 64-bit
HCL Notes 12.0.2FP1 for Mac 64 bit
Domino Server
HCL Domino Server 12.0.2FP1 for Windows 64bit
HCL Domino Server 12.0.2FP1 for AIX
HCL Domino Server 12.0.2FP1 for Linux
HCL Domino Server 12.0.2FP1 IBMi
HCL Domino 12.0.2FP1 Docker image
Keyboard Shortcuts for HCL Notes Client on MacOSX - 22 August 2021 - (0) Comments
Thomas Hampel
22 August 2021Hint:
Press COMMAND + SHIFT + L to get a list of keyboard shortcuts :
Group 3 Languages for HCL Notes and Domino 11.0.1- 16 August 2021 - (0) Comments
Thomas Hampel
16 August 2021Good news: HCL Notes 11.0.1 is now available in even more languages!
You asked for it (see DOMINO-I-831 and NTS-I-842), so in addition to the 16 languages the Notes client was already providing, HCL is delivering nine more language translations:
- Danish
- Finnish
- Norwegian
- Catalan
- Hebrew
- Hungarian
- Slovenian
- Thai
- Turkish
Install kits for the HCL Notes Standard and Basic Client V11.0.1 in those languages can be found at Flexnet under the Notes/Domino version 11.0.1.
Multilingual User Interface (MUI) kits for those languages, as well as the Install Shield Tuner files to customize your installation are also provided:
References:
- HCL software download / Flexnet
https://hclsoftware.flexnetoperations.com/flexnet/operationsportal/startPage.do
Houston, we have a new Workspace! Domino V12 Beta 2 is available- 16 February 2021 - (0) Comments
Thomas Hampel
16 February 2021This morning HCL published the next iteration of the Domino V12 Beta program! The new Beta 2 packages are available for Download at Flexnet
One of the most visible difference is a new Notes client workspace UI:
This, and more we are going to talk about in our Beta2 Webinar TODAY, make sure to sign up now to get the latest news!
References:
Y2k21 problem in Notes property box - Created date is empty- 4 January 2021 - (2) Comments
Thomas Hampel
4 January 20212021 started with a little surprise: The property box in your HCL Notes client doesn’t show the Created date for documents created in 2021 any longer.
Here is a screenshot of what is missing:
It affects just the display of the date/time value in the property box in all the Notes clients (Standard & Basic, on MacOS and Windows).
From a technical point of view the date/time values are still there but they are just not displayed in the property box.
The property box refers to the date when the document was created and its empty when the document was created in 2021 or later.
It is still displayed correctly when a field $Created exists in the document, e.g. this is the case for SMTP mails.
So far this was reported to appear with the following versions:
- Notes 11.0.1
- Notes 10.0.x
- Notes 9.0.1
- Notes 8.5.x
HCL Development is working on getting this minor issue fixed - details are tracked under SPR# NNAIBWX3MD and in HCL Technote KB0086175
Update: This problem is fixed in Notes 11.0.1 FP2 IF1
References:
- Notes 11.0.1 FP2 IF1
- HCL Technote KB0086175
- Per Henrik Lausten's Tweet: https://twitter.com/perlausten/status/1345069075060432897
- Jak na SW by Martin Hansgut : http://www.jaknasw.cz/chybejici-datum-vytvoreni-info-dokumentu/
- Daniel Nashed https://blog.nashcom.de/nashcomblog.nsf/dx/y2k21-notes-property-box-created-date-is-empty.htm
- Ytria ScanEZ https://www.ytria.com/ezsuite/scanez
Available now: Notes/Domino 10.0.1 Fix Pack 6- 29 September 2020 - (0) Comments
Thomas Hampel
29 September 2020For those of you who have not yet upgraded to V11 but are running Notes/Domino V10.0.1 we have just released a new Fix Pack.
Fix Pack 6 for 10.0.1 is the latest update and HCL strongly recommends that customers running Notes/Domino 10.0.1 to apply this Fix Pack since it addresses a small percentage of defects that impact the broadest set of customers.
More details of what has been fixed are provided here => Notes/Domino 10.0.1 Fix Pack 6 Release Notice and Fix List or if you prefer reading the classic Fix List Database style see this => Notes/Domino Fix List
also please verify the system requirements:
Finally the following kits/packages are now available for download on Flexnet for entitled customers:
Notes Client
HCL Notes v10.0.1 FP6 Basic Configuration for Windows English
HCL Notes v10.0.1 FP6 Windows English
HCL Notes v10.0.1 FP6 Mac 64 bit English
Domino Server
HCL Domino Server v10.0.1 FP6 64 bit for Windows English
HCL Domino Server v10.0.1 FP6 64 bit for AIX English
HCL Domino Server v10.0.1 FP6 64 bit for Linux English
HCL Domino Server v10.0.1 FP6 for IBM i
Client for Application Access
IBM Client Application Access v2.0.5 Windows English
IBM Client Application Access v2.0.5 Mac English
’Shared logon failed with this ID’ after setting EnableUsingAppDataForRoaming=1- 25 September 2020 - (0) Comments
Thomas Hampel
25 September 2020Prompting for passwords is a thing of the past, which means that of course customers have SharedLogon (NSLv3) enabled in their Notes client deployments.
Unfortunately you can read there that "Notes Shared Login is not supported for Notes IDs that are: {...} used in a Citrix environment."
If you were following Daniel Nashed's blog you probably have read this post and know that Notes Shared Logon and Citrix are indeed work well together as of Notes 11.0.1
So you might assume that all you need is to push these variables to your Notes clients either using Domino Policies or using Panagenda's MarvelClient
- EnableUsingAppDataForRoaming=1
- EnableNSLUnderCitrix=1
But wait, you have to be careful...
Applying these variables to a Notes client where SharedLogon was already enabled will cause it to fail with "Shared logon failed with this ID" when starting up.
Some background:
When enabling Shared Login (NSLv3) the Notes client will create a *.bin file in the directory %AppData%/Local/HCL/Notes
The Notes.ini variable EnableUsingAppDataForRoaming=1 will cause the Notes client to look for this file in a different directory, where of course the file is not present at this point in time.
Workaround:
a) Remove the variable from the Notes.ini for all clients which are not Citrix clients
b) Move the *.bin file from your %AppData%/Local/HCL/Notes directory to the %AppData%/Roaming/HCL/Notes
Reference
IBM Notes/Domino/ICAA/Traveler 10.0.1 + Verse 1.0.6 + AppDev Pack 1.0 have arrived- 18 December 2018 - (0) Comments
Thomas Hampel
18 December 2018Today IBM has shipped V10.0.1 of IBM Notes & Domino.
Although this is just a 'dot' release it includes a number of important improvements such as:
- IBM Notes Client V10.0.1 is now including Panagenda MarvelClient
- IBM Notes Client V10.0.1 for Mac, including an embedded IBM JVM which is important due to FAQ on Oracle Java Licensing
- IBM Domino AppDev Pack 1.0 is released (eGA), earlier it was a beta version only
- IBM Verse 1.0.6, which btw can now import *.ics files.
Here are the part numbers which you need to use for downloading from Passport Advantage
IBM Notes Client (English only)
Type | Operating System | Description | Part # |
Basic | Windows | IBM Notes 10.0.1 Basic Configuration for Windows English | CNXK5EN |
Standard | Windows | IBM Notes 10.0.1 for Windows English | CNXK6EN |
Standard | MacOSX | IBM Notes 10.0.1 Mac 64 bit English | CNXK7EN |
All Client | Windows | IBM Notes, Domino Designer and Admin 10.0.1 for Windows English | CNXL1EN |
ICAA | Windows | IBM Client Application Access 2.0.1 Windows English | CNXL0EN |
ICAA | MacOSX | IBM Client Application Access 2.0.1 Mac English | CNY0HEN |
IBM Domino Server (English only)
Operating System | Description | Part # |
Windows | IBM Domino 10.0.1 64 bit for Windows English | CNXL7EN |
AIX | IBM Domino 10.0.1 64 bit for AIX English | CNXL8EN |
Linux | IBM Domino 10.0.1 64 bit for Linux English | CNXL9EN |
IBM Verse 1.0.6
Operating System | Description | Part # |
Multiplatform | IBM Verse On-Premises V1.0.6 for Domino 9.0.1 Multiplatform Multilingual | CNYC6ML |
IBM Domino AppDev Pack
Operating System | Description | Part # |
Linux | IBM Domino AppDev Pack 1.0 Linux English | CNXJ9EN |
IBM Traveler Server
for details see list of IBM Traveler fixes by release
Operating System | Description | Part # |
Windows | Traveler Server 10.0.1.0 for Win | Fix Central |
IBM i | Traveler Server 10.0.1.0 for IBMi | Fix Central |
Linux | Traveler Server 10.0.1.0 for Linux | Fix Central |
IBM Domino Community Client & Server (English only)
Free of charge for non-production environments - Start HERE
Type | Operating System | Description | Size | Part # | Download |
Client | Windows | IBM Notes Community Client for Non-Production 10.0.1 Windows English IBMNotesDesignerAdminCommunityClientforNonProduction10.0.1Windows.exe | 1 GB | CNY0UEN | Start HERE |
Server | Windows | IBM Domino Community Server for Non-Production 10.0.1 Windows English IBMDominoCommunityServerforNonProduction10.0.1Windows.exe | 665 MB | CNXK0EN | Start HERE |
Server | Linux | IBM Domino Community Server for Non-Production 10.0.1 Linux English IBMDominoCommunityServerforNonProduction10.0.1Linux.tar | 791MB | CNXK1EN | Start HERE |
References & Remarks:
IBM Domino Mobile Apps - the Notes Client for your iPad- 4 November 2018 - (0) Comments
Thomas Hampel
4 November 2018At the IBM Domino V10 Launch event in Frankfurt we announced to start a public Beta for IBM Domino Mobile Apps (=DMA), which is a Notes Client for the Apple iPad to be available on Oct. 31 and perfectly on time for Halloween we opened the Beta Sign up form for anybody to participate and also tweeted about it.
For this Beta we are using Apple TestFlight for managing the installation and distribution of the product to Apple iPad devices. Anybody who has registered before Oct. 31 should have received a Redeem code with instructions on how to use it. For all new beta participants the process has been simplified. Instead of using Redeem Codes that needs to be sent e.g. by mail we are allowing people to directly signup for this beta, which means you can just head over to https://ibm.biz/V10MobileApps and sign up yourself to get started immediately.
All you have to do is to...
- Take your iPad and navigate to https://ibm.biz/V10MobileApps,
After providing registration details you will be redirected to Apples TestFlight page with further instructions - Step 1 will prompt to Install TestFlight on your iPad
- and in Step 2 Join the Beta, click the button "Start Testing"
Next you have to do the initial configuration which IBM Champion Oliver Busse already wrote about in this article. Just get the NotesID on your iPad, either by using the IDVault or by copying the file using iTunes and then you can open your beloved Domino Apps on your iPad, like Theo's Wine tastings app:
Daniel Nashed is going even further on his blog where he is looking under the hood of the product.
Just to be clear: this is a beta program where we at IBM would like to hear your feedback - so please go ahead and join the beta yourself.
In case you are missing a feature or function in IBM Domino Mobile Apps, please submit your XMAS wishlist here
I'm wondering why nobody has submitted an idea for supporting Android yet...who wants to post this idea first?
References:
- Domino Mobile Apps Beta Sign up form - ShortURL: https://ibm.biz/V10MobileApps
- Getting Started with IBM Domino Mobile Apps 1.0 Beta - Technote 10738139
- Ideas for improving Domino Mobile Apps go here
- Video: Highlights from the Domino V10 World Premiere in Frankfurt (see Extended Version )
- Oliver Busse - IBM Domino Mobile Apps Beta is available
- Daniel Nashed - Official IBM Domino Mobile Apps Beta finally started
Where are all the Plug-ins for IBM Connections?- 1 October 2018 - (0) Comments
Thomas Hampel
1 October 2018IBM Connections CR3 was just released and we are about to release Notes V10 next week.
In preparation of the product launch, the IBM Connections Plug-ins for IBM Notes has been updated to support Notes V10.
Some time ago those plug-ins were provided at the Greenhouse Application Catalog , but this site has been replaced by IBM Bluefizz which is now the new host for all sorts of solutions.
Maybe you noticed that the download itself are not hosted on BlueFizz, so you do not need to log in at all to download it.
Just head over to developerWorks and grab the file of interest directly using these links:
References:
Run Mail Rules on existing mail- 18 January 2018 - (0) Comments
Thomas Hampel
18 January 2018Maybe you noticed but with Notes 9.0.1 FP9 you can (finally) run mail rules on existing messages (see SPR #BLIO8TGDUW )
You can use mail rules to run actions on mail already in mail folders. This feature existis within the FP9 mail template and is hidden by default.
To use it, your administrator must upgrade your mail file to the Feature Pack 9 template.
Then the owner of the mail file will then need to enable this feature by clicking on File > Preferences > Mail.
In Mail Options, select Enable Run Rules On Existing Mail.
References:
http://www-10.lotus.com/ldd/fixlist.nsf/5c087391999d06e7852569280062619d/bb0745a647ada8f985258183005803d9?OpenDocument
Improving the Mail Template 9.0.1FP9 - Manage Return Receipts according to RFC 2298- 19 September 2017 - (0) Comments
Thomas Hampel
19 September 2017According to RFC 2298 http://www.ietf.org/rfc/rfc2298.txt it is recommended to show a dialog box where the recipient of a mail can decide weather or not a return receipt shall be sent back to the originator of the mail. This behavior is not currently part of the Standard IBM Mail template.
To add this feature you have to modify the following design elements:
- Form “Memo”, Event "QueryOpenDocument", added the code shown below
- Form “Reply”, Event "QueryOpenDocument", added the code shown below
- Form “ReplyWithHistory”, Event "QueryOpenDocument", added the code shown below
Insert this code at the end of the QueryOpenDocument event.
Set doc = Source.document
If Source.isNewDoc Then
'# don' t do anything, as this is a new document
Else
If doc.GetItemValue("ReturnReceipt")(0) = "1" And doc.HasItem ("DeliveredDate") Then
If MessageBox ("The sender of this message has asked to be notified when you read this message." & Chr(13) & "Do you wish to notify the sender?", 36, "Send Return Receipt?") = 7 Then
Call doc.ReplaceItemValue ("ReturnReceipt", "0")
Call doc.Save(True, False, true)
End if
End If
End If
Reference:
http://www.ibm.com/developerworks/lotus/library/ls-BlockRetRec/index.html
Notes Domino 9.0.1 Feature Pack 8- 9 March 2017 - (0) Comments
Thomas Hampel
9 March 2017Note to self:
In case anyone is asking for new features of the Notes/Domino 9.0.1 Feature Pack 8, refer them to this blog post
- What's new in IBM Notes Feature Pack 8
- What's new in IBM Domino 9.0.1 Feature Pack 8
- What's new in IBM Domino Designer Feature Pack 8
and remind them to read Oliver Busse's blog post
IBM Connections Plug-ins for IBM Notes - without logging in at Greenhouse- 25 March 2016 - (0) Comments
Thomas Hampel
25 March 2016IBM Social Software already posted the availability of the new IBM Connections Plug-Ins for Notes.which adds support for Connections Cloud.
In order to get this plug in you would normally have to browse to the Greenhouse Solutions Catalog , log in , find the package of interest, and then click "Get Download".
Maybe you noticed that the zip file itself is not hosted on Greenhouse, so you do not need to log in at all for downloading it.
Just head over to developerWorks and grab the file directly using this link:
http://public.dhe.ibm.com/software/dw/ibm/connections/IBMConnectionsNotes.zip
Enable Apple TouchID support in IBM Verse mobile App for IBM Connections Cloud Users- 22 March 2016 - (0) Comments
Thomas Hampel
22 March 2016In general IBM Verse mobile app on iOS supports Apple's TouchID for authentication.
And we might agree that using fingerprints for unlocking phone is not only a convenient way for busy people, its also more secure than a 4 (or 6) digit passcode that anyone can get by shoulder surfing
According to Going Mobile with IBM Verse ( see slide #44 ) this feature seems to be available only for on premises Domino servers so unfortunately IBM Connections Cloud users cant use it.
Well... lets see :)
First some basics
To enable TouchID support In an on premises environment, an admin needs to update the on prem Domino Directory using this template which contains a new tab for IBM Verse Security settings.
Which can be allowed or prohibited...
and of course those settings are applied to a user using Domino policies.
Applying the same policy to a Connections Cloud (hybrid configuration) user unfortunately has no effect. TouchID support will remain disabled.
So far about the simple stuff.
Peeking into Policies and Profiles:
When enabling this setting in an OnPrem environment, a field named "devPapplAppTouchID" is set to "1" in the policy settings document.
Taking a closer look into the user's mail file using NotesPeek the same field name can be found in a profile document called "travelerprofile"
Comparing this traveler profile document of an OnPrem user with a user in Connections Cloud shows that the field does not exist.
...so if this is the only reason for the TouchID not to work, lets try to set it :)
Activate TouchID support for Connections Cloud users
All we need to do is set the field "devPapplAppTouchID" to a value of "1" in the "travelerprofile".
To do that use the following code in an agent or button...
Dim s As New NotesSession
Dim profile As NotesDocument
Set profile = s.CurrentDatabase.GetProfileDocument ("travelerprofile")
If Not profile.IsNewNote And profile.IsValid Then
If profile.getitemvalue ("devPapplAppTouchID")(0) = "" Then
Call profile.replaceitemvalue ("devPapplAppTouchID","1")
Call profile.save(True,False)
Msgbox "TouchID support has been enabled."
End If
End If
Once this code runs against the current mail file the missing field is set and a couple of minutes later TouchID support for the IBM Verse App will be enabled on your Phone.
Hint : In case you're working in a local replica, make sure to replicate
Please note the method described above is not officially supported, so please use at your own risk!
References:
- Technote 1699618 - New Domino Directory Template with IBM Verse Security Settings tab
- IBM Connect 2016 Presentation 1129 Going Mobile with IBM Verse, by Rene Winkelmeyer & Stijn Van Herzele
- Technote 4005686 - NotesPeek 1.53 tool for viewing Notes databases
Root Cause for ’Type mismatch in method OP_UNARY’- 21 March 2016 - (0) Comments
Thomas Hampel
21 March 2016Quickly creating a mail with Buttons containing LotusScript can cause headaches.
It just takes a few lines of code for running into undocumented error messages here is a small example:
will result in:
Changing "if not ..." to "is ..." like shown here
will result in a slightly different error message "Type mismatch in method IfCoerceBool: Unknown found, Uknown expected"
Do you spot the problem???
What is the root cause?
The property "IsNewDoc" acutally is a property of NotesUIDocument but is not a valid property of the NotesDocument class.
For testing if a NotesDocument is a new document, use the property IsNewNote
When creating a new button within the body of a new mail, Option Declare is not enabled by default like it is in the Designer client, so the error was not detected when saving the source code.
with Option Declare enabled its easier to spot the problem...
Reminder:
- Option Declare is your friend
Deploying a customized Discover page in IBM Notes 9.0.x- 17 March 2016 - (3) Comments
Thomas Hampel
17 March 2016Vlad Tatarincevs already described how to customize the Discover page in the Notes Client.
In his guide he is assuming that all Notes clients are installed in exactly in the same path. While this might be the case for small deployments, its often not the case for enterprise deployments.
What is this Discovery page based on?
When starting the Notes client for the first time, it creates a text file in the Notes Data directory called "populatedTemplate.txt"
This file is used as a reference for computing the Notes Discovery page which is stored in a file called "populatedHTML.htm" in the same directory.
Both files are nothing else than a HTML page which you can customize according to your needs, but since the file populatedHTML.html is overwritten every once in a while, you should not modify this file directly.
Instead apply your modifications to the "populatedTemplate.txt"
Example Customization
In my example the following customizations have been done:
This file unfortunately contains hardcoded file and path references to the Notes program directory which are unique to the current computer.
In order to deploy a customized discover page in an enterprise environment you'll need to replace the path with the correct path on every single workstation. .
Once you've done your customizations you'll need to replace hardcoded path references with a placeholder which can be updated with computer specific path information when rolling out your new discover page to end user workstations. To do this we will be using a small VBS script that will read the Notes program directory from the Windows registry (sorry, no Mac / Linux support in this example) and updates the placeholder used above with the correct path reference before copying the file into the Notes data directory.
So this is what you have to do:
1.) put your customized "populatedTemplate.txt" into a new directory, and rename the file to "DiscoveryTemplate.txt" - this file name is used in the VBS script
2.) search "DiscoveryTemplate.txt" for the path of your Notes program directory and replace it with the placeholder. In my case I'm using "@NOTESPROGRAMDIR@" which is used in the script later on.
3.) put the following VBS script into the same directory
InstallDiscoverPage.zip
Running the script will overwrite any current "populatedTemplate.txt" in the Notes data directory with the DiscoveryTemplate that contains your customizations.
To display the updated Discover page you need to close and reopen it in the Notes client, or just restart your Notes client once.
You can manually open the Discover page from within the "Open" menu
where the second item from the bottom is your customized Discover page.
Remarks
- Upgrading the Notes client to a future version will most likely overwrite the file "populatedTemplate.txt", so all your customizations will be lost.
- Yes, it would be possible to deploy a custom discovery page from within the Notes client, but in my experience most enterprise environments have some sort of software distribution method for rolling out patches.
PS: Thanks to Bjoern Wolfgardt for providing a few hints and Marc for testing.
Checklist for Smartcloud Notes Hybrid Configuration- 12 November 2015 - (0) Comments
Thomas Hampel
12 November 2015Your first step towards the cloud is to build a hybrid environment e.g. to support a proof of concept in your environment.
In most cases customers would like to move a few users to the cloud to experience the onboarding process, confirm seamless coexistence of on-premises and cloud environments, and explore new features of the cloud such as IBM Verse.
Although IBM provides a full training course for setting up a hybrid environment, I still would like to (with friendly support of Hagen Bauer) provide a checklist for customers to support this process and getting started as quickly as possible.
Warning:
This checklist may not be perfect, you should still read the documentation and talk to your certified IBM expert of choice.
It is supposed to be a checklist for customers, not for certified onboarding specialists that will move your IBM Notes mail to IBM Cloud.
Suggestions and ideas for further improvement are always welcome.
Overview
This is a graphical overview of a hybrid environment. On top are your (On-Premises) servers, at the bottom are cloud servers and in between (red) the internet.
Steps
- Check your inventory! Are current servers available? Are they accessible? Are they placed in the network zone they are expected to be?
See graphic above and verify positioning of:
#1 = Domino Administrator Client
#2 = On-Premises Mail Server
#3 = On-Premises Directory Mail Server
#4 = Passthru Server in DMZ - Complete this table with data from your environment. Make its correct and complete.
- Configure your Firewall for inbound and outbound traffic.
Check twice, and verify Firewall settings once again before claiming to be done. A mistake at this point will cause headaches later on. - Make sure your passthru server is using the same root certificate as your HUB and MAIL server?
Can the Admin client (see #1 in the graphic above) access the passthru server? - Create a new OrgUnit based on your current Domino certificate. This certificate will be used later on for all your Domino servers in the cloud.
Example: "/SCN/Company" or "/Cloud/SRV/Company" - In your current environment, does your Global Domain Document meet those requirements?
- Make sure you still have the SmartCloud activation email available. The one that contains the SmartCloud activation link.
Oh, and make sure the link has not expired. - In the SmartCloud Notes account initial setup, did you choose "Hybrid Account" ?
If not you need to request a full reset of your account by contacting support@collabserv.com - Define a name prefix for your cloud mail servers. Choose a short but remarkable prefix and dont pick something too fancy.
Example: **Cloud-**/SCN/Company - Are you prepared to create new and modify existing DNS records for your company domain?
Make sure you have control over your DNS records.
Conclusion
All of the above steps are part of the documentation, but not in a single place. I hope you can make use of this reference in your SmartCloud onboarding project.
Feedback is very welcome, so drop me a mail or send a tweet
References:
Out of Office - Send Full Copy to deputy- 9 August 2015 - (3) Comments
Thomas Hampel
9 August 2015Summer time, vacation time... You have enabled Out of Office notification, so why would you want to duplicate inbound mails?
Lets say you really are offline and you want your deputy / stand-in to take care of new mails, what options do you have?
In best case we want a deputy to receive a copy of each mail while keeping the original mail in your inbox.
Delegating Access
A first option is delegating access to your mail - this will grant read access to all your data and your deputy wont get notified on new mails.
Another option is to just forward all mails to your deputy by defining a forwarding address in the person document:
This is not a good idea for people who want to see what happened while they were out because mails will just be forwarded. You wont get any mail in your inbox this way.
It might not even be an option as some organizations do not allow users to edit the person document.
Mail Rules
Another option is to use mail rules in your Notes client to send a copy of each inbound mail to somebody else. This can be done by creating a new rule which applies to all documents...
and defining a recipient of your choice --- in this example its "firstname.lastname@domain.com"
Works like a charm, but what if your Administrator has disabled user rules mail forwarding in the configuration document of your server?
...or even took more drastic measures like modifying your mail template to not even show the option "Send Fully Copy to..:" ?
Agents
You could look into writing an agent that runs on the server, but no Domino Admin should allow users to run scheduled agents on the mail server.
So trying to create an agent in your mail file will most likely end up with "You are not authorized to use agents in this database"
Duplicate Mails (with help of your Domino Administrator)
Since you have rewarded your administrator recently for keeping your computers running you'll get friendly support for the following configuratoin:
What you need to do:
1.) Create a Mail-In Database document which points to the mail file of the user who is out of office.
Make sure the Mail-in name is unique and does not resolve name lookup conflicts
2.) Create a Group of type "Mail only",
members of this group will be Mail-in database which has been created above as well as any person who shall receive a copy of the mail(s).
You can define one or multiple recipients using internet mail addresses or Notes user names.
3.) Edit the person document and put the Group name created above to be the forwarding address
4.) Testing
Wait for replication to finish within your Domain and send a test mail to the user.
This mail will be delivered to the original users mail file and also to the deputy(s) defined in the group.
Remarks:
Depending on how you have configured the Recent Contacts feature your Notes client might show the name of the mail-in database in future name lookups.
If this is an issue either purge your recent contacts or disable it completely
References:
Notes Widgets disappear from Catalog- 1 June 2015 - (0) Comments
Thomas Hampel
1 June 2015You are wondering why your beloved Notes widget all of a sudden is no longer available in the Widget catalog?
Of course the administrator of trust did not do anything - so what happened?
Here is a small hint:
Take a quick look into the widget catalog, there is a scheduled agent...
and the brief description
%REM *********************** Agent Notes **************************
This agent checks all new/modified documents to make sure that the
user created the document properly. It checks to make sure the proper
items are in place, and it also verifies that the categories that are
set are allowed by the document creator.
*************************** INTERACTIONS ***************************
There are no interactions with this agent. It is a scheduled agent
that is set to work against new/modified documents.
Conclusion:
If anything, such as AdminP, modified the document then this agent will run. In our case it was an AdminP name change request which caused the document to be modified.
Users can create new mails despite being over quota- 29 May 2015 - (0) Comments
Thomas Hampel
29 May 2015You have deployed mail quotas in your environment and your Notes Clients are configured to use local replicas or managed replicas.
Still you experience mail files are growing over quota limits without user complaints. How is this possible?
It seems there is a bug in the IBM Domino mail template version 9.0.1 which allows to create and send new mails even when the mail file is over quota.
Reproducing the problem
When working on the server replica:
- create a new mail and try to save it will correctly display this warning:
- Create a new mail will display this error message, but clicking OK allows to continue saving & sending the new mail.
Notes.ini variables have been verified to be set correctly on the client
Check_Quota_On_Mail_Create=1
REPL_OBEYS_QUOTAS=1
The problem is known to IBM and is documented as LO83693 "Enforcing Quotas on new mail creation in local based mail files not reliably working in Notes 9.0.1"
How to fix it
As usual there are two options:
a) Wait for IBM to provide a new version of the mail template - maybe this will be done in the next major release.
or
b) fix it yourself by modifying the template with your Domino Designer client as described below:
Within the QueryOpen event of the form(s) "Memo", "Reply" and "Reply with History" , "To Do", "_Calendar Entry", etc. search for the quota checking code and remove the "Executive" statement incl. its brackets.
Interesting to note that special forms do not contain this code so they do not need to be patched
Please note that design elements need to be signed properly in order to avoid ECL warnings on the client side.
References
- LO83693: Enforcing Quotas on new mail creation in local based mail files not reliably working in Notes 9.0.1
Special thanks to Michal Wolczyk for this analysis and Marc for finding this bug.
Opening another mail file is causing Type mismatch in method CoerStrToNum: STRING found, DOUBLE expected- 7 January 2015 - (2) Comments
Thomas Hampel
7 January 2015Problem:
Opening the mail file of another person is causing the message "Type mismatch in method CoerStrToNum: STRING found, DOUBLE expected" to be displayed:
While IBM Technote 1303181 only provides a basic idea of what is wrong, it does not give any idea what can be done to fix it.
So I had to look into details and quickly found the problem.
Steps to reproduce
In order to reproduce the problem, this is what you have to do:
- Make sure you have the Notes.ini variable CHECK_QUOTA_ON_MAIL_CREATE set to 1
- Open another person's mail file, this will write the current date at the end of the Notes.ini variable DELEGATED_MAIL_FILEx
- Close your Notes client
- Change the date format of your operating system from DD.MM.YYYY to MM/DD/YYYY (or the other way around)
- Open the same other persons mail file again.
Analysis
Trying to find the root cause with debugging enabled shows a different error "*CE39918+421: Type mismatch"
but at least it indiicates the problem is located in the Database Open script.
What is causing this problem?
Obviously it is a String to Date conversion issue. Storing a Date in a String to convert it back to a date is never a good idea. If you really need to do it you should not rely on the CDat function to work. Write your own function which does ignore the
Regional settings - in specific the date format - of this workstation have been changed.
Resolving the problem
Change the date format of your operating system back to what it should be.
If the date format of your computer is correct and the problem still persists, then manually update your Notes.ini and remove all lines starting with DELEGATED_MAIL_FILE or by updating the date format at the end of this line yourself.
Permanent solution
A perfect solution would require to update the mail template to be updated. in specific the script Library "CheckQuotas" contains a class called "CheckQuota" with the Sub "SetCalMgrINI"
This sub contains several references where a string is being converted to a date. This is where additional verification is required to ensure the string value is a date which can be converted using the current regional settings.
RSS Feed Reader - Error: Unable to download a feed from host- 18 December 2014 - (1) Comments
Thomas Hampel
18 December 2014Some time ago a user started to claim his Notes Sidebar would no longer display latest RSS news feeds.
Asking for details we checked functionality by subscribing to a new feed....which did not work either. The Notes client was throwing an error:
Analysis:
At first one might think this is caused by the RSS feed itself, but since I'm a subscriber of the same feed I knew the root cause must be something different.
Within the corporate network Notes clients must be configured to use an HTTP proxy in order to access the internet, testing revealed outside of the customers network it is working fine when HTTP Proxy settings are disabled,
Feed reader components itself are running on the latest version, so Michael Urspringer's hint (= SPR # IFAY7CTHAR ) seems not to apply
Opening a PMR was followed with the usual request for logs and a Wireshark network trace.
After some investigation and discussions it turned out the network team changed some settings on the HTTP proxy server to block all HTTP traffic from web browsers where the user agent string includes "Windows NT 5.1" (which is Windows XP) because WinXP being out of support.
Wireshark showed the default setting for the feed reader in Notes 9.0.1 is user agent="Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729)"
...but how can you change this default??
A small hint can be found in the release notes of a previous Notes client (8.5.2FP1) fix list
Take a closer look to SPR# MWER88NFWT which outlines the settings required for modifying the useragent.:
"Added an option to allow customers to override the "User Agent" value for Notes Client Feedreader. By default, Feed Reader authenticates itself as "MSIE 7.0" even on Linux and Mac.
Customers can optionally add the following 2 lines to the /framework/rcp/plugin_customization.ini:
com.ibm.rcp.feedreader.providers/network.useragent.override=true
com.ibm.rcp.feedreader.providers/network.useragent=CUSTOMER SPECIFIED VALUE (<-replace CUSTOMER SPECIFIED VALUE with the value of your choosing)"
Solution:
- Change the useragent string of the feed reader to anything else. (You can find a long list of user agents to choose from as part of a Firefox Plugin.)
Modify the file/framework/rcp/plugin_customization.ini and add the following lines for testing
com.ibm.rcp.feedreader.providers/network.useragent.override=true
com.ibm.rcp.feedreader.providers/network.useragent=Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:25.0) Gecko/20100101 Firefox/25.0 - After successful testing, deploy this parameter to all users by using Desktop Policies / Managed Settings:
Conclusion:
The HTTP proxy was configured according to RFC 3314 but mistakenly assuming WinXP in a useragent string is evil
....and of course...
whatever is wrong, it must have been the network guy!
Deploying IBM Notes Dictionaries in XTAF format using Widgets- 17 December 2014 - (1) Comments
Thomas Hampel
17 December 2014Believe it or not, English is not the only language on our planet...and the Notes client of course needs to provide spell checking capabilities for the most common languages.
For Notes v8.5.1 and above IBM provides dictionaries in XTAF format shipped in a ZIP file which can be installed via File\Applications\Install, but I dont want the average end user to do that alone.
Although the Notes Client installer package can be customized to include additional dictionaries, you probably have deployed the Notes Client already.
So how do you deploy additional dictionaries without building a new client package, preferably in a way that end users can self decide which dictionaires they would like to install?
Main idea is to use Widgets for allowing users to self install dictionaries they need by using a Widget Catalog and thw My Widgets sidebar of the Notes client.
Ok, lets get started...
Preparations
- Download the required dictionary files Passport Advantage
Package is titled "IBM Notes XTAF Dictionaries V9.0", part numbers are :
Mac=CIF0DML
Linux=CIF6BML
Windows=CIF0EML
Build an Eclipse UpdateSite for the XTAF dictionaires
- Extract the packages to a new temporary folder, once completed it should somewhat look like that:
- Now you would create one subfolder for each language and extract EACH of the ZIP files into its own folder, and unzip files one by one.
If you dont like to do this yourself, just put the following batch file into the same folder and run it.
unzipXTAFsites.cmd
It will use 7zip (which you have installed hopefully) to unzip each file to its own subfolder
Once completed you should have 23 subdirectories by now, each one should contain the following:
- Create a new NSF based Eclipse UpdateSite, a new one is recommended for not mixing up with other versions
Make sure to set up a propper ACL, users should have read access only! - Open the newly created database and use the button to load each of the XTAF dictionaries into the Eclipse Update Site
The result should look like this:
Creating Widgets
- If not already available, create a new Widget Catalog as described here
- In your Notes Client, start creating a Widget by clicking the icon "Getting Started with Widgets...."
- In the first dialog choose "Features and Plugins"
- Enter the URL for the update site.
If you want the connection between the client and the server to use the Notes protocol, use "nrpc://" e.g. "nrpc://your-servername/path/updatesitefilename.nsf/site.xml"
if you want to use the HTTP protocol, use "http://" or "https://", e.g. "http://your-servername.domain.com/path/updatesitefilename.nsf/site.xml""
Click on "Load" to see the list of available features to install.
- Select the language(s) you want to wrap into a widget, click Finish to create a widget.
I do recommend one widget for each language, of course you can also wrap all at once into a single Widget or just use subset of available dictionaries.
Note: You do not need to restart the Notes client when you are prompted. - Within the Widget Sidebar of your Notes Client, choose the new widget and right-click it to publish the widget to the widget catalog
Dont forget to add meaningful details in the new document so that your end users know what the widget provides.
e.g. All Dictionaries for IBM Notes 9.0
and in the details section of the widget, provide a meaningful text explaining how to install a widget, e.g.:
The result should somewhat look like this:
What end users need to do to (manually) install a new dictionary
When not using policies, end users need to...
- Click "File\Preferences\" and select "Widgets"
- Enable "Show Widget Toolbar..."
- This will show the new My Widget sidebar panel on the right hand side of the Notes client.
- Click the first icon "Browse the Widget catalog"
- Open the widget catalog entry for the language(s) you want to install
- Drag & drop the file attachment "extension.xml" from the catalog into the "My Widgets" sidebar
The Notes Client will now automatically install the dictionary files and will prompt to restart the Notes client.
- After restarting the Notes Client, additional dictionaries are available in "File\Preferences\Spell Check"
How to deploy dictionaries using Domino policies
- Within the Desktop Policy Settings, verify that you have specified the widget catalog server and filename
- In the same document, define a catagory which will be automatically deployed to end users, in this example it is "Autodeploy"
You can of course use the category "Dictionaries" which you have defined when creating the widget itself but this will not allow to fine tune which dictionary to be pushed out.
- Back in the Widget Catalog, modify those widgets which you want to deploy and add the (new) category "Autodeploy" to each of them.
- Once done, the widgets/dictionaries will be deployed to your end users the next time they start the Notes client.
Conclusion
I know there are lots of other methods to roll out dictionaries, e.g. by using File\Application\Install , but I find this too complicated for average users.
Make sure to show the sidebar "My Widgets" to your users...
If you're using a desktop policy, check if you have set the parameter "Show the My Widgets panel in the sidebar:" set to "Yes" in the tab "Widgets" of the applicable policy settings document.
Reference:
Making Internet Mail Secure with just a few clicks - S/MIME in Domino- 9 May 2014 - (0) Comments
Thomas Hampel
9 May 2014I'm wondering why internet mails are still sent unencrypted, at least for a large extend. You should not make it too easy for your enemy to spy on you just by sniffing your internet traffic. This blog post is a reminder for Domino admins who still force mails sent unencrypted over the internet to take action now. No, I'm not talking about transport level security for now, this post is to provide end to end encryption.
After having read the-dummies-guide-to-2048-bit-ssl-self-signed-certificates-in-domino.htm you are ready for securing your internet email with S/MIME.
So lets roll out S/MIME certificates to Notes users in a Domino domain:
Basic steps are:
1. Create a key ring file that contains a self signed (or trusted ) certificate
For more information on how to create a self signed CA, read the-dummies-guide-to-2048-bit-ssl-self-signed-certificates-in-domino.htm
2. Set up the CA process in Domino
Nobody wants to deploy S/MIME certificates to users manually, so it is recommended to set up the CA process in Domino,
otherwise an Admin needs to enter the password of the keystore every time a new user is being registered.
3. Migrate an (internet) Certifier into the CA
Just read and follow instructions for migrating an existing Certifier/KeyRing , or create a new one using the use the step by step instructions starting with slide #89
Remark: You must refresh the CA process in order to see the newly migrated certifier, use the server command "tell ca refresh" and "tell ca status"
4. Rolling out Internet Certificates to Users
Follow instructions for Issuing Internet certificates in a Person document or use the step by step instructions starting with slide #149
Here the CA process becomes very handy when the rollout is done in waves.
Done!
Once AdminP completed, the Notes Client will pick up the new keys the next time it authenticates with the Domino server and the new S/MIME certificate will then be merged into the users ID file.
If an IDVault is in use, the Notes Client will then upload the ID file to the vault automatically.
What about Step-by-Step deployment instructions?
Those have already been provided byTom Truitt's in his Lotushpere 2011 presentation SHOW104 - Crispy Certificates with Spicy SSL Salsa
One might also want to know how to enable S/MIME in BlackBerry Enterprise Service 10 and should keep in mind S/MIME in IBM Notes Traveler still seems to be an issue (Reference Technote #7039769 )
How to obtain the internet certificate's public key of a user?
When receiving internet mail users of the same domain can pick up the public key of a user from the Domino Directory, but users receiving mail from the internet need to ask the sender for a signed email to add the senders internet certificate to local address book manually. The option can be found in the "Add Sender to Contacts" dialog box...
at the very bottom there's a small check box...
Now you can send & encrypted mail(s) via the internet - sniffing network traffic wont provide the mail body in clear text anymore.
Of course enabling S/MIME for external communication is just a first small step and you know its not a perfect way to protect your privacy forever.
Overall, this is just some very basic knowledge every Domino administrator should have applied for years, but unfortunately...
Yes, there is more to say about S/MIME in Domino, a lot more - so there will be another blog post about this topic.
Further reading:
- Quick guide to securing a Domino server with SSL using the CA process
- IBM Developerworks article "Enhancing e-mail security with S/MIME" by Chuck Connell
http://chc-3.com/pub/Notes-Internet-Encrypted-Email.pdf - Lotus Domino Certification Authority Tutorial
- Lotus Security Handbook,
- Technote #1308138 Export the private key from a Domino keyfile by using IKEYMAN
- Import & Export an Internet certificate from a Person document
Product codes for Notes 9.0.1 Multilingual User Interface (MUI) packs- 6 May 2014 - (0) Comments
Thomas Hampel
6 May 2014Customers were demanding for it and here they are - the Multilingual User Interface (MUI) kits for the Notes Client V9.0.1
Those kits allow switching between different languages without the need to reinstall a new client software each time.
For further reference, the table below provides the part numbers to download the packages from Passport Advantage
Notes V9..0.1 | Standard | Basic | Browser Plugin |
IBM Notes 9.0.1 Client Windows English ( Announcement Letter ) | CIQ7REN | CIQ7QEN | Full = CIQ90EN Lite = CIQ96EN |
IBM Notes XTAF Dictionaries V9.0 for Windows Multilingual (Mac=CIF0DML , Linux=CIF6BML) | CIF0EML | ||
Multilingual User Interface for ... | |||
Group 1 - Catalan, Chinese Simplified, Chinese Traditional, French, German, Italian, Japanese, Korean, Portuguese, Brazilian, Spanish ( Announcement Letter ) | CIV5HML | CIT8TML | CIT9GML |
Group 2A - Danish, Dutch, Finnish, Norwegian, Swedish ( Announcement Letter ) | CIUZ6ML | CIUZ7ML | CIUZ8ML |
Group 2B - Arabic, Czech, Greek, Hebrew, Hungarian, Polish, Portuguese, Russian, Turkish | CIVY2ML | CIVY5ML | CIVY6ML |
Group 3 - Kazakh, Slovakian, Slovenian, Thai | CIVY3ML | CIVY4ML | CIVY7ML |
Remarks:
- Installation instructions essentially are the same as in earlier versions, so refer to IBM Technote 1288585 for more information.
- Upgrading from Notes 8.5.3 with a language pack installed directly to Notes 9.0 is not possible according to IBM Technote 1620790 so you need to uninstall it first.
- For information on how to install XTAF spell check dictionaries please see Technote # 1411732
- You can combine IBM Notes 9.0.1 and IBM Sametime 9.0 in a single install kit (Thanks Jeff Mitchell)
Unable to set/unset ’Record activity’ programmatically- 9 March 2014 - (0) Comments
Thomas Hampel
9 March 2014One little checkbox in Notes/Domino which can cause some headaches is "Record activity" which can be found in the Database Properties / User Detail window.
Audit & Compliance teams as well as work councils love it...
...and they always have the same opinion on how to set it, right?
Yes, I know you can disable actvity logging for all databases on a server to improve performance, but what if you need the opposite compliance reasons? What if you need to enable activity logging for a few (hundred) databases at once, but not for all?
Developers of crouse will start searching the Designer documentation for a LotusScript class of some sort, realizing quickly that it doesnt exist.
Next step of your research would be the Notes C/C++ API Toolkits which normally provide methods to resolve the toughest problem -- bad luck this time.
Furtunately there are clever business partners who seem to have found a way to mass-modify user activity settings by using the full version of the databaseEZ tool. (Thanks Ben for the hint)
Although this tool provides fast pain relief it is not always a perfect solution - think of situations where a large amount of servers is involved, or where admins dont have manager access to mail files, or where the setting has to be set on a regular basis etc.
So unfortunately there seems to be no (easy) programmatic way to modify this flag, at least there is no ready-made C-API, LotusScript or Java class for changing it.
The problem has already been reported to IBM within SPR # MSTS9G3AVP
Testing knowledge - IBM Certified Advanced System Administrator Notes and Domino 9.0 - 11 February 2014 - (1) Comments
Thomas Hampel
11 February 2014Two weeks ago at IBM Connect 2014 attendees were able to test their knowledge in the IBM Certification Lab.
Most of the IBM Certification tests were offered, so I decided to sign up and give it a try without any preparation.
For updating my existing Advanced System Administrator certificate to version 9.0 level, the following two tests were required
- LOT-405 IBM Notes and Domino 9.0 Social Edition System Administration Update
- C2040-412: IBM Notes Traveler Administration
Both tests were simple, for Traveler you need to know how to configure Traveler in high availability mode and for the Upgrade examn most questions were about SAML & OpenSocial.
Having passed the upgrade examn and the IBM Traveler exam, this certificate was sent to me as an official statement that I have qualified as IBM Certified Advanced System Administrator for Notes & Domino 9.0
Next action: updating my Certified Advanced Development Certificate to version 9.0 and signing up for Connections & Sametime tests.
Converting Private to Public folders- 6 February 2014 - (0) Comments
Thomas Hampel
6 February 2014After a migration from Exchange to Domino a customer reported that some folders are not visible iNotes but are available for the Notes Client.
In this particular case the folders not showing up have been created as private folders...and private folders are not supported in iNotes as documented in IBM Technote 1445118
Changing the field flags of the folder design element from private to public turned out not to be working anymore. A script which I have been using to resolve this problem with earlier versions of Notes did not work and just created a folder which can not be deleted/moved/renamed.
So I wrote this small script to fix the problem by creating a new temp folder -which will not be private by default- and moving documents from the private folder into the newly created folder. Once done, deleting the private folder and renaming the new folder.
One small drawback is that the original folder design will get lost because we are creating a brand new folder from the default folder design.
However, feel free to use this script at your own risk.
Convert-Private-to-Public-folders.lss
Sametime Missing single sign on token- 2 September 2013 - (1) Comments
Thomas Hampel
2 September 2013I've just fixed an authentication issue in a customer environment and wanted to pass along the findings.
The problem:
Sametime users can log on to via username/password, but SingleSign On isnt working as expected.
On the client, the configuration pretty much looks like that:
Authentication via Domino SingleSignOn is working fine at the first Notes Client logon. Once the client disconnects, e.g. network disconnect, computer went on standby, etc. etc. the Notes client can no longer authenitcate with the server. The error message "Missing single sign on token" is displayed.
For now, clients had to restart the Notes Client to log back into Sametime.
Root cause:
After successful authentication, the server is handing out a token (LtpaToken) to the client which seems to be bound to the DNS domain specified in this token.
The Sametime community configured at the client must be in the same DNS zone, otherwise users can only log in once but not re-logon without restarting the client.
Solution:
Check the following three places and make sure the DNS domain specified is the same.
- The LtpaToken used by the server
see Domino Directory : Web Configurations\Web SSO Configuration\LtpaToken
- The Server document
- Basics \ Fully Qualified Internet Host name
- Internet Protocols \ HTTP \ Host Name
- Notes Client Preferences \ Sametime Communities
<< obviously this screenshot shows a different Domain name than the one specified in the LtpaToken
Remarks
- Without an authentication server specified, Notes will obtain the token directly from the Sametime server configured. If the token is obtained from an authentication server, the secret key within the token of course will have to match the token configured in your Sametime server.
- A complete list of settings that can be predefined within the Sametime client by using Domino policies is available here
IDVault - ID file upload fails with Error 03:11- 16 August 2013 - (1) Comments
Thomas Hampel
16 August 2013Problem
A Notes ID is not uploaded to an IDVault although the configuration of the Client itself as well as the IDVault incl. its trust certificates seem to be correct.
Analysis
The administrator wanted to force the Notes client to upload his ID file to the server, since there already was an (old) IDfile stored in the vault, it has been deleted manually.
However, the client still doesnt upload its local userID.
Looking at the servers log file / Security Events....
provided a few hints about the problem:
> Unable to find ID for 'dummy username/OU/O' in vault 'O=IDVault'. Error: 03:11
> ID failed to authenticate in vault 'O=IDVault'. 'dummy username/OU/O' (IP address 10.10.10.10:57739) made request. Error: 03:11
and further down other user names:
> Error: Entry not found in index
Indicating a view isnt updated...
Resolution
1.) Update the view index for the hidden view $IDFile in the IDVault database by using the following command
load updall -R IBM_ID_VAULT\IDvault.nsf
2.) Remove the pending name change as described in my previous blog post id-vault-error-0311.htm
Hint: Although this has fixed the problem in my case, there's more to know.
IDVault does not honor view updates made directly in the database, maybe for performance reasons.
There is a DEBUG parameter for the IDVault which can override this behaviour so that VIEWUPDATES are being reflected/enabled.
Product codes for Notes 9.0 Multilingual User Interface (MUI) packs- 10 August 2013 - (0) Comments
Thomas Hampel
10 August 2013Customers were demanding for it and here they are - the Multilingual User Interface (MUI) kits for the Notes Client V9.0.
Those kits allow switching between different languages without the need to reinstall a new client software each time.
For further reference, the table below provides the part numbers to download the packages from Passport Advantage
Notes V9.0 | Standard | Basic | Browser Plugin |
IBM Notes 9.0 Client Windows English | CIB8LEN | CIB8JEN | Full = CIF0AEN Lite = CIF0BEN |
IBM Notes XTAF Dictionaries V9.0 for Windows Multilingual | CIF0EML | ||
Multilingual User Interface for ... | |||
Group 1 - Catalan, Chinese Simplified, Chinese Traditional, French, German, Italian, Japanese, Korean, Portuguese, Brazilian, Spanish | CIJ7MML | CIJ7NML | CIJE2ML |
Group 2A - Danish, Dutch, Finnish, Norwegian, Swedish | CILI6ML | CILI7ML | CILI8ML |
Group 2B - Arabic, Czech, Greek, Hebrew, Hungarian, Polish, Portuguese, Russian, Turkish | CINL5ML | CINL8ML | CINL9ML |
Group 3 - Kazakh, Slovakian, Slovenian, Thai | CINL6ML | CINL7ML | CINM0ML |
Remarks:
- Installation instructions essentially are the same as in earlier versions, so refer to IBM Technote 1288585 for more information.
- Upgrading from Notes 8.5.3 with a language pack installed directly to Notes 9.0 is not possible according to IBM Technote 1620790 so you need to uninstall it first.
- For information on how to install XTAF spell check dictionaries please see Technote # 1411732
Achieving (a working) high availability with IBM Lotus iNotes- 2 July 2013 - (1) Comments
Thomas Hampel
2 July 2013Update: For configuring High Availability for HCL Verse please refer to this technote: Configuring a Proxy for HCL Verse High Availability
We all like well working products and love good documentation, even better when there is a step by step instruction on how to set up a specific configuration to work perfectly.
One of those often referenced instructions is an IBM developerWorks article "Achieving high availability with IBM Lotus iNotes" based on a product from BigIP F5 which explains a clever reverse proxy configuration for optimizing performance.
Unfortunately the configuration outlined there DOES NOT WORK because it contains multiple errors/failures/mistakes.
Following instructions step by step will make it impossible to get the expected solution in place. Let me explain the problem in more details.
For a small environment with only two servers in one cluster, you wont notice any problem, everything seems to work perfectly.
What you dont know is that the iRule does not work, and traffic is always dispatched to both of your servers. As soon as you will have multiple clusters involved the problem becomes visible.
From time to time users receive "Error 404 - HTTP Web Server: Lotus Notes Exception - File does not exist" which indicate that traffic was routed to a server that does'nt host the file requested.
The (not working) documentation has been published in at least two other places, a DominoWiki Article and a WhitePaper
http://www-10.lotus.com/ldd/dominowiki.nsf/dx/Achieving_high_availability_with_IBM_Lotus_iNotes
http://www.f5.com/pdf/deployment-guides/f5-ibm-inotes-dg.pdf
Lets get back to the roots - according to the developerworks article this is what (in theory) should happen:
BigIP F5 reverse proxy appliance will intercept inbound HTTP requests which end with ".nsf" and are not dedicated to "names.nsf"
Domino will figure out which servers are hosting the requested file and will return a list of server DNS names in form of an HTTP header.
The problems are:
- BigIP will send traffic to any server in the server pool which is configured - so your session can end up on any randome cluster/server which may not host the database you are looking for.
- Domino lookups are performed towards the local "cldbdir.nsf" which holds information from databases in this cluster only. What if there are multiple clusters involved?
but the iRule itself is only referring to "X-Domino-ClusterServers", the other header "X-Domino-ReplicaServers" is never used. #fail !
Lets look into details:
In Domino, a customized ServersLookup form in "iwaredir.nsf" is used to lookup the "cldbdir.nsf" to figure out what servers are hosting the file and will return this information as part of an HTTP header.
Sniffing network traffic using Wireshark shows that the HTTP header is never returned, it also shows that the URL referenced in the iRule is never called.
According to the iRule documented in Appendix B is calling the (modified) ServersLookup form to retreive the list of servers as an HTTP header,
HTTP::uri /iwaredir.nsf/ServersLookup?OpenForm&nsfpath=$nsf
unfortunately this iRule is never called., because it is expecting the request URL to >end< with ".nsf"
if { ([HTTP::uri]ends_with ".nsf") and not ([HTTP::uri] contains "names.nsf")}{
Ok, lets try to fix it !
Resolving the problem requires changes on both sides, multiple changes in Domino and changing slightly the F5 iRule. I'm trying to cover the modifications step by step:
Part 1 - Lets start with the iRule,
here you need to change the if-clause to check for "path" rather than "uri", and also exclude any any lookups towards "iwaredir.nsf", changes are highlighed in bold.
if { ([HTTP::path]ends_with ".nsf") and not ([HTTP::path] contains "iwaredir.nsf") and not ([HTTP::path] contains "names.nsf")}{
Part 2 - Database Catalog
In order to find the correct servers at the first attempt, my idea was to look up the (in our case always perfect) database catalog to find the servers hosting the requested file.
To do that we will need to create a new (hidden) view in the catalog.nsf with two columns
View Formula |
@Text(ReplicaID2; "*")
Part 3 - ServersLookup
Now lets make use of the view by updating the code in the "ServersLookup" form of the file iwaredir.nsf.
If no parameter is provided, its assumed the user wants to access his mail server
The code behind the $$HTMLHead field should look like this:
tmpDebug := "";
tmpNSFPath := @ReplaceSubstring(@URLDecode( "Domino"; @UrlQueryString("nsfpath") );"/";"\\");
@If (tmpNSFPath = ""; tmpNSFPath:=@Name([Canonicalize];@NameLookup( [NoUpdate];@UserName; "MailFile" ));"");
REM {Lookup home mail server };
tmpHomeServer:=@Name([Canonicalize];@NameLookup( [NoUpdate];@UserName; "MailServer" ));
tmpLookupKey := @ReplaceSubstring (tmpNSFPath;"\\";"/") ;
REM {Get replicaID of this mail file};
tmpReplicaID := @DbLookup( "":"" ; "":"catalog.nsf" ; "($LookupServerFilename)" ;tmpLookupKey; "TextReplicaID");
REM {Find all servers who are hosting this replicaID };
tmpServers := @DbLookup( "":"" ; "":"catalog.nsf" ; "($ReplicaID)" ;tmpReplicaID; "Server");
tmpServers:=@If(@IsError(tmpServers);"";tmpServers);
REM {Is Home Mail server in list of servers, then move this up to the front of the list};
tmpServers := @If(@IsMember(tmpHomeServer;tmpServers);tmpHomeServer : @Transform(tmpServers;"x";@If(x=tmpHomeServer;@Nothing;x));tmpServers);
tmpDNSNames := "";
REM {Resolve host names for each server name in list};
tmpLimit:=@Elements(tmpServers)+1;
@For(n:=1; ntmpHTTPHostNameALT:=@Subset(@DbLookup( "":"" ; "":"names.nsf" ;"($ServersLookup)" ; tmpServers[n] ; "HTTP_Hostname");1);
tmpServerFQDN:=@Subset(@DbLookup( "":"" ; "":"names.nsf" ; "($ServersLookup)" ; tmpServers[n] ; "SMTPFullHostDomain");1);
tmpString:=tmpString+@Text(n)+tmpHTTPHostNameAlt+tmpServerFQDN;
tmpDNSNames := @If(@Length(tmpDNSNames)>0;tmpDNSNames+",";"") + @LowerCase(@If (tmpHTTPHostNameALT!="";tmpHTTPHostNameALT;tmpServerFQDN))
);
REM {Return results to F5};
@SetHTTPHeader("X-Domino-ClusterServers";tmpDNSNames);
@SetHTTPHeader("Cache-control";"no-store");
@If(tmpDebug="";"";"")
Update:
Session persistence is causing some headaches when F5 needs to select an address from the pool. To work around this issue you can use this iRule
inotes-irule.txt
Result:
No more nasty HTTP404 unless the database really can not be found anywhere.
Of course even this solution depends on a few assumtions, one is the catalog must be up to date and must be replicating within the environment.
Disclaimer: Use at your own risk, no warranty is provided. However, please let me know if you have further suggestions how to improve this solution.
Enable ’Show in-line MIME images as attachments’ via Policies- 11 February 2013 - (0) Comments
Thomas Hampel
11 February 2013Some Notes client preferences can not be enabled via Domino Policies because the values are not exposed as a parameter in the Domino Directory template.
One of them is "Show in-line MIME images as attachments"
In order to enable/disable this setting, you'll have to set a Notes.ini variable via policies
ShowIMIMEImagesAsAttachments=1
Instead of modifying the Domino Directory template its enough to add this variable in the custom settings section of the Desktop policy settings.
Backup Notes ID on local computer- 14 January 2013 - (0) Comments
Thomas Hampel
14 January 2013On special request of a customer, I'm posting a little LotusScript to back up the current NotesID locally.
Dim s As New NotesSession
Dim NotesID$, BackupID$, NotesData$
NotesData = s.Getenvironmentstring("Directory", True)
NotesID$ = s.Getenvironmentstring("KeyFileName", True)
'# check if the 2nd character in the string NotesID is a ':'
If Not Right(Left(NotesID$,2),1) = ":" Then
'# NotesID is located within Data Directory
NotesID$ = NotesData$ & "\" & NotesID$
End If
Print "Current NotesID is : " & NotesID$
BackupID$ = NotesID$ & ".bak"
Print "Backup will be stored in : " & BackupID$
If Dir$ (BackupID$,0)="" Then
'# No previous backup found, so okay to continue
Else
'# Previous backup found, so deleting existing file and create a new backup
Print "Previous backup found, so deleting existing file and create a new backup"
Kill BackupID$
End If
Print "Creating a backup of your NotesID in : " & BackupID$
FileCopy NotesID$, BackupID$
MsgBox "A backup of you Notes User ID was created in " & Chr(13) & BackupID$
EMC SourceOne- 27 September 2012 - (0) Comments
Thomas Hampel
27 September 2012When running EMC SourceOne with Domino, it might happen that users can only see a subset of the mails they have received, even if the mail itself is stored in the EMC system.
Here are the details...
Problem
When logging in with Active Directory credentials, users can only see emails which have been sent to the internet address of that user.
Logging in with Notes/Domino user name and HTTPPassword, only the Lotus Notes mails can be found.
Analysis
By opening one email in each account and looking at the header, it became clear that EMC SourceOne can not associate the AD user name with the Notes user name.
The Notes user name is stored in a custom attribute of the Active Directory user object, but there is no option to customize the EMC software to make use of this attribute.
For each mail, EMC seems to use the recipients name as a string to search ActiveDirectory. So if the mail has been sent to "firstname.lastname@company.com" it will find a corresponding user in AD and can associate it with the user.
When the mail is sent to "Firstname Lastname/OU/O", there is no corresponding user in AD, at least not among the list of objects which EMC is searching in.
Those of you who have already migrated from Exchange to Domino already know that for perfect CoExistence between both systems, the AD user needs to have a Notes proxyAddress defined.
Based on this knowledge it was easy to resolve the problem.
Solution
adding the Notes user name to the list of email addresses ("proxyAddresses") in the AD user object resolved the issue.
The result is another proxy address "NOTES:CN=Firstname Lastname/OU=X/O=Y" in addition to the internet address itself.
Product codes for Notes 8.5.3 Multilingual User Interface (MUI) packs- 10 August 2012 - (1) Comments
Thomas Hampel
10 August 2012For further reference, here the part numbers of the MUI kits
Before installing a Multilingual User Interface pack (MUI), either the Standard or Basic Notes 8.5.3 Client must be installed.
If you'd like to simply install additional spell check dictionaries please see Technote # 1411732.
Standard | Basic | |
Notes 8.5.3 Client Windows English | CI1L4EN | CI1L2EN |
Group 1 - Catalan, Chinese Simplified, Chinese Traditional, French, German, Italian, Japanese, Korean, Portuguese, Brazilian, Spanish | CI3SGML | |
Group 2A - Danish,Dutch, Finnish, Norwegian, Swedish | CI58UML | |
Group 2B - Arabic, Czech, Greek, Hebrew, Hungarian, Polish, Portuguese, Russian, Turkish | CI5PAML | |
Group 3 - Kazakh, Slovakian, Slovenian, Thai | CI5PBML |
Profile documents and Author rights in ACL- 30 July 2012 - (0) Comments
Thomas Hampel
30 July 2012What if a developer is using user specific profile documents to store some settings in a Domino application.
In this example users have Author access with the ability to create new documents and the ability to write public documents, no roles and no reader or author name fields are used in any document.
I'm wondering why users are not able to modify their own profile document by using the simple formula @Command([EditProfile]; "profile"; @Username)
Of course developers will refer to the Designer Help or this technote where IBM clearly states:
In order to edit profile documents, including your own profile, using @Command([EditProfile]), you must have at least Editor access or Author access in the ACL plus inclusion in an Author field.
so it sounds like the user name must be listed in an author name field in order to modify an existing userprofile.
Unfortunately in reality it seems to be working slightly different... see this example:
I've created a new form to be used as a profile document, the form contained only a single field
Additionally I've created a small agent with the following code:
Sub Initialize
Dim s As New NotesSession
Dim doc As NotesDocument
Dim ws As New NotesUIWorkspace
Set doc = s.currentdatabase.Getprofiledocument("profile", s.Effectiveusername)
'# allows to modify the field values in the backend
Call doc.Replaceitemvalue("Test", "test")
Call doc.Save(true, false)
'# allows to modify field values using the frontend
Call ws.Dialogbox("profile", true, true, false, false, false, false, "Test", doc, false, false, false)
Call doc.Save(True, False)
'# does NOT allow to modify the document
Call ws.Editprofile("profile", s.Effectiveusername)
End Sub
It seems like its possible to modify userprofile documents (which dont have an author name field) even when you dont have author access to the document itself.
To clarify: the application was put on a server and access rights were limited to Author.
I'm wondering if there's any good explanation for this behavior.
Update : The problem has been filed as SPR (Software Problem Report) # RGAU8WZE2X and the Customer Report, APAR # LO71028 was created.
Signing and deploying Eclipse Plugins into Notes Clients- 26 June 2012 - (2) Comments
Thomas Hampel
26 June 2012Installing Eclipse plugins in a Notes client is a simple task. I'm sure users would be even more happy if admins would sign them properly before rolling them out.
Otherwise, meaning when they are not signed, or if signed with an invalid signature, users will see messages like this:
For a quick and dirty solution it would be possible set some preferences in the plugin_customization.ini or in the Notes client so that it will not show these warnings at all.
Unfortunately this will lower the security of the entire environment and therefore is not recommended.
The better method is to sign the plugin properly with a self signed certificate and then create a trust relationship with a Domino root certificate.
So these are the actions that need to be performed:
1.) Extract the Eclipse update site you want to sign to a temporary location on your hard disk
2.) Detach this command file to the same folder location where the file "site.xml" is located
signupdatesite.cmd
3.) Edit the file and customize the settings according to your needs - see remarks within the file.
4.) Run the .cmd file
5.) Save a copy of the .keystore,
6.) Import the new certificate (.cer) into the Domino server
7.) Create a cross-certificate from the internet certificate
8.) Publish the certificate to clients through security policy settings
9.) Create a new NSF based Eclipse update site and import the local update site from the temporary location (see step 1)
10.) Create a widget catalog
11.) Create a new widget using the Toolbar icon "Getting started with Widgets" and choose "Features and Plugins"
12.) Add the widget created to the widget catalog created in step 10 and don't forget to define a meaningful title and category. (e.g. Autoinstall) if you want the widget to be applied automatically. See next step for details.
13.) In the Domino Directory update the Desktop policy settings to include the newly created Widget catalog
All together it will allow automatically distributing plugins in the Notes client without error messages and without overall lowering security.
Well, one prompt remains....
Passthru configuration done right- 2 June 2012 - (2) Comments
Thomas Hampel
2 June 2012I'm wondering why some customers are not using Passthru - a function which exists in Notes/Domino for years.
From an infrastructure point of view, a Domino passthru server is nothing else than a special reverse proxy for Notes/Domino. Compared to normal reverse proxy servers it is providing an higher level of security due to the fact that authentication/authorization is using the NotesID for authentication and not relying on username/password
I've seen customers who create multiple location documents and tell end users to switch between them to force the usage of passthru. Personally I dont think that this is what end users expect, so here is a configuration which will use the passthru server automatically when it can not find a direct connection.
To efficiently use an existing passthru server, Notes Clients should be configured the following way:
1.) Create a server connection document in the personal address book of the Notes Client pointing to the passthru server name and its IP address(or DNS name)
2.) Create another connection document, of type "passthru" which is used for */Org , where Org is the root certifier of your organization.
important for this one is to set the usage priority to "Low" as shown in this picture
Once completed, its time for testing the connection.
Advanved options:
When using multiple passthru servers, its possible to put an IP sprayer or load balancer in front of them, so all servers are addressable with the same DNS name.
Typically a Notes client will reject connecting to a server that is using a different name than the one requested.
No need to worry, because Technote 1233210 already provides the solution.
On each of the Domino passthru servers behind the network sprayer you can add NETWORK_SPRAYER_ADDRESS=sprayer to notes.ini. Where "sprayer" is supposed to be a comma separated list of acceptable names or IP addresses of the load balancer.
Result :
If the Notes Client is within the corporate network it will directly connect to the target Domino server, but if the direct connection fails it will try to use the next available passthru server.
A really large Notes application which seems to exceed 100 TeraByte- 1 December 2011 - (0) Comments
Thomas Hampel
1 December 2011Another interesting observation in a Notes 8.5.3 client.
This Notes application, shows up in the Admin client with an incredible amount of disk space.
If I am calculating right 1,0*E^14 is 100 TeraByte in a single NSF file, which is located on my local computers disk.
Actually the physical disk size on operating system level shows a different value, of just 1.290.240 bytes
While the DB properties show 101 MByte...
I guess something is wrong here...
Cleanup Separators- 24 November 2011 - (0) Comments
Thomas Hampel
24 November 2011Does anyone know what "Cleanup Separators" are???
This menu appeard today in my Lotus Domino Administrator client version 8.5.3
alt="Image:Cleanup Separators" border="0" src="cleanup-separators.htm/content/M2?OpenElement">
error while loading shared libraries: libnotes.so- 3 May 2011 - (2) Comments
Thomas Hampel
3 May 2011Installing Lotus Notes on Linux is rather simple, the UI starts right away without any problems.
However if you happen to run command level operations such as compact or fixup you may run into problems because the following error message may appear:
"error while loading shared libraries: libnotes.so: cannot open shared object file: No such file or directory"
Notes is complaining it can’t find libnotes.so which normally resides in the /usr/lib folder on your machine.
All you have to do is to create some links so that the Notes/Domino code can find this file
To do so you will have to be root or have sudo rights and execute the following commands
sudo ln -s /opt/ibm/lotus/notes/libnotes.so /usr/lib/libnotes.so
sudo ln -s /opt/ibm/lotus/notes/libndgts.so /usr/lib/libndgts.so
sudo ln -s /opt/ibm/lotus/notes/libxmlproc.so /usr/lib/libxmlproc.so
or if you want a more propper solution, use those commands (thanks to Brian for reminding me)
# Create the conf file and put into place
echo “/opt/ibm/lotus/notes” >/tmp/lotus-notes.conf
sudo install -m 644 /tmp/lotus-notes.conf /etc/ld.so.conf.d/
# Tell the linker to use it
sudo ldconfig
Note: Of course all these commands refer the the standard Notes client installation directories, which you may need to adjust to fit your installation.