Hi Chris and Everyone,
We have a pubnames.ntf English version with new Holidays in it here: http://www-01.ibm.com/support/docview.wss?uid=swg21989194 packaged along with a couple of policy items needed. Localization is being planned for other languages.
This is awesome news and only takes a few minutes to get your environment updated. Keep in mind they mentioned there are other updates included. As always, use caution and test the new template before just firing it out there. Or go rogue like me and go for it!
If you do not wish to read the updates here is the direct download link per the technote
The tool is quite powerful and offers a wide array of troubleshooting abilities that have saved us some time. Here is a great list of what it offers Continue Reading here" All-in-one Admin Tool for agent troubleshooting" »
IBM has had a recommendation since 7.0.3 to place a server side notes.ini variable to place a new descriptor in the database so as to not show any potential private data from entries marked Private.The downside to this setting is that older entries already in the database are no affected.
Check out my SocialBizUg article on this topic for the rest of the story and the variable information. Also subscribe to the newsletter while you are there.
Since .nsf files already have their own access controls, these File Protections extend to files such as HTML, JPEG, and GIF that you can enforce file protection for that browser users can access. As an additional bonus, you can also set restrictions to web asset directories.
You can read my entire article on protecting directories on a web server over at SocialBizUg as part of my monthly Sys Admin Tips newsletter you should subscribe to.
The DSKTOOL.EXE Utility essentially remediates the user's desktop icons in a recertification exercise.
What that means is that you can use the tool to rename the server that an icon points to with a simple script text file.
It is currently supported up to version 8.5.x for Notes Builds 194 and earlier. Read the rest of the SocialBizUG article I wrote right here.
Since IBM offers it we definitely want to use server_restricted=x with the appropriate value. There are four possible values (previous to 8.5.2 FP3 there was only 2):
The problem is that some of the options still have unintended results. Mainly allowing users access to the server still based on database ACL rights. You can read the whole article on SocialBizUg right here.
What you are trying to do is use the mail delegation abilities to manage contacts that are stored in the mail file itself. While this option does not exist, I might have a suggestion that would work perfectly for you.
You can read the full question and my answer on my Sys Admin Tips monthy newsletter and articles on SocialBuzUg.
We want to be able to put restored databases on the Domino server to be able to have them to recover an accidentally deleted document or sometimes when we have a litigation question. However, we do not want these databases replicating or being accessed by anyone else, while leaving the ACLs exactly as they are for various security reasons. Is there a good way to do this?
Actually, there is one way you can do this without modifying the ACL and also still placing it on the Domino server. You can look at Directory Access Lists. This allows you to make a directory that has its own security controls to gain access using all the names found in the Domino Directory.
Continue reading the entire article right here.
While we could have a debate on certification in general, the IBM Certified Advanced Security Professional is an achievement not many obtained since it was first made available in 2006. The exam itself was different than the other IBM Lotus certifications. It consisted of scenario based questions. This made you work harder to uncover and think about the answer. You also got twice the amount of time to take the exam with twice as many questions.
This role recognizes the more advanced level of skills required by someone in a security role and covers the following areas as they relate to security in Notes Domino 8: installation, configuration, mail, management, and maintenance.
Some of our top administrators in the world even talked about the difficulty such as Paul Mooney. Blog posts announced the awesome achievement like Vlad Tatarincevs and it showed in LinkedIn Profiles and SlideShare, Even I posted my second one for Domino 8.
So what do you think about them retiring an exam that has no future plan yet showed a high level of advanced IBM Domino security knowledge? Share your thoughts in the comments.
- Lotus Support Mega Feed sidebar widget
- Lotus Tech Documents feed on Twitter using Yahoo Pipes
- Blogger and technical search widget right from inside your client
- SNAPPS and IdoNotes enhanced search plug-in for Lotus Notes
So as you see it has evolved over the years as the material to collect grows and the capabilities grow the list of fixes have too. So I will be adding the Notes/Domino Fix List full RSS feed to some of the above to give you timely information when fixes and being addressed and in what version
Let me know what other tools you need or sources added and I will make sure I get them included to help you find the information quicker. Ok everything but IBM PartnerWorld. No one can help you there.
Qantas is in another article about migrating off of Lotus Notes. Now into their fourth year it appears to me they didn't understand how deeply integrated Notes was in their environment for daily operations according to a Delimiter article. While they finished moving email users in 2012, the applications are taking their toll.
The nation’s largest airline Qantas has revealed that it’s still in the process of migrating its corporate email platform off IBM’s Lotus Notes/Domino platform and onto Microsoft’s Outlook/Exchange system, with the rollout now into its fourth year.
What confused me is how they are splitting all of their users up into different on premises and cloud based offerings. Not one but now three.
..some of its staff would instead be moved onto Microsoft’s Office 365 package. In the airline’s statement today, it described the Office 365 migration as “a separate but parallel project”.
Qantas’ migration mirrors moves at its low-cost brand Jetstar, which announced in July 2011 that it would keep most of its head office staff on Microsoft’s Outlook/Exchange platform, but shift about 2,200 staff onto Google’s Apps alternative
But back to the applications themselves. Qantas is now trying to consolidate applications down into fewer and possibly make them web enabled from what I took away.
What I want is everyone to go visit and take away from the Delimiter article is the comments section as people start to dispute complexity to move applications from Lotus Notes into other platforms. One comment even states 85% of the work can be done with a utility, CIMtrek (I wrote about back in Oct 2010), and a couple clicks. Sure, yes 85%. If you only use a document library.
Join in here or over there, just join in.
Working together with Yancy Lent, the founder of PlanetLotus, we compiled the Top 10 posts for 2012 on PlanetLotus. We owe huge thanks to Yancy for taking the time to dig through these statistics.
I had a chance to sit with Karl-Henry Martinsson and Ulrich Klause live and talk about their Top 10 PlanetLotus posts for 2012 and then we discuss IBM Domino 9 and IBM Connect 2013.
The order below is not exact as some of these shifted since the count was so close. This is quite a list and as you can see the majority are around the new launch of IBM Notes and Domino 9 Social Edition.
Lotus Notes Client not starting - Loading.. Please wait loop by Paul Farris
How to Create an Auto-Response Mail Message in Lotus Notes by Gavin Bollard
iOS6 oddness and Lotus Traveler by Andy Donaldson
IBM Notes and Domino 9 Social Edition by Karl-Henry Martinsson
IBM Kills Drops and Uses Other Words about Lotus in articles around the web by Chris Miller
IBM Notes and Domino 9 Social Edition by Volker Weber
How to: Restore the Sametime Emoticon Palette by John James
Customer project: Dojo 1.8 based portal on top of Xpages and Domino 8.5.3 by Mindoo GmbH
Mr Penumbra's 24 Hour Bookstore by Gregg Eldred
Do not forget to keep up with all of the Lotusphere Podcasts
- PCWorld - IBM Kills Lotus Brand, readies Notes/Domino Social Edition (they use the wrong logo in this article)
- ITBusiness.ca - IBM quietly kills its Lotus brand
- NetworkWorld - IBM kills Lotus brand, readies beta of Notes/Domino Social Edition
- eWeek - IBM Drops Lotus Brand, Takes Notes and Domino Forward
- Techweek Europe - IBM Drops Lotus Brand (IBM is to axe the Lotus brand.....)
Luckily in many of these headline grabbers I found decent quotes from Ed Brill and sometimes just an unnamed IBM executive. With the purchase in 1995 of Lotus for over $3 billion it has had a long foothold in enterprises. I know many outsiders to our blogs always think 1-2-3 when we mention Lotus or shake in fear of their remembrance the client due to bad deployments. Hopefully the name will still sit somewhere in the catalog.
Continue Reading here" IBM Kills Drops and Uses Other Words about Lotus in articles around the web" »
MigrationWiz is a complete cloud-based migration solution that helps companies move from existing to new messaging systems seamlessly and affordably. With no hardware or software to install, the patent pending technology is a solution designed to meet the needs of individuals, IT administrators, consultants, system integrators and service providers interested in migrating mailboxes.
They offer a free trial (limited mail is moved but shows fidelity and movement) which can then be converted. I was also impressed to see an individual package all the way to enterprise. This means that someone leaving a company could migrate mail on their own. Transfer limits for the two paid programs are 10GB and 50GB mail stores.
I bring this up because MigrationWiz is a two way street allowing movement into Lotus Notes as well as out of.
The location of certain menu options / features in Notes 7 and earlier releases may have changed in Notes 8.x. This portion of the document is meant to be a used as a quick reference if you are looking for a Notes 6/7 submenu choice under the main Notes menu choices (that is, File , Edit , View, Create, Actions, or Help) that is no longer in the same location and/or is renamed in Notes 8.x.
Note: In some cases, the functionality behind the menu choice may not be exactly the same as that of previous releases.
- focuses mostly on the menus available from the mail database (mail8.ntf) design but also identifies menu items that are normally grayed out in the mail database but available in other database choices that have changed. In the interest of document size/usability, it does not show menus that remain the same in Notes 8 as in Notes 7.
- points out only those menu choices under the main Notes menus: File, Edit, View, Create, Actions, Help.
- is not meant to be an all inclusive list of Notes 8 menus; does not include menus for new Notes 8 features/functions
- breaks down view and document level menus.
You can find the entire technote #1246781 right here
Given the steady decrease in use of PartnerForum over the last several years, we believe that its effectiveness in fostering communication and exchange of problem solving ideas has been surpassed by other venues.
Therefore we have decided it is no longer cost effective to maintain this service and we are going to discontinue it effective September 30, 2012. For those who wish to keep a local replica of the database, you should archive before the sunset date.
We thank the still steady contributors for your continued dedication to the platform, and we apologize for the disruption that this decision brings. We recommend the following venues for continuing the dialogue among you and with your IBM colleagues:
- IBM Smart Business: BP Forum - This is a web accessible public community for IBM Business Partners.
- Greenhouse ICS community - This is a community for Greenhouse members focused on ICS. It requires membership (no-charge) and it includes more than Business Partners. All Greenhouse members may participate.
- developerWorks Product Forums - These are particularly useful for deep technical questions. All registered developerWorks members may access. Registration is free
What would be needed we wondered? A flag we could enter or a simple ini variable that locks it down would be necessary. You then place this in the server before restart and remove after you are done troubleshooting or working.
We are not talking server restricted access for users but some way to work on the server and have all in and out connections. Like Windows in Safe Mode with no networking.
We could simply REM out the port settings in the ini I imagine as a possible shortcut but I think this could be a great way to speed some troubleshooting.
Go grab the whitepapers I produced on Dynamic Client Configuration troubleshooting and also Search Techniques in Lotus Notes.
NOTE: The University of Nebraska Medical Center is not migrating to the new system because of concerns about security.
Interestingly they said their Lotus Notes environment only had 1G of storage per person and the new Microsoft system offers 25. This is alrgely due to their limitations the university set and had nothing to do with the software as we know.
Continue Reading here" Microsoft offers superior web based interface per newspaper" »
An interesting idea popped into my head this weekend as I read a technote that actually mentioned Nomad, or Notes on a USB stick for those unfamiliar with the name. Nomad was a hot hot topic back in 2006. It is still frequently used as a search term on my blog.
With everyone thinking they want to run everything in the cloud, which they do already in many fashions unknown to them, the portability question comes to mind with the idea of a semi-full client on tablets and more mobile devices. iNotes and even Traveler is just not enough for the business user. Writing everything to XPages takes time and development costs many companies cannot afford or have the skills to get done. They may never get them done and/or converted to be honest.
IBM now sits at the cross roads of letting those full client customers go eventually as it seems to slowly vanish, or help them move apps to the web by partnering with teams like the recent Transformer 2.0 announcement from GBS. Ed just announced a XPages Application Server license. I do not see how it differs from a Domino Utility Server at this time. I imagine we will hear more on that soon.
When Ed mentioned the launch this week of Transformer 2.0, he quoted the line that says it:
modernizes Notes applications into XPages web applications.
If we move more and more Notes client based applications to web only, do companies need a drive to keep the client? Then a drive to keep mail on Domino? Then we point the directory to AD so we don't need that either.
Next step is to somehow surface .nsf files without Domino, via a plug-in for Websphere, after turning database encryption off sounds like a new plan too. More Notes clients on platforms may just be a help.
Coming on May 11, another free webcast from Consultant In Your Pocket:
DDM & DCT: What a Team
Have you fully dipped into Domino Domain Monitoring with modular documents, collection hierarchies, event workflow and reducing the noise through filtering? Have you completed a run of the Domino Configuration Tuner ? Explore all the DDM options, choices and variables to get the most out of your Domino environment. Use DCT to find out what areas to improve and what to monitor closely with DDM. Use some of the new automation in DDM to correct problems before you even know they existed.
Join this webcast to learn all about these under utilized features that come free with Lotus Domino.
Also do not forget to attend the Social Business & Online UX Lab webcast on May 3rd with Mary Beth Raven and Velda Bartek,
Once again, salesforce (yes no caps as their logo shows) hit my inbox with a webinar coming April 4th on migrating off of Lotus Notes. As we have seen this before, I took special interest in the speaker and the claims his website made, EscapeNotes.
So I went on to find the site EscapeNotes. and see what it was all about and the claims it would make. Here we go:
- You can migrate off Notes in DAYS
- An automated tool can do it all
They have a diagram on "How we do it" found on the EscapeNotes site that actrually shows an area of things that cannot be migrated. A XNscore is generated (I have no idea what that is and their demos have no audio). The tool has some pop-ups and then makes a complexity score. It then generates NotesPedia (the encyclopedia of your Notes infrastructure down to the latest detail.
It basically BUILDS NOTES DATABASES to show you the information it pulls from ACL's, catalog, access, templates and more. It then hits an Excel spreadsheet. Why would this not use force.com to hold and make these documents?
I watched a bunch of the demos and step 3 said no knowledge needed of Notes or coding in Force.com. If you watch the demo the is a ton of things you need to do and code.
Moving users forces the Notes workspace icons to launch their web browser to open the application. So there is no migration in that sense. Users just click a web link.
For a product moving you off Notes they sure use the term Notes a lot.
I am not quite sure how to think of this. Sure it was a sponsored email and scheduled webcast, but not one I would expect to see from DominoPower.
Support for Lotus Notes 7.0.x ends next month. Don't panic! This is the perfect opportunity to migrate to Google Apps.
I have nothing more to add on here. Go see the article yourself at this URL
I went in with the suggestions I received and tweaked the LotusTechDocs account on Twitter some more. Apparently you all are finding it useful. I bring in a bunch of technical document feeds together from Lotus using Yahoo Pipes. I label and then output the entire thing as RSS.
Everything is there: Domino, Sametime, Connections, Quickr, LotusLive, Redpapers and more.
You can then use your favorite Twitter client to make a column or channel and see them in almost real-time as they are published. You could also use Wildfire from OpenNTF in your Notes client sidebar.
It all starts with a quote from someone that moved to Force.com cloud platform since version 7 is expiring April 30, 2011. We got our first phone call and email.
"Moving from Lotus Domino to Force.com was the smoothest migration I’ve ever experienced."
Manager of Information Systems
Salesforce is going hard with a marketing campaign, free assessments and more:
Free migration assessment
Thanks for your interest in Force.com. One of our cloud experts will contact you soon to provide you with:
- An overview of Force.com
- A comprehensive inventory of your Lotus Notes apps, including their complexity ranking
- A roadmap to migrate quickly
Does anyone actually think they could easily and painlessly move you to the cloud?
So how do you get your hands on this right away? Simple.
Subscribe to the IdoNotes newsletter (make sure you select that group as one of your choices) in the upper right corner of this blog. Within 24 hours you get a welcome email with the link to the whitepaper and notices on the upcoming ones as well.From then on stay subscribed to keep up to date with the latest commentary only newsletter readers get to see. Feel free to subscribe to Consultant In Your Pocket, TheSocialNetworker or simply general interest as well.
A re-signed websvc.jar file was previously included in the list of files to replace on Domino 7.x releases; however, this file is not used by browsers and thus is not impacted by the applet expiration issue. Additionally, it was discovered that applying the re-signed websvc.jar file could cause crashes on Domino 7.x releases prior to 7.0.3
This only applies if you used the manual replace method and not the interim fix method to make it easier. You must go back and revert to the gold version of the file. So how many kept your gold ones? Huh? Tell me?
All the Domino servers restarted successfully as a core, but any server that had HTTP in the servertasks= line would not fire up the task after the hard shutdown. We had to manually go in and start it to clear the alert. This was on all the servers 7.x and higher (sorry no older ones to test on)
What are you waiting for?
Gmail has a hidden feature: Atom feeds for Labels! The technique is simple:
1. Setup a filter to catch all email from a specific mailing list.
2. Apply a label to all of that mail (e.g. 'list').
3. Access the Atom feed via this URL: https://mail.google.com/mail/feed/atom/list/ (changing 'list' to be the name of the label.
So if you take this and then flip it to Domino, you could create a rule to tag or sort your mail-in databases and then push this out to the feed readers with the RSS capabilities of Domino. This would solve an alert issue for numerous people that share part in a mail-in database. Everyone could read the stream based on what category they handle from a single course that is tagged/foldered/categorized properly like you can do already with my blog. Go to the archives tab above and look at the different pre-categorized feeds you can get form one single database.
Same idea, just move it to other data stores in your Domino architecture.
Comcast officials say the Lotus Notes problems were caused by a software glitch, adding that the company does not block customers from using file-sharing applications. It does, however, manage its network so that a few subscribers using bandwidth-hogging programs don't slow everyone else's Web surfing.
As we prepare to his DST again, I sat in the open mic call this morning. A simple request to Lotus..
- Listen to Episode 28 with Scott of Lotus that not only got downloaded an amazing number of times, but had tons of info.
- Listen to Episode 27 with Andy and Rob of Technotics as we talk all about DST impact
But I noticed one thing from listening to the callers this morning. A lot of people have been doing upgrades, changes and deploying applications since the last DST time change. Yet everyone has the same question. What version has what fix and if I upgrade is it done?
So Lotus, we need a simple scenario listing in a whitepaper or technote that shows the outcome of where they are now and what steps are needed. Such as:
- you already patched for spring and have not changed the server code
- you patched for spring and have now upgraded to X.xx version
- you just installed version 7.0.2, is there any patches I need or is it included?
- you were in a version 6.5.x and patched in spring, we then upgraded to 6.5.6. Do I have to repatch?
- Other countries are now going into time changes, so if I have international servers/users I now need to patch those? (like Australia and Brazil)
Iread with much interest all comments about DDM, in response to my (previously published) article. I can only say that I fully agree with all these comments and I hope that this post will make things even clearer.
DDM is for sure an improvement and IBM kept improving the monitoring of Domino since version 4. Some DDM features are very useful and a few of them cannot be provided by any other product, including ours.
My article is actually not only regarding the benefits of DDM, Admins can judge by themselves about its value. What I can hardly understand is the marketing made by IBM around DDM. Was there so little to say about new features in Notes 7 that IBM chose to present DDM as a revolutionery product ? I do not question the value of DDM but all Admins having worked with Notes since R4 know that DDM is mainly a revamp of existing features.
I'm also surprised by IBM's plans of releasing a major release yearly. In my opinion, a major release must provide significant enhancements and new features. Fixing such deadlines leads to a very strange situation where 4 different versions of Notes are maintained, including the version 6.5 which nobody knows whether it can be considered as a major version or not.
The ones having discussed with me know that I'm a strong advocate of Notes for many years. However, I agree with Philip's comment about IBM competing with it's partners and I'll add that I'm puzzled by the lack of long term strategy in this company. I'd prefer that IBM spends its energy fighting with its competitors, not its partners. OK, I'll stop now before IBM people get mad at me once again.
Back to DDM, I don't like the design of this product:
1) It bypasses some standard Notes concepts, which is unacceptable to me:
- automated replication
- relies on Notes when it's supposed to monitor it
2) almost all information is not real time (unacceptable for a monitoring product)
3) it's mainly server based with all related drawbacks:
- resources taken from servers and possible crashes
- problems with heterogeneous environments (versions of monitoring code and servers)
4) real useful features are in my opinion reserved to skilled users
Comparing to Monitor:
1) Monitor doesn't have any of the drawbacks listed above
2) Monitor provides major additional features and supports other platforms (clusters, Sametime, BlackBerry, etc ... and soon Exchange)
In conclusion, I agree with someone's comment that DDM can be useful as a entry level monitoring tool but falls short for monitoring large (or critical) environments. As far as being a revolution in the Notes world ... let's be serious a minute, it's not. The real revolution happened about 20 years ago when the concepts of replication, UNID, certificates and views were put together to create Notes.
BTW - nice to see that quite a few people also use our products :-)
Java virtual machine (JVM) changes made to Domino 7.0.2 are causing nHTTP crashes.
|If you are running a Lotus® Sametime® server release 7.0 or 7.5 on Domino® release 7.0.2 you may experience nHTTP crashes. These crashes do not occur in versions of Domino prior to 7.0.2. |
Microsoft Transporter Suite for Lotus Domino is used for interoperability and migration from Lotus Domino to Active Directory, Exchange Server 2007 and Windows SharePoint Services 3.0.
Anyone tested the gold release yet? You need the following installed also:
- MMC 3.0
- Windows Powershell 1.0
- Microsoft Exhange Server MAPI Client and Collaboration Data Objects 1.2.1
I will load them on the test machine and see what we get.
The Release Notes
The actual product page
IBM has also just said that they have placed Vista certification efforts for its current Lotus Notes products on the back burner as they are working hard on ensuring that the Lotus Notes 8 Suite is fully compatible with Windows Vista.
The technote says Lotus does support Vista in 7.0.2 and future 7.0.3 and 8.0 will be fully tested. (no this does not include 64-bit versions of Vista though)
For example, with Win32, the default memory available to each Domino partition is 2 GB. There is a switch to increase memory to 3 GB, but that solution has a performance impact of ~10% CPU utilization. With Windows 2003 x64 Edition and Domino 7.0.1, this switch will not be needed and 3 GB will be supported by default.
So the issue is that with large data stores (this is over 2TB we are talking right now), the /3GB switch causes crashes. While the internal IBM info is not published at this time, I hope it will show. The funny thing is that this exact issue affects Exchange shops too as shown in this posting. I found a warning on Ed's blog, under comment #8.
This led us to find out about the transaction logging issue with 7.0.1 so we are headed for 7.0.2 with no /3GB switch. Let's see if we can get that new technote.
What this means is that while the agent completes, it might have skipped certain documents in the user's calendar. Of course, this is totally random. We found most mailfiles were good, but then some would have appointments that did and did not convert. Running the new agent again against these mailfiles seemed to solve the issue. WAS far as we can tell because there is not enough time to go through the properties of each entry and find the timezone values.
So good luck once again..
Anyone care to explain how McAfee SpamKiller doesn’t work with Lotus Notes emails? I think this is fishy
Now normally I would laugh and enjoy the humor. However., there is a link on the McAfee site that takes you to a simple statement form them that they do not support Lotus Notes in it's native mail format, use POP3 and then it links to an Oct 1998 article on LDD about setting up local POP/SMTP accounts.
So I browsed their site and came across the product page which states it supports Lotus Notes and the other product. SO I am guessing this article writer is pulling old data out to stir the pot since the link was for the R4 version of the product also.
IBM is holding daily "Open Mic DST Calls". These calls are intended to
provide a forum for our customers to bring their questions, concerns etc..
around DST to us! Our goal is to provide them with the information they
need and to answer the questions that they have in order to ready their
systems and WPLC products for the DST changeover.
IBM has planned calls for Tuesday - Friday (March 6th - 9th) and March
12th from 12:00pm - 1:00pm Eastern.
Tuesday 3/6 -
Toll free: 1-888-732-6202
Participant Passcode: 893498
Toll free: 800 214 0745
Toll: +1 719 457 0700
Participant Passcode: 158121
Toll free: 1-888-373-5705
Participant Passcode: 547292
Toll free: 1-866-237-3252
Participant Passcode: 163964
Also, the demo videos can be found here:
New Videos show sample scenario of applying DST change to Notes and Domino
New video instructions (screen capture with audio narration) have been provided. These videos demonstrate how a Notes calendar is impacted by the DST change and show one scenario of applying the necessary updates to allow for the new Daylight Saving Time definitions. The download link to the videos is embedded within the "C&S Agents" technote below.
Title: Agents for updating Calendaring and Scheduling entries and Resource Reservation entries for Daylight Saving Time (DST) 2007
In addition, a video has been created to demonstrate how to use the Java Time Zone Update (JTZU) tool for updating DST information in your Java Runtime Environment(s). The JTZU video can be accessed via the following updated technote:
Title: Using the IBM Time Zone Update Utility for Java (JTZU) with Lotus software products
You then go in an edit and resave the document (or run an agent to refresh them all) and you get the following.
Ignore the Adminp statement if you edit and resave. It is the saving action that does it apparently.
But as a quick note, look for another new agent (184.108.40.206) to come out and fix some of the looping script errors we received on numerous servers while running the server based agent against the mailfiles. We saw this on more than a few customers across versions of templates as well as Domino versions. It drove us nuts, and wasted a lot of time to have to go into the text files and remove the offending user mailfile to get the agent to run on. Until it encountered another one and looped again. Now some ran without incident. Others stopped more than 20 times on larger sites.
I also talk about the order we did things and across the product lines.
5:30am - So first up for me was the Sametime servers. Others were prepping the DWA, calendar and RnR stuff. I have some of those to do in a bit, but I started with our internal servers first. Running the JTZU patch took far too long to search the Sametime systems. You really cannot run this tool in interactive mode since then you need to specify what gets updated and you have no clue. It even prompts you that letting it search could take hours. It really only took a few minutes when all was said and done to find what needed updating. It did take a while to run however.
6:16am - This was incredibly frustrating when the IBM support site was up and down all morning also. Yes we have knowledgebase locally, but it is faster to web grab some of the files. Also, it also would be nice not to get just random error messages on documents not existing when you know they do.
7:00am - First batch of RnR changes completed and one test mailfile set done. One weird error on one customer and the rest went smooth so far.
8:00am - Script errors when the calendar agent runs on a bad mailfile in the text list. We find endless script loops running. Removing the last mailfile attempted (and all previous completed ones) from the text list and restarting the agent fixes it. Some clients have no issues at all, others have a handful that cause grief. It has you going back to each server and making sure it it not looping.
8:30am - The path for managed and hosted server is an issue, so we created numerous agents with different drive letters that we can fire off. Now AS/400 and some random servers ever have different data paths from the norm. Standardization I say, standardization.
8:50am - Encounter first Domino Directory in foreign language. Script in agents only works on English views. It says it can't find the Server\Mail Users view. Which is there, however it is Servidor\Usuarios do Correio. First glance doesn't show where the agent grabs that view name to change it.
So I will give another (after much sleep) overview tomorrow on steps, commands and other things we figured out and streamlined as we went along to make your life easier.
1. To run as multiple instances (i.e., four instances), copy/paste the agent multiple times in the same database, and change the name to "AdminAgent1", "AdminAgent2" etc.
2. Ensure you have the server setup to run the desired number of concurrent agents in the Server document in the Domino Directory. The "Max concurrent agents" setting is found on the Server Tasks -> Agent Manager tab. Note: There are separate settings for "Daytime Parameters" and "Nighttime Parameters," make sure that you set each as desired.
3. Repeat steps 1-5 from the section above on configuring the agent to run in the background:
- in step 1, ensure that multiple TXT files are used to evenly divide the list of files to process
- in step 2 ensure the individual agents are edited to point to the individual TXT files
- in step 6, simply issue "Tell AMGR Run" for each of the individual copies of the agent:
i.e. for 4 agents it would be the following
Tell AMGR Run "mail\AgentDb.nsf" 'AdminAgent1'
Tell AMGR Run "mail\AgentDb.nsf" 'AdminAgent2'
Tell AMGR Run "mail\AgentDb.nsf" 'AdminAgent3'
Tell AMGR Run "mail\AgentDb.nsf" 'AdminAgent4'
So notice the key area about having enough Amgr threads defined to run all the instances you wish.
(4) is in relation to putting the OS patch on the clients. For one thing, Lotus suggests that the Notes client is closed when the patch is applied. How many of your users leave the client open all night long?
The computer should be restarted after the patch is applied and before restarting Notes. If the computer is not restarted after installing the patch, Notes will return the old time zone information for time zones other than the current time zone.
A lot is riding on this client restart or even patching. I am also not sure how you are forcing your users with machines at home or laptops to do it. If you start scheduling meetings across the clients that do and do not have the OS patch, then you will get variances in what they see and how correct they are.
Now to toss in some confusion, (5) should be done as soon as possible in relation to the OS updates. This is finely designed and choreographed dance folks. The amount of errors that DWA users will get relies heavily on this. See technote #1241063 for the alternative issues. From simple error pop-ups to meetings getting scheduled in Greenwich Mean Time, I think we have a problem here. There is no way to get all those DWA user machines.
(6) moves on to the RnR database and the users mailfiles. Now, if the users have local replicas also, they should be grabbing the change agent through replication before you run it on the server too. See technote #1254639. The RnR Manager must be shut down when the agent runs, and you even get a prompt while running this from the database Action menu. Note, you will be signing these agents with some id file that needs at least editor access to the RnR database.
I will have more info for you to follow this one as we finalize and formulate the plan to update servers globally, hopefully it helps.
Take a read of the article here:
The survey's release comes amid the shipment of Microsoft's Exchange 2007 late last year and IBM's annual Lotusphere conference, which was held last week and focused on Notes/Domino 8, slated to ship mid-year, and new social networking collaboration tools.
The report Gartner put out costs a lovely $995 to read some collection of data I never understand where they actually derive it from. But if you have a log in, it is over here.
After talking to the tech team handling this user, we discovered that all work was being done in the All Documents view of the mailfile, all the time. So the index would build, they would work fine and then when they read, replied and then deleted mail from within the message (while saving the sent one of course), it would then start this long wait process. Well using the Domino Administrator we saw that the All Documents view index was 40MB or so. So each time the user made a bunch of changes, they would force the view update and then download the entire index as shown in the client_console running. Now even with a dedicated T1 this should take 4 mins or so. Imagine fighting with the other staff for this same bandwidth and you have the failure.
So convincing a user that the inbox and folders is the proper place to work is the next step. Oh yes, all mail is in the inbox and no folders
End of marketing: Effective January 11, 2007, IBM will withdraw from market the IBM Lotus Workplace Messaging Passport Advantage® offering. Customers who hold current licenses for this program will renew to the following:
- One (1) IBM Lotus Domino Web Access license for each licensed Workplace Messaging user
- One hundred (100) Value Units of IBM Lotus Domino Messaging Server for each one thousand (1000) Workplace Messaging users. 100 Value Units of Domino Messaging Server is equal to One CPU.
This month I had a nice array of things I wrote (I like to think) from Hannover to Sametime hardware sizing.
Here is the issue. After loading 7.0.2 in the new VMWare, we shut down the old 6.5.3 server and began the simple mailfile and few database copies. We brought the server up under the old name and started seeing countless lines of the different tasks with the same error message
"cache entry not found"
No maintenance or convert task would fix it. Convert, Fixup, compact, index all failed with the same error. Yes, all of them.
Now I searched Knowledgebase and online to limited success. The Sched task, RnRMgr and HTTP were all reporting this same error. Well with numerous tweaks to the Google search, I finally found some insight. The customer had moved to a single copy template (SCT) for the DWA 6 infrastructure. When the databases were moved over, the SCT templates in use were not. I simply moved those over and the server came right up with the error removed. Convert then ran successfully to move them to DWA7 and then compact to reclaim much of the unused diskspace.
Issue solved and into the books for another oddity of undocumented weirdness.
- how to deep fry a turkey
- change users SMTP domain name across 17 acquired companies
- whitelisting servers
- Sametime error codes for users dropping connectivity
- set update flag in local address book
- multi language notes clients?
- strip attachments from NDR's?
- port failover in a clustered server - teaming NIC cards as solution at hardware level
- migration of domains by moving everyone into the new domain and then recertifying
- server_transinfo_range proper setting?
- Nomad questions on the uninstall/U3 and performance speed issues on USB
|As we fired up a new customer server remotely over in China, it had terrible bandwidth and connection issues. It could telnet to the Notes port on the US based Domino server, see the server in DNS and IP, but when Notes popped up it had the worst time trying to connect and would time out too fast.|
So there is a couple ways to handle this. As commented before, there is no documentation of what format or data should be included for the setup selection of choosing local media. We have played around with it to some success, but it should be much cleaner. So we copied down the names.nsf, admin4.nsf and the notes.ini from a freshly installed and working server. A quick change of the id file and paths and the server came right up. You could note the CleanSetup=1 in the notes.ini but I wanted everything built, not just to tell it that the setup.nsf database was placed and removed.
You used to be able to create profiles, pre-configured in the setup.nsf database and place that on numerous servers. it doesn't like that in the newer code streams.
All the blogs I host on DominoBlog I have pushed toward this configuration when they first went live or we found out this trick from Steve. I would say almost 3 years ago.
I see they did blue-wash the template and trim it down (I still use a whole database from the DominoBlog 3.0.2 template for my stats database). From there you can create your own reports or just use the views that were provided. Apparently there is a document refresh that needs to take place when converting over, which for me will take quite some time. I am thinking about just archiving out the old one and using the new stat database. Makes more sense in a way.
Remote Server Setup
Now I cannot go and give away all the little secrets, but you get a great headstart here.
Do not try and install Nomad straight from the downloadable code, you must unpack it first. I am hearing rumblings of those trying to install with the flags right from the exe file, which does nothing but install onto your local machine. I quite image that Susan Bulloch will have many more comments on that thought.
Programs That Reinvent The Wheel
This is mainly about Lotus Notes, but I think it's endemic to the Windows way of doing things. Programs are written under the assumption that there won't be a helping, friendly ecosystem to assist them when a function is called beyond their core values. As an example, Lotus 7 has an embedded version of Internet Explorer -- I can't figure out how to get it to launch an external browser (Thank God for Firefox!). Some programs use the term Properties, others Preferences. There is no consistency across the line, and the big picture of a family of applications is not considered.
I commented on it, as did Joe Litton (he covered some other areas though). I basically stated that the blogger has choices:
- find the administrator who has not set policies in place to control this
- learn how to use the client help file that explains this
- notice that Lotus did it right by not forcing you into some browser choices (alibi you could change it later) up front like IE, Firefox or whatever.
Look at it numerous ways and you get the same result...
The district is involved in an ongoing process to transform its 55 high schools into small learning communities.
The 180 new tech students at Jordan High will work on project-based curriculum using computers and the Lotus Notes software.
Read more from CBS reporting...
|So here is the issue. You wish to do SSL for SMTP. Looking at Domino you see that it is disabled by default for both inbound and outbound SSL over port 465. |
However, we could not get anything to connect from outside out network to a server that was offering SSL for SMTP after being enabled. We had both Anonymous and Name & Password set to 'Yes" also.
After searching the firewall logs we found that connections were never getting to the firewall in the first place. So we went farther back to the edge routers. What we found was that the port 465 packets were getting dropped for some reason. After some digging by our network team we found this lovely bit of information. Basically Domino still uses port 465 for SSL over SMTP. This port was assigned and picked up by Cisco URD (URL Rendezvous Directory for SSM) after the V3 SSL standard was drafted 10 years ago. The port never made it out of Reserved (pending) with IANA according to what I could find on the Internet.
So the recommended approach is to start communications with a START TLS encryption instead of move your SMTP SSL port somewhere else. While it might work over port 465, there is no guarantee is Cisco routers are somewhere in the middle of the communication.
New IBM Security Certification
IBM has just released a new designation for Notes and Domino 7 professionals. The new certification is named IBM Certified Advanced Security Professional - Notes and Domino 7. The single exam for this designation is Exam 755: IBM Lotus Notes Domino 7 Implementing and Administering Security. You must first be an IBM Certified Administrator for Lotus Notes and Domino 7 before you can earn this title.
So the Lotus site goes on to state that you must be a CLP in Domino 7 and then take this exam. Here is the part i found interesting:
You must receive a passing score for each of these areas plus you must receive an overall passing score
So there are 3 sections listed and you have to pass each one to get the certification unlike previous exams. Nice touch!
Do you see the value in this exam?
You need just over a GB of temp space to get it installed, no matter what it tells you. If you do not have enough, we got to see it actually install just the Workplace components and note the Notes part. That made for an interesting desktop.
No documentation the Linux guys found showed how to go back and install just the Notes part, so the uninstalled and started over.
However, I must say that they are extremely happy at this point and gave it good reviews so far. All this on Red Hat 4 I believe.
A couple Redhat 4 machines are under way and we aren't quite sure what the other is yet. So look for an overview, input and comments on all the different installs.
If you cannot monitor and generate some type of alert or notification for some type of event, you haven't looked hard enough. Ok, there is one, no disk space monitoring on AIX.
So today I discover and play with DDMdiravail.dat file. This shows a list of polled servers, port number and rep ID for directories you are checking for availability. It looks something like this:
So you get the domain, server/organization, port, filename, rep ID and then if enabled or not. So witha bit of manipulation, you can understand what is being checked on what port and enablement of the directory for DDM scanning.
Yes you can make Designer, Admin and a bunch of other things work. Lotus will not support these, but I am using Java Console, Server.Load and slew of others successfully for some time.
But, security on Nomad fits the same security you would offer for any portable device, including a laptop.
- Password security for the USB. Not the top of the line security measure, but a welcome alternative. Laptops have them, everyone seems to overlook that part
- Biometric security. This happens to be stronger than most laptops. The data sits in an encrypted data partition until you provide a finger scan
- Make sure you have Domino policies in effect that force encryption of all local replicas. How much data do you really plan on storing on these smaller drives? Let's be realistic here. Some people think they will be carrying a ton of data. The idea of Nomad is portable access to important info and then the ability to connect at any machine. With multi-GB mailfiles, not including the base install and simple things like address books, bookmarks and directories, it is a bit. You can assist by stripping out unnecessary templates
- U3 support will not be coming from Lotus direct. Look for that from 'other' sources though. If you are unfamiliar with U3 on USB, look it up right here
- As was mentioned, don't worry about VPN connectivity. You can load VPN files just fine on a USB and make it work. This gives you more than portability.
- Lost USB keys. If you can get the password quality higher, remove unnecessary templates and data and encrypt everything, like you should, then you can lower your exposure
I saw a comment on Ed's or Declan's blog about manageability.
- Smartupgrades will be an issue. I do not see it feasible to have users send in USB keys and go without. Some work needs to be performed here.
- User id management will remain the same. It is a Notes client for gosh sakes! If you can rename, recertify or lock out users in Notes, then no worry here
- Loading time for the initial install can take a little longer than you desire. But that is a cost you pay for that one time part of the work.
- **** Ed had a comment on his blog about turning this ability off. Well no you cannot turn it off, it is a Notes client with the same code. I see no identifier that shows it is Nomad versus the full Notes 7.0.2 client
- Ben Rose wants to see it work at airport kiosks that still have USB ports enabled. It should as my basic testing as a non-admin user launched fine as long as USB support was there. I did not attempt on a fully restricted and locked down UI, but that is next
Don't get me wrong, the coding is good and I appreciate the time he is spending offering free code for the Exchange admins. Heck, we have hosted customers on Exchange. My only point was that it should be native to the product.
Like opening the Domino Directory, seeing all the nice servers and connecting to the files tab in the Notes Admin client to get disk usage. Heck, even select just the mail folder and see that count. Yes you could automate that more, or *GASP* use stats to gather it automatically for you like I mention using the same thing in my last posting.
How easy is it to monitor and be alerted of freespace on a Domino server? let’s compare to Exchange with no tools purchased
In Exchange I saw someone doing this..:
I came into a situation where there are several Exchange servers without any monitoring. While software is procured, I created the following script to do some basic monitoring of Exchange services and disk space (to make sure circular logging doesn't kill the server). I have the script running as a scheduled task every 15 minutes. The script will create a log file every time it runs. If one of the thresholds is reached, an email is sent
Note the comment about having to buy software and then go look at the script. Hooray for text logs?
Despite expectations that it would take only days to retrieve student reassignment e-mail, Wake school officials needed 15 weeks and spent almost $17,000 in response to a public records request from The News & Observer.
But it was apparent by Feb. 14 that the district's information technology staff did not have the ability to easily search past e-mail.
Wake's e-mail system -- called Lotus Notes -- was installed last year, said Vass Johnson, director of network systems. Officials felt the system could handle a large public records request, but this was its first big test.
Staff members soon found they had to do much of the time-consuming work themselves, such as writing computer scripts that reconstructed databases and searched for specific e-mail.
Someone needs to tell them that they could have had journaling turned on, multi-database searching or whatever instead of all this wasted time and script writing. Life can be much simpler.
Mail, Calendar, and Scheduling improvements
Performance improvements made to the Mail, Calendar, and Scheduling functions include:
- The "typeahead" feature now looks into the server address book first, instead of the user's personal address book
Yes, I still love my U3 USB thumb drive, so what about Notes on it via Nomad in 7.0.2? My current thoughts on the press around it
So what this means from reading, is that Notes will be installable onto any USB drive with enough space. How much will that take? Looking at a current Notes client only, you can expect to rim down templates and some other items for sure. But you will still eat up a couple hundred MB or more minimum. Security of the data is in place, so you can replicate. I am curious about the speed and performance. I am guessing a selective replication for mailfiles would be the way to go, say the last XX days of mail, so you still get folder structure.
If all this works as planned, this will become a great selling point for mobile users. Now, what about kiosks? Those won't be available in most airports, but who would trust their USB on a kiosk nowadays? I imagine with some U3 embedded anti-virus (which is available) it would be more of a warm fuzzy feeling. There is even keystroke logging detection programs.
Can you carry your entire desktop with you? I am getting there. Firefox, Trillian, Skype, soon to be Notes, a PDF reader, OpenOffice and even Zinio for digital magazines. With a couple GB USB drive and U3, visiting the parents and not tugging along the laptop will be a breeze
Another question from an attendee wished to restrict certain users from receiving SMTP mail (SEC needs and requirements) and still have them receive SMTP mail from internal applications. There was too many users to add by name to SMTP restricted fields (where groups don't work). Instead, it was suggested to selectively remove them from replication to the edge SMTP servers (or put flag for LDAP from spam filter) and then point the internal applications to inside servers directly. A simple solution for the problem.
Sametime on Blackberry came up at the end. They just wanted hints and tips which no one had any up front. So can some readers assist?
So, attendance was great. The attendees were great. Now for the specs.
Very few running Domino 7 out of the group. A few test servers here and there, but no real production yet. Domino 5 was still running in a few shops. The session on Domino Domain Monitoring was well received as many had no investigated the abilities it had to offer. There was great interest in the Sametime 7.5 product, people were asking about what it would offer them. They were not pleased to hear that the integrated client would not see many of those features. Understandable since many run Sametime not just for the awareness, but the free chat services of the IMLU.
Side questions are the ones that interest me most. What I mean is questions that do not get asked in front of everyone, but are brought to us as presenters on the side when there is a break or lunch. I had a couple on SMTP, a couple on Nomad and a few on various issues/problems that are always unique to that persons environment. There was one I have to investigate and get back to them. Looking at Stats and DDM is there anyway to see diskspace on AIX and monitor it? Novell and Windows are covered in there.
I also pushed some people to forgo the upgrade from 6.5.x to 6.5.5 or so and go into Domino 7.0.1 instead. The upgrade is simple and straightforward, so why waste the time with the in-between point version that requires just as much of an outage?
P.S. Dinner was awesome the nights I was there. We went off the beaten path to Tufano's with Jon Raslowski of IBM. Excellent Italian food and they only take cash and checks, amazing in itself. Another night of dinner was spent at Star of Siam for Thai food. Hot, spicy and excellent. Close walking distance to the hotel we were in and we were lucky enough to get a seat the moment we walked in. I took pictures of Cirque Shanghai that we caught the second night they were there. The first was sold out to dignitaries and the such. Impressive acts (well we could stand to lose Marco Polo) and very affordable show. No reason to sit in the first few rows for the extra few dollars, as all seats are great in that outdoor amphitheater. From reading reviews and such, they made over 400 costumes for the performers across the different acts for the show.
You recently signed up for the Radicati Group's "Microsoft Exchange Installed Base & Forecast Growth" Teleconference whihc was scheduled for Thursday, June 22nd. This teleconference has been cancelled and will be rescheduled to take place later in the year. You will receive an email about it when a date is set. We apologize for any incovenience.
Is there too many conversions to Domino from Exchange going on? People running scared of the 64-bit requirement of the future? No one really has it installed as true Exchange licenses and they are counting every freaking Office license sold?
Whew, you can tell I am about to hit the road for a few days for another conference.
- IBM and RIM announce a stronger partnership to improve performance and extend more application access thorough Web Services in Domino 7
- IBM announces an upcoming free 20 hour installation and configuration support for Websphere Everyplace. It includes designing, architecting and installing. Nice touch to get more usage from the product. They will be using partners for this free 20 hours as well.
- If you happen to use Whale Communications for your reverse-proxy or as an air-gap device in front of Domino for SSL support, they were snapped up by Microsoft a couple weeks ago. I picture their Domino support dwindling like previous anti-virus providers that got bought too.
- MySpace annouced their own IM client. Just what we need, more reason for people in the free world to live on that site. It is reported to be the fatest growing place on the Internet.
We are cleaning up the local access protection issue and letting it run again.
Notes 5 was pretty basic with what you could do with an Execution Security Alert....
Run once, trust them or run away.
Then Notes 6 stepped in and Lotus stepped up the game for running unknown code as seen here..
Actually, the options were exactly the same. Hotkeys got changed and some verbiage, but more information was given on what the code was attempting to do. Note that the help function was removed from the main pop-up.
Now we go on to Notes 7
A single session trust ability added on to the option to trust them forever. Hotkeys are not underlined anymore but work just fine. Guess that was just an oversight in the UI.
So issue resolved on that end for good, the 7.0.1 code is smoking along great and the world of the blog-o-sphere is at peace once again.
Notes on Citrix was as previous years. Lots of organizations forced into using it, many looking at it, but no one real sure of the benefit. I covered both angles. The good and the bad. The hardware investment is an all or nothing move. All apps possible into Citrix and large farms, or forget it. The investment to centralize and still provide powerful desktops don't make sense. The management is not as smooth as you would hope or want for upgrades, new users and such unless you script much of it. I will talk about this more in my newsletter next week.
So off to home for a few weeks before another ND7 Upgrade Seminar stop in Chicago.
So, let us make a quick assumption. Lotus stated Domino 7 was the most downloaded version in the fastest time. I agree there. But, as usual, companies are stalling on some of their plans and that shows the more conferences I do and people I meet. Some are unfounded fears, many are testing and more testing. I stated it before and I will state it again, stop with the delays and get it done. The upgrade path is too simple and the benefits too great.
Ok, I feel better. Back to reality. Sessions completed are:
- SMTP hands-on configuration (2 times)
- LDAP Infrastructure
- Domino Unified Communication (DUCS)
- Domino Domain Monitoring - Jumpstart
- Domino Domain Monitoring - normal session
Besides unique variables that every system seems to have, it is the customizations that have been implemented or network configurations that bite them each time. I preach simplistic and constant scrutinization of not only what you have in place, but what you are implementing in the future. The network security guys don't always know best. The management don't always know best. Heck, even us admins don't always know best. So constant checking and rechecking is the way to go.
|David Penzias, Publisher for The View did a brief opening before turning it over to Mike. |
Mike Rhodin - General Manager, Lotus Software
- Converging markets across open standards is driving the evolution of what the user will see as your desktop experience
- Mike and Ron started trading off as Mike brought up points, Ron would show and tell some new item to validate the concept.
- Mike then talked about Lotus purchasing Databeam and Ubique years ago and the "mashing" of them to get Sametime. Capturing the lion-share of the market in enterprise chat services.
- This led into presence, location awareness and the integration of the top real-time communication vendors
- The nature of people coming together to fill in the gaps of knowledge. Social Networking
- Mike led in with finding information you are interested in, what communities do you belong to, bringing us to Social Bookmarking. Dog Ears. A tagging network uncovering structure and flow and applying that to Activity Centric computing.
- So taking that stance, tag data instead of moving it everywhere, and locate those tags. Like Technorati, Flickr, De.licio.us and others.
- From here I had to head to my session as Mike closed out talking about driving the innovation agenda, standards and taking advantage of the standards.
- Lotus believes that the users are asking for the loose coupling of data as we move into Web 2.0, and Lotus is there to be the leading edge in that.
Ron Sebastian - all that is demo for Lotus
- He started with Hannover stating this wouldn't be delivered until early 2007
- Business card views for the personal address book
- Workplace Designer was used for a client based application to run inside of Hannover. He had a local SAP server pulling data with Workplace into Hannover. Data was input into the Domino application and in real time manipulated the SAP data
- Next on the block was Sametime 7.5. Spellchecking got a round of applause
- Colors and font
- grabbing live data from spreadsheets into group chat areas
- The Skype codex is now used for audio. This provided awesome quality even in a large room, no computer mic to your head and you could hear it all over the loudspeakers clear as can be
- location awareness with presence
- the list went on
- Skilltap and belonging to communities was shown, bringing out the IBM Community Tools (ICT) that is being brought into Sametime 7.5
- Real-time polling and information requests are part of this through the broadcast. Responses get added to the instant chat meeting and ti grows as people have answers
- Answers can be stored in a skills database for later searching. Capturing the skill of a community. No word on what that database is, where it is located, what access is needed and can it be used by other applications, but being Domino, I would go with yes. Now that is what locating skill and data is all about.
- Tagging, or Dog Ears keeps count of how many people link or bookmark certain data that is stored. You could also search on bookmarks that other keep to see where people get their data. You get to disseminate to others where you get your knowledge. I know that some believe knowledge ownership is power, so sharing this information will not be easy for most to agree to
People addressed third party monitoring tools a couple times, asking if DDM could replace them. My honest answer? No, put them to work together. You already made the leap and the cost of installing a third party product, don't change that yet. Mainly since DDM lacks some basic workflow in this current version. But the probes and deep level checking that some of the others do at the cost of machine resources, don't weigh evenly against DDM.
The flexibility of scheduling probes coupled with the ability to change the severity designation and notification of any event Domino can generate, blows the other products away. Hands down. Now just to get some workflow...
On a side note, speakers were popping up all over. Rob Novak, Susan Bulloch, Carl Tyler, Rob Wonderlich, Andy P and Rob A (the wonder twins) and a slew of others
Reminder, this is a 9MB file I didn't zip >>>> ND7_London_0099.AVI
It is not often you get to see a 11.2m (37 ft) tall elephant go past you. Oh yeah, all controlled by people riding in and on it. Amazing. They drill holes in concrete to tie cars down, show a rocket embedded into the ground, amazing stuff.
So otherwise, Fri night was spent with family that lives in Boston. Sat morning we decided to get on one of the open top tour buses. That generated quite a few pictures since you can jump on and off at any stop and get on again. Coupled with an all day tube pass, we were everywhere. Lunch was at Wagamama's (damn good quick noodle and rice dishes over near The London Tower). In the sightseeing we ran into the elephant. Dinner was an some chic pizza place in Swiss Cottage before hitting the clubs that night.
Now off to Boston for Admin2006.
As for the review, only a couple enterprises left on Domino 5 in the audience. That was nice to see that they were finally getting ready to upgrade. Questions were very direct and dealt with specific scenarios and issues, not ones that everyone seemed to have. The demonstration on DDM was, as usual, long and generated great reviews.
Sametime was in swing in numerous companies, LEI did not get favorable comments and web presence through Domino servers was not as strong as I expected. we talked about almost all the add-ons, even ran into a company that ran DUCS.
So a wonderfully friendly bunch, lots of laughter and fun the whole day. You can find the pictures so far right here.
Until recently, we used Lotus Notes in the PC Advisor offices. It's not the nicest of programs to use by any stretch, and some things can be excruciatingly hard to achieve, but one thing it did well was providing access to your mail wherever you were.
All messages were stored on the server until you chose to archive or delete them. On each computer you used to access your inbox, you could choose to view the messages on the server directly - fine if you're on the office network, not so good over the internet - or synchronize a copy on your system with the server.
Later they go into calendaring, which then leads me to believe that they don't do any. If Thunderbird has local calendaring and there is no proper backend, where does the ease of using such an application come into play? How hard was Lotus Notes for them that they could not master that? Yet they state right above at how easy it was to get your mail anywhere? What could possibly be excruciatingly hard to achieve? Why was the remote access so hard, maybe it was your network there? I wish they had made some comments around that. Better yet, maybe we can comment back. (registration was free on the site).
Stop the blog (hold the presses): Ray Ozzie states that Lotus Notes was designed for an earlier era..and more
GCN: Microsoft sounds like it is doing everything it can to lure all remaining Lotus Notes users to Exchange. How does that make you feel?
Ozzie: Although I've got very warm feelings for the product, the team that built it, the partners who built business around it, and the customers invested in it, Notes was designed at its core for an earlier era. Today there is a far greater set of choices, and in some cases, a far more appropriate set of choices.
Notes was designed for the world of the early '90's - a "re-engineering the corporation" era where the mandate was to utilize technology to share information across departments within an enterprise or government organization.
This comes from an article you can find right here that came out on Apr 24 2006. He was asked later in the article about choosing between Lotus and Exchange and was honest enough to say that it would not be easy or sometimes feasible to migrate applications to Exchange. So why the change, well the article was to be on Groove in more ways than not. But the interviewer took the Lotus approach right out of the starting blocks to stir some controversy. There you go, consider it stirred.
There is always choices in everything you do. I honestly don't find that Lotus is the right answer, but I haven't found Microsoft to be the one either in those. How could Groove benefit from integration with Sharepoint? Not sure, but he states it. Synchronizing seamlessly? I think Lotus does that, quite well with compression, encryption and grabbing smaller documents first so you can start acting and working right away. Need to get a doc to everyone? Upload it once and send a doclink, don't pass the whole do around everywhere. Sounds like a terrible waste of bandwidth and time. Need the data via the web, no need for alternate server. Need secure email, no need for alternate server, HTTP, IMAP or native NRPC. Need a swift kick in the ass for having to deploy 64-bit architecture on Windows only?
Oops that is tomorrows posting I have queued up.
|Well of course it does not work without a policy. It is stored under the policy name in the local address book ($Policies) view and in a field of the desktop settings called DCLoc. If you have no policy, even manually running the nsenddiag executable would have no routing information assigned to it. |
So no policy, no way to change an ini variable to send the diagnostics anyway that I can find at this point.
So I generated a quick policy, ran ndyncfg to update the local client config and then ran nsenddiag to get the crash information over to the Fault Analyzer database on the server to see what was wrong.
I am starting from inside his rant area
Static interfaces are yesterday's news. I want the ability to turn EVERYTHING on and off. I want the ability to alter every single menu item on the screen. I want control of everything in the bookmark bar. I want to be able to set mail preferences that completely hide entire functionality sets
I know Lotus is working hard to control more area via policies, but take a step back and look. Policies were a major change for Domino 6, undoing years or local client ini settings and management. Functionality and features are way beyond what policies are currently. DCC was introduced in R5 behind the scenes for simple location document changes. I see policies being stronger towards Hannover and Domino 8. Saying that, there are areas in policy control Lotus should have entered at the same time features get rolled out. But look at DCC and Sametime. The ability to natively (without coding a subform on a policy) change and set the home Sametime server, did not appear until 6.5.4. Yet, integration took place in 6.5.
Now Nathan goes on to another point that makes perfect sense:
GUI design 101 says that users get confused when presented with more than 7 options in a list. The context (right-click) menu in my Notes inbox has 27 choices! TWENTY SEVEN!!!! It fills the screen in 800x600 resolution! The inbox has 9 action buttons across the top and 18 items in the Actions menu! How do you digest that? I've been writing software for this platform for almost 15 years, and I get lost in my own email!
Lotus jumped right into more menu items in 7 with further right-click menu options for Sametime. You can find almost everything in an Action menu, button, right-click or Smarticon. There are menu items that Mary Beth is brining up (like Quote Selection) that I had forgotten about entirely! So cleaning up the menu choices would be a nice thing. Mainly if it could be controlled via policies.
However, to keep this short. The type of granularity needed would be hard to manage. Most enterprises do not want to entertain explicit policies just to have some menu item function. So finding the balance on what the user needs/wants/finds are all different. They need reply and with history and without attachment. Should that be admin decided? I say no. Some say yes to reduce message sizes. But with the new better mail threading and showing of threads in a message, keeping history is a key thing.
So where does that leave us? I fully believe in shrinking many menu items. I fully believe that Mary Beth is attempting that in some of the questions she is asking. I fully believe that we won't get a lite or stripped client to keep up with functionality.
Official statements on Sametime 7.5 controls and policies are needed as well as any greater policy control in Hannover. My bet is that it is not finalized, so they won't make statements since something might not make it.
I was setting up a 6.5.4 server and turned on the listener for the remote setup. I then went to my local 7.0.1 client and started the remote setup client. Part of the way through I noticed that while customizing the server tasks, there was some 7.x info in there. Specifically the RnRMgr came to notice in the list. I left it checked for grins figuring it would have no bearing.
I was wrong. It actually did add it to the notes.ini servertasks= line and attempted to start the task when the server first launched. No big deal, it simply said it could not find the task and went on it's way. But I am thinking this is not a good thing overall. I will search some docs and see if I can find it. But no luck so far.
Last week we detailed our problems with invitations and Notes propensity for deleting them inappropriately. It seems we're not alone in our loathing.
Now we all know Notes does not just delete your invitations. You have a thing called Preferences for what you want to do with them. It is called workflow and removing clutter from your inbox. If I respond to an invite, why wouldn't I want it to add it to my calendar, let the chairman know and then remove it from my inbox in one click? Do I need a mail message in my inbox to remind me of a calendar entry I already responded to? Oh wait, they discover their complaint later in the article:
However, another E-Taler, Mac this time, says our invitation problem occurs somewhere between the desk chair and the keyboard. But he's put us right.
Mac does agree that this might not be the most intuitive place to oput such an option, and that few people need to have it switched off in the first place. He also, quite pleasantly, points out that Notes is designed with security rather than openness in mind. He's also offered Notes counseling should it all get too much for us again.
So we know he is referring to user preferences in the mailfile (I had to shrink down the text). After some careful searching, I found out the origination of his complaint. He had not turned the preference either way, and the admins did not set any policies to help, so everytime he deleted it from his inbox it removed the entry.
See Notes is a mail-based calendaring product. Which makes it work so wonderfully well. It took time for some other vendors to catch up in being able to send invites over the Internet. A little training and exploration goes a long way in a mail client that you have been using for quite soime time from reading back.
As for the statement that Notes is based on security rather than openness has nothing to do with his issue. Nor is it a point to address in this posting. Security and how a calendar invite is handled have no bearing on each other. Sorry you are secure, let me do exactly what I told you to do in preferences? Huh?
- Customer embraces Lotus technology
- Customer expands SMTP services with Domino
- Customer believes in workflow
- Customer enables server based rules
- Customer enables a lot of server based rules
- Customer finds all rules not working
- I find a whole lot of rules in the server configuration
- I find more than 100
- I have light bulb in head
- I add notes.ini parameter to server MailMaxFilters= xx
- I warn customer of performance issues with that setting
- I bill customer :-)
- We are all happy
As Rob Novak pointed out, IE ActiveX issues with new patch. Microsoft answers.."You have 60 days to be assimilated"
And my favorite part
The big push now is for developers to recode Web sites and Web applications to cater for the browser update.
If not, users won't be able to directly interact with Microsoft ActiveX controls loaded by the APPLET, EMBED or OBJECT elements without first activating the user interface with an extra mouse click.
Can you say click-click for using that Quickplace,
DWA and some other stuff as Rob so eloquently points out right
Day 2 in the seminar gave the usual statistics. Two companies on R5 looking to go straight to Domino 7, everyone running Sametime was at least on 6.5.1 which was a nice surprise. No older versions floating around anywhere. There was great interest in Sametime 7.5 and Hannover too. I think all the press and hype around them both had the people wanting to get more info and live demos. I wish I could have complied, but they did get to see Workplace Managed Client 2.6 and some of it's features during a break.
Overall, everyone is eager to move up for the server enhancements and many had the valid question of what benefit the users see over 6.5.x. They got the standard answer. Some small UI changes, better Domino Web Access and better performance was the first thing most users will see. AutoSave and a few others are cool, but we worked more on policy controls and deploying the desktop through them.
Dinner was at an excellent Italian place called KitKat in the Entertainment District again. A nice long dinner with fantastic service and excellent food led to a short walk to Yuk Yuks for the late comedy show. They went through 5 comics, including the headliner. Some went over the top, a couple were almost crying funny and one left the stage looking like we the audience get most of his jokes. He was right.
Today has just begun..let you know shortly and the link to the pictures..
|I manually run ncompact with the -B flag from time to time locally to recover whitespace. I then pondered why this cannot be done on schedule, as the server does. Your local client has a hidden ($Programs) view. Here is the image .....|
So what do we do from there? We open designer to see if there is a hidden Program form we can expose. None there so off to the address book template.
I grab the Server\Program form and paste it into the local names.nsf database. It is necessary to remove the HTMLAttributes field as that cannot be found locally, we well as the Last Modified field.
I then use the Create - Server - Program menu to create a document to compact each night at 2am with the -B flag. Make sure you close out of all your databases on the client. I also unhid the view for easy manipulation.
So the log the next morning shows....
03/14/2006 02:00:01 AM Compacting admin\xxxx.nsf (Domino R5 Admin Book)
03/14/2006 02:00:02 AM Releasing unused storage in database admin\xxxx.nsf...
03/14/2006 02:00:03 AM Compacted admin\xxxx.nsf, 896K bytes recovered (24%)
03/14/2006 02:00:03 AM Compacting admin\xxxxxxxx.nsf ()
03/14/2006 02:00:03 AM Releasing unused storage in database admin\xxxxxxxx.nsf...
Right on time! But leave the client up and databases closed as a side note.
Set a Program document to purge the MTSTORE more frequently. Currently, the default is every 30 days. You can increase this by running a Program document to issue the following command:
tell mtc purge value
...where value is the maximum number of days. Set this to 7 (you may want to start with 14 if 7 seems too aggressive), and then run this command via a Program document once a week during off hours.
26. What is your messaging plan?
A) Stick with Domino for as long as possible
B) Move to MS Exchange
C) Move to another competitive product
D) Move to a hosted solution
E) Other (Please explain below) :
What the hell does that infer? Stick with it as long as possible? I don't think they read the long terms plans of Notes and Domino at all. They basically make you state that you know Domino is going away, even though we know that it is not. What QA person let this slip by, wait I know, the group putting the survey on.
It all starts at 2:59pm yesterday as seen in the following image
By the time the clock reaches 5:47am this morning the same mail message has now grown to an incredible 25MB in size
So how many times did it loop before the disk started being eaten up? Here is that screenshot too
So what does that mean? Loops suck.
So after the upgrading mail slowly started building and not always going out to the Internet. Internal mail was fine. I couldn't think for a few moments why the upgrade would have changed anything in the mail routing. Then it hit me. The upgrade also included a hardware swap for better performance and the growth of the User Group itself. I then had one of those famous epiphanies. Windows, since the 2000 days has a technote that comes into play a lot here at the Data Center. We usually find the time to use it after a machine goes from DHCP to a fixed IP and Domino has been loaded when it was in DHCP mode. (Why that takes place is not the focus here and can be covered later). So what happens is that the NameServer parameter in the registry does not get set with the DNS servers when you switch. So the server cannot find DNS to send the mail , on a regular basis. How Domino uses it is beyond me since some mail goes.
So I went in today and adjusted the registry under
A quick restart of Domino, for grins even though the router task would have sufficed, and viola, mail went flying out.
You could also add DNSServer=Ip address to the notes.ini, but who would want to manually manage the servers like that?
Gauging the market and needs of other admins sitting in front of you asking tough questions always keeps you on your toes. The knowledge levels of those participating vary with expertise high in some areas. I find that even myself gets enveloped in specific areas of an infrastructure and then you don't see others for some time. Always pushing the edge of what you know is a key to a rounded admin. Luckily, my exposure is always changing so I get the wide breadth of what Domino can do and how to utilize it. So what you get is someone that knows everything about Domino Document Manager and has never audited their security fully. Or SMTP and not Sametime. You get the idea.
Seeing the excitement of someone after digging into an area like DDM topology and design in Domino 7 for over an hour makes it all worth it. If you can look at a new aspect of Domino and embrace it from a good show-and-tell then I have done my job.
Dinner was a very good bite in the hotel called Stacks. Some crunchy fish tacos (with tuna) and a very good assortment of warm breads made the beginning of the evening relaxing.
What is Sender Policy Framework (SPF)? Does
Lotus Domino support SPF?
Domino 7.x, 6.5.x, and 6.0.x do not support SPF. An enhancement request was submitted to Quality Engineering as SPR# RCE5XZQTT; however, there are no plans to address it in the Domino 7.x or 6.x code stream.
Formerly known as "Sender Permitted
From," SPF, an open source code, is an extension of SMTP. Because
standard functionality of SPF has not yet been published by the Internet
Engineering Task Force (IETF), SPF occupies an experimental stage. A
number of competing methods share the goal of preventing SPAM via these
sending server-identification records.
It had a default password on the screen (at least there were tiny asterisks in place of the password) but we could not tell if it was really there or something they put in. We tried manipulating the config doc for that person in the control database to no avail. So at Lotusphere we found out that the code version had a tiny bug that would not let you configure the password on the device. At all. They took his Treo for a couple hours, cleaned up some backend log and config things that get hidden and left behind (we were told) and viola, a new version gets installed on it and we can change the password on the device again. The funny part was that calling support we were told someone there ran the same device but we could never, ever get that person on the phone to see what the deal was.
So we run the Windows CE and Palm integration in Enterprise mode on the server letting multiple device types sync. Keep in mind that it uses two different services to do that. The Thin Client Connector is for the Palm devices and the Commontime main service is for CE. Both listen on different ports by default also. Port 603 for CE and 608 for Palm. Huge thing to know for wireless synching and firewalls. But awesome for me anywhere I can get an 802.11b connection for my PDA. Or anywhere the Treo can get a signal now.
Simply open the names.nsf with a Notes client for the DAMO user and modify the necessary connection records to make the proper passthru connection records. Usually modifying the existing attempted connection to use a passthru and then making a new one to the passthru server. I found a good way is to just email it over to an admin to open, modify it, and then drop it back on the machine for testing reasons.
If you still cannot get something to work, there is a notes.ini parameter, of course, that you can set on the client and server to log more info on passthru of
More that fun..now if we can only get policies to work against DAMO users.
The online article here did not have the grid of the print version. So I added in the print grid and you can read the rest on your own.
But one quick excerpt:
While the directory has been a core piece of Microsoft's identity infrastructure, it will become the platform for strong credentials, access control, single sign-on, federated identity, information-rights protection, process automation and auditing.
|Active Directory Domain Services||Active Directory Domain Controller||Domino server|
|Active Directory Lightweight Directory Services||Active Directory Application Mode||Domino server with LDAP on|
|Active Directory Rights Management Services||Windows Rights Management Services||Domino server with ACL's|
|Active Directory Certificate Services||Windows Certificate Services||Domino server with CA on|
|Active Directory Metadirectory Services||Identity Integration Feature Pack||Domino server|
Oh the confusion for us Domino users?
The installation found the path and previous install as multi-user perfectly. That was a good sign. It forced the multi-user option and gave the same pieces that were currently installed on the machine. The code went on flawlessly.
The problem started when I launched the client. It forced the setup to be run again choosing the user name, home server, TCP setting for the hostname and everything else. Even though I did not have cleanup set on those workstations. (Yes this is my network at home that I totally redid this weekend but that is another posting). So I went through and recreated the setup for each account in roaming to make the kids life easier. They never knew the difference, but then again what user knows what the admins do on the back end do they? LOL
Notes Instant Messaging encounters a looping
condition causing the Sametime server to become unresponsive or to hang.
|Under very specific circumstances
the Sametime server can receive incoming requests at an extremely high
rate from the Notes client. These incoming requests must be resolved
in order for instant messaging users to communicate and share presence
information. As a result of receiving these requests at an extremely
high rate, the Sametime server can become unresponsive as it consumes system
resources during the processing of these incoming messages.
The Sametime servers' state of unresponsiveness
may manifest itself as out-of-memory errors or by disconnecting from the
Sametime Mux (which is used to route instant messages).
Symptoms of this problem can include:
To fix this problem, the Notes client must be upgraded to 6.5.5 CCH1, 7.0 CCH1 or 7.0.1. If upgrading to these versions is not an option, the administrator can request a hotfix for 6.5.3 and 6.5.4.
You have already a comment to 7.0.1 on your Blog. Installing 6.5.5 may take about 2 min. Installing 7.0.1 toke about 20 min. Maybe you could put some comment on this if you have the same experince. Assume it is because Java is used. If you know about anyway to speed this up, maybe you could put it on your Blog
Link1 via Chris W
Link2 via Bruce E
Link3 via Vince S
Now I have not done all the servers yet, pending what the heck happens with some of these issues.
When creating a group in the IBM Lotus Domino
Directory, you can set the group as "ACL only" so that this group
is only used in the Access Control List (ACL) of databases. When
addressing a message in IBM Lotus Domino Web Access (DWA), however, "ACL
only" groups can be selected as the recipient of the message. If
you address a message from the Notes Client, "ACL only" groups
are not available for selection as recipient.
|This issue was reported to Quality
Engineering as SPR# MNAA5B8DAC. There are currently no plans to fix
As a workaround, the ACL group document can be hidden to allow only the Lotus Administrators to see the document. This will prevent end users from being able to select the group when addressing a message. If the document is hidden, be sure to include the server in the list of allowable readers so that the group can be accessed for authentication purposes.
- From CIO Magazine Mar 1 1996:
Examining Notes, the de facto groupware standard from IBM subsidiary Lotus Development Corp., doesn't help either. It's e-mail, it's discussion databases, it's an application development environment, it's a place where different folks can work on the same document at the same time. In fact, even Lotus has had a tough time defining groupware.
One would wonder what genre to place a product that envelops so much with the Extended Product Family now. Are we really using groupware? How many of you work in a group? How many make a group? These were all thoughts 10 years ago. Everyone remember Workflow? Email was taking over the enterprises in leaps and bounds. Applications were taking a mind of their own and many mail systems were just starting to understand there is standards in the universe and to re-engineer their MTA's and gateways to talk nicely to each other.
- From CIO Magazine in Feb 15 1998:
...future mind-share reports are showing a near dead heat for Lotus Notes/Domino and Microsoft Exchange. IBM needs to add the GroupWise installed base to its Notes/Domino share to thwart Microsoft's efforts to own a company's "digital nervous system."
Need we even go here. Future predictions showed a dead heat? Once again falling into the idea that just doing email compares to everything else that can do email. Just because it has 4 wheels doesn't make them comparable now does it? Rollerskate, please meet Ferrari. No one ever saw a hint of tossing GroupWise into any mix with Domino outside of using their directory for LDAP.
- From CIO Magazine Mar 1 1999:
Real-time is real important to CIOs. If Lotus Notes and Domino featuring Ubique technology are half as popular in corporate America as they are in my home, a new era of collaboration is imminent.
Do we even have to go here? Lotus did not even embrace Ubique technology, it has taken chat and presence to new heights to Lotus Notes 7 and offered the chat service as a commodity and requirement now. I think corporate America got the picture, brought to you by IBM Lotus.
- From CIO Magazine Sep 15 2003:
Microsoft Exchange and IBM Domino/Notes dominate the corporate e-mail world. Together, the packages own nearly 90 percent of the Global 2000 e-mail market, and that dominance will continue through 2007.
With the rest of the corporate world already sewn up by IBM and Microsoft, vendors are looking for growth where they can get it.
That is right, use the words sewn up. Hannover leaps us into 2007 with activity-centric collaboration (I am still fuzzy personally on this whole idea and workers grasp). Domino will continue to dominate without effort. Let's hope for another ten years of double digit growth.
In Lotus Domino, message disclaimers no
longer work when the RFC 822 phrase is enabled and added at the server
level. In one particular case, a Domino 7.0 server configured for "Use
CN as phrase" failed to create a disclaimer.
|This issue was reported to Quality
Engineering as SPR# LMES6HATES. If you are experiencing this issue, contact
IBM Lotus Support to investigate whether a test fix is available for your
You can also work around this issue by enabling disclaimers at the client level. In one particular case, when the option, "Do not use phrase," was used instead of "Use CN as phrase," the disclaimer was created.
PANIC: Object handle is invalid
Fatal Error signal=0x00000005 JOB=HTTP/QNOTES/054112 PID/TID=124/0x0000002d
They apparently were pleased and impressed that we had it working. We use Notes to Notes routing for all of our customers to drop NSDs to a mail-in database for collection and tracking purposes. After Lotus received it they stated it is an exact match for some other customers and they are working on coding a patch right now.
Bless ADC and Fault Analyzer tasks in Domino 7
Notes had just about the simplest possible replication mechanism imaginable. After all, we built it at Iris in 1985 for use on a 6Mhz 286-based IBM PC/AT with incredibly slow-seeking 20MB drives. We were struggling with LIM EMS trying to make effective use of more than 1MB of memory. Everything about the design was about implementation simplicity and efficiency.
Besides understanding what Tom was saying about not being able to actively comment back since he is saying he has discussions (which I personally take to mean with MS people as I grabbed maybe 6 or 7 links and saw no responses from Ray), I did find the idea intriguing.
One trackback posting made a quite simple and decent comparison of the previous Pull technologies of RSS with the proposed Pull Pull of SSE. But the initial spec has nothing noted about security or master sources yet. But, my thought here is that it will grow into that with Ray having input and his above statement about Notes. With the moves into XML throughout Microsoft products, enabling SSE ability is the first move into having replication in their technologies over another standard. Instead of the proprietary Domino replication abilities. The security and authorization has a long way to go yet, have no fear.
If we take this like school, Ray is trying to develop a new learning program on new standards and Lotus has had an established college for 20 years that has grown around some very basic roots of security, portability and simplified scalability.
The point of this posting is not how Lotus does the replication, but the far reaching capabilities it has after years of growth and enhancements. Then Ray floats an idea to base some Microsoft work on emerging specs and the slower flocks will follow far too soon. Take that last part and let it marinade some.
Domino first server setup creates IDs with a default public key width of 1024 bits. If a different key width is required, run SETUP.EXE to install the Domino files but before starting the server, open the server's NOTES.INI file, and then set SETUP_FIRST_SERVER_PUBLIC_KEY_WIDTH to the desired key width. For example, for Domino R5-compatible keys, install the files for the Domino server by running SETUP.EXE, but before starting the server, open the NOTES.INI file and then set SETUP_FIRST_SERVER_PUBLIC_KEY_WIDTH=630. The public key width can be set to either 630 or 1024 when using the NOTES.INI variable.
The old hieroglyphics are alive and well. They could make this little used piece of code work even better with more options, but it is respectable for what it does in the first place.
Domino server names are unique names that identify servers in a given Domino domain. Domino server names can consist of one or more words (a maximum of 79 characters) and can consist of any characters except: parentheses, at (@), slash and backslash (/ and \), equal (=), and plus (+). Using spaces or periods is not recommended. If you use spaces, you must enter that server name in quotes ("") when entering a command at the server console. As the Domino server name is also used within the given protocols name to address resolve process the use of underscores and periods can create lookup failures within different protocols. As such they are strongly not recommended.
So no more spaces in server names please. FQDN naming is nice for making everything work smooth, but sometimes quite long as a server name. Common sense seems to rule. Make the server names unique, not match the OS and keep them reasonable.
Let's go back in time. POP3 had numerous issues with the unread marks and locking the mailfile. In the old days, R5 and back, if the mailfile got locked by the POP3 task you had to restart the entire Domino server. Yes I said entire. Documented, read the technotes if you can find the old ones that showed:
POP3 Server: Unable to open mail file for xxx/yyy: unable to obtain exclusive access to maildrop
Large attachments caused the issue, a corrupt message could cause the issue, a bad full moon could cause the issue. Besides POP3 being an older protocol without true load balancing. Domino looks to the client to retain the unread table for the host it is hitting since agents or even API programs could change the Unread ID Table (see technote #1100308).
I consulted with a couple places that were looking to rollout wide scale (20,000 users or more) POP3 implementations. My statement then and now stands at no for Domino and POP. Forget the other issues around having mail locally, backups, leave on server, and a slew of others. Heck, there is not even any scheduling ability. part of the whole reason of using Domino
IMAP had issues a long time for memory leaks and usage. When it started you would see less that 100 full blown IMAP users on a box. That got better over time but you still will not run as many Notes or DWA users. Once again we are back to full failover ability. IMAP does a fine job of reading the folders and letting you work online, but the back end processing through Domino 6 left some to be desired. Scalability still has reported issues in Domino 6, technotes and all. No room for discussion.
Editor note: I have not tested this in Domino 7 yet so everything might be peachy keen now. But not many are to the point to upgrade and I don't have the client load of POP/IMAP to test. Or a desire to configure a load tester for that.
So to close on Ed's posting, why not move to DAMO if you want the Outlook client. Move to DWA, move to Notes. But let's get off the older standard of POP. The servers were made to be a simple storage facility for mail until the client could access it and grab it from the server. Then someone got smart and asked why don't we leave it there so I can get it in more than one place. Great idea, sounds like this needs to move to a server type application. I understand this was before web mail and some client technologies took off. I am not disputing that. But why not sell the abilities of scheduling (not POP as I mentioned), clustering (not POP), alternate client access to the same data (not POP as the unread tables are different) and richness of doclinks and other cool things.
Now the catch was that I wanted to use the wildcard document to configure everything, but I do not want the Fault Analyzer task running on all the servers. So I did have to create a new config doc just for that server, which isn't what I wanted but works.
Size restrictions of the Faults are not a problem across any of the customers, so we are going with Notes to Notes traffic. No size issues to speak of through router restrictions either. I will put a snapshot of the config (maybe Visio) shortly
|Resource Reservation databases
(RRDB) based on a 6.x or earlier design do not function properly on Domino
7 servers. Overbooking of rooms and resources can easily occur if you attempt
to use a pre-Domino 7 RRDB on a 7.0 server. For example:
The Domino 7 Rooms and Resource Manager task (RnRMgr) is designed to handle the processing of reservations in the RRDB, including handling all notifications, autoprocessing, and the updating of room- and resource-related busytime records. The Domino 7 mail router was optimized to allow the RnRMgr task to function correctly by removing the logic associated with the autoprocessing of room and resource requests.
The Domino 7 Schedule Manager task (Sched), which is responsible for updating busytime for mail databases, was updated to not monitor any RRDBs. This means that any directly created reservation requests will appear to have properly processed; however, busytime is not actually updated. And as a result, rooms and resources can be double booked.
Therefore, because Domino 5.x and 6.x RRDBs require the legacy router and sched tasks in order to operate as designed, they will not work once your server is upgraded to Domino 7.0.
|Lotus Domino 7.0 is working
as designed. To function correctly on a Domino 7 server, the Resource
Reservation database must be based on the Domino 7 Resource Reservation
template (RESRC7.NTF) For the best results, the design of this database
must be upgraded at the same time you upgrade the server to 7.0.
What happens to reservation requests generated in a pre-Domino 7 RRDB on a Domino 7 server? Requests generated while a pre-Domino 7 RRDB is on a Domino 7 server will remain in the hidden $Nlookup view, but they will not be processed. Upgrading a pre-Domino 7 RRDB on a Domino 7 server to the latest template will result in the 'stuck' reservations being processed if the original request has not been removed by the Purge agent (which normally runs once a day).
But in watching the inbox grow with clutter, and I do not need email clutter, there is something else needed.
See previously everyone complained that Notes was not like Outlook with all the bells and whistles. Unfortunately there are too many now.
- awareness icons
- reply indicators
- forward indicators
- message recipient indicators
- follow-up flags in varying colors
- priority indicators
- mood stamps
- yes there is a few more
The second hour was on the enhancements in the Administrator client and performance. One ScreenCam for DDM and a whole lot of slides on performance testing that has been done. Then a few on the new load tools available. There could have been much more to this section.
The third was on the Designer client so I drifted away mentally and snuck out before the final session on ISSL trying to say how they can assist you in migrating. Kind of backwards since they show how easy and compatible Domino 7 is, who would need the help?
A question came today about Remote Server Setup when connecting over a VPN where the standard port for setup of 8585 is being blocked. TO get it unblocked took more than some time, three turns and clicks of heels. So I went digging.
In the local Remote Server Setup client you can select the host and port (see screenshot), but the server mode is not well documented. I actually restricted my search from Google to the Notes.Net site and found a Z/OS document that shows the simple command to do so.
nserver -listen newport
How simple is that? Quite! Except we could not find it documented anywhere until this search. If you know where it is other than that let me know. Maybe it will sneak out in a technote.
- Great job as usual. He is at the point now where Ed probably murmurs competitive things in his sleep. He got a question on Outlook and how does the GUI compare or how was it enhanced Domino 7. We all know Hannover addresses this issue even more. Basically people, Lotus is saying it does what you need since the 6.x days, but looks a little different. Heck, I don't like some of the UI in Outlook, so why is it so much better? Let's call it training!
- Another asked about Domino Access for Microsoft Outlook and enhancements. DAMO in 7 is using the same template as 6.5.4 uses for now. Great idea to get that out the door in time with 7. I imagine when the point releases start coming out, some more fixes for DAMO will be there. I also imagine that some new bugs might be found when using the back-end of 7
Rob Ingram, lead Domino Product Manager
Benchmarked improvements was a highlight hit often with Rob. He did well also. Here are two screenshots:
Ok, maybe I am off but they did not hit 30 something percent improvement even according to their own charts??? I will let that one go with the thought that the improvements in performance are definitely there.
Then he made me sit up in my seat. Finally a new benchmark that addresses what the old ones missed, real world activity!!!!
Mark Jourdain, product manager , Application Development, Domino Designer
Mark did very well also. Even though he had to cram the last slides in at the end due to time.
Mark got a question on a rumor that LEI would be included with the server for free. Come on now, they charge like $50K per processor retail for that product. Per sale. DECS has been around got some a little better over the years, but I am guessing that you will never see that full type of LEI featureset in the core product for some time.
Will there be support for Forms5.nsf on a Domino 7 server?
- The iNotes5.ntf template will not be included
with Domino 7, so you cannot create Forms5 users from the 7.x Domino
Administrator client; however, the Forms5.nsf has been updated to work
with Domino 7 and is included with Domino 7.
- Domino 7 is backwards compatible for existing iNotes5 users; however, you cannot create new iNotes5 users using the 7.x Domino Administrator client. IBM Lotus does support upgrading existing users; we do not support creating new iNotes5 users on Domino 7.
Ok, so the first part of the demo was Outlook and Exchange. He was using VMWare to show the servers and clients running all together. I paid attention but that is not what you are here for. We took a quick 5 minute break while he loaded the Domino VMWare to show us that.
- Template modifications are necessary to add the necessary action buttons and menu items. Not a big deal overall but he stated they stay about 6 months behind major Domino releases so nothing for 7 yet
- You have the ability to grab just attachments or the whole body to archive off. You can also specify certain parameters based on date/time/size of message/size of attachments/etc/etc to grab for archiving.
- You have the choice to leave the small stub in your mailfile and then retrieve from there. Or remove the stub and use the CommonStore interface to get it back. This runs from a web browser over SSL (we were told and saw it looking for SSL requests in the background on a console)
- New icons are used to designate that the message was moved to archive. I took issue with the icon choice since in Domino 7, that same icon appears in the lower right of your client (between the access icon and IM component) to let you know that messages are signed or encrypted.
- Signatures on all emails get broken since the document is opened, things deleted, lines added and then it is saved. So you get the old error that document might have been modified or corrupted since last signed
I could go on for some time just explaining, but if you have an archive policy setting that works with some journaling of all or based on subject/sender then you have a lot of what this does. Yes there are some features and benefits that revolve around compliancy.
Now another thing should be noted is that they push the idea of Single Copy Object Store heavily in numerous slides and conversation points. We all know the old versions of SCOS in Domino were not the best, but they touted it like Domino cannot do ti either. Interestingly enough it was pointed out that with archiving, journaling and SCOS in Domino you have all of what they have in databases that are still searchable. In reality, unless you have some strict recoding/archiving needs (SEC, HIPPA, S/O) then all you are doing is pushing the mail onto yet another machine that needs backup, maintenance and management. The product will hit mailboxes on most platforms, but only runs itself on Windows and AIX. So all of you that invested in iSeries to get away from Windows, break out the old hardware and add tons of disk space.
Unfortunately we were under some goofy NDA stuff, but we met with Sybari while looking as ASP modes for anti-virus/spam software for Domino. Besides the fact that they couldn't answer about 20 questions or so at the meeting in terms of functionality (even with a tech person there at the meeting from Sybari), the statement about dropping OS support got them eliminated. From this site comes the following text which prompted me to finally write on this:
This morning my MS rep emailed a snippet of the press release: Microsoft Completes Acquisition of Enterprise Security Provider Sybari Software. I used to be fairly pleased with Sybari Antigen for Lotus Domino/Notes, so I started worrying when MS bought them back in February. Well, fear no more: they've already announced that their dropping the Linux and UNIX versions of Sybari products. Expect the remaining Windows-platform products for Lotus' email server (that is, Microsoft's biggest competitor to Exchange/Outlook) to "fall like dominoes" soon enough...
If you are unsure why they would drop certain OS support, then reminding you they were bought by Microsoft back in February or so would answer it right out. Microsoft buys Sybari, drops any platform but Windows and renames the Domino version. Now they will continue to support those under maintenance, but do not look to renew it again with them.
So soon we saw Microsoft buying Frontbridge for some more further frontline coverage to Exchange.
Now let's look at the flipside of this. Lotus has been slowing building anti-spam features in as any good email should. But one would think buying someone like KSpam or SpamJam would make perfect sense to toss them in as templates and say,
"Hey Microsoft! Not only do we secure the desktops already and don't have that pesky virus trouble inside of our mail program, we now built in spam technologies that runs on any platform you install Domino. You want frontline SMTP Domino servers on AS/400? Partitions on ZSeries? We got ya. Want to run some Windows for Sametime and then all mail on the AS/400? We got ya. Mix and match, toss a Mac client in there. But anyway you look at it, we have DNS whitelisting, blacklisting, spam controls, reverse lookups, allowed domains..too many to type for this little text block."
So get at it IBM/Lotus, buy a little someone and integrate it. Or develop your own, it is does all the time to mirror what partners make. It has been that way for a long time, no shock value there. Just a need to have an all-in-one package that kicks even more ass on the mail front. And yes, keep those little silly circles in the Domino 7 template, I personally don't get them even after a year, but you made my VP smile and that is all that matters.< /rant >
You are attempting to load Sametime 7.0 and it requires Domino 7.0.0, do you wish to continue anyway?
Ok, call me silly but I think I am loading on Domino 7.0.0. if you add in the extra decimal. Lotus hints that this is normal on pre-release versions of Domino 7, but not the gold. But the ending Init error stops it cold and it will not launch
The second error had to do with my laptop upgrade. For some reason, the local databases (ok just 3 of the 20 or so) somehow got the "Receive documents from server" option deselected. It would still send changes to the server but not get them. Bizarre. Might try to reproduce this one on another upgrade somewhere here.
With the release of Lotus Notes and Domino 7, we are announcing the withdrawal of IBM Tivoli Analyzer for Lotus Domino from the marketplace. The Tivoli functionality has been built into the new administrative features of the Domino 7 product.
If you have questions about this transition please ask.
DB2 feature in Domino 7 released with Limited Availability
Domino 7 with DB2 - Limited Availability
Domino 7 with DB2 is released with Limited Availability; as such, it is not available for general usage, but is provided
for evaluation purposes only. For more information about the Limited Availability program and other important
information on this topic, see the URL http://www.ibm.com/lotus/nsfdb2.
To enable Domino 7 with DB2, you'll need the DB2 key for Domino, and DB2 Access for Domino.
So that only means, no you cannot use it unless you call. (Enough people had asked me in email and IM)
.....will not work correctly; it will, more than likely, decline the.....
How and when does Notes decide to not work right? Is there some computation hidden the decides when it works and does not work? If you were mean to the server will it decide that is the time?
One complaint we get with Sametime, is that it is too complicated to setup a meeting to collaborate on a document. Having this ability right inside of Excel or Word, seems like a good idea. It exposes the functionality and make it easy to use.
IBM should take note. I can't imagine it would be difficult to do that same sort of thing with Sametime.
With the open toolkits form IBM, the functionality is there for it to be programmed. Heck, I know of one partner that has already done this for the Microsoft integration. But to make life simpler, having instant meetings and choosing to share an application is second nature around here. Mainly with scattered sales representatives. Instead of emailing me document after document, just open a quick IM, ask if I am busy and let's collaborate on anything you desire from your desktop.
I guess the point is, it is all about training and exposing the functionality that is already there. Now I can go as far to say that Microsoft did make this pack downloadable and readily configured. But Domino 7 has Sametime integration everywhere you turn. Plus with the simple checkbox in the designer now, you can make presence show up all over.
So do you install the Notes client with integrated awareness, presence, chat and instant meetings. Or do you install a full Microsoft suite of products (Communicator, all of Office, and Messenger) to get there?
To make a long story short, I had this error on my screen when I returned as I rarely ever close Notes at the office. Anyone else seen this? Looks like what you used to see on AOL and on Yahoo! still
... it was expected to be fixed in Beta4 but unfortunately it didn't get into this build. It has been categorised as a 7.0 ship stopper so it should be fixed prior to GA.
The second issue was after upgrading the client form beta 3 to beta 4. I was getting an error on the Welcome Page. The client would still open, you just had to get past the error. It then gave a gray area on the Welcome Page but rendered the rest of the information correctly.
Formula Must Evaluate to Text
I heard back directly from some of the wonderful folks at Lotus stating that they thought this had been fixed. So they gave a fix that involved either replacing bookmark.nsf with the new one they put in the forum, or following a set of instructions they provided. Here it is for anyone that needs it. Thanks to Debbie for getting it to me so quick.
Open bookmark.nsf in designer
Go to the Views
Click on the view called (Downloads) and click Design - Preview In Notes
You will most likely see two $branding documents there.
If you do, go to the "multiple $branding documents" section below.
If instead you see two documents with the exact title of $branding4AA10721D4DE2AFF85256D4F003B84B4 go to "multiple $branding+UNID documents" section below.
multiple $branding documents
Look at the far-right column for the UNID's of the $branding documents.
Select the $branding document that does NOT have a UNID that starts with "3493F249..."
Press DEL (ignore error message)
Press F9 key so that the $branding document is permanently deleted from the database
Close the view
Close Notes and reopen.
The "Formula must evaluate to text" error should not appear.
multiple $branding+UNID documents
If you see two documents with the title of "$branding4AA10721D4DE2AFF85256D4F003B84B4"
Look at the far-right column for the UNID's of these documents
Select the document that does NOT have a UNID of "3887F989A309670F85256F97004F"
Press DEL (ignore error message)
Press F9 key so that the $branding document is permanently deleted from the database
Close the view
Close Notes and reopen.
The "Formula must evaluate to text" error should not appear.
Do I even have to explain the above picture? :-) For the integrated Sametime in the Notes client, just save the chat transcripts right to the new view in the mailfile, and toss a timestamp in there while you are at it. Here is the snapshot of that new view in the Domino 7 mailfile.
There are a few options of topology design when you have multiple servers in a Domino domain. You can classify the architecture in a few different ways:
- Hub & Spoke - A typical design where a central server pushes and controls changes to all the servers around it. You update one central source and everyone gets happy eventually. But, if there are too many spokes, you can have times where the hub cannot reach all the servers during a cycle. So you moved to the next couple ways. The other downside relies on one central server for all updates. If the hub dies, so does the topology.
- Multiple Hub & Spoke - Here there is more than one hub, possibly even in a cluster, that handles the updates to their own sets of spokes. This allows redundancy for the centralized architecture and lets the servers make the rounds updating the spokes. This works well in a good LAN speed environment. The downside, not too many if the central hubs are in a cluster. That way data can pass across spokes fairly quickly on opposite sides. If there is no cluster, see above.
- Tiered (Binary Tree) - Taking the hub and spoke idea a bit different, a central servers updates two or a few servers. Those servers update two or more each and so on down the pyramid. This works well if you have some good network connections to a few servers and then those have some decent speed to downstream servers without the top having that speed access. Otherwise you could go back to hub and spoke. The downside is that in a large tiered environment, it can take some time for a change to go up and down the tree if they do not share a parent server all the way to the top. I have seen some tiers that cross somewhere in the middle to alleviate that and leave the top server for administration and NAB master.
- Ring - Simple enough, servers call each other in a circle updating, adding and deleting as it goes. The downside relies on a large ring where it can take some time to get all the way around. Also, if one server in the ring goes down, so goes the cycle.
- End-to-End - Basically data starts on one end, passes through multiple servers through replication and then comes right back. Timing becomes and issue to make sure that data can make it all the way down and back before the next baton is passed. Think of it as runners that pass the baton, and if one runner takes off too early, who knows where the baton is.
- Meshed (or Peer-to-Peer) - This is basically random servers that call other random servers. It is all made with some reason when laid out, but you are never quite sure how or when data is getting to somewhere else. It just shows up.
- Spaghetti - This is the last result and the most frustrating. Admins just create connection records form one to all the others, over and over again. For each server in the domain. Replication conflicts occur, the servers have no idea who owns the database, and design changes fly everywhere. I usually encounter this when doing audits of domains where they keep patching and adding band-aids instead of fixing the real issue. No topology design.
So there we are. We can now mentally picture multiple types of topology right? But the path of decisions is yet to come.
After running through a few of the major improvements, a longer conversation started around issues he has encountered and is troubleshooting still in previous versions. After some quick help, I learned the gentleman was not only a consultant but a reader of this blog. Now am I saying I should not have helped him by answering some questions? Heck no. But I do know there are people that need to catch up on the technology they are supporting. (Mainly with Domino 7 Beta 4 out today too. It has been almost a year with the new version, you know?) being able to guide your clients in the right direction on versions and functionality is key.
Enough rant, I have actual content to post.
A large percentage of e-mail users in the workplace still employ old versions of Microsoft Exchange. A recent survey we completed showed that 26% of Exchange users are still on Version 5.5 or earlier - meaning these users are now at least two generations behind the current version of Exchange.
Now I have not seen that type of quote (this was from Network World on 5-3-05) for Domino recently. How many enterprises are still back in the 4.6x range and early 5? They don't follow the same reasons of changing directory structure (Active Directory), changing data store and numerous others. So is the hold-up budget related? Time to implement? Management issues (meaning company upper management)? Manpower?
As I prepare for Admin2005, I begin to think about this from all my previous sessions over the past couple years. I am always surprised by any numbers of people still back in those versions of Domino and the lack of planning they have made to move ahead. Plus, they seem to still have issues and implementation goals that can be easily reached in 6, and of course 7.
I took this from an article back in Dec 2003
In comparison, 85% of Lotus customers had already upgrade to R5 in June of 2002, three months before the launch of Domino 6.
So what is going on? Why do we still hear of major companies that upgrade and are flagships for marketing and the other shops that haven't made the move?
More than 50,000 users outside of IBM have downloaded the Notes 7 beta client; another 50,000 users within IBM are getting their mail from Domino 7 beta servers, and thousands of those users are voluntarily using the Notes beta client.
Scharfman says these numbers far surpass previous external beta downloads
Now the business partner forum went one step further to discuss the benefits of upgrading to Domino 7. I know internally we have it deployed on servers and clients so we can test and see the benefits and functionality it has to offer. Before we start upgrading managed and hosted customers.
I am seeing performance enhancements in the server and functionality gains in the client. Overall, I think any reduction of CPU and memory while providing more functionality is a good thing. Awareness is starting to show up everywhere you are in the client. Saving chats to your mailfile is a neat twist. Text files don't get huge so I am not too worried about using more space, or quota issues. The AutoSave kind of sneaks up on you and I haven't fully figured out how to get a document back. I know AutoSave was built into the server document earlier, but now it is there for all the work you do.
I have played with Domino Domain Monitoring (DMM) quite a bit and have some comments separate on that.
SSL session resumption greatly improves performance when using SSL by recalling information from a previous successful SSL session negotiation to bypass the most computationally intensive parts of the SSL session key negotiation. HTTP is the protocol that benefits the most from SSL session resumption, but other Internet protocols may benefit as well.
By default, the server caches information from the 50 most recently negotiated sessions. This number can be modified by setting the variable SSL_RESUMABLE_SESSIONS in the NOTES.INI file. Increasing that number may improve performance on servers that tend to carry large numbers of concurrent SSL sessions.
SSL session resumption can be disabled by setting SSL_RESUMABLE_SESSIONS=1 on the server.
SSL_RESUMABLE_SESSIONS has no effect on the Notes client. The Notes client will cache the most recent SSL session.
Note You cannot configure SSL sessions to time out and expire.
Let's give it a shot and see if the results
are of benefit, will let you know
- No categorization - meaning there is no description area or ability to group them together from a drop-down list. Maybe that list comes pre-built from Lotus or maybe it is open so you can add your own as you go along.
- No sorting - this follows right behind categories as there is no way to sort the rules in the server or email file. How are you to find any certain rule if you have to scroll and hunt.
- Order in embedded view is only shown as the order the rules are applied to the message. This goes to sorting
- You cannot use special characters - Now I am not implying that every character should be used. But if you ever tried to be creative and use a "\" and perform some rudimentary sorting you were in for a surprise. Everything after the slash is ignored. So yes it looks nice, but the rule is then not applied properly to any mail message. This also removes the possibility of wildcards.
- The amount of rules in mailfiles should be decreased. Finding the appropriate rule in a list of 100 becomes unreasonable. Compounded with the current issue of some rules staying active after deletion makes finding them to help users a long trek.
So yes, there is some good things. The ability to sort mail on the fly is awesome for mail management. The ability to have numerous strings of AND/OR makes adding exceptions to rules easy. (yes mail can get lost in the matrix if you do not understand all your rules)
So there is some quick thoughts! Any of your own
Europe's Leading IT Analyst Company providing Analysis without compromise
however with this opinion they came out with without compromise, they attended Lotusphere and came out with this beauty (that is a pickup of the original here that requires free login to view) of a thought from author Richard Edwards (who is the Research Analyst - IT Infrastructure, Intelligence, Collaboration for the group it seems):
Butler Group Opinion
With most organisations only now upgrading to Release 6.0, I cannot see IBM converting these loyal customers to Notes/Domino Release 7 any time soon, and as a result this can only weaken the impact of IBM Workplace on the general market - something of a pity given the platform's huge potential and significant technological advancements.
I agree that a lot of enterprises are still heading toward Domino 6, even after 2 years. But why not jump straight to some release of 7? I know a bunch waited for 6.5.x releases for the integrated IM and client enhancements. With 7 they can get the client and new server enhancements all at once.
Does anyone else see this as true or as an issue? They are using the leverage of companies just moving to 6, and not moving towards 7 as an issue with IBM Workplace family of products? As I scratch my head at that confusing statement he made, maybe someone else can make sense of it.
|In a Domino Web Access 6.5.2
mail file accessed via the browser, adding a name to the Buddy List from
the Domino Directory does not work unless the hierarchical name is changed
to a common name in exactly the correct case.
For example, if you attempt to add John Doe/ACME, you will not be able to in 6.5.2, although doing the same thing in versions 6.5.1 or 6.5.3 you will be able to add the name.
If the name is entered in 6.5.2 as John
Doe, assuming John Doe is the correct case, the name will successfully
be added. However, entering John doe or john Doe or john doe or JOHN
DOE, etc. will not work.
|This issue appears to be isolated
just to version 6.5.2.
As a workaround for the 6.5.2 Domino Web Access server, add the following parameter to the 6.5.2 Domino DWA server's Notes.ini file:
This setting will use the Sametime Connect for browsers user interface, rather than the Domino Web Access chat user interface.
I run beta 2 of 7.0 and he runs a 6.5.x version. Now opening the same database from the Notes client works just wonderfully, but not from admin. Go figure. Just a little tip.
Well Ed posted about his overview of the recent couple meetings he attended in Dallas and Houston, and some nice responses by Alan and Steve Castledine. But here is what I think, and well if you don't like it comment away. Ed talks about all the things they have done for Lotus the past few years.
There's also the level of investment IBM is making in integrating Notes into newer technologies (where newer is only a statement about age). Domino Application Portlet, common PIM portlet, Bowstreet tools for WebSphere Portal. Notes client plug-in for the IBM Workplace client technology. These are major efforts to protect existing skills and investment...and continue to provide a relevant platform for those Notes applications for a long time to come
Which I totally agree. But what gets missed is that people are asking just for what is coming and changing in Domino in a lot of these shops. I heard it yesterday at the User Group and it is why I like the approach Kraig took in presenting. He basically said (as I paraphrase greatly)
You came to this to see what was new in Domino 7, not in what we are merging with Workplace and other Websphere things. So I cut those out.
Bravo! Ed points out all the integration changes and other things made, but people in a whole lot of shops are working with straight Domino technology and need to know what is enhanced there and only there. Portlets are awesome if you are running an environment where you need portlets. But how many times do we say, "I can do that in Notes" to someone in the organization? We say it a lot. Then the marketing comes in that Workplace, Websphere Portal and all these others are the way to plug-in. So I went on and on enough in a long circle to say one thing.
I love all the integration into newer technologies. I even promote and support some of them through installations and hosting. But a lot of the companies come to us asking, "just tell me about Domino and nothing else. Where is it going without one mention of Workplace or Websphere in your answer and how can we keep leveraging that power. We don't want the other ones......yet."
At the customer site, they have proxy servers and also restrict outbound 1352 traffic. So I could not reach many of the destinations I had in preferences. Well when launching the administrator client, it tried to reach the primary servers for the domains first, then the secondary. Since it couldn't reach any of them, it started trying others. What I started getting was numerous pop-ups stating it couldn't reach ServerX then ServerY and etc throughout the domains. It go to the point they were coming up as fast as I could click OK on the pop-up. Eventually the client just crashed and burned. I took it as a one time anomaly at first, and tried again. Apparently I was in a good mood since the same result. The answer? I removed many of the domains that I didn't use often from the preferences to get past it.
I presented a Webcast for e-ProMag.com last week on spam control in Domino 7. I focused a bit of the presentation on the current initiatives that are being proposed by groups such as Microsoft and Yahoo!. All these proposals share one common thread: to defeat spoofing of the mail domain or server sending the message. None of them addresses the actual message content; but they all hope to curb spam by reducing the amount of mail you receive. Has e-mail moved to the point where so much control has been given to the spammers we now need to know who is calling our mail server before accepting mail? You actually do not screen your phone: people call, and you see who the "header" is using caller ID before opening (answering) the phone right? You don't deny their call up front unless they are known spammers (this would fall under a Do Not Call List in my opinion). Everyone else is dealt with when you get the message.
With Caller-ID, the Microsoft offered product, you have to modify DNS with some new XML to register your sending servers so that when a message is sent, the receiving server knows that the message truly came from a legitimate server, theoretically preventing spoofing. Changes on both ends of the mail system are required for this to work. With Yahoo! you have Domain Keys that are available with DNS to verify that the server signing the message header was the actual sender. This method takes changes on both ends also. Basically, you have to have both ends agree to enable, configure, and use one or all of these selections.
Imagine if a quarter of your customers/partners/suppliers chooses Caller ID, another quarter chooses Domain Keys, another selects Sender Policy Framework (SPF), and then the rest do nothing? How many servers will messaging require? Can one server do all four? Can two even exist on one box? What about outbound versus inbound? How is that configured? I think you see where this is heading.
But the most important part here is even a known domain can spam. Sure the odds are much less, but spammers are getting trickier and taking over a server, or sometimes finding an open one in a trusted domain. I understand the goal is to lighten the load on what the server actually receives, and then scan for content on those messages. It just seems as we create more elaborate means to reduce the mail, the spammer is two steps ahead in planning alternate ways.
Rearrange the Columns Viewable in the Domino Administrator
A customer sent me an IM today asking a question that threw me off for a moment. The administrator needed to provide a printout of the mailfile templates for all the users with the user name. Well, the Person document viewable in the Domino Administrator does not contain this information. You can get version information from the Person document in Domino 6.x, but not what actual template they are using.
That led us to look further into the Domino Administrator, to see that you can find the template on the Files tab when looking locally or on the server.
However, the column to view the template is way to the right on the screen, far away from the username itself. You are also not able to drag and drop columns in the Domino Administrator. It took me a moment to recall if this was even possible and I just wanted to share where I found it.
From your Notes client, go to File, Preferences, Administration Preferences, and then select Files on the left. You will see all the columns that are available to view. Of course, just to the right is the columns you are actually using. You can move them in and out of your Domino Administrator with a simple arrow selection. Amazingly, I never realized the little arrows below that allow you to reorder the columns any way you desire. I never minded the default setup myself, but I can see the need to reorganize them in certain circumstances. So a few clicks and there was the order they needed.
But (there is always a but here isn't there?) you can neither print nor export from the Files tab on the Domino Administrator. You may be able to take screenshots, or create a custom view in the Domino Directory, but exporting the necessary information is not possible from the Domino Administrator.
One other tip, if you have the Domino Administrator open when you make the column changes, you will not see them right away. The Domino Administrator must be restarted to see the new column selections and order.
Domino 6 Out of Office Agent
The Out of Office (OOO) agent in Domino 6 seems to be a hot topic recently. There was a design change made that will not allow anyone but the calendar profile owner to enable the OOO as shown in Figure 1. This has caused concern for many enterprises that if a user goes out of town, or on extended sick leave, they won't be able to go in and enable the agent for that user. Since e-mail, as we know, is now a huge part of business processes, missing that important e-mail could cost the company money. Enabling the OOO for someone else was previously possible through Domino 5 though.
In fact, the actual menu item under Tools, Out of Office is now missing unless you are the database owner.
Of course, as always, there is a way around this. The administrator can go to the mail file and sign the agent to run on behalf of another user (the database owner). Unfortunately this is not 'user friendly' and common knowledge. It would be great of Lotus to offer, as an option in the delegation selections, to have someone else have the ability to enable/disable the OOO for users, such as an assistant, help desk, or department manager.
But of course there are some cool things, like that the chats have their own threads now and the buddy list can be minimized to the task bar. I run it in transparency mode, but some people like it open all the time. There are also some new options preferences on how a new IM alerts you.
I will update if I get an answer to this.
The list of enhancements leaves a lot to test, and the whitelisting is something you have to build to test properly. So I am working on that. Anyone farther along that I am and want to compare notes? Or, as I find sometimes, am I leading the charge and you want me to post about it?
Number 1 is the ability for the Notes client to recall what windows you had open at the time of closing and then reopen those when relaunched. I always hated trying to make bookmarks or a draft document with the link or other means. This is a great time-saver when shutting down in a hurry and wanting those documents again later. I am curious what will occur if it was a server based database and you have to go to Island or disconnected mode. Will the tab show blank, or will the client give an error?
Number 2 on the list is the All Documents view enhancement to show what folder a document is actually in. What a time-saver. Sure you search and find documents that you do not know what folder they are in, but then you are back to square 1. With this enhancement I can then know for future reference where the heck my mind told me to put it that day.
But here is my questions:
- Where the heck will all these saves be?
- A ton of .tmp files in my local data directory?
- Somewhere on the C drive? Anyone? Someone?
- What happens if I crash? Do they stay for recovery and Notes can map to them later?
- Will there be an import mechanism or something that uses unique doc id's in the autosave on edits?
An update of information:
- Designers now have the ability to specify that a form support AutoSave - documents created with that form will be saved out locally based on a user specified time, so that they will be available after a system failure/crash. Users will also have the option to save out documents to the local store in the event the server they were working on goes down.
Description: Use this setting to prevent (turn off) access to attachments in e-mail. By default, any user can access an attachment in an e-mail. Using this setting prevents a users from accessing and copying sensitive information in an attachment at an unsecured workstation.
0= off (prevents access to attachments)
1= on (allows access to attachments)
Applies to: All Domino Web
Anyone else see this benefit? We all
know buttons don't always work because users won't click them. Just
let me automate it in a policy. Each user has to have a names.nsf
which does lead to a new issue on the Cadenza side but one thing at a time.
- Enforce anti-relay policies and test your settings. Domino 6 now sets a default in the configuration documents to stop some basic relaying on your server, but if you migrated from a previous version of Domino, your previous settings are maintained.
- To learn how to quickly test your settings, see my previous e-Pro Magazine article on Troubleshooting Internet Messaging in Domino at e-ProMag.com, article ID 1999.
- Authenticate all users for relay privileges. You can choose not to authenticate local domain users, but if someone is forging an address then you’re defeating the purpose of this ability introduced in Domino 6 (you could do this previously but only if you locked the whole SMTP server down) The ability to modify these setting can be found in the Configuration document under the Router/SMTP – Restrictions and Controls – SMTP Inbound Controls – Inbound Relay Enforcement.
- Use blacklists to reduce that spam. Now that Domino 6 natively supports blacklists by adding them into the Server Configuration document’s DNS Blacklists Filter section, take advantage of the numerous free blacklist services that can be found!
- Understand whitelists and their purpose for mail management. Whitelists allow the administrator (or user, on local spam products) to allow certain messages to be allowed through your spam filters based on sender or domain If an address is on both a whitelist and a blacklist, the whitelist will win, causing the message to be delivered. Whitelisting is not available natively in Domino, but there are third-party tools available.
- Investigate purchasing a third-party spam filtering tool when Domino SMTP/Router and blacklists rules are not enough to reduce spam in your environment.
- Create SMTP/Router rules in the Server Configuration document for better enterprise mail management . You can deny, sort, and route mail based on server-side rules of subject, sender, importance, and even recipient count! There are many others, investigate these options! Remember server based rules effect everyone, not similar to mailfile rules users maintain on their own.
- Change the setting in the Server Configuration document to not allow mail for local domain recipients not found in the Domino Directory (Domino 6 only). Enabling this setting reduces the amount of dictionary-attack spam clogging your mail.box on the server by not accepting mail that is destined for unknown names.
- Try to use named groups or wildcard Server Configuration documents to control multiple servers at one time. This gives you consistent control over numerous servers to ease administration and to make sure each server responds the same for troubleshooting. Keep in mind there may be instances when a server will need specific configurations based on user needs, such as a server that needs specific domains or users to be blocked while still aloowing other servers to receive the same mail.
- Increase the number of mail.box databases on your system if you currently have only the default one (1). This allows faster processing of mail and increases performance (up to a certain point). Busy SMTP servers benefit greatly from an additional mail.box. It can consume resources if you allow the server to have too many. Best practices for the number of mail.box databases relies on server usage and mail load. Remember, too many mail.box databases can have adverse effects!
- Enable a maximum message size for mail messages. A mistake many enterprises make is not establishing a balance between business need and convenience. Is it convenient to accept 100MB messages via email? Of course it is! But does your business need large graphic packages or CAD drawings? If not, you need to evaluate a business need for a size limit. A majority of enterprises we deal with are very comfortable in the 15-20MB limit. This also saves disk space and prevents someone from sending a large attachment to multiple users, possibly bringing your system to a halt.
- Leave the default Configuration document settings that are created for each server. By default a new Configuration document does have an anti-relay setting, as I mention above, but everything else is left to the administrator to configure. There are great performance enhancements that can be found by understanding all the variables I am not able to fit here. I would suggest following the administration guide for a full description of each field and section.
- Simply enable the setting to check for connecting host names in DNS. Not all companies have correctly configured DNS, or their ISP does not allow reverse DNS entries for them. This will have your system denying their mail to you. While this is a very powerful feature at reducing spam, it immediately becomes noticeable that you will reject legitimate email.
- You can also very senders domain in DNS instead of the connecting host. By not checking the host in DNS (to protect false positives for ones that don’t allow reverse DNS), but instead checking the actual sender’s domain name, you can trim down unwanted emails that way also. A legitimate sender should have a DNS entry correct?
- Try to micro-manage who can and cannot receive Internet email. Maintaining that listing is a manual process that most administrators do not have time for. I have only seen a couple companies that had reasons to only allow mail to certain people or addresses.
One of the new, and significant features in Domino 7.0 is allowing DB2 to be a data repository for Domino applications. To ensure that customers can benefit from this feature, IBM plans to provide Domino 7 customers a limited entitlement to DB2 Universal Database. Although the exact terms and conditions of this limited entitlement are still being worked out, you can expect to see the following limitations.
- Any access of Domino data stored in DB2 UDB via third party, other than backup/restore, is only allowed if DB2 UDB Workgroup or Enterprise edition is licensed separately.
- Any use of the DB2 UDB data store for non Domino data also requires a DB2 UDB Workgroup or Enterprise edition license, separately purchased.
So it looks like you might get a free runtime license you can back up, but not pull reports from without a license?
What is TeamRoom?
TeamRoom is a Lotus Notes application designed to support processes that help people work together. The software does not create the sense of shared purpose, common language, focus, and drive which make effective teams productive. But, by embedding in its technology a template for many of the basic practices of "good teaming," TeamRoom facilitates the creation and ongoing development of processes and practices common to high performance teams.
Examples of work made easier and more efficient by TeamRoom include:
- Raising & discussing issues and concerns
- Creating (collaborative) product: memos, presentations, other "deliverables"
- Brainstorming (which, hopefully, leads to resolution and action)
- Preparing for meetings: one can present and share information in the TeamRoom before the meeting, so that meeting time can be focused on decision making
- Tracking meeting agendas and resulting action items.
So does that help anyone decide if they should be investigating TeamRoom? Which they have again updated for Domino 7 I might add.
New configuration setting prevents access to mail attachments
Use the NOTES.INI setting iNotes_WA_ReadAttachments
to prevent access to an attachment in an e-mail.
Description: Use this setting to prevent (turn off) access to attachments in e-mail. By default, any user can access an attachment in an e-mail. Using this setting prevents a users from accessing and copying sensitive information in an attachment at an unsecured workstation.
0= off (prevents access to attachments)
1= on (allows access to attachments)
Applies to: All Domino Web Access clients
So how many of you have a need for this
type of behavior? Don't be shy. Of course it had to be a notes.ini
line and not on the tab for DWA in the server configuration document.
So why the heck would I want to purge out all those entries? How do I decide which ones? How do I see what is in them first? Do I go through them all first and then run this agent? If that is the case then I can delete them while I am there.
Yes for general calendar users and for quota management it is a great idea. But where do they put all that meeting info then? We had one site that used to go back and see who attended meetings and get the meeting minutes. Why? Because Lotus gives you the space to put your own notes in meeting minutes!!! I stopped using paper long ago. I just enter everything into the meeting notes area and then it is searchable and can be made into project plans, to-do's, other meetings, etc etc. Who needs stacks of paper you have to sort through. Send it to me electronically. And no my mailfile isn't even over 400MB, after 8 years. I keep it nice and clean thanks before anyone makes some snide remark about how I must have a multi-GB mailfile.
So there you have it, my thoughts on why we should keep them. But don't get me wrong, this is a greatly needed tool by many places, just not this one!
- Users are warned if no subject is included in a mail document
This means for those quick memos where there is no subject you get a lovely pop-up, until a preference checkbox or something comes along. Arrggghhh! I hated that in other mail systems, I know darn well I didn't put a subject in there.
By Chris Miller
IBM and Lotus attacked the market more than a year ago with Notes/Domino 6 and its offerings of better mail management and spam control at the server level. They’ve also committed to a faster stream of product enhancement release cycles in addition to the normal fixes and updates.
Sure enough, the new Notes/Domino 6.5 release (planned for release in the fourth quarter of 2003) will soon give even more control to end users. Shops that already have Domino 6, or those just looking to upgrade from previous releases, should be testing the available public betas of this version.
Here I preview some of the improvements that Notes/Domino 6.5 brings to the Notes client, Domino Web Access (iNotes), and the Domino server. One confusing change in 6.5 is that the official names have changed for both iNotes and Sametime. The new names are IBM Lotus Domino Web Access and IBM Lotus Instant Messaging, respectively. To keep it simple here, I use both names together.
[RS: I cut all instances of “IBM Lotus” preceding subsequent references to product names.] ok
As vendors race to integrate their product offerings, IBM/Lotus starts 6.5 with a leap into awareness with stronger Instant Messaging (Sametime) integration. Presence awareness is lighter, faster, and streamlined into both the client and iNotes. It was previously possible to see the online status of team members in e-mail, but actual chat still relied on running the Sametime Connect client on the desktop. Instant Messaging (Sametime) now shows in your status bar as a seamless part of your client experience (Figure 1).
For example, when you wish to send an instant message, you can click the new toolbar icon (and here comes the cool part). A pop-up box appears that lets you type the name of the person to whom you want to send an instant message. I love that feature! I can quickly type a first, last, or partial name of someone, and Notes displays either a list of people who match or an automatic IM with the only available selection. For example, type Dave here at our office, and you get five billion optional names it seems. But Notes 6.5 will read the other aliases in the fullname field (as of this writing).
Some of you are familiar with the OpenNTF initiative and the OpenNTF mail template (http://www.openntf.org), with the new indicators found in the mailfile that show when documents have been replied to or forwarded (Figure 2). You can expect to see these features, which are very popular with users, in the new supported mail template. Lotus has stated in a public discussion forum that these changes are generated from customer requests for features and not from the OpenNTF design.
Taking the customer feature requests even further, you can also find the following abilities built into the standard template (note that these were current when I wrote this; they may be modified or removed when the product is fully released):
Follow-up: Lets the user set a flag that the message needs more attention at a later date. No more forgetting to act on those items at later times!
Unread view: Simply put, the ability to see unread mail only. If you don’t read all your e-mail at once, this is the view for you to keep up.
New time/date column: Now you can see the thread and response times of e-mails without opening them or checking properties.
Drag and drop: Lets the user drag a mail message to the calendar or to-do bookmark to make a “copy into”-style document.
Domino Web Access (iNotes)
The list of enhancements to Domino Web Access (iNotes) is quite large and should entice many organizations to look hard at upgrading - if not for the features, then definitely for the performance enhancements. It appears a large effort went into bringing more people to the iNotes client with the addition of Mozilla 7 as a supported browser. This gives Lotus the edge in reaching the growing number of Linux desktops.
The Instant Messaging (Sametime) links technology has been exploited and integrated, replacing the previous heavy Java applet. This, coupled with the new zlib compression, has reduced network utilization up to 70 percent, according to statements from Lotus on the performance of Domino 6.5 Domino Web Access (iNotes).
Not to be overshadowed by all the performance enhancements is a feature that many enterprises have asked for since the initial release of Domino Web Access (iNotes): The ability to easily customize the Domino Web Access (iNotes) template. You may now easily modify or customize the template to a company look and feel.
I found myself particularly eager to test these new abilities in Domino 6.5 Domino Web Access (iNotes) (note that these were current when I wrote this; they may be modified or removed when the product is fully released):
Send and file: I enjoy being able to file the message as I send it — a feature previously available only in the Notes client.
A personal dictionary: For all those odd words (e.g., new Lotus product names) not found in the Lotus dictionary that I use all the time.
Database size and quota information: No more excuses from the Domino Web Access (iNotes) users that they had no warning of how much space they were using.
Multi-window support: Users may now open calendar, mail, welcome, ToDos, and notebook in separate windows.
Reply with Internet-style formatting: For the user who just must have the “>” symbol in front of mail replied to
Support for name change requests: Nothing was more frustrating than having an all-Domino Web Access (iNotes) infrastructure and not being able to properly use AdminP for name change requests.
Mail rule for block sender: For those pesky co-workers you don’t want mail from anymore.
Mail Encryption: Send encrypted mail, and sign and verify Notes encrypted messages.
IBM/Lotus didn’t forget to offer a few quick tidbits for the Domino server itself. Notes/Domino 6.5 adds support[ok? yes] for Windows 2003 and Linux on the zSeries as server platforms. As a side note for those of you who wish to test loads, they have also exposed new server tasks to the Server.Load tool for IMAP and Domino Web Access.
Just a Peek
This is just a brief review of what’s to come in Notes/Domino 6.5. The product continues to develop, and IBM/Lotus is conducting usability tests and gathering beta testing feedback. It’s enough to create a plan to test now, and then implement this release when it becomes available later this year. Read the Release Notes (http://www-12.lotus.com/ldd/doc/domino_notes/6.5m2/readme.nsf) for a full listing of enhancements, and make your own informed decision from there. This move won’t be as large as a migration from 4.6x or 5.x to ND6, but there are some changes on the client (specifically, the new Instant Messaging (Sametime) integration into the client and how it functions) that will require some explanation for users. [edit ok? Yes and I changed the word web]