Posts Tagged: ‘Notes Domino’

HCL Domino v12: The 4 New Security Features You’ve Been Waiting for

16. März 2021 Posted by Cormac McCarthy

While no platform is immune to the possibility of hacking, the question I would pose is: Has your Domino infrastructure ever been hacked?  Didn’t think so. It’s probably boring to say that the most straight forward answer is HCL Domino is rock solid on security.   When set up correctly and optimised, HCL Domino is the most secure platform of its type.  It’s true though.  Reliable and secure is a good thing. A very good thing. 

The HCL Domino v12 beta is out now.  If you haven’t already tried it, it’s free for all existing licensed Domino customers.  It’s waiting there in flexnet for you to download and try it out!  It’s the first time a beta of this type is in existence and it has multiple interactions (we’re currently on beta 2; beta 3 is scheduled for the end of March. Register here to join us for the beta 3 webinar.

What I really love about it is the almost instantaneous feedback from the beta forum, from those in charge of development.  Domino v12 is scheduled for full release in Q2 of this year.  (June 2021 timeframe is given at the moment).

Read an overview of what’s coming here.

Here’s is a list of all the NEW NATIVE security features coming in Domino v12 and there’s a whole host of them:

  • Automating certificate management 
  • Time-based one-time password (TOTP) authentication 
  • Enforce internet password lockout based on IP address 
  • TLS 1.0 is disabled by default 
  • Support for PEM-formatted TLS host keys and certificates 
  • Two new curves supported for TLS 1.2 ciphers that use ECDHE for forward secrecy
  • New template signing ID uses 2048-bit keys
  • NRPC port encryption supports forward secrecy using X25519
  • Import internet certificates that contain unsupported critical extensions
  • Suppress key rollover alerts during ID vault synchronization
  • New Query Vault command options
  • Support for SameSite cookie 

Also note native support for DKIM is planned in the 12.0.x timeline. (Again natively, you can achieve DKIM with third party mail gateways).

We could argue about which are the best and more important ones here, but I’m going to concentrate on the 4 new security features in Domino v12 that you’re going to want to implement straight away:

  1. Automating certificate management 
  2. Time-based one-time password (TOTP) authentication
  3. Two new curves supported for TLS 1.2 ciphers that use ECDHE for forward secrecy
  4. NRPC port encryption supports forward secrecy using X25519 

Note: these are all based on current plans at beta 2, some of these will be subject to change (for the better) come beta 3 and GA.

What is it?
Automating certificate management?

What does it give you?

This topic could probably be four killer new features in one on its own, because it includes so much.

The short answer here is it takes something that was a headache to most admins and makes it completely seamless and automatic. It also includes support for ECDSA which is very progressive in terms of offering support for cutting edge security (some browsers don’t even support it yet).

In order to explain the context here, we probably need a short history lesson on cert management in Domino.  Prior to SHA-2 being the supported, Domino managed certs via a Domino database. It did exactly what it said on the tin and was never really updated from the time of release. But it worked. There were only four steps listed in the database. Some customers did find it fiddly.

Then SHA-2 support for Domino came out and admins did not like how this was implemented.  Again, it’s Domino, so it was secure, and it worked, but the process was a headache.  I have to admit for 99 percent of our customers, I just did it for them to save them the hassle so I got used to it.  But you did need a kyrtool, you’d need to install Openssl, you’d have to copy and paste various commands, copy parent and intermediate certs into text files.  It was messy to implement.

Well that’s gone.

What’s in its place is the most straight-forward solution one could imagine.

Let’s Encrypt offers free third-party SSL certs.  They’re currently the most widely used Certificate Authority in the world and work with all major browsers (they’re sponsored by some of them).

You can now get Let’s Encrypt Certs in Domino, by filling in a couple of fields in a form.  In short saying, “I want a cert for my website.  Give me one now.”  And it will give you one straight away. In seconds, your web server will be running with that cert.  A new task called CertMgr manages it all.

“It can’t be that easy,” I hear you say.  Well, in most use cases, it is.

Wildcard certs are slightly different, but again it’s as easy as it can be.  Other third-party certs are still 100 per cent supported, and easier than ever to implement with the Certificate Store.

Another point you might have missed around this is CertMgr supports Elliptic Curve Digital Signature Algorithm (ECDSA) using the NIST P-256 and NIST P-384 curves.  Not all browsers support this yet (most do), but in short it has the potential to give quicker and more secure TLS connections and shows that HCL are ahead of the curve #badnerdpun.

How do you implement it?

There are a lot of options available here but I cannot over emphasise how straight forward this is to implement.

CertMgr runs as a task. The first time you load it builds a back-end Domino database.  The database has intuitive forms but there’s documentation just in case.  You create a free account with Let’s Encrypt with a couple of clicks within the database.

I don’t want to get too bogged down in the detail here, because you don’t actually need to know the back ground details, but there a couple of ways Let’s Encrypt will verify you’re the owner of the domain, either by HTTP response (the most straight forward I think, but requires that the server can initiate outbound HTTPS requests – even temporarily to Lets Encrypt) or via DNS Response.

The HTTP response in particular is VERY easy to setup.

Third party certs are managed via the database, so you won’t have to fiddle about with openssl and the kyrtool.

ECDSA is a more complex subject, but the steps to implement are relatively straight forward here, the main complicating factor here is managing browser support, there’ll be more of this in beta 3 (thanks to Daniel Nashed for answering some of my basic questions on this.  Follow Daniel’s blog for more expanded detail on these subjects).

What is it?

Time-based one time password (TOTP) authentication

What does it give you?

Firstly, the obvious point here is you’ve been able to do TOTP in Domino for a long time, but it required third party software or appliances.  Here we get TOTP natively within Domino.

What is TOTP? Well, it’s two factor authentication based on a time based password that changes.   You put an app on your device that manages a six figure pin that changes every 60 seconds and it associated with a specific account.

Here you can deploy here with any number of apps (I’ve used Google Authenticator and OpenATP with Domino12 extensively for a couple of months and both have worked perfectly).

How do you implement it?

It’s easy.

You set up a trust relationship with your ID Vault and TOTP.

You enable it on the configuration settings document and then either web site, server or virtual server document.

You’ve to do a once off configure on the login form (but there’s a template for you to use, so it’s two minutes work for a non-developer).

Restart Domino and you’re ready to go.

Each user does a self-enrolment process the first time they connect which is intuitive, and takes no more than a couple of minutes.

There’s more functionality coming on this with Directory Assistance and managing multiple domains so watch this space.

What is it? 

Two new curves supported for TLS 1.2 ciphers that use ECDHE for forward secrecy

What does it give you?

Better performance on Perfect Forward Secrecy.

Perfect Forward Secrecy has been available since Domino 9.0.1 FP3 IF2.  It gives assurances session keys will not be compromised.

This new set of two new elliptical curves (once forward secrecy is set up) can offer better performance.  The two new curves are X25519 and X448. 

How do you implement it?

You do nothing. If you don’t want it you need to actively turn it off with a notes.ini setting. Domino 12 will attempt to use supporting curves in the following order

  1. X25519 
  2. NIST P-256
  3. X448
  4. NIST P-384
  5. NIST P-521 

What is it?

NRPC port encryption supports forward secrecy using X25519

What does it give you?

This sounds very similar to the last one, but there’s a whole lot more to unpack here.  These are for Domino to Domino connections over port 1352 or Notes client to Domino connections over port 1352.

So if you’ve ports with encryption turned on (which nowadays we are recommending to everyone), with Domino 12 the level of encryption increases from:

  • 128 bit AES-GCM for network encryption and integrity protection and 128 bit AES tickets 

 To: 

  • 256 bit AES-GCM for network encryption and integrity protection, X25519 for forward secrecy, and 128 bit AES tickets.

Basically stronger, encryption, better protection for sessions with forward secrecy and a curve that gives the best performance.

How do you implement it?

This is one of those points of different between Domino and Notes clients and ANY other technology.  (i.e. as opposed to the Office365 hacks, which are being put down to weakness in how Microsoft authenticates out of box).  Certs are baked in.  Basically if you have port encryption turned on, this will turn on by default.  If you don’t have them, turned on you can just enable encryption on the ports (for all inter server traffic), and via a policy for Notes clients.

In any other technology this would be so much more complex to do.  You’d need multiple devices to manage the connections, you’d have to change the port numbers, probably have to allow that port in a firewall plus you’d need to manage certs with third parties.  With NRPC, you’re already using certs to connect in so it’s just saying encrypt the port.  The same port (1352) is in use whether encrypted or not encrypted, so no further changes are required on the network or firewalls etc.

Oh and that’s only NEW and NATIVE features in Domino 12.  I just have to mention one more briefly that is no-charge to all entitled CCB customers. It’s HCL SafeLinx.  It is already available and in the wild.  It supports both HTTP and Notes port connections out of the box as a reverse proxy.  If you already user HCL Nomad you’ll probably know about it.  Later this in 2021, HCL Nomad Web will be out and you’ll look into this more then. (It can also be used for Sametime, Traveler and Verse – there’ a webinar on this coming up).  It builds upon the layers of native Domino security and gives you flexibility to add extra layers of security, particularly for external connections.  The main advantage is that it’s got baked in functionality for Domino so you don’t have to reinvent the wheel to do a basic set up.

I hope you enjoyed my first blog for HCL.

As always please provide feedback if you found anything interesting here.

Cormac McCarthy – Domino People Ltd

The Low Down on HCL Domino v12 Beta 2 and Beta 3

1. März 2021 Posted by Barry Rosen

A month ago we released the first beta drop of HCL Domino v12 and we’re excited to see such a high level of engagement among our customers, ambassadors and business partners. Two weeks ago, we announced the drop of Beta 2 and hosted a webinar with an overwhelming number of live questions — 118 to be exact! If you missed the webinar, you can catch the replay here. We also picked the most popular questions about our beta program and v12 , and have published those — along with the answers — here.  

To keep up with this exciting momentum, please join us at our next webinar about beta 3 on March 30, at 10AM ET. Register here. Beta 3 will be the last beta drop before the v12 release, so don’t miss your chance to participate and help us shape the future of HCL Domino! In fact, don’t wait for the next beta drop. All existing customers are automatically entitled to download the software packages from Flexnet today. We look forward to your feedback.

Beta Q&A 

Still have unanswered questions about the beta? Submit them in the beta forum.

Q: Is there a way to tell if issues raised in the beta forum are included/fixed in beta 2 or 3? 

A: The list of SPRs fixed in beta2 can be found in the release notes. Please see here.

Q: When can we expect the 64-bit standard client? 

A: Our plan is to start with the basic Notes client first in v12 beta 3, and then release the 64-bit standard client in a beta post v12 GA.

Q: Is the C-API toolkit updated and available as part of this beta? 

A: We released the C-API toolkit for v11 and will update for v12 post release.

Q: Is two-factor authentication available? 

A: Yes, feel free to try it out today! 

Q: If I load the beta on my system, will upgrading to v12 Prod work? 

A: When going from the beta version to the GA version, we recommend uninstalling the beta and installing v12 as a clean new install.

Q: Is there a backlog of undo/redo? 

A: No, but it has been submitted in our Ideas Portal. You can vote for it here.

General HCL Domino v12 Q&A 

Q: Does Domino 12 install VoP automatically as part of the base install? 

A: VOP will be included in Domino v12, but not automatically installed. 

Q: When will Hebrew and Finnish be included in Domino? 

A: Both languages are on the list for v12.0.1.

Q: Is there any chance for DKIM support in Domino in near future? 

This is in our future roadmap and will be delivered in the V12.0.x timeframe.

Q: Is there a future for HCAA ? 

A: From a technical point of view, HCL Nomad Web will succeed HCAA.

Q: What version of Domino will the Nomad Web client require? 

A: It will require a v12 server.

Q: What version of Java is supported by the v12 Domino server? And what is the roadmap for Domino for keeping up with Java versions? 

A: OpenJDK 8, and of course we are going to upgrade this to newer versions moving forward.

Q: Is Certificate Store replacing CertSrv 

A: Yes.

Q: Can I install and configure Domino through Ansible? 

A: Yes, feel free to do that. You can also check out some examples here.

Q: Is the old KYR/STH still supported? Can I push in new certificates by script or automation? 

A: LetsEncrypt will manage certificate renewals automatically. If you do not want to use LetsEncrypt, you can use your own CA. And yes, you can automate it.

Q: Is it possible for a developer to use the LetsEncrypt support to create SSLKeyring for dummy FQDN? 

A: LetsEncrypt certificates are only issued to servers that can be reached via HTTP or where the owner is in control of the DNS record. Creating a self-signed certificate is not possible with LetsEncrypt but will be possible with the Domino Certificate Manager.

Q: What will happen to Xpages going forward?  

A: Domino V12 will include Bootstrap 4. XPages functionality will continue to be enhanced and fully supported, but note that we are shifting to make low code (Domino Volt) our top priority.

Q: Will Bootstrap4 & FontAwesome also be available in XPiNC? 

A: Yes.

Q: Are there still text size limits in text fields or form documents?  

A: Many limits of Domino were raised or will no longer exist in v12. However, if you still need anything to be improved, please submit your idea here.

Q: What is the version of Sametime embedded in Notes v12? 

A: Sametime 11.5.

Q: When will Domino v12 be available to the market and how can I learn more?  

A: We will launch v12 in Q2 this year, around June. Stay tuned as more details to be announced soon. In the meantime, you can read our preview article here and watch our preview demos here

Start Your Engines! HCL Domino v12 Beta is Here! Are You Ready?

20. Januar 2021 Posted by Thomas Hampel

If you joined us at Digital Week 2020, you’ve probably heard about the preview of Domino v12. (It was the most popular session of the event!) Now that the release of v12 is around the corner, we would like to provide all current customers an exclusive preview. Today, we’re officially launching the first public beta of Domino v12!  

We are inviting you to join this beta program and take part in shaping the future of our product, helping us deliver the best-ever product experience! All existing Domino customers are automatically entitled and will be able to download the required software packages from Flexnet today. (See below for Q&A.) 

The goal of the Domino v12 Beta Program is for our community of beta participants to conduct an honest, constructive, and thoughtful review and testing of the Domino v12 beta software, which includes HCL Domino V12 , HCL Notes V12 , HCL Domino Designer & Admin V12 and HCL Traveler V12  

 In the first phase of the beta program, we are delivering the following components:   

  • Domino on Docker (English)  
  • Domino for Windows, Linux, AIX (English)  
  • Traveler for Windows, Linux, AIX (Multilingual)  
  • Notes Standard for Windows (English)  
  • Notes Standard for Mac (English)
  • Designer and Admin Client (English)  
     

At a later stage of the beta program, we will be providing Domino and Traveler for IBMi, as well as additional language support. 

Beta participants, please let us know how you think about the product by submitting your feedback in our beta forum. For general input and new ideas or feature enhancement requests, please use the Domino ideas forum here.  

v12 Beta Highlights 

Domino 

 Domino Designer 

  • XPages now Bootstrap 4.4.1 – Thanks to Howard for this idea.   
  • Improvements to build responsive and mobile Domino applications,  
  • Ability to use DQL in Formulas 

 Notes Client 

  • Significantly improved the performance on Windows and Mac, especially on slow networks. 
  •  Improved Search: When searching for a person, an email, or a Notes application, suggestions will now appear in the typeahead. Your recent searches will also be displayed in the typeahead. This is based on this idea.  
  • Multiple email signatures: If you were bothered by the lack of email signature management before, Notes v12 allows you to choose a signature when you compose, reply or forward an email. Based on this idea from Daniel.
  • Choose a different “From” address when composing an email, a feature initially requested by Vlaad in this idea

 These are just a few highlights of the new features of V12. For more details, please refer to the What’s New section of the product: 

Frequently Asked Questions:   

 (1) Do I need to register to get the beta version of v12?  

If you are an existing customer, you are entitled to v12 beta automatically. Please contact your IT admin to get v12 beta from Flexnet.   

(2) How can I submit feedback on the beta and how would HCL handle my feedback?  

Please submit your feedback via our beta forum here.  

We will review all the feedback and respond as soon as we can. Note that not all feedback will be implemented into the product; the final decision depends on various factors. However, we will ensure every comment is heard and being taken into consideration.  

(3) Do I need to register for the beta forum to provide feedback? 
 
If you have not created an account on HCL Partner Connect website, you will need to register for access. It will take around 1 business day to get the approval. Once the registration is approved, you can access the beta forum. The account will be used for accessing any beta forum in the future. For customers who already have an account, you can login and access the forum directly. 

(4) If I am not a current customer, can I be a part of the beta?   
 

Currently, the Domino v12 beta is only open to existing customers. If you would like to try Domino, please contact your HCL sales representative to get access to the trial version of Domino v11.  

 (4) What is the difference between beta and trial?  

A beta is considered as an early access program to our latest version which is not available to the public. The goal of setting up beta is to collect concrete feedback from users so that we make improvements and bring the best experience when the features go live.   

A trial is offered to potential customers who haven’t tried our software before and expressed interest in purchasing the software.   
 
(5) What is the difference between HCL Domino Early Access Program and the beta? If I have already registered for the Early Access Program, should I try the beta too? 
 
The Early Access Program (EAP) is intended to give users a preview of features that are considered for HCL Domino v12. It is feature-driven and iterative, meaning new iterations (code drops) will be made available as soon as they are declared ready for testing by our development team. In the EAP, you are usually be able to test only one or a few features.  
 
The beta is a full-scale preview of features and functionalities considered for HCL Domino v12. Various components including Domino, Notes and Traveler will be offered.  
 
With this beta release for v12, the EAP will be suspended until the official launch of HCL Domino v12.

Remotely Debugging Java Applications with Domino 11

5. November 2020 Posted by Abhaysingh Shirk

For Domino customers on v9 or 10, you might be familiar with debugging a Java agent remotely on IBM JVM using the following server ini’s and set Port 8000 in Debug Configuration from the Designer client:

JavaEnableDebug=1
JavaDebugOptions=transport=dt_socket,server=y,suspend=n,address=8000 

This will work up to Domino v10 but not on Domino v11. In fact, doing so will cause it to crash! This article is going to help developers looking for a way to debug Java agents remotely on Domino v11. The pre-requisites are: 

  1. Domino v11 or above on Windows Server 2016 / 2019.
  2. HCL Domino Console.
  3. Notes, Designer and Administrator Client v11 or above.
  4. Java agent to be debugged.
  5. Any Web Browser to run Java agent. 

Domino v11 uses OpenJDK. With the above ini’s enabled, both the JVMs would attempt to bind to same port (8000) and the second process that attempts to bind to this port would fail and crash. To overcome this problem, the idea is to remove the Port 8000 from the Debug and attach it to some other random Port. 

First, you will need to add the below ini’s to the server’s notes.ini.  

JavaEnableDebug=1 
JavaDebugOptions=transport=dt_socket,server=y,suspend=n 

Note that we are not binding the Debug to Port 8000 by omitting address=8000, as compared to ini which was set on earlier version of Domino. 

The JVM will then pick a random port. To know the random Port number, simply quit and load http or run your Java agent from web browser and check the console from HCL Domino Console Program. You will need to restart http task after adding those ini’s to make it work. 

Note down this Port number somewhere as you would need it in next step. (The server console in the Administrator Client doesn’t show the Port number information.)

With your Port number, you are going to bind to the Debug from the Designer client. Go to Tools menu > Debug Server-side Javascript > Manage Debug Configuration

You should land on the Debug Configuration window. Here you need to mention the Port number which you noted down from the HCL Domino Console in the earlier step and then select Debug. 

You should see this message in Status bar which confirms Debug has connected on the Port number you mentioned.

You are now ready with the Debug configuration and set to debug your Java agent. You’ll need to set the breakpoints in your Java code to debug the same. You can set multiple breakpoints. 

Once you have set the breakpoints in your code, run the agent from the web browser. You should see a Confirmation window on Designer client to open Debug perspective window. Select Yes. 

The Designer perspective will change to Debug perspective which contains views for displaying the debug stack, variables and breakpoint management. 

At this point, the usual Eclipse debugger features will become available (managing breakpoints, stepping, continuing, viewing variable values, etc). 

The steps to debug a scheduled Java agent (AMGR) will remain the same. Instead of waiting until the agent is scheduled, run the agent from server console using “Tell amgr run” command. Get the Port number from HCL Domino Console Program by running Java agent using “Tell amgr run” command and then set the Port number in Debug configuration as we did in the earlier steps.  

This completes the steps on how you can debug Java agent remotely on Domino v11. We hope you enjoyed reading this article and you have find it helpful.

Happy coding 🙂 

 

 

The post Remotely Debugging Java Applications with Domino 11 appeared first on HCL SW Blogs.

HCL Domino Notes Client 11 New Feature

8. Oktober 2020 Posted by Ren Mark Tapang

Last January 2020, we launched a new version of Domino Notes Client (V11) which contains cleaner and modernized UI, minimalist menus, simplified forms and user experience improvements for Mail.  

Under Modernized UI Notes Client V11 appearance has changed the new color scheme and design. Notes Client UI focused on Simplicity so that it will be more user friendly. 

Also, for user experience Improvements, we focused on Progressive disclosure to show the advanced features and actions as the user needs them. 

Finally, we focused on Notes Client performance to be faster and more stable to increase effectiveness of the user. 

In addition to the aforementioned enhancements, new features are also made available in response to the feedbacks and requests from our customers. 

What’s New in Notes v 11 

  • Export to PDF – You can now export emails and documents to PDF from the HCL Notes Client.

  • 24+ hour meeting support – Meetings that are longer than 24 hours are now supported by the HCL Notes® Calendar.

  • Three Click Support – Three click support adds a level of security when a user opens an attachment within an email.

  • Network resiliency improvements – When there is no network connection (when the cable is unplugged or the wireless is unavailable), the Notes client responds with an error message. Previously, the client would freeze before timing out – now, the error message appears right away.

  • Synched release schedule – Starting with this release, Sametime and Notes follow the same release schedule.

  • TLS 1.2 support for SAML – Notes and Embedded Sametime now support TLS 1.2 with Notes Federated login (SAML). This enhancement is a result of upgrading the XULRunner browser within Notes to the latest version (which supports TLS 1.2).

  • MAC 64-bit uninstaller – The uninstaller provided for Notes 11 on Mac is now 64-bit. This change is made because Apple will no longer support a 32-bit uninstaller as of its upcoming Mac OS 10.15 (Catalina) release. The 64-bit uninstaller can be used to uninstall Notes 11 running on Mac OS 10.15, 10.14, and 10.13.

  • Moving folders prompt – Users are now prompted to confirm when a mail folder is moved: 

Domino Notes Client is committed to a quarterly release cycle and the latest release is now here. Domino Notes Client customers can download v11.0.1 on FlexNet today! 

The post HCL Domino Notes Client 11 New Feature appeared first on HCL SW Blogs.

Project Eleven: Get the Most Out of Domino with Easy Direct Upgrades

15. September 2020 Posted by Luis Guirigay

HCL is fully committed to enabling you and your organization to maximize the value you get from the Domino and Sametime platforms today and in the future.  

In the latest release of Domino v11.0.1, we’ve delivered innovative new capabilities such as low-code app dev and integration with Microsoft Active Directory. We’ve also launched a brand new Sametime meetings solution over the last two yearsThe response from customers and business partners has been unanimously positive  

Today, we’re excited to announce, “Project Eleven,” a new program designed to help every Domino and Sametime customer running on releases prior to v11 have a smooth upgrade experience. As part of the HCL Digital Solutions Academy, Project Eleven’s goal is to enable you to 

  • Go straight to Domino v11.0.1HCL now supports direct upgrades from any of Domino version prior to v11. Whether you’re on v8, v9, or older, you can go straight to v11.0.1 with no additional steps necessary.
  • Experience the latest version of Sametime risk-free: Secure meetings and data privacy are the most important features in today’s environment. Sametime meetings runs on Cloud Native technologies allowing you to auto scale as needed. Experience our brand new, highly secure, scalable video meetings and enterprise chat risk-free.
  • Augment your skills todayAttend our online training sessions and get best-in-class support and training from a technical advocate in your local language. We’re rolling out more than 40 webinars and workshops and new articles, cookbooks, and help guides.
  • Speak to a technical expert: Schedule an appointment with one of our highly skilled technical advisors to understand your options and create an upgrade plan that’s right for you 

 Check out the new Project Eleven webpage to find all the resources you need to make your upgrade worry-free. 

 

                                         

The post Project Eleven: Get the Most Out of Domino with Easy Direct Upgrades appeared first on HCL SW Blogs.

Introducing HCL Domino Early Access Program

8. September 2020 Posted by HCL Domino Team

We’re proud to announce the HCL Domino Early Access Programa new program that gives our customers and business partners a chance to test new product features early in the development cycle. This program provides a preview of features and functionality that may be shipped with a future version of HCL Domino and gives us the ability to incorporate your valuable feedback. At this stage, we are providing early access to features that contribute to HCL Domino v12. 

The Early Access Program aims to get feedback on specific features, with a more formal traditional beta program planned at a later stage to receive feedback on the overall release quality and language packaging. 

The Early Access Program is feature-driven and iterative, meaning new iterations and code drops will be made available as soon as it is declared ready for testing by our development team. New code drops can be provided in just a few weeks after the previous one, on short notice, without sticking to a fixed release cycle.  

Based on your feedback we may proceed, improve or adjust the feature, or in some cases withdraw the feature from the code stream. The following graphic illustrates this concept:

Each code drop is provided in the form of a Docker image which enables us to ship new iterations faster and to minimize the time to upgrade from one code drop to the next. You can expect us to deliver code drops at a fast pace as we want participants to have exclusive access to our latest product feature set. Please note that only the newest code drop will be available for you to download.

How to Participate

HCL Ambassadors who have registered Domino v11.0.1 Beta Preview will automatically be added to Domino Early Access Program. Customers and partners with a current Notes/Domino entitlement will also have access to the Early Access Program as of today. There is no need to register separately to participate.

For overall documentation of the Early Access Program, the specific testing scope, system requirements and instructions for deploying the Domino server on Docker, please refer to the release notes or see the online documentation here.

Upcoming Code Drop: Automating Certificate Management

The focus of this first code drop is testing a new feature planned for Domino v12 that allows administrators to automate the creation and management of SSL Certificates for Domino Web servers through the Let’s Encrypt® certificate authority.

Including support for Let’s Encrypt was a feature that was requested on the Domino ideas portal some time ago. We are using this idea as a starting point to modernize the handling of SSL certificates in Domino in general, e.g. by moving away from having to create and manually distribute *.kyr files to your servers.

  • For details about the new automated certificate management feature, please refer to the online documentation here.
  • If you like what we have done, vote for this feature in our Domino ideas forum here.
  • To provide feedback on this code drop, you need to have an HCL account to join the discussion in our forum here.

For general input and new ideas or feature enhancement requests, please use the Domino ideas forum here.

Next Code Drop: TOTP

In the next iteration of the early access program, we intend to provide TOTP (Token based One-Time Password authentication). Stay tuned for more information about the next code drop.

We want Domino to be built for you and by you! We’re excited to include customers and partners as part of the feedback loop as we work towards the release of Domino v12. We look forward to hearing from you!

The post Introducing HCL Domino Early Access Program appeared first on HCL SW Blogs.

New Release: HCL SafeLinx 1.1, – Secure VPN Services for Cloud or On-Premise

3. September 2020 Posted by Ketan Godhaniya

At HCL, we understand that securing your network is a topmost priority. HCL SafeLinx provides remote users with secure web-based and client-based access to enterprise applications and today, we’re excited to announce that the latest release of HCL Safelinx 1.1.

For Domino customers using HCL Nomad, SafeLinx v1.1 enables you to securely access your Domino apps on a phone, tablet, or desktop browser without the need of an additional VPN.

Introduction of HCL SafeLinx

SafeLinx uses standards-based protocols to enable secure access from mobile computing devices outside the firewall to business applications and data on your organization’s internal network.

SafeLinx supports an extensive list of standard Internet Protocol (IP) and non-IP wireless bearer networks, server hardware and operating systems, and mobile security protocols. Remote users can connect to your internal network from a range of desktop, notebook, and handheld mobile devices and operating systems.

Top Product Features

  • Client and clientless access
  • Network choices: Supports a worldwide selection of wireless and wireline network technologies, enabling a worldwide scope of connectivity. Cellular, LAN, satellite, dial-up, radio (IP, non-IP)
  • Authentication: Multiple strong authentication options (Radius, Secure ID, LDAP, Active Directory, Certificate)
  • Encryption DES, Triple DES, RC5, AES and FIPS 140-2-certified
  • Network Optimization and Scalable and Reliable

Customer Benefits

  • Supports all major platforms: Windows, Linux, iOS and Android
  • Best enterprise VPN with reverse proxy capabilities
  • Mobility clients and Distributed Administration – Gatekeeper
  • Dedicated mobile app for Android and iOS
  • Two-way secure authentication
  • Supports seamless, non-disruptive cross-network roaming
  • Quick and easy deployment of servers and agents

What’s New in HCL SafeLinx 1.1?

This new release includes improved functionalities of VPN and reverse proxy and support for TLS 1.3. View documentation on SafeLinx 1.1 here.

For all Notes Domino Complete Collaboration cCustomers, SafeLinx v1.1 is now available as a free entitlement and will be listed under supporting programs. (SafeLinx is available as a standalone to non-Notes-Domino Complete Collaboration customers.) CCB customers can use SafeLinx’s server component without the need for an additional VPN client to securely access their Domino apps from mobile. With this release, we’d like to provide our customers the opportunity to evaluate SafeLinx VPN for broader usage.

We are very excited to announce these new features and improvements from our customers’ inputs. Feedback based on feature improvements, ease of use, and a requested makeover to our most loved dedicated IP feature are now part of this release. Our team has put in many hours turning your ideas into reality and we’d love for you to continue submitting your ideas and improvements in our Ideas Portal. (Make sure you select “SafeLinx” under the Workspace before submission.)

Please contact your HCL sales representative or HCL Business Partner for more information on how to get HCL SafeLinx 1.1

We also have a joint webinar with our partners at Panagenda on September 17 4 PM (CEST),  10 AM (EDT). Join us to learn about SafeLinx, and how it can provide top-level secured access for your Domino environment. Register now.

The post New Release: HCL SafeLinx 1.1, – Secure VPN Services for Cloud or On-Premise appeared first on HCL SW Blogs.

Domino Document Deletion Logging: How to Solve for Missing Documents

19. August 2020 Posted by Jessie Jeffrey Matias

As a Domino Administrator you might have been asked by your users, “Where is this specific email!?” It has been a long-standing issue with older versions of Domino when an important document goes missing in an application used by multiple users, with no way to identify who/what/when/how a certain document was deletedFear no moreDomino document deletion logging is now a feature that was made available starting from Domino v10. You now have the ability to explain what might happen to the document they are looking for. 

So, how can you implement it? It’s as simple as running compact task on a database, literally! A new compact task option is available to enable logging of data about deleted documents in databases that you specify. Here are the key requirements for such feature. 

  1. Use Domino v10 and above.
  2. Have transaction logging enabled.
  3. Run compact task against the database that you want to monitor 

load compact <database path> -dl on “<comma separated list of items>” 

where <database path> is a specific database or a directory of databases, relative to the data directory, for example, mail or discussion.nsf. 

 <comma separated list of items> is a list of fields to show in the logs to help you identify deleted documents. The fields must be one of these types: Text, Text_List, RFC822_Text, or Time. Suggested fields for mail documents are SubjectSendToFrom, and DeliveredDate. If you have custom fields on a document, you can use them as well. 

The data is logged to a deletion log file called delete.logwhich is located under the server Data directory, IBM_TECHNICAL_SUPPORT folder. When documents are deleted from a database, entries are added to that file. 

When the server is restarted, a new deletion log file is created. Old deletion log files are renamed to delete_<servername>_yyyy_mm_dd@hh_mm_ss.log; for example: delete_Server1\Renovations_2020_01_10@06_28_45.log 

Deleting a document from a database adds an entry to the current deletion log file with the following data. This data is provided in a CSV-compatible format. 

Data in deletion log entry 

More information 

Date and time of the document deletion   
Database from which the document was deleted.  Relative to the data directory 
Replica ID of the database  Helps you find multiple replicas of a database in the log if the database name is not the same on all servers. 
Process that did the deletion  For example: 

  • server 
  • dbmt 
  • replica 
Name of the server or person who deleted the document   
Type of document deletion  Can be: 

  • SOFT — document is in the trash 
  • HARD — Stub delete (for example when the document is deleted from the trash) 
  • RESTORE (document restored after a SOFT delete) 
Class of document deleted  Specified as one of the following hex values: 

  • 0001 (Document – NOTE_CLASS_DATA) 
  • 0002 (About Database Document – NOTE_CLASS_INFO) 
  • 0004 (Form – NOTE_CLASS_FORM) 
UNID  Unique document identifier across replicas 
Items  Up to four field values in a deleted document to help you identify it. Specified when you enable deletion logging. Although you can specify more than four field values, only the first four that are found are shown in the log entry. Each item has three parts: the item name, the length of the item value, and the first 400 characters of the item value. 

 Then if you no longer need to monitor the document deletion on the database, run the following command: load compact <database path> -dl off 

Here’s some things to keep in mind when using this feature. 

  • When entering the compact command, no spaces inside the comma separated list of items.  

load compact mail/admin.nsf -dl on “SendTo,From,DeliveredDate” — Correct 

load compact mail/admin.nsf -dl on “SendTo, From, DeliveredDate”— Incorrect 

  • More than 4 comma separated items can be put in when entering the command. However, only 4 comma separated list of items will be logged in the deletion log file. 

Learn more about Domino Document Deletion Logging here.  

The post Domino Document Deletion Logging: How to Solve for Missing Documents appeared first on HCL SW Blogs.

n-komm Hausmesse 2018

5. Juli 2018 Posted by Alexander Kühn

Die n-komm GmbH öffnet ihr Bürogebäude für Sie! Kommen Sie vorbei am 26. September zur jährlichen n-komm Hausmesse und informieren Sie sich in verschiedenen Räumen zu folgenden Themen:

  • IBM Domino 10
  • ELO ECM Suite 11
  • ELO Business Solutions Vertragsmanagement, Personalakte, digitaler Rechnungseingang mit SAP
  • GBS IQ-Suite E-Mail Management
  • Sophos Security
  • n-komm Gebührenordnung (Kundenvortag Stadt Baden-Baden)

Die Agenda wird gerade aufgesetzt. Eine Anmeldung zu diesem kostenfreien Event ist ab Ende Juli möglich.

 

Der Beitrag n-komm Hausmesse 2018 erschien zuerst auf E-Akte, DMS, ECM & Collaboration - IT Systemhaus n-komm Karlsruhe.

Was macht eigentlich HCL mit Notes Domino?

26. Juni 2018 Posted by Alexander Kühn

Dieses Jahr wurde bekannt, dass IBM sich mit HCL einen rundum kompetenten Partner für die Weiterentwicklung der IBM Domino & Notes Produktgruppe an Bord geholt hat. Mit der Ankündigung von Domino 10  für 2018 konnte man direkt mit einem Paukenschlag in die neue Kooperation starten.

Seither ist es etwas ruhiger geworden um Domino 10 und HCL. Jetzt veröffentlichte jedoch die Computerworld ein hochinteressantes Interview mit Richard Jefts, dem verantwortlichen Manager von HCL.

Lesen Sie hier selbst, wie die Pläne seitens HCL aussehen.

Fakt ist wohl: Wir können uns auf spannende Zeiten mit unserer Lieblings-Collaboration-Plattform freuen!

Der Beitrag Was macht eigentlich HCL mit Notes Domino? erschien zuerst auf E-Akte, DMS, ECM & Collaboration - IT Systemhaus n-komm Karlsruhe.

Alle Augen schauen auf IBM

12. Februar 2018 Posted by DNUG Marketing

Beim DNUG-Workshop: „Next oder NExit? Was die IBM wirklich mit Notes Domino vorhat.“ diskutierten 40 IT-Spezialisten darüber, ob IBM das altbewährte, aber in die Jahre gekommene Notes wirklich abschaffen oder doch weiterentwickeln sollte. Notes Domino ist nach wie vor eine der besten Plattformen für kostengünstige und flexible Entwicklung von Applikationen. Darüber sind sich alle einig. […]

Der Beitrag Alle Augen schauen auf IBM erschien zuerst auf DNUG.

Die kommende Woche wird heiß: Domino 2025 Jams in Deutschland & Online-Forum

14. Januar 2018 Posted by Peter Schütt, IBM

Wie im letzten Jahr mehrfach gesagt, hat sich IBM in der neuen Partnerschaft mit HCL viel für die Produkte der Notes Domino-Familie (Verse, Notes, Domino, Sametime, usw.) vorgenommen. Dabei gilt es zunächst die Stoßrichtung der nächsten Jahre festzulegen. Das soll nicht heimlich geschehen, wie es bei Marktbegleitern üblich ist, sondern zusammen mit Ihnen – unseren […]

Der Beitrag Die kommende Woche wird heiß: Domino 2025 Jams in Deutschland & Online-Forum erschien zuerst auf DNUG.

27 Jahre – schlecht für Helden?

1. Dezember 2017 Posted by Thomas Zeizel, IBM

Tom Zeizel’s ICTS Freitags-Blog: 27 Jahre – schlecht für Helden?

Das Alter von 27 Jahren gilt als schlecht für Helden. Gerade was Musiker angeht, haben es viele nicht überlebt. Beispiele sind der Ausnahmegitarrist Jimi Hendrix, der diese Woche am 27. November 75 geworden wäre, Brian Jones (Rolling Stones), Keith Moon (The Who), Janis Joplin, Kurt Cobain (Nirvana), Amy Winehouse und etliche mehr.

Ganz nebenbei – am 27. November hat auch mein Sohn Geburtstag. Und IBM Notes. Ja, und Notes ist an dem Tag in dieser Woche 28 geworden und hat damit das Alter, in dem Helden sterben, bereits überwunden. Schon seit mindestens 10 Jahren von allwissenden, sogenannten Analysten totgesagt, erfreut sich Notes Domino einer blühenden, fortlaufenden Jugend. Anders als bei Menschen, die einem natürlichen Alterungsprozess unterliegen, den man mit Drogen zu einem schnelleren Ende führen kann, sind Investitionen in Software eher ein realer Jungbrunnen.

Lotus Notes Version 1.0 vom 27. November 1989

IBM hat fortlaufend in Notes Domino investiert. War es die Internetfähigkeit des Domino-Servers, die Java-Unterstützung, xPages als browserfähige Anwendungsumgebung oder jetzt in jüngerer Zeit die modernen REST APIs und auf der Client-Seite die fortlaufende Weiterentwicklung vom Notes Basic zum Standard-Client mit breiten Integrationsmöglichkeiten (Widgets), die frühe Browservariante iNotes oder aktuell Verse als modernster Browser-Client für Mail und die Unterstützung von mobilen Geräten, wie Tablets und Smartphone, mit Traveler (und damit z.B. der ersten Unterstützung verschlüsselter Mails auf iOS) und der Verse App.

Die Weiterentwicklung soll und wird nicht aufhören. Gerade hat IBM einen bereits in Phase 1 auf mindestens 15 Jahre ausgelegten Partnervertrag mit HCL International abgeschlossen, um Investitionen und Entwicklung auf noch breitere Füße zu stellen. Dabei bleibt die Domino-Familie das IBM Produkt und auch an Vertriebs- und Supportwegen ändert sich nichts. Als ersten Schritt hat man gemeinsam die Version Notes Domino 10 für 2018 angekündigt. Um mitzubestimmen, was in der Roadmap aufgenommen werden soll, konnte man sich in die „Domino 2025 Jam“-Liste eintragen. Die registrierten Kunden werden teilweise zu lokalen Design Thinking Workshops eingeladen und alle zu einem Online-Jam. Beides wird im Januar 2018 stattfinden.

Absehbar ist der Ausbau von Verse als Mail-Client im Browser, wahrscheinlich eine Unterstützung als Electron App, die Erweiterung der REST APIs, der (umfangreiche) Update auf Java 8 mit allen Implikationen, die Unterstützung der Docker-Plattform auf der Domino Server Seite, die Einführung neuer, sogenannter Low Code Entwicklungsmöglichkeiten und vieles mehr.

IBM Verse – der moderne Mail Client für Domino im Jahr 2017

Partner Panagenda bietet objektive Analysemöglichkeiten – ich betone das „objektive“, weil es Lösungen am Markt gibt, die eben nicht zu objektiven Ergebnissen führen, sondern bewusst zu einem gewollten, sachlich nicht richtigen Ergebnis verleiten. Panagendas teilweise kostenlose Einstiegsvarianten ermöglichen bereits ein klares Bild zu gewinnen, in welche, oft schon sehr lange absolut zuverlässig laufende Anwendungen nun doch mal wieder ein bisschen investiert werden sollte, damit auch die Oberfläche wieder modern glänzt oder damit sie auch auf mobilen Geräten laufen. Solche kostenseitig überschaubaren Renovierungen kann man mithilfe der REST-APIs selbst machen oder auch – etwas einfacher – mit Werkzeugen von beispielsweise Teamworkr (aus München) oder Sapho oder weiteren Partnern.

Jimi Hendrix hat es nicht geschafft, aber Notes Domino hat das Potenzial auch noch einen 75 Geburtstag zu erleben. Das wäre dann im Jahr 2064.

Ihr

Tom Zeizel
Business Unit Executive IBM Collaboration & Talent Solutions D-A-CH

Der Beitrag 27 Jahre – schlecht für Helden? erschien zuerst auf DNUG.

Notes Domino v10

26. Oktober 2017 Posted by Alexander Kühn

Folgende Meldung von IBM ereilte uns heute:

Nach der Ankündigung von GM Inhi Suh gestern in weltweiten Telefonkonferenzen hat die Notes Domino Familie eine langfristige Perspektive für die Weiterentwicklung bekommen.

Der stabile, skalierbare und sichere Domino Server wird als Mail- und Applikationsserver für viele weitere Jahre unseren Kunden zur Verfügung stehen.

Notes und Sametime sind die Umgebungen für Kommunikation und Team- und Unternehmensanwendungen – und ja auch sie werden weiter entwickelt. Das Jahr 2021 wurde von vielen Kunden als ein Enddatum der Entwicklung   i n t e r p r e t i e r t   – was nie der Fall war. Mit #Domino2025 wollen wir dem Markt zeigen wieviel Potential in diesen Produkten steckt und werden sie weiterentwickeln.

Weitere Infos folgen.

Der Beitrag Notes Domino v10 erschien zuerst auf n-komm GmbH.