HCL Nomad for Domino behind an Apache Reverse Proxy  

By Remco Angioni | 12/28/23 3:04 AM | Infrastructure - Notes / Domino | Added by Roberto Boccadoro

Reading the documentation, HCL only gives us the configuration for NGINX. Some companies are using Apache and not NGINX. We encourage the move to NGINX, but for now Apache is still okay.

Keep HCL Domino JVM settings during upgrade?  

By Remco Angioni | 10/9/23 2:58 AM | Infrastructure - Notes / Domino | Added by Roberto Boccadoro

When you have added custom settings in the Domino JVM environment, and upgrade Domino....you noticed that all your settings are gone. Even the custom JARS are removed. There is a way to keep them during the upgrade of Domino, and that's to tell Domino JVM that the files are on a different location...outside the Domino

My thoughts on how Domino registers users  

By Remco Angioni | 10/2/23 2:00 AM | Infrastructure - Notes / Domino | Added by Roberto Boccadoro

We all know Domino registers users. You need the certifier for the correct O or OU and the user is created with the hierarchical Full Name as the certified user. So, the hierarchical Full Name is the unique key. When you add users to a group, the hierarchical Full Name is added to the group.When you add users to the ACL, the hierarchical Full Name is added. Don’t you all hate the DELETE/RENAME Adminp actions? It can take days before finishing, depending the amount of servers you have. And somtimes……it fails or got stuck in the flow.

HCL Domino rename via ADMINP does not check the new username in IDVault’s inactive users view.   

By Remco Angioni | 10/2/23 1:59 AM | Infrastructure - Notes / Domino | Added by Roberto Boccadoro

We discovered some strange behavior during a user rename. The user was renamed via ADMINP. AdminQ pushed the renameflow that evening, because we enabled AdminQ also for registered users. The next morning we checked the rename and everything looks fine. But.....the user logged in, still with his old name and received an error that he wasn’t allowed to access the Domino server.

HCL Domino 12.0.2: removed user-maildatabase in a cluster symmetry configuration is repaired after removed on 1 server.  

By Remco Angioni | 5/8/23 1:01 AM | Infrastructure - Notes / Domino | Added by Roberto Boccadoro

n HCL Domino 12.0.2 we discovered that when we delete users, some maildatabases are repaired back to the home/mail Domino server……running on Windows servers. Like all of you know, when removing a user from a clustered Domino environment, the cldbdir entry for that database is altered to REPAIR:DISABLED. Repair is not allowed for that database. We raised a ticket because we noticed, ofcourse, that this was not the case for some users we removed. The database was repaired from another clustermember. This left us with 2 maildatabases and NO persondocument.

Domino Server: Let adminp handle renames in maildatabases, but don’t delete users in name fields.  

By Remco Angioni | 5/5/23 1:26 AM | Infrastructure - Notes / Domino | Added by Roberto Boccadoro

Ever wondered why adminp treats a deletion the same as a rename when you have set the Administration Server Action to Modify all Names fields? Well, I did. I can imagine why a rename should be performed on all mail and calendar items, but a user deletion?????? Why you want that to happen at all?Why remove the evidence that someone have sent me an email or have sent me a meeting request? It doesn’t make sense at all to me. That’s why I was searching for a way to tell Domino not to delete users in names fields, just renames when using adminp in maildatabases. And there it is, the solution.

Setting up HCL Domino Time-based one-time password (TOTP) authentication  

By Remco Angioni | 2/14/23 3:43 AM | Infrastructure - Notes / Domino | Added by Roberto Boccadoro

Here is the easy guide how to setup HCL Domino TOTP on a Domino V12.0.2 server with internet site document.

Sametime V12 MongoDB LDAP issue when using webusers  

By Remco Angioni | 1/30/23 1:57 AM | Infrastructure - Sametime | Added by Roberto Boccadoro

When you move from a Sametime version running on Domino to the Sametime V12 version, running on Docker......there could be a problem when you have webusers running in your Sametime environment. You always have to run the Sametime Name Change utility to move away from Domino (LDAP) syntax ( CN=Remco/O=ORG to CN=Remco,O=ORG) https://help.hcltechsw.com/sametime/11.6/admin/changing__names_in_contact_and_privacy_lists.html There is a problem when you have used Sametime 11.6, which already used MongoDB for chatlogging, and used WEBUSERS (and not registered users). Webusers are saved flat in MongoDB and do not contain the CN=…/O=… syntax. When you move to Sametime V12 and converted the users to LDAP and imported vpuserinfo to MongoDB, you see a loss in Contacts and Archive. Your account is no longer connected to your old chats and doesn’t contain any contacts. Why?

Solution for broken TrendMicro ScanMail for Domino 12.0.2 on Windows  

By Remco Angioni | 12/23/22 4:16 AM | Infrastructure - Notes / Domino | Added by Roberto Boccadoro

After upgrading the Domino to 12.0.2, TrendMicro scanmail stops working. The cause is C API OSLoadLibrary changes in Domino 12.0.2. TrendMicro had identified the problem and created a temp workaround for it. See article: https://success.trendmicro.com/dcx/s/solution/000291870?language=en_US

Setup DKIM for HCL Domino 12.0.2  

By Remco Angioni | 12/9/22 1:58 AM | Infrastructure - Notes / Domino | Added by Roberto Boccadoro

Finally we can setup and use DKIM email authentication in HCL Domino. Here are the steps for adding DKIM in Domino and DNS.The actions are my actual commands for adding DKIM to my angioni.nl domain.

HCL Software and the number 13  

By Remco Angioni | 12/2/22 3:18 PM | Business - News | Added by Oliver Busse

Just after 12.0.2 we all waited for the next major release. There it is …… proof that HCL doesn’t like the number 13 like we heard in the rumors.

Sametime V12.0.1/12.0.2 cannot connect to LDAPS:636 using TLSv1.2  

By Remco Angioni | 10/31/22 4:49 AM | Infrastructure - Sametime | Added by Roberto Boccadoro

Setting up Sametime V12.0.1 and V12.0.2 BETA, I discovered that we couldn't connect to LDAPS to a Domino server, or to the AD using TLSv1.2.I discovered it in the Docker environment and noticed in the community log these lines: community_1 | stuserinfosa 2022-10-04 08:44:04.175 SEVERE 0 — 31 : createConnection : Problem Initalizing context for simple bind community_1 | javax.naming.CommunicationException: simple bind failed: stldap.domain.internal:636 [Root exception is java.io.IOException: Initial encode failure on StTlsSocket [6]]

Extra “Sametime V12 MongoDB roles” in a highly secured Mongo environment  

By Remco Angioni | 7/11/22 4:26 AM | Infrastructure - Sametime | Added by Roberto Boccadoro

When following the standard procedure for installing LDAP, MongoDB and Sametime V12. You may discover that the Sametime database user does not have enough rights. The procedure tells us that the following command for creating an user and roles should be enough: db.createUser({user: "sametimeUser", pwd: "sametime", roles:[{role:"readWrite", db:"chatlogging"},{ role:"readWrite", db:"mobileOffline"},{ role:"readWrite", db:"meeting"},{role:"dbAdmin", db:"meeting"},{role:"userAdminAnyDatabase", db:"admin"}]}) Because there was no warning or error at this point we finished the installtion and started Sametime V12, I discovered that we couldn’t login into Sametime. Even when LDAP works correctly and tells us “BIND SUCCESSFULL” in the Sametime Community log.

Sametime 11.6 IF2 installation results in a non-working proxy when you don’t have a meeting server.   

By Remco Angioni | 3/25/22 4:27 PM | Infrastructure - Sametime | Added by Oliver Busse

After installing Sametime 11.6 IF2, i discovered that the entire proxy service will not start at all. In the localhost log you can see the following warning, over and over again. After opening a support ticket, HCL discovered a problem in the code. It seems like Sametime 11.6 IF2 needs a configured meeting server in the config.

Tweak the first save-attachment location within HCL Notes | Angioni's Blog  

By Remco Angioni | 2/28/22 2:24 AM | Infrastructure - Notes / Domino | Added by Roberto Boccadoro

When you want to move the default save location, for your attachments, from %TEMP% to C:\LOCAL\TEMP, than this cannot be done from a policy. We opened a case at HCL support and after 2 weeks, because support also didn't knew how to do it, the answer came from development.

HCL Domino’s IDVault: Enabling automatic restart of ID file synchronization | Angioni's Blog  

By Remco Angioni | 12/15/21 2:08 PM | Infrastructure - Notes / Domino | Added by Oliver Busse

It can happen that the sync between your userid used in Notes client and IDVault is broken. It will fail to sync when the password in your local ID file is different from the one in the IDVault. But there is a way to get it up and running again…..automatically

Verse iOS 12.0.3 breaks connection to Traveler when configured wrong  

By Remco Angioni | 9/14/21 9:57 AM | Infrastructure - Notes / Domino | Added by Roberto Boccadoro

When there is a difference between the External Server URL, and the one you use configuring the iPhone Verse devices, you will see that the connection is now broken using version 12.0.3

Installing Sametime V11.6 or Traveler V11.x on Linux with a small-sized /tmp volume.  

By Remco Angioni | 7/5/21 2:22 AM | Infrastructure - Notes / Domino | Added by Roberto Boccadoro

Sometimes a Linux deployment comes with a too small sized /tmp volume. Normally installers detects this and reports an error and stop the installation. Sametime 11.x and Traveler 11.x only detects it, but continue with the message that the installer is now using /root as their temp folder in order to continue its installation.

HCL Domino V11.0.1FP3 and things you need to know about this fixpack  

By Remco Angioni | 7/5/21 2:21 AM | Infrastructure - Notes / Domino | Added by Roberto Boccadoro

After installing HCL Domino V11.0.1FP3 you may encounter several new features which can result in an issue. Here are the things we have discovered so far.

HCL Verse: read and write encrypted mail without your userid  

By Remco Angioni | 5/19/21 1:41 AM | Infrastructure - Notes / Domino | Added by Roberto Boccadoro

When you want to read and/or write encrypted mail, you normally need to have uploaded your notes.id into your HCL Notes mail database. Now, when the technique evolves, it’s no longer necessary to upload it manually. It’s even harder when you work natively from the IDVault, because your ID is loaded into memory.