Be careful with search-admin role in HCL Connections   

By Christoph Stoettner | 5/3/24 5:37 AM | Infrastructure - Connections | Added by Roberto Boccadoro

I showed, in several slides and sessions, how you can use the search-admin role in the search application of HCL Connections for troubleshooting and reviewing some key configurations. In several environments, my user or other administrative users have this role, just to access the link to /search/serverStatus for example. Be aware, when you assign the search-admin role in the search application to a user, the advanced search will not return any result.

Installing wireguard on CentOS Stream 9   

By Martijn de Jong | 1/15/24 3:37 AM | Infrastructure - Connections | Added by Roberto Boccadoro

As I do a lot of my research on new Domino versions, Connections versions and HCL DX on my own server at home and as I’m often not at home, I figured I needed a VPN tunnel to my server, so I can work as if I am home. Wireguard has become kind of the de facto standard for these kind of situations, so I looked into installing it on my CentOS Stream 9 host.

Troubleshooting Top Updates in HCL Connections  

By Christoph Stoettner | 12/5/23 2:25 AM | Infrastructure - Connections | Added by Roberto Boccadoro

Orient Me shows Top Updates on the startpage of Connections, but sometimes this view is empty, how is this generated? Last week, I had three systems with issues displaying the Top Updates in the Orient Me. So I tried to find out which applications and containers are involved in generating the content for this view. First, we need to know that Top Updates are part of the Component Pack, and the content of Latest Updates is the Activity stream data, which is read from the homepage database. If the Top Updates tab is not visible after deploying the Component Pack, check LotusConnections-config.xml; the serviceReference for orientme needs to be enabled. There is only one serviceReference allowed for an application in this file, so check for duplicate definitions when the tab is still missing.

Hide widget from Highlights  

By Christoph Stoettner | 11/30/23 2:53 AM | Infrastructure - Connections | Added by Roberto Boccadoro

With HCL Connections 6.5 and later, we got the add-on HCL Connections Engagement Center (aka CEC, HCEC, ICEC or XCC) included in a normal HCL Connections deployment. The HCL Connections license contains the supplement that HCEC can be used within Communities and is the base for the Highlights application. All other options are hidden and could be enabled in LotusConnections-config.xml (set <genericProperty name="icec.light">false</genericProperty>), but then you need to order the HCL Connections Engagement Center license.

Couple of things to watch out for when applying CR’s to HCL Connections  

By Wannes Rams | 11/7/23 10:14 AM | Infrastructure - Connections | Added by Wannes Rams

I was updating a couple of Connections environments to CR4 and some of them are using SSO using OIDC and a custom database name for ICEC ( so not ESSAPPS)

Security Directory Integrator connecting to Active Directory LDAPS   

By Unknown Author | 11/3/23 2:28 AM | Infrastructure - Connections | Added by Roberto Boccadoro

I had one Connections’ environment that I wanted to switch from OpenLDAP to Active Directory LDAP. The old OpenLDAP environment used LDAPS to connect, and so I assumed that the change was done quickly.

Migrate MongoDB in HCL Connections Component Pack 8  

By Christoph Stoettner | 9/22/23 3:31 AM | Infrastructure - Connections | Added by Roberto Boccadoro

The official documentation, “Migrating data from MongoDB 3 to 5”, wants to dump the MongoDB databases in 3.6 and then restore this data into the newly deployed MongoDB 5. One issue with this process is that we can’t run the two MongoDB versions in parallel on Kubernetes because the provided helm charts and container for MongoDB 3.6 stop running after Kubernetes 1.21. On the other side, the helm chart providing MongoDB 5 can’t be installed on those old Kubernetes versions. So the process to update is: Migration process Dump databases in MongoDB 3.6 (version delivered with Connections 7) Update Kubernetes to 1.25 or 1.27 Restore MongoDB databases to version 5.0 So, you have to plan the process in advance because it is difficult to get the data when you forget something. width=device-width,initial-scale=1,user-scalable=no Migrate MongoDB in HCL Connections Component Pack 8 · stoeps 49.642538;8.638950 DE Heppenheim, Germany 49.642538, 8.638950 Heppenheim The official documentation, “Migrating data from MongoDB 3 to 5”, wants to dump the MongoDB databases in 3.6 and then restore this data in

HCL Connections Mail Plug-in Deployment – Missing Information in the Documentation   

By Milan Matejic | 5/23/23 12:18 AM | Infrastructure - Connections | Added by Roberto Boccadoro

If you are planning to deploy the HCL Connections Mail Plug-in, take note of the KB0092821 knowledge base article. This is a mandatory step that must be done in HCL Connections 8 CR1 and newer environments. If the steps described in KB0092821 article are not followed, you will get the following error message in the browser console: Error: Unable to load https://<mailserver_hostname&gt; status: 403

Build mongodb5 image for Component Pack with Buildah  

By Christoph Stoettner | 5/17/23 7:14 AM | Infrastructure - Connections | Added by Wannes Rams

Build Mongodb5 Image For Component Pack With Buildah

Issues configuring the Sharepoint widget for Communities  

By Wannes Rams | 4/6/23 11:49 AM | Infrastructure - Connections | Added by Wannes Rams

On a recent deployment of HCL Connections I struggled getting the SharePoint widget to work.

Quick Tip: Stashing Log Files From Domino Testcontainers  

By Jesse Gallagher | 3/29/23 3:55 AM | Infrastructure - Connections | Added by Roberto Boccadoro

I've been doing a little future-proofing in the XPages Jakarta EE project lately and bumped against a common pitfall in my test setup: since I create a fresh Domino Testcontainer with each run, diagnostic information like the XPages log files are destroyed at the end of each test-suite execution.

HCL Connections 8 – PDF Export Issues After Installing CNX in a Clustered WAS Environment   

By Milan Matejic | 3/24/23 5:12 AM | Infrastructure - Connections | Added by Roberto Boccadoro

Recently I encountered an issue with PDF Export, right after the installation of HCL Connections applications in a multi-node, clustered, IBM WebSphere Application Server environment. This problem only occurs in a multi-node WAS environment. In the HCL Connections GUI, in the “PDF Export Access” settings of the”Edit Community” menu (Community –> Community Actions –> Edit Community –> PDF Export Access), the following error was displayed: Error 500: org.springframework.web.util.NestedServletException: Handler dispatch failed; nested exception is java.lang.NoClassDefFoundError: com/ibm/ess/ic/ic360/security/tai/Ic360ImpersonateUserTAI

HCL Connections – Journey to Connections 8  

By Urs Meli | 2/27/23 10:10 AM | Infrastructure - Connections | Added by Wannes Rams

After the Connections 8 CR1 had been released, we upgraded our production environment. This is our journey

Always get the latest Huddo version in HCL Connections  

By Wannes Rams | 1/26/23 3:09 AM | Infrastructure - Connections | Added by Wannes Rams

We have documented how to connect to our version, but that documentation is focused on a manual install of Component pack and connecting to our systems from the start. I want to show how to do it if Boards is already installed and running using the automation scripts. You can obviously follow this guide if you did a manual install and connected to the HCL resources, I am just mentioning some specifics about the HCL automation you can ignore.

The state of Social Business continued – Meetup  

By Femke Goedhart | 1/25/23 4:14 AM | Infrastructure - Connections | Added by Wannes Rams

The last HCL Ambassadors meetup we did last December had a bit of an open end and therefor we would like to continue where we left off: With the state of social business and the position of HCL Connection in it. Join us and let us know!

Certificate Information tool   

By Fredrik Norling | 1/17/23 2:40 AM | Infrastructure - Connections | Added by Roberto Boccadoro

SSL certificates, SAML certificates, Signing certificates the number is long of different kinds of certificates and you might need to check the name of a certificate, the start or end date or perhaps the thumbprint. I use the tool mainly to get end dates of certificates sent to me from customers because I hate when they expire and need to be changed without any preparation. And the worst kind that most administrators often miss is the certificates that is auto created i.e. in ADFS servers, Azure Enterprise apps, Okta

HCL Connections Docs 2.0.2 High CPU load  

By Urs Meli | 1/12/23 9:32 AM | Infrastructure - Connections | Added by Wannes Rams

We noticed on at least 2 environments, that the CPU load was around 100%, Memory usage 100% and Swap used 100%. Prior to the update, the servers ran happily and did not show any issues. The process list (htop) showed a lot of /opt/libreoffice7.2/program/soffice.bin tasks.

Keycloak and Kerberos  

By Urs Meli | 1/12/23 9:29 AM | Infrastructure - Connections | Added by Wannes Rams

Goal: Login to your Windows Client and do not have to login to Connections Motivation: Sure you can configure SPNEGO directly in WebSphere. But you might want to support OTP/WebAuthn for external users which are not in your AD?

Migration issue on opnact when using dbt.jar  

By Wannes Rams | 1/10/23 9:59 AM | Infrastructure - Connections | Added by Roberto Boccadoro

While I was migrating a Connections 7 on premises customer to our cloud using the dbt.jar tool, I came across the issue that the OPNACT database did not want to migrate, it threw an error on the OA_NODE table stating that the source table has 38 columns and the target one 37 The column that did not exist on the target was OWNERMEMBERUUID Now the target database is a fresh cnx7 created database from the cnx7 scripts and the creation script does not contain this column. So I started looking through the database scripts to check what happened to that column over time.

How to perform a db2 redirected restore  

By Wannes Rams | 1/10/23 9:58 AM | Infrastructure - Connections | Added by Roberto Boccadoro

Sometimes you need to restore db2 databases on a different machine. For example during on prem to cloud migrations, or when moving database servers during an upgrade for Connections. In most cases some of the paths will be different. The LOGPATH is gonna be your main issue. Goal of this post is to show you how to restore the database and change the LOGPATH setting inside the database you are restoring on the fly.

Huddo Boards & Minio problems – Read before you restart!  

By Martijn de Jong | 11/21/22 2:06 AM | Infrastructure - Connections | Added by Roberto Boccadoro

Last week I got the unpleasant surprise of a no longer working Huddo Boards for Component pack installation at a customer after I had rebooted my Kubernetes environment. I had to reboot this environment after I updated the Kubernetes certificates. Of course, after a change you immediately think that your problem is related to the change you just made, but in this case the only relation was with the restart, which means that this can happen to everyone running Huddo/Kudos Boards for Component pack or Huddo Boards Docker.

Update Elasticsearch certificates in Componentpack · stoeps  

By Christoph Stoettner | 9/5/22 2:04 AM | Infrastructure - Connections | Added by Roberto Boccadoro

Elasticsearch in HCL Connections Componentpack is secured with Searchguard and needs certificates to work properly. These certificates are generated by bootstrap during the initial container deployment with helm. These certificates are valid for 10 years (chain_ca.pem) or 2 years (elasticsearch*.pem) and stored in the Kubernetes secrets elasticsearch-secret, elasticsearch-7-secret. So when your HCL Connections deployment is running for 2 years, the certficates stop working. The documentation on bootstrap is a little bit misleading and my suggested update does not make it into a technote or documentation update since nearly one year.

Change spellchecking to hunspell in TinyMCE  

By Christoph Stoettner | 7/13/22 1:54 AM | Infrastructure - Connections | Added by Roberto Boccadoro

The last years I had issues with application servers using large amount of CPU and even hanging application servers running the Tiny Spellchecking service. It ended with disabled spellchecking in the Tiny editors config.js. Now after updating to the actual editor version TinyMCE 5.10.2 we decided to reenable the spellchecker and the first days it looked like, that the issue was really fixed. Sadly after about a week the first application server started to use 800% CPU just for the server hosting the spelling service.

Fix some annoyances with Customizer · stoeps  

By Christoph Stoettner | 7/6/22 5:06 AM | Infrastructure - Connections | Added by Matteo Bisi

I created a git repository with some smaller CSS files to fix some annoyances within HCL Connections. I started with this to prevent Orient Me to load fonts from external URLs or Elasticsearch Metrics to break the UI on larger screens. These issues are solved after the last updates I got from support, but Blogs and Tailored Experience Wizard can be improved with some simple rules.

Restart Orient Me pods after Internal Server Error  

By Christoph Stoettner | 7/4/22 4:59 AM | Infrastructure - Connections | Added by Roberto Boccadoro

After rebooting the Kubernetes server for HCL Connections Componentpack, I sometimes see that Orient Me is not working and just shows: {"error":{"statusCode":500,"message":"Internal Server Error"}} I think one of the liveness checks could be improved, but for now the following commands restart just the necessary amount of pods to get Orient Me back running.

Elasticsearch7 Update  

By Christoph Stoettner | 6/8/22 3:56 AM | Infrastructure - Connections | Added by Roberto Boccadoro

CVE-2021-44228 was a very serious problem end of 2021, and we are still finding new occurrences, or security teams scan servers and find vulnerable log4j files. Don’t get me wrong most of these occurrences are not vulnerable any more, because the JVM is hardened like in the Elasticsearch 7 containers, or they use of the JVM parameter -Dlog4j2.formatMsgNoLookups=true.

K8s Certificate Manager with Let’s Encrypt  

By Daniel Nashed | 5/5/22 4:41 AM | Infrastructure - Connections | Added by Roberto Boccadoro

Domino certificate manager works like a charm and is the best option for native Domino 12 certificate management. But in a K8s environment you might want to better have certificates deployed outside Domino in front of your Domino K8s service. Mostly you will use a so called Ingress controller, which offloads your TLS traffic. I took a look into last night. It turned out the issues I ran into only occurred because of a messed up k3s installation. After I re-created my server, I was ready to go in minutes.

Automatic Lock/unlock on opening files  

By Femke Goedhart | 5/1/22 2:59 AM | Infrastructure - Connections | Added by Roberto Boccadoro

HCL released a new version of the HCL Connections desktop plugins last month (March 23rd 2022) that included a new feature: auto locking. Now back in the day when we still had CCM, the automatic prompt to checkout a file or not on opening was a great thing and sorely missed on the normal personal and community files. There, you had to manually lock and unlock each file when opening and closing them if you wanted to prevent others from working on the files simultaneously. So suggestions were made and requests sent in by multiple people. And with the March 2022 release it was finally implemented. There is now the option to be prompted to lock a file on opening it.

HCL Connections 7.0 : how fix possible issue on side by side database migration with dbt.jar for Wikis,Files and Metrics db  

By Matteo Bisi | 4/28/22 4:57 PM | Infrastructure - Connections | Added by Oliver Busse

In this period I'm working on HCL Connections migrations from 6.0 to 7.0 and I'm using the side by side approach. While I'm during this job, I prefer to use the dbt.jar for database migrations because this could help me to identify and fix issue at db schema level. In this migrations I had some issue with Wikis, Files (the same for both db) and Metrics

To Doc or not to Doc… Global ambassadors call   

By Femke Goedhart | 3/25/22 4:28 PM | Infrastructure - Connections | Added by Oliver Busse

This months edition of the global super users / ambassadors call we will be kicking off with the theme of To Doc or not to Doc… Do you use Docs with your HCL Connections or not? And why? What options are there and what are the needs for collaborative (and simultaneous) document editing?