Recent
Notes & Domino 14 - missing the Notes.jar? It's still there 
By Oliver Busse | 12/8/23 2:09 AM | Development - Notes / Domino | Added by Roberto Boccadoro
Today HCL released version 14 of Notes and Domino. Despite I tried the beta version in the EAP I wasn't aware that the Notes.jar was relocated.
In my test VM I installed the new version just to find my Eclipse projects failing to build due to my variable NOTES_HOME not pointing to the correct location anymore.
So, if you also got your little WTF moment, keep cool and relocate your variables to <NotesProgramDir>/ndext/notes.jar now.
Troubleshooting Top Updates in HCL Connections
By Christoph Stoettner | 12/5/23 2:25 AM | Infrastructure - Connections | Added by Roberto Boccadoro
Orient Me shows Top Updates on the startpage of Connections, but sometimes this view is empty, how is this generated?
Last week, I had three systems with issues displaying the Top Updates in the Orient Me. So I tried to find out which applications and containers are involved in generating the content for this view.
First, we need to know that Top Updates are part of the Component Pack, and the content of Latest Updates is the Activity stream data, which is read from the homepage database.
If the Top Updates tab is not visible after deploying the Component Pack, check LotusConnections-config.xml; the serviceReference for orientme needs to be enabled. There is only one serviceReference allowed for an application in this file, so check for duplicate definitions when the tab is still missing.
Hide widget from Highlights
By Christoph Stoettner | 11/30/23 2:53 AM | Infrastructure - Connections | Added by Roberto Boccadoro
With HCL Connections 6.5 and later, we got the add-on HCL Connections Engagement Center (aka CEC, HCEC, ICEC or XCC) included in a normal HCL Connections deployment.
The HCL Connections license contains the supplement that HCEC can be used within Communities and is the base for the Highlights application. All other options are hidden and could be enabled in LotusConnections-config.xml (set <genericProperty name="icec.light">false</genericProperty>), but then you need to order the HCL Connections Engagement Center license.
Domino Download Bash Script leveraging My HCL Software Portal
By Daniel Nashed | 11/27/23 12:58 AM | Infrastructure - Notes / Domino | Added by Roberto Boccadoro
The My HCL Software Portal is still an early access offering in parallel to Domino 14 early access.
It is planned to replace the Flexnet download soon and way easier and much faster to navigate.
The website just works and has awesome performance.
Domino 14 AutoUpdate leverages a new software download API to automatically download software into autoupdate.nsf.
The download just needs a download token, which can be requested if you are log into https://my.hcltechsw.com/.
I have been looking for a way to automatically download software for a couple of years.
Now with the new portal and this new API it is possible to write a Bash script for full command-line operations including a simple to use menu.
There are two different modes. By default the script uses My HCL Software navigation.
But alternatively it can also leverage Domino 14 Auto Update software.jwt, which has more granular information and allows a more structured download package browsing experience.
nginx as ingress for Docker composeg
By Stephan Wissel | 11/16/23 1:57 AM | Infrastructure - Notes / Domino | Added by Roberto Boccadoro
nginx as ingress for Docker compose - In June I wrote about how to use Docker & nginx to deliver statically rendered brotli files for your web (frontend) application. It improves delivery quite a bid, but left me wonder: isn't there too much static WebServer involved? Double hop to deliver static files.
Nginx as reverse proxy and SNI
By Martijn de Jong | 11/10/23 4:43 AM | Infrastructure - Notes / Domino | Added by Roberto Boccadoro
I had some difficulty to find a good title for this article that would really cover the contents. Therefore, let me start with describing the problem I faced which led to this article.
I have a lot of sites running on my home server (this blog being one of them) using different technologies. As I have a single IPv4 address, all these sites are behind a reverse proxy, for which I use Nginx. A couple of those sites are Domino sites and last week I realised there was something wrong in that area. I have several internet site documents on Domino for different urls. However, last week I realised that all my urls that were forwarded to Domino, were being serviced based on the same internet site document. In other words, Domino did not recognise for which internet site a request was meant.
Couple of things to watch out for when applying CR’s to HCL Connections
By Wannes Rams | 11/7/23 10:14 AM | Infrastructure - Connections | Added by Wannes Rams
I was updating a couple of Connections environments to CR4 and some of them are using SSO using OIDC and a custom database name for ICEC ( so not ESSAPPS)
DOMI integration with IPS enabled
By Rainer Brandl | 11/7/23 2:07 AM | Infrastructure - Notes / Domino | Added by Roberto Boccadoro
This week I had the issue that a customer has enabled IPS for any outgoing http/https traffic which caused a non-working DOMI integration because the token could not be approved.With a very helpful link from the HCL Support the issue could easily be solved by whitelisting the request to "integration-auth-token.hcltechsw.com" on port 443.
Losing the persistent chat history of a renamed HCL Sametime 12 user - how to fix it
By Ales Lichtenberg | 11/6/23 3:36 AM | Infrastructure - Sametime | Added by Roberto Boccadoro
If you rename a user and they log into Sametime, they will not see the persistent chat history. This is not a bug and the loss is not permanent. You need to run the database tool to synchronize the data properly. The Sametime 12 documentation describes everything. Here is a simple description of how to perform this process.
Configuring Entitlement Tracking in Domino 12
By Dmytro Pastovenskyi | 11/3/23 2:31 AM | Infrastructure - Notes / Domino | Added by Roberto Boccadoro
In the realm of HCL Domino Server 12.0, the feature of "Entitlement Tracking" has become a vital component for organizations.
While comprehensive information regarding Entitlement Tracking is available through HCL, I needed to know some practical management aspects, such as disabling the feature and adjusting intervals etc.
Security Directory Integrator connecting to Active Directory LDAPS
By Unknown Author | 11/3/23 2:28 AM | Infrastructure - Connections | Added by Roberto Boccadoro
I had one Connections’ environment that I wanted to switch from OpenLDAP to Active Directory LDAP. The old OpenLDAP environment used LDAPS to connect, and so I assumed that the change was done quickly.
HCL Nomad Web SAML Authentication with Keycloak - Part 3: Nomad Web ID Vault Configuration
By Heiko Voigt | 11/2/23 3:08 AM | Infrastructure - Notes / Domino | Added by Roberto Boccadoro
In Part 2, we did the Keycloak Setup and created a realm, an identity provider (Domino LDAP), the Domino Service Provider information on Domino and exported the Service Provider XML, we did a set up for the nomad-config.yml on Domino and created the Service Provider on Keycloak by importing the Domino Service Provider XML and modifying it as needed. We then started Nomad and made sure, all switches fall into place.
Now, the only "Annoyance" in this process is the prompt of the Password of the Notes ID when we set up Nomad Web. Let's eliminate this as well as follows:
SAML SSO and Keycloak with HCL Nomad Web - Part 2: HCL Nomad Web Authentication
By Heiko Voigt | 10/31/23 8:18 AM | Infrastructure - Notes / Domino | Added by Roberto Boccadoro
Wow - it's been REALLY long since I started my first post about SAML SSO with Keycloak and Domino. Today, we are going to take a look at Nomad Web on Domino (no Safelinks) and how we can make use of SAML to authenticate against the HCL Nomad Web Server and (in Part 3 of this series), the ID Vault to be able to unlock the Notes ID without a second password prompt.
All Essential Links for Everything Notes/Domino in One Place
By David Hablewitz | 10/31/23 2:44 AM | Business - News | Added by Roberto Boccadoro
Here is a collection of links to everything you could possibly want for Domino and HCL Notes (#LotusNotes) I have many more links to add, so consider this a starting point and bookmark this one page for reference and return to it often.
NotesIn9 210: Compare Database Differences
By David Leedy | 10/31/23 2:43 AM | Infrastructure - Notes / Domino | Added by Roberto Boccadoro
In version 12 of HCL Domino they added a new advanced template that can be used to show differences in design elements between two database. This might come in handy if you need to compare databases. In this show I’ll give a short demo on this so you can get started using it.
Overcoming Domino's Agent Scheduling Limitations with JavaAddin
By Dmytro Pastovenskyi | 10/30/23 2:16 AM | Development - Notes / Domino | Added by Roberto Boccadoro
If you're frustrated with Domino's limitations on scheduling agents to run more frequently than once every 5 minutes, you're not alone. As a programmer, you understand the need for flexibility and control in your applications. In this article, we'll discuss a practical solution: creating a JavaAddin for Domino that can trigger agents at shorter intervals, allowing you to gain more fine-grained control over your scheduled tasks.
XPages JEE 2.14.0
By Jesse Gallagher | 10/28/23 4:39 PM | Development - Notes / Domino | Added by Oliver Busse
Today, I released version 2.14.0 of the XPages Jakarta EE Support project. As with the last few releases, this is primarily about bug fixes and compatibility as I prepare for the big switch in 3.0, but there are some notable, if small, feature additions.
NotesIn9 209: Creating a new Domino Domain
By David Leedy | 10/23/23 8:32 AM | Infrastructure - Notes / Domino | Added by Roberto Boccadoro
In this show I demo how to create a brand new HCL Domino v12 server and Domino Domain. I also show how to install the v12 Notes/Designer/Admin client. Its been a while since I did a show and I had some audio issues but I cleaned up much of it and should be better going forward.
Get your Linux environment ready for Domino V14
By Daniel Nashed | 10/20/23 3:43 AM | Infrastructure - Notes / Domino | Added by Roberto Boccadoro
Domino V14 is planned to ship end of this year. For Windows the system requirements don't really change, because of the universal run-time.
But for Linux a newer compiler brings new OS dependencies. Specially the glibc version, which brings the base run-time support for C and also the C++ standard libs are important.
An application build with a newer compiler on a newer Linux version does not run on older versions with lower glibc versions.
glibc is the The GNU C Library - https://www.gnu.org/software/libc/
The new version required was released in August 2021 and is part of most current long term release Linux distributions.
Is HCL Notes/Domino using Oracle Java?
By Thomas Hampel | 10/14/23 7:42 AM | Infrastructure - Notes / Domino | Added by Roberto Boccadoro
The short answer: No!
Background:
On January 23, 2023, Oracle announced (again) yet another new licensing model for Oracle Java that represents a dramatic price increase for large organizations.
This can lead to interesting discussions since e.g., a 40,000-employee organization could be asked spending USD $2.5M annually just on Oracle Java alone.
What Java version is used by Notes and Domino?
Notes and Domino are providing the Java runtime as part of the product, so customers do NOT need to download or install the Java runtime environment separately.
Since the JVM/JDK is part of the licensed product, it is covered under the product license of HCL or previously the product license of IBM.
With the acquisition of the product by HCL, dependencies to IBM Java were removed and got replaced with OpenJDK effectively in version 11.0.0 of HCL Notes/Domino.
Java updates are provided by HCL (and previously by IBM) typically as part of regular fix packs.
Domino Authentication via SAML – All Flavours
By Milan Matejic | 10/13/23 1:55 AM | Infrastructure - Notes / Domino | Added by Roberto Boccadoro
For the Engage 2022 event, I prepared a "Domino Authentication via SAML - All Flavours" session, to present it with my colleague Herwig W. Schauer. Alas, the session never got accepted and I never had time to convert it to a whitepaper. As I invested quite a bit of time for preparing the slides, I thought that I should upload it here before it inevitably travels into oblivion. Maybe it will come handy for some of you.
Keep HCL Domino JVM settings during upgrade?
By Remco Angioni | 10/9/23 2:58 AM | Infrastructure - Notes / Domino | Added by Roberto Boccadoro
When you have added custom settings in the Domino JVM environment, and upgrade Domino....you noticed that all your settings are gone. Even the custom JARS are removed. There is a way to keep them during the upgrade of Domino, and that's to tell Domino JVM that the files are on a different location...outside the Domino
Running Domino with SELinux on current REHL/CentOS Stream 9 & Co
By Daniel Nashed | 10/9/23 2:56 AM | Infrastructure - Notes / Domino | Added by Roberto Boccadoro
Domino 12.0.2 added support for SELinux in enforced mode, which is enabled by default by newer installations.
SELinux is a lower level security feature, which can even limit processes running with root permissions.
But the application needs to have a SELinux profile.
I ran into this week on my own on a RHEL 9.2 machine and I got the same problem from a partner yesterday.
It turns out that systemd can't read from /tmp any more. But the Domino service from my Nash!Com start script writes the domino process id into the /tmp folder.
With SELinux enabled you get the following error message when looking into your service status (domino statusd).
The start and stop operations of your server will also hang, because systemctl will hang.
systemd[1]: domino.service: Can't convert PID files /tmp/domino.pid O_PATH file descriptor to proper file descriptor: Permission denied
Required Notes and Domino anti-virus file exclusions
By Daniel Nashed | 10/9/23 2:54 AM | Infrastructure - Notes / Domino | Added by Roberto Boccadoro
This discussion came up in an OpenNTF Discord channel.
The question was if this might be a good idea to keep OS level anti-virus enabled for Notes/Domino files.
There is a clear statement from HCL about exclusions. But the technote doesn't explain why those exclusions are important.
The exclusion might be different for each anti-virus production in detail. It also depends on customer IT policies how to exclude data.
This can be either by path, extension or process.
There are also recommendations from some anti-virus vendors stating the same exclusions for their specific product:
Guidelines for excluding Notes and Domino directory and files when running an operating system Antivirus
https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0093046
ible Ans
Lotus Evangelist: SMTP BlackListing, WhiteListing and Log and Reject/Tag
By Keith Brooks | 10/5/23 5:09 AM | Infrastructure - Notes / Domino | Added by Roberto Boccadoro
If you rely on your Domino server to handle all your mail, you probably have had numerous attacks on your server over time or even lately, as I did last week.
My personal Domino server is a mix of real code, websites, and active email, with various half-coded things and weird templates or customer testing.
However, I started getting harassed by sites looking for open SMTP accounts recently and figured something was amiss in my configuration document.
Domino and JavaScript Development MasterClass Redux
By Paul Withers | 10/4/23 5:21 AM | Development - Notes / Domino | Added by Roberto Boccadoro
Nearly six years ago I delivered a session at IBM Think with John Jardin called “Domino and JavaScript Development MasterClass”, a session I also delivered at Engage in May 2018. The session was delivered at the request of Andrew Manby, product manager for Domino. It was shortly after the first Domino Jams when JavaScript development against Domino was a key point of focus and it pre-dated any specific developments to expose Domino for JavaScript development. Now seemed a good point to revisit and review, not only in the context of Domino REST API and Volt MX Go, but also with the future of VoltScript in Volt Foundry.
Continuing with HCL Domino in the IOT Space...
By Heiko Voigt | 10/3/23 10:18 AM | Development - Notes / Domino | Added by Roberto Boccadoro
In the past weeks, I have extended my knowledge and demo equipment in the IoT Space using LoRaWAN Sensor, The Things Network Stack and Dragino Open Source Hardware.
Today, I am running various outdoor and indoor LoRaWAN Gateways, multiple Sensors checking on air quality, temperature and moisture levels indoors as well as Soil moist outdoors and door/window open/close sensor on my network instances, collecting data in my private data lake.
The old dog and some fun tricks...
By Heiko Voigt | 10/3/23 10:17 AM | Development - Notes / Domino | Added by Roberto Boccadoro
I really love to listen to my favorite radio stations on my laptop, I really do. And there's tons of software solutions out there to give you a streaming radio client on all operating systems.
But - my main work environment still is a HCL Notes Client - and there wasn't an app for that use case, at least not that I was aware of. A couple of weeks back I stumbled across a JavaScript Library that finally made me build one: Howler.js.
Using OpenLog for logging/ debugging XPages – Kwintessential Notes
By Patrick Kwinten | 10/3/23 2:09 AM | Development - Notes / Domino | Added by Roberto Boccadoro
Today I opened a database where a developer insists on writing almost all code in SSJS. A bit odd because OpenNTF Domino API is enabled and used in this particular application. I guess JAVA is still frightening. But because of SSJS you get unexpected behaviour which are difficult to catch in OpenLog.
SAML Login redirections problem in Domino 12 - XPageDeveloper.com
By Fredrik Norling | 10/3/23 2:07 AM | Infrastructure - Notes / Domino | Added by Roberto Boccadoro
Before we dive into the problem, let’s briefly understand the SAML authentication process within HCL Domino:
User requests access: A user attempts to access a resource (e.g., a web application) protected by SAML authentication.
Identity Provider (IdP) initiation: The user is redirected to an Identity Provider (IdP) for authentication. The IdP can be an external service or a SAML-enabled component within Domino itself.
Authentication: The user logs in at the IdP. Upon successful authentication, the IdP generates a SAML assertion, a digitally signed XML document containing authentication information.
SAML assertion delivery: The SAML assertion is sent back to the Domino server.
Domino server validation: Domino verifies the SAML assertion’s authenticity and extracts user identity information.
User redirection: If the SAML authentication is successful, Domino redirects the user to the requested resource.
The Samesite Cookie Issue
The problem arises at step 6 in the SAML authentication process. Users are not being redirected as expected, and this issue is attributed to a relatively new feature in web browsers called “Samesite.”