TexasSwede
texasswede@gmail.com
  • About this blog
  • My Website
  • My Resume
  • XML Export Tool
  • Photos

Category Archives: Administration

Helpful Tools – Ytria EZ Suite (part 2)

Posted on April 8, 2021 by Karl-Henry Martinsson Posted in Administration, Notes/Domino, Reviews, Software, Utilities Leave a comment

Two weeks ago I wrote about Ytria EZ Suite, a set of tools for HCL Domino that I have been using for years. Unfortunately there were so much to write about the tools that I had to split it up into multiple blog posts. This is the second article about the tools that comprise EZ Suite. In that first post I covered scanEZ, consoleEZ, actionBarEZ and viewEZ, and if you haven’t read it yet, you can find it here.

Most of the tools I previously covered were aimed more towards developers, especially actionBarEZ and viewEZ. The consoleEZ tools can also be very useful for a developer who needs to keep an eye on the server console for potential error messages from agents being executed on the server. But Ytria offer tools directly geared towards administrators as well, so today we will take a look at them.

The first of these tools is aclEZ, and as the name indicates it is used to manager the ACL (Access Control List) of Domino databases. You get an overview of who has access to the databases, and you can modify, create and of course delete entries. You are of course not limited to displaying one database, you can select multiple databases and compare the ACL settings between the different databases. You can also copy ACL settings between databases, so you can setup one database with the proper security settings and then copy them to as many databases as you like on your server.

Ytria is using a configurable grid to display columns in all their tools. This is making it easy to view just the info you are looking for. Columns can be hidden or displayed, sorting can be set, and much more. I find this flexibility very helpful, there are often columns I am not even remotely interested in and now I can just prevent them from being displayed.

In addition you can sort the columns in the grid, and also apply filters so only values matching a specific criteria are displayed.

This is just a couple of examples of the many details I enjoy with the Ytria tools. They have over 20 years of experience creating tools for Notes and Domino professionals, and that shows. Everything is well thought through, and the tools offers great flexibility.

A tool I find extremely useful is databaseEZ. It allows me to get a high level view of all databases on a server, check things like the ODS version, if they are full-text indexed or not, the database size,, when they were last compacted, and also look at the size of the view index for each view in a database.

All this information helps me for example if I need to find out why a Domino application is slow, or which databases needs maintenance first. Almost this information can be accessed from the Domino Administrator client, but not in this easy to read format. Instead you need to open a number of different views and dialog boxes in each database. This is a huge time saver!

The last tool I want to mention today is replicationEZ. As the name states, this is a tool to locate and compare replicas of databases on different servers. Like in the other tools from Ytria, there are too many functions to list them all. I would like to mention a few that I find very useful.

Here I have loaded two of my servers into the replicationEZ grid, and it is now easy to see that there are a couple of databases I don’t have replicas of on my secondary server. I am also loading and comparing the number of documents and deletion stubs in two replicas of a database, and you can see there is a discrepancy on the number of deletion stubs between them (highlighted in red).

It is of course easy to create new replicas, or rather a replication stub. This is another example of how Ytria added functionality that I miss in the native Domino Administrator. Instead of having to sit and wait for a new replica to be created and all documents replicated to the new server (or start the replication, cancel out after a few documents have been replicated, and then let the Domino server finish the replication in the background), replicationEZ creates a replication stub, and I can continue to work while the full replica is created.

There are a few more tools from EZ Suite that I want to talk about, so check back in a few days for the last blog post.

EZSuite tools Ytria

#DominoForever – Release Day

Posted on October 10, 2018 by Karl-Henry Martinsson Posted in Administration, AppDev, IBM/Lotus, Lotusscript, node.js, Notes/Domino, Web Development 1 Comment

Finally it is here, the new version of IBM Domino. After the world premiere yesterday in Frankfurt, the world-wide launch is taking place today.

The focus in this release is on application development and administration. Features like self-healing of databases and increase of the maximum database size to 256 GB are among the most popular with administrators, while developers have a number of exciting additions.

The two most talked about features are the new Domino Query Language and node.js integration with Domino. Domino Query Language has been written from the bottom up to be fast, and the demonstrations I have seen confirms this. It is fast, very fast! And it can handle searches that would not only take a long time to create in earlier versions of Domino, but would take forever to run. Now the result comes back in a second, or even less. This really blew my mind when I first saw it earlier this year. John Curtis, the engineer that pretty much single handed wrote this code, did an amazing job, fully on par with when Damien Katz rewrote the formula language in ND6 and increased the performance several times over.

The second big feature of Domino 10 is the integration with node.js through the domino-db connector. It will be delivered in a separate application development pack, which will enter beta this week. This is a slight disappointment, I had been hoping this functionality would be available at the launch. But I rather wait the time that is needed for IBM and HCL to make it a fully stable product, instead of rushing something unfinished to the market.

Another product announced today was Notes for iPad, which makes it possible to run existing Notes applications unmodified on an iPad. All the functions we know and love are supported, like replication, offline access to applications, Lotusscript, Formula language, and more.

To support mobile Notes applications, there are enhancements in Lotusscript, for example camera and GPS support. Lotusscript has also been extended with other new classes, for HTTP requests and JSON parsing directly in native Lotusscript. No need to call Java or system API:s anymore!

HCL has done an amazing job in a short time, and Domino is on its way to become a very powerful and extendable platform for modern web development. A company can now not only deploy their existing business applications on iPads, they can also hire young developers who have experience of node.js and modern frameworks/libraries like Angular and React, and have them develop new solutions that can access existing data in Domino databases. Why use Mongo DB for data storage, when you have the much more secure Domino server available?

Domino 10 is not the end point. Domino 11 will be out next year, and IBM/HCL have committed to a long future for Domino. Forget #domino2025, now it is #DominoForever!

If you were not able to attend any of the launch events, here is the live stream from Frankfurt :

https://m.facebook.com/story.php?story_fbid=310707186390803&id=111720058922703

#domino2025 #dominoforever #IBMChampion

Rebuilding my Domino infrastucture

Posted on October 24, 2017 by Karl-Henry Martinsson Posted in Administration, IBM/Lotus, Notes/Domino 1 Comment

Recently I did some long overdue changes to my Domino infrastucture. Many years ago, when I initially setup my Domino server, I put it in the domain /Martinsson, since my domain at that time was martinsson.com (as well as martinsson.net). The server was just for practice and fun initially, but I ended up doing more and more.

In 2013, when my wife Christina and I started a small business, I added additional internet domains to the server. Our business Demand Better Solutions strated getting some traction, and I changed my email address from karl-henry@martinsson.com to karl-henry@demandbettersolutions.com. But I kept having issues with the outgoing email. Often people did not get my emails since they ended up in their spam folder. I figured that it had something to do with the domain

It was time to bite the bullet and do something. I decided earlier this year that I would setup a server from scratch, on a new hosting service. I arranged hosting with Prominic, a company specializing in high quality Domino hosting. The account was setup in no time and the Domino server was ready to be configured. My new Domino domain would from now on be /DBS.

I am not a stranger to installing and configuring Domino servers, but I decided have a real administrator set up it up for me, to get everything perfect..This way I would hopefully also learn something. Another reason I wanted some help had to do with setting up cross-certifications with my old server in the old domain. My plan was as follows:

  • Set up the new server
  • Cross-certify the two servers and admin accounts
  • Replicate over all databases from the old server to the new
  • Update the ACL on all databases and remove references to the old server
  • Delete the old server and all data files
  • Install a second Domino server in the new /DBS domain
  • Set up replication between the two servers (on different hosts)

I was lucky enough to get help from one of the best, Lifetime IBM Champion Gabriella Davis from The Turtle Partnership. If you need high quality admin help or advice, with Domino or IBM Connections, Gab is outsanding.

Gab helped me set everything up on the new server, I replicated everything, fixed the ACL settings and deleted the old server. The build of the secondary new server went off without any issues, which is not surprising when you consider the stability and maturity of the Domino server platform.

I updated all DNS settings, replicated all databases to the second server, and I was ready to rock’n’roll.

Everything worked well for a while, until I noticed that some email services still categorized a number of my emails (but not all of them) as spam. I did some research and realized that I never changed the SPF record for my domain to point to the correct mail server.

SPF is a email validation system, it works similar to a DNS lookup. When a mail from my domain arrives at a mail server, it performs a lookup to get my SPF record. This record, which is just a plain text string, describes which server(s) are allowed to send mail on behalf of my domain. If the server connecting to the mail server is listed in the SPF record, the email is accepted.

I updated the SPF record, and everything now works perfectly.

This is just another example of how powerful but still easy to use IBM Domino is as a server. The only issues I had were external ones, not related to Domino. Kudos to IBM (as well as the original developers at Iris) for building such a robust and still easy to use platform.

 

 

 

Free Software – Password Reset for Notes/Domino

Posted on September 24, 2014 by Karl-Henry Martinsson Posted in Administration, Bootstrap, HTML/CSS, IBM/Lotus, jQuery, Notes/Domino, Open Source, Software 7 Comments

Earlier this year I was asked to research some alternatives for a web-based password reset function at my work. One of the larger support burdens are users who forget the passwords, especially in the first few days after changing it. We have a 90 day password lifespan, then a new password need to be picked. Some users wait until the last minute, which usually is Friday afternoon right before they go home, making it very likely that they will forget the new password over the weekend. Another big group is auditors, who may come in every 6 months or so, and by then their passwords have of course already expired.

I first looked at some COTS solutions from HADSL (FirM) and BCC (AdminSuite). They were both very competent, and in addition have several other functions that I really would like to have in my environment (like synchronization between Domino Directory and Active Directory). However, as my company is in a cost saving phase, I was asked if I could build something myself, so I played around a little, and came up with a small and simple application.

The application contains two web pages. The first page (Setup) is where the user will setup the security questions used for password recovery as well as entering an external email address that they have access to even if locked out from the Domino account at work. This page is protected by regular Notes security, so the users need to set this up before they lose access to their account.

The second page (Request)is where the user can request the password to be reset. After entering their Notes name, the user is presented with one of the security questions. If the question as answered correctly, the user can now enter a new password. If the question is wrong, another of the questions is presented to the user. I am also using regexp to make sure that the password match the requirement our organisation have for password strength.

Both pages are built using Bootstrap (v3.2.0),  jQuery (v1.11.0), and for the icons I use Font Awesome (v4.2.0), all loaded from BootstrapCDN. I also use a few local CSS and Javascript files to handle older versions of Internet Explorer. The process steps were created using code by jamro and you can find the code here. By the way, Bootsnipp is a great resource to avoid having to invent the wheel again. There are hundreds of free snippets of code there to build neat Bootstrap functionality.

When the user fill out and submit the setup page, a document is created in a Notes database. When the user need to reset the password, the security questions and answers are retrieved from that document. To prevent unauthorised access to the Notes documents, they use Readers fields to prevent them from being visible to anyone but the signer of the agents running on the server.

This application can of course be updated with more functionality. Instead of allowing the user to pick a password, one could be generated by the server and sent through email to the address entered during setup. There are probably other things that can be done to adapt this application to the needs of your organization. And you probably want to change the logo on the pages to fit your organisation.

You can download the application here. It is licensed under Apache 2.0. I will try to get it up on OpenNTF.org soon as well.

Read the “About” page for instructions on installation and setup, as well as full license and attribution. Enjoy!

#ThrowbackThursday – Worst Practices at Connect 2013

Posted on September 18, 2014 by Karl-Henry Martinsson Posted in Administration, Connect, IBM/Lotus, Lotusphere, Lotusscript, Notes/Domino, Programming Leave a comment

Paul Mooney and Bill Buchan returns with a brand new Worst Practices at IBM Connect 2013.

This session alone is almost worth the cost to attend Lotusphere/Connect/ConnectED.

There is a slight skip towards the end, when I had to switch batteries. Otherwise you have the whole session, including the warm-up performance.

Lotus Notes at my work threatened by Microsoft bug

Posted on August 5, 2014 by Karl-Henry Martinsson Posted in Administration, IBM/Lotus, Notes/Domino 7 Comments

 

The company I work for is owned by a large multinational corporation, and we are one of the few places not using Outlook/Exchange, but Lotus Notes. We have a substantial investment in custom applications written for the Notes platform, and with the deep integration between applications and email, we want to stay on the platform.

However, earlier this year, a threat against Lotus Notes reared it’s ugly head. Executives at my company were sent meeting invitations from Outlook by other executives in other companies in the group. Some executives received the invitatiosn fine, and could accept/decline, while other got just a plain text email or even blank email. I was tasked to research this, and it seems to be an issue on the sending side. If the sender have the recipients address in their Outlook contacts, the invitation is sent in one format (rich text), if the recipient is not found, it is sent as MIME. So the mail with the invitation is sent in different format by Exchange, with different MIME types (text/calendar vs. text/plain).

It is actually easy to replicate the issue. Send a meeting invitation from Outlook to a Notes user not/never listed in the Outllok contacts. It comes across perfectly:

MeetingInvitationSuccess

Then add that same address to the Outlook contacts and send another invitation. It comes across as a balnk mail, with only the message disclaimer from Exchange visible:

MeetingInvitationFailed

There is an IBM technote about this, but there is no solution listed. IBM simply suggest contacting Microsoft. There is a workaround, but that involves all Outlook users changing the default outgoing mail format from rich text to plain text, or to edit this on each single contact. I even had a couple of users here (who also had Outlook mail accounts) try that. It worked in some cases, but not always. And this is not going to work, thousands of users (or at least several dozen executives) will not make all those changes just to accomodate a small Lotus Notes shop like us…

I am continuing to look for a solution, but it has to be one that we can implement on the Domino mail server(s) here. I found a suggestion to add TNEFEnableConversion=1 to notes.ini, I am having my administrator implement that right now, so we will see if that helps. But if that does not fix it, or I can’t come up with some way to process the incoming meeting invitations and fix the MIME type, I can see a number of executives working really hard on getting rid of Notes (at least for mail) here. And that will happen soon…

So, anyone got any ideas?

 

Update 08/07/2014: I found out that TNEFEnableConversion=1 was already enabled on our mail server, and had been for several years. It seems to also be related to winmail.dat being attached to incoming Outlook mail. I have opened a support ticket with IBM as well.

Update 2 08/07/2014: Within a couple of hours I got the following response from IBM regarding my support ticket (PMR 91606,004,000):

The TNEFEnableConversion=1 parameter was created to extract attachments from a winmail.dat file using the conversion process.  However, this is only used to extract attachments within emails.  This parameter is not intended to extract calendaring information.  The TNEF converter detaches the winmail.dat file, scans it looking for object types that indicate there is file attachment data present, and extracts the data as needed.

According to the RFC standards for SMTP calendaring (icalendar), messages must be formatted in MIME and not MS Rich Text.  As such, this issue is considered a third party bug by our development team because the
MS Rich Text format generates winmail.dat attachments which do not comply with the RFC standards for calendaring.

 At this time, there is no way to address this issue on the Domino side. However, the development is considering in creating an enhancement request not a fix because the issue relies on Exchange/Outlook. The functionality is expected to be in the next release of Domino version 9.0.2.

Meeting invites sent in an HTML or Plain text format work just fine with external applications such as Notes/Domino.

 This sounds promising, now it is just a question how long we have to wait, and if the executives are going to want to wait.

 

Recover lost SSL keyring password

Posted on July 24, 2014 by Karl-Henry Martinsson Posted in Administration, IBM/Lotus 3 Comments

About two years ago, our Network (as well as Domino) administrator left the company after 10 years. The other day our SSL certificate for one of our websites expired, and we wanted to use a newer wildcard certificate instead of a server specific certificate.
The problem was that we did not have the password for the keyring file (keyfile.kyr) used on the server, either the admin did not document it (which does not sound like him) or the document with the password was lost/we could not find it.

So what to do? We thought about creating a new keyfile and start over, but these days the certificate authorities (like Verisign, Thawte and Go Daddy) use 4096 bit SHA2 certificates as root certificate, which IBM Domino does not support (and don’t plan to support). The recommended solution is to use the IBM HTTP server as a proxy in front of the Domino HTTP server, since that one supports SSH2. So we could not go this way right away (we probably will do it eventually, though), as we just need the SSL certificate up and running on the server right away.

Our administrator came up with a way to get the password for the keyfile, assuming that you have the corresponding .sth file (which we fortunately had). The instructions are below, in case anyone need them in the future.

To recover a Lotus Domino keyring password you need a Lotus Domino server where you have admin access to and the *.sth file which fits the *.kyr file. If you have both you can perform the following steps:
Bring down the HTTP task via:

tell http quit

Open the domino console and enter:

set config DEBUG_SSL_ALL=3
set config SSL_TRACE_KEYFILEREAD=1

If you now bring back your http task via:

load http

you should see a line similar to:

ReadKeyfile> Recovering password from stash file
ReadKeyfile> Password is xxxxxxxxxxx

You now have the password. You can now simply restart the server to remove the temporary notes.ini settings.

HCL Ambassador 2020

HCL Ambassador 2020

IBM Champion 2014-2020

Stack Exchange

profile for Karl-Henry Martinsson on Stack Exchange, a network of free, community-driven Q&A sites

Notes/Domino Links

  • Planet Lotus Planet Lotus
  • IBM dW Forums IBM dW Forums
  • StackOverflow StackOverflow

Recent Posts

  • Notes and Domino v12 is here!
  • NTF Needs Your Help
  • Helpful Tools – Ytria EZ Suite (part 2)
  • Busy, busy – But wait: There is help!
  • Semantic UI – An alternative to Bootstrap?

Recent Comments

  • Lotus Script Multi-thread Message Box [SOLVED] – Wanted Solution on ProgressBar class for Lotusscript
  • Viet Nguyen on Keep up with COVID-19 though Domino!
  • Viet Nguyen on Keep up with COVID-19 though Domino!
  • Mark Sullivan on Looking for a HP calculator? Look no further!
  • Lynn He on About This Blog

My Pages

  • How to write better code in Notes

Archives

  • June 2021 (1)
  • April 2021 (2)
  • March 2021 (1)
  • August 2020 (3)
  • July 2020 (2)
  • April 2020 (2)
  • March 2020 (1)
  • December 2019 (2)
  • September 2019 (1)
  • August 2019 (2)
  • July 2019 (2)
  • June 2019 (3)
  • April 2019 (2)
  • December 2018 (1)
  • November 2018 (1)
  • October 2018 (5)
  • August 2018 (2)
  • July 2018 (3)
  • June 2018 (2)
  • May 2018 (1)
  • April 2018 (2)
  • March 2018 (1)
  • February 2018 (2)
  • January 2018 (4)
  • December 2017 (3)
  • November 2017 (2)
  • October 2017 (2)
  • September 2017 (1)
  • August 2017 (2)
  • July 2017 (6)
  • May 2017 (4)
  • February 2017 (1)
  • January 2017 (2)
  • December 2016 (2)
  • October 2016 (3)
  • September 2016 (4)
  • August 2016 (1)
  • July 2016 (2)
  • June 2016 (2)
  • May 2016 (3)
  • April 2016 (1)
  • March 2016 (4)
  • February 2016 (2)
  • January 2016 (4)
  • December 2015 (3)
  • November 2015 (2)
  • October 2015 (1)
  • September 2015 (2)
  • August 2015 (1)
  • July 2015 (5)
  • June 2015 (2)
  • April 2015 (2)
  • March 2015 (3)
  • February 2015 (2)
  • January 2015 (10)
  • December 2014 (1)
  • November 2014 (3)
  • October 2014 (3)
  • September 2014 (13)
  • August 2014 (6)
  • July 2014 (5)
  • May 2014 (3)
  • March 2014 (2)
  • January 2014 (10)
  • December 2013 (5)
  • November 2013 (2)
  • October 2013 (5)
  • September 2013 (4)
  • August 2013 (7)
  • July 2013 (3)
  • June 2013 (1)
  • May 2013 (4)
  • April 2013 (7)
  • March 2013 (8)
  • February 2013 (9)
  • January 2013 (5)
  • December 2012 (7)
  • November 2012 (13)
  • October 2012 (10)
  • September 2012 (2)
  • August 2012 (1)
  • July 2012 (1)
  • June 2012 (3)
  • May 2012 (11)
  • April 2012 (3)
  • March 2012 (2)
  • February 2012 (5)
  • January 2012 (14)
  • December 2011 (4)
  • November 2011 (7)
  • October 2011 (8)
  • August 2011 (4)
  • July 2011 (1)
  • June 2011 (2)
  • May 2011 (4)
  • April 2011 (4)
  • March 2011 (7)
  • February 2011 (5)
  • January 2011 (17)
  • December 2010 (9)
  • November 2010 (21)
  • October 2010 (4)
  • September 2010 (2)
  • July 2010 (3)
  • June 2010 (2)
  • May 2010 (3)
  • April 2010 (8)
  • March 2010 (3)
  • January 2010 (5)
  • November 2009 (4)
  • October 2009 (7)
  • September 2009 (1)
  • August 2009 (7)
  • July 2009 (1)
  • June 2009 (4)
  • May 2009 (1)
  • April 2009 (1)
  • February 2009 (1)
  • January 2009 (3)
  • December 2008 (1)
  • November 2008 (1)
  • October 2008 (7)
  • September 2008 (7)
  • August 2008 (6)
  • July 2008 (5)
  • June 2008 (2)
  • May 2008 (5)
  • April 2008 (4)
  • March 2008 (11)
  • February 2008 (10)
  • January 2008 (8)

Categories

  • AppDev (9)
  • Blogging (11)
    • WordPress (5)
  • Design (5)
    • Graphics (1)
    • UI/UX (2)
  • Featured (5)
  • Financial (2)
  • Food (5)
    • Baking (3)
    • Cooking (3)
  • Generic (11)
  • History (5)
  • Hobbies (10)
    • LEGO (4)
    • Photography (4)
  • Humor (1)
  • IBM/Lotus (175)
    • #Domino2025 (14)
    • #DominoForever (8)
    • #IBMChampion (46)
    • Administration (7)
    • Cloud (7)
    • CollabSphere (8)
    • Community (47)
    • Connect (33)
    • ConnectED (12)
    • Connections (3)
    • HCL (12)
    • HCL Master (1)
    • IBM Think (1)
    • Lotusphere (46)
    • MWLUG (25)
    • Notes/Domino (97)
      • Domino 11 (7)
    • Sametime (8)
    • Verse (14)
    • Volt (2)
    • Watson (6)
  • Life (8)
  • Microsoft (7)
    • .NET (2)
    • C# (1)
    • Visual Studio (1)
  • Movies (3)
  • Old Blog Post (259)
  • Personal (23)
  • Programming (83)
    • App Modernization (11)
    • Formula (4)
    • Lotusscript (46)
    • NetSuite (4)
      • SuiteScript (3)
    • node.js (4)
    • XPages (4)
  • Reviews (9)
  • Sci-Fi (4)
  • Software (24)
    • Flight Simulator (2)
    • Games (4)
    • Open Source (2)
    • Utilities (6)
  • Technology (37)
    • Aviation (3)
    • Calculators (2)
    • Computers (6)
    • Gadgets (7)
    • Mobile Phones (7)
    • Science (3)
    • Tablets (2)
  • Travel (6)
    • Texas (2)
    • United States (1)
  • Uncategorized (15)
  • Web Development (50)
    • Frameworks (23)
      • Bootstrap (14)
    • HTML/CSS (12)
    • Javascript (32)
      • jQuery (23)

Administration

  • Log in
  • Entries feed
  • Comments feed
  • WordPress.org

Tracking

Creeper
MediaCreeper
  • Family Pictures
© TexasSwede 2008-2014