192 Lotus blogs updated hourly. Who will post next? Home | Blogs | Search | About 
 
Latest 7 Posts
Details about JVM 1.8 Update in Notes/Domino 9.0.1 FP8
Sun, Feb 5th 2017 17
IBM Notes/Domino 9.0.1 Feature Pack 8 Preliminary Release Notice
Fri, Jan 27th 2017 17
Notes 9.0.1 FP7 IF1 released
Thu, Dec 8th 2016 18
Traveler 9.0.1.15 available with some important changes
Tue, Nov 15th 2016 11
DNUG Domino Day 2016 in DUS und DNUG Comes to you in BER
Fri, Oct 21st 2016 9
IBM Champion Nomination 2016
Tue, Oct 18th 2016 9
IBM Domino 9.0.1 Fix Pack 7 Interim Fix 1 addresses critical issues affecting Domino 9.0.1 FP7 for Linux64 & zLinux64
Fri, Oct 14th 2016 15
Top 10
IBM Notes V9.0.1 Mac 64 Bit English (CN6VDEN )
Tue, Sep 29th 2015 23
Symantec Backup Exec End of Life
Sat, Dec 5th 2015 21
Notes 9.0.1 FP7 IF1 released
Thu, Dec 8th 2016 18
IBM Notes/Domino 9.0.1 Feature Pack 8 Preliminary Release Notice
Fri, Jan 27th 2017 17
Details about JVM 1.8 Update in Notes/Domino 9.0.1 FP8
Sun, Feb 5th 2017 17
Solution for Notes/Domino related process is still running when applying a Fixpack or Hotfix
Wed, Mar 25th 2015 16
TLS 1.2 Connection Issues with mail.protection.outlook.COM
Thu, Jan 7th 2016 15
IBM Domino 9.0.1 Fix Pack 7 Interim Fix 1 addresses critical issues affecting Domino 9.0.1 FP7 for Linux64 & zLinux64
Fri, Oct 14th 2016 15
Taking full benefit of RAM for File-System Cache with Domino on W64
Thu, Mar 13th 2014 12
Passing a document to an agent without saving it first
Sun, Apr 6th 2014 12


Daniel Nashed
Blog Title Daniel Nashed’s Blog
Blog Description Domino on Linux/Unix, Troubleshooting, Best Practices, Tips and more ...
Blog URL http://blog.nashcom.de
RSS Feed http://blog.nashcom.de/nashcomblog.nsf/feed.rss
Validate Feed feedvalidator.org or validator.w3.org
Feed Last Checked Feb 05, 2017 10:41:02 PM EST. Realtime Update:
Location Germany


Recent Blog Posts
17
Details about JVM 1.8 Update in Notes/Domino 9.0.1 FP8
Sun, Feb 5th 2017 10:30p   Daniel Nashed
After my post I got a couple of offline and online questions about details for JVM 1.8 in the Notes Client. The release notes will be update but here is the comment from Scott in case you missed it in the comments. Thanks Scott for this detailed additonal information!!! Java Upgrade to 1.8. The Java run time environment provided with Domino has been upgraded to Java JRE version 1.8 to provide you with access to the latest features. - This is actually both Notes & Domino.
17
IBM Notes/Domino 9.0.1 Feature Pack 8 Preliminary Release Notice
Fri, Jan 27th 2017 3:57p   Daniel Nashed
Today IBM released the first official information about Feature Pack 8 for Notes and Domino 9.0.1 The Preliminary Release Notice provides detailed information about the first feature pack which is currently listed with status "gold candidate". http://www.lotus.com/ldd/fixlist.nsf/8d1c0550e6242b69852570c900549a74/26aa7417bb60f7df852580b40072af2d Here are the release notes, with some comments from my side. (comments in blue). Things to Note: NBP replaced with ICAA - There is no N
18
Notes 9.0.1 FP7 IF1 released
Thu, Dec 8th 2016 3:59p   Daniel Nashed
There is a new IF1 for the Notes Client. Now it begins to be more complicated. The client IF1 and the server IF1 for the Linux issue (see previous posts) have nothing to do with each other and contain different SPRs. The most important fix is the issue we had with ID vault when the new port encryption is used. Given that the SPR is fixed in the client this looks like a client issue and not a server issue. -- Daniel Notes 9.0.1 Fix Pack 7 Interim Fix 1 RGAUADUM59 Duplica
11
Traveler 9.0.1.15 available with some important changes
Tue, Nov 15th 2016 7:14p   Daniel Nashed
Traveler 9.0.1.15 has been released with some important fixes and also changes. The Release documentation has some interesting details. Here is the extract from the release documentation with some comments. What's New "Device wipe is no longer an option for iOS 10.x devices as support was dropped by Apple. You can still use the Wipe Traveler Data option." For security reasons Apple disabled wipe over ActiveSync which is understandable. Before that change every server could wipe
9
DNUG Domino Day 2016 in DUS und DNUG Comes to you in BER
Fri, Oct 21st 2016 7:13a   Daniel Nashed
Auch in diesem Jahr haben wir wieder einen DNUG Event im Bereich Notes/Domino in Düssldorf. Und Anfang November hat Anett Hammerschmidt für unsere Fachgruppe einen halben Tag DNUG Comes To you mit anschließendem DNUG Stammtisch in Berliin. Bei beiden Events geht es um atkeulle Themen und Entwicklungen im Bereich Notes und Domino. Und es werden auch Kollegen von IBM vor Ort sein, mit denen man die aktuelle Strategie von IBM im Bereich Notes/Domino diskutieren kann. Ich hoffe viele von
9
IBM Champion Nomination 2016
Tue, Oct 18th 2016 5:07a   Daniel Nashed
The IBM Champion program is a great way to thank active members of the community and also to help them in some way to continue their work for the community. The nomination is still open until November 14th. So you still have time to nominate someone. Or renominate one of the current IBM Champions. See some details and official links below. -- Daniel "The IBM Champion program recognizes innovative thought leaders in the technical community — and rewards these contributors by amplif
15
IBM Domino 9.0.1 Fix Pack 7 Interim Fix 1 addresses critical issues affecting Domino 9.0.1 FP7 for Linux64 & zLinux64
Fri, Oct 14th 2016 9:08a   Daniel Nashed
As reported before on Linux64 there is a issue with the cluster replicator which has been addressed with IF1 (SPR #KBRNAEMPX2). Because of a change in FP7 that needed a recompile of the whole core including all components (SPR# KBRN9Q7EZW) but some files where missing in the installations. IBM has fixed the issue with 9.0.1 FP7 IF1 which is already available for download. I got it already yesterday for testing thru our PMR and it replaces the missing files. If you are running Domino on Li
9
Domino 9.0.1 FP7 issue Notes User Id File Upload To Vault Failed If Port_enc_adv Parameter Is Enabled
Wed, Oct 12th 2016 6:45a   Daniel Nashed
Alex Novak mentioned another issue with FP7 which might affect you in my blog comments. We only have the public description of the SPR and I assume only the ID Vault server communication is affected. SPR # BBSZAEEK8C APAR #LO90429.: Notes User Id File Upload To Vault Failed If Port_enc_adv Parameter Is Enabled So for now you should not enable the new AES encryption on your ID Vault server until this issue is fixed. Given the 3 issues I reported in the last days in my blog (one is on
5
Cluster replicator hang with 9.0.1 FP7 on Linux64
Wed, Oct 12th 2016 6:32a   Daniel Nashed
There is another issue (SPR #RSOIAEME5L) that might affect you when running with Linux64 and 9.0.1 FP7. Due to the change in FP7 on Linux64 (SPR# KBRN9Q7EZW) all server binaries needed to be updated in FP7. It turned out that some binaries have not been replaced by the FP7 installer. In this case the cluster replicator task wasn't updated. Because of the change of internal structures this causes issues with older core servertasks in Domino (business partner applications using the public C-
4
CD to MIME Conversion Issue in 9.0.1 FP7 generating Javascript for sections
Mon, Oct 10th 2016 4:41a   Daniel Nashed
We ran into an issue at a customer on Friday. Today we got the confirmation that it is a bug and development is already looking into this. It looks like a low level issue when converting Richtext into MIME in mails on server side. In my test I have seen than probably all server based conversions are affected. Clients sending MIME message directly do not show this issue. When the server converts a message to MIME JavaScript is generated for collapsible sections (for example when you reply t
6
Change in Apple iOS 10.x (and later) devices prevents full device wipe via Traveler Web & SmartCloud Notes Administration interfaces
Thu, Sep 29th 2016 3:11a   Daniel Nashed
Surprisingly and without any notice that I am aware of Apple has removed the ability to reset iOS devices over ActiveSync. A chance in this area was expected in general because it could be risky to allow an ActiveSync account to wipe a complete device. It's still a surprise that they completely removed the wipe functionality. IMHO the better change would have been to just remove all data that this ActiveSync profile has synced -- similar to the application wipe IBM implemented with Travel
3
Notes and Domino Future
Fri, Sep 23rd 2016 7:49a   Daniel Nashed
There have been a lot of rumors and IBM is not very good in communicating road-maps since a couple of years. I hope we will see a clear statement about future functionality soon. There is already a public statement in the IBM blog that gives some answers and I have been at a couple of events where IBM explained part of the strategy. https://www.ibm.com/blogs/social-business/2016/09/12/ibm-notes-domino-v9-extends-support/ Now that the current strategy is more clear and IBM decided to cont
4
Traveler 9.0.1.14 -- Calendar Issue Tentative Accept
Fri, Sep 23rd 2016 5:03a   Daniel Nashed
One of my customer ran into this issue with 9.0.1.14. When you tentative accept a meeting on your mobile device and accept it completely afterwards that change is not updated on the senders invitation. The tentative accept remains as the status. We have two PMRs and there is a APAR -> LO9030. If you did not update your Traveler Servers yet I would stay on 9.0.1.13 which is the first iOS 10 supported release and wait for the fix. If you already updated to 9.0.1.14 you also have to
7
Setting up the first server and Certifier with 4096 bit keys instead of 1024 bit
Wed, Sep 21st 2016 7:33a   Daniel Nashed
Today at AdminCamp I got the question how to register a first server and the organisational certifier with larger key size. By detault the setup process is still using 1024bit -- I guess for compatibility. There is a notes.ini setting that increases the key length for the organisation, server and first admin.id. SETUP_FIRST_SERVER_PUBLIC_KEY_WIDTH=4096 You have to set this parameters in your first servers notes.ini before you start the server for the first tile to do the server setup.
4
iNotes borken with German locale with 9.0.1 FP7
Thu, Sep 15th 2016 2:46p   Daniel Nashed
Today I got a customer question about iNotes not working for him after updating to FP7. I can reproduce the issue on my Linux machine. Apparently something went wrong with the German locale. Reports show that the English locale should work fine. Also one of my customers forwarded me a IBM L1 support response for a different question which stated that if iNotes does not work with FP7 they should restore the FP6 Forms9.nsf databases. They got that info without any further information. I ha
10
Notes & Domino 9.0.1 FP7 shipped
Wed, Sep 14th 2016 6:07a   Daniel Nashed
Notes and Domino 9.0.1 FP7 has shipped with quite a number of important fixes. - The JVM was updated to the current quarterly release replacing the JVM patches that came out since FP6. - There are stability fixes which include many areas including Compact, Archiving API, iNotes, DXL and also some important security fixes. In one client SPR even ADFS 3.0 is mentioned so maybe we can hope that we get full ADFS 3.0 at some point in one of the next FPs - which is high on my priority list s
4
Traveler 9.0.1.14 shipped with few but important fixes preparing for upcoming 9.0.1 FP7
Wed, Sep 7th 2016 6:01p   Daniel Nashed
The fixlist for 9.0.1.14 is quite short but it fixes a crash situation and issue in the upcoming Domino 9.0.1 FP7 fixpack which is scheduled for this month. APAR # Abstract LO89934 Meeting chair may get multiple response notices from invitee who is using Apple native calendar application. LO90090 Verbose flag missing from HADR command help display. LO90109 Domino API change in 9.0.1 FP7 could cause a server crash on Linux x64 if running IBM Traveler server 9.0.1.13 or earlier release. L
7
Traveler 9.0.1.13 released with some fixes
Thu, Aug 18th 2016 6:12p   Daniel Nashed
There is a new traveler release that just shipped. Some of the issues might affect you. APAR # Abstract LO82881 Domino server may crash if $NTTrack field is corrupted. LO89471 Traveler invitee status may be incorrect if using mixed case internet addresses. LO89606 Number of recipients limited to 100 when sending mail from a mobile device. LO89745 Traveler server enters constrained state when load balancing a large number of users. LO89772 Meeting chair may receive multiple notices
8
Extended Master Secret Extension issue affects all Internet Protocols including STARTTLS
Wed, Jul 27th 2016 8:23a   Daniel Nashed
There is a an issue described in a technote which describes an issue with Win 2008 R2 and LDAP. This issue also occurs for other internet protocols!! It is specially important for servers using STARTTLS because you don't control which version and settings the receiving/sending host is using. So the issue I blogged about today does also affect other protocols. That's why I decided to have two blog posts to ensure it is better found on the web. Hiere is the info from the other blog po
3
Secure LDAP to Active Directory fails with Domino 9.0.1 FP5 IF1 and higher
Wed, Jul 27th 2016 2:21a   Daniel Nashed
Domino 9.0.1 FP5 IF1 adds support for the Extended Master Secret Extension with TLS 1.2. Windows 2008 R2 does only supports TLS 1.0 but still sends the Extended Master Secret Extension in the server helo. Domino fails to connect because once this is offered Domino wants to use it. There is a work-around to disable this new functionality globally on the server via notes.ini SSL_DISABLE_EXTENDED_MASTER_SECRET=1 This is just a work-around and the real fix would be that Microsoft prov
5
IBM Traveler 9.0.12 released including a security fix
Thu, Jul 14th 2016 9:45a   Daniel Nashed
IBM Traveler 9.0.12 shipped with some important changes. The first change is a security fix which is described below. But there is another security fix in the installer on Windows as well and some other fixes that could be affecting you. Upgraded my server already. -- Daniel Security Bulletin: XML External Entities Injection Vulnerability in IBM Traveler (CVE-2016-3039) IBM Traveler is vulnerable to a denial of service caused by an XML External Entity Injection (XXE) error wh
3
IBM Traveler 9.0.1.12 released including a security fix
Thu, Jul 14th 2016 3:45a   Daniel Nashed
IBM Traveler 9.0.1.12 shipped with some important changes. The first change is a security fix which is described below. But there is another security fix in the installer on Windows as well and some other fixes that could be affecting you. Upgraded my server already. -- Daniel Security Bulletin: XML External Entities Injection Vulnerability in IBM Traveler (CVE-2016-3039) IBM Traveler is vulnerable to a denial of service caused by an XML External Entity Injection (XXE) er
6
BM mail support for Microsoft Outlook officially released
Wed, Jun 29th 2016 10:49a   Daniel Nashed
Finally IBM has released IMSMO 2.0. It has been around already under controlled distribution and is finally available for all customers and partners. It enables you to connect a Microsoft Outlook 2013 client to a Domino V9.0.1 Server. The software is an add-on to your Domino server similar to what a Traveler does (in fact they share some code base but they are not the same!). Also the gateway need to resist on the mail-server of the user. We asked to have a way to use a gateway server app
5
Domino Catalog vs Domain Catalog
Sat, Jun 11th 2016 12:50p   Daniel Nashed
I while ago I ran into this and I did analyse how it works in detail. But I never posted this information. Today we ran into this again and I looked for my old documentation. -- Daniel Here is how it is intended to work and how most admins are currently using it. I was very surprised when I figured out how the catalog and domain catalog really work. My impression was always that the catalog.nsf is a replica that is replicated everywhere. But there are two different types of catalogs
4
DE-Mail Mail-Template with Command Line DNS Lookup
Wed, Jun 8th 2016 2:43a   Daniel Nashed
We ran into a limitation with the DE-Mail Template that T-System implemented in their Notes Mail Template. It turned out that they are invoking a cmd.exe because this is the only way to return data directly from nslookup to the application with a redirect on Windows. The function is used to check if the recipient's domain is a DE-Mail domain and queries SRV records defined in RFC RFC 2782 (check https://en.wikipedia.org/wiki/SRV_record for details). SRV Records can not be queried with s
5
43. DNUG 1. + 2. June in Hamburg
Thu, May 26th 2016 4:58a   Daniel Nashed
Hi and good morning! This will be my first blog entry in Germany and it's about German about our German "Notes" User Group "DNUG"... Bei der DNUG hat sich einiges getan in den letzten Monaten! Seitdem die DNUG einen neuen Vorstand hat, werden einige Dinge anders angegangen und auch die Art und Weise, wie die DNUG Konferenz geplant wird, hat sich geändert. Die Geschäfts-Stelle ist jetzt virtuell und auch die Server der DNUG sind entsprechend virtualisiert. Aber auch an anderen S
9
Domino 9.0.1 FP6
Sun, May 22nd 2016 4:55p   Daniel Nashed
Domino 9.0.1 FP6 has been released a while ago. I have installed it and I got positive feedback from customers already. FP6 contains all the fixes from previous IFs and also the updated JVM Java60SR16FP20 which addresses a couple of security fixes. Also the server controller interoperability issue is fixed. But for a client based connection you also need to update your admin client! All the TLS fixes are also included and there is an additional fix for an issue in a TLS handshake. SPR#
8
Domino Federarted Web Login / SAML with F5 and ADFS 3.0
Mon, Apr 25th 2016 12:14p   Daniel Nashed
In the last couple of weeks I spent a lot of time with customer Web Federated Login workshops and implementations. Not sure what happened but suddenly everyone is interested in SAML. It looks like more and more customers are looking into that because they have already implemented SSO for other applications like O365. In one case a customer had an existing F5 configuration. In one other case we had a customer with Windows 2012 R2 and ADFS 3.0. Both configurations are not officially support
7
Server Controller Issue when applying 9.0.1 FP5 IF2
Thu, Mar 31st 2016 9:27a   Daniel Nashed
After applying 9.0.1 FP5 IF2 you cannot connect to the server controller -- again! That's another issue that cannot be fixed allowing MD5 in the java security files. What you need is an updated version of the JVM patch. The new patch has a release data of 25.3.2016 an can be downloaded from Fixcentral. Here is the relevant information from the updated technote referenced in the SPR. SPR RSSNA6UU79 is fixed in version 9.0.1FP5 Interim Fix 2 (IF2) via a server code fix and an updated JV
7
Security Issue - IBM Domino AES GCM weak nonce generation vulnerability
Tue, Mar 29th 2016 6:02a   Daniel Nashed
There is a new vulnerability affecting AES GCM ciphers which have been introduced in 9.01. FP3 (enabled by default). For very large data sets, IBM Domino Web servers using TLS and AES GCM generate a weak nonce which could be potentially used for a man-in-the-middle-attack. All Domino 9 versions supporting those ciphers are affected and there is new IF (9.0.1 FP5 IF2) which addresses this issue. The IBM Domino AES GCM weak nonce generation vulnerability is tracked as SPR #KLYHA6ZP4F. If




Created and Maintained by Yancy Lent - About - Planet Lotus Blog - Advertising - Mobile Edition