202 Lotus blogs updated hourly. Who will post next? Home | Blogs | Search | About 
Latest 7 Posts
Domino 9.0.1 FT Index Hang and potential crash
Sun, Dec 10th 2017 219
End of Service for JVM 1.6
Sat, Nov 25th 2017 4
Traveler Released
Sat, Nov 18th 2017 10
VIEW_REBUILD_DIR changed to /dev/shm/view_rebuild
Tue, Nov 14th 2017 8
Erster DNUG "Domino2025 Jam" Event 23.11.2017
Thu, Nov 9th 2017 7
Domino on Linux Start Script 3.1.3 with changed way to request it
Mon, Oct 30th 2017 4
Great news Notes Domino 10 and beyond
Wed, Oct 25th 2017 6
Top 10
Domino 9.0.1 FT Index Hang and potential crash
Sun, Dec 10th 2017 219
IBM Notes V9.0.1 Mac 64 Bit English (CN6VDEN )
Tue, Sep 29th 2015 24
TLS 1.2 Connection Issues with mail.protection.outlook.COM
Thu, Jan 7th 2016 17
Known issues with Domino 9.0.1 FP9
Wed, Sep 27th 2017 16
Symantec Backup Exec End of Life
Sat, Dec 5th 2015 15
Domino Federarted Web Login / SAML with F5 and ADFS 3.0
Mon, Apr 25th 2016 15
Notes Client/Windows Crash with Windows 10 Creators update
Thu, Jun 1st 2017 15
Passing a document to an agent without saving it first
Sun, Apr 6th 2014 14
Details about JVM 1.8 Update in Notes/Domino 9.0.1 FP8
Sun, Feb 5th 2017 13
Domino 9.0.1 FP9 SMTP Issue
Wed, Aug 30th 2017 13

Daniel Nashed
Blog Title Daniel Nashed’s Blog
Blog Description Domino on Linux/Unix, Troubleshooting, Best Practices, Tips and more ...
Blog URL http://blog.nashcom.de
RSS Feed http://blog.nashcom.de/nashcomblog.nsf/feed.rss
Validate Feed feedvalidator.org or validator.w3.org
Feed Last Checked Dec 10, 2017 5:50:43 AM EST. Realtime Update:
Location Germany

Recent Blog Posts
Domino 9.0.1 FT Index Hang and potential crash
Sun, Dec 10th 2017 5:08a   Daniel Nashed
We ran into a hang situation multiple times during FT indexing. It turned out that this is a regression introduced in FP9 due to changes in the FT index area. In certain situations the FTIndex update does hang getting document data and will cause one CPU core to be maxed out for this thread. The description of the SPR says it is a "spike" but it more looks like the thread permanently uses CPU. This can happen with updall, DBMT and also other tasks updating the FT index. The process can
End of Service for JVM 1.6
Sat, Nov 25th 2017 3:34p   Daniel Nashed
IBM uses the Oracle JVM as their base for their IBM JVM platform which is used in IBM products like Notes, Domin and Traveler. JVM 6.0 has been around for almost 10 years and is now discontinued since Sep 2017. Oracle discontinued their support for JVM 1.6 so IBM cannot support JVM 1.6 on their side. That also means for IBM platforms that there is no patch support for JVM 1.6! For Notes and Domino means you have to update to 9.0.1 FP8/FP10 for JVM 1.8 and hopefully FP10 will bring com
Traveler Released
Sat, Nov 18th 2017 3:44p   Daniel Nashed
Traveler has been released and I installed it already. As usual, if you are not waiting for an urgent open issue that is listed in the fix list, it might make sense to wait before installing a new version in production asap. I have installed it already befor the weekend and it looks good for my small environment. Beside the fixes listed below there is a new feature: Support for invitee availability search from Calendar on Exchange ActiveSync clients. Still trying to test it. N
VIEW_REBUILD_DIR changed to /dev/shm/view_rebuild
Tue, Nov 14th 2017 2:35p   Daniel Nashed
We just discovered an interesting configuration issue, which generates quite some logging and is a bit annoying. When you specify the view_rebuild_dir without the trailing slash / back-slash, the server will internally append the slash. But if you configured the view_rebuild_dir in the config document without the (back) slash the server will tell you every couple of minutes that the server changed the setting. This happens why the internal path is always stored with the trailing (back) sl
Erster DNUG "Domino2025 Jam" Event 23.11.2017
Thu, Nov 9th 2017 1:44p   Daniel Nashed
Nach den Ankündigungen zu Domino 10, der IBM & HCL Kooperation und Domino 2025 haben wir die Agenda für den DNUG Domino Day am 23.11.2017 in Düsseldorf umgestellt. Teil des Domino Days wird der erste deutsche "Domino 2025 Jam" Event sein. Neben dem Uffe Sorensen wir auch ein Kollege von HCL mit dabei sein. Es wird im Vortrag von Uffe u.A. um die aktuellen Informationen zur Kooperation gehen. Ihr könnt alle eure Fragen mitbringen und im "Jam" Teil geht es dann um Feedback fü
Domino on Linux Start Script 3.1.3 with changed way to request it
Mon, Oct 30th 2017 5:43a   Daniel Nashed
Just updated the start script to a new version with some minor changes. There was one issue with systemd on shutdown and I made a change in the way config files are used. Most of the new features are coming in either thru projects or when I want something for my own environment. I don't get much feedback or feature requests beside that. One change triggered by a project was how config files apply. We wanted to use the same configuration for all servers. But we wanted special settings f
Great news Notes Domino 10 and beyond
Wed, Oct 25th 2017 9:03p   Daniel Nashed
We got great news today. There will be a Notes & Domino 10 in 2018. And IBM also announced that with joined efforts with HCL Technologies they are working on a strategy for #Domino2025. This isn't a new partnership. IBM and HCL are already working together for Tivoli and Rational software. But is was still a big surprise today. Notes and Domino 9.0.1 FP10 is committed for 2017 and I am looking forward to hear more about the Notes & Domino Strategy planned for 2018 with Notes and D
Correctly Stopping a Traveler Server
Tue, Oct 24th 2017 2:02p   Daniel Nashed
This is not new but I ran into this a couple of times on customer site. Specially on a Traveler HA server this becomes important. Shutting down the Traveler servertask when the Domino server/service is stopped might lead to hang situations of the HTTP task. The better way would be to shutdown the Traveler servertask first. But even that might lead to undesired results. There is a special Traveler shutdown command "tell traveler shutdown" that can be used to let Traveler finish it's wor
Notes Client 9.0.1 FP9 F1 released
Sat, Oct 14th 2017 5:31p   Daniel Nashed
There is also a client IF1 for 9.0.1 FP9 which fixes one part of the issue that I reported. Depending on your configuration MIME messages sent did show up with different fonts on Notes clients. It happened in edit mode or when the embedded MIME browser was disabled. What has been fixed is that the IF1 client shows correct fronts. But earlier clients still shows different fonts (for example if you send a mail with sans serif it will show up in serif). I don't know if that can be fixed at
Domino 9.0.1 FP 9 IF2 available with important fixes
Fri, Oct 13th 2017 9:09a   Daniel Nashed
Two of the issues fixed in IF2 have been discussed before in my blog. But there are also two other critical issues fixed. Some of my customers reported DBMT and updall hangs which have been fixed with TDOOAREP8W. And the Private on first use folder issue also has been reported before. If you have installed 9.0.1 FP 9 you should update to IF2! -- Daniel JPAIAQ5SKW PANIC: DbMarkCorrupt! (d:notefileadmin4.nsf Dbiid: 0x3D91E116 0x3C07FE17) JVEKAQSGCC S
IBM Champion Program Nominations are open
Tue, Oct 10th 2017 6:05p   Daniel Nashed
The IBM champion nominations have just started today. You can nominate your favorite persons in the community to appreciate what they are doing for the community (--> https://developer.ibm.com/dwblog/2017/ibm-champion-program-nominations/) Libby just expressed it in short words what a champion makes stand out. Let me quote instead of just passing a link! -- Daniel "You may know an IBM Champion if… The best way to understand the IBM Champions program is to know an IBM Champion. D
Installing C-API Applications on Linux
Wed, Oct 4th 2017 11:51a   Daniel Nashed
When installing binaries on Linux you have to be aware of the directory structure for the files installed in the opt directory. For installing a servertask the recommended way is to copy it to the Domino binary directory and create a start link. For myself I created a script that handles installation of servertasks and extension managers because I don't want to do those steps manually and my script comes with a wrapper script that benefits of sudo when installing binaries on my developmen
Known issues with Domino 9.0.1 FP9
Wed, Sep 27th 2017 3:38a   Daniel Nashed
A couple of customers and partners asked me about current known issues with FP9 in my blog and offline. Beside the issue with the garbage chars fixed in IF1 there are 3 other issues that could prevent you from upgrading to FP9. There is an issue with private on first use views and folders on the server side which prevents those views and folders to be created. IBM has a hotfix for this as Sascha already reported in my blog comments. SPR# JVEKAQSGCC / LO92948: SHARED, PRIVATE ON FIRST USE
Fix Available: SMTP regression issue in Domino 9.0.1 FP9 can cause malformed headers
Fri, Sep 15th 2017 11:43p   Daniel Nashed
Finally we got IF1 for 9.0.1 FP9 for the issue I reported in an earlier blog post . The regression was introduced by a fix that IBM has removed in IF1 (and I got a hotfix earlier as mentioned in an earlier blog post). The root cause is an issue with malformed headers -- specially the from header that are generated at message itemization. Depending on your configuration this causes garbage chars in your headers. In any case some functionality like SMTPVerifyAuthenticatedSender=1 or capt
Domino Performance issue on some Linux Versions
Thu, Sep 14th 2017 10:13a   Daniel Nashed
When working on a larger Domino migration and consolidation project I ran into an new Linux specific performance issues that might hit some of you depending on your Linux version. I have tested with current RHEL 7 servers which are not affected. But on customer site we are using the latest patch level of RHEL 6.9 and I have also seen it with SLES 11 SP2/3. I did not yet test with SLES 12 (maybe someone volunteers to do some testing). There has been an issue in the 8.5.3 code stream which ha
How to resolve synchronization issues that start after upgrading to IBM Traveler (or higher)
Sat, Sep 9th 2017 9:21a   Daniel Nashed
If you are running on Traveler and higher you should read the following support flash technote in detail. http://www.ibm.com/support/docview.wss?uid=swg22005703 You must read this technote if you are running on and higher. And with this new information it makes a lot of sense to move to this new version soon. As mentioned before, IBM changed the default security mode for Traveler. Traveler uses a run as user feature to ensure that all functionality is invoked in th
Traveler with important fixes
Fri, Sep 8th 2017 7:15a   Daniel Nashed
We have been waiting for Traveler for some important fixes and also updates SQL server support and push certificate update: Support for MS SQL Server 2016 Enterprise Edition. Updated APNS Certificates with expiration 8/1/2018. Improvements for the Run as User Feature. But the most important changes are for the "Run as User" Feature which has been introduced in Some of my customers and issues with Traveler profiles which could not be read correctly in some cases.
SSLV3 disabled by default since 9.0.1 FP9
Tue, Sep 5th 2017 2:18p   Daniel Nashed
This change has been discussed a while ago. Now it was finally time to disable default SSLv3 in Domino. The SPR did not make it into the fixlist. Thanks Thibaud Maes for your mail! The change addressed by SPR # DKENAKNSEG will affect all connection types that utilise the native Domino security stack such as HTTPS and secure DIIOP. If you still need SSLv3 you need this new notes.ini parameter ENABLE_SSLV3=1 There are not many applications left that need SSLV3 ... Daniel
Domino 9.0.1 FP9 SMTP Issue
Wed, Aug 30th 2017 9:15p   Daniel Nashed
Last Friday a friend contacted me about a SMTP issue. I was able to reproduce the root cause of the issue but the emails I receive still look OK. So it depends on your STMP configuration how much impact this issue has in your infrastructure with FP9. In my environment I see in my SpamGeek log database that sender and recipient information contains some garbage chars at the beginning of the string. This can cause that the header information might get corrupted. We don't know exactly how thi
midpoints Let’s Encrypt for Domino (LE4D)
Mon, Aug 28th 2017 3:44a   Daniel Nashed
As posted before I am running my server with Let's Encrypt certificates. The first available client choices for requesting certificates (ACME clients) did not make me happy because I had to install Python just for that. Meanwhile there are multiple tools available including simple shell scripts and also a Java implementation. For Linux running "getssl" script (https://github.com/srvrco/getssl) with a small script to automate the process works quite well. But it is still completely serve
Notes/Domino 9.0.1 Feature Pack 9 shipped
Sun, Aug 20th 2017 9:39p   Daniel Nashed
Notes and Domino 9.0.1 Feature Pack 9 is available. The client side and server-side introduces fixes and also new features. The official "flixlist" can be found here --> http://www.lotus.com/ldd/fixlist.nsf/0/12d957b7c277fc728525816300434c53 Here are the highlights and some important comments. JVM Update in Notes Client & Domino Server The security fixed version introduced with a JVM patch for FP8 is included in FP9: Notes/Domino - Java 1.8 SR4 FP5 But this is sti
Blog Certificate updated and Let’s Encrypt Update
Tue, Aug 8th 2017 9:30a   Daniel Nashed
My certificate expired after 90 days because I did not track it. And the Let's Encrypt original client configuration did not work any more when I was looking into renewal today. The client was Python based and there is a newer client --> https://certbot.eff.org/ which is officially recommended by Let's Encrypt. It's still complicated to use and you need to have Python installed. But since I first implemented it there are many other ACME clients that properly integrate with Let's Encr
SLES 12 SP2 Issues with Domino running with Systemd
Mon, Jul 24th 2017 10:01a   Daniel Nashed
There is a new feature introduced in SLES 12 SP2 which could lead to issues with larger Domino or Traveler servers. The default nproc size is still set to 7400. So in most cases this tunable does still not need to be set in your Domino service file. But there is a new security feature introduced in SLES 12 SP2 which will cause processes fail to start or not able to span more threads. The error you might see is the following: Jul 20 11:02:41 dom-srv kernel: cgroup: fork rejected by pi
Microsoft fixes Notes Client Windows 10 Creators Crash
Wed, Jun 28th 2017 8:16p   Daniel Nashed
Today I got feedback from IBM that the fix that Microsoft releases does solve the blue screen issue with Notes and the customized home page issue. There have been multiple situations in which the client crashed or caused a blue screen because of some Windows UI calls in Notes after the Windows creators update. I am interested to get feedback if the fix does solve all your Notes Client on Windows creators update. Here is a link for the update: https://support.microsoft.com/en-in/help/
Traveler with new Security Mode for Mail-File Access
Thu, Jun 22nd 2017 9:07a   Daniel Nashed
Traveler comes with a couple of minor fixes and a big change in the way Traveler Server access mail-databases. In IBM introduced a new check if the Traveler server is listed in Trusted Servers (Server Security Tab) to show a warning if not. Now we know what IBM was preparing for. The server now acts as the user instead of the server. That's only possible if listed in Trusted Servers. You still need the Traveler server to be listed in the ACL of the mail databases. Trus
Notes Client/Windows Crash with Windows 10 Creators update
Thu, Jun 1st 2017 12:00p   Daniel Nashed
Just got that question today at DNUG. There is an issue with the Notes Client with the current Windows 10 Update - aka Creators Update (Build 1703). According to the responsible person who is at DNUG today, this happens because of changed Windows graphics APIs. IBM is working on a fix which will be available in FP9. FP9 will also have full High Resolution support! We saw a demo with FP9 which really looked great! Here are the two relevant SPRs: SPR LHEYALMCEP : Domino Designer cra
Security Bulletin: IBM Domino TLS server Diffie-Hellman key validation vulnerability (CVE-2016-6087)
Thu, Jun 1st 2017 6:27a   Daniel Nashed
There is a vulnerability in the TLS stack which could lead an exploit which could lead a less secure connection. The good news is that the fix is already included in FP8. So you should upgrade to 9.0.1 FP8 if you have a public facing Domino Server with HTTPS. See the details and reference below. -- Daniel A vulnerability in the IBM Domino TLS server's Diffie-Hellman parameter validation could potentially be exploited in a small subgroup attack which could result in a less secure conne
Important Security Fix for IMAP
Sat, Apr 22nd 2017 9:13a   Daniel Nashed
In case you are running IMAP on a server that is reachable over the internet you should look into this fix ASAP. It might not be that critical for internal services. See details about this vulnerability here --> http://www.ibm.com/support/docview.wss?uid=swg22002280 All versions of Domino are affected!
NIFNSF Supported Maximum Size above 64 GB!
Fri, Apr 21st 2017 9:02p   Daniel Nashed
After getting that question offline and having a discussion on my blog, I checked with IBM if they plan support NIFNSF sizes above 64 GB. Since it is kind of a database container and needs a database handle someone could think that the maximum limit is also 64 GB. That would give us at least 64 GB room for the NIF index -- which would be already a big improvement. But from what I recall from some comments at Connect some years ago the maximum limit was not around 64 GB when they designed it
Disclaimer Attachment Issue not yet fixed in IF1
Fri, Apr 14th 2017 6:28p   Daniel Nashed
As Rob Kirkland commented in one of my last blog posted, the fix in IF1 does not solve the iusse. We both checked with IBM and got the reply that the SPR just changes back the default and disables the change introduced in FP8 for Google calender integration. IBM is working on a fix hopefully makes it into FP9. So for now you should keep the notes.ini Parameter MIMEDisclaimersNoEncode=0 disabled. Thanks to Rob to bring this up! -- Daniel TPONAKFJLP After upgrade to FP8, with
Get Notes FP Version in @Formulas
Wed, Apr 12th 2017 6:19a   Daniel Nashed
In C-API and Lotus Script, Java developers the version information already shown for each FP. For example Lotus Script returns the full version string with session.NotesVersion. But if you want to check the version information in @Formulas @Version will still return 405. There is a new optional parameter which returns the Feature Pack version. So you use @Version to check the version and if it is 405 you check @Version(1) which will return 8 for Feature Pack 8. It is used in the new ma
Notes/Domino 9.0.1 FP8 IF1 released
Tue, Apr 11th 2017 5:06a   Daniel Nashed
Notes and Domino 9.0.1 FP8 IF1 has been shipped and there is also a separate fix for iNotes. All those IFs have the same version number but contain different SPRs! The most important IF is for the Domino Server. It fixes the disclaimer issue I reported before. And also the performance fix for the new feature NIFNSF which was introduced in in FP8. Be aware that NIFNSF is a server feature and not a client feature. It requires translog enabled on your server! Translog is not officially
Current Information about NIFNSF
Fri, Mar 31st 2017 10:42p   Daniel Nashed
Domino 9.0.1 Feature Pack 8 introduced "NIFNSF" which allows to separate the view/folder index into a separate file. Let me try to summarized my current experience from my tests and from the field. There are multiple benefits moving the index to a separate file. 1. Backup Storage Reduction First of all having the index in a separate file reduces the amount of data that you need to backup. For mail databases the index is around 10%. If you have DAOS enabled from the remaining dat
CREATE_R9_LOG is not a valid notes.ini parameter and does not exist!
Fri, Mar 24th 2017 8:29p   Daniel Nashed
After hearing this question twice a week I think it is time for a blog entry. There is a notes.ini parameter for the different ODS formats in different releases. The latest one you should use is Create_R9_Databases=1 to create databases with ODS 52. ODS 52 is needed for local databases which are encrypted (there was an underlying ODS issue that has been addressed in ODS 52). Also for hew new LargeSummary (16MB instead of 32KB per document) you need to be on ODS 52. But there is no ne
Traveler Relased with important bug fixes
Fri, Mar 24th 2017 8:12p   Daniel Nashed
As posted before Traveler had one issue that needed urgent attention. Push was not working when the mail-server had a short downtime. If you are on that release you should update asap. There are a couple of other fixes along with that ARPA included in Just back from a couple of days of travel and installed it this morning. Looks good so far. APAR # Abstract LO90889 Invitee status not correct on mobile device if the invitee response is received in a non-syncing
D9.0.1 FP8 Attachment Corruption Issue with Disclaimers
Tue, Mar 21st 2017 3:27p   Daniel Nashed
There is an issue that has been reported about FP8. When using disclaimers attachments might be corrupted. IBM released a technote with details and is working on a fix. Feature Pack 8 contains an enhancement/fix to correctly send Google Calendar files. The fix is enabled by default and causes this corruption. You can still deploy FP8 and disable the feature/fix temporary via Notes.ini MIMEDisclaimersNoEncode=0 on your SMTP outbound server. See this SPR #TPONAKFJLP / APAR #LO91828 fo
Traveler on Domino 9.0.1 FP8
Tue, Mar 7th 2017 9:51p   Daniel Nashed
Domino 9.0.1 Feature Pack 8 has just shipped. If you are intending to update your Traveler Server to Domino FP8 you should be aware that you need at least Traveler (which currently has an issue reconnecting to a mail-server if it wasn't reachable --> see previous blog posts). If you still intend to update your server there are some important requirements. FP8 comes with Java 1.8 and Traveler is using that JVM. So it some changes are needed in the Traveler code to support the
Notes and Domino 9.0.1 Feature Pack 8 shipped
Tue, Mar 7th 2017 6:43p   Daniel Nashed
Feature Pack 8 has shipped today including new templates. The new version comes with updated documentation for the Client, the Server and also for the Designer. For ADFS 3.0 there is brand new documentation that is not just in simple "cookbook" style. We had the opportinity to give feedback before it was released. Here is the main entries for the documentation. Beside Java 1.8 support, NIFNSF and large summary support there are a couple of other new stuff. XPages was not mention
Travele 9.0.16 released with re-connect issue
Sun, Mar 5th 2017 2:26p   Daniel Nashed
Traveler 9.0.16 has been released a while go with an issue that might impact you if you need to restart your mail servers. There is an APAR and there is already a hotfix available if you are already on that release. If you are not on this release yet, you should wait for a new version! There is also a work-around if you are on that release -- see below. 9.0.16 itself comes with a couple of bugfixes and preparation for Domino 9.0.1 FP8 which will introduce JVM 1.8. You will need to upgra
Travele released with re-connect issue
Sun, Mar 5th 2017 2:26p   Daniel Nashed
Traveler has been released a while go with an issue that might impact you if you need to restart your mail servers. There is an APAR and there is already a hotfix available if you are already on that release. If you are not on this release yet, you should wait for a new version! There is also a work-around if you are on that release -- see below. itself comes with a couple of bugfixes and preparation for Domino 9.0.1 FP8 which will introduce JVM 1.8. You will need
Details about JVM 1.8 Update in Notes/Domino 9.0.1 FP8
Sun, Feb 5th 2017 10:30p   Daniel Nashed
After my post I got a couple of offline and online questions about details for JVM 1.8 in the Notes Client. The release notes will be update but here is the comment from Scott in case you missed it in the comments. Thanks Scott for this detailed additonal information!!! Java Upgrade to 1.8. The Java run time environment provided with Domino has been upgraded to Java JRE version 1.8 to provide you with access to the latest features. - This is actually both Notes & Domino.
IBM Notes/Domino 9.0.1 Feature Pack 8 Preliminary Release Notice
Fri, Jan 27th 2017 3:57p   Daniel Nashed
Today IBM released the first official information about Feature Pack 8 for Notes and Domino 9.0.1 The Preliminary Release Notice provides detailed information about the first feature pack which is currently listed with status "gold candidate". http://www.lotus.com/ldd/fixlist.nsf/8d1c0550e6242b69852570c900549a74/26aa7417bb60f7df852580b40072af2d Here are the release notes, with some comments from my side. (comments in blue). Things to Note: NBP replaced with ICAA - There is no N

Created and Maintained by Yancy Lent - About - Planet Lotus Blog - Advertising - Mobile Edition