266 Lotus blogs updated hourly. Who will post next? Home | Blogs | Search | About 
 
Latest 7 Posts
SOLUTION - Domino Directory Assistance to Active Directory when using SSL DOES NOT break with 9.0.1 FP4
Thu, Jul 16th 2015 45
Domino Directory Assistance to Active Directory when using SSL breaks with 9.0.1 FP4
Wed, Jul 15th 2015 36
Do IBM test any of their stuff anymore? IBM Mobile Connect installation woes
Wed, Jul 8th 2015 25
MWLUG is less than 8 weeks away, your chance to see two of the best IBM presenters on the planet (and maybe a TWiL)
Mon, Jun 29th 2015 20
I don’t use LastPass, I use the open source KeePass for password creation and management
Wed, Jun 17th 2015 19
Good news - Domino (at least 9.0.1) does not seem to be affected by the LogJam TLS vuln
Wed, May 20th 2015 17
MWLUG rolls into the ATL - August 19-21 2015
Thu, May 7th 2015 15
Top 10
SOLUTION - Domino Directory Assistance to Active Directory when using SSL DOES NOT break with 9.0.1 FP4
Thu, Jul 16th 2015 45
Domino Directory Assistance to Active Directory when using SSL breaks with 9.0.1 FP4
Wed, Jul 15th 2015 36
Do IBM test any of their stuff anymore? IBM Mobile Connect installation woes
Wed, Jul 8th 2015 25
How to disable SSLv3 in Domino
Fri, Dec 12th 2014 23
MWLUG is less than 8 weeks away, your chance to see two of the best IBM presenters on the planet (and maybe a TWiL)
Mon, Jun 29th 2015 20
I don’t use LastPass, I use the open source KeePass for password creation and management
Wed, Jun 17th 2015 19
So Domino and SHA2.....There’s a SPR for that
Wed, Aug 20th 2014 17
Good news - Domino (at least 9.0.1) does not seem to be affected by the LogJam TLS vuln
Wed, May 20th 2015 17
TLS 1.2 in Domino and the settings I use
Mon, Apr 6th 2015 16
Back to basics - how to DAOS enable (missed?) non-DAOS’d Domino mail files the easy way
Mon, Nov 3rd 2014 15




Recent Blog Posts
45
SOLUTION - Domino Directory Assistance to Active Directory when using SSL DOES NOT break with 9.0.1 FP4
Thu, Jul 16th 2015 7:33a   Darren Duke
In my last post I made a mistake. I made the mistake of believing that R9 changed something for the better that it apparently does not, and that when the product gets updated. so do the tools. My bad. Basically I'm moron. First the good news, Domino 9.0.1 FP4 does work with Active Directory 2012 with TLS1.2. Woohoo. I was under the impression that you could now cross certify an internet certificate into the Domino Directory and it would now be trusted. I could have sworn I read this some
36
Domino Directory Assistance to Active Directory when using SSL breaks with 9.0.1 FP4
Wed, Jul 15th 2015 8:07a   Darren Duke
DA and AD's....how could this not get confusing? Over the past few days I've been working to figure out why 9.0.1 FP4 can no longer connect to Active Directory when using a SSL connection for the LDAP connection from Domino. Specifically this is AD 2012 but I would guess the same issues hit 2012 R2. Not sure about 2008. Like this: Anyway, what worked in 9.0.1 FP3 no longer worked after an upgrade to 9.0.1 FP4. After much testing it appears that Windows 2012 servers really doesn't li
25
Do IBM test any of their stuff anymore? IBM Mobile Connect installation woes
Wed, Jul 8th 2015 8:26a   Darren Duke
IBM apparently have unlimited budget for renaming, re-branding products and acquiring analytics cloud companies, but as we all know if you put in a PMR and it gets routed to the Philippines then you basically give up They no longer value support. Now it seems as if basic testing has gone the way of Filipino support. While there have been some epic FUBAR's by IBM of late (renaming the Android Traveler app to Verse for example) this is a more basic problem. Installing their software. Now, I
20
MWLUG is less than 8 weeks away, your chance to see two of the best IBM presenters on the planet (and maybe a TWiL)
Mon, Jun 29th 2015 12:42p   Darren Duke
That's right, it's only eight weeks away. And it's in Atlanta, so it'll be very, very easy to get to. Not only do you get over 50 sessions for $50 (yeah, $50....not. a. typo) but you will get to see, in person, two of the best presenters IBM have (not to mention an OGS guest speaker who I can't name right now, but who knock your socks off). Richard has already mentioned he OGS IBM speakers, we've all seen Kramer (not to disrespect Kramer though), but the one of the two speakers I'm ex
19
I don’t use LastPass, I use the open source KeePass for password creation and management
Wed, Jun 17th 2015 9:08a   Darren Duke
I'd forgot about the LastPass hack until I read Mitch's post this morning. I also had this appear in my Twitter stream the other day: LastPass just got hacked, so it's time to change your password: http://t.co/w5uz4TCR24 pic.twitter.com/wZ8uFKQMtn— Mashable (@mashable) June 16, 2015 I didn't give it much though. I use a password manager but it ain't the famous ones. I don't like the idea of someone else storing my list of God-like credentials. OK, I use two services
17
Good news - Domino (at least 9.0.1) does not seem to be affected by the LogJam TLS vuln
Wed, May 20th 2015 2:23p   Darren Duke
Another week, another SSL/TLS security vulnerability. This one is termed Logjam (read about it here http://www.theregister.co.uk/2015/05/20/logjam_johns_hopkins_cryptoboffin_ids_next_branded_bug). Luckily a site has already been created to test your web servers, it is available at https://weakdh.org/sysadmin.html. A quick test of a Domino 9.0.1 server with the latest IF and the perfect forward secrecy server-side notes.ini settings enabled (see this previous blog post for those settings) y
15
MWLUG rolls into the ATL - August 19-21 2015
Thu, May 7th 2015 11:26a   Darren Duke
I swear I voted for somewhere other than Atlanta.....no, really I did. Anyway, even thought it is technically called the Midwest User Group anyone can (and should) attend. So if you are in the Southeast you have no rational reason to not attend. If you use any of the IBM collaboration technologies this a conference you should have on your schedule. "But Darren, I can't get $1,500 approved to attend a conference". That's fine. It's only $50. Yes Fifty. I didn't miss off a zero. So now
12
Do you subscribe to the IBM daily product update newletter? Part deux - or why renaming your products sucks
Fri, Apr 10th 2015 11:00a   Darren Duke
A few years ago I wrote about how to subscribe to the daily IBM product update newsletter. A few days ago some one asks me if I still used this service. I thought I did, but on recollection I hadn't gotten an email from them in ages (or "yonks" for a more technical definition). At first I thought it was getting stuck in spam.....nope. Hummm. OK Let me log in a see.... I had no subscriptions listed. None. Nada. Ziltch. WTF? So I started adding in my subscriptions again and realized that
16
TLS 1.2 in Domino and the settings I use
Mon, Apr 6th 2015 8:20a   Darren Duke
Unless you have been living under a rock somewhere you no doubt know that IBM finally gave use TLS 1.2 for IBM Domino servers. This means that Domino servers can now use SSLv3, TLS 1.0 and TLS 1.2. But it's IT, so just because you can does not mean you should......for example I would suggest most servers (I'll get the outliers further down the page) would probably want SSLv3 disabled. If you have been under a rock, then you need Domino 9.0.1 FP3 IF2 to get this new goodness. Now this fix is
13
Domino and SSL ciphers. The server document may not be doing what we expect it to do
Tue, Feb 3rd 2015 8:52a   Darren Duke
While sat in Daniel Nashed and David Kern's excellent Domino Security session at Connect, there was a comment and slide that made me tweet this: Domino SSL ciphers set in the Domino Server document are ONLY applicable to HTTP. Not SMTP, LDAP, et al.... Doh. You can set with note.ini— Darren Duke (@darrenduke) January 27, 2015 Now, I'm back in the office it's time to address this. So based on that session it seems as if LDAP, SMTP, DIIOP, POP3 and IMAP (and Remote debug monit




Created and Maintained by Yancy Lent - About - Planet Lotus Blog - Advertising - Mobile Edition