Domino 9.0.1 FP9/FP10 installer and issue with “new” Perl

On 17.09.2018 By tixomirIn IBM Domino, Show and tell2 Comments

Just run to stupid issue…

Good old FP installer for Domino on x86 Linux fails just after “Installer is initializing. It may take a few minutes, please, wait.” message.

Luckily, there is nuish.err file with enough data to look for solution.

linux-gtrt:/install/fp9/linux64/domino # cat nuish.err
Can't use 'defined(@array)' (Maybe you should just omit the defined()?) at /install/fp9/linux64/domino/tools/lib/NIC.pm line 80.
Compilation failed in require at /install/fp9/linux64/domino/tools/lib/CdPath.pl line 80.

Quick search on the Internet shows that in new versions of Perl (my home box has perl 5, version 26, subversion 1 (v5.26.1)) don’t like defined(@array).

Solution was quick hack. Just remove deprecated call in referenced file (CdPath.pl @ line 80) and installer went trough 😎

Looks like some thing that will be met in future at all *NIX environments…

Time to contact HCL guys 😉

Feel free to comment if you have details or some better solution.

Trigger Happy and power of community

On 14.06.2018 By tixomirIn IBM Domino, Show and tellLeave a comment

At some project we are working right now, we run to something that looked like show stopper, no real technical help from developer, no log messages and files… and I remembered that it might be possible to answer to requirements with Trigger Happy opensource project now maintained by Ulrich Krause.

Quick test in one old setup and look to latest version were disappointment, it was not possible to monitor ACL changes.

I made feature request, 2 days ago, and in less than 24 hours, Ulrich published new version, with new feature 🙂

Quick debug later + new release today and Trigger Happy now can monitor ACL of one or all Domino applications on server!

Once again, Lotus/Notes/Domino/ICS/YellowBleeding community proved how great it is 💛

P.S: we somehow made initial project to work, but now everybody has great solution for IBM Domino database Content, Design and ACL monitoring 🙂

Misty morning and accidental find – Domino+AD SSO in Chrome

On 20.02.2018 By tixomirIn UncategorizedLeave a comment

Just run to something that didn’t know…. Good old Kerberos SSO for Domino http/web works with Google Chrome

Old IBM documentation is mentioning only Internet Explorer and Mozilla Firefox, but , Chrome for some time now can login with NTLM/Kerberos, but in the beginning using it required some command line parameters (or check out this).

Thing that looks new is that those command line parameter are not needed anymore. Properly set Internet Explorer (Internet Options – Windows) is enough for SSO to work. To quote site I already linked:

Note: The latest version of Chrome uses existing Internet Explorer settings. Older version of Chrome require additional configurations (see below).

I made test with Chrome v63 and v64. Looks good 🙂

Let’s Encrypt 4 Domino and one tip :)

On 19.01.201819.01.2018 By tixomirIn UncategorizedLeave a comment

Since August of 2017, great guys from midpoints GmbH provide simple solution to (automatically) get valid and modern SSL/TLS certificates from Let’s Encrypt project to your Domino server…

Fill in request form on their site, get your copy of Domino Application, read First Steps PDF that you’ll get with template and live happily ever after 😎

Tip 1:

In latest setup, I run to one issue, that is often met by LE users (regardless which web server do they use) is that web server has to be reachable from Internet to TCP port 80. It’s not so unusual to have this port cut on firewall and you might have to work with your network team to solve this.

This issue is not so obvious in server logs, you’ll get error message like this one:

HTTP JVM: org.shredzone.acme4j.exception.AcmeException: Failed to pass the challenge for domain mail.domain.tld, ... Giving up.

acme4j error (library that is used internally in LE4D) can be traced to docs and/or code.

Domino JVM8 and MS SQL

On 15.01.2018 By tixomirIn IBM DominoLeave a comment

Since Domino 9.0.1FP8, JVM8 is engine that runs Domino and you should know few things about it regardless if you develop or administer Domino apps.

First of all, change is big, but compatibility for previous code is there, as expected and most of things should work without changes. For all our applications (dozens of them), upgrade was simple and straight forward as it is for almost 30 years 😎

One of few thing that was “issue” is (as expected) list of security improvements that affect integration. “Issue” is in quotes, since technology progress and security improvements are basic components of IT.

If you use JDBC to communicate with MS SQL, and everything was working fine with JVM6, that could easily be just happy circumstance that both SQL and JVM are using log ago insecure protocols… If you don’t have option to fix MS SQL side of integration (that should be real solution), it is possible to configure JVM to use security options that are not default…

Java settings are in java.security file (<Domino Program Dir>/jvm/lib/security/java.security) and issue that hit few times was need to enable legacy protocols, like described in Microsoft’s Option-3

Take some time, review java.security, you’ll need it sooner or later 😎

P.S: Check out this stackoverflow question for example of this issue and some more details.

KYWS – Know your web server ;)

On 29.12.2017 By tixomirIn UncategorizedLeave a comment

Domino HTTP is probably your default front to customers, it’s good to know what are you doing with it 🙂

Just a short reminder, we have few commands you can tell to http:

tell

And, if you want to really, really restart task use restart task http. Only this option will restart process on OS level, break outgoing TCP connections, release all memory, etc.

If you just want to reconfigure web server (eg. you added new Site document, Rule, Headers) – you are fine with tell http refresh, it’s faster, and it keeps users online.

Most of time, most of admins are just using tell http restart, but also, most of time, it’s not best option and/or solution.

IBM Verse, accidental find of features

On 11.12.201711.12.2017 By tixomirIn UncategorizedLeave a comment

If you open IBM Verse about screen and double click on build number, some options appear. I haven’t seen info about this until now…

It’s nice to have filters in same way as Verse for iOS devices has it 👷🏻

Edit: just remembered that I’m beta tester 😎

FP9, interesting stuff

On 18.09.201719.09.2017 By tixomirIn UncategorizedLeave a comment

First of all, just to point out again, FP is Feature Pack, not Fix Pack, a lot of new things and stuff is inside.

Right new, we are preparing to roll update ASAP, to get JVM8 in production to get ourselves ready for FP10 and update on IBM Designer side.

This is stuff we run into so far:

SMTP issue is a bit specific, but that is stuff that you don’t want to get to debug… As always, thanks goes to Daniel for pointing this to community, also, get IF1
JVM upgrade (form 6 to 8) leads to change/upgrade of JDBC drivers, eg. MS SQL ; upgrade this also

JVM change changed java.policy, …/lib/ext/*, etc… but we already know that, but this time java.security change is big change (as JVM 6 to 8 is), and for example, you might find yourself with JVM dropping connections to some old MS SQL server… something like this:

com.microsoft.sqlserver.jdbc.SQLServerException: The driver could not establish a secure connection to SQL Server by using Secure Sockets Layer (SSL) encryption. Error: "SQL Server did not return a response. The connection has been closed.".

18.09.2017 11:24:35 Agent error: ??? 18, 2017 11:24:34 AM com.microsoft.sqlserver.jdbc.TDSChannel enableSSL
INFO: java.security path: C:\IBM\Lotus\Domino\jvm\lib\security
Security providers: [IBMJSSE2 version 1.8, IBMJCE version 1.8, IBMJGSSProvider version 8.0, IBMCertPath version 1.8, IBMSASL version 1.8, IBMXMLCRYPTO version 8.0, IBMXMLEnc version 8.0, IBMSPNEGO version 8.0, SUN version 1.8]
SSLContext provider info: IBM JSSE provider2 (implements IbmX509/PKIX key/trust factories, SSLv3/TLSv1/TLSv1.

Check out jdk.tls.disabledAlgorithms parameter, and enable algorithms you still need, or, thing that might sound to unorthodox, upgrade your SQL servers 🙂

EDIT:

Thing that should be double checked after every update, java.policy

Some related links:

http://www-10.lotus.com/ldd/ndseforum.nsf/xpTopicThread.xsp?documentId=0044333FDB4446F7852580E800476FC1

IBM Verse On-Premises 1.0.2

On 29.08.201730.08.2017 By tixomirIn UncategorizedLeave a comment

Most important:

IBM Verse On-Premises 1.0.2 requires IBM Domino 9.0.1 with Feature Pack 9 or higher on Microsoft Windows (64-bit) or Red Hat Linux (64-bit)
In addition to installing Feature Pack 9, mail files accessed with Verse On-Premises should be using a design derived from the version of the mail9.ntf template released with Feature Pack 9.
For enhanced social capabilities such as personal photos and business cards, you have the option to integrate Verse On-Premises with IBM Connections™. This option requires IBM Connections 5.5 CR2 or Connections 6.
For the ability of users to preview attachments such as spreadsheets, documents, presentations, or PDFs before sending, you have the option to integrate IBM Docs 2.0 CR2 iFix003.

Complete “what’s new”:

https://www.ibm.com/support/knowledgecenter/SS4RQV_1.0.2/whats_new/wn_102.html#concept_xwg_gm5_lz

System Requirements:

http://www-01.ibm.com/support/docview.wss?uid=swg27050118

Edit:

Updated docs are online now too: https://www.ibm.com/support/knowledgecenter/en/SS4RQV_1.0.2/admin/topics/vop_configuring_server.html

Now We should remove custom views from mail databases, since all that is needed is in FP9 templates. Remember that templates are not included in FP9 code, and that are separate download:

English only PN#: CNL9DEN

Multilingual PN#: CNL9MML