Dr. Rolf KremerDirector Product Development
New Features IBM Lotus Domino AdministrationRelease 8.5
September 2010 (Last Update: 2010-09-19)
Content
Domino Roaming
Domino Configuration Tuner
Start-up of IBM Lotus Notes Clients
Managing of Widgets
ID Vault
DAOS
Lotus Traveler
Other Topics
Source: IBM Lotus Domino Administrator Help 8.5.1
Domino Roaming (1)
New in 8.5: Support for roaming in the standard
configuration
New in 8.5: Two new roaming databases:
Feed subscription database
Eclipse plugin data and preferences database
New in 8.5: File server roaming
New in 8.5: New Roaming policy settings document for
upgrading/downgrading a user to/from file roaming
New in 8.5: User files configured for roaming appear in a single
Roaming applications folder on the Notes replicator page
New in 8.5: New Notes preference panel Roaming is available for
file server roaming-enabled users
Domino Roaming supports: contacts, bookmarks, notebook or
journal, feeds subscription, Eclipse plugin data and settings
Domino Roaming (2)
Files replicated locally from the user's roaming server
Any changes replicates back to the roaming server
Not supported is
Switching user Ids
Notes Single Logon
Users should not
Using File Security Switch ID
Switching location document
Recommandation: Start Notes -> Start Lotus Symphony;
otherwise some Notes preferences will not available for roaming in
the session
Supported platforms:
Microsoft Windows 32-bit
Linux
Apple Mac OS X
Domino Roaming (3)
Domino server roaming supported in basic and standard
configuration
File server roaming supported in standard configuration
Upgrading/Downgrading to/from Domino server roaming: use roaming
tools in Administration client People and Groups Tab Tools
People
Upgrading/Downgrading to/from File server roaming: use always
policies
Domino Configuration Tuner (DCT) (1)
Evaluates server settings according to a growing catalog of best
practies and worst practice disclosure
Evaluates all servers in a single domain together
Helps to reduce total cost of ownership by idenifying
configuration problems
Looks at settings in
Domino server documents
Notes.ini file
Advanced database properties
Configuration settings are flagged when their values are known
to cause problems
Useful to evaluate Domino 7.0 or newer releases
Changes in Domino configuration are not necessary to use DCT
Runs on Notes (basic or standard) client, version 8 or later
Domino Configuration Tuner (DCT) (2)
Included in Domino Administrator installation
Implemented as template (dct.ntf)
User need read access to the Domino directory and View only
administrators access defined in the server document
Assist in troubleshooting generating exception errors:
Quicktune_Debug
Necessary outbound port to pull update information: HTTP
New rules applied if a new template design is retrieved
Free download
Free of charge
Available outside of the Domino release cycle
IBM Lotus Notes Clients Start-up
Reordered start-up sequence (reason: performance
enhancements)
New in 8.5: Prompted to authenticate -> Notes workbench
appears
Earlier: Notes workbench appears -> Prompted to
authenticate
Notes.ini setting (client): ENABLE_EARLY_AUTHENICATION
1 = new order is on (= standard)
0 = old order is on (= feature is disabled)
If disabled:
Domino Roaming does not work
Performance enhancements are not realized
Managing of Widgets
Widgets can be managed centrally
Manual installation and search for updates is not necessary
anymore
Client will receive new updates when the local widget catalog is
updated
Support for Widgets & Live Text on Apple Mac OS platfrom
(besides Windows & Linux)
ID Vault (1)
Server-based database holds protected copies of user ids
Users assigned to vault through policy configuration
Copies of user ids uploaded to vault automatically once the
policy has taken effect
User id can uploaded, if a parent certifier of the user id has
issued a Vault Trust Certificate certifying its trust of the vault
and if the associated user's effective policy has a Security
Settings document that specify the vault name
Process of user registration uploads the id to the vault
If you do not want to keep copies of user ids in the Domino
Directory, clear Advanced ID File registration setting Location for
storing user ID In Domino Directory, which is selected by
default
User changes password or adds Internet certificate: id is pushed
to vault
ID Vault (2)
Synchronize (local and vault): client asks its home server for a
list of servers that have a replica of the vault
If home server is unavailable or does not run release 8.5,
client searches for a server in the home server cluster
A server returns list in random order to load balance
synchronization among vault servers
For better performance, client caches location of first vault
server that responds
Cache cleared periodically to ensure that load balancing is
maintained
Synchronization starts immediately
Client checks for changes periodically, generally every eight
hours
Client does its first check at a random time within the first
eight hours from client startup
If an attempt failed, three retry attempts are made at
five-minute intervals
ID Vault (3)
User does not have to change the password on each client
If client is not updated, user can continue to use old
password
Delete id file: copy of id is downloaded to the client from the
vault
Shared login is supported with id vault
Shared login (if id is deleted): Notes password must be reset on
copy of id in the vault. After reset:
User is prompted for the new password, then restart Notes
Copy of id file is downloaded to the client from the vault
Local id is re-enabled for shared login
Response of a stolen id: reset password on the id, roll over the
keys on the id, ensure that server key checking is enabled
Shared-login-enabled-id is different: can only be used on the
computer on which it was shared-login enabled
ID Vault (4)
Stolen id of that computer: disable shared login in user policy;
force policy to replicate all vault servers; respond with steps for
non-shared-login-enabled id; re-enable shared login in user
policy
Option Ask your approval before accepting name changes is
unavailable
Name change is made on client id copy automatically during
client-vault synchronization when name change is detected on
server
User with a vaulted id cannot request a key rollover through the
user security window -> only an administrator can initiated key
rollover through policy configuration
User is never prompted to accept the new keys
Key rollover is in process: do not enable use of a vault until
key rollover is complete
ID Vault (5)
Vault Trust Certificate is a special-purpose
cross-certificate
Creation: Configuration Security Certificates view in Domino
Directory, using the ID Vaults Create or ID Vaults Manage tool
Vault Trust Certificates determine which ids are allowed in a
vault; policy configuration determines which ids are actually
stored there
Vault administrators can add and remove other vault
administrators; add and remove vault replicas; delete ids from a
vault; mark ids inactive; restore ids, and delete a vault
Names of vault administrators are added to the vault database
ACL and to the vault document in the Security ID Vaults view of the
Domino Directory
Vault administrator assigned to auditor role in vault database
ACL can extract id from vault to gain access to user's encrypted
data
Location of vault database: IBM_ID_VAULT subdirectory
ID Vault (6)
Disable auditor role capability in notes.ini:
SECURE_DISABLE_AUDITOR=1
Only people with password reset authority can use Domino
Administrator to reset passwords and specify an ID download count
limit
Creation of vault replica: replication starts immediately
Add or remove replicas of a vault: User must
Vault administrator
Have access to vault id file & password
Have editor access to Domino directory
Add vault replica: you must have Create new replicas server
access
User cannot use the ID Vaults Manage tool to delete the vault
primary server replica -> use ID Vaults Delete tool
Different vault primary server can be specify by Tools ID Vaults
Manage
DAOS (1)
DAOS = Domino Attachment and Object Service
Save significant space at file level by sharing data identified
as identical between databases on the same server
Server saves a reference to each attached file in an external
repository
Attachment consolidation is not supported for DB2-enabled
databases
DAOS-enabling:
Server document
Advanced database property Use Domino Attachment and Object
Service
Enable transaction logging
Saving attachment in document: reference (ticket) will saved in
object header.
Ticket identify the attachment in the repository
Consolidation occurs immediately
DAOS (2)
If user deletes or replaces an attachment, the server adjusts
references to each attachment in the repository as necessary
Enable mail files, enable any mail.box files on the server
Works for all databases with the current ODS
Databases with earlier ODS do not include the DAOS setting in
the advanced properties
They can be pre-enabled in the Domino Administrator client; they
are included when later upgraded to the current ODS
Delete attachment: Domino deletes only the reference in the
document header
Delete attachment from all documents: Domino marks the file for
removal from the repository
File will removed after a specified days (default 30 days)
DAOS (3)
Administrator can use a tell command to specify a different
number of days
Administrator see information on the size of databases after it
participants in DAOS on the Files tab in the Domino
Administrator
Enabling setting for an existing database consolidates only
attachments created and saved in the database from then on
Consolidate both existing and new ones: run a copy-style compact
operation on the database after enabling the setting
DAOS objects count in mail file quotas and included in the
displayed file size of a database
Upgrade all newly created databases to the current ODS, enter
the following setting in the Notes.ini: Create_R85_Databases=1
Mail & mail.box files: LZ1 compression is necessary
DAOS file names: *.nlo
DAOS (4)
Default repository created relative to logical directory
structure on server
Directory can created anywhere on the server or connected file
drive
Domino administrative user needs file-access permissions to the
directory
DAOS catalog file: daoscat.nsf
DAOS (5)
Tell commands: (Tell DAOSMgr ...)
Quit (stops process, cleans up, exits)
Help (list options)
Status, Status , Status catalog
Dbsummary (display status of all DAOS-enabled databases)
Databases (same as above + additional details)
ListNLO (allow admin to identify documents whose objects may be
missing)
ListNLO -o (add file for output & desired database)
Prune (display current delete interval specified in server
document)
Prune (deletes all unreferenced objects that are older then the
argument days)
Resync (resynchronizes DAOS-enabled databases with DAOS
objects)
Resync Force (runs the resynchroinzation command whether or not
the DAOS catalog is in a synchronized state)
Lotus Traveler (1)
Supports Apple iPhone (ActiveSync support in 8.5.1), iPad,
Microsoft Windows Mobile 5 & 6 & 6.1, Symbian Series 60
Synchronizes e-mail, calendar, contacts, journal, to-do
Supports rich text content on Windows Mobile 6 devices
Supports encryption of e-mails on Windows Mobile 6 devices
Default synchronisation settings stored in NTSConfig.xml
Database with information of cluster mail replicas should
synchronized: ntsclcache.nsf
User should disable for using Lotus Traveler: Enter name of user
in Not access server field in the server document (section 'Lotus
Traveler')
Use Domino servlet manager
Lotus Traveler (2)
Change download site:
Home url in Internet Site document
NTS_WEBSITE_HOME parameter in the notes.ini file
Default number of returned results for user names and telephone
number searches: 25
Read and send encrypted mail: User must upload his Notes ID to
his mail database
Server console commands:
Force policy updates: tell adminp process traveler
Remove all users from the list of users that are logging: tell
traveler log removeuser *
Extract user information to a file: tell traveler dump
Lotus iNotes
New mode Ultra-light: use for mobile devices
Administrators can enable use of Lotus Quickr links and
attachments in messages and to set Lotus Quickr preferences in
Lotus iNotes users preferences
Administrators can allow users to add external calendar
Supports
HTTP-proxy servlets
Some Mail policy settings
Some Desktop policy settings
Server command to replace or update iNotes forms.nsf file
without restart the Domino server: tell http inotes flushforms
Other Things (1)
AdminP (admin4.nsf) records statistics to help monitoring
portions of administration process tasks
Notes basic configuration 'all client' install kit is no longer
available
Auto-populate groups:
Apply policies to users and groups based on their home
servers
Home server group for a group will be defined in the group
document
Then assign a policy to that group
To use large numbers of names in the group, use the Notes.ini
parameter: Namelookup_max_mb=1 (standard; enter a higher value as
1)
Can have subgroups
Group can be used anywhere that a static group can be used
Subgroup can not be created manually; members field is not
editable
Groups with a subgroup should not be copied and pasted in the
Domino Directory
Other Things (2)
Messaging:
Router was optimized
New: Mailbox event notification
Running router in steady state transfer new message to mail.box
-> Copy of message is made and placed on mailbox event queue
which is used by new MailEvent thread.
Router copy message without searching mail.box
Message is cached and additional copies are made for multiple
recipients
Notes.ini setting is available to limit the amount of memory by
open notes
Memory values are shared and maintained by mailbox event
generation and any open router note
There are no changes to the UI
Other Things (3)
Policies
New Dynamic policies: New option for assigning explicit
policies
User or group name should specify in a policy document
Advantage: If organization changes, only group document needs to
update
Updated group information is applied next time the policy is
calculated for any users in that group
New Roaming policy settings document
Widgets policy page settings: New setting
com.ibm.rcp.toolbox.prov.provider.ToolboxProvisioning; exists also
in the plugin_customization.ini file
Desktop policy settings document:
New Window management settings: Display sidebar
New Hide settings for several sidebar panels (Feeds,
Day-At-A-Glance, Activities, Sametime Primary Contacts, My
Widgets)
Other Things (4)
Console Log Mirroring:
New server thread which monitors all messages written to the
Console Log file and duplicates these messages into another
file
Three Notes.ini settings:
Console_Log_Mirror=1 (Enables mirroring feature)
Retain_Mirror_Logs=1 (Prevents deletion or previous mirrors)
Console_Log_Max_Kbytes=... (Maximum size of Console Log)
All keystrokes are copied to the console log and mirrored (also
backspaces)
By default, console log mirroring is disabled
Server task is named Console Log Mirror Task; created in the
IBM_Technical_Support directory under the data directory
File name is Console.log + number appended (maximum number is
999) (Example: Console11.log)
Uses circular logging
Other Things (5)
Notes shared login:
Login without providing Notes passwords; instead Windows
password
Available on Windows platforms
Windows password will not used for Notes ID file
New server commands:
Show idvaults (Displays configuration information about the ID
vaults on a server)
Show stat mail (New message statistics)
Show tasks (Includes task status from additional mail router
threads)
Show server (Report whether DAOS is enabled, provides a list
which databases are included)
Show directory (Same enhancements as show server)
DAOS Tell commands
PAVONE Ltd, UK
School House, Hackforth
BEDALE, N. Yorks. DL8 1PE
United KingdomPhone: +44 (0) 1748 811527
E-Mail: [email protected] PAVONE Inc.13 NW 13th Avenue
Portland, Oregon 97209
USAPhone: +1.503.754.3144
E-Mail: [email protected]
PAVONE AGTechnologiepark 933100 PaderbornTel.: +49 52 51 / 31
02-0Fax: +49 52 51 / 31 02-99E-Mail: [email protected]
For more information please visit our homepage
http://www.pavone.comand http://www.pavonelive.com
Contact
Folientitel Arial Black (24)
Klicken Sie, um die Formate des Gliederungstextes zu
bearbeiten
Zweite Gliederungsebene
Dritte Gliederungsebene
Vierte Gliederungsebene
Fnfte Gliederungsebene
Sechste Gliederungsebene
Siebente Gliederungsebene
Achte Gliederungsebene
Neunte Gliederungsebene
