Category: Domino

I upgrade from El Capitain and Notes 9.0.1 IF4 works fine for me. Yesterday IBM launch the FIX5 for Notes on MAC and will support macOS Sierra

Some information from the TN about the fix 5:

IBM Notes 9.0.1 64-bit running 9.0.1 Interim Fix 5 or above supports macOS Sierra and OS X 10.11. IBM clients can open Service Requests running this release.
Full certification of macOS Sierra will be completed by end of October 2016 or approximately 30 days after the general release of macOS Sierra.

IBM Client Application Access (ICAA) 1.0.0.1 Feature Pack 1 due out in November 2016 will support macOS Sierra.

Domino fix

MacOS Sierra will be available on 20 September for the general public. I search yesterday and today on the system requirements for Notes on MAC and i not found any information.

Anyone knows if the current version of Notes for MAC will run on Sierra?

Domino Notes

As of September 6, 2016, IBM has implemented hard entitlement validation on Fix Central for IBM Notes/Domino products. IBM Software Subscription and Support (S&S) will be validated through IBM ID association to IBM Customer Numbers.

More information on this TN

Domino

“Domino applications that are created from system templates that make use of Java applets, such as the Domino Directory (names.nsf), Document Library, Domino Web Server Configuration database and Widget Catalog database, will be impacted by the removal of NPAPI functionality. The Teamroom and Discussion databases created from older (pre-8.5.3) templates will be impacted as well.
Additionally, custom Notes applications that are using Java applets also may not work correctly in web browsers due to these changes.
It is recommended that you either (1) redesign the portions of the applications that use Java applets to use HTML, or (2) redesign the entire application to leverage XPages design elements.”

I think IBM will not replace any Java applet.

Domino

Nikto is an Open source web scanner released under the GPL license, which is used to perform comprehensive tests
on Web servers for multiple items including over 6500 potentially dangerous files/CGIs.

To install Nikto on Centos ;

1  yum install perl-CPAN* perl perl-Net-SSLeay openssl install perl-Time-HiRes
2  wget https://github.com/sullo/nikto/archive/master.zip
3 – unzip master.zip

To run a simple test, just type ./nikto.pl -h 192.168.10.74 on the program folder.

This is the result from my development server

– Nikto v2.1.6
—————————————————————————
+ Target IP:          192.168.10.74
+ Target Hostname:    192.168.10.74
+ Target Port:        80
+ Start Time:         2016-09-01 08:43:45 (GMT-3)
—————————————————————————
+ Server: Lotus-Domino
+ The anti-clickjacking X-Frame-Options header is not present.
+ The X-XSS-Protection header is not defined. This header can hint to the user agent to protect against some forms of XSS
+ The X-Content-Type-Options header is not set. This could allow the user agent to render the content of the site in a different fashion to the MIME type
+ No CGI Directories found (use ‘-C all’ to force check all possible dirs)
+ IBM/Lotus Domino: Server detected based on banner or nsf retrieval.
+ IBM/Lotus Domino: Version 9.0.0.0 detected at /download/filesets/l_LOTUS_SCRIPT.inf.
+ OSVDB-523: /homepage.nsf: This database can be read without authentication, which may reveal sensitive information.
+ Allowed HTTP Methods: GET, HEAD, POST, TRACE, PUT, DELETE, OPTIONS, PATCH
+ OSVDB-397: HTTP method (‘Allow’ Header): ‘PUT’ method could allow clients to save files on the web server.
+ OSVDB-5646: HTTP method (‘Allow’ Header): ‘DELETE’ may allow clients to remove files on the web server.
+ HTTP method: ‘PATCH’ may allow client to issue patch commands to server. See RFC-5789.
+ OSVDB-877: HTTP TRACE method is active, suggesting the host is vulnerable to XST
+ /ckeditor/ckeditor.js: CKEditor identified. This file might also expose the version of CKEditor.
+ /ckeditor/CHANGES.md: CKEditor Changelog identified.
+ 8392 requests: 0 error(s) and 12 item(s) reported on remote host
+ End Time:           2016-09-01 08:45:02 (GMT-3) (77 seconds)
—————————————————————————
+ 1 host(s) tested

Domino

From an IBM email received today:

As we first advised in December of 2015, Microsoft has confirmed they no longer support versions of Internet Explorer® older than the current version (Microsoft Internet Explorer® 11). We continue to allow access to our services for these non-supported versions, but effective September 24, 2016, an anticipated update to our Verse and SmartCloud Notes web applications will cause users accessing the service with un-supported browsers (versions previous to Internet Explorer® 11) to encounter issues such a missing controls (reply, forward, or other formatting tools) and other functional issues.

We encourage our clients to take immediate action by notifying their users and assisting any who use legacy versions of Microsoft Internet Explorer® to upgrade immediately.

Domino

Today i am working on a customer (after migrating 5000 users from Exchange), and i try to submit another file to integration server. Integration Server is an option to modify users on SmartCloud using text files. The file name must be <contract>_PRV_seqNum.csv

I created several TDI Assembly lines and i am using UNIX epoch time as seqNum.  When submit a file i got an error “This sequence number must be greater than xxx.”  I found that the customer submit a file using another kind of sequence, so i need to reset the seqNum.

How i do that? Just send a file with <contract>_PRV_9223372036854775807.csv.

After the number 9223372036854775807 the integration server reset the counter and the epoch as a sequence number works again.

Domino

Today i upgrade one TDI 7.1.1 JVM  to the latest fix from IBM.

The setup was easy, just unzip the file and copy to jvm directory.

When i launch an assembly line using delta.  The log file show the following error:

CTGDKE039E Error occurred when creating IBM Tivoli Directory Integrator Property store. Property store: System-Properties Exception: java.sql.SQLNonTransientConnectionException: java.net.ConnectException : Error connecting to server localhost on port 1527 with message Connection refused: connect.

The derby database was not starting, and in derby.log i found:

2016-07-06 20:44:01.917 GMT : Access denied (java.net.SocketPermission localhost:1527 listen,resolve)
java.security.AccessControlException: Access denied (java.net.SocketPermission localhost:1527 listen,resolve)

I try everything on  http://www-01.ibm.com/support/docview.wss?uid=swg21450475

The problem was related to permission. The text bellow is from https://db.apache.org/derby/releases/release-10.10.2.0.html

After upgrading to a JVM with these changes, while attempting to boot, the network server may fail and raise the following error:

access denied (“java.net.SocketPermission” “localhost:1527” “listen,resolve”) java.security.AccessControlException: access denied (“java.net.SocketPermission” “localhost:1527” “listen,resolve”)

To workaround this problem, you must bring up the network server with a security policy which includes the now required missing permission. Instead of booting the network server as:

java org.apache.derby.drda.NetworkServerControl start

boot the network server as follows:

java -Djava.security.manager -Djava.security.policy=${yourPolicyFile} org.apache.derby.drda.NetworkServerControl start

where ${yourPolicyFile} is a file containing a customized version of the policy file described in the Derby Admin Guide section titled Basic Network Server security policy. You must customize that generic policy file to fit your application. In addition, you must add the following permission to the permissions block granted to the ${derby.install.url}derbynet.jar codebase:

permission java.net.SocketPermission “localhost:${port}”, “listen”;

where ${port} should be replaced by the port number where the network server listens for incoming connection requests. By default, that is port 1527.

Solving the problem

I add  permission java.net.SocketPermission “localhost:1024-“, “listen”; to the grant session of the java.policy file and restart TDI

 

Connections Domino WebSphere WebSphere Portal

This technote provides information on common issues affecting users who have upgraded to IBM Verse 9.4 for Android.

 

Domino verse

Domino

I use the cmd + M keyboard shortcut every time i need to create a new memo on my IBM Notes. Yesterday this keyboard stopped working.

I looked at the status bar while pressing cmd +m and saw he message :

“You must first add your mail file mail/kcarvalho.nsf to the workspace”.

Screen Shot 2016-05-17 at 20.29.09

But my mail box icon was on the workspace.

Screen Shot 2016-05-17 at 20.30.41

The solution:

Yesterday i moved my mail box from mail folder to mail2 folder and add the icon to the workspace, but  the location was not updated.

Change the location to mail2\kcarvalho.nsf the keyboard shortcut works fine again 🙂

Screen Shot 2016-05-17 at 20.33.09

 

 

Domino Notes

You can use the NOTES.INI setting LOGSTATUSBAR=1 to enable logging of status bar messages to the local log file, LOG.NSF. To view the logged messages, open the file, LOG.NSF, and then click the Miscellaneous Events view. Status bar messages are appended with “Status Msg.”

To write the status bar messages to an external file, use the NOTES.INI setting Debug_Outfile=<path to file> with the NOTES.INI setting LOGSTATUSBAR=1. For example:

LOGSTATUSBAR=1
Debug_Outfile=c:\temp\StatusBarLogging.txt

Domino Notes