After upgrading Sametime to V12.0.2 you cannot send messages to offline users  

By Remco Angioni | 5/9/24 3:20 AM | Infrastructure - Sametime | Added by Roberto Boccadoro

After upgrading to Sametime V12.0.2, we cannot send chats to offline users anymore using client or mobile app. After opening a case, HCL told us that there should be a policy for that. But this policy doesn't exists in ../sametime-config/policy/policies.user.xml.

How to remove a Groupchat in Sametime V12?  

By Remco Angioni | 4/17/24 4:01 AM | Infrastructure - Sametime | Added by Roberto Boccadoro

When a user creates a groupchat using, let’s say “AllUsers”, this groupchat will consume a lot of resources when AllUsers contain many many users. Beside asking the users to remove this chat, there is no way to remove this groupchat using a (Admin)gui. We raised a call to HCL and they solved it by removing it from the backend. Smart one. They even created a KB item about it, using our information. Smart one. You can terminate the group chat from the MongoDB Here are the steps:

Sametime 12.0.2 statistics & settings are gone after restart server  

By Remco Angioni | 4/8/24 12:42 AM | Infrastructure - Sametime | Added by Roberto Boccadoro

Because of the strange default settings in the Sametime V12.0.2 Docker configuration, all changes in Grafana and Prometheus are gone after you bring the docker containers down and/or when you restart the server. By default, HCL decided that Grafana stores information inside the container.By default, HCL decided that Prometheus data is stored on the host. When you bring down the Docker containers, Grafana information is gone. When you restart the entire server, /tmp is cleared and therefor all statistics Prometheus issue is easy to solve, just change the local path to another location outside /tmp Grafana also need a local, or Docker storage, outside it’s own container.

HCL Nomad for Domino behind an Apache Reverse Proxy  

By Remco Angioni | 12/28/23 3:04 AM | Infrastructure - Notes / Domino | Added by Roberto Boccadoro

Reading the documentation, HCL only gives us the configuration for NGINX. Some companies are using Apache and not NGINX. We encourage the move to NGINX, but for now Apache is still okay.

Keep HCL Domino JVM settings during upgrade?  

By Remco Angioni | 10/9/23 2:58 AM | Infrastructure - Notes / Domino | Added by Roberto Boccadoro

When you have added custom settings in the Domino JVM environment, and upgrade noticed that all your settings are gone. Even the custom JARS are removed. There is a way to keep them during the upgrade of Domino, and that's to tell Domino JVM that the files are on a different location...outside the Domino

My thoughts on how Domino registers users  

By Remco Angioni | 10/2/23 2:00 AM | Infrastructure - Notes / Domino | Added by Roberto Boccadoro

We all know Domino registers users. You need the certifier for the correct O or OU and the user is created with the hierarchical Full Name as the certified user. So, the hierarchical Full Name is the unique key. When you add users to a group, the hierarchical Full Name is added to the group.When you add users to the ACL, the hierarchical Full Name is added. Don’t you all hate the DELETE/RENAME Adminp actions? It can take days before finishing, depending the amount of servers you have. And somtimes……it fails or got stuck in the flow.

HCL Domino rename via ADMINP does not check the new username in IDVault’s inactive users view.   

By Remco Angioni | 10/2/23 1:59 AM | Infrastructure - Notes / Domino | Added by Roberto Boccadoro

We discovered some strange behavior during a user rename. The user was renamed via ADMINP. AdminQ pushed the renameflow that evening, because we enabled AdminQ also for registered users. The next morning we checked the rename and everything looks fine. But.....the user logged in, still with his old name and received an error that he wasn’t allowed to access the Domino server.

HCL Domino 12.0.2: removed user-maildatabase in a cluster symmetry configuration is repaired after removed on 1 server.  

By Remco Angioni | 5/8/23 1:01 AM | Infrastructure - Notes / Domino | Added by Roberto Boccadoro

n HCL Domino 12.0.2 we discovered that when we delete users, some maildatabases are repaired back to the home/mail Domino server……running on Windows servers. Like all of you know, when removing a user from a clustered Domino environment, the cldbdir entry for that database is altered to REPAIR:DISABLED. Repair is not allowed for that database. We raised a ticket because we noticed, ofcourse, that this was not the case for some users we removed. The database was repaired from another clustermember. This left us with 2 maildatabases and NO persondocument.

Domino Server: Let adminp handle renames in maildatabases, but don’t delete users in name fields.  

By Remco Angioni | 5/5/23 1:26 AM | Infrastructure - Notes / Domino | Added by Roberto Boccadoro

Ever wondered why adminp treats a deletion the same as a rename when you have set the Administration Server Action to Modify all Names fields? Well, I did. I can imagine why a rename should be performed on all mail and calendar items, but a user deletion?????? Why you want that to happen at all?Why remove the evidence that someone have sent me an email or have sent me a meeting request? It doesn’t make sense at all to me. That’s why I was searching for a way to tell Domino not to delete users in names fields, just renames when using adminp in maildatabases. And there it is, the solution.

Setting up HCL Domino Time-based one-time password (TOTP) authentication  

By Remco Angioni | 2/14/23 3:43 AM | Infrastructure - Notes / Domino | Added by Roberto Boccadoro

Here is the easy guide how to setup HCL Domino TOTP on a Domino V12.0.2 server with internet site document.

Sametime V12 MongoDB LDAP issue when using webusers  

By Remco Angioni | 1/30/23 1:57 AM | Infrastructure - Sametime | Added by Roberto Boccadoro

When you move from a Sametime version running on Domino to the Sametime V12 version, running on Docker......there could be a problem when you have webusers running in your Sametime environment. You always have to run the Sametime Name Change utility to move away from Domino (LDAP) syntax ( CN=Remco/O=ORG to CN=Remco,O=ORG) There is a problem when you have used Sametime 11.6, which already used MongoDB for chatlogging, and used WEBUSERS (and not registered users). Webusers are saved flat in MongoDB and do not contain the CN=…/O=… syntax. When you move to Sametime V12 and converted the users to LDAP and imported vpuserinfo to MongoDB, you see a loss in Contacts and Archive. Your account is no longer connected to your old chats and doesn’t contain any contacts. Why?

Solution for broken TrendMicro ScanMail for Domino 12.0.2 on Windows  

By Remco Angioni | 12/23/22 4:16 AM | Infrastructure - Notes / Domino | Added by Roberto Boccadoro

After upgrading the Domino to 12.0.2, TrendMicro scanmail stops working. The cause is C API OSLoadLibrary changes in Domino 12.0.2. TrendMicro had identified the problem and created a temp workaround for it. See article:

Setup DKIM for HCL Domino 12.0.2  

By Remco Angioni | 12/9/22 1:58 AM | Infrastructure - Notes / Domino | Added by Roberto Boccadoro

Finally we can setup and use DKIM email authentication in HCL Domino. Here are the steps for adding DKIM in Domino and DNS.The actions are my actual commands for adding DKIM to my domain.

HCL Software and the number 13  

By Remco Angioni | 12/2/22 3:18 PM | Business - News | Added by Oliver Busse

Just after 12.0.2 we all waited for the next major release. There it is …… proof that HCL doesn’t like the number 13 like we heard in the rumors.

Sametime V12.0.1/12.0.2 cannot connect to LDAPS:636 using TLSv1.2  

By Remco Angioni | 10/31/22 4:49 AM | Infrastructure - Sametime | Added by Roberto Boccadoro

Setting up Sametime V12.0.1 and V12.0.2 BETA, I discovered that we couldn't connect to LDAPS to a Domino server, or to the AD using TLSv1.2.I discovered it in the Docker environment and noticed in the community log these lines: community_1 | stuserinfosa 2022-10-04 08:44:04.175 SEVERE 0 — 31 : createConnection : Problem Initalizing context for simple bind community_1 | javax.naming.CommunicationException: simple bind failed: stldap.domain.internal:636 [Root exception is Initial encode failure on StTlsSocket [6]]

Extra “Sametime V12 MongoDB roles” in a highly secured Mongo environment  

By Remco Angioni | 7/11/22 4:26 AM | Infrastructure - Sametime | Added by Roberto Boccadoro

When following the standard procedure for installing LDAP, MongoDB and Sametime V12. You may discover that the Sametime database user does not have enough rights. The procedure tells us that the following command for creating an user and roles should be enough: db.createUser({user: "sametimeUser", pwd: "sametime", roles:[{role:"readWrite", db:"chatlogging"},{ role:"readWrite", db:"mobileOffline"},{ role:"readWrite", db:"meeting"},{role:"dbAdmin", db:"meeting"},{role:"userAdminAnyDatabase", db:"admin"}]}) Because there was no warning or error at this point we finished the installtion and started Sametime V12, I discovered that we couldn’t login into Sametime. Even when LDAP works correctly and tells us “BIND SUCCESSFULL” in the Sametime Community log.

Sametime 11.6 IF2 installation results in a non-working proxy when you don’t have a meeting server.   

By Remco Angioni | 3/25/22 4:27 PM | Infrastructure - Sametime | Added by Oliver Busse

After installing Sametime 11.6 IF2, i discovered that the entire proxy service will not start at all. In the localhost log you can see the following warning, over and over again. After opening a support ticket, HCL discovered a problem in the code. It seems like Sametime 11.6 IF2 needs a configured meeting server in the config.

Tweak the first save-attachment location within HCL Notes | Angioni's Blog  

By Remco Angioni | 2/28/22 2:24 AM | Infrastructure - Notes / Domino | Added by Roberto Boccadoro

When you want to move the default save location, for your attachments, from %TEMP% to C:\LOCAL\TEMP, than this cannot be done from a policy. We opened a case at HCL support and after 2 weeks, because support also didn't knew how to do it, the answer came from development.

HCL Domino’s IDVault: Enabling automatic restart of ID file synchronization | Angioni's Blog  

By Remco Angioni | 12/15/21 2:08 PM | Infrastructure - Notes / Domino | Added by Oliver Busse

It can happen that the sync between your userid used in Notes client and IDVault is broken. It will fail to sync when the password in your local ID file is different from the one in the IDVault. But there is a way to get it up and running again…..automatically

Verse iOS 12.0.3 breaks connection to Traveler when configured wrong  

By Remco Angioni | 9/14/21 9:57 AM | Infrastructure - Notes / Domino | Added by Roberto Boccadoro

When there is a difference between the External Server URL, and the one you use configuring the iPhone Verse devices, you will see that the connection is now broken using version 12.0.3

Installing Sametime V11.6 or Traveler V11.x on Linux with a small-sized /tmp volume.  

By Remco Angioni | 7/5/21 2:22 AM | Infrastructure - Notes / Domino | Added by Roberto Boccadoro

Sometimes a Linux deployment comes with a too small sized /tmp volume. Normally installers detects this and reports an error and stop the installation. Sametime 11.x and Traveler 11.x only detects it, but continue with the message that the installer is now using /root as their temp folder in order to continue its installation.

HCL Domino V11.0.1FP3 and things you need to know about this fixpack  

By Remco Angioni | 7/5/21 2:21 AM | Infrastructure - Notes / Domino | Added by Roberto Boccadoro

After installing HCL Domino V11.0.1FP3 you may encounter several new features which can result in an issue. Here are the things we have discovered so far.

HCL Verse: read and write encrypted mail without your userid  

By Remco Angioni | 5/19/21 1:41 AM | Infrastructure - Notes / Domino | Added by Roberto Boccadoro

When you want to read and/or write encrypted mail, you normally need to have uploaded your into your HCL Notes mail database. Now, when the technique evolves, it’s no longer necessary to upload it manually. It’s even harder when you work natively from the IDVault, because your ID is loaded into memory.

Suppress the "Edit On Desktop" popup entirely in your HCL Connections environment.  

By Remco Angioni | 12/4/20 1:27 AM | Infrastructure - Connections | Added by Roberto Boccadoro

Every time you edit a file using the Edit On Desktop feature, a popup appears. You can check the option “Don’t show this message again”, but when you choose another file, it’s popping up again. And of course, when you clear your browser data including the cookies, the entire process starts from the beginning.

Overrule external mailflow in Domino in case of ForeignDomain *.* to AllInternetHosts  

By Remco Angioni | 11/30/20 2:35 AM | Infrastructure - Notes / Domino | Added by Roberto Boccadoro

When you have setup the SMTP routing by Foreign Domain document and pulling the mail towards 1 or more OutBound SMTP Domino servers, you cannot add an alternative route for mail and outbound SMTP flow. Every mail is routed to the defined SMTP Domino server in the connection documents.

Show heapsizes in your HCL Notes Client  

By Remco Angioni | 11/16/20 4:26 AM | Infrastructure - Notes / Domino | Added by Roberto Boccadoro

How can you check how much heapsize you are using in your Notes client? Normally, this is a preference setting in your designer to set ( Preferences – General – Show Heap Size ). But how to set it for your normal standard HCL Notes client? ing in your Notes client? Normally, this is a preference setting in your designer to set ( Preferences - General - Show Heap Size ). But how to set it // Angioni's Blog » Feed

Enable SAML with ADFS authentication for HCL Connections 6.5  

By Remco Angioni | 9/14/20 3:05 AM | Infrastructure - Connections | Added by Roberto Boccadoro

When enabling SAML authentication, we discovered that the documentation from HCL is not complete, perhaps because some links to IBM are no longer valid. There are some important bits missing in the configuration. This is the documentation from HCL: Authenticate using SAML What is missing?

VOP: Disable Fileviewer  

By Remco Angioni | 3/17/20 5:20 AM | Infrastructure - Connections | Added by Roberto Boccadoro

Supose you want to use the userpictures from Connections, but don’t want to use the FileViewer from Connections. There is no documentation, for sofar i could see, about this subject. So i opened a case for it and they came with this perfectly working solution.

HCL Nomad Web, the new client for HCL Domino  

By Remco Angioni | 3/8/20 11:21 AM | Infrastructure - Notes / Domino | Added by Oliver Busse

Without replacing the “old” HCL Notes client, HCL introduced a new client. HCL Nomad Web will work from within your browser as it is the Notes Client. A download less then 100MB will be enough to start the client. Still works with your in the Vault and uses all Domino security layers. Secure like before !! And with the upcoming 2FA ( MFA ) starting with HCL Domino V12, it’s clear….we are ready for it.

ICEC: Turn off light mode  

By Remco Angioni | 3/3/19 11:45 AM | Infrastructure - Connections | Added by Oliver Busse

Because it is not very well documented, here is the procedure to enable full mode