Recent
Certificate Store: Submit vs Save 
By Martijn de Jong | 3/30/23 2:39 AM | Infrastructure - Notes / Domino | Added by Oliver Busse
I regularly receive question about the Certificate Store and CertMgr, which made me realise that there’s a lot of confusion around the Submit Request and the Save & Close buttons in the store and when to use what. Time for an article to hopefully solve some of that confusion.
Quick Tip: Stashing Log Files From Domino Testcontainers
By Jesse Gallagher | 3/29/23 3:55 AM | Development - Notes / Domino | Added by Roberto Boccadoro
I've been doing a little future-proofing in the XPages Jakarta EE project lately and bumped against a common pitfall in my test setup: since I create a fresh Domino Testcontainer with each run, diagnostic information like the XPages log files are destroyed at the end of each test-suite execution.
HCL Notes – Swiftfile Not Working as Expected
By Milan Matejic | 3/29/23 3:53 AM | Infrastructure - Notes / Domino | Added by Roberto Boccadoro
When using the "preview pane" in HCL Notes, and clicking on a folder, suggested by SwiftFile, the "move to folder" dialogue would sometimes come up. This was happening to my client, in about 1 of 20 cases
HCL Connections 8 – PDF Export Issues After Installing CNX in a Clustered WAS Environment
By Milan Matejic | 3/24/23 5:12 AM | Infrastructure - Connections | Added by Roberto Boccadoro
Recently I encountered an issue with PDF Export, right after the installation of HCL Connections applications in a multi-node, clustered, IBM WebSphere Application Server environment. This problem only occurs in a multi-node WAS environment.
In the HCL Connections GUI, in the “PDF Export Access” settings of the”Edit Community” menu (Community –> Community Actions –> Edit Community –> PDF Export Access), the following error was displayed:
Error 500: org.springframework.web.util.NestedServletException: Handler dispatch failed; nested exception is java.lang.NoClassDefFoundError: com/ibm/ess/ic/ic360/security/tai/Ic360ImpersonateUserTAI
HCL Verse on Premises and HTTP error 404
By Rainer Brandl | 3/23/23 3:00 AM | Infrastructure - Notes / Domino | Added by Roberto Boccadoro
Today I implemented VoP on a Domino Server running on an iSeries like the "implementation" always is done. But afterwards I received an HTTP error 404 when trying to open the URL https://mailserver.company.com/verse.After some rechecks ( did I put the JAR files to the correct location and did I modify the owner ) I recreated the redirect database, rechecked the server configuration but could not get rid of this issue.
New C3UG video: Low-Code with Tooljet using the HCL Domino REST APIs
By C3UG | 3/15/23 4:26 AM | Infrastructure - Notes / Domino | Added by Roberto Boccadoro
This is a video about the new HCL Domino REST APIs in conjunction with the open source low code development environment "Tooljet". I do an intro to both systems and a (lengthy) demo, showing how to set up access to HCL Domino using the new REST APIs on Domino 12 and to get the data into data tables in a ToolJet project.
Read Attachment Files without Writing to Disk
By Andre Guirard | 3/13/23 3:13 AM | Development - Notes / Domino | Added by Roberto Boccadoro
Someone sent me a link to this “domino idea” asking for the ability to read file data from attachments in Notes documents without “extracting the file” to disk, since ECLs might not always let you do that.
I never like to say there’s no way to do that, so the question prompted me to create an answer. This code uses DXL — it exports the document, then searches the exported data for the file data objects, which are encoded in base64. Fortunately it’s just the plain file data without CD record headers or the like, so it’s easy to convert to a NotesStream containing the raw data — or to interpret that data as text in a specified character set.
Moving Relative Date Text Client-Side
By Jesse Gallagher | 3/13/23 3:11 AM | Development - Notes / Domino | Added by Roberto Boccadoro
One of my main goals in the slow-moving OpenNTF home-page revamp project I'm doing (which I recently moved to a public repo, by the way) is to, like on this blog, keep things extremely simple. There's almost no JavaScript - just Hotwire Turbo so far - and the UI is done with very-low-key JSP pages and tags.
Bali Unit Testing Framework Videos
By Paul Withers | 3/1/23 4:58 PM | Development - Notes / Domino | Added by Oliver Busse
Two weeks ago four videos were posted on OpenNTF’s YouTube channel walking through the functionality of the Bali Unit testing framework.These are intended to give you all the information you need to use the test suite, although full documentation is available in the repo, at https://openntf.github.io/bali-unit/.
On Domino thread IDs and Linux/Windows process IDs
By Martijn de Jong | 3/1/23 9:53 AM | Infrastructure - Notes / Domino | Added by Roberto Boccadoro
A short tip on something which many people are probably not aware of, but which can be a huge time saver when you’re troubleshooting a Domino problem.
As an example, see this error message from a Domino log:
[062372:000014-00007F8001776700] 28/02/2023 13:16:20 CertStore: Error opening CertStore database [CN=PROD02/OU=SRV/O=ACME!!certstore.nsf] : The server is not responding. The server may be down or you may be experiencing network or VPN problems. Contact your system administrator if this problem persists.
[062372:000014-00007F8001776700] 28/02/2023 13:16:20 CertStore: Error opening CertStore on [CN=PROD02/OU=SRV/O=ACME] : The server is not responding. The server may be down or you may be experiencing network or VPN problems. Contact your system administrator if this problem persists.
Your first hunch might be that this is an error that’s caused by the CertMgr process. It’s related to the Certificate Store after all. But is this really the case?
HCL Connections – Journey to Connections 8
By Urs Meli | 2/27/23 10:10 AM | Infrastructure - Connections | Added by Wannes Rams
After the Connections 8 CR1 had been released, we upgraded our production environment. This is our journey
HCL Nomad Web – User moved to another Domino Server
By Rainer Brandl | 2/23/23 3:44 AM | Infrastructure - Notes / Domino | Added by Roberto Boccadoro
Today I had the issue that a user could not successfully complete the initial setup of HCL Nomad Web. The user always received the following error message: Afterwards I checked the result of the LDAP request for the home server which looked fine and the Domino Server also was available. So what could cause this error message ?
CAUSE: the user was moved to another mail server some days ago !!
width=device-width, initial-scale=1 http://gmpg.org/xfn/11 HCL Nomad Web – User moved to another Domino Server – Tips and News for Collaboration solutions max-image-preview:large //s1.wp.com //s0.wp.com //s2.wp.com //blogbyrainer.wordpress.com //wordpress.com //fonts-api.wp.com https://fonts.gstatic.com Tips and News for Collaboration solutions » Feed https://brandlrainer.info/feed/ Tips and News for Collaboration solutions » Comments Feed https://brandlrainer.info/comments/feed/ Tips and News for Collaboration solutions » HCL Nomad Web – User moved to another Domino Server Comments Feed https://brandlrainer.info/2023/02/22/hcl-nomad-web-user-moved-to-another-domino-server/fe
Domino 12.0.2 SAML Not Sending User to Originating URL
By Ted Hardenburgh | 2/23/23 3:43 AM | Infrastructure - Notes / Domino | Added by Roberto Boccadoro
Fresh off the press is a new Knowledge Base article at HCL that describes an event where a user authenticating via SAML is not being sent to the originally requested URL after authentication, but is sent to the home URL for the site. This affects new or upgraded Domino 12.0.2 servers.
The cause for this is the new default setting for samesite=strict that is added to the relay state cookie. The notes.ini setting DOMINO_RELAY_COOKIE_SAMESITE=0 will resolve this issue after restarting Domino.
SVG Images not working in older Domino releases
By Fredrik Norling | 2/17/23 4:26 AM | Infrastructure - Notes / Domino | Added by Roberto Boccadoro
By default svg images doesn’t work in older versions of Domino like version 9.01, 10 perhaps even 11
I have verified in version 12 and there it work fine without problems.
Luckily there is an easy fix, in the Domino data directory there is a file httpd.cnf open up this file add add this line below i.e the Images section, placement isn’t important.
AddType .svg image/svg+xml # SVG format
Richard Pajerski: Securing access to MongoDB with Sametime 12 Premium
By Richard Pajerski | 2/15/23 1:46 AM | Infrastructure - Sametime | Added by Roberto Boccadoro
The thrust of this post is on securing the server itself, and more specifically the MongoDB portion where chat histories, contact lists and other details are stored. HCL supports MongoDB versions 4.2 and higher on a best effort basis and I'm using version 6.0.4 on CentOS 8 for purposes of this post. Here's what worked for me.
After installing, we configure our Sametime database using the MongoDB Shell; upon first connecting, there's no prompt for a password and we're plainly told:
"Access control is not enabled for the database. Read and write access to data and configuration is unrestricted"
Well, that's not good. It was now possible to connect using mongosh and fully control the server *from anywhere, without a password*... :-(
Notes Tip #54: From Microsoft Outlook to HCL Notes
By Hogne B. Pettersen | 2/14/23 3:44 AM | Infrastructure - Notes / Domino | Added by Roberto Boccadoro
After some false stops and starts, Brainworker and I can finally publish my full user guide for Notes Mail, Calendar, Contacts and To do. Perfect for new employees used to Outlook, but also as a user guide for any Notes user. While Notes is so much more than just an email, calendar, and contacts application,these features are nevertheless some of the most important features of the client.
Setting up HCL Domino Time-based one-time password (TOTP) authentication
By Remco Angioni | 2/14/23 3:43 AM | Infrastructure - Notes / Domino | Added by Roberto Boccadoro
Here is the easy guide how to setup HCL Domino TOTP on a Domino V12.0.2 server with internet site document.
Announcing the HCL Ambassador Class of 2023
By HCLSoftware | 2/8/23 1:21 PM | Business - Events / People | Added by Wannes Rams
HCL Digital Solutions is proud to highlight recipients of the much-anticipated HCL Ambassador Class of 2023 award! Congratulations!
Problem with Prometheus in Sametime monitoring dashboard
By Roberto Boccadoro | 2/8/23 11:26 AM | Infrastructure - Sametime | Added by Oliver Busse
I set up the monitoring dashboard in Sametime, using the provided JSON files; in case you don’t know how to do that, you enable it running this command
docker-compose -f docker-compose.yml -f docker-compose-monitoring.yml up -d
https://help.hcltechsw.com/sametime/1201/admin/Managing_dashboard.html
Today I discovered that my Prometheus container kept crashing, and in the logs I found lines like these
TOTP and vert.x
By Stephan Wissel | 2/7/23 9:13 AM | Development - Notes / Domino | Added by Roberto Boccadoro
TOTP and vert.x - Time-based one-time passwords (TOTP) are a common security feature in Identity Providers (IdP). There are use cases beyond IdP, mine was 'Understanding what it takes').
TOTP interaction
You have two phases: enrollment and use. During enrollment a secret is generated and (typically) presented as QR Code. A user points one of the many Authenticator apps to it and gets a numeric code that changes once a minute.
When you use it, you pick the current number and paste it into the provided field. The backend validates the correctness with some time leeway.
What it is not
Typically when enrolling you also get recovery codes, sometimes called scratch codes. They are NOT part of TOTP and implementation is site specific and not standardized. An implementer might choose to check your recovery codes when your TOTP fails or provide a separate interaction using those.
The initial confirmation, is actually the first instance of "use" and one could have a successful enrollment without it. This is depending on the implementation.
It isn't foolproof. An attacker could trick you into typing your TOTP code into a spoofed form or just hijack your session (cookie). That's why responsible web apps run a tight security with CSP and TLS (and once browser support is better Permission Policy)
XAgents to Jakarta REST Services
By Jesse Gallagher | 2/6/23 2:03 AM | Development - Notes / Domino | Added by Oliver Busse
For a good long time now, XAgents have been one of the common ways to do non-HTML output in an XPages environment - JSON, mostly. I think the technique was codified and the term coined by Stephan Wissel back in 2008 and the idea has been the same since.
Effectively, an XAgent lets you write a Servlet but with a bit more scaffolding. Though XPages has a path to use Servlets officially, that method is more out-of-the-way than XAgents and doesn't (without further hoop jumping) give you some niceties like sessionAsSigner.
Calendar entry not displaying notes in HCL Verse 3.x
By Rainer Brandl | 2/3/23 4:20 AM | Infrastructure - Notes / Domino | Added by Roberto Boccadoro
Today I had the issue that a customer complained that notices on the calendar form keep on loading and loading and you're not able to create a calendar entry or even display the content of the notes an existing calendar entry.After some conversation with HCL Support ( which again was working extremely fast in person of Suraj Joshi ) I received the information that the upgrade to HCL Domino 12.0.2 could cause this issue.
As mentioned in the official Defect Article this only occurs when the display language of the browser is set to another language than English.
The Pront statement [sic]
By Andre Guirard | 2/3/23 4:18 AM | Development - Notes / Domino | Added by Roberto Boccadoro
The LotusScript debugger isn’t the simplest thing in the world to use, especially when debugging form event code, where the fact of the debugger grabbing focus may change what happens.
You can put Print statements in LotusScript to do a less impactful debug, but these are hard to read and you can’t tell which messages are new — or which are repeats of the last message.
For a project I’m working on now, I wanted something easier to use. So I present the Pront Console. This is an NSF you download and install on your client, with a bit to put in your applications to make the Pront statement available.
Error 404 - Item Not Found Exception after upgrade to Domino 12.0.2
By Oliver Busse | 2/2/23 2:21 AM | Development - Notes / Domino | Added by Roberto Boccadoro
For a customer we also set up a dev environment using our application platform Aveedo where we are creating a brand new CRM system. Very soon we faced the problem, that pages were not loaded properly (404 error) at random occurrence.
After some testing with various XPages memory settings etc. I opened a case, and it turned out: there is a problem in the com.ibm.xsp.core_12.0.2.20221101-2131 plugin lib, which means in the XPages core.
HCL support immediately forwarded this to the dev team and they were able to create a testfix for us which solved the problem. The fix is addressed for FP1 of 12.0.2.
Introducing Bali Unit Testing Framework
By Paul Withers | 2/2/23 2:18 AM | Development - Notes / Domino | Added by Roberto Boccadoro
Today we’ve released two projects, one on HCL’s GitHub and a fork on OpenNTF’s GitHub. It will be useful to give a bit of background, as well as an introduction the the project.
The version on HCL’s GitHub is the original, Bali Unit Testing Framework, a unit testing framework written in and for VoltScript, the evolution of LotusScript currently in development for Volt MX Go. The documentation, as usual, is available on GitHub. There are a number of places where the code leverages new language functionality from VoltScript. As a result, although the code will be usable from VoltScript, the code cannot be used as-is by Domino developers.
Therefore a fork has also been created on OpenNTF’s GitHub and adapted for LotusScript, Bali Unit Testing Framework. The documentation is available also on GitHub. This can be used by Domino developers. The documetation has also been slightly modified, to be relevant to LotusScript developers.
Sametime V12 MongoDB LDAP issue when using webusers
By Remco Angioni | 1/30/23 1:57 AM | Infrastructure - Sametime | Added by Roberto Boccadoro
When you move from a Sametime version running on Domino to the Sametime V12 version, running on Docker......there could be a problem when you have webusers running in your Sametime environment. You always have to run the Sametime Name Change utility to move away from Domino (LDAP) syntax ( CN=Remco/O=ORG to CN=Remco,O=ORG) https://help.hcltechsw.com/sametime/11.6/admin/changing__names_in_contact_and_privacy_lists.html
There is a problem when you have used Sametime 11.6, which already used MongoDB for chatlogging, and used WEBUSERS (and not registered users). Webusers are saved flat in MongoDB and do not contain the CN=…/O=… syntax. When you move to Sametime V12 and converted the users to LDAP and imported vpuserinfo to MongoDB, you see a loss in Contacts and Archive. Your account is no longer connected to your old chats and doesn’t contain any contacts. Why?
A new tool for creating rich text
By Andre Guirard | 1/26/23 7:32 AM | Development - Notes / Domino | Added by Roberto Boccadoro
I’ve used an earlier version of this in other applications, but now it’s greatly improved and expanded. This is an API for creating rich text, including all the variations of sections, tables, image backgrounds, links, borders…
This is an initial 0.1 release, so there will almost certainly be more changes coming, but I need y’all to drive this. Download it, try it out, respond here with questions and suggestions
Always get the latest Huddo version in HCL Connections
By Wannes Rams | 1/26/23 3:09 AM | Infrastructure - Connections | Added by Wannes Rams
We have documented how to connect to our version, but that documentation is focused on a manual install of Component pack and connecting to our systems from the start. I want to show how to do it if Boards is already installed and running using the automation scripts. You can obviously follow this guide if you did a manual install and connected to the HCL resources, I am just mentioning some specifics about the HCL automation you can ignore.
Overdue PSA: Reverse-Proxy Headers in Domino 12.0.1FP1 and Newer
By Jesse Gallagher | 1/25/23 11:19 AM | Infrastructure - Notes / Domino | Added by Oliver Busse
Just over a year ago now, I wrote a blog post describing the sudden removal of my beloved HTTPEnableConnectorHeaders notes.ini parameter in the 12.0.1 release.
However, during the administration-focused OpenNTF Repair Café today, I was reminded that I never modified that post or made a followup to detail the changes since then. I plan to remedy that here!
Nomad Web server connection options
By Daniel Nashed | 1/25/23 7:30 AM | Infrastructure - Notes / Domino | Added by Oliver Busse
Nomad Web is a modern HCL client offering in form of a Progressive Web Application (PWA) running in your web browser.
In addition to Windows or Mac, it also works on Ubuntu and other Linux distributions! So there is finally a client offering for Linux clients again!
The Nomad Web application is installed on a server providing the required files for download.
Those files can be stored on a SafeLinx or Domino/Nomad Web server.