Nyheter i Domino 10, Domino 11 och lite om Connections

Posted by:

Sista veckan i februari höll HCL öppet hus i Milano och pratade om vad de planerar att göra med IBM Collaboration produkterna, som de håller på att köpa från IBM. Precis innan det var det IBM Think 2019 i San Francisco, där också en hel del nytt presenterades för framförallt Domino. Beträffande själva köpet så vet vi inte så mycket mer än att allt tyder på att det verkar bli av och att HCL tänker ge Domino en nystart.

 

Några spännande grejor som ser ut att komma med Domino 11 under Q4 2019.

 

  1. Domino som Elastic Search provider. Elastic Search kommer äntligen att kunna ersätta Dominos fulltextindex, som i mina ögon överlevt sig själv med många år. För att inte störa bakåtkompabiliteten kan Elastic aktiveras applikation för applikation.

 

  1. HTTP-autentisering mot ID Vault vilket bl.a. förenklar lösenordshantering. ID Vault blir i allt bättre med APIer etc., vilket i sig fått Dominos katalog att fungera lite mer som t.ex. Active Directory. som t.ex. inte haft Dominos problem med t.ex dubbla lösenord och klientberoenden.

 

  1. Apropå Active Directory så kommer också en helt ny AD synk.

 

  1. Ny installerare – InstallAnywhere 2018 ersätter InstallShield som gick ur tiden för länge sedan

 

  1. Domino Publisher – Snärtigare eventhanterare för både publicering- och prenumerationer knutna till databasevents och document events.

 

To be continued…. Jag skall försöka uppdatera den här posten efterhand som mer information släpps från HCL och IBM

 

Nya Domino 10 funktioner som redan släppts eller släpps efterhand

 

  1. En app (Domino Mobile Apps, kodnamn Nomad) som kör traditionella Notes-applikationer direkt från Ipads sluttestas just nu och efter den kommer även Nomad för iPhone, Android och ChromeOS. Apple versionerna av Nomad verkar distribueras via Apples B2B app store. Infoware har testat Nomad med gott resultat och vi följer utvecklingen.

 

  1. Notes-applikationsstöd som WebAssembly komponent. Nomad är också byggd för att kunna kompileras enligt WebAssembly-standarden. WebAssembly är en ny standard för att köra binärer på webb oavsett webbläsare. Web browser pluginen verkar alltså komma tillbaka, men betydligt tunnare och mer standardbaserad än tidigare. Tillsammans med ID-Vault för både Notes och http så kan det nog bli riktigt smidigt att köra både webb- och traditionella Notes applikationer från både webbläsare och mobiler https://en.wikipedia.org/wiki/WebAssembly

 

  1. Domino Query Language

 

DQL – Domino Query Language släpptes i december 2018 med Domino 10.0.1. DQL är ett nytt blixtsnabbt sätt/API/Språk för att hämta data från Domino. Om jag förstått det rätt så kommer DQL t.ex. att kunna ersätta t.ex. sök och NoteCollections i Domino applikationer.

 

  1. Domino Query Language Explorer är en Notes databas byggd för att testa DQL och få frågorna översatta till java, lotusscript eller javascript.

https://www.youtube.com/watch?v=rJNqjfML9-I

Presentationen är 11 minuter. Riktigt snyggt.

 

  1. Domino AppDev Pack 1.0 har släpptes tillsammans med Domino 10.0.1 och nu siktar HCL på att följa upp det med en ny release varje kvartal. Målet med Domino AppDev pack är att möjliggöra modernare Domino utveckling baserat på Node.js, javascript tillsammans med Domino Query Language.

 

Connections framtid, vad händer där?

HCL verkar satsa lika hårt här, även om planerna inte verkar lika klara som för Domino. Några saker har dock sipprat ut

  1. Release-tempot ökas upp till ett nytt Feature pack per kvartal och paketen utlovas att innehålla mer nytt. Senast nu under Q1 släpptes IC6 CR4 med bland annat en funktion för att dela enskilda filer externt m.h.a. direktlänkar som sedan inte kräver inloggning. Den funktionen har iallafall jag längtat efter. Infoware släpper förresten DomainPatrol Social support för IC6 CR4 nu i dagarna.
  2. IBM Connections kund-Jams för att samla input framåt är igång nu i stil med HCLs Jams inför Domino 10 och senast Domino 11

 

Länkar till mina viktigaste källor

 

Bra sammanfattning om IBM Collaboration på IBM Think nu under februari 2019

https://domino.elfworld.org/this-is-what-happened-at-ibm-think-2019/

 

Bra sammanfattning från HCLs konferens i Milano nu sista veckan i februari 2019

https://www.c3ug.ca/c3ug-blog/2019/3/1/hcl-factory-tour-episode-2-a-new-base-a-new-hope-a-new-beginning

_______________________________________________________________________________________________

Picture copyright and cudos belongs to colleague and photographer Tony Andersson

https://500px.com/tonyandersson

 

 

 

 

 

0

IBM Champion: Maria Nordin

Posted by:

I am very happy and excited to announce that I am once again selected to be an IBM Champion. For the third consecutive year. For me this is a recognition of that I am doing something right, which is fantastic!

One of my greatest passions is collaboration and bringing people together in various situations. I truly believe that we are stronger together and can achieve higher goals and better results if we work more out loud and closer to one another. Closer doesn’t necessarily mean geographically. That’s where the extra sweet sprinkle is added. By using various collaboration tools teams, colleagues and companies can overcome distances both in distance and culture.

To work out load is to learn about your co workers. About their skills, experiences and strengths. In the same way they learn about you. And to use tools that are intelligent and helps you make the most of all your assets. Like for example Watson who (is she a person? 😉 ) can summarise a long chat discussion to short overview moments, suggest where you should store files and what to answer (and who) on emails. Just to mention a few.

I am truly happy I get to be in this collaborative community and to be part of this journey to a more digitalised and open work space.

Thank you IBM for letting me go on the carousel this year too!

/Maria Nordin

 

0

Did you know that we are experts in Security Solutions

Posted by:

Together with our partner SecureDevice, who is leading in IT security in the Nordic region, we offer services and tools to help you protect your business.

Today, it is unavoidable that business critical infrastructure is exposed to attacks. You are most certainly attacked daily and probably without knowing it. The solution is to make the attacks visible to have a chance to protect yourself from intrusion and theft of business-critical business information.

What does the new data protection regulation (GDPR) entail in May 2018?

GDPR will affect all industries, companies and organizations which handle personal data. In addition to a more stringent security responsibility in your daily work, GDPR entails that detailed data on all detected data violations should be reported within 72 hours. This means that your IT department needs to establish security solutions to prevent, monitor and handle potential data violations.

Contact us to find out more about how our solutions in Identity & Access Management and Security Information and Event Management (SIEM) can help you meet the new requirements.

 

0

DomainPatrol Social with support for IBM Connections 6

Posted by:

 

 

You know IBM Connections right? What you might not know is, that we make it even more powerful, useful, better, tidier with DomainPatrol Social

And now it’s soon available for IBM Connections 6.

We can in 4 clicks merge two whole Communities. With everything in it! Neat and tidy. With the same function you can move and merge almost all content, like Wikis, Files, Communities, Activities, Users etc. All solving complex questions and issues from users and admins.

In our session we show real life examples how our customers have used DomainPatrol Social to:

  • use IBM Connections more. Sometimes users are afraid of submitting content as they don’t know where to put it
  • to upgrade their environment
  • to merge in companies they bought – with lots of new users and content
  • to handle movements of staff in the organisation
  • to handle unused and orphan content that clogs up the environment

Detach your content from the predefined places, and go social!

Contact us for more details

 

0

Changing and Signing jar files with JDK 1.8, no questions asked. Dictionaries in IBM Notes.

Posted by:

Case:
Dictionaries where missing from client installation on Windows machines.
Client is multi user and users are not allowed to write in Program Directories (non admin on their PCs).
Client is IBM Notes 9.0.1FP6, because this is the one rolled out to end users.
This means that nothing can be installed via Widgets in framework\rpc or framework\shared because both are under Program Directory.
Objective is to provide all of the dictionaries to the end users to choose from from the Widgets catalog. Installation should progress without any questions asked.

Description:
I downloaded the Dictionaries provided by IBM (Notes_XTAF_Dictionaries_V9.0_Win_ML.zip).
For a full description of this package, please read Tomas Hampels blog at
(https://blog.thomashampel.com/blog/tomcat2000.nsf/dx/deploying-xtaf-dictionaries-as-widgets.htm

The problem I got was that the Feature jar files configured to install in framework\rpc which is fine if you include them during installation of the original package running with administrative rights on the computer.

Only way in my scenario was to make sure that the installation was made in a user context meaning Data\workspace\applications

Solution:
Change configuration of the Feature jar to make sure that the installation is done in a user context.

Unpacking the jar file in the features directory of any given dictionary reveals that the feature.xml file contains <feature colocation-affinity="com.ibm.rcp.platform.feature"
this needs to be changed to this <feature colocation-affinity="com.ibm.rcp.site.anchor.user.feature" to make sure that installation will go to Data\workspace\applications where the end user is allowed to write.

To unpack and repack i use PeaZip (https://www.peazip.org/peazip-64bit.html and as an Editor I use Notepad++ (https://notepad-plus-plus.org/download/v7.3.3.html

Explanation of the different options could be found here:
https://www.ibm.com/support/knowledgecenter/en//SSVHEW_6.2.0/com.ibm.rcp.tools.doc.admin/controllingfeatureinstallocation.html
https://www-01.ibm.com/support/docview.wss?uid=swg21497657
https://www-01.ibm.com/support/docview.wss?uid=swg21440976

Also when doing this it will break the signatures and this means that a resigning (after repackage) is necessary for security reasons (you should not allow anything that you have not trusted)
If you want to include your own signed jars files during installation of the client, this can be done following this instruction (https://www-01.ibm.com/support/docview.wss?uid=swg21305165)
You could also use iKeyman to do this if you prefer.

If you look at Tomas Hampels blog above you will find that there are a lot of files that needs to be changed and signed before importing to an update site.

Changing:
In every features directory in every updateSite_xx directory the file feature.xml needs to be changed according to the above solution.
IMPORTANT!!!
Also, preparing for signing, 3 files need to be deleted from a subdirectory called META-INF also in the features catalog:
IBM_WPLC.RSA
IBM_WPLC.SF
MANIFEST.MF
IMPORTANT!!!

Preparing:
Repack all files in each Directory e.g. com.ibm.langware.v5.dic.af_ZA.feature_7.2.0.201111100545 to com.ibm.langware.v5.dic.af_ZA.feature_7.2.0.201111100545.zip
Move (cut) the zip file to where the original jar file is located rename the original jar file with an extension .org instead of .jar end the rename the newly moved .zip file to .jar
A features catalog could then look like this:
Capture

Signing:
To sign I downloaded JDK 1.8 from
(https://www.oracle.com/technetwork/java/javase/downloads/jdk8-downloads-2133151.html Windows x64 because I am using W10 64-bit.

IMPORTANT!!!
Only sign jar files that you have made changes to. The others are already signed with valid signatures.
Only sign 1 time with 1 signature for each jar file. Signing a second time could cause unexpected results.
IMPORTANT!!!

First I examined the file that was signed by IBM, this is now <filename>.org if the instructions where followed.
C:\Program Files\Java\jdk1.8.0_121\bin>
jarsigner -verify -verbose "C:\updateSite_af\features\com.ibm.langware.v5.dic.af_ZA.feature_7.2.0.201111100545.org"

I got:
– Signed by "CN=International Business Machines Corporation, OU=Lotus Software Group, OU=Digital ID Class 3 – Java Object Signing, O=International Business Machines Corporation, L=Littleton, ST=Massachusetts, C=US"
    Digest algorithm: SHA1
    Signature algorithm: MD5withRSA, 2048-bit key
  Timestamped by "CN=GeoTrust Timestamping Signer 1, O=GeoTrust Inc, C=US" on lö feb 02 04:31:44 UTC 2013
    Timestamp digest algorithm: SHA-1
    Timestamp signature algorithm: SHA1withRSA, 1024-bit key

jar verified.

This meant that I need to sign with MD5withRSA and also SHA-1 where needed.
I tried all of the possible combinations of signing and digest and did the provisioning to the IBM Notes Client for all the different cases (puh this was hard and took a lot of time!) just to make sure.
I found only 1 configuration that worked all of the times.

IMPORTANT!!!
To sign you must first create a signer and also you need to import the certificate of the signer and crosscertify it with your Notescertificate and push that crosscertificate to the client thru your security policy.
This done is done in your Domino Directory of the server.
Signing the jar file with this signature is then trusted to be installed on the client.
IMPORTANT!!!

Inspired by Tomas Hampel (again) and the blog entry (https://blog.thomashampel.com/blog/tomcat2000.nsf/dx/untitled.htm?opendocument&comments).
I decided to make my own script to help me out with this task.

Script Solution:
I decided to make 2 types of script, 1 for creating the necessary JKS file used for signing and 1 for the actual signing.
Both solutions consists of a command file an a property file containing values needed for the execution.

Code and samples will be provided here for download.Cool_Signing

Keytool:
Signing_mykeytool.cmd Cool_Signer.keytool
in the sample provided and this will create a JKS file and a CER file in the C:\temp directory.

To customize for your own needs you can creating you own .keytool file using Cool_Signer.keytool as a template. Read the included Readme.txt file for explanation.

IMPORTANT!!!
You must change/customize this if You want to use this in your own environment, because sample provided here is not intended for other purposes than demonstrating the code.
IMPORTANT!!!

Jarsigner:
Signing_myjarsigner.cmd Cool_Signing_with_XTAF_MD5.jarsigner
in the sample provided will sign all jar files that ends with *.feature_7.2.0.201111100545.jar from the catalog C:\Notes_XTAF_Dictionaries_V9.0_Win_ML and down.
IMPORTANT!!!
It also contains the parameters that where tested to work with these features. I will recommend you to use these if you modify and sign the XTAF Dictionaries.
IMPORTANT!!!

To customize for your own needs you can creating you own .jarsigner file using Cool_Signing_with_XTAF_MD5.jarsigner as a template. Read the included Readme.txt file for explanation.

Conclusion:
Changing and Signing is hard work but script at least provides you with the means of organising your stuff and ease the burden of signing.

 

0

DomainPatrol Social arrives at IBM Connect 2017

Posted by:

 

Almost 2 months of 2017 has already zoomed by, time just seems to fly! Right now we are busy with last minute preparations before IBM Connect in San Francisco next week!
 



We are bringing a great new release of DomainPatrol Social to IBM Connect!


As you know, DomainPatrol Social is the best tool for administering IBM Connections, for moving and merging almost all content and managing users.

In our new release we are introducing Reports. You can now get detailed statistics about the usage of your IBM Connections environment. For example when a Community was last updated, how many active/inactive owners it has and the sizes of all components and widgets. You can see the usage of Personal Files, how many there are, last update, active/inactive owners etc. The same goes for Wikis, Activities, Blogs, CCM, Community Files and Forums.

Contact us if you would like a demo or a free trial in your own environment!

 

 

 

 

 


 

 

Do you see even more in depth analysis of your IBM Connections environment? Then we recommend that you take a look at ConnectionsExpert from our strategic partner panagenda. It is the perfect complement to DomainPatrol Social.

Get continuous and accurate insight into user behavior in order to maximize the potential of your Connections environment.

 


 

Adoption

Increasing the adoption rate is a big challenge when introducing IBM Connections. ConnectionsExpert has been specifically designed to provide continuous usage and adoption insights.

It reveals approaches to accelerating adoption and is a great source for management reports.

 


 

Analytics

In powerful solutions like IBM Connections, it is not always easy to access, find or even be aware of all the important information one needs in order to utilize the system to its full potential. One of the focus areas of ConnectionsExpert is to perform analytics to reveal these nuggets of vital information, visualize them and make it easy to act on the findings.

 


 

Contact us if you are interested in either of our solutions! 

0

SugarCRM IBM Notes plug-in, no questions asked

Posted by:

Case:
I was involved in a SugarCRM project and one of the requirements was to rollout a widget to IBM Notes sidebar provided by Sugar.

Description:
Problem was that the instructions from Sugar included an option for the user to bail out of the installation,
because of the signatures where not trusted. also the user needs to cross certify with his own Notes id.
(https://support.sugarcrm.com/Documentation/Plug-ins/Lotus_Notes_Plug-in/Notes_Plugin_Installation_Guide_2/index.html)

From the project perspektive this was not OK.

Solution:
I needed to find a way to cross certify in advance, making the installation in the background without giving the user the option to bail out.
I wanted to cross certify with my organizational certifier instead and avoiding questions.

First problem was to find the certifiers.
What I did was to install the plug-in manually in my testenvironment:
I then took the RSA file located in the workspace\applications\eclipse\features catalog
and in the META-INF catalog there is a file called LPI.RSA.

Using OpenSSL using the command
"openssl pkcs7 -in LPI.RSA -print_certs -inform DER -out lpi.cer"
and then opening it in an editor you could se all of the certifiers.
Using the instructions from Sugar as a guideline I tried to cross certify the certificate
that was used by Sugar, which was:
CN=SugarCRM/OU=Software/OU=Digital ID Class 3 – Java Object Signing/O=SugarCRM/L=Cupertino/ST=California/C=US
but when trying to do that I got the message:
"A cross certificate will not be made due to key usage restrictions in the input certificate"

Found a discussion thread indicating that using crosscertification at a higher would do it
(https://www-10.lotus.com/ldd/nd85forum.nsf/0/565f1122814572b3852579f900521ce0?OpenDocument)
so I imported the certificates into Domino Directory:

CN=VeriSign Class 3 Code Signing 2010 CA/OU=Terms of use at https://www.verisign.com/rpa (c)10/OU=VeriSign Trust Network/O=VeriSign, Inc./C=US
VeriSign Class 3 Public Primary Certification Authority – G5/(c) 2006 VeriSign, Inc. – For authorized use only/VeriSign Trust Network/VeriSign, Inc./US
https://knowledge.symantec.com/support/ssl-certificates-support/index?page=content&id=SO14649
https://www.symantec.com/content/dam/symantec/docs/other-resources/roots.zip

and crosscertified them with my Domino Organizational certifier instead, into Domino Directory.

I then pushed these 2 internet cross certificates out to the clients thru my security policy.

After that I included the widget in my widget catalog according to the instructions provided by Sugar and in this case we made a special desktop policy (explicit because it was in the cloud) that installed it for everyone belonging to a Domino group.

Worked perfectly.

0

DomainPatrol Social 11 introducing user roles and IBM Connections 5.5 CR2

Posted by:

 

  • User Roles

  • IBM Connections 5.5 CR2


We are almost at the end of 2016 and we look back on a very positive year here at Infoware. 4 releases of DomainPatrol Social so far and we are not done yet. More to come before 2016 is over.

Let us present DomainPatrol Social 11 with support for IBM Connections 5.5 CR2 were we also introduce user roles! We have added 10 configurable user roles, making it possible to give limited access to DomainPatrol Social (with a configurable subset of functions available for each custom user role)

A common request we hear from our customers is that you want to be able to have different kinds of users roles in DomainPatrol Social. To create a custom user, with access to specific functions of your choice. For example you can create the role Community Manger and give him or her access to only the functions needed for that role. Or you can create any other role you might need.

So contact us today if you want a free trial of the administration tool DomainPatrol Social for IBM Connections. The unique solution for a flexible IBM Connections environment which makes content movable and solves complex user issues.

 



Preview next release due before the end of 2016


Reports – see what you have in your IBM Connections environment. Find unused content and get statistics
Roles – further improvements of the function
Community Templates – further improvements of the function

0
Page 1 of 3 123