Open mic on what's new in domino 9 social edition

®

What's new in IBM Domino 9 Social
Edition

© 2013 IBM Corporation

IBM Software Group | Lotus software

OPEN MIC NOTES/DOMINO TEAM
Shrikant Jamkhandi – Staff Software Engineer
● Presenter

J Rajendran – Notes/Domino Technical advisor
● Focussing on Notes/Domino & SCN

Ranjit Rai – Notes/Domino Technical advisor

Hansraj Mali – Notes/Domino Technical advisor

Vinayak Tavargeri – Notes/Domino support Manager
● Facilitator for Open Mics

04/11/13 @2013 IBM Corporation 2


Agenda

 Security Assertion Markup Language (SAML)
 OAuth (Open standard Authorization)
 Transport Layer Security (TLS)
 Secure Hash Algorithm (SHA-2)
 Program document support for server groups
 Database Management Tool (DBMT)
 Mail routing enhancement
 Additional features
 Serviceability
 OS support
 References
 Q/A



SAML

 What is SAML ?
– XML-based standard for exchanging authentication and authorization data between
parties
– Provides ease of use for end users – reduce the # of password to memorize
– Provides complete SSO coverage across a variety of services, applications and
platforms
– Reduced administration time and cost
 Support for Notes, iNotes and web clients
– Notes Federated Login
– Web Federated Login

 SAML 2.0 is recommended, but SAML 1.1 is also supported

 Identity Providers supported
– IBM Tivoli Federated Identity Manager(TFIM)
– Microsoft ADFS (Active Directory Federation Services) integrated with Active
Directory



SAML Continued.

1) After launching the Notes client, it connects to
Notes ID vault to get the IdP information (Id Vault
configured for SAML authentication) & it sends
client IdP information

2) Client connects to IdP, authenticates the user
via username/password or kerberos credentials.
Once authenticated the client receives a SAML
token.
IBM Software Group3) Client sends SAML token to ID vault.
| Lotus software
4) ID vault validates the token with the IdP.

5) ID Vault sends the ID to the client.

*Once Notes session is completed, no ID
remains. No ID ever stored on local disk.

 This works in CITRIX Environment



SAML Continued..

 True single sign On for Notes
– For Windows users one password can get into:
– OS, Notes, Sidebar widgets and web applications

 Allow user to access external services from Notes
– IBM Sametime chat and meetings
IBM Software Group
– IBM Connections and file share | Lotus software
– Feeds
– Widget and Live Text
– Embedded browser
– Open Social components leveraging the above URLs

 Managed via Domino policies



OAuth

 Open Standard for Authorization

 Domino 9.0 Social edition adds support for OAuth client

 Basis for Embedded experience in Notes/iNotes Mail
– Embedded Experience allow you to access business critical actions from
other application without leaving your email. This brings collaboration in
context and results in tighterGroup | Lotus iNotes, Connections,
IBM Software integration across software
Notes , app dev (Xpages), and 3rd-party products and services

 "Credentials store" in Domino stores OAuth tokens/keys for access to
application



OAuth continued.




OAuth continued...




Transport Layer Security
 Successor to Secure Socket Layer
– An upgrade to SSL 3.0
 Web Server activity protected by
TLS
– Xpages
– Traveler
– iNotes
– ST IBM Software Group | Lotus software
– REST APIs
– Quickr
 Windows only in 9.0
 IBM HTTP Server will act as "front
end" for Domino HTTP server
 Requirement for many
Governments, Agencies and
Contractors



SHA-2 support

 Secure Has Algorithm 2 designed by the National Security Agency
 Covered under (FIPS) 140-2
 Requirement for many Government, Agencies, and Contractors
 SHA-2 is used for X.509 certificate signature verification, S/MIME signed mail,
and TLS (IBM HTTP) for authentication
 No Configuration needed, just works out of the box provided you have a SHA-2
certificate



Program document support for server group

 Create Groups of servers, Groups need to be "Server Only" groups
 Program document can be applied to servers group name
 Migrated/New server with version 9 can be added to the group and all the
standard program documents will be applied straight away




Database Management Tool (DMBT)

 DMBT is used for performing multiple daily/weekly administrative tasks on user's
mail database files
 The DBMT tool relieves the administrator of the need to run the Updall task
 New DBMT task been added
 The dbmt tool does all of the following:
– runs copy-style compact operations
– purges deletion stubs
– expires soft deleted entries
– updates views
– reorganizes folders
– merges full-text indexes
– updates unread lists
– ensures that critical views are created for failover
 The dbmt tool does not compact system databases:
– names.nsf,log.nsf,admin4.nsf,ddm.nsf,lndfr.nsf,events4.nsf,statrep.nsf,dbdirman.nsf,dircat
.nsf,clubusy.nsf,domlog.nsf,cldbdir.nsf,busytime.nsf,catalog.nsf,daoscat.nsf,mtdata/mtstor
e.nsf



Mail routing

 Local Mail Delivery FailOver
– Local Delivery Failover if the destination mail file is unavailable
• Copy-style compact of mail file is in progress
• Fixup of mail file is in progress (Performing consistency check on...)
• Mail file is missing (File does not exist)/Corrupt
– MailFileEnableDeliveryFailover=1 will make router to route mail to replica server
which has replica of the mail db
– More Granular than cluster failover as this on the database level during mail delivery

 Changes to policy settings for return receipts
– Changes to return receipt behavior on both outgoing and incoming mail messages for
notes client users
– Configure the behavior through a combination of policy settings and NOTES.INI settings
on the Domino server
– The settings are configured entirely through NOTES.INI settings for iNotes client users



Additional features

 Protected groups
– Prevents accidental deletion of critical groups, configured via directory profile


 Administration client
– "Last compact date" column has been added to the IBM Domino Administrator 9.0

 64 bit Domino support RHEL/SUSE Linux 64 bit OS



Serviceability

 NSD monitor for Unix
 NSD memory summary for Unix
 Quality of Service Probe (QOS)
– Detects if server is not responding or hung
– Optionally email an administrator and/or automatically terminate the server and
restart it
– QoS, is designed Software Group | Lotusasoftware in order
IBM to react to the general operation of Domino server
to keep that server up and functioning reliably at all times



Operating System support
 AIX family
– AIX 7.1
 IBM i family
– IBM i 6.1, 7.1
 Linux family
– Red Hat Enterprise Linux (RHEL) Server V6 on System z
– Red Hat Enterprise Linux (RHEL) Server V6 on x86-64
– SUSE Linux Enterprise Server (SLES) V11 on System z
– SUSE Linux Enterprise Server (SLES) V11 on x86-64
 Windows family
– Windows Server 2008 Enterprise Edition R2 x86-64
– Windows Server 2008 Standard Edition R2 x86-64
– Windows Server 2012 Datacenter Edition x86-64
– Windows Server 2012 Standard Edition
 We have removed support for Windows 2003 and Solaris from Domino 9 social edition
 There will be a Solaris version of the 8.5.4 server but that won't support the embedded experiences
component. Demand for Solaris has dropped to near zero and hence the support has been
discontinued.
 Still shipping 32 Domino primarily for API and product compatibility


References

 Upgrade Central: Planning your upgrade to IBM Notes and Domino 9.0
Social Edition
http://www.ibm.com/support/docview.wss?uid=swg21623106

 What's New in IBM Domino 9.0 Social Edition
http://www-10.lotus.com/ldd/dominowiki.nsf/dx/Whatapos_New_in_IBM_Domino_9.0_Social_Edition

 What's new in Notes, as well as iNotes, Traveler, and Domino:
http://www-10.lotus.com/ldd/dominowiki.nsf



Q&A

Legal Disclaimer
© IBM Corporation 2013. All Rights Reserved.

The information contained in this publication is provided for informational purposes only. While efforts were made to verify the
completeness and accuracy of the information contained in this publication, it is provided AS IS without warranty of any kind,
express or implied. In addition, this information is based on IBM’s current product plans and strategy, which are subject to change
by IBM without notice. IBM shall not be responsible for any damages arising out of the use of, or otherwise related to, this
publication or any other materials. Nothing contained in this publication is intended to, nor shall have the effect of, creating any
warranties or representations from IBM or its suppliers or licensors, or altering the terms and conditions of the applicable license
agreement governing the use of IBM software.

References in this publication to IBM products, programs, or services do not imply that they will be available in all countries in
which IBM operates. Product release dates and/or capabilities referenced in this presentation may change at any time at IBM’s
sole discretion based on market opportunities or other factors, and are not intended to be a commitment to future product or
feature availability in any way. Nothing contained in these materials is intended to, nor shall have the effect of, stating or implying
that any activities undertaken by you will result in any specific sales, revenue growth or other results. IBM, Lotus, Lotus Notes,
Notes, and Domino are trademarks of International Business Machines Corporation in the United States, other countries, or both.

Microsoft and Windows are trademarks of Microsoft Corporation in the United States, other countries, or Both.
Other company, product, or service names may be trademarks or service marks of others.
All references to renovations.com refer to a fictitious company and are used for illustration purposes only.

THANK YOU

Open mic on what's new in domino 9 social edition

Recomendados

Recomendados

Más contenido relacionado

La actualidad más candente

La actualidad más candente (20)

Destacado

Destacado (6)

Similar a Open mic on what's new in domino 9 social edition

Similar a Open mic on what's new in domino 9 social edition (20)

Open mic on what's new in domino 9 social edition