Download as pdf or txt
Download as pdf or txt
You are on page 1of 1150

software

Lotus Domino 6

Administering the Domino System, Volume 2

Disclaimer
THIS DOCUMENTATION IS PROVIDED FOR REFERENCE PURPOSES ONLY. WHILE EFFORTS
WERE MADE TO VERIFY THE COMPLETENESS AND ACCURACY OF THE INFORMATION
CONTAINED IN THIS DOCUMENTATION, THIS DOCUMENTATION IS PROVIDED AS IS
WITHOUT ANY WARRANTY WHATSOEVER AND TO THE MAXIMUM EXTENT PERMITTED,
IBM DISCLAIMS ALL IMPLIED WARRANTIES, INCLUDING WITHOUT LIMITATION THE
IMPLIED WARRANTIES OF MERCHANTABILITY, NONINFRINGEMENT AND FITNESS FOR A
PARTICULAR PURPOSE, WITH RESPECT TO THE SAME. IBM SHALL NOT BE RESPONSIBLE FOR
ANY DAMAGES, INCLUDING WITHOUT LIMITATION, DIRECT, INDIRECT, CONSEQUENTIAL
OR INCIDENTAL DAMAGES, ARISING OUT OF THE USE OF, OR OTHERWISE RELATED TO,
THIS DOCUMENTATION OR ANY OTHER DOCUMENTATION. NOTWITHSTANDING
ANYTHING TO THE CONTRARY, NOTHING CONTAINED IN THIS DOCUMENTATION OR ANY
OTHER DOCUMENTATION IS INTENDED TO, NOR SHALL HAVE THE EFFECT OF, CREATING
ANY WARRANTIES OR REPRESENTATIONS FROM IBM (OR ITS SUPPLIERS OR LICENSORS), OR
ALTERING THE TERMS AND CONDITIONS OF THE APPLICABLE LICENSE AGREEMENT
GOVERNING THE USE OF THIS SOFTWARE.
Copyright
Under the copyright laws, neither the documentation nor the software may be copied, photocopied,
reproduced, translated, or reduced to any electronic medium or machine-readable form, in whole or
in part, without the prior written consent of IBM, except in the manner described in the documentation or the applicable licensing agreement governing the use of the software.
Copyright IBM Corporation 1985, 2002
All rights reserved.
Lotus Software
IBM Software Group
One Rogers Street
Cambridge, MA 02142
US Government Users Restricted Rights Use, duplication or disclosure restricted by GS ADP
Schedule Contract with IBM Corp.
List of Trademarks
1-2-3, cc:Mail, Domino, Domino Designer, Freelance Graphics, iNotes, Lotus, Lotus Discovery Server,
Lotus Enterprise Integrator, Lotus Mobile Notes, Lotus Notes, Lotus Organizer, LotusScript, Notes,
QuickPlace, Sametime, SmartSuite, and Word Pro are trademarks or registered trademarks of Lotus
Development Corporation and/or IBM Corporation in the United States, other countries, or both.
AIX, AS/400, DB2, IBM, iSeries, MQSeries, Netfinity, OfficeVision, OS/2, OS/390, OS/400, S/390,
Tivoli, and WebSphere are registered trademarks of International Business Machines Corporation in
the United States, other countries, or both. Pentium is a trademark of Intel Corporation in the United
States, other countries, or both. Microsoft, Windows, and Windows NT are registered trademarks of
Microsoft Corporation in the United States, other countries, or both. UNIX is a registered trademark
of The Open Group in the United States and other countries. Java and all Java-based trademarks and
logos are trademarks or registered trademarks of Sun Microsystems, Inc. in the United States, other
countries, or both.
All other trademarks are the property of their respective owners.

Contents
Preface . . . . . . . . . . . . . . . . . . . . . . . xv

Starting and shutting down the Domino


server . . . . . . . . . . . . . . . . . .

Volume 1

4 Setting Up Server-to-Server
Connections . . . . . . . . . . . . . . . . . . . 4-1

1 Deploying Domino . . . . . . . . . . . . 1-1

. . . . . . . . 1-1
Building the Domino environment . . . . . . 1-14
Guidepost for deploying Domino

2 Setting Up the Domino


Network . . . . . . . . . . . . . . . . . . . . . . 2-1

. . . . . . . . . . . 2-1
Network security . . . . . . . . . . . . . . . . . . 2-6
Planning the TCP/IP network . . . . . . . . . 2-10
Planning the NetBIOS network . . . . . . . . 2-26
Planning the IPX/SPX network . . . . . . . . 2-29
Setting up Domino servers on the network . . 2-32
Server setup tasks specific to TCP/IP . . . . 2-43
Server setup tasks specific to NetBIOS . . . . 2-58
Server setup tasks specific to IPX/SPX . . . . 2-61
NOTES.INI settings for networks . . . . . . . 2-64
Lotus Domino and networks

3 Installing and Setting Up


Domino Servers . . . . . . . . . . . . . . . . 3-1

...
Server installation . . . . . . . . . . . . . . . . . .
The Domino Server Setup program . . . . . . .
Installing and setting up Domino servers

Using Domino Off-Line Services (DOLS)


and iNotes Web Access . . . . . .

...
Using the Domino Server Setup program . .
The Certification Log . . . . . . . . . . . . . . .
Server registration . . . . . . . . . . . . . . . .
Optional tasks to perform after server setup . .

3-1
3-3
3-8

...

3-46

. . . . . 4-1
How a server connects to another server . . . 4-4
Internet connections . . . . . . . . . . . . . . . 4-21
Passthru servers and hunt groups . . . . . . 4-23
Planning the use of passthru servers . . . . . 4-25
Setting up a server as a passthru server . . . 4-27
Setting up a server as a passthru destination . . 4-28
Planning for modem use . . . . . . . . . . . . 4-33
Commands for acquire and connect scripts . . 4-53
Connecting Notes clients to servers . . . . . . 4-55
Planning server-to-server connections

5 Setting Up and Managing


Notes Users . . . . . . . . . . . . . . . . . . . 5-1
Setting up Notes users

...............

Adding an alternate language and name


to a user ID . . . . . . . . . . . . . .

...
Setting up client installation for users . . . .
Managing users . . . . . . . . . . . . . . . . . .
License Tracking . . . . . . . . . . . . . . . . .
Custom welcome page deployment . . . . .

5-1
5-38
5-41
5-54
5-85
5-87

3-10

6 Setting Up and Managing


Groups . . . . . . . . . . . . . . . . . . . . . . . 6-1

3-17

Using groups

3-28
3-29
3-34

.....................
Creating and modifying groups . . . . . . . . .
Managing groups . . . . . . . . . . . . . . . . . .
Assiging a policy to a group . . . . . . . . . . .

6-1
6-2
6-8
6-9

iii

7 Creating Replicas and


Scheduling Replication . . . . . . . . . . 7-1

........................
How server-to-server replication works . . . .
Replicas

Guidelines for setting server access to


databases . . . . . . . . . . . . .

......

7-1
7-3
7-5

Setting up a database ACL for


server-to-server replication
Table of replication settings

. . . . . . . . 7-6
. . . . . . . . . . 7-11

Specifying replication settings for one


replica . . . . . . . . . . . . . . . .

....
Scheduling server-to-server replication . . .
Customizing server-to-server replication . .
Specifying replication direction . . . . . . . .
Scheduling times for replication . . . . . . . .
Replicating only specific databases . . . . . .
Replicating databases by priority . . . . . . .
Limiting replication time . . . . . . . . . . . .
Using multiple replicators . . . . . . . . . . .
Refusing replication requests . . . . . . . . . .
Forcing immediate replication . . . . . . . . .
Disabling database replication . . . . . . . . .
Forcing a server database to replicate . . . .
Viewing replication schedules and
topology maps . . . . . . . . .

......

7-17
7-20
7-22
7-23
7-24
7-27
7-28
7-29
7-30
7-31

. . 8-20
9 Using Policies . . . . . . . . . . . . . . . 9-1
Policies . . . . . . . . . . . . . . . . . . . . . . . . . 9-1
Policy hierarchy and the effective policy . . . 9-3
Planning and assigning policies . . . . . . . . . 9-6
Creating policies . . . . . . . . . . . . . . . . . . 9-7
Mail archiving and policies . . . . . . . . . . . 9-22
Managing policies . . . . . . . . . . . . . . . . 9-35
Viewing policy relationships . . . . . . . . . . 9-37
10 Setting Up Domain Search . . . 10-1
Domain Search . . . . . . . . . . . . . . . . . . . 10-1
Planning the Domain Index . . . . . . . . . . 10-4
Creating and updating the Domain Index . 10-14
Customizing Domain Search forms . . . . . 10-18
Setting up Notes users for Domain Search . 10-19
Setting up Web users for Domain Search . 10-20
Using content maps with Domain Search . 10-21
NOTES.INI settings for Domain Search . . 10-23

7-32

11 Setting Up Domino Off-Line


Services . . . . . . . . . . . . . . . . . . . . . 11-1

7-33

Domino Off-Line Services

7-34

12 Planning the Service


Provider Environment . . . . . . . . . . 12-1

7-31

8 Setting Up Calendars and


Scheduling . . . . . . . . . . . . . . . . . . . . 8-1

............
...............

Collecting detailed information from user


calendars . . . . . . . . . . . . . . . .

............

Planning the xSP server environment

....

Using Domino features in a hosted server


environment . . . . . . . . . . . . . .

..

11-1

12-1
12-4

Calendars and scheduling

8-1

Setting up scheduling

8-5

Example of planning a hosted


environment . . . . . .

8-7

13 Setting Up the Service


Provider Environment . . . . . . . . . . 13-1

Setting up the Resource Reservations


database . . . . . . . . . . . . . .

......

Creating Site Profile and Resource


documents . . . . . . . . . .

. . . . . . . . 8-9
Editing and deleting Resource documents . . 8-13
Creating Holiday documents . . . . . . . . . . 8-17
iv Administering the Domino System, Volume 2

.........

Setting up the service provider environment .

12-16

13-1

Installing the first server or additional


servers for hosted environments

13-2

Setting up a hosted organization

...
.......

13-3

Setting up the Domino certificate


authority for hosted organizations
Using policies in a hosted environment

..
...

13-3

15 Setting Up the
Administration Process . . . . . . . . 15-1

13-4

The Administration Process

What happens when you register a hosted


organization? . . . . . . . . . . . . . . .

. 13-5
Example of registering a hosted organization . . 13-8
Registering a hosted organization . . . . . 13-11
Using Internet and Web Site documents in
a hosted environment . . . . . . . . . 13-18
Global Web Settings documents and the
service provider environment . .
Configuring activity logging for billing
hosted organizations . . . . . . .

..

13-21

...

13-23

14 Managing a Hosted
Environment . . . . . . . . . . . . . . . . . 14-1
Maintaining hosted organizations

......

14-1

Adding a hosted organization to an


additional server to provide new
Web applications . . . . . . . . .

14-2

Deleting a hosted organization

14-3

......

Enabling anonymous access to a hosted


organizations database . . . . . .

...

Moving a hosted organization to another


server . . . . . . . . . . . . . . . . . . .
Removing a hosted organization from a
backup or load-balancing server .

Using a browser to access a hosted


organizations Web site . . .

..

14-4
14-4
14-5

..

14-10

...

14-11

.....

14-12

Restoring a hosted environment after a


server crash . . . . . . . . . . . . .

Administration Process support of


secondary Domino Directories

.....

Processing administration requests across


domains . . . . . . . . . . . . . . . . .

..

Setting up ACLs for the Administration


Process . . . . . . . . . . . . . . . . .

..
The Administration Requests database . .
Customizing the Administration Process .
Adminstration Process Statistics . . . . . . .
Administration request messages . . . . . .

Using the Resource Reservations database


in a hosted environment . . . . . . .

.
Viewing hosted organizations . . . . . . . .
Managing users at a hosted organization .
Using the Web Administrator to manage
users at a hosted organization . . .

14-12
14-14
14-14

...........
Installing the Domino Administrator . . . .
Setting up the Domino Administrator . . . .
Starting the Domino Administrator . . . . .
Navigating Domino Administrator . . . . . .

14-15

15-5
15-7
15-8
15-13
15-19
15-29
15-35
15-36

16-1
16-1
16-2
16-2
16-3

Selecting a server to administer in the


Domino Administrator . . . . .

. . . . . 16-4
Setting Domino Administration preferences . . 16-5
Domino Administrator tabs . . . . . . . . . 16-13
Web Administrator . . . . . . . . . . . . . . . 16-17
Setting up the Web Administrator . . . . . 16-17
Starting the Web Administrator . . . . . . . 16-22
Using the Web Administrator . . . . . . . . 16-23
The Server Controller and the Domino
Console . . . . . . . . . . . . . . .

...

16-28

17 Using Domino with


Windows Synchronization Tools . . 17-1
Setting up Windows NT User Manager

15-1

16 Setting Up and Using


Domino Administration Tools . . . 16-1
The Domino Administrator

....
........

Temporarily disabling services for a


hosted organization . . . . . .

..........
Setting up the Administration Process . . . .

Setting policy-based registration options


for use with Notes synchronization

...

17-1

..

17-6

Contents v

Using the Windows NT Performance


Monitor to view Domino . . .

Customizing the Directory Profile

....

17-23

Setting up Domino Active Directory


synchronization . . . . . . . .

. . . . . 17-25
18 Planning Directory Services . . 18-1
Overview of Domino directory services . . . 18-1
Using directory servers in a Domino
domain . . . . . . . . . . . . . . .

.....
Planning LDAP features . . . . . . . . . . . . .
Planning directory access control . . . . . . .
Planning new entries in the Domino
Directory . . . . . . . . . . . . .

.....

Planning the management of entries in the


Domino Directory . . . . . . . . . . . .
Planning directory services for Notes
clients . . . . . . . . . . . . . . .

18-1
18-3
18-7
18-7
18-9

....

18-10

Planning directory services in a


multiple-directory environment

18-12

Directory search order

...
.............

18-15

Planning internationalized directory


services . . . . . . . . . . . . . .

....
Planning directory customization . . . . . .
Directory services terms . . . . . . . . . . . .

18-18
18-19
18-20

19 Setting Up the Domino


Directory . . . . . . . . . . . . . . . . . . . . . 19-1
The Domino Directory

..............

Setting up the Domino Directory for a


domain . . . . . . . . . . . . . . . .

....

19-1
19-2

.....

19-16

Scheduling replication of the Domino


Directory . . . . . . . . . . . . .

. . . . 19-17
20 Setting Up the LDAP Service . . 20-1
The LDAP service . . . . . . . . . . . . . . . . . 20-1
How the LDAP service works . . . . . . . . . 20-2
Setting up the LDAP service . . . . . . . . . . 20-7
Starting and stopping the LDAP service . . . 20-8
Customizing the LDAP service
configuration . . . . . . .

. . . . . . . . . 20-9
Setting up clients to use the LDAP service . 20-34
Using LDAP to search a Domain index . . 20-36
Monitoring the LDAP service . . . . . . . . 20-37
NOTES.INI settings for the LDAP service . 20-41
RFCs supported by the LDAP service . . . 20-42
21 Managing the LDAP Schema . . 21-1
LDAP schema . . . . . . . . . . . . . . . . . . . 21-1
The Domino LDAP schema . . . . . . . . . . . 21-2
The schema daemon . . . . . . . . . . . . . . . 21-5
Domino LDAP Schema database . . . . . . . 21-7
Methods for extending the schema . . . . . 21-10
Extending the schema using the Schema
database . . . . . . . . . . . . . . . .

..
Schema-checking . . . . . . . . . . . . . . . .
Searching the root DSE and schema entry .

21-13
21-18
21-19

NOTES.INI settings related to the schema


daemon . . . . . . . . . . . . . . . . .

Using a central directory architecture in a


Domino domain . . . . . . . . . . . .

..

19-2

. 21-21
22 Using the ldapsearch Utility . . 22-1

Managing Domino Directories in a central


directory architecture . . . . . . . .

..

19-5

Using the ldapsearch utility to search


LDAP directories . . . . . . . .

Controlling access to the Domino


Directory . . . . . . . . . . .
Corporate hierarchies

. . . . . . . 19-9
. . . . . . . . . . . . . 19-13

Setting up Notes clients to use a directory


server . . . . . . . . . . . . . . . . . . .

19-15

vi Administering the Domino System, Volume 2

.....
Table of ldapsearch parameters . . . . . . . .
Using search filters with ldapsearch . . . . .

22-1
22-2
22-4

Using ldapsearch to return operational


attributes . . . . . . . . . . . . . .

22-5

Examples of using ldapsearch

22-6

....
.........

23 Setting Up Directory
Assistance . . . . . . . . . . . . . . . . . . . 23-1

Specifying the Domino Directories for the


Dircat task to aggregate . . . . . . .

. . . . . . . . . . . . . . . 23-1
How directory assistance works . . . . . . . . 23-2
Directory assistance services . . . . . . . . . . 23-3
Directory assistance concepts . . . . . . . . 23-12
Directory assistance and naming rules . . . 23-12
Directory assistance and domain names . . 23-18
Directory assistance and failover for a
directory . . . . . . . . . . . . . . .

Directory assistance

...

23-19

....

24-15

Controlling which information is


aggregated into a directory catalog

24-16

Full-text indexing directory catalogs

.
....

24-25

Planning issues specific to Extended


Directory Catalogs . . . . . . .

....

24-26

Planning issues specific to condensed


Directory Catalogs . . . . . . .

24-29

Multiple directory catalogs

....
..........

24-33

Overview of setting up a condensed


Directory Catalog . . . . . . .

24-34

23-22

The Dircat task

24-45

23-24

Opening the configuration document for a


directory catalog . . . . . . . . . . . . . 24-48

.....
Number of directory assistance databases .
Setting up directory assistance . . . . . . . .
Directory assistance examples . . . . . . . .
Monitoring directory assistance . . . . . . .

23-26

Directory assistance for an Extended


Directory Catalog . . . . . . . .

Directory assistance in conjunction with a


condensed Directory Catalog . . . .
Directory assistance for the primary
Domino Directory . . . . . . .

23-29
23-29
23-51
23-60

24 Setting Up Directory
Catalogs . . . . . . . . . . . . . . . . . . . . . 24-1

.................
Condensed Directory Catalogs . . . . . . . .
Directory catalogs

Directory catalogs on servers compared to


directory assistance for individual
Domino Directories . . . . . . . . . .

..
Extended Directory Catalogs . . . . . . . . . .
Overview of directory catalog setup . . . . .
Planning directory catalogs . . . . . . . . . . .
Directory catalogs and client
authentication . . . . .

..........

Directory catalogs and Notes mail


encryption . . . . . . . . . .

......
Picking the server(s) to run the Dircat task .

24-1
24-2

24-4
24-5
24-8
24-9
24-9
24-14
24-14

.....
..................

. . . . . . . . 24-49
25 Setting Up Extended ACLs . . . 25-1
Extended ACL . . . . . . . . . . . . . . . . . . . 25-1
Monitoring directory catalogs

How other database security features


restrict extended ACL access
settings . . . . . . . . . . . . . . .

. . . . . 25-2
Elements of an extended ACL . . . . . . . . . 25-3
Extended ACL access settings . . . . . . . . . 25-3
Extended ACL subject . . . . . . . . . . . . . . 25-9
Extended ACL target . . . . . . . . . . . . . . 25-12
Extended ACL examples . . . . . . . . . . . 25-19
Extended ACL guidelines . . . . . . . . . . . 25-22
Setting up and managing an extended
ACL . . . . . . . . . . . . . . . . .

...

25-22

26 Overview of the Domino Mail


System . . . . . . . . . . . . . . . . . . . . . . 26-1
Messaging overview

...............

Supported routing, format, and access


protocols . . . . . . . . . . . . . . .

....
The Domino mail server and mail routing . .
Overview of routing mail using Notes
routing . . . . . . . . . . . . . . . .

...

26-1
26-2
26-5
26-17

Contents vii

...

Overview of routing mail using SMTP

26-21

The Domain Name System (DNS) and


SMTP mail routing . . . . . . . .

Mail journaling

. . . 26-25
27 Setting Up Mail Routing . . . . . 27-1
The Domino mail router . . . . . . . . . . . . . 27-1
Planning a mail routing topology . . . . . . . 27-2
Sample mail routing configurations . . . . . 27-9
Creating a Configuration Settings
document . . . . . . . . . . .

27-18

Setting up Notes routing

27-20

......
...........

Configuring Domino to send and receive


mail over SMTP . . . . . . . . . . . .

27-37

Setting up how addresses are resolved on


inbound and outbound mail . . . .

27-42

...
Routing mail over transient connections .

27-58

Configuring Domino to send mail to a


relay host or firewall . . . . . . .

27-59

28 Customizing the Domino


Mail System . . . . . . . . . . . . . . . . . . 28-1

. . . . . . . . . . . . . . . . . 28-1
Controlling messaging . . . . . . . . . . . . . . 28-1
Improving mail performance . . . . . . . . . . 28-2
Controlling message delivery . . . . . . . . . 28-8
Setting server mail rules . . . . . . . . . . . . 28-20
Customizing message transfer . . . . . . . . 28-26
Setting transfer limits . . . . . . . . . . . . . 28-33
Customizing mail

Setting advanced transfer and delivery


controls . . . . . . . . . . . . . . .

...
Customizing Notes routing . . . . . . . . . .
Customizing SMTP Routing . . . . . . . . .
Changing SMTP port settings . . . . . . . .
Restricting SMTP inbound routing . . . . .
Preventing unauthorized SMTP hosts
from using Domino as a relay

....

Enabling DNS blacklist filters for SMTP


connections . . . . . . . . . . . . . .

..

28-39
28-50
28-57
28-58
28-70

. . . . . 28-98
. . . . . . . . . . . . . . . . . 28-105

Restricting outbound mail routing

Setting inbound and outbound MIME and


character set options . . . . . . . . .

. 28-115
29 Setting Up Shared Mail . . . . . . 29-1
Shared mail overview . . . . . . . . . . . . . . 29-1
Setting up shared mail databases . . . . . . . 29-5
Managing a shared mail database . . . . . 29-11
Disabling shared mail . . . . . . . . . . . . . 29-25
30 Setting Up the POP3 Service . . 30-1
The POP3 service . . . . . . . . . . . . . . . . . 30-1
Setting up the POP3 service . . . . . . . . . . 30-2
Setting up POP3 users . . . . . . . . . . . . . . 30-7
31 Setting Up the IMAP Service . . 31-1
The IMAP service . . . . . . . . . . . . . . . . . 31-1
Setting up the IMAP service . . . . . . . . . . 31-4
Customizing the IMAP service . . . . . . . . 31-5
Setting up IMAP users . . . . . . . . . . . . . 31-22
IMAP settings in the server NOTES.INI
file . . . . . . . . . . . . . . . . . . . .

31-39

32 Setting Up iNotes Web


Access . . . . . . . . . . . . . . . . . . . . . . 32-1

. . . . . . . . . . . . . . . . 32-1
iNotes Access for Microsoft Outlook . . . . 32-11
33 Monitoring Mail . . . . . . . . . . . . 33-1
Tools for mail monitoring . . . . . . . . . . . . 33-1
Setting up mail monitoring . . . . . . . . . . . 33-3
Viewing mail usage reports . . . . . . . . . 33-16
iNotes Web Access

34 Setting Up the Domino Web


Server . . . . . . . . . . . . . . . . . . . . . . . 34-1
The Domino Web server

.............

28-75

Setting up a Domino server as a Web


server . . . . . . . . . . . . . . . .

28-86

Setting up WebDAV

viii Administering the Domino System, Volume 2

..

34-1

. . . . . 34-4
. . . . . . . . . . . . . . 34-15

................
Web Site rules and global Web settings . .
Custom Web server messages . . . . . . . .
Improving Web server performance . . . .
Hosting Web sites

Certificates

34-34

Password-protection for Notes and


Domino IDs . . . . . . . . . . .

34-48
34-52

35 Setting Up Domino to Work


with Other Web Servers . . . . . . . . 35-1
Setting up Domino to work with other
Web servers . . . . . . . . . . . . .

.....................

34-17

......

39-2
39-4

Verifying user passwords during


authentication . . . . . . . .

. . . . . . . 39-8
ID recovery . . . . . . . . . . . . . . . . . . . . 39-14
Public key security . . . . . . . . . . . . . . . 39-22

35-1

Using cross-certificates to access servers


and send secure S/MIME messages

39-27

36 Setting Up the Web


Navigator . . . . . . . . . . . . . . . . . . . . 36-1

Adding cross-certificates to the Domino


Directory or Personal Address Book

39-29

....

. . . . . . . . . . . . . . . . 36-1
Setting up a Web Navigator server . . . . . . 36-2
Customizing the Web Navigator . . . . . . . 36-6
The Web Navigator database . . . . . . . . . 36-10
Customizing the Web Navigator database . 36-11
The Web Navigator

Volume 2
37 Planning Security . . . . . . . . . . 37-1

. . . . . . . . . 37-1
. . . . . . . . . . 37-5
. . . . . . . . . . . 37-8
. . . . . . . . . 37-11

Overview of Domino security


The Domino security model
The Domino security team
Security planning checklists

38 Controlling Access to
Domino Servers . . . . . . . . . . . . . . . 38-1
Validation and authentication for Notes
and Domino . . . . . . . . . . . . .
Server access for Notes users, Internet
users, and Domino servers . . .

...

38-1

....

38-2

Setting up Notes user, Domino server,


and Internet user access to a
Domino server . . . . . . . . . . .

. . . . 38-4
Customizing access to a Domino server . . . 38-7
Physically securing the Domino server . . 38-23
39 Protecting and Managing
Notes IDs . . . . . . . . . . . . . . . . . . . . 39-1
Domino server and Notes user IDs

......

39-1

40 Controlling User Access to


Domino Databases . . . . . . . . . . . . 40-1

. . . . . . . . 40-1
Default ACL entries . . . . . . . . . . . . . . . 40-2
Acceptable entries in the ACL . . . . . . . . . 40-4
Configuring a database ACL . . . . . . . . . 40-11
Access levels in the ACL . . . . . . . . . . . 40-13
Access level privileges in the ACL . . . . . 40-16
User types in the ACL . . . . . . . . . . . . . 40-19
Roles in the ACL . . . . . . . . . . . . . . . . 40-20
Managing database ACLs . . . . . . . . . . . 40-22
The database access control list

Using the Administration Process to


update ACLs . . . . . . . . . . .

....

Setting up the Administration Process for


database ACLs . . . . . . . . . . . . .

40-23

40-24

Managing database ACLs with the Web


Administrator . . . . . . . . . . . .

..
......
Enforcing a consistent access control list .
Setting up database access for Internet users .

40-24

Editing entries in multiple ACLs

40-25

Maximum Internet name-and-password


access . . . . . . . . . . . . . . . . . .

..

40-28
40-30
40-30

41 Protecting User Workstations


with Execution Control Lists . . . . . 41-1
The execution control list

............

41-1

Contents ix

The administration ECL

.............

41-6

42 Setting Up
Name-and-Password and
Anonymous Access to Domino
Servers . . . . . . . . . . . . . . . . . . . . . . 42-1

SSL port configuration

46-14

Managing server certificates and


certificate requests . . . .

.......

46-20

...

42-1

.....

42-6

47 Setting Up Clients for


S/MIME and SSL . . . . . . . . . . . . . . 47-1

Multi-server session-based
name-and-password authentication
for Web users (single sign-on) . . .

.
Managing Internet passwords . . . . . . . .
Anonymous Internet/intranet access . . .
Validation and authentication for
Internet/intranet clients . .

46-11

Authenticating Web SSL clients in


secondary Domino and LDAP
directories . . . . . . . . . . . . .

Name-and-password authentication for


Internet/intranet clients . . . . . .
Session-based name-and-password
authentication for Web clients

.....
.............

Default Domino SSL trusted roots

......

SSL and S/MIME for clients


42-12
42-24
42-25
42-27

43 Encryption and Electronic


Signatures . . . . . . . . . . . . . . . . . . . 43-1

.....................
Mail encryption . . . . . . . . . . . . . . . . . .
Electronic signatures . . . . . . . . . . . . . . .
Encryption

43-1
43-4
43-9

44 Setting Up a Domino
Server-Based Certification
Authority . . . . . . . . . . . . . . . . . . . . 44-1
Domino server-based certification
authority . . . . . . . . . . .

.......

44-1

Setting up a server-based Domino


certification authority . . .

.......

44-5

45 Setting Up a Domino 5
Certificate Authority . . . . . . . . . . . 45-1

....
Setting up a Domino 5 certificate authority . .
Using a Domino 5 certificate authority

....

..........

46-25

47-1

Setting up Notes and Internet clients for


SSL authentication . . . . . . . . .

. . . 47-3
Internet certificates for SSL and S/MIME . . 47-5
Setting up Notes clients for S/MIME . . . . 47-13
Dual Internet certificates for S/MIME
encryption and signatures . .

....

Setting up Notes and Internet clients for


SSL client authentication . . . . .

..

47-17
47-18

Using SSL when setting up directory


assistance for LDAP directories

. . . 47-23
48 Rolling Out Databases . . . . . . 48-1
Database design, management, and
administration . . . . . . . . .

......
Rolling out a database . . . . . . . . . . . . . .
Copying a new database to a server . . . . .
Creating a Mail-In Database document for
a new database . . . . . . . . . . . . .

..
Adding a database to the Domain Index . .
Signing a database or template . . . . . . . .

48-1
48-1
48-4
48-5
48-7
48-7

45-1

49 Organizing Databases on a
Server . . . . . . . . . . . . . . . . . . . . . . . 49-1

45-1

Organizing databases on a server

.......

49-1

46 Setting Up SSL on a Domino


Server . . . . . . . . . . . . . . . . . . . . . . . 46-1

50 Setting Up and Managing


Full-text Indexes . . . . . . . . . . . . . . 50-1

.....................
Setting up SSL on a Domino server . . . . . .

Full-text indexes for single databases

SSL security

46-1
46-2

x Administering the Domino System, Volume 2

....

50-1

51 Setting Up Database
Libraries and Catalogs . . . . . . . . . 51-1
Database libraries

.................

Creating a database library and assigning


librarians . . . . . . . . . . . . . . . .

..
Publishing databases in a library . . . . . . .
Database catalogs . . . . . . . . . . . . . . . . .
Setting up a servers database catalog . . . .

51-1
51-2
51-3
51-4
51-5

52 Monitoring the Domino


Server . . . . . . . . . . . . . . . . . . . . . . . 52-1

. . . . . . . . 52-1
Monitoring events on the Domino system . . 52-2
Event generators . . . . . . . . . . . . . . . . . 52-3
Event handlers . . . . . . . . . . . . . . . . . . 52-14
Viewing an event report . . . . . . . . . . . . 52-20
Monitoring the Domino system

Viewing event messages, causes, and


solutions . . . . . . . . . . . . . .

....

.
Statistics and the Domino system . . . . . .
Platform statistics . . . . . . . . . . . . . . . .
Using the Domino Administrator to
monitor statistics . . . . . . .

.....
Charting statistics . . . . . . . . . . . . . . . .
Domino server monitor . . . . . . . . . . . .
Profiles and the Domino server monitor .

Working with Server Health Monitor


statistics . . . . . . . . . . . . . .

....
Activity Trends . . . . . . . . . . . . . . . . .
Setting up Activity Trends . . . . . . . . . .
Activity Trends server and statistics
profiles . . . . . . . . . . . . . .

.....
Resource balancing in Activity Trends . . .
Setting up resource balancing in Activity
Trends . . . . . . . . . . . . . . . . . .

...........
Configuring the Domino SNMP Agent . . .
The Domino SNMP Agent

54-1
54-2
54-3
54-5
54-6
54-8
54-13
54-17
54-18
54-22
54-26

54-27

.....

54-34

52-24

Analyzing resource-balancing
distributions . . . . . . .

54-37

52-26

Domino Change Manager

........
...........

54-48

52-31

ACLs for the Domino Change Control


database . . . . . . . . . . . . . . .

54-51

52-36

Resource-balancing plans

54-53

52-40

Setting up plan documents for resource


balancing . . . . . . . . . . . . . . .

52-20

52-21

52-43

53 Using the Domino SNMP


Agent . . . . . . . . . . . . . . . . . . . . . . . 53-1

Troubleshooting the Domino SNMP


Agent . . . . . . . . . . . . . . .

...
Server Health Monitor . . . . . . . . . . . . . .
Table of Server Health Monitor statistics . .
Table of Server Health Monitor ratings . . .
Server Health Monitor configuration . . . . .
Using the Server Health Monitor . . . . . . .
IBM Tivoli Analyzer for Lotus Domino

Understanding resource-balancing
behavior . . . . . . . . . . . . .

Customizing the appearance of the


Domino server console and Domino
Administrator console . . . . . . . .

Using the Domino MIB with your SNMP


management station . . . . . . . . .

54 Using IBM Tivoli Analyzer


for Lotus Domino . . . . . . . . . . . . . 54-1

53-1
53-8

53-21

.....

53-24

...
...........
..

54-61

55 Transaction Logging and


Recovery . . . . . . . . . . . . . . . . . . . . 55-1

...............
How transaction logging works . . . . . . . .
Planning for transaction logging . . . . . . .
Transaction logging

Setting up a Domino server for


transaction logging . . .

.........
Changing transaction logging settings . . . .

55-1
55-3
55-4
55-5
55-7

Contents xi

Disabling transaction logging for a


specific database . . . . . . . .

. . . . . . 55-8
View logging . . . . . . . . . . . . . . . . . . . . 55-9
Using transaction logging for recovery . . . 55-9
Fault recovery . . . . . . . . . . . . . . . . . . 55-10
56 Using Log Files . . . . . . . . . . . . 56-1
The Domino server log (LOG.NSF) . . . . . . 56-1
Controlling the size of the log file
(LOG.NSF) . . . . . . . . . .

.......
Logging Domino Web server requests . . . .

56-1
56-8

The Domino Web server log


(DOMLOG.NSF) . . .

. . . . . . . . . . . 56-8
Domino Web server logging to text files . . 56-10
57 Setting Up Activity Logging . . 57-1

. . . . . . . . . . . . . . . . . . 57-1
The information in the log file . . . . . . . . . 57-1
Configuring activity logging . . . . . . . . . 57-12
Viewing activity logging data . . . . . . . . 57-13
58 Maintaining Databases . . . . . . 58-1
Database maintenance . . . . . . . . . . . . . . 58-1
The Files tab in the Domino Administrator . . 58-2
Monitoring replication of a database . . . . . 58-6
Replication or save conflicts . . . . . . . . . . 58-8
Monitoring database activity . . . . . . . . . 58-11
Updating database indexes and views . . . 58-14
Managing view indexes . . . . . . . . . . . . 58-23
Activity logging

Synchronizing databases with master


templates . . . . . . . . . . . . .

....
Fixing corrupted databases . . . . . . . . . .
Using Fixup . . . . . . . . . . . . . . . . . . .
Moving databases . . . . . . . . . . . . . . . .
Deleting databases . . . . . . . . . . . . . . .
Database analysis . . . . . . . . . . . . . . . .

58-24
58-25
58-26
58-33
58-36
58-37

xii Administering the Domino System, Volume 2

59 Maintaining Domino Servers . . 59-1

. . . . . . . . . . . . . . . . . 59-1
Decommissioning a Domain Search server . 59-12
Uninstalling a Domino partitioned server . 59-13
Managing servers

60 Improving Server
Performance . . . . . . . . . . . . . . . . . 60-1
Improving Domino server performance
Tools for measuring server performance

...
..

Improving basic server performance and


capacity . . . . . . . . . . . . . . . . .

..

60-1
60-2
60-3

Improving partitioned server performance


and capacity . . . . . . . . . . . . . . .

60-5

Improving Agent Manager performance

60-6

Improving database and Domino


Directory performance . . .
Tips for tuning mail performance

.
..

. . . . . . . 60-9
. . . . . . 60-11

Improving Windows NT and Windows


2000 server performance . . . . .

60-13

Improving UNIX server performance

60-14

..
...

61 Improving Database
Performance . . . . . . . . . . . . . . . . . 61-1
Setting advanced database properties

....

61-1

Database properties that optimize


database performance . . .

. . . . . . . 61-3
The database cache . . . . . . . . . . . . . . . . 61-9
Controlling database size . . . . . . . . . . . 61-12
Tools for monitoring database size . . . . . 61-13
Monitoring database size . . . . . . . . . . . 61-13
Compacting databases . . . . . . . . . . . . . 61-13
Ways to compact databases . . . . . . . . . . 61-16
Database size quotas . . . . . . . . . . . . . . 61-23
Deleting inactive documents . . . . . . . . . 61-25
Using an agent to delete and archive
documents . . . . . . . . . . . .

61-27

Allowing more fields in a database

61-29

....
.....

62 Using Server.Load . . . . . . . . . . 62-1

.....................
Server.Load agents . . . . . . . . . . . . . . . .
Server.Load metrics . . . . . . . . . . . . . . .
Server.Load

62-1
62-4
62-7

Setting up clients and servers for


Server.Load . . . . . . . . .

. . . . . . . 62-12
Idle Workload script . . . . . . . . . . . . . . 62-14
R5 IMAP Workload test . . . . . . . . . . . . 62-15
R5 Simple Mail Routing test . . . . . . . . . 62-20
R5 Shared Database test . . . . . . . . . . . . 62-24
SMTP and POP3 Workload test . . . . . . . 62-26
Web Idle Workload test . . . . . . . . . . . . 62-30
Web Mail test . . . . . . . . . . . . . . . . . . 62-31
63 Troubleshooting . . . . . . . . . . . 63-1
Troubleshooting the Domino system . . . . . 63-1
Troubleshooting tools . . . . . . . . . . . . . . 63-2
Overview of server maintenance . . . . . . . 63-6
Server maintenance checklist . . . . . . . . . . 63-6
Backing up the Domino server . . . . . . . . . 63-7
Administration Process
Troubleshooting . .

............

Agent Manager and agents


Troubleshooting . . . . .

........
Database performance Troubleshooting .
Directories Troubleshooting . . . . . . .
Mail routing Troubleshooting . . . . . .
Meeting and resource scheduling
Troubleshooting . . . . . . . . .

63-8
63-12
63-16
63-21
63-36

....

63-45

.....
Platform statistics Troubleshooting . . .

63-48

Modems and remote connections


Troubleshooting . . . . . . . .

Network connections over NRPC


Troubleshooting . . . . . . . . .
Network dialup connections
Troubleshooting . . . . .

..
Passthru connections Troubleshooting .
Replication Troubleshooting . . . . . . .
Partitioned servers Troubleshooting

63-78
63-79
63-80

You see the message Database is not


fully initialized yet . . . . . .

. . . . 63-89
Server access Troubleshooting . . . . . . 63-91
Server crashes Troubleshooting . . . . . 63-96
Transaction logging Troubleshooting . 63-102
Web server, Web Navigator, and the Web
Administrator Troubleshooting

. 63-104
Server.Load Troubleshooting . . . . . . . 63-110
Appendix A Server Commands . . A-1
Appendix B Server Tasks . . . . . . . B-1
Appendix C NOTES.INI File . . . . . C-1
Appendix D System and
Application Templates . . . . . . . . . D-1
Appendix E Customizing the
Domino Directory . . . . . . . . . . . . . . E-1
Appendix F Administration
Process Requests . . . . . . . . . . . . . . F-1
Appendix G Novell Directory
Service for the IPX/SPX Network . . G-1
Appendix H Accessibility and
Keyboard Shortcuts in Domino
Administrator . . . . . . . . . . . . . . . . . H-1
Appendix I Server.Load
Command Language . . . . . . . . . . . . I-1
Appendix J Server.Load Scripts . . . J-1
Index . . . . . . . . . . . . . . . . . . . . . . Index-1

63-52

....

63-55

........

63-74

Contents xiii

Preface
The documentation for IBM Lotus Notes, IBM Lotus Domino, and IBM
Lotus Domino Designer is available online in Help databases and, with the
exception of the Notes client documentation, in print format.

License information
Any information or reference related to license terms in this document is
provided to you for your information. However, your use of Notes and
Domino, and any other IBM program referenced in this document, is solely
subject to the terms and conditions of the IBM International Program
License Agreement (IPLA) and related License Information (LI) document
accompanying each such program. You may not rely on this document
should there be any questions concerning your right to use Notes and
Domino. Please refer to the IPLA and LI for Notes and Domino that is
located in the file LICENSE.TXT.

System requirements
Information about the system requirements for Lotus Notes and Domino is
listed in the Release Notes.

Printed documentation and PDF files


The same documentation for Domino and Domino Designer that is available in online Help is also available in printed books and PDF files.
You can order printed books from the IBM Publications Center at
www.ibm.com/shop/publications/order.
You can download PDF files from the IBM Publications Center and from
the Documentation Library at the Lotus Developer Domain at
www-10.lotus.com/ldd.

Related information
In addition to the documentation that is available with the product, other
information about Notes and Domino is available on the Web sites listed
here.

IBM Redbooks are available at www.redbooks.ibm.com.

xv

A technical journal, discussion forums, demos, and other information is


available on the Lotus Developer Domain site at
www-10.lotus.com/ldd.

Table of conventions
This table lists conventions used in the Notes and Domino documentation.
Convention

Description

italics

Variables and book titles are shown in italic type.

monospaced type

Code examples and console commands are


shown in monospaced type.

file names

File names are shown in uppercase, for example


NAMES.NSF.

hyphens in menu names


(File - Database - Open)

Hyphens are used between menu names, to show


the sequence of menus.

Structure of Notes and Domino documentation


This section describes the documentation for Notes, Domino, and Domino
Designer. The online Help databases are available with the software
products. Print documentation can be downloaded from the Web or
purchased separately.
Release Notes
The Release Notes describe new features and enhancements, platform
requirements, known issues, and documentation updates for Lotus Notes 6,
Lotus Domino 6, and Lotus Domino Designer 6. The Release Notes are
available online in the Release Notes database (README.NSF). You can
also download them as a PDF file.
Documentation for the Notes client
The Lotus Notes 6 Help database (HELP6_CLIENT.NSF) contains the
documentation for Notes users. This database describes user tasks such as
sending mail, using the Personal Address Book, using the Calendar and
Scheduling features, using the To Do list, and searching for information.
Documentation for Domino administration
The following table describes the books that comprise the Domino Administration documentation set. The information in these books is also found
online in the Lotus Domino Administrator 6 Help database
(HELP6_ADMIN.NSF).
The book Installing Domino Servers ships with Domino. The other books are
available for purchase, or for free download as PDF files.

xvi Administering the Domino System, Volume 2

Title

Description

Upgrade Guide

Describes how to upgrade existing Domino servers and


Notes clients to Notes and Domino 6. Also describes how
to move users from other messaging and directory
systems to Notes and Domino 6.

Installing Domino
Servers

Describes how to plan a Domino installation; how to


configure Domino to work with network protocols such
as Novell SPX, TCP/IP, and NetBIOS; how to install
servers; and how to install and begin using Domino
Administrator and the Web Administrator.

Administering the
Domino System,
Volumes 1 and 2

Describes how to register and manage users and groups,


and how to register and manage servers including
managing directories, connections, mail, replication,
security, calendars and scheduling, activity logging,
databases, and system monitoring. This book also
describes how to use Domino in a service provider
environment, how to use Domino Off-Line Services, and
how to use IBM Tivoli Analyzer for Lotus Domino.

Administering Domino
Clusters

Describes how to set up, manage, and troubleshoot


Domino clusters.

Documentation for Domino Designer


The following table describes the books that comprise the Domino Designer
documentation set. The information in these books is also found online in
the Lotus Domino Designer 6 Help database (HELP6_DESIGNER.NSF)
with one exception: Domino Enterprise Connection Services (DECS) Installation
and User Guide is available online in a separate database, DECS User Guide
Template (DECSDOC6.NSF). The printed documentation set also includes
Domino Objects posters.
In addition to the books listed here, the Domino Designer Templates Guide is
available for download in NSF or PDF format. This guide presents an
in-depth look at three commonly used Designer templates: TeamRoom,
Discussion, and Documentation Library.
Title

Description

Application Development with


Domino Designer

Explains how to create all the design elements


used in building Domino applications, how to
share information with other applications, and
how to customize and manage applications.

Domino Designer Programming Introduces programming in Domino Designer and


Guide,
describes the formula language.
Volume 1: Overview and
Formula Language
continued
Preface xvii

Title

Description

Domino Designer Programming Describes the LotusScript/COM/OLE classes for


access to databases and other Domino structures.
Guide,
Volumes 2A and 2B:
LotusScript/COM/OLE Classes
Domino Designer Programming Provides reference information on using the Java
and CORBA classes to provide access to databases
Guide,
Volume 3: Java/CORBA Classes and other Domino structures.
Domino Designer Programming Describes the XML and JSP interfaces for access to
Guide,
databases and other Domino structures.
Volume 4: XML Domino DTD
and JSP Tags
LotusScript Language Guide

Describes the LotusScript programming language.

Domino Enterprise Connection


Services (DECS) Installation
and User Guide

Describes how to use Domino Enterprise


Connection Services (DECS) to access enterprise
data in real time.

Lotus Connectors and


Connectivity Guide

Describes how to configure Lotus Connectors for


use with either DECS or IBM Lotus Enterprise
Integrator for Domino (LEI). It also describes how
to test connectivity between DECS or LEI and an
external system, such as DB2, Oracle, or Sybase.
Lastly, it describes usage and feature options for
all of the base connection types that are supplied
with LEI and DECS. This online documentation
file name is LCCON6.NSF.

Lotus Connector LotusScript


Extensions Guide

Describes how to use the LC LSX to


programmatically perform Lotus
Connector-related tasks outside of, or in
conjunction with, either LEI or DECS. This online
documentation file name is LSXLC6.NSF.

IBM Lotus Enterprise


Integrator for Domino (LEI)
Installation Guide

Describes installation, configuration, and


migration information and instructions for LEI.
The online documentation file names are
LEIIG.NSF and LEIIG.PDF. This document is for
LEI customers only and is supplied with LEI, not
with Domino.

IBM Lotus Enterprise


Integrator for Domino (LEI)
Activities and User Guide

Provides information and instructions for using


LEI and its activities. The online documentation
file names are LEIDOC.NSF and LEIDOC.PDF.
This document is for LEI customers only and is
supplied with LEI, not with Domino.

xviii Administering the Domino System, Volume 2

Security

Chapter 37
Planning Security
This chapter includes information you need to know before setting up
security and provides lists to help you plan security at your organization.

Overview of Domino security


Setting up security for your organization is a critical task. Your security
infrastructure is critical for protecting your organizations Domino
resources and assets. As an administrator, you need to give careful
consideration to your organizations security requirements before you set
up any Domino servers or Notes users. Upfront planning pays off later in
minimizing the risks of compromised security.
Use the following tasks to guide you through your security planning:

Know the business.

Identify assets and threats (risk analysis).

Develop strategies to protect your computing environment.

Develop incident-handling procedures.

Plan and deliver employee training.

Keep processes current.

Know the business


This is the process of understanding your organizations business
requirements and the service levels that need to be met. Identify all of the
components of the business, including those that are not your direct
responsibility. Include new acquisitions and any recent spin-offs. As part
of this process, identify the trusted network and the non-trusted
network. In some cases an extranet may be an extension of a trusted
network.

37-1

Once you have an understanding of the business requirements, you can


then begin to plan the specifics of your Domino infrastructure, including:

Will more than one Domino domain be needed, or will the new
domain need to interact with existing domains?

What is the best method to expose Domino data to the Internet?

What service levels are needed to support the business?

Who should have what level of access to the Domino Directory?

Identify assets and threats (risk analysis)


Identify the value of the assets you are trying to protect. Applications in
your organization have different values. For example, in most
organizations, the availability of the e-mail infrastructure is essential to
business, but instant availability of all previous e-mails is less important.
Then identify the threats from an internal as well as external perspective.
Make sure you understand the potential loss to your organization in the
event that any one of the threats is successful. Finally, determine the
probability of the threat. For example, an automated attack from a
compromised system is a near certainty, a server room failure from water
damage is a distinct possibility, while the theft of a servers hard drive
from the data center is usually not likely.
There are many different types of threats to any computing
infrastructure:

Environmental destruction

Automated attacks or hackers on the Internet

Automated attacks from compromised systems in your intranet

Interfaces with less secure systems

Mistakes made by untrained or poorly trained users and


administrators

Data interception or alteration for criminal profit

Malicious activity by former employees

You should also understand the Domino security model, in order to


better understand the Domino assets you need to protect and how they
can be protected. For more information, see the topic The Domino
security model later in this chapter.

37-2 Administering the Domino System, Volume 2

Once you understand the potential threats to your Domino environment,


you can create policies to protect each part of your Domino computing
infrastructure. This may include developing policies for the following
areas:

Limits on physical access to your servers

Network access and protection

Messaging infrastructure, through the use of execution control lists


and anti-virus products

Application security, through encryption and ACL management

Encryption key management, including ID recovery

Change control, through the use of the Domino Change Manager (or
you can build your own)

User training for organizational security rules and technology

Security incident reporting

For more information on change control, see the chapter Using IBM
Tivoli Analyzer for Lotus Domino.

Develop incident handling procedures


An incident is an unplanned and unexpected event that requires
immediate action to prevent a loss of business, assets, or public
confidence. All security plans must have an incident handling
component, as well as a feedback component for how incidents have
been handled. Feedback helps to keep security plans and policies current.
Note One of the best documents that describes the importance of
incident handling is the National Institute of Standards and Technologys
Contingency Planning Guide for Information Technology Systems (NIST
Special Publication 800-34).
Incident handling includes:

Incident reporting plans and methods

Response procedures for each incident type

Incident response tests

Planning Security 37-3

Security

Develop strategies to protect your computing environment

Once you have your incident-handling plans in place, you will be better
able to determine your requirements for:

Domino logging

Domino HTTP logging

Domino backup and restoring

Parameters for Domino event monitoring

For more information on the Domino server and Web server logs, see the
chapter Using Log Files.
For information on backing up Domino, see the chapter Troubleshooting.
For more information on event monitoring, see the chapter Monitoring
the Domino Server.

Plan and deliver employee training


Make sure that your users know that security is everyones
responsibility. Based on your business needs, your should train your
users on:

Domino security basics

Notes IDs and how to them

Notes Execution Control Lists and Execution Security Alerts

Use of encryption and how to encrypt a mail message

Who to call in the event of a problem or a security incident

Note The National Institute of Standards and Technology published a


document about the relationship among security awareness, training,
and education, titled Information Technology Security Training
Requirements: A Role- and Performance-Based Model (NIST Special
Publication 800-16).

Keep processes current


This step is normally the most difficult, but is as critical as any of the
other steps. Take the time to establish a program that will review security
processes and procedures on a regular basis. Be sure to link the review to
employee training. If changes are made, then employee training may
need to be updated.

37-4 Administering the Domino System, Volume 2

The Domino security model is based on the premise of protecting


resources, such as the Domino server itself, databases, workstation data,
and documents. The resources, or objects, that are being protected are set
up to define the rights of users to access and change the object.
Information about access rights and privileges are stored with each
protected resource. Thus, a given user or server may have different sets
of access rights, depending on the resources to which that user or server
requires access.
The following includes brief descriptions of the various resources that
you need to protect in a Domino environment. Some of the topics are not
specific to Domino security, but are included here in the interest of
thoroughness.

Physical security
Physically securing servers and databases is equally as important as
preventing unauthorized user and server access. It is the first line of
defense against unauthorized or malicious users, by preventing them
from having direct access to your Domino servers. Therefore, we
strongly recommend that you locate all Domino servers in a ventilated,
secure area, such as a locked room. If servers are not physically secure,
unauthorized users might circumvent security features for example,
ACL settings and access applications directly on the server, use the
operating system to copy or delete files, or physically damage the server
hardware itself.
Physical network security concerns should also include disaster planning
and recovery.

Operating system security


Unauthorized or malicious users often take advantage of operating
system vulnerabilities. As a system administrator, you should safeguard
the operating system on which your Domino server runs. For example,
you should limit administrator login/rights, disable FTP (on NT), and
avoid the use of mapped directory links to file servers or shared NAS
server for Domino servers. Stay informed about your operating system of
choice, and keep current with security updates and patches.

Planning Security 37-5

Security

The Domino security model

Network security
The goal for securing your network is to prevent unauthorized users
from gaining access to servers, users, and data. Physical network security
is beyond the scope of this book, but you must set it up before you set up
Notes and Domino connection security. Physical network security is
established through the use of devices such as filtering routers,
firewalls, and proxy servers that enable network connections for
various network services (such as LDAP, POP3, FTP, and STMP) that
you want to provide for your users. Network connection security access
is also controlled using these devices, as you can define what connections
can be accessed, and who is authorized to used them.
Properly configured, these devices prevent unauthorized users from:

Breaking through into the network and accessing the server via the
operating system and its native services (such as file sharing).

Impersonating an authorized Notes user

Eavesdropping on the network to collect data

Server security
The Domino server is the most critical resource to secure and is the first
level of security that Domino enforces after a user or server gains access
to the server on the network. You can specify which users and servers
have access to the server and restrict activities on the server for
example, you can restrict who can create new replicas and use passthru
connections.
You can also restrict and define administrator access, by delegating
access based on the administrator duties and tasks. For example, you can
enable access to operating system commands through the server console
for system administrators, and grant database access to those
administrators who are responsible for maintaining Domino databases.
If you set up servers for Internet/intranet access, you should set up SSL
and name-and-password authentication to secure network data
transmitted over the network and to authenticate servers and clients.
For more information, see the topic Server security later in this chapter.
ID security
A Notes or Domino ID uniquely identifies a user or server. Domino uses
the information contained in IDs to control the access that users and
servers have to other servers and applications. One of the responsibilities
of the administrator is to protect IDs and make sure that unauthorized
users do not use them to gain access to the Domino environment.

37-6 Administering the Domino System, Volume 2

For more information, see the topic Notes and Domino ID security
later in this chapter.
You can also secure Notes user IDs with Smartcards. Smartcards reduce
the threat of user ID theft, as a user who has a Smartcard needs their user
ID, their Smartcard, and their Smartcard PIN to access Notes.
For more information on Smartcards, see Lotus Notes 6 Help.
Application security
Once users and servers gain access to a Domino server, you can use the
database access control list (ACL) to restrict access that specific users and
servers have to individual Domino applications on the server. In
addition, to provide data privacy, encrypt the database with an ID so
unauthorized users cannot access a locally stored copy of the database,
sign or encrypt mail messages users send and receive, and sign the
database or template to protect workstations from formulas.
For more information on database ACLs, see the topic Application
security later in this chapter.
Application design element security
Although users may have access to an application, they may not have
access to specific design elements in the application for example,
forms, views, and folders. When designing a Domino application, an
application developer can use access lists and special fields to restrict
access to specific design elements.
For more information on securing design elements, see the topic
Application design element security later in this chapter.
Workstation data security
Notes users may keep and use important applications and information
on their workstations. This information can be protected through the use
of an execution control lists (ECL), which defines the access that active
content from other users has to the user workstation.
For more information on execution control lists, see the topic
Workstation data security later in this chapter.

Planning Security 37-7

Security

Some sites may require multiple administrators to enter passwords before


gaining access to a certifier or server ID file. This prevents one person
from controlling an ID. In such cases, each administrator should ensure
each password is secure to prevent unauthorized access to the ID file.

The Domino security team


Every organization should have a security team that is responsible for
building, implementing, and managing the security infrastructure. The
team provides central security focus, so that everyone is looking at the
problems and solutions in the same way. However, departments in your
organization also need to be involved in developing the questions and
the answers for implementation of your Domino security system.

Getting started
You need to develop a set of security documentation for your
organization. There are four basic types of security documents needed
for any security implementation:

Policies are the driving documents for the business. These are
typically high level statements about the security needs of the
business. Your organization probably already has policy documents
for the organization as a whole. You build and, if necessary, expand
on these to develop the security policies for your Domino
environment.

Guidelines provide overall guidance on how to support and


maintain security in the enterprise.

Standards are established rules on what will and will not happen in
an enterprise. Audits may cover all four types of documents, but the
auditor will really focus on the standards set down by a company.
Standards typically cover things like minimum password strength,
password expiration intervals, server operating systems and physical
environments, Internet and dial-in access controls, background
checks for administrators, and auditing requirements.

Procedures typically include specific steps on how to implement


security within an enterprise. This will be the bulk of your Domino
security documentation, covering everything from how to control
Domino and X.509 certifiers to what to do when users have forgotten
their Notes or Internet passwords to what steps to take when an
employee leaves an organization. Procedures are developed after the
security framework is in place.

The Domino security team is responsible for initial direction, feedback,


and auditing of these documents. The team must include representatives
from each department within the enterprise. With this approach, the
security documents created will meet the needs of the entire company.
This has the added benefit of creating buy-in from the participating
departments.

37-8 Administering the Domino System, Volume 2

Role

Responsibility

CEO

The CEO needs to be a virtual member of the team.


Security must flow from the both the top-down and
the bottom-up.

CIO / CTO

All technology officers need to be members of the


team. It is appropriate for these members to
delegate their role to someone else, as long as the
delegate has the authority to make decisions.

Security officer

This person will be the driver of security in the


organization.

Representatives from each These representatives specify business needs and


requirements. They must have decision-making
functional department
authority.
Accounting

They will provide the information for risk analysis.

IT Department

These team members can translate business needs


and requirements into technology.

HR / Training

HR needs to assist with user training. HR is also


involved with background checks, privacy of
personal information, and termination policies and
procedures.

Legal

These team members provide information on the


legal implications of anything to do with
employees, risk management, or publication of
information.

Documentation experts/
technical writers

This group creates and edits the documents.

Incident Response Team

This team will handle incidents that are not covered


by implemented security practices.

Communication specialists Communication to the end users about security is


critical.
Domino administrators

Provide expertise on the Domino computing


environment.

Leveraging end users


Your users are a critical part of your security implementation. You
should communicate to them the importance of your security planning
efforts, as well as security guidelines and standards that you develop.
Technology alone cannot keep your organization secure. Your users are
as important as any firewall or certificate authority in ensuring the
success of your security infrastructure.
Planning Security 37-9

Security

Most companies will have a matrix of responsibility similar to the one


below:

One way to involve users in security planning is to conduct a survey to


determine the level of enterprise security that users expect, as well as the
assets they feel should be protected. An anonymous survey is a good
way to discover security issues that users may not be willing to express
openly.
Note The most respected and commonly used standard source for
security policies and procedures is the ISO17799 standard. The National
Institute for Standards and Technology has multiple guidelines for
developing security policies, standards, and procedures, including
information about ISO I7799.

The core team


Once the framework is built, implement the core security team, which
should include the following people:
Server administrators
Server administrators are responsible for managing the overall health
and well-being of Domino servers. A major responsibility of a server
administrator includes defining and managing server access lists and
server restrictions, both for Notes clients and Web users. In large
organizations, administration duties may be delegated among several
server administrators. In small organizations, a server administrator
might serve as the Domino certification administrator and the database
manager for system databases, such as the Domino Directory and the log
file (LOG.NSF). A server administrator might also be responsible for
creating and maintaining File Protection documents for HTTP access and
implementing other Web-related security measures.
It is a best practice to separate Domino server administration from
operating system server administration, if your organizations IT
structure allows this.
You can define several levels of administrator for your organization,
depending on the access required to various administration resources.
For example, you can set up an administrator for remote console access
only, or for system administration access only. These levels of
administrative access are defined in the Server document on the Domino
server.
For more information on setting up administrator access to a Domino
server, see the chapter Controlling Access to Domino Servers.

37-10 Administering the Domino System, Volume 2

Certificate authority administrators


Certificate authority administrators create and manage Domino
server-based certification authorities and Domino 5 certificate
authorities. They have access to all certifier ID files. For the server-based
certification authority, CA administrators can delegate user registration
and certificate approval to registration authorities. Otherwise, they are
responsible for approving and issuing Internet server and client
certificates. Since certification is the cornerstone of Notes and Domino
security, delegate responsibility for it with the utmost care.
For more information on the server-based certification authority, see the
chapter Setting Up a Domino Server-Based Certification Authority.
Registration authority administrators
The registration authority role is new for Domino 6 and is unique to the
server-based certification authority. A registration authority can register
new Notes users and Domino servers without requiring access to the
certifier ID and password. Registration authorities can also recertifiy
users and, for Internet certifiers, approve client certificate requests and
revoke certificates.
For more information on the registration authority role, see the chapter
Setting Up a Domino Server-Based Certification Authority.

Security planning checklists


An important aspect of planning security for your Domino environment
is understanding the tasks and features involved with securing each type
of resource.

Server security

Application security

Application design element security

Notes and Domino ID security

Workstation security

Planning Security 37-11

Security

Database managers
Database managers are responsible for one or more Lotus Notes
databases or database applications. A major responsibility of a database
manager includes managing database access control lists (ACLs). Some
organizations will use the concept of a database owner for management
of sensitive data.

Server security
To secure Domino servers, you allow and prevent user and server access.
In addition, you restrict the activities that users and servers may perform
on the server.
Task

Use

Choose an internal or
external Internet
certificate authority

Set up a certifier that will be used to issue Internet


certificates in your organization.

Cross-certify Notes
Allow Notes users and Domino servers in different
user IDs and Domino
hierarchically certified organizations to ascertain the
server and certifier IDs identity of users and servers in other Notes
organizations.
Allow or deny access to Specify which Notes users, Internet clients, and
a server
Domino servers are authorized to access the server.
Allow anonymous
server access

Give server access to Notes users and Domino servers


outside of the organization without issuing a
cross-certificate.

Allow anonymous
Determine whether Internet/intranet users are
Internet/Intranet client allowed to access the server anonymously.
access
Secure the server with
name-and-password
authentication

Identify Internet and intranet users accessing the


server and control access to applications based on the
user name.

Enable session-based
authentication

Allow Web browser clients to authenticate and


maintain state with the server by using cookies. using
session-based name-and-password authentication.
Session-based authentication lets administrators
provide a customized sign-in form and configure
session expiration to log users off the server after a
specified period of inactivity. Also provides capability
for single single-on between Domino and WebSphere
servers, using the same cookie.

Controlling the level of Specify the level of refinement that the server should
authentication for Web use when searching for names and authenticating
clients
Web users.
Limit access to create
new databases,
replicas, or templates

Allow specified Notes users and Domino servers to


create databases and replica databases on the server.
Limiting this access avoids a proliferation of databases
and replicas on the server.

Control access to a
servers network port

Allow specified Notes users and Domino servers to


access the server over a port.
continued

37-12 Administering the Domino System, Volume 2

Use

Encrypt servers
network port

Encrypt data sent from the servers network port to


prevent network eavesdropping.

Password protect the


server console

Prevent unauthorized users from entering commands


at the server console.

Restrict administrator
access

Assign different types of administrator access to


individuals based on the tasks they need to do on the
Domino server.

Restrict server agents

Specify which Notes users and Domino servers are


allowed to run which kinds of agents on the server.

Restrict passthru access Specify which Notes users and Domino servers can
access the server as a passthru server and specify the
destinations they may access.
Restrict server access
by browser users
running Java or
JavaScript programs

Specify which Web browser users can use Domino


ORBs to run Java or JavaScript programs on the
server.

Secure the server with


SSL

Set up SSL security for Internet/intranet users to


authenticate the server, encrypt data, prevent message
tampering, and, optionally, authenticate clients. This
is mandatory for e-commerce and secure
business-to-business messaging.

Set mail router


restrictions

Restrict mail routing based on Domino domains,


organizations, and organizational units.

Set inbound SMTP


restrictions

Restrict inbound mail to prevent Domino from


accepting unwanted commercial e-mail.

Use S/MIME

Use S/MIME to encrypt outgoing mail. This is often


mandatory for secure business-to-business messaging.

Prevent relaying
through MTA

Enhance SMTP router security.

Use file protection


documents

Specify who can access files for example, HTML,


GIF, or JPEG on a servers hard drive.

Authenticate Internet
clients using a
secondary Domino
Directory or LDAP
directory

Authenticate Web clients who use


name-and-password or SSL client authentication in
secondary Domino or LDAP Directories marked as
trusted by your domain.

Authenticate Web
clients for a specific
realm

Allow Web users to access a certain drive, directory,


or file on a Domino server and prevent Domino from
prompting users for a name-and-password for
different realms.
continued
Planning Security 37-13

Security

Task

Task

Use

Locate the server in a


secure area

Prevent unauthorized access to unencrypted data and


server and certifier IDs that are stored on the servers
hard drive.

Secure the server


console with a
Smartcard

Prevent unauthorized access to the server console by


requiring the use of a Smartcard to log in to Domino.

Use a firewall to protect Control unauthorized access to a private network


access to a server
from the public Internet.

For more information on securing Domino servers, see the chapter


Controlling Access to Domino Servers.

Application security
Restrict access to Domino applications to prevent unauthorized users
from gaining access to information.
Task

Use

Use the ACL to restrict


application access

Control Notes and Internet/intranet user


and Domino server access to an application.

Enforce a consistent ACL

Protects databases and templates on the


server by forcing all changes to the ACL at a
single location.

Encrypt applications

Prevent unauthorized users from accessing


an application locally on a server or
workstation.

Sign an application or template

Identify the creator of an application or


template. When a user accesses the
application, the signature is checked to
determined whether the action is allowed.
For example, on a Domino server the Agent
Manager verifies the signature of an agent
and checks whether the signer has the rights
to perform the action. On a Notes client, the
signature is checked against the signers
rights in the workstation ECL.

Encrypt incoming and outgoing


Notes mail

Ensure that only the intended recipient can


read mail.

Electronically sign mail messages Verify that the person who sends the
message is the author and that no one has
tampered with the data.

For more information on securing Domino applications, see the chapter


Controlling User Access to Databases.
37-14 Administering the Domino System, Volume 2

Application design element security


An application developer can further restrict access to design elements
within an application using the Domino Designer. Application design
security takes effect once users gain access to an application.
Task

Use

Create Read access lists for views

Specify which Notes and Internet/intranet


users can see a view

Create Read and Edit access lists


for folders

Specify which Notes and Internet/intranet


users can see a folder or update the
contents of a folder

Create Read and Edit access lists


for forms

Specify which Notes and Internet/intranet


users can create, modify, or read
documents created with a form

Create Readers and Authors fields Specify which Notes and Internet/intranet
users can create, modify, or read specified
documents
Create signed fields

Verify that the Notes user who originated


the data is the author and that no one has
tampered with the data

Create encrypted fields

Control which Notes users can access a


field in a form

Create hidden fields

Control which Notes and Internet/intranet


users can access a field in a form

Create Read and Edit access lists


for sections

Specify which Notes and Internet/intranet


users can access a section in a document

For more information on securing application design elements, see the


book Application Development with Domino Designer.

Planning Security 37-15

Security

For more information on securing Notes mail, see the chapter


Encryption and Electronic Signatures.

Notes and Domino ID security


To prevent unauthorized access to servers and applications, secure Notes
and Domino IDs. These tasks apply only to Notes users and Domino
servers.
Task

Use

Require a password for all


user and server IDs

Prevent an unauthorized user from using an


illicitly obtained ID to authenticate with a server

Enforce password quality


testing for IDs

Prevent unauthorized users from guessing


passwords

Assign multiple passwords


to server and certifier IDs

Require multiple users to enter passwords before


gaining access to the ID file to prevent one
person from controlling a server or certifier ID

Compare a password with


Prevent an unauthorized user from using an
the password stored in the
illicitly obtained ID to authenticate with a server
Domino Directory and
require users to change their
passwords periodically
Compare a Domino public
key with the public key
stored in the Domino
Directory

Prevent an unauthorized user from using an


illicitly obtained ID to authenticate with a server

Recover lost or damaged IDs Regain access to a user ID file instead of issuing
a new ID
Set up a security settings
policy document

Manage Notes and Internet password properties,


such as password synchronization and
expiration settings, on an organizational level

Lock the user ID after x


minutes of inactivity

Automatically log off servers to prevent an


unauthorized user from using the workstation

Use F5 to log off

Immediately log off servers to prevent an


unauthorized user from using the workstation

Save user IDs on a disk


Physically protect user IDs
instead of on the workstation
and keep disks in a safe
place
Locate workstations in a
Prevent unauthorized access to the ID files
secure area for example, a
locked room
Install Smartcard readers on
user workstations and have
users log in to Notes with
Smartcards

Physically protect user IDs and private Internet


keys

37-16 Administering the Domino System, Volume 2

Workstation data security


To prevent unauthorized access to user workstation information and
applications, secure Notes user workstations.
Task

Use

Configure the Administration ECL Prevent unauthorized users from gaining


and deploy to client workstations. access to data and applications on client
workstations, by defining authorized users
and authorized actions
Set up a security settings policy
document

Use security settings policy documents to:


Set up and configure one or more
administration ECLs
Specify how and when you want
workstation ECLs to be refreshed or
replaced

Encourage users to use operating


Discourage unauthorized workstation
system and screen saver passwords access
Encourage users to shut off
workstations before leaving

Discourage unauthorized workstation


access

For more information on execution control lists, see the chapter


Protecting User Workstations with Execution Control Lists.

Security policies
Domino policies are a way of distributing administrative settings,
standards, and configurations to users, groups, or entire organizations. A
policy is a collection of administrative settings that addresses an
administrative area, such as security. You then use this document to
establish and enforce administrative standards, and to distribute them
throughout the organization. In addition, you can easily modify and
maintain standards across an organization by simply editing a settings
document.
You can set up a security settings document to manage and deploy
execution control lists (ECLs) and Notes and Internet password settings
and synchronization. As these two areas of security are user-specific and
are frequently changed by users, you can use a security policy to enforce
settings for these areas across the organization, and control the extent to
which users can adjust or change these settings.
For more information, see the chapter Using Policies.
Planning Security 37-17

Security

For more information on execution control lists, see the chapter


Protecting and Managing Notes IDs.

Setting up an Internet certificate authority


A critical area in security planning is determining whether and how to
set up a certificate authority to issue Internet certificates. A certificate
authority (CA), or certifier, is a trusted administration tool that issues
and maintains digital certificates. Certificates verify the identity of an
individual, a server, or an organization, and allow them to use SSL to
communicate and to use S/MIME to exchange mail. Certificates are
stamped with the certifiers digital signature, which assures the
recipients of the certificate that the bearer of the certificate is the entity
named in the certificate.
Certifiers can also issue trusted root certificates, which allow clients and
servers with certificates created by different CAs to communicate with
one another.
Note Its important to distinguish between Notes certifiers and Internet
certifiers. When you install and set up the first Domino server in a
domain, a Notes certifier is automatically set up to issue Notes
certificates to Notes clients. These certificates are essential for Notes
clients to authenticate with a Domino server and for Domino servers to
authenticate one another. Hence Notes certifiers are important even in an
environment with all Web clients. An Internet certifier, such as those
discussed here, issues Internet (X.509) certificates, which are required for
secure communication over the Internet. You set up Internet certifiers on
an as-needed basis.
Choosing the right Internet certifier for your organization
You have several options for setting up an Internet certifier for your
organization (for the rest of this topic, all references to certifier mean
Internet certifier). You can use a third-party commercial certifier, such
as VeriSign, or you can use one of the two types of Domino Internet
certifiers. There are advantages and disadvantages involved with each
type of certifier; the choice you make should be determined by business
requirements of your organization, as well as the time and resources
available for managing the certifier.

37-18 Administering the Domino System, Volume 2

Domino certifier

Avoid the expenses that a third-party certifier charges


to issue and renew client and server certificates.
Many administrators are already familiar with
Domino, they will not require additional training that
would be needed to use a third-party certifier.
Easier and quicker to set up and deploy new
certificates as needed.

Third-party certifier Can simplify client configuration. If you get certificates


from a certifier that is pre-configured as trusted by the
(VeriSign, RSA, etc.)
browsers you use, it saves a step in client
configuration.
Similarly, if the certifier is pre-configured as trusted in
the mail clients of the external businesses with which
you are exchanging S/MIME mail, it will save them a
configuration step.

Domino Internet certifiers: server-based certification authority vs.


Domino 5 certificate authority
You can choose to set up a Domino certification authority that uses the
server-based CA process, or a Domino 5 certificate authority, which uses
a CA key ring.
Server-based
certification
authority

Administrators can manage both Notes and Internet


certifiers through the CA process.
Issues Internet certificates that are compliant with
security industry standards (such as X.509v3 and
PKIX).
Does not require administrator access to the certifier
ID and ID password in order to register users and
servers. This allows administrators to delegate these
tasks without potentially compromising the certifier.
Supports the PKIX registration authority (RA) role,
which allows administrators to delegate the certificate
approval/denial process.
Issues certificate revocation lists (CRLs), which
contain information about revoked or expired Internet
certificates.
Required if you plan to use the Web Administrator
client to register Notes users.

Domino 5 certificate Provides a simple means by which to set up an


authority
Internet certifier for testing or demonstration
purposes.

Planning Security 37-19

Security

Internet certifiers: Domino vs. third-party

Using both types of Domino Internet CAs in a domain


It is possible to have both types of certifiers CA process and CA key
ring in a domain. However, you must be careful not to have one
certifier that uses both a key ring and the CA process to issue Internet
certificates. A CA process-enabled certifier tracks the certificates that it
issues in an Issued Certificate List, a database accessible to all servers in a
domain. On the other hand, a key ring-style certifier creates logs on
whatever workstation on which it is used, so there is no centralized list of
issued certificates (just multiple partial lists). Therefore, any certificates
issued using the CA process wont be recognized by a CA key ring, just
as any certificates that were created using a CA key ring file wont be
recognized by the CA process.
This is a problem for Internet certifiers especially, because it is possible to
revoke Internet certificates in server-based certification authorities. To
revoke an Internet certificate, however, you must select it in the ICL. If
the certificate was initially issued using a key ring, it wont appear in the
ICL, so it cannot be revoked.
Therefore, it is strongly advised that you choose one way to operate
CA process or CA key ring for each certifier.

37-20 Administering the Domino System, Volume 2

Security

Chapter 38
Controlling Access to Domino Servers
This chapter includes information on setting up a Domino server to allow
users and other servers to access it.

Validation and authentication for Notes and Domino


Whenever a Notes client or Domino server attempts to communicate
with a Domino server to replicate, route mail, or to access a database,
two security procedures use information from the client or server ID to
verify that the client or server is legitimate. Validation establishes trust of
the clients public key. If validation occurs successfully, authentication
begins. Authentication verifies user identity, and uses the public and
private keys of both the client and the server in a challenge/response
interaction.

Rules that guide trust of public keys


Validation uses these three rules to establish the trust of a public key.
Domino validates the client that is trying to access the server and the
server that the client is trying to access.
1. Trust the public key of any of the server or clients ancestors in the
hierarchical name tree because the ancestors public key is stored in
the server or clients ID file.
2. Trust any public key obtained from a valid certificate issued by any
of the server or clients ancestors in the hierarchical name tree.
3. Trust any public key certified by any trusted certifier and belonging
to one of the certifiers descendants.

How validation and authentication work


This example describes how validation and authentication work together
to ensure the security of the system. In this example, user Randi
Bowker/Marketing/East/Acme (the client) wants to access
Mail-E/East/Acme (the server).
1. Mail-E reads the Acme public key from Mail-Es ID file. According to
the first rule above, Mail-E trusts the public key assigned to Acme.
38-1

2. Randi sends Mail-E information in her user ID. Mail-E reads Randis
user ID for the certificate issued by Acme to East. Mail-E uses the
Acme public key, which it now trusts, to verify that the East
certificate is valid. According to the second rule above, if the
certificate is valid, Mail-E trusts the public key assigned to East.
3. Mail-E then reads Randis user ID for the certificate issued by
East/Acme to Marketing. Mail-E uses the East/Acme public key to
verify that the Marketing/East/Acme certificate is valid. Again, the
second rule states that Mail-E now trusts the public key assigned to
Marketing/East/Acme.
4. Mail-E reads Randis user ID for the certificate issued by
Marketing/East/Acme to Randi. Mail-E uses the
Marketing/East/Acme public key, which it now trusts, to verify that
Randis certificate is valid. According to the third rule above, if the
certificate is valid, Mail-E trusts the public key assigned to Randi.
5. After Mail-E establishes trust of Randis public key, the
authentication process begins.
6. Mail-E sends a random number challenge to Randi.
7. Randis workstation encrypts the challenge with her private key and
sends the newly encrypted number back to Mail-E.
8. Mail-E uses Randis public key to decrypt the response. If this yields
the original challenge, Mail-E knows Randi is who she claims to be.
9. The process is then reversed. Randis workstation validates Mail-Es
public key by processing Mail-Es certificates and then uses the
challenge/response procedure just described to authenticate the
server.

Server access for Notes users, Internet users, and Domino servers
To control user and server access to other servers, Domino uses the
settings you specify on the Security tab in the Server document as well as
the rules of validation and authentication. If a server validates and
authenticates the Notes user, Internet user, or server, and the settings in
the Server document allow access, the user or server is allowed access to
the server.
Grant server access to users and servers who need to access resources
stored on the server. Deny access to prevent specified users and servers
from having access to all applications on the server.

38-2 Administering the Domino System, Volume 2

For more information, see the topic Setting up Notes user, Domino
server, and Internet user access to a Domino server later in this chapter.

Types of server access controls


Server access list
The server access list controls the access that Notes users, Domino
servers, and users who access the server using Internet protocols (HTTP,
IMAP, LDAP, POP3) have to that server. Keep in mind that using a
server access list activates an additional security code and can, therefore,
increase the time required to access the server.
For more information, see the topic Setting up Notes user, Domino
server, and Internet user access to a Domino server in this chapter.
Deny access list
The deny access list denies access to Notes users and Internet clients you
specify. For example, use a deny access list to prevent access by users
who no longer work for your company but who may still have their
Notes user IDs, or who still have a Person document in the Domino
Directory with a legitimate Internet password and would otherwise be
able to access the server using an Internet protocol.
For more information, see the topic Setting up Notes user, Domino
server, and Internet user access to a Domino server in this chapter.
Notes ID lock out
Notes ID lock out denies access to Notes users you specify. Like a deny
access list, Notes ID lock out prevents access by users who no longer
work for your company but who may still have their user IDs. Using
Notes ID lock out is useful when you want to prevent other users from
looking at a deny access list to see a list of users who have been
terminated from your organization.
For more information, see the topic Denying Notes users access to all
servers in a domain later in this chapter.
Anonymous access
Anonymous access lets Notes users and Domino servers access the server
without having the server validate and authenticate them. Use
anonymous access to provide the general public with access to servers
for which they are not cross-certified. When you set up anonymous
Controlling Access to Domino Servers 38-3

Security

Access settings in the Server document control server access for both
Notes and Internet users. By default, the Server access settings apply
only to Notes clients. You can enable these settings for each of the
Internet protocols through the Ports tab of the Server document.

server access, Domino does not record the names of users and servers in
the log file (LOG.NSF) or in the User Activity dialog box.
When users attempt to connect to a server set for anonymous access and
the server cant authenticate them, they see this message:
Server X cannot authenticate you because the servers Domino
Directory does not contain any cross-certificates capable of
authenticating you. You are now accessing the server anonymously.
You can also set up Internet clients to access servers anonymously. For
more information on setting up anonymous access for Internet/intranet
clients, see the chapter Setting Up Name-and-Password and
Anonymous Access to Domino Servers.
Network port access
Network port access allows or denies access to specified Notes users and
Domino servers, based on the network port they try to use. For example,
you can deny access to Alan Jones/Sales/East/Acme when he dials into
the server but allow access when he uses TCP/IP to connect to the server.
For more information, see the topic Controlling access to a specific
server port later in this chapter.

Setting up Notes user, Domino server, and Internet user access to a


Domino server
You can specify Notes users and Domino servers that are allowed to
access the server, as well as users who access the server using Internet
protocols (HTTP, IMAP, LDAP, POP3). If your system uses multiple
Domino Directories, Domino searches only the first Domino Directory
specified in the Names setting in the NOTES.INI file for Notes users. If
you have enabled the server access settings for Internet protocols, you
can also specify users from secondary Domino directories and external
LDAP directories in the Allow or Deny access lists.
Note It is not necessary to specify Anonymous for the Access server
and Not access server fields. Anonymous access for Notes users is
enabled through the Allow anonymous Notes connections field, and
anonymous access for Internet users is enabled in the Internet Site
document for each Internet protocol (or the Server document if you are
not using Internet Sites to configure Internet protocols).

38-4 Administering the Domino System, Volume 2

Frequent Users, *

For more information on creating groups, see the chapter Setting Up


and Managing Groups.

To set up Notes user and Domino server access to a Domino server


1. From the Domino Administrator, click Configuration and open the
Server document.
2. Click the Security tab.
3. In the Server Access section, complete one or more of these fields,
and then save the document:
Field

Enter

Access server

Click the check box to allow server access to users listed in


all trusted directories. This box is disabled by default. If
this option is not selected, then only those users specified
in the field below the check box can access the server.
In the drop-down field that appears below the check box,
add the names of specific Notes users, servers, and groups
to whom you want to give access to the server, such as:
Names of users, servers, and groups.
An asterisk (*) to allow all users in the Domino
Directory to have access. This is the same as enabling
the Users listed in all trusted directories field.
An asterisk, followed by a certificate name for
example, */Sales/East/Acme to allow all users
certified by a particular certifier to have access.
An asterisk followed by the name of the view for
example, *($Users) to allow all names that appear in
a specific view in the Domino Directory to have access.
Access time is quicker if you specify a group name
rather than a view name.
The default value for this field is blank, which means that
all users can access the server.
Separate multiple names with a comma or semicolon.
continued

Controlling Access to Domino Servers 38-5

Security

Tip To improve log-in performance for a group of frequent users and


still allow access to everyone listed in the Domino Directory, create a
group named Frequent Users and then enter that group name first in the
Access server field. If Domino finds a user in the Frequent Users group
first, it doesnt check the Domino Directory for the individual name. For
example, enter the following in the Access server field:

Field

Enter

Not access
server

Any of these:
Names of users, servers, and groups.
An asterisk, followed by a certificate name for
example, */Sales/East/Acme to deny access to all
users certified by a particular certifier.
An asterisk followed by the name of the view for
example, *($Users) to deny access to all names that
appear in a specific view in the Domino Directory.
Access time is quicker if you specify a group name
rather than a view name.
The default value for this field is blank, which means that
all names entered in the Access server field can access
the server.
Names entered in the Not access server field take
precedence over names entered in the Access server
field. For example, if you enter a group name in the
Access server field and enter the name of an individual
member of this group in the Not access server field, the
user will not be able to access the server.
Note An alternative way to deny Notes user access to a
server is to lock out an individual users ID from the
server.
Separate multiple names with a comma or semicolon.

Trusted
servers

Names of servers that are trusted to assert the identities of


users to this server, and thus are trusted by the current
server to have authenticated those users. Used for remote
agent access and xSP.

To enable Server document access settings for Internet protocols


1. From the Domino Administrator, click Configuration and open the
Server document.
2. Click Ports - Internet Ports.
3. Choose the Internet protocol tab for which you want to enable server
access settings.
4. In the field Enforce server access settings, select Yes.

38-6 Administering the Domino System, Volume 2

After you set up basic access for Notes users and Domino servers, you
can customize access to restrict specific users and servers to specific
activities. To customize access to a server, you can do any of these:

Deny Notes users access to all servers in a domain.

Restrict administrator access.

Set up anonymous server access.

Control access to a specific server port.

Control creation of databases, replicas, and templates.

Control use of headline monitors.

Control access to a passthru server or passthru destination.

Control agents that run on a server.

Control access by browser clients that use Java and Javascript

Controlling Web browser access to files

Controlling the level of authentication for Internet clients

Create a Domino Web Server Application Programming Interface


(DSAPI) filter to customize the authentication of Web users. For
more information about DSAPI and filters, see the Lotus C API
Toolkit for Domino and Notes. The most current toolkit is available
at http://www.lotus.com/techzone.

Denying Notes users access to all servers in a domain


To deny Notes users access to all servers in a domain, lock out their user
IDs and enable password checking. When locked-out users try to access
the server, Domino tries to verify the passwords they enter by comparing
them against those stored in Person documents. Domino denies the users
access because their IDs are locked out.
This procedure applies only to Notes users. It does not apply to Internet
users attempting to access a Domino server.
Its better to lock out user IDs instead of adding a group to the Not
access server field. Using ID lockout ensures that users cannot view a
list of names that have been denied server access.
1. Make sure that the Administration Process is set up and that you
have Editor access in the ACL of the Domino Directory.
2. From the Domino Administrator, click the People & Groups tab, and
select the Person documents of users to whom you want to deny
access.
Controlling Access to Domino Servers 38-7

Security

Customizing access to a Domino server

3. Choose Actions - Set Password Fields, and then click Yes when
prompted to continue.
4. In the Check Notes password field, select Lockout ID, and then
click OK.
5. Click the Configuration tab, open the Server document for the server
to which you want to deny user access, and then click the Security
tab.
6. In the Security Settings section, select Enabled for the Check
passwords on Notes IDs field.
7. Repeat Step 4 for each server to which you want to deny the user
access.

Restricting administrator access


You can specify various access levels for different types of administrators
in your organization. For example, you may want to give only a few
people system administrator access, while all of the administrators on
your team are designated as database administrators.
Administrator access rights are granted hierarchically. The privilege
hierarchy looks like this:

Full access administrator gets all rights and privileges of all


administration access levels listed.

Administrator gets all rights and privileges of database


administrator and full-console administrator (but not system
administrator).

Full console administrator gets rights and privileges of view-only


console administrator (but not system administrator)

System administrator gets rights and privileges of restricted


system administrator

You do not need to list a user individually in each field. Adding a user to
the highest level of administrator access automatically grants that user all
privileges listed for more restricted access levels below in the hierarchy.
To restrict administrator access
1. From the Domino Administrator, click the Configuration tab, and
open the Server document.
2. Click the Security tab.
3. In the Administrators section, complete one or more of these fields,
and then save the document.

38-8 Administering the Domino System, Volume 2

Note With the exception of the Administrators field, all of these


fields are blank by default, meaning that no one has these access
rights.
Field

Action

Enter the names of administrators who have full access to


Full access
administrators administer the server. This is the highest level of
administrative privilege. For more information, see below.
Administrators Enter the names of administrators who can administer the
server. The default value for this field is the name of the
administrator who initially set up the server.
Administrators listed here have the following rights:
Manager access to the Web Administrator database
(WEBADMIN.NSF).

Create, update, and delete folder and database links


Create, update, and delete directory link ACLs
Compact and delete databases
Create, update, and delete full text indexes
Create databases, replicas, and Master Templates
Get and set certain database options (for example,
in/out of service, database quotas, and so on)

Use message tracking and track subjects


Use the console to remotely administer UNIX servers
Issue any remote console command
Database
Enter the names of administrators who will be responsible
administrators for administering databases on the server. Note that
database administrators are not automatically granted
Manager access to databases on the server, nor do they
have any access to the Web Administrator database. Users
listed here have the following rights only:

Create, update, and delete Folder and Database links


Create, update, and delete directory link ACLs
Compact and delete databases
Create, update, and delete full text indexes
Create databases, replicas, and Master Templates
Get and set certain database options (e.g., in/out of
service, database quotas, etc.)
continued

Controlling Access to Domino Servers 38-9

Security

For all of these fields, you can specify individual hierarchical names,
groups, and wildcards (for example, */Sales/Acme). Separate
multiple entries with commas.

Field

Action

Full remote
Enter the names of administrators who can use the remote
console
console to issue commands to this server.
administrators
Enter the names of administrators who can use the remote
View-only
administrators console to issue only those commands that provide system
status information, such as SHOW TASKS and SHOW
SERVER
View-only administrators cannot issue commands that
affect the servers operation.
Enter the names of administrators who are allowed to
System
administrators issue a full range of operating system commands to the
server.
The type and range of commands depends on the server
operating system. For example, if the Domino server is an
NT server, then these administrators can issue NT
commands at the system command level prompt.
Similarly, administrators for a UNIX server would be able
to issue UNIX commands.
Note This feature requires that you run the Domino
server controller on the server machine. For more
information, see the topic The Server Controller and
Domino Console in the chapter Setting Up and Using
Domino Administration Tools.
Enter the names of administrators who are allowed to
Restricted
issue only the operating system commands that are listed
system
administrators in the Restricted System Commands field (see below).
Note This feature requires that you run the Domino
server controller on the server machine. For more
information, see the topic The Server Controller and
Domino Console in the chapter Setting Up and Using
Domino Administration Tools.
Restricted
system
commands

Enter the subset of operating system commands that


Restricted System Administrators can issue. The type and
range of commands depends on the server operating
system and the tasks that restricted system administrators
need to do.
For example, you may want to have a restricted system
administrator for managing UNIX print queues. Enter the
UNIX commands for managing print queues in this field.
Any names you enter in the Restricted system
administrators field will then have access to these
commands only.
continued

38-10 Administering the Domino System, Volume 2

Action

Administer the
server from a
browser
(pre-Domino 6
servers only)

This setting applies only to pre-Domino 6 servers for the


purposes of backwards compatibility. The Domino 6 Web
Administrator client will only work with Domino 6
servers. In the case where an Domino 5 to Domino 6, those
servers that have not been upgraded will still need to have
this setting in their Server documents so they can use
earlier versions of the Web Administrator.

Caution Administrators who are listed in the Full Access


Administrators, Administrators, and Database Administrators fields on
the Security tab of a server document are allowed to delete any database
on that server, even if they are not listed as managers in the database
ACL.

Full access administrators


Full access administrator is the highest level of administrative access to
the server. The full access administrator feature replaces the need to run
a Notes client locally on a server. It resolves access control problems
for example, such as those caused when the only managers of a database
ACL have left an organization.
Full access administrators have the following rights:

All the rights as listed for all administrator access levels (see above).

Manager access, with all roles and access privileges enabled, to all
databases on the server, regardless of the database ACL settings.

Manager access, with all roles and access privileges enabled, to the
Web Administrator database (WEBADMIN.NSF).

Access to all documents in all databases, regardless of Reader names


fields.

The ability to create agents that run in unrestricted mode with full
administration rights.

Access to any unencrypted data on the server.


Note Full access administrator does not allow access to encrypted
data. The use of the specified users private key is required to
decrypt documents that are encrypted with public keys. Similarly, a
secret key is required to decrypt documents encrypted with secret
keys.

Controlling Access to Domino Servers 38-11

Security

Field

Enabling full access administrator mode


In order to work in full access administrator mode, an administrator
must:

Be listed in the Full Access Administrators field in the


Administrators section of the Security tab in the Server document. By
default, this field is empty.

Enable Full Access Administration mode in the Administrator


client by selecting Administration - Full Access Administration. If
this mode is not enabled, then users will not have full administrator
access to the server, even if they are listed as a full access
administrator in the Server document. They will instead be granted
Administrator rights.

When full access administrator mode is enabled, the clients window


title, tab title, and status bar indicate this. This is to remind users that
they are accessing the server with the highest level of privilege and
should therefore proceed with caution.
If an administrator enables full administration mode in the
Administration client, this mode is also enabled for the Domino Designer
and for the Lotus Notes clients. Full administrator access is also reflected
in their window titles, tab titles, and status bars.
If a user attempts to switch to full access administrator mode, but is not
listed as one in the Server document, the user is denied full access and a
message appears in the status bar and on the server console. The client
will be in full access mode, but that user will not have full administrator
access to that particular server. If the user attempts to switch servers, that
persons access is checked against the server document of the new server.
Disabling the full access administrator feature
You can disable the Full Access Administrators field by setting
SECURE_DISABLE_FULLADMIN = 1 in the NOTES.INI file. This setting
disables full access adminstrator privilege and overrides any names
listed in that field in the Server document. This NOTES.INI parameter
can only be set by a user with physical access to the server who can edit
the NOTES.INI file for the server. This parameter cannot be set using the
server console, the remote console, or set in the Server document.

38-12 Administering the Domino System, Volume 2

Create a special Full Admin ID file for example, Full


Admin/Sales/Acme and only put that name in the Full Admin
field. You must then either log in with or switch to this user ID in
order to gain this level of access. Optionally, you could set up this ID
file to require multiple passwords.

Create an OU-level certifier for granting full administrator access,


and issue additional IDs to trusted administrators for example,
Jane Admin/Full Admin/Acme.

Leave the Full Access Administrator field empty. Add the name of a
trusted individual for emergency situations, and remove it when the
situation has been resolved.

Populate the Full Access Administrator field with a limited set of


trusted administrators.

You can also track how this feature is used:

Configure the Event Handler to send notification through


EVENTS4.NSF when full access administration privileges are
invoked.

Any database activity done using full access administrator access is


recorded in the database activity log, under Database Properties.

Use of the feature is logged by the server.

Setting up anonymous server access for Notes users and Domino


servers
When a server is set up for anonymous access, Notes users and Domino
servers do not need a valid certificate to access the server, since the
server does not validate or authenticate them. Use anonymous access to
allow users and servers outside your organization to access a server
without first obtaining a certificate for the organization. You can also set
up anonymous access for Internet/intranet users.
For more information on anonymous Internet/intranet access, see the
chapter Setting Up Name-and-Password and Anonymous Access to
Domino Servers.
1. From the Domino Administrator, click the Configuration tab, and
open the Server document.
2. Click the Security tab.
3. In the Security Settings section, enable Allow anonymous Notes
connections.
Controlling Access to Domino Servers 38-13

Security

Options for managing the full access administrator feature


There are several ways to grant full access administrator:

4. Save the document.


5. Create an entry named Anonymous in the ACL of all databases to
which you want to allow anonymous access. Assign the appropriate
access level typically Reader access. If you dont add Anonymous
as an entry in the ACL, anonymous users and servers get -Defaultaccess.
6. Stop and restart the server so that the changes take effect.

Controlling access to a specific server port


Use a port access list to allow or deny Notes user and Domino server
access to a specific network port. If you use a port access list and a server
access list, users and servers must be listed on both to gain access to the
server.
To control access to a specific port, use these NOTES.INI settings:

Allow_Access_portname = names
Deny_Access_portname = names
where portname is the name of the port, and names is a list of users,
servers, and groups to whom you want to deny or allow access.
These names must be contained in the Domino Directory.

For more information, see the appendix NOTES.INI File.

Controlling creation of databases, replicas, and templates


To manage available disk space, control which users and servers are
allowed to create databases and replicas on a server. If your system uses
multiple Domino Directories, Domino searches only the first Domino
Directory specified in the Names setting in the NOTES.INI file.
If the server allows a user to create database replicas, but a particular
database ACL prevents it, the user cannot create a replica for that
database.
Tip Create a group named Replica Makers that lists the names of all
people who can create replicas on servers. Enter the group name
Replica Makers in the Create replica databases field in each Server
document in the Domino Directory.
1. From the Domino Administrator, click Configuration, and open the
Server document.
2. Click the Security tab.

38-14 Administering the Domino System, Volume 2

Field

Action

Create new databases


and templates

Enter any of these:


Names of specific servers, users, and groups.
An asterisk (*) followed by a certificate name
for example, */Sales/East/Acme to allow all
users certified by a particular certifier to create
databases.
An asterisk (*) followed by a view name for
example, *($Users) to allow all names that
appear in a specific view in the Domino
Directory to create databases. Access time is
quicker if you specify a group name rather than
a view name.
The default value for this field is blank, which
means that all users can create new databases.
Separate multiple names with commas or
semicolons.

Create replica
databases

Enter any of these:


Names of specific servers, users, and groups.
An asterisk (*) followed by a certificate name
for example, */Sales/East/Acme to allow all
users certified by a particular certifier to create
replicas.
An asterisk (*) followed by a view name for
example, *($Users) to allow all names that
appear in a specific view in the Domino
Directory to create replicas. Access time is
quicker if you specify a group name rather than
a view name.
Note Servers, users, and groups who cannot
create new databases on the server (see above)
cannot create replicas.
The default value for this field is blank, which
means that no one can create new replicas.
Separate multiple names with commas or
semicolons.
continued

Controlling Access to Domino Servers 38-15

Security

3. In the Server Access section, complete one or more of these fields,


and then save the document:

Field

Action

Create master
templates

Enter any of these:


Names of specific servers, users, and groups.
An asterisk (*) followed by a certificate name
for example, */Sales/East/Acme to allow all
users certified by a particular certifier to create
templates.
An asterisk (*) followed by a view name for
example, *($Users) to allow all names that
appear in a specific view in the Domino
Directory to create replicas. Access time is
quicker if you specify a group name rather than
a view name.
Note Servers, users, and groups who cannot
create new databases or replicas on the server (see
above) cannot create or update templates.
The default for this field is blank, which means
that no one can create master database templates
on the server.
Separate multiple names with commas or
semicolons.

For information on creating groups, see the chapter Setting Up and


Managing Groups.

Controlling the use of headline monitors


This setting is for Notes users only. Notes users can set up their headlines
to search server databases automatically for items of interest. This setting
controls which users can or cannot access this server for headlines.
Note If many users use this feature, server performance may be slow.
For information about headlines, see Lotus Notes 6 Help.
1. From the Domino Administrator, click Configuration, and open the
Server document.
2. Click the Security tab.

38-16 Administering the Domino System, Volume 2

Field

Action

Allowed to use
monitors

Enter any of these:


Names of specific users and groups.
An asterisk (*) followed by a certificate name for
example, */Sales/East/Acme to allow all users
certified by a particular certifier to use a monitor.
An asterisk (*) followed by a view name for
example, *($Users) to allow all names that appear
in a specific view in the Domino Directory to use
monitors. Access time is quicker if you specify a
group name rather than a view name.
Separate multiple names with commas or semicolons.
The default for this field is * (all users). Leave the field
blank to allow no one to use headline monitors.

Not allowed to
use monitors

Enter any of these:


Names of specific users and groups.
An asterisk (*) followed by a certificate name for
example, */Sales/East/Acme to prevent users
certified by a particular certifier from using monitors.
An asterisk (*) followed by a view name for
example, *($Users) to prevent all names that
appear in a specific view in the Domino Directory
from using monitors. Access time is quicker if you
specify a group name rather than a view name.
Separate multiple names with commas or semicolons.
The default for this field is blank, meaning that no one
is restricted from using monitors. Use an asterisk (*) to
prevent all users from using monitors.

You can also restrict users from monitoring an individual database.


For more information, see the chapter Improving Database
Performance.

Controlling access to a passthru server or passthru destination


A passthru server allows users and servers to use a passthru connection
to connect to another server. The server to which users connect is called a
passthru destination. You can control which users and servers can access
a passthru server and passthru destination.
For more information on passthru servers, see the chapter Setting Up
Server-to-Server Connections.

Controlling Access to Domino Servers 38-17

Security

3. In the Server Access section, complete one or both of these fields, and
then save the document:

If your system uses multiple Domino Directories, Domino searches only


the first Domino Directory specified in the Names setting in the
NOTES.INI file.
Internet and intranet clients cannot use passthru; therefore, these settings
are valid only for Notes users and Domino servers.
1. From the Domino Administrator, click Configuration, and open the
Server document.
2. Click the Security tab.
3. In the Passthru Use section, complete one or more of these fields, and
then save the document:
Field

Action

Access this
server

Enter any of these:


Names of specific servers, users, and groups.
An asterisk (*) followed by a certificate name for
example, */Sales/East/Acme to allow all users
certified by a particular certifier to access the server.
An asterisk (*) followed by a view name for
example, *($Users) to allow access to all names that
appear in a specific view in the Domino Directory.
Access time is quicker if you specify a group name
rather than a view name.
Any users or servers listed in this field can use a passthru
server to access this server. This field does not take
precedence over other access fields for example, the
Access server and Not access server fields. For
example, if the Access server field specifies that only
users listed in the Domino Directory can access this
server, users who are not in the local domain cannot
access this server.
The default for this field is blank, which means that users
and servers are prevented from using a passthru
connection to access this server.
Separate multiple names with commas or semicolons.
continued

38-18 Administering the Domino System, Volume 2

Action

Route through

Enter any of these:


Names of specific servers, users, and groups.
An asterisk (*) followed by a certificate name for
example, */Sales/East/Acme to allow all users
certified by a particular certifier to access the server.
An asterisk (*) followed by a view name for
example, *($Users) to allow access to all names that
appear in a specific view in the Domino Directory.
Access time is quicker if you specify a group name
rather than a view name.
Any users or servers listed in this field can use the server
as a passthru server, regardless of whether or not they are
also included in the Access server or Not access
server fields.
The default for this field is blank, which means that users
and servers are prevented from using this server for
passthru access.
Separate multiple names with commas or semicolons.

Cause calling

Enter any of these:


Names of specific servers, users, and groups.
An asterisk (*) followed by a certificate name for
example, */Sales/East/Acme to allow all users
certified by a particular certifier to initiate calling.
An asterisk (*) followed by a view name for
example, *($Users) to allow all names that appear in
a specific view in the Domino Directory to allow
calling. Access time is quicker if you specify a group
name rather than a view name.
Any users or servers listed in this field can instruct this
server to call that is, place a phone call to another
server in order to establish a routing path to that server. If
no names are entered, no calling is allowed. In general, if
the Replicator on another server uses the modem on a
server to reach its targets, the server name of the Replicator
must be included in this list on the server with the modem.
Otherwise, the replication will frequently fail.
The default for this field is blank, which means that users
and servers are prevented from using this server to route
a path to another server.
Separate multiple names with commas or semicolons.
This field corresponds to the Allow_Passthru_Callers
setting in the NOTES.INI file. If a conflict exists, the
Cause calling field takes precedence.
continued
Controlling Access to Domino Servers 38-19

Security

Field

Field

Action

Destinations
allowed

Enter the names of destination servers to which this


server may route clients.
The default for this field is blank, which means that all
servers may be routed to.
This field corresponds to the Allow_Passthru_Targets
setting in the NOTES.INI file. If a conflict exists, the
Destinations allowed field takes precedence.

Controlling agents that run on a server


To control the types of agents users can run on a server, set up
restrictions for server agents. The fields in this section are organized
hierarchically with regard to privileges. Run unrestricted methods and
operations has the highest level of privilege and Run Simple and
Formula agents has the lowest. A user or group name in one list will
automatically receive the rights of the lists beneath. Therefore a name has
to be entered in only one list, which then gives that user the highest
rights.
Tip Create a group for each class of users to be used in every category.
For a list of restricted LotusScript and Java features and information
about agents, see Application Development with Domino Designer.
For information on creating groups, see the chapter Setting Up and
Managing Groups.
1. From the Domino Administrator, click Configuration, and open the
Server document.
2. Click the Security tab.

38-20 Administering the Domino System, Volume 2

Field

Action

Run unrestricted
methods and
operations

Enter the names of users and groups who are allowed to


select, on a per agent basis, one of three levels of access
for agents signed with their ID. Users with this privilege
select one of these access levels when they are using
Domino Designer 6 to build an agent:
restricted mode
unrestricted mode
unrestricted mode with full administration rights.
Only users who have this access can choose an option
other than do not allow restricted operations. This
access is enabled by default for the current server and
Lotus Notes Template developers.
If users in this list are also listed as a database
administrator in the Server document, they are allowed
to perform database operations without having to be
listed explicitly in the database ACL. (for example, they
can delete databases without being listed in the ACL of
those databases).
To have the ability to run agents in unrestricted mode
with full administration rights, the agent signer should
be listed in this field, or in the Full Access Administrator
field, as well as have this mode selected in the Agent
Builder. Being listed in Full Access Administrator list
alone is not sufficient to run agents in this mode.

Sign agents to run Enter the names of users and groups who are allowed to
on behalf of
sign agents that will be executed on anyone elses
someone else
behalf. The default is blank, which means that no one
can sign agents in this manner.
This privilege should be used with caution, as the name
for whom the agent is signed on behalf of is used to
check ACL access.
Sign agents to run
on behalf of the
invoker of the
agent

Enter the names of users and groups who are allowed to


sign agents that will be executed on behalf of the
invoker, when the invoker is different from the agent
signer. This setting is ignored if the agent signer and the
invoker are the same. This is used currently only for
Web agents. The default is blank, which means that
everyone can sign agents invoked in this manner (this is
for backwards compatability).
continued

Controlling Access to Domino Servers 38-21

Security

3. In the Programmability Restrictions section, complete one or more of


these fields, and then save the document:

Field

Action

Run restricted
Enter the names of users and groups allowed to run
LotusScript/Java agents created LotusScript and Java features, but
agents
excluding privileged methods and operations, such as
reading and writing to the file system. Leave the field
blank to deny access to all users and groups.
Run simple and
formula agents

Enter the names of users and groups allowed to run to


run simple and formula agents, both private and shared.
Leave the field blank to allow all users and groups to
run simple and formula agents, both private and
shared.

Sign script
libraries to run on
behalf of someone
else

Enter the names of users and groups who are allowed to


sign script libraries in agents executed by someone else.
For the purposes of backwards compatibility, the default
value is to leave the field empty, to allow all.

Controlling server access by browser clients that use Java and


JavaScript
Note These settings are for use only with R5.x and earlier servers. They
should not be used with a Domino 6 server and are included for the
purpose of backwards compatibility only, to be used to manage prior
releases of Domino servers with the Lotus Notes 6 client.
For more information on the DIIOP task, see the chapter Setting Up the
Domino Web Server.
1. From the Domino Administrator, click Configuration, and open the
Server document.
2. Click the Security tab.
3. In the Programmability Restrictions section, complete one or both of
these fields, and then save the document:
Field

Action

Run restricted
Enter the names of authenticated browser users
Java/JavaScript/COM and/or groups allowed to run server programs
created with a specific set of Java and JavaScript
features.
Leave the field blank (default) to deny access to all
users and groups.
Run unrestricted
Enter the names of authenticated browser users
Java/JavaScript/COM and/or groups allowed to run server programs
created with all Java and JavaScript features.
Leave the field blank (default) to deny access to all
users and groups.

38-22 Administering the Domino System, Volume 2

Controlling Web browser access to files


You can use the following security features to control Internet/intranet
access to files on the servers:

File protection documents

Web realms

Physically securing the Domino server


Physically securing servers and databases is just as important as
preventing unauthorized user and server access. Therefore, locate all
Domino servers in a ventilated, secure area, such as a locked room. If
servers are not secure, unauthorized users might circumvent security
features for example, ACL settings access applications on the
server, use the operating system to copy or delete files, and physically
damage the server hardware itself.
To ensure maximum physical security for servers, do one or more of the
following:

Use the server without a mouse, and keep the keyboard locked.

Password-protect the server ID. If an ID uses a password, you must


manually restart the server rather than restart it automatically. To
restart the server, you must know the server password.

Use the Set Secure command to password-protect the console and


restrict what can be done while the server is running.
For more information on the Set Secure command, see the appendix
Server Commands.

Use the Local Security option to encrypt databases on the server with
the server ID. Then people at the server can access databases only if
they have access to the server ID that was used to encrypt the
databases.

Use operating system features to secure data files and lock keyboard
access. For more information, see your operating system
documentation.

Controlling Access to Domino Servers 38-23

Security

For a list of restricted Java and JavaScript classes, see Application


Development with Domino Designer.

Securing the server console with a Smartcard


Beginning with Lotus Notes 6, Notes users can use a Smartcard with
their User ID to log in to Notes. Smartcard use requires the installation of
a Smartcard reader on the users computer, along with the Smartcard
software and drivers. The advantage of using a Smartcard with Notes is
that the Smartcard locks User ID. Logging into Notes with a Smartcard
requires the Smartcard, the User ID, and the users Smartcard PIN.
For more information about how Notes users set up Smartcards, see the
topic Enabling Smartcards for Notes login.
Administrators can take advantage of Smartcard security to physically
secure the Domino server console. In this case the administrator would
be locking the Server ID with the Smartcard.
To secure the server console with a Smartcard
Caution Ensure that the server.id is recoverable via the ID File
Recovery before proceeding. Also, verify that the encrypted backup copy
of the server.ID exists in the ID file repository.
Before you begin:

Have the Domino server workstation on, but do not launch the
Domino server software.

Modify the Domino servers NOTES.INI file to include a variable,


PKCS11_Library=, that points to the Smartcard PKCS#11 file. This
file will be loaded during Smartcard installation. For example:
PKCS11_Library=C:\Program Files\Schlumberger\Smart Cards
and Terminals\Common Files\slbck.dll

Caution If you do not modify the servers NOTES.INI file to include the
PKCS11_Library variable, when you try to launch the Domino server, it
will shut down and return a Login aborted by user error.
1. On the Domino server workstation, install a Smartcard reader and
Smartcard driver files.
2. On a Notes client workstation, install a Smartcard reader and the
same Smartcard driver files as you installed on the Domino server.
This workstation will be used to configure the Smartcard for the
server.
3. Copy the server.id from the Domino server onto a diskette. Insert the
diskette into the Notes workstation.
4. Launch the Notes client with a User ID from the domain for which
the server has a certificate.
5. Place the Smartcard designated for the server into the card reader of
the Notes client. If required, enter the Smartcard PIN.
38-24 Administering the Domino System, Volume 2

7. Do the following to enable the server.id file for the associated


Smartcard
a. Click File - Security - User Security, and enter the password for
the server.id.
b. Click Smartcard Options.
c. Click Enable Smartcard Login.
d. Enter password (if needed) and the Smartcard PIN. After
approximately 10 to 15 seconds, the Smartcard will be configured
for the server.id file.
8. Copy the Smartcard-enabled server.ID file back to the servers
Domino\data directory.
9. Place the Smartcard in the Domino server card reader, and launch
Domino.
10. At the server command console, enter the Smartcard PIN when
prompted and Domino will launch.

Controlling Access to Domino Servers 38-25

Security

6. Click File - Security - Switch ID to switch to the copy of the server.id


file.

Security

Chapter 39
Protecting and Managing Notes IDs
This chapter describes how to control access to Domino server and Notes
user IDs.

Domino server and Notes user IDs


Domino uses ID files to identify users and to control access to servers.
Every Domino server, Notes certifier, and Notes user must have an ID.
When you register users and servers, Domino automatically creates their
IDs. An ID file contains:

The owners name. A user ID file may also contain one alternate
name. A certifier ID may contain multiple alternate names.

A permanent license number. This number indicates that the owner


is legal and specifies whether the owner has a North American or
International license to run Domino or Notes.

At least one Notes certificate from a certifier ID. A Notes certificate is


a digital signature added to a user ID or server ID. This signature,
which is generated from the private key of a certifier ID, verifies that
the name of the owner of the ID is correctly associated with a specific
public key.

A private key. Notes uses the private key to sign messages sent by
the owner of the private key, to decrypt messages sent to its owner,
and, if the ID belongs to a certifier, to sign certificates.

(Optional Notes client only) Internet certificates. An Internet


certificate is used to secure SSL connections and encrypt and sign
S/MIME mail messages. An Internet certificate is issued by a
Certification Authority (CA) and verifies the identity of the user. The
users private key associated with an Internet certificate is stored
with that certificate.

(Optional) One or more secret encryption keys, created and


distributed by users to allow other users to encrypt and decrypt
fields in a document.

39-1

Note If a user is in the process of requesting a new private key or a


name change, the pending information is also stored in the ID file. If
a Notes private key is changed, then the obsolete information is also
stored in the ID file for backwards compatibility. For example, you
would need the obsolete information to read old encrypted e-mail.

Certificates
A certificate is a unique digital signature that identifies a user or server.
Server and user IDs contain one or more Notes certificates. In addition,
user IDs may contain one or more Internet certificates that identify users
when they use SSL to connect to an Internet server or send a signed
S/MIME mail message.
A certificate contains:

The name of the certifier that issued the certificate.

The name of the user or server to whom the certificate was issued.

A public key that is stored in both the Domino Directory and the ID
file. Notes uses the public key to encrypt messages that are sent to
the owner of the public key and to validate the ID owners signature.

A digital signature.

The expiration date of the certificate.

Certificates are stored in ID files and in Person, Server, and Certifier


documents in the Domino Directory. They are also referred to as Notes
certified public keys.
Public keys are not secret. Any user may look up another users public
key and use it to send encrypted mail to or authenticate the user. It is
important that someone looking up a public key learn it reliably since
Domino uses it for identification. Users must be able to obtain the public
key of the certifier that issued the certificate before they can authenticate
the certificates owner. If a user has a certificate issued by the same
certifier as another user or server, the first user can verify the public key
for the certificate and then reliably know the public key associated with
the server or user name. If a user doesnt have a certificate issued by the
same certifier, the user needs a cross-certificate for authentication.
When you register users and servers, Domino automatically creates a
Notes certificate for each user and server ID. In addition, you can use a
Domino or third-party certificate authority (CA) to create Internet
certificates for user IDs. Domino uses the x.509 certificate format to create
Internet certificates.

39-2 Administering the Domino System, Volume 2

Changing a name on a user ID may also affect Internet certificates. For


example, a user who has changed the name on a user ID may receive
warning messages when sending signed S/MIME mail, warning the user
that recipients of the message may receive a signature by a name that
isnt on the original certificate used for signing.

Viewing the certificates on an ID


You can display the Notes and Internet certificates associated with an ID
and display information about each certificate for example, public key,
creation date, expiration date, and certifier information.
For example, the Certificates box displays certificates for a Notes user ID
with the name Alan Jones/Sales/East/Acme. The first certificate listed
below is the one issued to Alan Jones for international use. The second
certificate listed below is the one issued to Alan Jones for North
American use and for electronic signing. Following these are the
certificates issued to the certifier of the ID and to any ancestors of the
certifier. The last certificate listed below is the Internet certificate issued
to Alan Jones.
Certificate

Issued to

/Sales/East/Acme (International)

Alan Jones/Sales/East/Acme

/Sales/East/Acme (North American)

Alan Jones/Sales/East/Acme

/East/Acme

/Sales/East/Acme

/Acme

/East/Acme

/Acme

/Acme

CN=AcmeCA/OU=East/O=Acme/L= EMAIL=alan_jones@acme.com/CN=
Cambridge/ST=Massachusetts/C=US AlanJones/OU=East/O=Acme/L=
Cambridge/ST=Massachusetts/C=US

To view certificates
1. From the Domino Administrator, click Configuration - Certification.
2. Click ID Properties.
3. Choose the ID file to view.
4. Enter the password and click OK.

Protecting and Managing Notes IDs 39-3

Security

Notes certificates have expiration dates. Therefore, you must recertify


Notes IDs when their expiration dates approach. In addition, if a user or
server name changes, you must recertify the corresponding Notes ID so
that a new certificate will bind the public key to the new name.

5. In the ID Properties dialog box, do the following:


a. Click Your Identity - Your Certificates to display a list of all
Notes and Internet certificates issued to this ID file.
b. Select the certificate in the Certificates box to display additional
information about the certificate.
c. To get more information about a certificate, highlight it in the list
and click Advanced Details. Here you can specify a default
Internet signing certificate if there are multiple Internet
certificates in the ID file.
For more information on using Internet certificates, see the chapter
Setting Up Clients for S/MIME and SSL.
For more information on how Notes users can view certificates in their
IDs, see Lotus Notes 6 Help.

Password-protection for Notes and Domino IDs


To ensure the security of the Domino system, password-protect all Notes
and Domino IDs certifier, server, and user. When you
password-protect an ID, a key that is derived from the password
encrypts the data on the ID. Then, when you attempt to access mail, open
a server-based database, or examine ID file information, you are
prompted to enter a password. Note that this information does not apply
to password-protection for Internet clients.
For information on password protecting Internet clients, see the chapter
Setting Up Name-and-Password and Anonymous Access to Domino
Servers.

Password-protection features
Password quality
When you register a user or server or create a certifier ID, you use a scale
of 0 to 16 to specify the level of password quality you want enforced for
the ID. The higher the level, the more complex the password and,
therefore, the more difficult it is for an unauthorized user to guess the
password. For optimal security, specify a password quality level of at
least 8.
The password quality level you assign is enforced when you enter a
password for new IDs or when users change the password for an existing
ID. When users change their passwords, Notes displays information
about the password quality level required by the ID file. Users must
enter a password that meets the criteria for the level; otherwise, they are
not allowed to change the password.
39-4 Administering the Domino System, Volume 2

To change the password quality level assigned to an ID, you must


recertify the ID or use a security settings policy document.
For more information about using a security settings policy document to
manage IDs, see the chapter Using Policies.
For more information on password quality, see the topic Understanding
the password quality scale later in this chapter.
Time-delay and anti-spoofing mechanisms
All passwords for Notes IDs have built-in time-delay and anti-spoofing
mechanisms, both of which deter password-guessing programs and
prevent password theft by programs that resemble the password-prompt
dialog box. The time-delay mechanism delays the time it takes to be able
to proceed after an incorrect password is typed. When a user types a
password, the anti-spoofing mechanism creates a graphic pattern that
other programs cannot reproduce.
Password and public-key verification during authentication
By default, Notes and Domino use passwords only to protect information
stored in ID files. However, you can configure servers to verify
passwords and Notes public keys during authentication. Password and
public-key verification reduces the unauthorized use of IDs. If you set up
a server to verify passwords and an unauthorized user obtains an ID and
its password, the authorized user just needs to change the password for
the ID. Then, the next time the unauthorized user attempts to
authenticate, that user will not be allowed access to the server because
Domino informs the user that they must change the password on this
copy of the ID to match that on another copy of their ID (which the
unauthorized user doesnt know).
Along with verifying passwords, you can set up servers to require users
to change their password periodically.
For more information on verifying passwords, see the topic Verifying
user passwords during authentication later in this chapter.
For more information on verifying public keys, see the topic Public key
security later in this chapter.

Protecting and Managing Notes IDs 39-5

Security

When choosing a password, it is best to specify a random, alphanumeric


string that includes mixed uppercase and lowercase letters, numbers,
and punctuation. Also, it is better to specify an entire phrase, rather than
a single word. A passphrase is easy to remember, difficult to guess, and
generally longer than a single-word password. If you choose to use a
phrase, you should misspell one or more of the words to make it more
difficult for attackers to guess at the phrase.

Multiple passwords
To provide tighter security for certifier and server IDs, assign multiple
passwords to those IDs. Using multiple passwords requires that a group
of administrators work together to access an ID. For example, this feature
is useful when you want to avoid giving authority for a certifier ID to one
person. You can specify that only a subset of the assigned passwords be
required to access the ID. For example, you can assign four passwords to
the ID but require that only any two of the four passwords be entered to
gain access to the ID. Requiring only a subset of the passwords allows
administrators to access the ID, even when all of the administrators are
not available.
Note User IDs can also be secured with multiple passwords.
For more information on multiple passwords, see the topic Assigning
multiple passwords to server and certifier IDs later in this chapter.
ID file recovery
If you have ID recovery in place, when a user loses an ID file or forgets
the password to the ID file, a group of administrators can work together
to recover the ID file. Losing an ID file normally prevents users from
accessing servers and reading messages and other data that they
encrypted with the ID. Using the ID file recovery feature, administrators
can prevent this loss of access and prevent unauthorized users from
illicitly recovering IDs.
For more information on ID file recovery, see the topic ID file recovery
later in this chapter.
Using a Smartcard to secure a Notes ID
When using Smartcards to log into Notes, users are essentially locking
and unlocking their user IDs. The advantage of using a Smartcard with
Notes is that the users Internet private keys can be stored on the
Smartcard instead of on the workstation. Then users can take Smartcards
with them when they are away from their computers. For both regular
and roaming users, Smartcards increase user ID security.
Caution In order for Notes users to set up Smartcards, you must disable
password checking, change/grace intervals and expiration in the users
Person document. Otherwise, Smartcard users will eventually be locked
out.
For more information on how Notes users can use Smartcards, see Lotus
Notes 6 Help.

39-6 Administering the Domino System, Volume 2

When creating passwords for user, server, or certifier IDs, you need to
understand the criteria by which Domino measures password strength
and security. Domino measures this criteria according to the level
assigned on its password quality scale. The scale assigns a minimum
level of quality to the password on an ID file. Domino bases the
password quality on the number and variety of characters in the
password.
The algorithm used to calculate password quality is used to enforce the
selection of passwords that are sufficiently complex to meet the
password quality scale level chosen to protect user ID files. When a user
is registered, the users ID file contains a password strength value. This
setting is enforced if the user changes the password.
The scale ranges from 0 (weakest no password required) to 16
(strongest). A quality of 1 indicates that any password satisfies the
criteria. Domino defines default levels for certifier, server, and user
password quality. You should change these defaults to meet your
organizations security criteria. You can set the defaults in a security
settings policy document, in Administration Preferences, or in the
registration or certification dialog boxes.
Password strength is not the same as password length. Not all passwords
of equal length have equal strength in the password quality scale. For
example, the 8-character word password (because it is a word) and the
8-character word 1168Acme (because it contains numbers and
alphabetic characters) do not carry the same level of character complexity
and do not have equal strength on the quality scale.
Password quality scale Description

Example

None.

Password is optional.

Allow any password.

b, 3

2-6

Allow a weak
password, even
though you might be
able to guess it by trial
and error.

password, doughnut
(password quality scale 3)
lightferret, b 4D (password
quality scale 6)

7-12

Require a password
that is difficult to
guess, but might be
vulnerable to an
automated attack.

pqlrtmxr, wefourkings
(password quality scale 8)

continued

Protecting and Managing Notes IDs 39-7

Security

The password quality scale

Password quality scale Description

Example

13-16

4891spyONu (password
quality scale 13)
lakestreampondriverocean,
stRem2pO() (password quality
scale 15)
stream8pond1river7lake2ocean
(password quality scale 16)

Require a strong
password, even
though the user may
have difficulty
remembering it.

Tips for assigning passwords and scale

Do not use words in a password that are in the Domino spell-check


dictionary. Passwords containing words found in a Domino
spell-check dictionary are generally weaker than passwords of equal
length that do not contain words from the spell-check dictionary.

Use mixed-case words and words that contain numbers and


punctuation for passwords instead of entirely lowercase alphabet
characters. To make a password stronger without making it longer,
avoid using words; instead use mixed-case characters and include
punctuation and numbers.

Use a passphrase instead of a password. A complete sentence,


especially one with a word or two misspelled, is a strong password
that an attacker would have difficulty guessing.

Use passwords that have a quality of 12 or higher. Passwords that


have a quality of 12 or higher are resistant to an automated attack.
Passwords that have a quality below 4 are easy to guess.

Set a default value for all Password Quality Scale fields so that all
passwords assigned to servers, users, and certifier IDs in your
organization have appropriate levels of complexity.

Verifying user passwords during authentication


You can enable password verification so that a Notes user can
authenticate with a server only after providing the correct password that
is associated with the user ID. If an unauthorized user obtains an ID and
learns the IDs password, the owner of the ID can use password
verification to change the password and prevent the unauthorized user
from continuing to use the ID to authenticate with servers. The next time
the unauthorized user tries to use the ID with the old password to access
a server, the server verifies the password, determines that the password
entered does not match the new password, and denies the unauthorized
user access to the server. Without password verification, an
39-8 Administering the Domino System, Volume 2

If a user has multiple ID files, the user change the password in each of
them to match the new password. You cannot use password verification
on ID files that contain multiple passwords.
Each time a user changes a password, the user must specify a unique
password. Notes keeps a record of up to 50 passwords that have been
previously used. If you enable password history checking (through the
use of a security settings document), you can configure the number of
new passwords that must be used before a given password can be
reused.
An expired password doesnt prevent a user from reading encrypted
mail or creating new signed documents on local replicas; however,
without specifying a new password, users cannot access databases on
servers.
Note that password verification during authentication will not work for
Internet users because they do not have Notes user IDs (unless their
Notes and Internet passwords have been synchronized).
Caution Do not enable password expiration for users whose ID files are
locked with Smartcards. Otherwise, it is possible that a users ID could be
locked out until the password digest can be cleared.

The Administration Process and password verification


Password verification requires the Administration Process to update
documents in the Domino Directory. When you enable password
verification for a user, the Administration Process creates a Set
Password Information request in the Administration Requests database.
Domino carries out this request according to the setting in the Interval
field in the Administration Process section of the Server document. This
request enables password-checking by entering values in the Check
password, Required change interval, and Grace period fields in the
Administration section of the users Person document.

Protecting and Managing Notes IDs 39-9

Security

unauthorized user could use an ID and password even after the user
changed the password on the ID, since, by default, the password is used
only to decrypt the ID file and is not verified against the password stored
in the Domino Directory. If you set up password verification, require
users to change the passwords on their IDs on a regular basis. As the
time for the required password change approaches (after two-thirds of
the current change interval has passed, but at a minimum of two days
remaining), a prompt appears to remind the user to change the
password. When users change the password, the current ID and Person
document are updated with the new password.

The first time the user logs onto a server that requires password
verification, the Administration Process generates a Change User
Password in Domino Directory request in the Administration Requests
database. This request enters a corresponding password digest in the
Password digest field in the Administration section of the Person
document. It also records the date the user provided the password in the
Last change date field in the Administration section of the Person
document. To authenticate with servers that are enabled for password
verification, the user must provide the password that corresponds to the
digest.
From then on, when a user changes a password, the Administration
Process generates a new Change User Password in Domino Directory
request in the Administration Requests database. This request updates
the Password digest and Last change date fields in the Person document.
Note that if you modify the change interval or grace period after you
enable password verification, the Administration Process must update
the fields in the Person document and then user must change the
password for the change to take effect.
For information on the Administration Process, see the chapter Setting
Up the Administration Process.

Required change intervals and grace periods


You can set up a server to verify users passwords during authentication
without requiring them to change their passwords. If you require
password changes, you can specify a grace period that indicates the
length of time after the change interval expires before users are locked
out of the server. If a required change interval expires before the user
changes the password, the user cant authenticate with servers that
require password verification until the user creates a new password. If a
grace period expires and the user still hasnt changed the password, the
user cant authenticate until the administrator manually deletes the data
in the Password digest field in the Person document and the user creates
a new password. If an unauthorized user changes the password on an ID
before the authorized owner of the ID does, the authorized owner cant
authenticate and sees this message:
You have a different password on another copy of your ID file and
you must change the password on this copy to match.
In this case, delete the entry in the Password digest field, and ask the
authorized user to log on immediately and enter a new password.
Caution For users whose ID files are locked with Smartcards, set the
required change interval and grace period to 0. Otherwise, it is possible
that a users ID could be locked out.
39-10 Administering the Domino System, Volume 2

You can enable password verification through the use of a security policy
settings document, which allows you to enable this feature for multiple
users, or you can enable password verification on an individual basis
through the Domino Directory. You can also choose to lock out a users
ID, which prevents the user from logging into the server.
For more information on the security policy settings document, see the
chapter Using Policies.
To enable password verification for individual users
1. Make sure that:
The Administration Process is set up on the server
You have at least Author access and the UserModifier role in the
Domino Directory.
Password verification is enabled on the servers with which these
users authenticate.
2. From the Domino Administrator, click People & Groups.
3. Select each Person document for which you want to enable password
checking.
4. Choose Actions - Set Password Fields, and then click Yes to continue.
5. In the Check Notes Password field, select Check password.
6. Complete these fields, and then click OK:
Field

Action

Required change
interval

Enter the length of time, in days, that a password can


be in effect before it must be changed. Default is zero.

Allowed grace
period

Enter the length of time, in days, that users have to


change an expired password before being locked out.
Default is zero.

7. (Optional) You can also choose to force individual users to change


their Internet passwords the next time they log in. In the Force users
to change Internet password on next login dialog box, click Yes.
Caution Do not enable password expiration for users whose ID files are
locked with Smartcards. Otherwise, it is possible that a users ID could be
locked out until password expiration can be cleared. You should also be
sure that the required change interval and allowed grace period is set at
zero.

Protecting and Managing Notes IDs 39-11

Security

Setting up password verification

To disable password verification for an individual user


When you disable password verification for a user, Domino does not
check passwords for the user even if password verification is enabled for
the server.
1. From the Domino Administrator, click People & Groups using a
network connection to the Domino Directory.
2. Select each Person document for which you want to enable password
checking.
3. Choose Actions - Set Password Fields, and then click Yes to continue.
4. In the Set Passwords Fields dialog box, select Dont check
password, and then click OK.
To lock out an individual user's ID
1. From the Domino Administrator, click People & Groups using a
network connection to the Domino Directory.
2. Select the Person document of the user whose ID will be locked out.
3. Choose Actions - Set Password Fields, and then click Yes to continue.
4. In the Set Passwords Fields dialog box, select Lockout ID, and then
click OK.
To enable password verification on servers
To use password verification for Notes users, you must enable password
verification for both users and servers. Do the following to enable
password verification on each server with which these users
authenticate:
1. From the Domino Administrator, click Configuration.
2. Open the Server document of the server for which you want to
enable password verification.
3. Click Security, and then in the Check passwords on Notes IDs
field, select Enabled.
4. Repeat for each server on which you want to enable password
verification.
To disable password verification for a server
When you disable password verification for a server, Domino does not
check passwords for any users who access the server, even if the user has
password verification enabled.
1. From the Domino Administrator, click Configuration.
2. Open the server document of the server for which you want to
disable password verification.
39-12 Administering the Domino System, Volume 2

4. Repeat for each server on which you want to disable password


verification.

Assigning multiple passwords to server and certifier IDs


To assign multiple passwords
To complete these steps, you must gather together all of the
administrators whose passwords will be assigned to the ID. Each
administrator must complete a series of steps. Any password that was
assigned to the ID before you assign multiple passwords is no longer
valid.
1. From the Domino Administrator, click Configuration, and then click
Certification.
2. Choose Edit Multiple Passwords.
3. Select the ID to which you want to assign multiple passwords, and
then click Open.
4. Enter the password for the ID (if required).
5. Each administrator in turn completes these steps:
a. In the Authorized User field, enter your user name.
b. In the New Password field, enter a password.
c. In the Confirm Password field, retype the password.
d. Click Add to add your name and password to the ID file.
6. Enter the number of passwords required to access the ID. Enter a
number that is less than or equal to the number of administrators
who assigned passwords to the ID.
7. Click OK.
To edit a password
1. From the Domino Administrator, click the Configuration tab, and
then click Certification.
2. Choose Edit Multiple Passwords.
3. Select the ID containing a password you want to modify.
4. Enter the required passwords. The administrators need to be
physically present to enter all of the passwords.
5. Select a user who has a password in the file.
6. In the New Password field, type the new password.

Protecting and Managing Notes IDs 39-13

Security

3. Click Security, and then in the Check passwords on Notes IDs


field, select Disabled.

7. In the Confirm password field, retype the new password.


8. Click Modify, and then click OK.
To delete a password
1. From the Domino Administrator, click the Configuration tab, and
then click Certification.
2. Choose Edit Multiple Passwords.
3. Select the ID from which you want to remove an authorized
password.
4. Enter the passwords required.
5. Select a currently authorized user, and then click Remove.
6. Repeat Step 5 to delete the password for each additional authorized
user.
7. Click OK.

ID recovery
To recover from loss of, or damage to, an ID file, recommend to your
users that they keep backup copies of their ID files in a secure place
for example, on a disk stored in a locked area. Losing or damaging an ID
file or forgetting a password has serious consequences. Without an ID,
users cannot access servers or read messages and other data that they
encrypted with the lost ID. To prevent problems that occur when users
lose or damage ID files or forget passwords, set up Domino to recover ID
files.
Ideally, you should designate several administrators who will act as a
group to recover IDs and passwords. Although you can designate a
single administrator to manage ID recovery, you should consider having
two or more administrators work together to recover ID files.
Designating a group of administrators helps to prevent a breach of
security by one administrator who has access to all ID files. When you
designate a group of administrators, you can specify that only a subset of
them be present during the actual ID recovery. For example, if you
designate five administrators for ID recovery but require only three
administrators to unlock the ID file, any three of the five can unlock the
ID file. Designating a group of administrators and requiring only a
subset also prevents problems that occur if one administrator is
unavailable or leaves the company.

39-14 Administering the Domino System, Volume 2

At registration, administrators create the ID file with a certifier ID


that contains recovery information.

Administrators export recovery information from the certifier ID file


and have the user accept it.

(Only for servers using the server-based certification authority) Users


authenticate to their home server after an administrator has added
recovery information to the certifier.

Domino stores ID recovery information in the certifier ID file. The


information stored includes the names of administrators who are
allowed to recover IDs, the address of the mail or mail-in database where
users send an encrypted backup copy of their ID files, and the number of
administrators required to unlock an ID file. The mail or mail-in database
contains documents that store attachments of the encrypted backup ID
files. These files are encrypted using a random key and cannot be used
with Notes until they are recovered.
An encrypted backup copy of the ID file is required to recover a lost or
corrupted ID file. Recovering an ID file for which the password has been
forgotten is a bit easier. If the original ID file contains recovery
information, administrators can recover the ID file, even if an encrypted
backup ID file doesnt exist.
You can set up ID recovery for user IDs at any time. If you do so before
you register users, ID recovery information is automatically added to
user IDs the first time that users authenticate with their home servers. If
you set up ID recovery information after you have registered Notes
users, recovery information is automatically added to the user IDs the
next time users authenticate with their home servers.
Caution If your users will be enabling Smartcards to use with their
Notes IDs, it is extremely important to set up ID recovery information for
these IDs before any Internet keys are pushed onto the Smartcard.
Otherwise, the ID file recovery process will not be able to restore those
keys. Additionally, acquiring recovery information, through any means,
makes any Internet keys that had been previously pushed to the
Smartcard unrecoverable.

Protecting and Managing Notes IDs 39-15

Security

Before you can recover ID files, an administrator who has access to the
certifier ID file must specify recovery information, and the ID files
themselves must be made recoverable. There are three ways to do this:

How ID recovery works


For each administrator, the users ID file contains a recovery password
that is randomly generated and encrypted with the administrators
public key. The password is unique for each administrator and user. For
example, administrator Randi Bowker has a unique recovery password
for user Alan Jones, and that password is stored in Alans ID file.
Administrator Randi Bowker has a unique recovery password for user
Susan Salani, and that password is stored in Susans ID file.
To recover an ID, users and administrators do the following:
1. A user contacts each designated administrator to obtain the
administrators recovery password.
2. The administrator obtains the recovery password by decrypting the
recovery password stored in the users ID file using the
administrators private key.
3. The administrator then gives the recovery password to the user.
4. The user repeats Steps 1 through 3 until the minimum number of
administrators to unlock the ID file is reached.
5. After the file is unlocked, the user must enter a new password to
secure the ID file.
Tip The same ID file can be recovered again using the same recovery
passwords. However, you should urge users to refresh the recovery
information and create a new backup by re-accepting the recovery
information after they recover their ID files.
When users acquire a new public key, accept a name change, or accept or
create a document encryption key, Domino automatically sends updated
encrypted backup ID files to the centralized database.
To help prevent unauthorized users from recovering IDs without the
authorized users knowledge, make sure that password verification is
enabled for users and servers. If password verification is enabled, the
authorized user is aware of the change because the user cannot access
servers using the legitimate ID. When the unauthorized user recovered
the ID file, that user was forced to make a password change.
For more information about password verification, see the topic
Verifying user passwords during authentication in this chapter.
As an extra precaution, after recovering IDs, ask users to re-accept the
recovery information and then change the public key on their ID files.
Re-accepting recovery information changes recovery password
information in the ID file. Changing the public key changes the public
and private keys stored in the ID file.
39-16 Administering the Domino System, Volume 2

Before users can recover their ID files, you must set up a centralized mail
or mail-in database to store encrypted backups of ID files and specify
information about which administrators known here as recovery
authorities are allowed to recover IDs. You must perform these steps
before anyone loses or corrupts an ID ideally before you begin
registering users.
1. From the Domino Administrator, click Configuration, and then click
Certification.
2. Click Edit Recovery Information.
3. In the Choose a Certifier dialog box, click Server and select the
registration server name from the Domino Directory (only if the
correct server name does not appear).
4. Choose the certifier for which you are creating recovery information.
If you are using a server-based certification authority, click Use
the CA process and select a certifier from the drop-down list.
You must be a Certificate Authority (CA) administrator for the
certifier in order to change ID recovery information.
If you are not using a server-based certification authority, click
Supply certifier ID and password. If the certifier ID path and file
name does not appear, click Certifier ID and select the certifier ID
file and enter the password.
5. Click OK. The Edit Master Recovery Authority List dialog box
appears.
6. Enter the number of recovery authorities that are required to recover
an ID file. It is recommended that you choose at least three.
7. Click Add and select the names of the administrators who are the
designated recovery authorities.
8. Choose whether you want to use an existing mailbox for recovery
information or create a new one.
If you have a mail or mail-in database already set up for recovery
information, click I want to use an existing mailbox. Click
Address and select the database from the Domino Directory.
If you want to create a new database to store recovery
information, click I want to create a new mailbox. In the Create
New Mailbox dialog box, enter the name of the server on which
the database is to be created, and the database title. You can use
the file name that is created from the database title, or you can
create a new one.

Protecting and Managing Notes IDs 39-17

Security

Setting up ID recovery

Note Whenever you make changes in this dialog box, the Export
button is disabled. You cannot export recovery information until you
save the new or updated information.
9. Click OK.
10. If you are using a server-based certification authority, at the server
console type:
load ca

This starts the CA process with the new recovery information, or


refreshes it if it is already running. Then type:
tell adminp process all

to process the request to add recovery information to the certifier.


11. In the mail-in database ACL, set the -Default- access to No access
and give administrators Reader access.
Note If you have created additional O-level Notes certifiers, be sure to
cross-certify them with the initial Notes certifier prior to setting up
recovery information.

Preparing IDs for recovery


After you specify recovery information in the certifier ID, when you
register users, the user IDs automatically contain recovery information.
However, if you specified recovery information after generating user
IDs, users must update their user IDs with recovery information
supplied by the administrator. Updating IDs with recovery information
automatically sends an encrypted backup of the user ID to the
centralized mail or mail-in database.
There are two ways that users can update their user IDs with recovery
information:

(Only for servers using the server-based certification authority) Users


authenticate to their home server after an administrator has added
recovery information to the certifier. The recovery information is
automatically added to their Notes ID.

The administrator sends recovery information to users to incorporate


into their user IDs. You must complete these steps before a user loses
or damages an ID or forgets a password.

To send recovery information to the user


The administrator completes these steps.
1. From the Domino Administrator, click the Configuration tab, and
then click Certification.
2. Click Edit Recovery Information.
39-18 Administering the Domino System, Volume 2

4. Choose the certifier for which you are creating recovery information.
If you are using a server-based certification authority, click Use
the CA process and select a certifier from the drop-down list.
If you are not using a server-based certification authority, click
Supply certifier ID and password. If the certifier ID path and file
name do not appear, click Certifier ID and select the certifier ID
file and enter the password.
5. Choose Export, and then enter the certifier IDs password.
6. Complete these fields, and then click Send:
Field

Enter

To

Names of users and groups whose ID files you want to back up.

CC

Names of users and groups to whom you want to send a copy of


the message.

Subject

Information for users and groups that will appear in the Subject
field of the message. If this field is blank, Notes uses the
following text:
New ID file recovery information is attached. Please add it to
your ID file by using the Actions menu Accept Recovery
Information option.

Memo

Information for users and groups that will appear in the Body
field of the message. Domino automatically attaches the
encrypted backup file information to the message you do not
need to specify it in this field.

To accept recovery information in the ID file


The user completes these steps.
1. After the administrator sends the recovery information, open the
message in your mail database.
2. Choose Actions - Accept Recovery Information, and then enter your
password.

Protecting and Managing Notes IDs 39-19

Security

3. In the Choose a Certifier dialog box, if the correct server name does
not appear, click Server and select the registration server name from
the Domino Directory.

3. Complete these fields, and then click Send.


Field

Enter

To

Name of the mail or mail-in database that will store the backup
copy of your ID. Domino enters the name of the database
specified by your administrator.

CC

Names of users and groups to whom you want to send a copy


of the message.

Subject

Information for administrators that will appear in the Subject


field of the message. If this field is blank, Notes uses one of the
following messages:

Memo

Backup of newly changed recovery information for user


name

Backup of recent changes to ID file for user name

Information for administrators that will appear in the Body


field of the message. Domino automatically attaches the backup
of the ID file to the message; you do not need to specify it in this
field.

Domino automatically sends the encrypted backup ID file to the


centralized mail or mail-in database specified by the administrator.
Note You can store multiple copies of the ID file in the centralized mail
or mail-in database. Domino creates a new document every time an ID
file is backed up. When attempting to recover an ID file, use the most
recent backup. If this fails, use the older versions.

Recovering an ID
If a user loses or damages an ID file or forgets a password, the user can
work with administrators to recover the ID file from backup.
To recover a user ID from a backup ID
The user completes these steps.
1. If you have recovery information set up for your user ID, contact
your administrator to obtain the password(s) needed to recover your
ID. The recovery password is randomly generated and unique to
each recoverable ID file and administrator.
Note If you do not have access to your user ID file, contact your
administrator, who can provide you with an encrypted backup of
your user ID. Once you have the backup user ID, continue with the
following steps.
2. When you first log in to Notes and the Password dialog box appears,
do not enter your password. Just click OK.
3. Click Recover Password in the Wrong password dialog box.
39-20 Administering the Domino System, Volume 2

5. Enter the password(s) given to you by your administrator(s) in the


Enter Passwords dialog box, and repeat until you have entered all
of the passwords, and you are prompted to enter a new password for
your user ID.
6.

Enter a new password for your user ID, and confirm the password
when prompted. Note that if you do not enter a new password, you
will need to recover your user ID again.

7. Replace all backups and copies of your user ID file with the newly
recovered user ID file.
To obtain the ID file recovery password
For security reasons, the administrators must complete these steps from
their own workstations, rather than from the same workstation. Using
separate workstations prevents an unauthorized user from using a
program to capture the keystrokes that the administrators enter on the
same workstation. If an unauthorized user obtains an administrators ID
file and password, the unauthorized user can obtain the administrators
recovery password for all ID files. Therefore, you must protect the
administrators ID file and require that multiple administrators work
together to recover any given user ID file.
1. Detach the encrypted backup of the users ID file from the mail or
mail-in database to the local hard drive.
2. If the users ID file is damaged, send a copy of the ID file from the
centralized mail or mail-in database to the user.
3. From the Domino Administrator, click the Configuration tab, and
choose Certification - Extract Recovery Password.
4. Enter the password to the administrators ID file.
5. Specify the ID file you want to recover. This is the same ID you
detached in Step 1.
6. Give the user the recovery password that is displayed.

Changing administrator information for ID recovery


If an administrator leaves an organization or changes job responsibilities
within an organization, you need to update the administration recovery
information used to recover user ID files and then send the new
information to users to add to their ID files.

Protecting and Managing Notes IDs 39-21

Security

4. Select the user ID file to recover in the Choose ID File to Recover


dialog box.

To add or delete administrators


An administrator with access to the certifier ID completes these steps.
1. From the Domino Administrator, click the Configuration tab, and
then click Certification.
2. Click Edit Recovery Information.
3. In the Choose a Certifier dialog box, if the correct server name does
not appear, click Server and select the registration server name from
the Domino Directory.
4. Choose the certifier for which you are creating recovery information.
If you are using a server-based CA, click Use the CA process
and select a certifier from the drop-down list.
If you are not using a server-based CA, click Supply certifier ID
and password. If the certifier ID path and file name does not
appear, click Certifier ID and select the certifier ID file and enter
the password.
5. Do one:
To delete an administrator, highlight the administrators name,
and then click Remove.
To add new administrators, click Add and then select the names
of administrators who are authorized to recover ID files.
6. (Optional) Change the number of administrators required to unlock
an ID.
7. When you finish adding or deleting names, click OK.
8. Prepare IDs for recovery.

Public key security


Every Notes user ID and Domino server ID has a unique public key for
the Notes certificate. The public key is stored in an ID file and in the
Person or Server document for that ID in the Domino Directory. Notes
and Domino use the public key to authenticate users and servers, verify
digital signatures, and encrypt messages and databases.
A Notes user ID can also have a unique public key for an Internet
certificate.
For information on encrypting and electronically signing mail messages,
see the chapter Encryption and Electronic Signatures. For information
on Internet certificates, see the chapter Setting Up Clients for S/MIME
and SSL.
39-22 Administering the Domino System, Volume 2

If you suspect that an ID has been compromised because it was lost,


stolen, or copied without permission, you can create a new public key for
the ID. Creating a new public key allows you to maintain other parts of
the ID for example, the encryption keys rather than create an
entirely new ID.
Notes users can create a new public key for the Notes certificate. The
new public key must be certified before it can be used by Notes.
After certifying a new public key, you should set up servers to verify
public keys. Public key verification involves matching the public key
stored in the Domino Directory with the public key on the ID. Verifying
public keys prevents an unauthorized user from using the ID with the
original public key to access the server.
For information on verifying public keys, see the topic Creating a new
Notes public key and adding it to the Domino Directory later in this
chapter.

Adding an existing Notes public key


When you register a user or server, Domino automatically adds the
Notes public keys to the corresponding Person or Server document.
However, you may need to manually add a user or server IDs public key
in these situations:

A user wants to send encrypted mail to a Notes user in another


domain. To send Notes encrypted mail, Domino must be able to
access the recipients Notes public key in the Personal Address Book,
Domino Directory, or LDAP directory. If the recipient is in another
domain and the Domino Directory or LDAP directory for that
domain is not accessible by directory assistance, then Domino cant
access the recipients public key for encryption. The sender must
obtain the recipients public key and add it to the Personal Address
Book or a Domino Directory that is set up with directory assistance.
An administrator might also want to set up directory assistance for
the Domino Directory or LDAP directory so users can encrypt
messages to all users in the directories.
For information on setting up directory assistance, see the chapter
Setting Up Directory Assistance.

A user or server IDs public key in the Domino Directory becomes


corrupted or is accidentally deleted, and the administrator needs to
replace it.
For more information, see the topic Adding a Notes public key to
the Domino Directory later in this chapter.
Protecting and Managing Notes IDs 39-23

Security

Issuing new public keys for a Notes certificate

Creating a new Notes public key and adding it to the Domino


Directory
Creating and certifying a new public key requires the following
procedures, which are described below:

The user creates the new public key and submits it for certification.

The certification administrator certifies the users public key with a


Notes certificate and adds it to the Domino Directory.

The user merges the new certificate into the users ID file.

To create a new Notes public key


The ID owner performs these steps.
1. Choose File - Security - User Security.
2. Type the password (if required).
3. Click Your Identity - Your Certificates, and click Other Actions.
Choose Create New Public Keys.
4. In the New Public Keys Confirmation dialog box, click Continue to
use Notes mail to send your request for adopting new public keys.
Note If you want to create a new public key without using Notes
mail, click Export ID to create a safe copy of your ID file, and then
click Do not continue. Use another e-mail program to send the
exported file to the administrator.
5. In the Mail New Public Key Request dialog box, address the request
to one of the following:
The certification administrator for the certifier.
The certifier for example /East/Acme. Domino mails the
request to the person indicated in the Administration section of
the corresponding Certifier document in the Certificates view of
the Domino Directory.
6. Click Send.
To recertify the ID with a Notes certificate and add the Notes public
key to the Domino Directory
The certification administrator performs these steps.
1. Open the certification request in your mail file.
2. Choose Actions - Certify Attached ID File.
3. Select whether to use a server-based certification authority or the
certifier ID, and click OK.
4. If you chose to use the certifier ID, enter the password for the ID, and
click OK.
39-24 Administering the Domino System, Volume 2

6. (Optional) Click Add to specify alternate user name information.


7. (Optional) Specify a minimum password length.
8. Click Certify. The ID owners name appears in the To field and
explanatory text appears in the Subject field of the Mail Certified ID
dialog box.
9. Click Send.
To merge the new Notes certificate with the ID
The ID owner performs these steps.
1. Choose File - Security - User Security.
2. Click Your Identity - Your Certificates.
3. Click Get Certificates, and then click Import (Merge) Notes
Certificates.
4. Select the recertified ID sent to you by the certification administrator,
and then click OK.
To verify a Notes public key
Verifying Notes public keys against those in the Domino Directory helps
prevent an unauthorized user or server from accessing another server.
1. From the Domino Administrator, click Configuration and open the
Server document for the server.
2. Click Security.
3. In the Security Settings section, select Yes in the Compare Notes
public keys against those stored in Directory field.
4. Save the document.
5. Restart the server so that the changes take effect.

Adding a Notes public key to the Domino Directory


You can copy a Notes public key to a file or mail it to a user or
administrator who pastes the public key into a Personal Address Book or
a Domino Directory that users can access. This lets users encrypt mail
sent to a user in another organization or replace a missing or corrupted
key in the Domino Directory.
To mail a public key
1. Choose File - Security - User Security.
2. Select the ID and enter the password.
3. Click Your Identity - Your Certificates - Other Actions. Choose Mail,
Copy Certificate (Public Key).
Protecting and Managing Notes IDs 39-25

Security

5. (Optional) Change the expiration date for the certificate.

4. In the Mail, Copy Certificate (Public Key) dialog box, click Mail
Certificate.
5. Address the request to the person who will paste the key into a
Domino Directory or Personal Address Book.
6. (Optional) Next to CC, type the name of any other people you want
to notify of the request.
7. (Optional) Click Sign to prove you are the sender of the ID.
8. (Optional) Click Encrypt to protect the message as it is being sent to
the recipient.
9. Click Send.
To copy a public key to a file
1. Choose File - Security - User Security.
2. Select the ID and enter the password.
3. Click Your Identity - Your Certificates - Other Actions. Choose
Publish (Mail, Copy) Certificate.
4. In the Publish (Mail, Copy) Certificate dialog box, click Copy
Certificate and click OK to copy the key to the clipboard.
5. Save the contents of the clipboard to a file.
6. Deliver the file by hand or postal service to someone to paste into a
Domino Directory or Personal Address Book.
To paste the public key into a Personal Address Book
1. In your Personal Address Book, create a Contact document for the
owner of the public key.
2. Click the Advanced tab, and then use the clipboard viewer to open
the file or mail message that contains the public key.
3. Copy the public key from the clipboard and paste it into the
Certified public key field of the Contact document.
4. Save the document.
To paste the public key into a Domino Directory
1. From the Domino Administrator, do one of the following:
a. Click the People & Groups tab and edit the Person document.
b. Click the Configuration tab and edit the Server document.
2. Click Certificates - Flat Name Key in the Person document, or click
Administration in the Server document.
3. Use the clipboard viewer to open the file or mail message that
contains the public key.

39-26 Administering the Domino System, Volume 2

Certified public key field (hierarchical Domino certificates)


(Person documents only) Flat name key (non-hierarchical Domino
certificates)
Note You cannot paste Internet certificates into Person or Server
documents.
5. Save the Person or Server document.

Using cross-certificates to access servers and send secure S/MIME


messages
Domino uses two types of cross-certificates: Notes and Internet. Notes
cross-certificates allow users in different hierarchically-certified
organizations to access servers and to receive signed mail messages.
Internet cross-certificates allow users to receive signed mail messages
and send encrypted mail messages.

Notes cross-certificates
To allow users and servers from the different hierarchically-certified
organizations to access servers in the other organization, and to verify
the digital signature of a user from another organization, you use
cross-certificates. Domino servers store cross-certificates in the Domino
Directory. To access Domino servers, Notes clients obtain
cross-certificates for those servers and store them in their Personal
Address Books. These cross-certificates can be used only by the user to
whom they are issued.
For example, if Alan Jones/Sales/East/Acme wants to access the
Support/Seascape server, he needs a cross-certificate from /Seascape,
and the Support/Seascape server needs a cross-certificate for
/Sales/East/Acme. When Alan tries to authenticate with the
Support/Seascape server, it checks for the cross-certificate in Alans
Personal Address Book. If Support/Seascape finds a valid
cross-certificate, the server then checks whether Alan is allowed to access
the server.
Cross-certification can occur at various levels of an organization. For
example, to allow every user within one organization to authenticate
with every server in another, each user has a cross-certificate for the
others organization certifier in the Personal Address Book. Servers in
each organization have a cross-certificate for the others organization
certifier in the Domino Directory. Cross-certification can also occur at the
Protecting and Managing Notes IDs 39-27

Security

4. Copy the public key from the clipboard, and paste it into one of the
following fields:

level of an individual user or server ID. For example, to allow a single


user to authenticate with any server in another organizational unit or
verify a digital signature from a user in that organizational unit, the user
ID needs a cross-certificate for the organizational unit certifier in the
other company, and that organizational unit certifier needs a
cross-certificate for the user ID.
Two-way cross-certification does not need to be symmetric. For example,
one organization can have a cross-certificate for an organizational unit
certifier and another organization can have a cross-certificate for an
organization certifier.
If you have cross-certificates for an organization or organizational unit
certifier, set up server access restrictions to prevent the other
organization from accessing specific servers that store confidential
information. To allow your organization to access servers in another
organization but prevent that organization from accessing your servers,
exchange cross-certificates as required, but then set up server access lists
on all servers to prevent access by the other organization.

Internet cross-certificates
An Internet cross-certificate is a certificate that validates the identity of a
user or server. An Internet cross-certificate ensures the recipient of an
encrypted S/MIME message that the senders certificate can be trusted
and that the certificate used to sign an S/MIME message is valid. It also
validates the identity of a server when a Notes client uses SSL to access
an Internet server.
An Internet cross-certificate is stored in a Certificate document in the
users Personal Address Book and can be used only by the user to whom
it is issued. An Internet cross-certificate can be issued for a leaf certificate
that is, a certificate issued to a user or server by a CA or the CA
itself. Creating a cross-certificate for a leaf certificate indicates trust for
only the owner of the certificate for example, the sender of the signed
message or recipient of an encrypted message. A cross-certificate for a
CA indicates trust for all owners who have a certificate issued by that
CA. If you cross-certify a CA, you trust the CA to issue certificates to
users and servers lower in the hierarchical name tree. For example, after
cross-certifying Sales/ABC, you trust Sales/ABC to issue a certificate to
Fred/Sales/ABC. Alternatively, after creating a cross-certificate for
Fred/Sales/ABC, you trust only Fred/Sales/ABC.

39-28 Administering the Domino System, Volume 2

You can use several methods to obtain a Notes or Internet


cross-certificate.
See the topic Examples of cross-certification later in this chapter.

Accessing a server
If a user attempts to access a server in a foreign domain, and the user
does not already have a certificate in common with the domain, a dialog
box gives the recipient the option to add the cross-certificate on
demand. Users can add a Notes cross-certificate this way. This is
usually the quickest and easiest way for a user to obtain a
cross-certificate.
For more information, see the topic Adding a Domino or Internet
cross-certificate on demand in this chapter.

Receiving a signed mail message


If a user receives a signed mail message from a user in a foreign domain
and the recipient does not already have a certificate in common with the
domain, the on demand cross-certificate dialog box appears. Users can
add both Notes and Internet cross-certificates this way.
For more information, see the topic Adding a Domino or Internet
cross-certificate on demand in this chapter.

Adding a cross-certificate from the Domino Directory


Users can retrieve Internet certificates and Notes and Internet
cross-certificates from the Domino Directory on their home/mail server,
and add them to their Personal Address Books. Domino administrators
can use any method to add the Internet certificates and Notes and
Internet cross-certificates to the Domino Directory; however, the
cross-certificates must be issued by a common ancestor before Notes
copies the cross-certificates to the users Personal Address Book.

By Notes mail or postal service


Users can add a cross-certificate by sending a safe copy of the certificate
through Notes mail or the postal service. Users can use this method to
add a Notes cross-certificate only.
For more information, see the topics Adding a Notes cross-certificate for
IDs by Notes mail and Adding a Notes cross-certificate for IDs by
postal service in this chapter.
Protecting and Managing Notes IDs 39-29

Security

Adding cross-certificates to the Domino Directory or Personal Address


Book

From an Internet server


Users can obtain an Internet cross-certificate through the User Security
panel (File - Security - User Security). Users would choose Identity of
Others - People, Services, and click Retrieve Internet Service
Certificate. A dialog box allows the user to specify an Internet server
from which to obtain a certificate to cross-certify. This method can be the
quickest way to obtain an Internet cross-certificate.
For more information on obtaining Internet cross-certificates for a Notes
client, see Lotus Notes 6 Help.

By phone
Users can add a cross-certificate by providing the name and public key of
the certificate by phone. Users can use this method to add a Notes
certificate only.
For more information, see the topic Adding a Notes cross-certificate by
phone later in this chapter.

In the Person document


Users can cross-certify a certificate stored in a Person document in the
Domino Directory using Actions - Create Cross Certificate. Users can add
both Internet and Notes cross-certificates this way.
For more information, see the topic Creating a cross-certificate from a
users Person document later in this chapter.
From a trusted root certificate
Users can create an Internet cross-certificate from a trusted root
certificate if you have a trusted root certificate in the Personal Address
Book or Domino Directory. Notes and Domino provide in the Personal
Address Book and Domino Directory many default trusted root
certificates for third-party CAs. To indicate trust for these CAs, create a
cross-certificate using the trusted root. You can also add a trusted root
certificate for other CAs that are not included by default and create
cross-certificates for them.
For more information, see the chapter Setting Up Clients for S/MIME
and SSL.

39-30 Administering the Domino System, Volume 2

To authenticate with all servers in another organization


This example describes what the Acme company and the ABC company
do to allow all users and servers in both organizations to authenticate.
1. The Acme organization certifier (/Acme) obtains a cross-certificate
for the ABC organization certifier (/ABC) and stores it in Acmes
Domino Directory.
2. The ABC organization certifier (/ABC) obtains a cross-certificate for
the Acme organization certifier (/Acme) and stores it in ABCs
Domino Directory.
To authenticate with a specific server in another organization
The Acme company wants to let Seascape users who have the
hierarchical certification AppDevelopment/Seascape to access their
customer support server, CSSUPPORT/East/Acme.
1. The Acme organizational unit certifier (/East/Acme) has a
cross-certificate for the Seascape organizational unit certifier
(/AppDevelopment/Seascape) and stores it in Acmes Domino
Directory.
2. The Seascape organizational unit certifier
(/AppDevelopment/Seascape) has a cross-certificate for the Acme
organizational unit certifier (/East/Acme) and stores it in Seascapes
Domino Directory.
This cross-certification enables Kelly Jones/AppDevelopment/Seascape
and Jonathan Moutal/AppDevelopment/Seascape to authenticate with
the server CSSUPPORT/East/Acme. However, it does not allow these
users to authenticate with the Acme server Mail-W/West/Acme.
To send signed S/MIME messages
Alan Jones has an Internet certificate issued from the Acme CA, and
Dave Lawson has an Internet certificate issued from the ABC CA. If Alan
wants to send Dave an encrypted S/MIME message and Dave wants to
send Alan an encrypted S/MIME message:
1. Alan has a trusted cross-certificate for ABC and stores it in his
Personal Address Book.
2. Dave has a trusted cross-certificate for Acme and stores it in his
Personal Address Book.
Both Dave and Alan can now also send encrypted S/MIME messages to
each other.

Protecting and Managing Notes IDs 39-31

Security

Examples of cross-certification

Adding a Notes or Internet cross-certificate on demand


When users access a server or receive a signed message, they can accept a
Notes or Internet cross-certificate from another organization. Domino adds
the cross-certificate to the users Personal Address Book. Then the next
time the user tries to access the server, the user can authenticate the server
with that cross certificate. Similarly, the user can use the cross certificate to
verify signed messages from the organization that was cross certified.
Note You cannot add an Internet cross-certificate on demand if a users
Internet certificate already exists in an LDAP directory.
To add a cross-certificate on demand
1. Using a Notes workstation, attempt to access a server in an
organization with which you are not cross-certified or open a signed
message whose signature you do not trust.
2. If you attempted to access a server, when Domino displays this
message, select Advanced Options:
Your local Domino Directory does not contain a cross-certificate
for this organization.
Would you like to suppress this warning in the future by creating
a cross-certificate for this organization in your Name and Address
Book?
3. To avoid the possibility of cross-certifying an impostor, call someone
trustworthy from the named organization and ask the person to tell
you the organizations public key. Compare it to the key displayed in
the Advanced Options dialog box.
4. Complete these fields:
Field

Enter

Certifier

File name of a user, server, or certifier ID. Specify a server or


certifier ID when creating a cross-certificate for a server. The ID
specified indicates who can use the cross-certificate.

Server

Location of the Personal Address Book or Domino Directory


where you want to copy the cross-certificate. Add the
cross-certificate to the Personal Address Book for Notes clients.

Subject
name

Organization or organizational unit certifier that you want to


cross-certify for example, /Acme. You can also create a
cross-certificate for the owner of the certificate.

Subject
alternate
name list

An alternate name that identifies the subject. Alternate names


allow you to assign more than one name to an ID, which is
recognizable in a users native language.

Expiration Date when the cross-certificate will expire.


date
39-32 Administering the Domino System, Volume 2

Adding a Notes cross-certificate by phone


Two organizations can add a Notes cross-certificate to user, server, and
certifier IDs by providing the name and public key of the IDs to be
cross-certified over the phone. For cross-certification to work, these steps
must be carried out twice, with each organization alternately requesting
cross-certification.
You cannot use this procedure to create an Internet cross-certificate.
To request a cross-certificate for a user, server, or certifier ID
Use these steps to add a cross-certificate for a user or server or for an
organization or organizational unit when you have access to the user,
server, or certifier ID.
1. From the Domino Administrator, click the Configuration tab.
2. Click Certification - ID Properties.
3. Select the user, server, or certifier ID file, and click Open.
4. Type the password (if required).
5. Click Security Basics. Write down the name exactly as it appears in
the Name field, including any forward slashes (/) for example,
Alan Jones/Sales/East/Acme, Mail-E/East/Acme, or /Acme.
6. Click Your Identity - Your Certificates. Write down the Key Identifier
information exactly as it appears, including spaces.
7. Call the organization that will add the cross-certificate, and provide
the name and key exactly as you recorded them.
To request a cross-certificate for an ancestral certifier of an ID
Use these steps to add a cross-certificate for an organization or
organizational unit when you have access to the user or server ID.
1. From the Domino Administrator, click the Configuration tab.
2. Click Certification - ID Properties.
3. Select the user, server, or certifier ID file, and click Open.
4. Type the password (if required).
5. Click Your Identity - Your Certificates and in the Certificates list,
select the certificate for the certifier you want to cross-certify. Click
Advanced Details.

Protecting and Managing Notes IDs 39-33

Security

5. Click Cross Certify. Domino places the cross-certificate in the Server Certificates view of the Domino Directory of the server you specified
in Step 4 or in the Advanced/Certificates view of the Personal
Address Book.

6. Look at the Certificate Issued To field to verify that you selected


the correct certificate. Write down the name exactly as it appears,
including any forward slashes (/) for example, /Acme.
7. Look at the Issuer Key Identifier field and write down the public
key exactly as it appears, including spaces.
8. Call the organization that will add the cross-certificate, and provide
the name and public key exactly as you recorded them.
To add a cross-certificate to a Domino Directory or Personal
Address Book
After someone from another organization provides the name and public
key over the phone, use these steps to add a cross-certificate for the ID.
1. From the Domino Administrator, click the Configuration tab.
2. Choose Certification, and then choose Cross Certify Key.
3. Select whether to use a CA-enabled certifier or use the Certifier ID,
and click OK.
4. If you chose to use the certifier ID, enter the password for the ID, and
click OK.
5. In the Subject name field, type the full hierarchical name for the ID
you are cross-certifying exactly as provided over the phone,
including any forward slashes (/).
6. Type the public key for the ID you are cross-certifying exactly as it
was provided over the phone, including spaces.
7. (Optional) Change the expiration date for the certificate. The default
is 10 years.
8. (Optional) Click Certifier to select a different certifier to issue the
cross-certificate.
9. (Optional) Click Server and select a different registration server
whose Domino Directory will store the cross-certificate. To store the
cross-certificate in a users Personal Address Book, choose Local as
the server. Then click OK.
10. Click Cross Certify. Domino places the cross-certificate in the Server Certificates view of the Domino Directory of the selected registration
server.

Adding a Notes cross-certificate for IDs by postal service


Organizations that cannot communicate through Notes mail can use
these steps to add a Notes cross-certificate for user, server, and certifier
IDs. For cross-certification to work, these steps must be carried out twice,
with each organization alternately requesting cross-certification.
39-34 Administering the Domino System, Volume 2

To create a safe copy of an ID


Use these steps to create a safe copy of the user, server, or certifier ID
that you want to cross-certify.
1. From the Domino Administrator, click the Configuration tab.
2. Choose Certification and then choose ID Properties.
3. Select the user, server, or certifier ID file, and then click Open.
4. Type the password (if required). The ID Properties dialog box
appears.
5. Click Your Identity - Your Certificates - Other Actions, and then
select Export Notes ID (Safe Copy).
6. Enter a path and name for the safe copy, and then click OK. The
default name is SAFE.ID.
7. Copy the file to a disk.
8. Use the postal service to send the disk to the certification
administrator at the other organization.
To add a cross-certificate for the safe copy
Use these steps to add the cross-certificate to the Domino Directory.
1. From the Domino Administrator, click the Configuration tab.
2. Click Certification, and then click Cross Certify.
3. Select whether to use a CA-enabled certifier or use the certifier ID,
and click OK.
4. If you chose to use the certifier ID, enter the password for the ID, and
click OK.
5. Select the safe copy of the ID to be cross-certified, and then click OK.
6. Complete one or more of these fields:
Field

Enter

Certifier

Name of your organizations certifier ID

Server

Location of the Domino Directory where you want to


copy the cross-certificate

Subject name

Organization or organizational unit certifier to be


cross-certified for example, /Acme

Subject alternate An alternate name that identifies the certifier ID. Alternate
name list
names allow you to assign more than one name to an ID,
which is recognizable in a users native language.
Expiration date Date when the cross-certificate will expire
Protecting and Managing Notes IDs 39-35

Security

You cannot use this procedure to create an Internet cross-certificate.

7. Click Cross Certify. Domino places the cross-certificate in the Server Certificates view of the Domino Directory of the server you specified
in Step 6.

Adding a Notes cross-certificate for IDs by Notes mail


If you can route mail to the organization that will cross-certify a user,
server, or certifier ID, you can use Notes mail to add a Notes
cross-certificate. For cross-certification to work, these steps must be
carried out twice, with each organization alternately requesting
cross-certification.
You cannot use this procedure to create an Internet cross-certificate.
To send an ID for cross-certification
1. Choose File - Security - User Security, select the ID, and enter the
password.
2. Click Your Identity - Your Certificates, and then click Other Actions,
and then select Mail, Copy Certificate (Public Key).
3. Select the user, server, or certifier ID you want to have
cross-certified, and then click OK.
4. Enter the password (if required).
5. Address the cross-certification request to the certification
administrator at the other organization, and then click Send.
To cross-certify the ID
1. Open the cross-certification request in your mail file.
2. Choose Actions - Cross Certify Attached ID File.
3. Select the certifier that will issue the cross-certificate. If you choose a
non-CA enabled certifier, enter the password for that certifier ID,
and then click OK.
4. Complete one or more of these fields:
Field

Enter

Subject name

Organization or organizational unit certifier to be


cross-certified for example, /Acme

Subject alternate An alternate name for the subject of the certificate.


Alternate names allow you to assign names that are
name list
recognizable in a users native language to an ID file.
Expiration date

Date when the cross-certificate will expire

Certifier

File name of your organizations certifier ID

Server

Location of the Domino Directory where you want to


copy the cross-certificate

39-36 Administering the Domino System, Volume 2

Creating a cross-certificate from a users Person document


You can create a Notes and/or Internet cross-certificate from a certificate
stored in a users Person document.
1. Do one of the following:
From the Domino Administrator, click People & Groups, and open
the Person document for the user you are cross-certifying.
From the Domino Administrator, click Configuration Certificates, and open the certifier document for which you want
In the Personal Address Book, open the Contact document for the
user you are cross-certifying.
2. Choose Actions - Create Cross Certificate.
3. Choose the certificate to cross-certify.
4. Complete these fields and then click Cross Certify:
Field

Enter

Certifier

File name of a user, server, or certifier ID. Specify a


server or certifier ID when creating a cross-certificate
for a server. The ID specified indicates who can use the
cross-certificate.

Server

Location of the Personal Address Book or Domino


Directory where you want to copy the cross-certificate.
Add the cross-certificate to the Personal Address Book
for Notes clients.

Subject name

Organization or organizational unit certifier that you


want to cross-certify for example, /Acme. You can
also create a cross-certificate for the owner of the
certificate.

Subject alternate
name list

An alternate name for the subject of the certificate.


Alternate names allow you to assign names that are
recognizable in a users native language to an ID file.

Expiration date

Date when the cross-certificate will expire.

5. Repeat Steps 3 and 4 for every user for whom you want to create
cross-certificates.

Protecting and Managing Notes IDs 39-37

Security

5. Click Cross Certify. Domino places the cross-certificate in the Server Certificates view of the Domino Directory of the server you specified
in Step 5.

Creating a cross-certificate from a certifier document


You can create a Notes and/or Internet cross-certificate from a certificate
stored in the Domino Directory.
1. From the Domino Administrator, click Configuration - Certificates,
and open the certifier document for which you want to create a cross
certificate.
2. Choose Actions - Create Cross Certificate.
3. In the Issue Cross Certificate dialog box, complete these fields and
then click Cross Certify:
Field

Enter

Certifier

File name of a user, server, or certifier ID. Specify a


server or certifier ID when creating a cross-certificate for
a server. The ID specified indicates who can use the
cross-certificate.

Server

Location of the Personal Address Book or Domino


Directory where you want to copy the cross-certificate.
Add the cross-certificate to the Personal Address Book
for Notes clients.

Subject name

Organization or organizational unit certifier that you


want to cross-certify for example, /Acme. You can
also create a cross-certificate for the owner of the
certificate.

Subject alternate An alternate name for the subject of the certificate.


name list
Alternate names allow you to assign names that are
recognizable in a users native language to an ID file.
Expiration date Date when the cross-certificate will expire.

4. Repeat Steps 2 and 3 for every certifier for which you want to create
cross-certificates.

Displaying cross-certificates
To view cross-certificates, from the Domino Administrator, click the
Configuration tab and choose the Certificates/Certificates view. The
view lists certificates according to type:

Internet certifiers

Notes certifiers

Notes cross-certificates

Internet cross-certificates

Certificates whose type cannot be determined are listed as Unknown.

39-38 Administering the Domino System, Volume 2

Security

Chapter 40
Controlling User Access to Domino Databases
To control the access that users and servers have to a database, you can
customize the database access control list (ACL) and specify other
security settings.

The database access control list


Every database has an access control list (ACL) that specifies the level of
access that users and servers have to that database. Although the names
of access levels are the same for users and servers, those assigned to
users determine the tasks that they can perform in a database, while
those assigned to servers determine what information within the
database the servers can replicate. Only someone with Manager access
can create or modify the ACL.
To control the access rights of Notes users, select the access level, user
type, and access level privileges for each user or group in a database.
You can set default entries in the ACL when you create the database. You
may also assign roles if the database designer determines this level of
access refinement is needed by the application. Work with the designer
and user representatives of the application to plan the correct access level
before you put a database into production.
For each user name, server name, or group name in an ACL, you can
specify:

An access level

Access level privileges

A user type

Roles

Caution Domino administrators with full access administration rights,


as well as users who are allowed to run agents with unrestricted access,
can access databases without being explicitly listed in the database ACLs.
For more information on full access administration rights and running
agents with unrestricted access, see the chapter Controlling Access to
Domino Servers.
40-1

Note The database ACL should not be confused with other types of
ACLs used by Domino administrators. One such ACL is the extended
ACL, which is used only in the Domino Directory and the Extended
Directory Catalog to restrict access to specific documents and fields
within those databases. You must enable extended access to use this
feature. The other type of access control list is the .ACL file, which is
used by administrators to restrict user access to server directories.

Default ACL entries


A new database, by default, contains these entries in the ACL:

-Default-

Anonymous

Database creator user name

LocalDomainServers

OtherDomainServers

Of the default ACL entries, Anonymous and the database creators user
name are the only entries that are defined as a Person in the ACL.
Anonymous and -Default- are the only entries that are specific to a
database, and not related to an entry in the Domino Directory. For
example, LocalDomainServers is created automatically in the Domino
Directory, and added to the ACL when a database is created.
Anonymous is created as an ACL entry only when the database is
created.

-DefaultUsers and servers receive the access assigned to the -Default- entry if
they have not specifically been assigned another access level, either
individually or as a member of a group, or from a wildcard entry. In
addition, if the database ACL does not contain an entry for Anonymous,
then users accessing the database anonymously get the -Default- level of
access. The default access for -Default- depends on the design of the
database template and varies among the different templates.

40-2 Administering the Domino System, Volume 2

You cannot delete the -Default- entry from an ACL.

Anonymous
Anonymous database access is given to Internet users and to Notes users
who have not authenticated with the server.
The default ACL entry for Anonymous for all database templates (.NTF
files) has an access level of Reader, so that users or servers can
successfully read from the template when creating or refreshing .NSF
files based on that template.
The default ACL entry for Anonymous for database (.NSF files) files is
No Access.
For more information about Anonymous access, see the topic
Acceptable entries in the ACL later in this chapter.

Database creator user name


The database creator user name is the hierarchical user name of the
person who created the database. The default access for the user who
creates the database is Manager. Typically, this person retains Manager
access or is granted Designer access to the database.

LocalDomainServers
The LocalDomainServers group lists the servers in the same domain as
the server on which the database is stored, and is provided by default
with every Domino Directory. When you create a new database, the
default access for LocalDomainServers is Manager. The group should
have at least Designer access to allow replication of database design
changes across the domain. The LocalDomainServers group is typically
given higher access than the OtherDomainServers group.

OtherDomainServers
The OtherDomainServers group lists the servers outside the domain of
the server on which the database is stored, and is provided by default
with every Domino Directory. When you create a new database, the
default access for OtherDomainServers is No Access.

Controlling User Access to Domino Databases 40-3

Security

The access level you assign to the -Default- entry depends on how secure
you want the database to be. Select No Access if you want a database
available to a limited number of users. Select Author or Reader access to
make a database available for general use. The -Default- entry should
have a user type of Unspecified.

Acceptable entries in the ACL


Acceptable entries in the ACL include:

Wildcard entries

User, server, and group names (including user and group names of
Internet clients)

Alternate names

LDAP users

Anonymous, used for anonymous Internet user access and


anonymous Notes user access

Database replica IDs

Each ACL entry can have a maximum of 255 characters.


Add names to the ACL in hierarchical format for better security. For
example:
Sandra E Smith/West/Acme/US
Randi Bowker/Sales/FactoryCo

For more information about creating hierarchical name schemes, see the
chapter Installing and Setting Up Domino Servers.

Types of ACL entries


Wildcard entries
To allow general access to a database, you can enter hierarchical names
with a wildcard character (*) in the ACL. You can use wildcards in the
common name and organizational unit components.
Users and/or servers who do not already have a specific user or group
name entry in the ACL, and whose hierarchical names include the
components that contain a wildcard, are given the highest level of access
specified by every one of the wildcard entries that match.
Here is an ACL entry in wildcard format:
*/Illustration/Production/Acme/US
This entry grants the chosen access level to:
Mary Tsen/Illustration/Production/Acme/US
Michael Bowling/Illustration/Production/Acme/US
This entry does not grant the chosen access level to:
Sandy Braun/Documentation/Production/Acme/US
Alan Nelson/Acme/US
40-4 Administering the Domino System, Volume 2

*/Illustration/*/Acme/US
to represent these entries:
Michael Bowling/Illustration/West/Acme/US
Karen Richards/Illustration/East/Acme/US
When you use a wildcard ACL entry, set the user type as Unspecified,
Mixed Group, or Person Group.
User names
You can add to an ACL the names of any individuals with certified Notes
user IDs or Internet users who authenticate using name-and-password or
SSL client authentication.

For Notes users, enter the full hierarchical name for each user; for
example, John Smith/Sales/Acme, regardless of whether the user is
in the same hierarchical organization as the server that stores the
database.

For Internet users, enter the name that appears as the first entry in
the User name field of the Person document.
Note Many alias names can be entered in the user name field and
used for authentication; however, it is the first name in the list that is
used to perform the security authorization check. This is the name
that should be used on all Domino database ACLs, in the security
settings on the Server document, and in .ACL files.

For more information about setting a maximum level of access for


Internet users, see the topic Maximum Internet name-and-password
access later in this chapter.
Server names
You can add server names to an ACL to control the changes a database
receives from a database replica. To ensure tighter security, use the full
hierarchical name of the server for example, Server1/Sales/Acme
regardless of whether the name of the server being added is in a different
hierarchical organization than that of the server that stores the database.
Group names
You add a group name for example, Training to the ACL to
represent multiple users or servers that require the same access. Users
must be listed in groups with a primary hierarchical name or an alternate
name. Groups can also have wildcard entries as members. Before you can
use a group name in an ACL, you must create the group in the Domino
Directory or in either a secondary Domino Directory or an external
Controlling User Access to Domino Databases 40-5

Security

You can use a wildcard only at the leftmost portion of the ACL entry. For
example, you cant use the entry:

LDAP Directory that has been configured for group authorization in the
Directory Assistance database.
Tip Use individual names rather than group names for the managers of
a database. Then when users choose Create - Other - Memo to Database
Manager, theyll know whom they are addressing.
Groups provide a convenient way to administer a database ACL. Using a
group in the ACL offers the following advantages:

Instead of adding a long list of individual names to an ACL, you can


add one group name. If a group is listed in more than one ACL,
modify the group document in the Domino Directory or the LDAP
Directory, rather than add and delete individual names in multiple
databases.

If you need to change the access level for several users or servers,
you can do so once for the entire group.

Use group names to reflect the responsibilities of group members or


the organization of a department or company.

Tip You can also use groups to let certain users control access to the
database without giving them Manager or Designer access. For example,
you can create groups in the Domino Directory for each level of database
access needed, add the groups to the ACL, and allow specific users to
own the groups. These users can then modify the groups, but they cant
modify the database design.
Terminations group
When employees leave an organization, you should remove their names
from all groups in the Domino Directory and add them to a Deny List
Only group used to deny access to servers. The Deny Access list in the
Server document contains the names of Notes users and groups who no
longer have access to Domino servers. You should also make sure that
the names of terminated employees are removed from the ACLs of all
databases in your organization. When you delete a person from the
Domino Directory, you have the option to Add deleted user to deny
access group, if such a group has been created. (If no such group exists,
the dialog box displays No Deny Access group selected or available.)
For more information on Deny List Only groups, see the chapter Setting
Up and Managing Groups.
For more information on the Deny Access list, see the chapter
Controlling Access to Domino Servers.

40-6 Administering the Domino System, Volume 2

For more information about alternate names, see the chapter Setting Up
and Managing Notes Users.
LDAP users
You can use a secondary LDAP directory to authenticate Internet users.
You can then add the names of these Internet users to database ACLs to
control user access to databases.
You can also create groups in the secondary LDAP directory that include
the Internet user names and then add the groups as entries in Notes
database ACLs. For example, an Internet user may try to access a database
on a Domino Web server. If the Web server authenticates the user, and if
the ACL contains a group named Web, the server can look up the
Internet users name in the group Web located in the foreign LDAP
directory, in addition to searching for the entry in the primary Domino
Directory. Note that for this scenario to work, the Directory Assistance
database on the Web server must include an LDAP Directory Assistance
document for the LDAP directory with the Group Expansion option
enabled. You can also use this feature to look up the names of Notes users
stored in foreign LDAP directory groups for database ACL checking.
When you add the name of an LDAP directory user or group to a
database ACL, use the LDAP format for the name, but use a forward
slash (/), rather than a comma (,), as a delimiter. For example, if the
name of a user in the LDAP directory is:
uid=Sandra Smith,o=Acme,c=US
enter the following in the database ACL:
uid=Sandra Smith/o=Acme/c=US
To enter the name of a nonhierarchical LDAP directory group in an ACL,
enter only the attribute value, not the attribute name. For example, if the
nonhierarchical name of the LDAP group is:
cn=managers
in the ACL enter only:
managers
Controlling User Access to Domino Databases 40-7

Security

Alternate names
An alternate name is an optional alias name that an administrator assigns
to a registered Notes user. You can add alternate names to an ACL. An
alternate name provides the same level of security as the users primary
hierarchical name. For a user whose primary name is Sandra
Brown/West/Sales/Acme, an example of an alternate name format
would be Sandy Smith/ANWest/ANSales/ANAcme, where AN is an
alternate name.

To enter the name of a hierarchical group name, include LDAP attribute


names in ACL entries. For example, if the hierarchical name of the group
is:
cn=managers,o=acme
in the ACL enter:
cn=managers/o=acme
Note that if the attribute names you specify exactly correspond to those
used in Notes cn, ou, o, c the ACL wont display the attributes.
For example, if you enter this name in an ACL:
cn=Sandra Smith/ou=West/o=Acme/c=US
because the attributes exactly correspond to those used by Notes, the
name appears in the ACL as:
Sandra Smith/West/Acme/US
Acceptable ACL entries for LDAP users
LDAP DN

ACL entry

cn=Scott Davidson+ id=1234, ou= cn=Scott Davidson+id=1234/ou=Sales/o=


Sales,o=Acme
Acme
cn=Scott Davidson,o=Acme\, Inc cn=Scott Davidson/o=Acme, Inc
Note If the LDAP name includes a
backslash followed by another character,
omit that backslash when you specify the
name in the database ACL.
uid=smd12345,dc=Acme,dc=Com uid=smd12345/dc=Acme/dc=Com
uid=Sandra Smith,o=Acme,c=US uid=Sandra Smith/o=Acme/c=US

Anonymous
Any user or server that accesses a server without first authenticating is
known by the name Anonymous at that server. Anonymous database
access is given to Internet users and to Notes users who have not
authenticated with the server.
Anonymous access is generally used in databases that reside on servers
available to the general public. You can control the level of database
access granted to an anonymous user or server by entering the name
Anonymous in the access control list, and assigning an appropriate level
of access. Typically you assign Anonymous users Reader access to a
database.

40-8 Administering the Domino System, Volume 2

Anonymous access enabled for


Internet protocol

Anonymous access not


enabled for Internet protocol

Users are prompted to


authenticate when they
attempt to access any
resource on the server. If
the user is not listed in the
database (through a group
entry, a wildcard entry, or
if the user name is
Anonymous If Anonymous has been granted
explicitly listed), then the
No Access (and the Read &
given no
user accesses the database
Write public documents
access in
with the -Default- entrys
privileges are not enabled)
database
access level.
Anonymous users are not
ACL
allowed access to the database
and they will be prompted to
authenticate. When they
authenticate, the name is
checked in the database ACL to
determine the level of database
access that should be granted.

Anonymous
access
enabled in
database
ACL

Users access the database with


the Anonymous entrys access
level. For example, if
Anonymous access is set to
Reader, anonymous users who
access the database will be
granted Reader access.

Anonymous
not listed in
database
ACL

Anonymous users access the


database with the -Defaultentrys access level. For example,
if -Default- access is set to
Reader, and there is no
Anonymous entry in the ACL,
anonymous users who access the
database will be granted Reader
access.

Anonymous users (both those who are given access to a database


through the Anonymous entry and those who have access through the
-Default- entry) who attempt to do something in the database that is not
allowed for their access level will be prompted to authenticate. For
example, if Anonymous is set to Reader, and an anonymous user tries to
create a new document, that user is prompted to authenticate with a
name and password.
Tip If you want all users to authenticate with a database, then make
sure that Anonymous is in the database ACL with an access level of No
Access, and be sure that the Read Public Documents and Write Public
Documents are not enabled. Add the Internet users name to the ACL
with the level of access you want them to have.
Controlling User Access to Domino Databases 40-9

Security

The table below describes the different conditions for access that an
anonymous user would have to a database:

The Domino server uses the group name Anonymous solely for access
control checks. For example, if Anonymous has Author access in the
database ACL, the true name of the user appears in the Authors field of
those documents. The Domino server can display only the true name of
anonymous Notes users, but not of anonymous Internet users, in the
Authors field of the document. Authors fields are never a security
feature, regardless if anonymous access is used; if the validity of the
authors name is needed for security, then the document should be
signed.
Replica IDs
To allow an agent in one database to use @DbColumn or @DbLookup to
retrieve data from another database, enter the replica ID of the database
containing the agent in the ACL of the database containing the data to be
retrieved. The database containing the agent must have at least Reader
access to the database containing the data to be retrieved. Both databases
must be on the same server. An example of a replica ID in a database
ACL is 85255B42:005A8fA4. You can enter the replica ID in uppercase or
lowercase letters, but do not enclose it in quotation marks.
If you do not add the replica ID to the access control list, the other
database can still retrieve data if the -Default- access level of your
database is Reader or higher.
Order of evaluation for ACL entries
ACL entries are evaluated in a specific order to determine the access
level that will be granted to an authenticated user trying to access the
database. If a user fails to authenticate with a server, and the server
permits access anyway, access will be computed as though the users
name was Anonymous.

The ACL first checks the user name to see if it matches an explicit
entry in the ACL. The ACL checks all matching user names. For
example, Sandra E Smith/West/Acme would match the entries
Sandra E Smith/West/Acme/US and Sandra E Smith. In the event
that two different entries for an individual have different access
levels (for example, applied at different times by different
administrators), the user trying to access the database would be
granted the highest access level, as well as the union of the access
privileges of the two entries for that user in the ACL. This can also
happen if the user has alternate names.
Note If you enter only the common name in the ACL (for example,
Sandra E Smith), then that entry matches only if the users name and
the database server are in the same domain hierarchy. For example,

40-10 Administering the Domino System, Volume 2

If no match is made on the user name, the ACL then checks to see if
there is a group name entry that can be matched. If an individual
trying to access the database happens to match more than one group
entry for example, if the person is a member of Sales and there are
two group entries for Sales - Acme Sales and Sales Managers then
the individual is granted the highest access level, as well as the union
of the access privileges of the two entries for that group in the ACL.
Note If the user matches an explicit entry in the ACL, and is a
member of a group that is also listed in the ACL, then the user
always gets the level of access assigned to the explicit entry, even if
the group access level is higher.

If no match is made on the group name, the ACL then checks to see if
there is a wildcard entry that can be matched. If the individual trying
to access the database happens to match more than one wildcard
entry, the individual is granted the highest access level, as well as the
union of the access privileges of all of the wildcard entries that
match.

Lastly, if no match can be made from among the database ACL


entries, the individual is granted the level of access defined for the
-Default- entry.

Configuring a database ACL


Plan the database access for the application before adding users, groups
or servers to a database ACL. After you add a name to the ACL, assign
an access level to the name. Although assigning a user type is optional, it
provides an additional level of security. Add access level privileges and
roles if the application requires them. After you configure a database
ACL, users can click the Effective Access button on the ACL dialog in the
Notes client to view their level of access to a database.
You can make changes to multiple ACLs on a server through the
Multi-ACL Management dialog box in the Administration Client. For
information about using the ACL dialog in the Notes client to edit an
ACL for a single database, see Notes 6 Help.

Controlling User Access to Domino Databases 40-11

Security

if the user is Sandra E Smith, whose hierarchical name is Sandra E


Smith/West/Acme, and the database server is
Manufacturing/FactoryCo, then the entry Sandra E Smith will not
get the correct level of access for ACLs on the server
Manufacturing/FactoryCo. The name must be entered in full
hierarchical format in order for the user to obtain the correct level of
access to ACLs on servers in other domains.

Configuring a database ACL


1. Make sure that you have:
Manager access in the database ACL.
Created the roles and groups that you want to use in the ACL.
2. From the Domino Administrator Server pane, select the server that
stores the databases.
3. Click Files, and select one or more databases from the Domino data
directory.
Note You can add the same entry to more than one database. You
can also edit and remove entries from multiple databases. See the
topic Editing entries in multiple ACLs later in this chapter.
4. From the Tools pane, select Database - Manage ACL.
5. Add entries for Notes users, servers, groups, and authenticated
Internet users.
6. Set the access level for each entry.
7. (Optional) For additional security, select a user type for each entry.
8. (Optional) Refine the entries by restricting or allowing additional
access level priviliges.
9. (Optional) Assign roles to ACL entries. The role displays a check
mark when selected.
10. (Optional) Enforce a consistent ACL across all replicas of the
database.
11. (Optional) Assign an administration server to automatically update
ACL entries.
12. (Optional) To prevent users whose access levels are Depositor or No
Access from using the operating system to copy the database,
encrypt the database with the server ID through the local Encryption
option. This ensures that the database, even when copied, is illegible
to anyone who doesnt have access to the server ID.
13. Click OK to save your changes.

40-12 Administering the Domino System, Volume 2

Access levels assigned to users in a database ACL control which tasks


users can perform in the database. Access level privileges enhance or
restrict the access level assigned to each name in the ACL. For each user,
group, or server listed in the ACL, you select the basic access level and
user type. To further refine the access, you select a series of access
privileges. If the application designer created roles, assign them to the
appropriate users, groups, or servers.
Access levels assigned to servers in a database ACL control what
information within a database the server can replicate.
To access a database on a particular server, Notes users must have both
the appropriate database access, as well as the appropriate server access
specified in the Server document in the Domino Directory.
To view a database ACL, users must have Reader access or higher.
For more information on database access for Internet users, see the topic
Maximum Internet name-and-password access later in this chapter.
Caution: special ACL access
There are some cases in which users can have significant access to a
database that is not defined in the database ACL. This access is granted
through rights set up in other areas of Domino, or by having access to the
server itself. As an administrator, you need to understand these other
kinds of access in order to be able to fully protect server databases.

Administrators who are designated as full access administrators in


the Server document have manager access to all databases, with all
privileges and roles enabled, on the server, regardless of whether
they are listed in the database ACLs.
Note If a user has full administrator access to a database, the
database ACL indicates that by enabling the Full Access
Administrator check box that appears in the Effective Access
dialog box.

Administrators who are designated as administrators or database


administrators in the Server document are allowed to modify (for
example, designate an administration server or create a full-text
index) or delete any database on the server, even if they are not listed
as managers in the database ACL.

Administrators who can run arbitrary executables on the server,


either through non-Domino access to the server or through the use of
Unrestricted Agents that launch executables.

Controlling User Access to Domino Databases 40-13

Security

Access levels in the ACL

Administrators who run the Notes client directly on the server


machine or on a machine that has file level access to the server
database files.

Users may still have access to a database by running agents with the
Unrestricted with Full Access privilege, even if they are not listed
in the database ACL. This privilege bypasses the ACL and reader
lists.

This table shows the user access levels, listed from highest to lowest.
Access level Allows users to

Assign to

Manager

Modify the database ACL.


Encrypt the database.
Modify replication settings.
Delete the database.
Perform all tasks allowed by lower access
levels.

Two people who are


responsible for the
database. Then if one
person is absent, the
other can manage the
database.

Designer

Modify all database design elements.


Create a full-text search index.
Perform all tasks allowed by lower access
levels.

A database designer
and/or the person
responsible for future
design updates.

Editor

Create documents.
Edit all documents, including those
created by others.
Read all documents unless there is a
Readers field in the form. If an editor is
not listed in the Readers field, the user
with Editor ACL access cannot read or
edit the document.

Any user allowed to


create and edit
documents in a
database.

Author

Users who need to


Create documents if the user or server
contribute documents to
also has the Create documents access
level privilege. When you assign Author a database.
access to a user or server, you must also
specify the Create documents access level
privilege.
Edit the documents where there is an
Authors field in the document and the
user is specified in the Authors field.
Read all documents unless there is a
Readers field in the form.
continued

40-14 Administering the Domino System, Volume 2

Assign to

Reader

Read documents where there is a Readers Users who only need to


field in the form and the user name is
read documents in a
specified in the field.
database but not create
or edit documents.

Depositor

Create documents, but otherwise has no


access, with the exception of options to
Read public documents and Write
public documents. These are privileges
that designers may choose to grant.

Users who only need to


contribute documents
but who do not need to
read or edit their own or
other users documents.
For example, use
Depositor access for a
ballot box application.

No Access

Has no access, with the exception of


options to Read public documents and
Write public documents. These are
privileges that designers may choose to
grant.

Terminated users, users


who do not need access
to the database, or users
who have access on a
special basis.
Note You may want to
specifically assign No
Access to individuals
who should not have
access to a database, but
who may be members of
a group that does.

Viewing ACL entries by access level


You can view ACL entries by access level. This shows you at a glance
what entries have been assigned a given access level.

To view ACL entries by access level


1. Make sure that you have Manager access in the database ACL.
2. Select the database icon from your bookmarks page.
3. Choose File - Database - Access Control.
4. Click the arrow next to People, Servers, Groups and select a
specific access level. The ACL displays only those names with the
selected access level.
5. Click OK.

Controlling User Access to Domino Databases 40-15

Security

Access level Allows users to

Access level privileges in the ACL


After you assign an access level to each user, group, and server, you can
select or deselect privileges within an access level.
This table lists the user access level privileges from highest to lowest. The
section that follows describes each privilege in detail.
Access level Default privileges

Optional privileges

Manager

Create documents
Create private agents
Create personal folders/views
Create shared folders/views
Create LotusScript/Java agents
Read public documents
Write public documents

Delete documents
Replicate or copy documents

Designer

Create documents
Create private agents
Create personal folders/views
Create shared folders/views
Read public documents
Write public documents

Delete documents
Create LotusScript/Java agents
Replicate or copy documents

Editor

Create documents
Read public documents
Write public documents

Delete documents
Create private agents
Create personal folders/views
Create shared folders/views
Create LotusScript/Java agents
Replicate or copy documents

Author

Read public documents

Create documents
Delete documents
Create private agents
Create personal folders/views
Create LotusScript/Java agents
Write public documents
Replicate or copy documents

Reader

Read public documents

Create private agents


Create personal folders/views
Create LotusScript/Java agents
Write public documents
Replicate or copy documents
continued

40-16 Administering the Domino System, Volume 2

Optional privileges

Depositor

Read public documents


Write public documents

Create documents

No Access None

Read public documents


Write public documents

Create documents
Select this privilege for all users with Author access. If you deselect this
privilege to prevent Authors from adding any more documents, they can
continue to read and edit documents theyve already created.

Delete documents
Authors can delete only documents they create. If this privilege is
deselected, an author cant delete documents, no matter what the access
level. If the form contains an Authors field, Authors can delete
documents only if their name, or a group or a role that contains their
name, appears in the Authors field.

Create private agents


A user can run only agents that perform tasks allowed by the users
assigned access level in the ACL.
Whether or not a user can run agents is dependent on the access set by
the Domino administrator in the Programmability Restrictions section of
the Server document in the Domino Directory. If you select Create
LotusScript/Java agents for a name in the ACL, the Server document
controls whether or not the user can run the agent on the server.
Since private agents on server databases take up disk space and
processing time on the server, you may want to disallow this privilege.
For more information, see the chapter Controlling Access to Domino
Servers.

Create personal folders/views


Personal folders and views created on a server are more secure than
those created locally, and they are available on multiple servers. Also,
administrative agents can operate only on folders and views stored on a
server.
If the Create personal folders/views privilege is not selected, users can
still create personal folders and views, but the folders and views are
stored on their local workstations. Deselect this privilege to save disk
space on a server.
Controlling User Access to Domino Databases 40-17

Security

Access level Default privileges

Create shared folders/views


Deselect this privilege to maintain tighter control over database design.
Otherwise, a user assigned this privilege can create folders and views
that are visible to others.

Create LotusScript/Java agents


Since LotusScript and Java agents on server databases can take up
significant server processing time, you may want to restrict which users
can create them.
Whether or not a user can run agents depends on the access set by the
Domino administrator in the Programmability Restrictions section of the
Server document in the Domino Directory. If you select Create
LotusScript/Java agents for a name in the ACL, the Server document
controls whether or not the user can run the agent on the server.

Read public documents


Select this privilege to allow users who have No Access or Depositor
access to read documents or to see views and folders to which the
designer assigned the property Available to Public Access users. The
form must contain a text field named $PublicAccess, and its value should
be equal to 1.

Write public documents


Select this privilege to allow users to create and edit specific documents
that are controlled by forms to which the designer has assigned the
property Available to Public Access users. This option lets you give
users create and edit access to specific documents without giving them
Author access. Author access, or an equivalent role, gives users access to
create documents from any form in a database.
Note Users who have this privilege can also delete any public
documents in the database.

Replicate or copy public documents


Select this privilege to allow users to replicate or copy the database, or
documents from the database, locally or to the clipboard. You can select
this privilege for all access levels except Depositor and No Access.

40-18 Administering the Domino System, Volume 2

A user type identifies whether a name in the ACL is for a person, server,
or group. When you assign a user type to a name, you specify the type of
ID required for accessing the database with that name. The user types are
Person, Server, Mixed Group, Person Group, Server Group, and
Unspecified. The -Default- group in the ACL is always assigned
Unspecified as the user type. If you have added Anonymous to the ACL,
then it should have a user type of Unspecified.
User types provide additional security for a database. For example,
assigning the Person user type to a name other than unspecified
prevents an unauthorized user from creating a Group document with the
same person name, adding his or her name to the group, and then
accessing the database through the group name.
Designating a name as a Server or Server Group prevents a user from
using the server ID at a workstation to access a database on the server. Be
aware, though, that designating a name as a Server or Server Group is
not a foolproof security method. It is possible for a user to create an
add-in program that acts like a server and uses a server ID to access the
server database from a workstation.
Instead of assigning a user type to each name, you can automatically
assign a user type to all unassigned names in the ACL. The user type
assigned to each name is determined by the Domino Directory entry for
that name. Using this method, a group is always designated as Mixed
Group, and not as a Person Group or a Server Group. To assign a
Person Group or Server Group to a name, you must select the name
and manually assign that user type.
You can assign user types to entries in multiple database ACLs, or you
can have the server automatically assign user types to unspecified entries
in a single database ACL.

To automatically assign user types to ACL entries


Use this method when you have just added a large number of entries to a
database ACL.
1. Make sure that you have Manager access in the database ACL.
2. From the Domino Administrator Server pane, select the server that
stores the databases.
3. Click Files, and select a database from the Domino data directory.
4. Click Tools - Database - Manage ACL.
5. Click Advanced.
Controlling User Access to Domino Databases 40-19

Security

User types in the ACL

6. On the Advanced panel of the ACL dialog, click Lookup User Types
for Unspecified Users.
The server uses the Domino Directory to look up each entry in the ACL
and assign a user type of Person, Server, or Mixed Group. If it cannot
find a match in the Directory, then the entry in the ACL will be left as
Unspecified.

Roles in the ACL


A database designer can assign special access to database design
elements and database functions by creating roles. A role defines a set of
users and/or servers. They are similar to groups that you can set up in
the Domino Directory. However, unlike groups, roles are specific to the
database in which they are created.
Once a role is created, it can be used in database design elements or
functions to restrict access to those elements or functions. For example,
you may want to allow only a certain group of users to edit certain
documents in a database. You could create a role named DocEditors.
That role would then be added to the Authors fields of those documents,
and assigned to those users who are allowed to edit those documents.
You must have Manager access to create roles in the database ACL. You
must create a role before you assign it to a name or group in the ACL.
Once you have created roles in an ACL, they are listed in the Roles list
box on the Basics panel of the ACL dialog box. Role names appear in
brackets for example, [Sales]. When you add an entry to a database
ACL, you can assign them to a role by selecting a role from the Roles list
box.
Note If you do not have Manager access to the ACL (meaning that you
are not allowed to edit the ACL), the Roles tab does not appear in the
ACL dialog box.
This table describes the design elements to which the database designer
can restrict access by using roles.
To restrict who can

The designer uses

Edit specific documents

An Authors field

Edit specific portions of a document

Sections

Read specific documents

A Readers field or a read access


list on the Security tab of the
Document Properties dialog box
continued

40-20 Administering the Domino System, Volume 2

The designer uses

View and read documents in a specific view

View properties

View and read documents in a specific folder

Folder properties

Read documents created with a specific form

Form properties

Create documents with a specific form

Form properties

Using roles to restrict access to database elements is not a foolproof


security measure. For example, if a designer restricts access to certain
documents in a database, the database manager or Domino administrator
must remember that documents inherit their Reader access list from the
Reader access option that is set in the Form Properties box for the form
used to create the document. Therefore, anyone with Editor access or
above in the database ACL can change a documents Reader access list.

Creating and editing roles


You must create a role before you can assign it to a name in the ACL.
In the Domino Administrator you can create, modify, or delete roles for
multiple database ACLs, but you cannot assign a name to a role or
remove a name from a role in the ACL or display names assigned to a
role, as you can in the Notes client.
To create and manage roles, you must have Manager access in the
database ACL.
To create or edit roles
1. Make sure that you have Manager access in the database ACL.
2. From the Domino Administrator Server pane, select the server that
stores the databases.
3. Click Files and select one or more databases from the Domino data
directory.
4. Click Tools - Database - Manage ACL.
5. Click Roles.
6. Do one of the following, and then click OK, and click OK again to
save your changes:
To create a role, click Add, and type a name for the role.
To rename a role, click Rename. In the Rename Role box, type a
new name for the role.
To delete a role, click Remove, and type the name of the role that
you want to delete.

Controlling User Access to Domino Databases 40-21

Security

To restrict who can

Note In Domino Administrator, you do not need to include any


brackets in the role name when adding or removing a role. However,
when you rename a role, you must type the role name exactly as it
appears in the ACL, including the brackets and case-sensitive
characters.
To assign a role to an ACL entry
Because roles are specific to a database, you must modify database ACLs
on an individual basis in order to assign roles to users.
1. Make sure that you have Manager access in the database ACL.
2. Open the database ACL that you want to modify.
3. Highlight the user to whom you want to assign a role.
4. In the Roles list box, select the role that you want to assign to that
user.
5. Repeat steps 3 and 4 for each user to whom you want to assign a
role.
6. Click OK to save your changes.

Managing database ACLs


As a Domino administrator, you can use any of these methods to manage
database ACLs.
To update ACLs
Use the Administration Process

Use the Web Administrator

Edit entries in multiple ACLs

View the list of all database ACLs on a server.

To monitor changes to ACLs


Display the ACL log to view a chronological list of changes to the
ACL

Create an ACL monitor to automatically send you e-mail when any


changes are made to the database ACL.

40-22 Administering the Domino System, Volume 2

To maintain maximum database security, you must be vigilant about


keeping the ACL up to date. You can use the server administration
process to do this. The Administration Process is a server program that
automatically renames or deletes groups, servers, users, personal views,
personal folders, and private agents, and then updates the Domino
Directory and any database ACLs that have named the server running
the Administration Process as their administration server. This program
also updates the Readers and Authors fields for all documents in a
database.
You can select an administration server for the Administration Process in
the Access Control List dialog box for single databases or in the
Multi-ACL Management dialog box for multiple databases.

A user leaves the organization


When a user leaves the company, you can use the Domino Administrator
to request that the user be deleted from the system. The Administration
Process responds to this request and deletes the users Person document
from the Domino Directory, as well as the users name from all Group
documents, ACLs, roles, Readers and Authors fields, personal folders
and views, and private agents.

A user needs access to the database


If possible, add new names to existing groups in the ACL rather than
listing names individually. Consider whether to include new names in
any roles associated with the database. If the database does not use roles,
check whether there are access lists associated with forms, views, fields,
or sections, and if so, consider whether to include new names in these
lists.
For more information on the use of public access lists with database
design elements, see Application Development with Domino Designer.

A user name changes or you move the user in the hierarchy


Edit the users Person document in the Domino Directory. The
Administration Process carries out all related renaming tasks in database
ACLs and in personal folders and views and private agents.

Controlling User Access to Domino Databases 40-23

Security

Using the Administration Process to update ACLs

Setting up the Administration Process for database ACLs


To use the Administration Process to update and manage names in an
ACL and in Readers and Authors fields, you must assign an
administration server to the database.
Use this method to specify an administration server for multiple
databases.
1. Make sure that you have Manager access in the database ACL.
2. From the Domino Administrator Server pane, select the server that
stores the databases.
3. Click Files, and select the databases from the Domino data directory
to which you want to assign an administration server.
4. Click Tools - Database - Manage ACL.
5. Click Advanced.
6. Select Modify Administration Server setting.
7. Select Server, select an administration server from the list, and then
click OK.
Note When Notes users create databases, they can specify the
administration server for their databases on the Advanced panel of the
database ACL. The database ACL list will automatically be updated
when the Administration Process is run on the specified administration
server.

Managing database ACLs with the Web Administrator


The Web Administrator is a utility application that is packaged as a
Notes database (WEBADMIN.NSF). The Web Administrator lets you
add, delete, and modify database ACL entries; change roles; and view
the ACL log for all databases on the server. To modify database ACLs,
you must:

Have at least Editor access in the Web Administrator ACL. By


default, Domino Full Access Administrators and Administrators get
Manager access in the ACL of the WEBADMIN.NSF when this
database is created.

Have Manager access in the database ACLs of all the databases you
want to modify.

40-24 Administering the Domino System, Volume 2

Set the Maximum Internet name & password access option on the
Advanced panel of the Access Control List dialog box to Manager on
all the databases you want to modify, if you are not using SSL with
X.509 client certificates. This option is set to Manager by default in
the WEBADMIN.NSF so you can add more user names to the ACL of
the WEBADMIN.NSF from a browser.

You can use the Web Administrator to perform the following tasks for
Internet or Notes users:

Add an ACL entry

Remove an ACL entry

Rename an ACL entry

Add, remove, or rename a database role

View the ACL change history

Create a new database on the server based on templates

Create a new copy of the database

Delete a database

Compact a database

Create or update a full-text index of a database

Force manual replication of a database with a remote server

Editing entries in multiple ACLs


As a Domino Administrator, you can make the following changes to
entries that exist in multiple database ACLs. To edit entries in a database
ACL, you must have Manager access to that ACL.
You can also use the Web Administrator to manage database ACLs. For
more information, see the topic Managing database ACLs with the Web
Administrator earlier in this chapter.

To add or remove an entry


1. From the Domino Administrator Server pane, select the server that
stores the databases.
2. Click Files, and select one or more databases from the Domino data
directory.
3. Click Tools - Database - Manage ACL.
4. Click Add or Remove.

Controlling User Access to Domino Databases 40-25

Security

5. Type the entry, or select it from the Domino Directory by clicking the
button next to the list box
6. Click OK.

To rename an entry
1. From the Domino Administrator Server pane, select the server that
stores the databases.
2. Click Files, and select one or more databases from the Domino data
directory.
3. Click Tools - Database - Manage ACL.
4. Click Modify.
5. In the From box, type the name of the person, server, or group that
you want to rename.
6. Select Modify Name.
7. In the To box, type the new name of the person, server, or group that
you want to rename.
8. Click OK to save your changes.

To change the access, user type, or attributes assigned to an entry


1. From the Domino Administrator Server pane, select the server that
stores the databases.
2. Click Files, and select one or more databases from the Domino data
directory.
3. Click Tools - Database - Manage ACL.
4. Click Modify.
5. In the From box, type the name of the person, server, or group whose
access or user type you want to change, and click OK.
6. Do one of the following, and then click OK, and click OK again to
save your changes:
To change the user type assigned to an entry, select the user type
from the drop-down list.
To change the access level assigned to an entry, select the access
level from the drop-down list.
To modify the access level privileges assigned to an entry, click
Modify attributes and type the name of the role that you want
to delete.
7. Click OK.

40-26 Administering the Domino System, Volume 2

You can view all the database ACLs on a server by user name, access
level, or by database.
To view a list of all database ACLs on a server
1. From the Domino Administrator Server pane, select the server that
stores the databases.
2. Click Files.
3. Select the Catalog (V6) - Access Control Lists.
4. Select By Name, By Level, or By Database.
The By Name list shows the ACL list by ACL entry name, then
access level, and then database title.
The By Level list shows the ACL list by access level, then ACL
entry name, and then database title.
The By Database list shows the ACL list by database name, then
server, then access level, and then ACL entry name.

Using the ACL log


You can display a log of all changes made to a database ACL. Each entry
in the list shows when the change occurred, who made the change, and
what changed. The log stores only 20 lines of changes, not the complete
history. Only users who have manager access in the ACL can view the
ACL log.
To display an ACL log
1. Make sure that you have Manager access in the database ACL.
2. From the Domino Administrator Server pane, select the server that
stores the databases.
3. Click Files, and select one or more databases from the Domino data
directory.
4. Choose File - Database - Access Control.
5. Click Log.
6. Highlight a line of log history. To see the complete text of the log
history, look in the field at the bottom of the dialog box.
7. (Optional) Click Copy to copy the ACL log to the clipboard so that
you can paste it in a document.
Note If you enable an ACL for Extended Access, there is no longer a
20-line limit for the log. The log also includes more details about
Extended Access changes.

Controlling User Access to Domino Databases 40-27

Security

Viewing all database ACLs on a server

Enforcing a consistent access control list


You can ensure that an ACL remains identical on all database replicas on
servers, as well as on all local replicas that users make on workstations or
laptops.
Select the Enforce a consistent Access Control List setting on a replica
whose server has Manager access to other replicas to keep the access
control list the same across all server replicas of a database. If you select a
replica whose server does not have Manager access to other replicas,
replication fails because the server has inadequate access to replicate the
ACL.
If a user replicates a database locally, the database ACL recognizes that
users access as it is known to the server. This happens automatically for
local replication, regardless of whether Enforce a consistent Access
Control List is enabled.
It should be noted that local replicas with Enforce a consistent access
control list enabled attempt to honor the information in the ACL and
determine who can do what accordingly. However, they have some
limitations. One limitation is that group information is generated on the
server, not at the local replica. When a database is replicated locally,
information about the group membership of the person doing the
replication is stored in the database for use in ACL checking. If a
person/identity other than the one doing the replication accesses the
local replica, there will be no group membership information available
for that person, and the ACL can use only the persons identity, not
group membership, to check access.
Additionally, enforcing a consistent access control list does not provide
additional security for local replicas. To keep data in local replicas
secure, encrypt the database.
Note If a user changes a local or remote server database replicas ACL
when the Enforce a consistent Access Control List option is selected,
the database stops replicating. The log (LOG.NSF) records a message
indicating that replication could not proceed because the program could
not maintain a uniform ACL on replicas.

40-28 Administering the Domino System, Volume 2

1. Make sure that you have Manager access in all the database ACLs
you select.
2. From the Domino Administrator Server pane, select a server that has
Manager access to the databases on which you want to enforce a
consistent ACL.
3. Click Files, and select one or more databases from the Domino data
directory.
4. Click Tools - Database - Manage ACL.
5. Click Advanced.
6. Select the option Modify Consistent ACL setting.
To enforce a consistent ACL, select Enforce a consistent Access
Control List across all replicas of this database.
To disable a consistent ACL, select Do not enforce a consistent
ACL.
7. Click OK.

Updating Readers and Authors fields


By default, the Administration Process examines all documents in a
database to find and update Readers and Authors fields and to update
personal folders and views and private agents. When the Administration
Process performs a Rename person or a Delete person request, it
edits or removes the name in all Readers and Authors fields and in
personal folders and views, and in private agents. To update Readers
and Authors fields in only selected documents, you create a special view
in the database and then update that view.
You must select an administration server if you want to select the option
to modify Readers and Authors fields. The default is to not modify
Readers and Authors fields.

To update Readers and Authors fields


1. Make sure that you have Manager access in the database ACL and
that you have already specified an administration server for the
database.
2. From the Domino Administrator Server pane, select the server that
stores the databases.
3. Click Files, and select the databases from the Domino data directory
to which you want to assign an administration server.
Controlling User Access to Domino Databases 40-29

Security

To enforce or disable a consistent access control list for multiple


databases

4. Click Tools - Database - Manage ACL.


5. Click Advanced.
6. Select Modify Administration Server setting.
7. Choose Modify fields of type Reader or Author, and click OK.

Setting up database access for Internet users


When you set up database access, you must make special provisions for
Internet users. See the following topics for information about setting up
and controlling the access that these users have to a database:

Specify maximum Internet name-and-password access.

Require an SSL connection to a database

Default entries in the ACL.

Maximum Internet name-and-password access


Users who have Internet or intranet browser access to a database cannot
be identified by Notes in the same way Notes users are identified. Use
the Maximum Internet name & password access setting to control the
maximum type of access that Internet or intranet browser users have to a
database. The list contains the standard access levels for Notes users.
This option applies to users who use name-and-password authentication
or access the server anonymously over the Internet and connect to
servers using either the TCP/IP port or the SSL port. This option does
not apply to users who have SSL client certificate IDs and who access the
database over the Internet on the SSL port. Users with SSL client access
receive the level of access specified in the database ACL.
Add an entry for the group Anonymous to the database ACL, if
appropriate for this database. Then select the maximum access level you
want to assign to all Internet and intranet users who use
name-and-password authentication for a particular database. Users who
access a Notes database over the Internet, either anonymously or by
using name-and-password authentication, never have an access level
higher than what is specified as the Maximum Internet name &
password access level.
Caution The Maximum access level overrides the access level that a
user may have been explicitly given in the database ACL, but only to
enforce the lower of the two access levels.

40-30 Administering the Domino System, Volume 2

The default for this option is Editor access. Tasks such as creating folders,
views, and agents do not apply to Internet users.
Tip You can use this setting to prevent Internet users from accessing the
database using name-and-password authentication. By setting it to No
Access, the database would then be accessible only to Notes users or
Internet users who authenticate using SSL client certificates.

Selecting the maximum Internet name and password


Use this method to select the maximum Internet name-and-password
access for one or more databases.
1. Make sure that you have Manager access in all the database ACLs
you select.
2. From the Domino Administrator Server pane, select a server that has
Manager access to the databases.
3. Click Files, and select one or more databases from the Domino data
directory.
4. Click Tools - Database - Manage ACL.
5. Click Advanced.
6. If you have selected multiple databases, select the option Modify
Internet name & password setting.
7. Select the maximum access level from the list next to the field
Maximum Internet name & password.
8. Click OK.

Requiring an SSL connection to a database


Secure Sockets Layer (SSL) is a security protocol that provides
communications privacy and authentication for Domino server tasks that
operate over TCP/IP. You can require users to access a database using a
secure SSL connection. You can also choose to require an SSL connection
to a single database or to all databases on a server.
Controlling User Access to Domino Databases 40-31

Security

For example, a user, Sandra Smith/West/Sales/Acme can use name and


password to access a server using a Web browser. If Sandra
Smith/West/Sales/Acme is assigned Editor access in the ACL and the
Maximum Internet name & password access setting is Reader, the
lower of the two access levels applies and Sandra is allowed only Reader
access. Similarly, if Sandra Smith/West/Sales/Acme is assigned Reader
access in the ACL and the Maximum access setting is Editor, Sandra is
allowed only Reader access. However, if Sandra Smith also uses a Notes
client to access the database, the Maximum access setting is ignored
and Sandra is allowed Editor access.

If the server is not configured to require an SSL connection, clients will be


able to use either SSL or unsecured TCP/IP to connect to the server; for
example, in a browser, by using HTTP (for non-SSL) or HTTPS (for SSL).
For more information about Internet client access to Domino servers and
databases, see the chapter Setting Up Name-and-Password and
Anonymous Access to Domino Servers.
To require an SSL connection to a database
1. Make sure you have Manager access in the database ACL.
2. From the Domino Administrator Server pane, select a server that
stores the database(s) for which you want to require an SSL
connection.
3. Click Files, and open the database from the Domino data directory.
4. Choose File - Database - Properties.
5. On the Basics tab, choose Web access: Require SSL connection.

40-32 Administering the Domino System, Volume 2

Security

Chapter 41
Protecting User Workstations with Execution Control
Lists
This chapter describes how to set up and manage execution control lists
for user workstation data security.

The execution control list


You use an execution control list (ECL) to set up workstation data
security. An ECL protects user workstations against active content from
unknown or suspect sources, and can be configured to limit the action of
any active content that does run on workstations. The ECL determines
whether the signer of the code is allowed to run the code on a given
workstation, and defines the access that the code has to various
workstation functions. For example, an ECL can prevent another
persons code from running on a computer and damaging or erasing
data.
Active content includes anything that can be run on a user
workstation, including formulas; scripts; agents; design elements in
databases and templates; documents with stored forms, actions, buttons,
hot spots; as well as malicious code (such as viruses and so-called
Trojan horses).
There are two kinds of ECLs: the Administration ECL, which resides in
the Domino Directory (NAMES.NSF), and the workstation ECL, which is
stored in the users Personal Address Book (NAMES.NSF). The
Administration ECL is the template for all workstation ECLs. The
workstation ECL is created when the Notes client is first installed. The
Setup program copies the administration ECL from the Domino
Directory to the Notes client to create the workstation ECL.

The workstation ECL


A workstation ECL lists the signatures of trusted authors of active
content. Trust implies that the signature comes from a known and safe
source. For example, every system and application template shipped
with Domino or Notes contains the signature Lotus Notes Template

41-1

Development. Likewise, every template and database that your


organization designs should contain the signature of either the
application developer or the administrator.
For each signature, the ECL contains settings that control the actions that
active content signed with that signature can perform and the
workstation system resources it can access.
For a description of ECL access options, see the topic ECL security
access options in this chapter.
How the workstation ECL works
When active content runs on a user workstation and attempts a
potentially harmful action for example, programmatically sending
mail the following occurs:
1. Notes verifies that the active content is signed and looks up the
signer of the code in the workstation ECL.
2. Notes checks the signers ECL settings to determine whether the
action is allowed.
3. One of the following occurs:
a. If the signer of the code is listed in the workstation ECL and the
appropriate setting is enabled, the active content runs.
b. If the active content attempts an action that is not enabled for the
signer, or if the signer is not listed in the ECL, Notes generates an
Execution Security Alert (ESA), which specifies the attempted
action, the signers name, and the ECL setting that is not enabled.
The ESA gives the user four options:
Do not execute the action to deny the signer access to perform
the specified action.
Execute the action this one time to allow the signer access to
perform the action only once. The ESA appears again if the same
action is attempted in the future. This option does not modify the
ECL.
Start trusting the signer to execute this action to allow the
action to be performed and modify the ECL configuration to add
the signature of the active content to the ECL. This grants
permission for the signer to execute the specific action any time on
that workstation.

41-2 Administering the Domino System, Volume 2

For example, locally scheduled agents, as well as manual agents,


can generate ESAs. Click More Info to get information about the
agent that generated the alert.
Note The administration ECL has a setting that prevents users from
changing their workstation ECLs. If this setting is enabled, then the users
option to trust the signer is disabled.

ECL security access options


There are three categories of access options for ECLs.

Workstation security

Java applet

JavaScript

Workstation security access options


Choose from these options when setting up access to workstation data
for active content, such as Notes databases:
Access option

If enabled, allows formulas and code to

Access to file system

Attach, detach, read to, and write from


workstation files

Access to current database

Read and modify the current database

Access to environment
variables

Use the @SetEnvironment and


@GetEnvironment variables and LotusScript
methods to access the NOTES.INI file

Access to non-Notes databases Use @DBLookup, @DBColumn, and


@DBCommand to access databases when the
first parameter for these @ functions is a
database driver of another application
Access to external code

Run LotusScript classes and DLLs that are


unknown to Notes

Access to external programs

Access other applications, including activating


any OLE object

Ability to send mail

Use functions such as @MailSend to send mail

Ability to read other databases Read information in databases other than the
current database
Ability to modify other
databases

Modify information in databases other than the


current database
continued

Protecting User Workstations with Execution Control Lists 41-3

Security

More Info to display a dialog box that provides information


about the design type, design name, Notes ID, signature status,
and parent database of the code that caused the ESA.

Access option

If enabled, allows formulas and code to

Ability to export data

Print, copy to the clipboard, import, and export


data

Access to Workstation
Security ECL

Modify the ECL

Java applet options


Choose from these options when setting up access to workstation data
for Java applets that run in Notes:
Access option

If enabled, allows the applet to

Access to file system

Read and write files on the local file system.

Access to Notes Java classes

Load and call the Domino objects for Java and


CORBA.

Access to network addresses

Bind to and accept connections on a privileged


port (a port outside the range 0 to 1024) and
establish connections with other servers.

Printing

Submit print jobs.

Access to system properties

Read system properties such as color settings


and environment variables.

Dialog and clipboard access

Access the system clipboard. Also disables the


security banner that is displayed in the top-level
window to indicate that a Java applet created the
window. Displaying the security banner
reminds users not to enter security-sensitive
information into a dialog that masquerades as a
password dialog, for example.

Process-level access

Create threads and threadgroups, fork and run


external processes, load and link external
libraries, access nonpublic members of classes
using Java core reflection, and access the AWT
event queue.

JavaScript options
These options control access to workstation data for JavaScript that runs
in the Notes client, on a Notes form or on a Web page rendered by the
Notes browser. These options do not control JavaScript run by other
browsers, including the Microsoft Internet Explorer browser, even when
the browser is embedded in the Notes client.
JavaScript ECL settings control whether JavaScript code can read and/or
modify JavaScript properties of the Window object. You can allow read
access from, and write access to, the properties of the Window object. As
the top-level object in the JavaScript document object model, the Window
41-4 Administering the Domino System, Volume 2

Window object classes are described in the following table:


Window object
class

Description

Default

Source window

Allow read
Controls JavaScript access to the Window
and write
object on the same page as the JavaScript
code. Selecting this option does not prevent a access
JavaScript directly to the object on the source
window, because doing so circumvents the
Window object; therefore this ECL option is
not enforced.

Other window
from same host

Controls JavaScript access to the Window


Allow read
object on a different page from the JavaScript and write
code, but from a page using the same host.
access
For example, JavaScript code on a page on
www.lotus.com can access the Window
object on another page on www.lotus.com.
This allows two pages to interact if they are
within the same frameset.

Other window
from different
host

Controls JavaScript access to the Window


Not allow
object on a different page within a frameset
read and
write access
that uses a different host. For example,
JavaScript code on a page on www.lotus.com
can access the Window object on a page on
any other server.
Enabling this option poses a high security
risk because of the possibility of malicious
code on one page of the frameset accessing
data on another page.

Two additional ECL options control whether JavaScript that runs in the
Notes client is authorized to open a new Web page or Notes document. You
can enable open access for these options, described in the following table:
Option

Description

Default

URL on same
host

Controls access for opening a page or Notes


document on the same host as the JavaScript
code.

Allow open
access

URL on different Controls access for opening a page or Notes Not allow
host
document on a different host as the JavaScript open access
code.

Protecting User Workstations with Execution Control Lists 41-5

Security

object has properties that apply to the entire window. Securing access to
the Window object secures access to other objects on the page since the
JavaScript program cannot access the objects further down in the object
model hierarchy without first traversing the Window object.

The administration ECL


When you set up the first server in a domain, Domino creates a default
administration ECL, which you can then customize. The administration
ECL is the template for all workstation ECLs. Whenever a new Notes
client is installed, the setup program copies the administration ECL from
the Domino Directory to the Personal Address Book on the Notes client
workstation. The users Notes ID is added to the workstation ECL, with
all access allowed. For example, when John Does Notes client is being
set up, John Doe is automatically added to the client ECL signer list.
If the home server is unavailable when a Notes client is installed for
example, when a user is disconnected the workstation ECL is created
with default settings, rather than being created from the administration
ECL.
Note Technically, when a server is initially installed, there is no Admin
ECL. When a client attempts to edit the workstation ECL, or refresh it
from an admin ECL that does not exist, the client creates an ECL with
default settings that are coded into the client. The Admin ECL exists on
disk, once an administrator modifies and saves it. Once the modified
administration ECL is saved to disk, then that is the ECL that is copied to
user workstations.
You use the administration ECL to define and deploy customized ECLs
for your users. You can control ECL changes or allow users to modify
their own ECLs. Furthermore, you can update your users workstation
ECLs as security requirements change automatically, through the use
of a security settings document deployed through a policy, or manually,
by asking users to refresh their workstation ECLs.
To create customized ECLs that can be deployed for specific groups of
users, you must use a security settings document that is deployed
through a server policy. For example, you can create one ECL exclusively
for contract employees and another ECL for full-time employees.
For more information on using policies for security, see the chapter
Using Policies.

Guidelines for creating an effective administration ECL


Your goal as an administrator is to limit the number of trusted signers for
active content, and the access that active content has to user
workstations. To accomplish this goal, limit the number of trustworthy
signers in your organization and ensure that workstation ECLs trust only
those signers.

41-6 Administering the Domino System, Volume 2

Do not grant access to unsigned content. This creates a security hole


that allows potentially harmful code, malicious or otherwise, to
access user workstations. Keep the default access options for
unsigned content.

Do not let your users trust unsigned content. To prevent users from
changing their ECLs for example, by giving access to unsigned
content, or to content signed by signers who are not listed in the ECL,
deselect Allow user to modify in the Administration ECL.

Know your signers. Trusting signed active content, especially from


other organizations, is risky. Before adding an active content author
to an ECL, decide if you trust that the author has created safe code.

Create a separate certifier for an organizational unit to issue IDs


specifically for users who must sign templates and applications
for example, Enterprise ECLApp Signer/West/Acme. Then users
who create templates and applications use those IDs to sign
templates and applications. You can then set up the administration
ECL to trust any user in that special organizational unit, or fine-tune
it on a per-user basis.

Default ECL settings


When you first edit the ECL, it includes the following signatures and
access options. By default, the ECL does not allow access to protected
operations for active content that is unsigned, or for active content that is
signed by a signer who is not listed in the ECL.
Signature

Applies to

Default access options

-Default-

Formulas and code that contain a


None
signature, and that signature is
verified by Domino, but the
signature does not match any entry
in the ECL.
For example, if the signer is John
Andrews/Atlas, but the ECL does
not contain this signature, the ECL
uses the -Default- signature to
assign access.
continued

Protecting User Workstations with Execution Control Lists 41-7

Security

Use these guidelines to create secure ECLs:

Signature

Applies to

Default access options

-No Signature-

Formulas and code that contain an None


invalid or corrupted signature, are
unsigned, or are signed by an
identity or organization that cant
be verified by Domino.
For example, if the code is not
signed, or is signed by a user
unknown to the Domino server, the
ECL matches -No Signature-.

BT Mail and
Calendar
Migration Tools/
Lotus Notes
Companion
Products

Every template related to Binary


Tree Mail and Calendar Migration
Tools.
If your organization isnt using this
tool, you can remove this entry
from the ECL.

Access to file system,


Access to current
database, Access to
environment variables,
Access to external
code, Ability to read
other databases, Ability
to modify other
databases

Domino Unified
Communications
Services/Lotus
Notes
Companion
Products

Every template related to Domino


Unified Communications Services.
If your organization isnt using this
tool, you can remove this entry
from the ECL.

Access to current
database, Access to
environment variables,
Access to external
code, Access to
external programs,
Ability to send mail,
Ability to read other
databases, Ability to
modify other databases

Lotus Fax
Development/
Lotus Notes
Companion
Products

Every template related to Lotus Fax


for Domino.
If your organization isnt using this
tool, you can remove this entry
from the ECL.

Access to current
database, Access to
environment variables,
Ability to read other
databases, Ability to
modify other databases
continued

41-8 Administering the Domino System, Volume 2

Applies to

Default access options

Lotus Notes
Template
Development/
Lotus Notes

Every template shipped with


Domino and Notes.
For example, the signer matches
this type only if it has the Lotus
Notes Template
Development/Lotus Notes
signature.

All

Sametime
Development/
Lotus Note
Companion
Products

All except Access to


Every template related to
workstation security
Sametime.
If your organization isnt using this ECL
tool, you can remove this entry
from the ECL.

You can also add additional users or signature types to the ECL. You
could add the hierarchical names of specific users or groups for
example, Phyllis Spera/Sales/East/Acme. If you create a special certifier
to certify the IDs of a group of trusted signers, you could use a wildcard
character to name all signers for example, */Trusted Signers/Acme.
The table below describes the access that these users (or signature types)
in an ECL would have:
Signature

Applies to

*/Trusted Signers/Acme

Formulas and code that have */Trusted


Signers/Acme signature.
For example, if the signer is anyname/Trusted
Signers/Acme such as Emily
Marks/Trusted Signers/Acme or Alan
Jones/Sales/East/Trusted Signers/Acme
the ECL uses the */Trusted Signers/Acme
signature to match access.

Phyllis
Spera/Sales/East/Acme

Formulas and code that have Phyllis


Spera/Sales/East/Acme as the signature.
For example, the signer matches this type only
if the ECL contains the Phyllis
Spera/Sales/East/Acme signature.

Protecting User Workstations with Execution Control Lists 41-9

Security

Signature

Collecting information for a new administration ECL


Before you can create an Admin ECL to distribute, identify the
individual people and/or organizations that you can trust to create and
sign active content. Identify a few users who use a broad range of typical
Notes applications, then ask them to complete these steps.
1. Remove all entries from the workstation ECL except the following:
All entries in the form */org, where org is a local
domain/organization
-Default -No signature Lotus Notes Template Development/Lotus Notes
To do this, highlight the item to remove under When signed by,
then click Remove.
Note If any of these entries are not listed in the ECL, it means that
those entries are not needed.
2. Make a list of the entries you remove so that if those entries were, in
fact, not needed, they can later be added with No access in the
administration ECL.
3. Make these changes to the remaining entries in the ECL:
For When signed by

For Allowed

*/org, where org is a local


domain/organization

Deselect all selected items.

-Default-

Deselect all selected items. Default should


have no permissions.

-No signature-

Deselect all selected items.

Lotus Notes Template


Development/Lotus Notes

Select all items. This signer should have all


permissions.

4. For a designated time period (a week should be sufficient), when the


Execution Security Alert dialog box appears, click Trust signer,
with the following exceptions:
Do not trust any actions with -No Signature-.
Check with the administrator before trusting odd or unfamiliar
signatures or before clicking Execute once for templates and
applications signed with odd or unfamiliar signatures.
Note Users who use the Lotus Notes Client 5.01 or earlier should
choose No in the dialog box that asks if you want to trust
everybody in the organization of the user whose signature you are
about to trust.
41-10 Administering the Domino System, Volume 2

After the designated time period is complete, the administrator should


combine the signatures in the users ECLs to create an updated
administration ECL.
The workstation ECL log
The Lotus Notes 6 Client logs ECL-related operations in the Client log
(LOG.NSF) in Miscellaneous Events. This includes:

Results of Execution Security Alert (ESA) dialogs, as well as


additional ESA details. These details include information about the
code that caused the ESA, such as the design type, design title,
NoteID, database title, and path.

Any ECL modifications. This includes information on which ECL


was modified; the ECL entries that were changed, added or deleted;
and the rights that were granted or revoked. It also includes all ECL
modifications resulting from such operations as dynamic ECL
update, programmatic ECL refresh (@ECLRefresh function), setup
ECL refresh/creation and manual ECL changes made in the ECL
Editor or through the User Security Panel.

It is possible to write an agent to run on Notes clients and parse the ECL
logging data to provide administrators with specific information on how
users are managing their workstation ECLs, as well as current
information about applications or other code that should be added to
Admin ECLs.

Creating the administration ECL


Before you register users, edit the administration ECL to create a
template for user workstation ECLs. Use the following procedure to
create and deploy an administration ECL that provides a good starting
point for managing and maintaining secure workstation ECLs.
You can deploy and maintain ECLs on a group and organizational basis
through the use of policies. For more information, see the chapter Using
Policies.
1. (Optional) Collect information for creating the administration ECL.
For more information, see the topic Collecting information for a
new administration ECL in this chapter.
2. Edit the Administration ECL.

Protecting User Workstations with Execution Control Lists 41-11

Security

The resulting ECLs for these users should contain more signers than
what the ECL originally contained, unless your organization has
managed the signing process up front and only uses objects signed by a
small number of known trustworthy signers.

For more information, see the topic Editing the administration ECL
in this chapter.
3. Deploy the new ECL to user workstations. This happens
automatically when Notes client software is first installed on user
workstations.
4. Update user workstation ECLs, as required.

Editing the administration ECL


1. From the Domino Administrator, click the Files tab.
2. From the Servers pane, choose the server to work from.
3. Open the Domino Directory (NAMES.NSF).
4. Choose Actions - Edit Administration ECL.
5. (Optional) Select -Default- and then select access options.
For more information on access options, see the topic ECL security
access options in this chapter.
6. (Optional) Select -No Signature- and then select access options.
7. To add an entry, click Add, enter the name of a person or server, and
then click OK.
a. Enter an asterisk (*) to allow access to all users, even those not
listed in the Domino Directory, access.
b. Enter an asterisk (*) followed by a certifier name for example,
*/Acme to allow access to users certified by that certifier.
Note Add entries to the ECL even if you want to deny access to a
person, group, or organization. Then you can overwrite existing
entries in workstation ECLs and essentially undo any trust users
have granted. For example, to revoke access previously granted to
someone, add that person to the administration ECL, but dont give
them any privileges. When the updated administration ECL is
distributed, it will overwrite the workstation ECLs with the updated
privileges for that person.
8. To remove an entry, select it from the list and click Remove.
Note Removing an entry will not deny access to that entry when
existing client ECLs are refreshed. To ensure that this entry no longer
has access, leave the entry in the list and instead, remove all rights.
9. To rename an entry, select it from the list and click Rename.
Note It may be better to leave the existing entry and add a new
entry with the new name instead. Active content signed with the
users previous name will then still be allowed the same access it had
before.
41-12 Administering the Domino System, Volume 2

11. Click OK.

Deploying and updating workstation ECLs


If you create an Admin ECL prior to registering users, that Admin ECL is
deployed automatically to user workstations when users run Notes setup
during install. For Domino 6, you can also deploy and maintain ECLs
through the use of policies, which allow you to create and deploy ECLs
on a group or organizational basis, as well as define the frequency and
extent to which workstation ECLs are updated.
For more information about using policies to create, deploy, and update
ECLs, see the chapter Using Policies.
If you edit the administration ECL after users run setup, and you are not
using a security policy, you can use one of the following procedures to
update user workstation ECLs.

Use the @Refresh ECL function, through a memo or common


database event

Have users update their ECLs through the User Security dialog box.

To use the @RefreshECL function to update workstation ECLs


This procedure enables users to update their workstation ECL by
running a macro that copies the current administration ECL to the local
workstation ECL.
1. Make sure the Domino Directory with the ECL changes has
replicated throughout the domain.
2. Address a memo to users whose ECLs you want to update.
3. Add a button to the memo that executes this formula:
@RefreshECL (server : database ; name)
Where server : database is a text list that specifies the server location
and file name of the Domino Directory (NAMES.NSF) that contains
the administration ECL; and name is text that specifies the name of
the administration ECL. Specify (null) if you have not named the
administration ECL. For example, for an unnamed administration
ECL located in NAMES.NSF on the server SERVER1, the
@RefreshECL formula is:

@RefreshECL("server1":"names.nsf";"")
Note For MIME-enabled users who lose their active content in mail
messages, add the button to a document in a particular Notes
database and tell those users to go there to update their ECLs.
Protecting User Workstations with Execution Control Lists 41-13

Security

10. To let users modify their workstation ECLs or enable Java applets
from trusted senders, select Allow users to modify.

4. Describe the purpose of the memo and instruct users to click the
button.
5. Mail the memo.
Tip Add the @Refresh ECL function to a common database event,
so that all users in the organization can use it to update their ECLs.
To use the Refresh button to update workstation ECLs
1. Make sure the Domino Directory with the ECL changes has
replicated throughout the domain.
2. Address a memo to users whose ECLs you want to update.
3. Describe the purpose of the memo and instruct the users to do the
following:
a. Choose File - Security - User Security.
b. Click What Others Do, and then click Using LotusScript,
Using Java, or Using JavaScript.
c. Click Refresh All
4. Mail the memo.
Note Even after you distribute an updated ECL, users might still
encounter Execution Security Alerts. Make sure that users:
Do not trust any actions with -No Signature-
Check with you before trusting any odd or unfamiliar signatures,
or before clicking Execute once for templates or applications
signed with odd or unfamiliar signatures. Investigate those
signatures, and if necessary, update and redistribute the
administration ECL.

Administration ECL <ECLOwner> key


In order to provide more flexibility to users, especially in organizations
that do not allow users to modify their own ECLs, administrators can set
the execution rights of the current ECL owner during workstation ECL
refresh and replace. You do this by adding the key string
<ECLOwner>

as an entry in the Admin ECL. You then give that entry the ECL rights
that are appropriate for a workstation user. For example, if you want to
give users the ability to write and execute basic Notes programs on their
own workstations, you would enable the appropriate rights for this
entry.

41-14 Administering the Domino System, Volume 2

If this key string entry is not included in the Admin ECL, and if Allow
user to modify is not enabled, the current user entry is removed from
the workstation ECL during ECL replace. If Allow user to modify is
enabled, the current user remains in the Workstation ECL
Refreshing the ECL without the key string leaves the current users entry
as is.

Protecting User Workstations with Execution Control Lists 41-15

Security

When a workstation ECL is refreshed or replaced, the <ECLOwner>


entry is replaced with the name of the current user. This updates the
users workstation ECL rights with those set in the Admin ECL for the
key string entry.

Security

Chapter 42
Setting Up Name-and-Password and Anonymous
Access to Domino Servers
This chapter describes how to set up servers for name-and-password and
anonymous access by Internet/intranet clients.

Name-and-password authentication for Internet/intranet clients


Name-and-password authentication, also known as basic password
authentication, uses a basic challenge/response protocol to ask users for
their names and passwords and then verifies the accuracy of the
passwords by checking them against a secure hash of the password
stored in Person documents in the Domino Directory. When set up for
this, Domino asks for a name and password only when an
Internet/intranet client tries to access a protected resource on the server.
Internet/intranet access differs from Notes client and Domino server
access in that a Domino server asks a Notes client or Domino server for a
name and password when the client or server initially attempts to access
the server.
If you want to assign database access to an Internet/intranet client based
upon Domino ACL security, you must create a Person document for that
client in the Domino Directory, or, optionally, in a secondary Domino
directory or an external LDAP directory. Clients who do not have Person
documents are considered Anonymous and can only access servers and
databases that allow Anonymous access.
Name-and-password authentication allows Domino to locate the Person
document (if one exists) for the client accessing the server. After the
client is identified, access to server resources can then be determined. For
example, if you want Alan Jones to have Editor access to a database and
all others accessing the database to have Author access, you must create
a Person document for Alan Jones. You can set up the database ACL to
include Alan Jones as an Editor and Anonymous as Author.
You can use name-and-password authentication with either TCP/IP or
SSL on any servers that run an Internet protocol namely, LDAP, POP3,
HTTP, SMTP, IIOP, or IMAP. For each Internet protocol enabled on the
server, you can specify the method of security. For example, you might
42-1

enable client certificate authentication for HTTP connections but require


name-and-password security for LDAP connections that use TCP/IP. Or
you might use name-and-password security with anonymous and SSL
client authentication for example, to allow users with SSL client
certificates to authenticate using SSL client authentication and to allow
other users to enter a name and password if they do not have an SSL
client certificate.
Note Name-and-password authentication is not supported when a
Domino server acts as an SMTP client for example, when a Domino
server connects to an SMTP server to route mail. Name-and-password
security is supported only when a Domino server acts as an SMTP server
that is, when SMTP clients access a Domino server.
If you are setting up name-and-password authentication for an HTTP
server, you have an additional method to use with name-and-password
authentication: session-based authentication. Name and password
authentication sends the name and password in unencrypted format and
is sent with each request. Session-based authentication differs in that the
user name and password is replaced by a cookie. The user name and
password is sent over the network only the first time the user logs in to a
server. Thereafter the cookie is used for authentication. Session-based
name-and-password authentication offers greater control over user
interaction than basic name-and-password authentication and lets you
customize the form in which users enter their name and password
information. It also allows users to log out of the session without closing
the browser.

Name-and-password authentication over non-SSL secured


connections
Use name-and-password authentication over non-SSL secured
connections to identify users without tightly securing access to data on
the server for example, when you want to display different
information to different users based on the user name and when the
information in the database is not confidential. No information, including
the name and password, sent between the user and server is encrypted.
In this case, name-and-password authentication deters some types of
hackers but does not prevent others from listening to network
transmissions and guessing passwords.

42-2 Administering the Domino System, Volume 2

Using SSL, all information, including the name and password, is


encrypted. SSL provides confidentiality and data integrity for users set
up for name-and-password authentication. Requiring a name and
password in addition to SSL security provides security for users who do
not use client certificate authentication and allows you to identify
individual users who access a database.
For information on setting up an SSL server, see the chapter Setting Up
SSL on a Domino Server.
For information on setting up clients for SSL, see the chapter Setting Up
Clients for S/MIME and SSL.

Customizing name-and-password authentication


The Domino Web Server Application Programming Interface (DSAPI) is
a C API that you can use to write your own extensions to the Domino
Web Server. These extensions, or filters, let you customize the
authentication of Web users.
For more information on DSAPI and filters, see the Lotus C API Toolkit
for Domino and Notes. The toolkit is available at
www.lotus.com/techzone.

Setting up basic name-and-password authentication


To enable basic name-and-password authentication, for both TCP and
SSL, for all Internet protocols: Web (HTTP); IMAP; POP3; LDAP; SMTP
Inbound; and IIOP, you must complete three separate procedures:

Create an Internet Site document for the Internet protocol for which
you want to require a name and password.
or
Edit the Server document to specify which Internet protocols require
a name and password.

Create a Person document for each user in the Domino Directory on


the Domino server and assign an Internet password to each user.

Edit server database ACLs to give users access.

To enable basic name-and-password authentication for Internet Site


documents
1. From the Domino Administrator, click Configuration - Web - Internet
Sites.
2. In the Internet Sites view, select the Internet Site document for which
you want to enable name-and-password authentication.
Setting Up Name-and-Password and Anonymous Access to Domino Servers 42-3

Security

Name-and-password authentication over SSL

3. In the Internet Site document, click Security.


If you want clients to use name-and-password authentication
when they connect using TCP/IP, select Yes in the Name &
password field in the TCP Authentication section.
If you set up SSL on the server and you want clients to use
name-and-password authentication when they connect using SSL,
select Yes in the Name & password field in the SSL Authentication
section.
4. Save the document.
To enable basic name-and-password authentication in the Server
document
1. From the Domino Administrator, click Configuration, and open the
Server document.
2. Click Ports - Internet Ports. This displays four tabs: Web, Directory,
Mail, and IIOP. Each tab lists protocols appropriate for its name
for example, the Web tab lists HTTP/HTTPS, and the Mail tab lists
IMAP, POP3, and SMTP.
3. Click the protocol for which you want to specify name-and-password
authentication. For each protocol, do the following:
If you want clients to use name-and-password authentication
when they connect using TCP/IP, select Yes in the Name &
password field in the TCP/IP section.
If you set up SSL on the server and you want clients to use
name-and-password authentication when they connect using SSL,
select Yes in the Name & password field in the SSL section.
4. Save the document.
Note If you want LDAP clients to access the server using
name-and-password authentication, you must also allow anonymous
access for LDAP on the server as well. LDAP clients who access the
server using a browser supply an e-mail address for authentication, and
the client searches for the address anonymously before Domino can
authenticate the user.
For information on setting up anonymous access, see the topic Setting
up Internet/intranet clients for anonymous access later in this chapter.
To create Person documents for Internet/intranet users
1. In the Domino Directory, create a Person document for each user
who needs to access the server. (You can also edit the Person
document of an existing user.)

42-4 Administering the Domino System, Volume 2

2. In each Person document, complete these fields, and then save the
document:
Field

Action

First name, Middle Enter the users first name, middle initial, and last
initial, Last name name. The users last name is required.
User name

(Required) Enter the users full name. This is the name


the user enters when trying to access a server.
This field can contain multiple names. However,
Domino uses the first name in this field to validate a
user in database ACLs, design access lists, groups, and
File Protection documents. For example, this field can
contain these names:
Alan Jones/Sales/Acme
Alan Jones
Al Jones
AJ
When prompted for his name and password, the user
can enter Al Jones as his name. However, Domino
uses Alan Jones/Sales/Acme to validate him in
database ACLs and design access lists. Therefore, the
name Alan Jones must be the one that appears in
ACLs and design access lists.
Note You should always use the users hierarchical
name for example, Alan Jones/Acme/US to help
eliminate ambiguous or duplicate user names.

Internet password (Required) Specify the users Internet password.

To edit database ACLs


After you edit the Server document and create Person documents, edit
the database ACL of each database to which you want to give users
access.
For more information on setting up a database ACL, see the chapter
Controlling User Access to Domino Databases.

Setting Up Name-and-Password and Anonymous Access to Domino Servers 42-5

Security

Note Users can also be created in secondary Domino directories or


external LDAP directories, if your server is configured to use them.

Session-based name-and-password authentication for Web clients


To set up name-and-password authentication for Web clients who have
access to a Domino Web server, you can use one of two methods: basic
name-and-password authentication or session-based
name-and-password authentication. Session-based name-and-password
authentication includes additional functionality that is not available with
basic name-and-password authentication. A session is the time during
which a Web client is actively logged onto a server with a cookie. To
specify settings that enable and control session authentication, you edit
the Web Site document or the Server document, depending on your
configuration.
Furthermore, you have two selections for enabling session-based
authentication single and multi-server selections. The single server
option causes the server to generate a cookie that is honored only by the
server that generated it, while the multi-server option generates a cookie
that allows single sign-on with any server that shares the Web SSO
configuration document.
To use session-based authentication, Web clients must use a browser that
supports cookies. Domino uses cookies to track user sessions.

Features of session-based name-and-password authentication


Name-and-password authentication sends the clients name and
unencrypted password, and is sent with each request to the server.
Session-based authentication differs in that the clients name and
encrypted password is stored in a cookie on the workstation. That
information is sent over the network only the first time the user logs in to
a server, not each time a request is posted. Using session-based
name-and-password authentication provides greater control over user
interaction than basic name-and-password authentication. For example,
you can customize the form in which users enter their name and
password information. It also allows users to log out of the session
without closing the browser.
Customized HTML log-in form
An HTML log-in form allows a user to enter a name and password and
then use that name and password for the entire user session. The browser
sends the name and password to the server using the servers character
set. For HTTP session authentication, a user can enter a name, using any
printable characters in Unicode. The user password, however, must be
entered in any printable characters in US-ASCII.
Note Printable characters excludes control characters.
42-6 Administering the Domino System, Volume 2

Default logout time period


You can specify a default logout time period to log the Web client off the
server after a specified period of inactivity. This forces the cookie that
Domino uses to track the user session to expire. Automatically logging a
user off the server prevents others from using the Web client to
impersonate a user if the user leaves the workstation before logging off.
If you enable session-based name-and-password authentication for a
server, users can also append ?logout at the end of a URL to log off a
session for example:
http://acmeserver/sessions.nsf?logout.
You can also redirect the logout to a design element or URL. For
example:
http://acmeserver/sessions.nsf?logout&redirectto=/logoutDB.nsf/
logoutApp?OpenPage
http://acmeserver/sessions.nsf?logout&redirectto=http://www.
sales.com
You can build this expression into an application for example, using it
in a button or type it in as a URL.
Maximum user sessions
You can specify the maximum number of concurrent user sessions
allowed on the server for single-server session-based authentication only.
If server performance is slow, you can reduce this number.
Internet password management
Domino 6 provides features for managing Internet passwords for
session-based authentication.
Multi-server session-based authentication
Multi-server session-based authentication, also known as single sign-on,
allows Domino cookies to span servers. It also allows Domino and
Websphere servers to interoperate and share cookies.
Note If your servers are set up for round-robin DNS, you should use the
multi-server (or single sign-on) option for session-based
name-and-password authentication. Servers cannot store the session
information in memory when using round-robin DNS with the single
server cookie. In addition, if a server is restarted or crashes, session
Setting Up Name-and-Password and Anonymous Access to Domino Servers 42-7

Security

Domino provides a default HTML form ($$LoginUserForm), which is


provided and configured in the Domino Configuration database
(DOMCFG.NSF). You can customize the form or create your own to
contain additional information.

information is lost, and then users must re-enter their names and
passwords. This will not occur with the multi-server session
authentication option.

Setting up session-based name-and-password authentication


To set up single-server session-based name-and-password authentication
for Web clients, you must complete three procedures:

Create a Web site document and enable it for session-based


name-and-password authentication.
or
Edit the Server document to require session authentication for Web
clients.

Create a Person document for each Web client who will use
session-based name-and-password authentication.

Edit the database ACLs to give users access.

To enable single-server session-based authentication for Web Site


documents
1. From the Domino Administrator, click Configuration - Web - Internet
Sites.
2. In the Internet Sites view, select the Web Site document for which
you want to enable session authentication.
3. In the Web Site document, click Domino Web Engine.
4. In the HTTP Sessions section, complete these fields:
Field

Action

Session authentication Select single server. This is disabled by default.


Idle session timeout

Enter a default time period to log an inactive Web


client off the server. Default is 30 minutes.

Maximum active
sessions

Enter the maximum number of user sessions


allowed on the server at the same time. Default is
1000.

5. Click Security, and enable name-and-password authentication for the


TCP and for SSL (if using SSL).
6. Save the document.
To edit the Server document for single-server session-based
name-and-password authentication
1. From the Domino Administrator, click Configuration, and open the
Server document.
2. Click Internet Protocols - Domino Web Engine.
42-8 Administering the Domino System, Volume 2

Field

Action

Session authentication Select single server. This is disabled by default.


Idle session timeout

A default time period to log an inactive Web client


off the server. Default is 30 minutes.

Maximum active
sessions

The maximum number of user sessions allowed on


the server at the same time. Default is 1000.

4. Click Ports - Internet Ports - Web, and enable name-and-password


authentication for the TCP/IP port and for the SSL port (if using
SSL).
5. Save and close the Server document.
To create Person documents for Web users
1. In the Domino Directory, create a Person document for each Web
user who needs to access the server. (You can also edit the Person
document of an existing user.)
2. In each Person document, complete these fields, and then save the
document:
Field

Action

First name, Middle Enter the users first name, middle initial, and last
initial, Last name name. The users last name is required.
User name

(Required) Enter the users full name. This is the name


the user enters when trying to access a server.
This field can contain multiple names. However,
Domino uses the first name in this field to validate a
user in database ACLs, design access lists, groups, and
File Protection documents. For example, this field can
contain these names:
Alan Jones/Sales/Acme
Alan Jones
Al Jones
AJ
When prompted for his name and password, the user
can enter Al Jones as his name. However, Domino
uses Alan Jones/Sales/Acme to validate him in
database ACLs and design access lists. Therefore, the
name Alan Jones must be the one that appears in
ACLs and design access lists.
Note You should always use the users hierarchical
name for example, Alan Jones/Acme/US to help
eliminate ambiguous or duplicate user names.

Internet password (Required) Specify the users Internet password.


Setting Up Name-and-Password and Anonymous Access to Domino Servers 42-9

Security

3. Complete these fields:

To edit database ACLs


After you edit the Server document and create Person documents, edit
the database ACL of each database to which you want to give users
access.
For more information on setting up a database ACL, see the chapter
Controlling User Access to Domino Databases.
Customizing the HTML log-in form
Note The terms log-in and sign-in are used interchangeably.
Domino provides a default HTML log-in form to allow a user to enter a
name and password, and then use that name and password for the entire
user session. The Web browser sends the users name and password to
the server using the servers character set. Therefore, a user can enter a
name and password in a character set other than ASCII or Latin-1.
The available set of characters to use for user name are different for basic
authentication and session-based authentication.
Authentication type

User name

Password

Basic authentication Any printable characters in Any printable characters in


ISO-8859-1
US-ASCII
HTTP session
authentication

Any printable characters in Any printable characters in


Unicode
US-ASCII

This form is created and configured in the Domino Web Server


Configuration database (DOMCFG.NSF). You can customize the form to
contain additional information. To do this, the Domino Web server must
be set up.
For more information on setting up the Web server, see the chapter
Setting Up the Domino Web Server.
To create and use a custom sign-in form, you must complete these
procedures:

Create the Domino Web Server Configuration database. If you do not


create the database, Domino uses a generic log-in form.

Create a custom form.

Specify the custom form as the sign-in form. If the Domino Web
Server Configuration database exists on the Web server but you have
not created and specified a custom sign-in form, Domino uses the
form $$LoginUserForm.

42-10 Administering the Domino System, Volume 2

2. Enter the name of the Web server in the Server field.


3. Select the Domino Web Server Configuration template
(DOMCFG5.NTF).
4. Enter a title for the database and name the database DOMCFG.NSF.
Note The name of the database is not optional, because the Web
server has this name incorporated into its code. The name of the
database must be DOMCFG.NSF.
5. Click OK.
6. Add an entry named Anonymous to the database ACL, and give the
entry Reader access.
To create a custom form
The simplest way to create a custom log-in form is to modify a copy of
$$LoginUserForm, the example log-in form provided in the Domino
Configuration database. You can also create a new log-in form. You must
have the Domino Designer 6 client to create and edit forms.
1. In the Domino Designer client, open the Domino Configuration
database (DOMCFG.NSF).
2. Choose View - Design.
3. Do one of the following:
To create a custom form using $$LoginUserForm, make a copy of
$$LoginUserForm, then double-click the copy to open it. (You can
rename the copy if necessary for example, CustomLoginForm.)
Click New Form to create a new form.
4. When you finish designing the custom form, save and close it.
To specify the custom form as the log-in form
1. In the Notes client, open the Domino Configuration database
(DOMCFG.NSF) and open the Sign In Form Mappings view.
2. Click Add Mapping.
3. Under Site Information, choose one:
All Web Sites/Entire Server to use the custom log-in form for
all Web Sites on the server, or for the entire Web server.
Specific Web Sites/Virtual Servers to map the custom log-in
form to specific Web Site documents or Virtual Servers. If you
choose this option, a new field appears, in which you specify the
IP addresses of the Web Site documents or Virtual Servers
Setting Up Name-and-Password and Anonymous Access to Domino Servers 42-11

Security

To create the Domino Web Server Configuration database


(DOMCFG.NSF)
1. Open the Notes client and choose File - Database - New.

4. (Optional) Enter a comment.


5. Enter the file name of the database that contains the custom form.
This should be DOMCFG.NSF unless you store the custom form in a
different database.
6. Enter the name of the custom log-in form.
7. Save and close the document.
Configuring error messages
You can enable session-based Web authentication to return error
messages for log-in failures and session time-outs. This is accomplished
by configuring two fields on your custom login form the reasontext
and reasontype fields. DOMCFG.NTF includes these two fields in the
default form provided, $$LoginUserForm. (To obtain the changes, you
must refresh or replace the design of DOMCFG.NSF with the most
current DOMCFG5.NTF).
The four cases that cause the Login form to appear are encoded in the
field reasontype and include:

Prompt for the user to log in, at which no error message will display.

User Name, you are not authorized to access application.nsf. Please


sign in with a name which has sufficient access rights. The user is
authenticated with correct credentials for the server but is not
authorized to the database or file, for example.

You provided an Invalid username or password. Please sign in


again. The user has given an incorrect name or password.

Your connection has expired. Please sign in again. This occurs


when the browser has not sent a request to the server in the given
amount of time as configured in the server document (default=30
minutes). If the session times out, they will lose what hasnt been
saved. Administrators should lengthen the servers session timeout,
if this occurs frequently, to the length of a workday.

Multi-server session-based name-and-password authentication for


Web users (single sign-on)
Multi-server session-based authentication, also known as single sign-on
(SSO), allows Web users to log in once to a Domino or WebSphere server,
and then access any other Domino or WebSphere servers in the same
DNS domain that are enabled for single sign-on (SSO) without having to
log in again.

42-12 Administering the Domino System, Volume 2

You set this up by doing one of the following:

Creating a domain-wide configuration document the Web SSO


Configuration document in the Domino Directory. (You can have
multiple Web SSO Configuration documents in a Domino Domain or
directory.)

Enabling the Multi-server option for session-based authentication


in the Web Site or in the Server document.

You can enable single sign-on across multiple Domino domains. See the
topic Setting up the Web SSO Configuration document for more than
one Domino domain later in this chapter.

Checklist for enabling single sign-on


The SSO feature makes logging in and using multiple servers in a mixed
environment easier for users. Use the following list to configure your
Domino environment to ensure that your SSO configuration is successful.
General issues
URLs issued to servers configured for single sign-on must specify the
full DNS server name, not the host name or IP address. For browsers
to be able to send cookies to a group of servers, the DNS domain
must be included in the cookie, and the DNS domain in the cookie
must match the server URL. This is why cookies cannot be used
across TCP/IP domains.

Clustered servers must have the full DNS server name in the host
name field of the Web Site or Server document. This enables the
Internet Cluster Manager (ICM) to redirect to cluster members using
SSO. If the DNS server host name is not there, ICM will redirect
URLs to clustered Web servers with only the TCP/IP host name, by
default, and will not be able to send the cookie because the DNS
domain is not included in the URL.

WebSphere issues
WebSphere and Domino should both be configured for the same
LDAP directory. The authentication token used for SSO stores the
full Distinguished Name of the user (DN) for example, cn=john
smith,ou=sales, o=ibm, c=us. To set up LDAP for SSO, set up
Directory Assistance in Domino and configure it to point to an LDAP
server that the WebSphere server uses. Or, load LDAP on the
Domino Directory and configure WebSphere to use the Domino
LDAP server.
Setting Up Name-and-Password and Anonymous Access to Domino Servers 42-13

Security

User Web browsers must have cookies enabled since the authentication
token that is generated by the server is sent to the browser in a cookie.

If the group of servers participating in single sign-on includes


WebSphere servers that use a Domino LDAP directory, users with
flat names in that directory cannot use SSO (if the participating
servers are all Domino, then SSO will work with flat user names).

Creating a Web SSO configuration document


The Web SSO configuration document is a domain-wide configuration
document stored in the Domino Directory. This document, which should
be replicated to all servers participating in the single sign-on domain, is
encrypted for participating servers and administrators, and contains a
shared secret key used by servers for authenticating user credentials.
To create a Web SSO configuration document if you are using
Internet Sites
You should have already created a Web Site document, and enabled the
use of Internet Site documents in the Server document.
Also be sure that your client location document has the home/mail
server set to a server in the same domain as the servers participating in
SSO. This ensures that all public keys for participating server can be
found when the SSO document is encrypted.
1. In the Domino Administrator, click Files, and open the servers
Address Book (NAMES.NSF).
2. Select the Internet Sites view.
3. Click Create Web SSO Configuration.
4. In the document, click Keys.
5. Initialize the Web SSO Configuration with the shared secret key in
one of two ways:
Choose Domino only (no WebSphere servers participating in
single sign-on), and then select Create Domino SSO Key.
Choose Domino and WebSphere (single sign-on with WebSphere),
and then do the following:
a. Select Import WebSphere LTPA Keys.
b. Browse and select the WebSphere LTPA export file. (See
WebSphere documentation for details about generating
ltpatoken keys).
c. Enter the password (specified when generating the keys in
WebSphere). The document is updated to reflect the
information in the export file.

42-14 Administering the Domino System, Volume 2

Field

Action

Configuration
Name

Enter the name of the SSO configuration.


Note If the single sign-on configuration includes both
Domino 6 and Release 5.0x servers, the Configuration
Name must be LtpaToken, as Release 5.0x servers only
work with this configuration name.

Organization
Name

(Required) Enter the name of the organization. This


must match the organization name for the
corresponding Web site. The SSO document will then
appear in the Internet sites view, along with the Web
Sites documents.

DNS Domain

(Required) Enter the DNS domain (for example


lotus.com) for which the tokens will be generated. The
servers enabled for single sign-on must all belong to the
same DNS domain.

Domino Server
Names

Enter the names of the servers that will be participating


in single sign-on (for example server1/acme,
server2/acme). This document will be encrypted for the
creator of the document, the members of the Owners
and Administrators fields, and the servers specified in
the Domino Server Names field.
Groups, wildcards, and the names of WebSphere servers
are not allowed in this field. Only Domino servers can
be listed as participating servers in the Server Names
field.
Note There is a 64K-size limit on this field. An error
message appears when the limit is reached, such as
when the names of several hundreds of servers are
entered. It is recommended that you create more than
one Web SSO Document if this limit is reached.

Expiration
(minutes)

Specify the time period, in minutes, for which the token


will be valid. This time period begins at the time the
token is issued. The token is valid for only the number
of minutes specified; it does not expire based on
inactivity. Default is 30 minutes.

7. Save the Web SSO Configuration document. A message on the status


bar indicates the number of servers/people for whom the document
was encrypted. The document(s) will appear in the Internet Sites
view.

Setting Up Name-and-Password and Anonymous Access to Domino Servers 42-15

Security

6. Complete the rest of the document as follows:

To create a Web SSO configuration document if you are using the


Web Server Configurations view
Use this procedure to create a Web SSO configuration document if your
server is a Release 5.0x server, or if you are using Domino 6 but you do
not use Web Site documents to manage your Web sites.
1. In the Domino Administrator, click Files, and open the servers
Address Book (NAMES.NSF).
2. Select the Servers view.
3. Click Create Web SSO Configuration.
4. In the Web SSO Configuration document, click Keys.
5.

Initialize the Web SSO Configuration with the shared secret key in
one of two ways:
Choose Domino only (no WebSphere servers participating in
single sign-on), and then select Create Domino SSO Key.
Choose Domino and WebSphere (single sign-on with WebSphere),
and then do the following:
a. Select Import WebSphere LTPA Keys.
b. Browse and select the WebSphere LTPA export file. (See
WebSphere documentation for details about generating ltpatoken
keys).
c. Enter the password (specified when generating the keys in
WebSphere). The document is updated to reflect the information
in the export file.

6. Complete the rest of the document as follows:


Field

Action

Configuration Enter the name of the SSO configuration.


Name
Note If the single sign-on configuration includes both
Domino 6 and Release 5.0x servers, the Configuration
Name must be LtpaToken, as Release 5.0x servers only
work with this configuration name.
Organization
Name

Leave this field blank, and this document will appear in


the Web Configurations view.

DNS Domain

(Required) Enter the DNS domain (for example, lotus.com)


for which the tokens will be generated. The servers
enabled for single sign-on must all belong to the same
DNS domain.
continued

42-16 Administering the Domino System, Volume 2

Action

Domino Server Enter the names of the servers that will be participating in
single sign-on (for example server1/acme,
Names
server2/acme). This document will be encrypted for the
creator of the document, the members of the Owners and
Administrators fields, and the servers specified in the
Domino Server Names field.
Note Groups, wildcards, and the names of WebSphere
servers are not allowed in this field. Only Domino Servers
can be listed as participating servers in the Server Names
field.
Expiration
(minutes)

Specify the time period, in minutes, for which the token


will be valid. This time period begins at the time the token
is issued. The token is valid for only the number of
minutes specified; it does not expire based on inactivity.
Default is 30 minutes.

7. Save the Web SSO Configuration document. A message on the status


bar indicates the number of servers/people for whom the document
was encrypted. The document(s) will appear in the Internet Sites
View.
Note If you receive messages on the client indicating that a
particular key was not found for encrypting the document, you may
have to change your clients location document to point to a different
mail/directory server that will have all the public keys included in
server and person documents.

Enabling single sign-on and basic authentication


This procedure creates single sign-on cookies for your server that can be
used successfully on other participating servers.
To enable single sign-on and basic authentication for a Web Site
Use this procedure to enable single sign-on for Domino 6 servers
configured with Web Site documents.
1. In the Domino Administrator, click Configuration - Web - Internet
Sites.
2. Open the Web Site document for which you want to enable single
sign-on.
3. Click Domino Web Engine.
4. In Session authentication, select Multiple Servers (SSO).
5. In the Web SSO Configuration field, select the Web SSO
Configuration for this Web Site from the drop-down list.

Setting Up Name-and-Password and Anonymous Access to Domino Servers 42-17

Security

Field

6. Click Security. For both TCP and SSL authentication, enable Name &
Password.
7. Save and close the Web Site document.
8. At the server console, start the HTTP process by typing:
load HTTP

If the HTTP process is already running, type:


tell HTTP restart

Note If something is wrong with the configuration, the browser will


receive an Error 500 message stating that single sign-on is not configured.
To enable single sign-on and basic authentication in the Server
document
Use this procedure to enable single sign-on for Domino Release 5.0x
servers, or for Domino 6 servers not configured with Web Site
documents.
1. Open the Server document.
2. Click Ports - Internet Ports - Web, and enable Name-and-password
authentication for the Web (HTTP/HTTPS) port.
3. Click Internet Protocols - Domino Web Engine, and select Multiple
Servers (SSO) in the Session authentication field.
Note The Idle session timeout and Maximum active sessions
fields will be disabled.
4. In the Web SSO Configuration field, select the Web SSO
Configuration for this server from the drop-down list.
5. Save and close the Server document.

Setting up the Web SSO Configuration document for more than one
Domino domain
This procedure lets you enable servers in other domains for SSO with
servers in your current domain, by setting up both domains to use the
same key information. Two conditions must exist in order to do this:

You must be a registered Notes user and your server must be a


registered server. This gives you and the server the rights to decrypt
the Web SSO Configuration document in your current domain, and
the right to create documents in the Domino Directory for the new
domain.

42-18 Administering the Domino System, Volume 2

The server document and the administrators person document must


exist in the domain for which you will be creating the Web SSO
Configuration, as the public keys that are used for encryption and
decryption are stored in each registered person and server
document.

To set up the Web SSO Configuration document for more than one
Domino domain
1. Copy the Web SSO Configuration document from the Domino
Directory in which it was created, and paste it into the Domino
Directory in the new domain.
2. Open the Web SSO Configuration document for the new domain and
edit the Participating Domino Servers field to include only those
servers with server documents in the new domain that will be
enabled for single sign-on.
3. The client must be able to find server documents for the participating
single sign-on servers. Make sure that the home server specified in
your clients location document is pointing to a server in the same
domain as those servers participating in single sign-on, so that
lookups will be able to find the public keys of the servers. If the
home server cannot find participating servers, then the SSO
document cannot be encrypted and SSO will fail.
4. Save the document. It is encrypted for the participating servers in the
new domain, and should enable those servers in the new domain to
participate in single sign-on with servers in the current domain.

Controlling the level of authentication for Internet clients


You can select the level of restriction Domino uses when authenticating
users in Domino Directories and LDAP directories. This applies to all
Internet protocols (HTTP, LDAP, IMAP, POP3). Using this setting makes
servers less vulnerable to security attacks by refining how Domino
searches for names and authenticates Internet clients. Domino also uses
this setting when a Java applet hosted on a Domino server authenticates
users with the Domino IIOP protocol.
Fewer name variations with higher security
The option Fewer name variations with higher security is the default
setting and is recommended for tighter security. This authentication
method is less vulnerable to attacks because a single authentication
attempt does not produce as many matches, lessening the likelihood that

Setting Up Name-and-Password and Anonymous Access to Domino Servers 42-19

Security

a guessed password matches. It requires users to enter only the following


in the name-and-password dialog box in a Web browser or other Internet
client:
Domino Directory authentication

LDAP Directory authentication

Full hierarchical name

DN

Common name or Common name with CN=


prefix

CN or CN with CN=prefix

Not applicable

UID or UID with UID= prefix

Alias name (a name listed in the User name field Not applicable
of the Person document, excluding the first
name listed in the field)
Internet address (users e-mail address as listed Mail
in the Internet address field in the users Person
document)

More name variations with lower security


Domino tries to authenticate users based on the name and password
entered. This authentication method can be vulnerable to hackers who
guess names and passwords in an attempt to use a legitimate user
account to access a server. This option allows users to enter any of the
following in the name and password dialog box in a Web browser:
Domino Directory authentication

LDAP Directory authentication

Last name

Surname

First name

Givenname

Common name or Common name with


cn=prefix

Common name (CN) or CN


with CN=prefix

Full hierarchical name (canonical)

DN

Full hierarchical name (abbreviated)

DN

Short name

UID or UID with UID=prefix

Alias name (a name listed in the User name field Not applicable
of the Person document, excluding the first
name listed in the field)
Soundex number

Not applicable

Internet address (users e-mail address as listed Mail


in the Internet address field in the users Person
document)

42-20 Administering the Domino System, Volume 2

2. Click Security.
3. In the Internet Access section, choose one of the following in the
Internet Authentication field:
Fewer name variations with higher security (default).
More name variations with lower security.
4. Save and close the document.
See the topic Examples of names allowed for Internet client
authentication later in this chapter.
Note The Domino Web Server Application Programming Interface
(DSAPI) is a C API tool that lets you write your own extensions to the
Domino Web server. These extensions, or filters, let you customize the
authentication of Web users. For more information on DSAPI and filters,
see the current Lotus C API Toolkit for Domino and Notes, which is
available at www.lotus.com/techzone.

Examples of names allowed for Internet client authentication


More name variations with lower security
Using the More name variations authentication level, Alan
Jones/Sales/East/Acme can enter the following names when using a
browser to authenticate with a Domino Directory:
Example

Description

Alan Jones

Common name

Alan

First name

Jones

Last name

Ajones

Short name

Alan Jones/Sales/East/Acme/US

Full hierarchical name


(abbreviated)

cn=Alan Jones/ou=East/ou=Sales/o=Acme/c=us Full hierarchical name


(canonical)
cn=Alan Jones

Common name with


CN=prefix

alan_jones@acme.com

Internet (e-mail) address

Setting Up Name-and-Password and Anonymous Access to Domino Servers 42-21

Security

To select the level of authentication for Internet clients


1. From the Domino Administrator, click Configuration, and open the
Server document.

If you want to authenticate Alan in an LDAP Directory, he can use a


browser to enter the following names:
Example

Description

Alan Jones

Common name

Alan

Givenname

Jones

Surname

Ajones

UID

cn=Alan Jones, cn=recipients, ou=Sales, Full hierarchical name (canonical)


ou=East, o=Acme, c=us (valid for a
Microsoft Exchange server)
cn=Alan Jones (valid for Domino
Directory)

Common name with CN=prefix

uid=ajones, ou=Sales, ou=East, o=Acme, Full hierarchical name (canonical)


c=us (valid for a Netscape Directory
Server)
uid=ajones (valid for Netscape Directory UID with UID=prefix
Server)
Alan Jones/Sales/East/Acme/US

Full hierarchical name (abbreviated)

alan_jones@acme.com

LDAP mail attribute

Fewer name variations with higher security


Using the Fewer name variations authentication level, Alan
Jones/Sales/East/Acme can enter only the following names when using
a browser to authenticate with a Domino Directory:
Example

Description

Alan Jones/Sales/East/Acme

Full hierarchical name (abbreviated)

CN=Alan Jones

Common name with CN= prefix

Alan Jones

Common name

cn=Alan Jones/ou=East/ou=Sales/o=
Acme/c=us

Full hierarchical name (canonical)

alan_jones@acme.com

Internet (e-mail) address

42-22 Administering the Domino System, Volume 2

Example

Description

AJones

UID

Alan Jones

CN

cn=Alan Jones, cn=recipients, ou=Sales, ou=East,


DN
o=Acme, c=us (valid for a Microsoft Exchange server)
cn=Alan Jones (valid for a Domino Directory)

CN with CN=prefix

uid=ajones, ou=Sales, ou=East, o=Acme, c=us (valid


for a Netscape Directory Server)

DN

uid=Ajones (valid for a Netscape Directory Server)

UID with UID= prefix

alan_jones@acme.com

LDAP mail attribute

Authenticating Internet name-and-password clients in secondary


Domino and LDAP directories
When an Internet client authenticates with a server, by default the server
checks the primary Domino Directory to see if it can find a Person
document with a name and password that match those entered by the
Internet client. If your organization uses a secondary Domino Directory
and/or an LDAP directory to verify Internet clients who use
name-and-password authentication, you can set up Domino to check
those additional directories. To do so, you set up the secondary Domino
Directories and LDAP directories as trusted domains in the Directory
Assistance database.
When you mark domains as trusted, Domino first searches the primary
Domino Directory for the user name and password and then searches the
trusted secondary Domino Directories and LDAP directories. When you
set up directory assistance, you specify the order in which Domino
searches the secondary directories.
The hierarchical name returned by the Domino Directory or LDAP
directory is checked against the trusted rule in the Directory Assistance
database to verify that the organization and organizational units match
the specified rule. For example, if the user name returned is Dave
Lawson/Acme, the Directory Assistance document must include the rule
*/Acme.
Searching multiple directories is also available for authenticating users
with SSL client authentication.
Note For Domino R5.x and earlier, searching multiple directories is only
used by the HTTP protocol and not the other Internet protocols.
Setting Up Name-and-Password and Anonymous Access to Domino Servers 42-23

Security

If you want to authenticate Alan in an LDAP Directory, he can use a


browser to enter the following names:

Managing Internet passwords


To manage the Internet passwords that you assign to users who have
person documents in the Domino Directory, use a security settings policy
document. You can manage Internet password quality and length, as
well as allow users to change their Internet passwords using a Web
browser, and control expiration period and change intervals.
You can force users to change their Internet password on the next login
through a setting in the Person document.
Note In order to allow users to change their Internet passwords through
a browser, you must have session authentication enabled for your server.
You can also synchronize a user Internet password stored in the Person
record in the Domino Directory with the users Notes password. This
means that users can use the same password to log in to a Domino server
through the Notes client and a Web browser. You can synchronize Notes
and Internet passwords for individual users during user registration, or
you can enable Notes-Internet password synchronization for multiple
users on a server through the use of a security settings policy document.
When a user changes their Notes password, the Internet password is
eventually changed, as well.
For more information on using a security settings policy document to
manage Notes and Internet passwords, see the chapter Using Policies.
For more information on changing password settings in the Person
document, see the chapter Protecting and Managing Notes IDs.

Providing additional security for Internet passwords


When you enter an Internet password and save the Person document,
Domino automatically one-way encrypts the Internet password field. To
improve password security for users who access Domino 4.6 or higher
servers, use the more secure password format.
You can upgrade the password format for Person documents that
already exist or automatically use the more secure password format for
all Person documents that you create.
For existing Person documents
1. From the Domino Administrator, click People & Groups, and select
the Person documents that you want to upgrade to a more secure
password format.
2. Choose Actions - Upgrade to More Secure Internet Password Format.
3. Click Yes.
42-24 Administering the Domino System, Volume 2

2. Choose Actions - Edit Directory Profile.


3. Select Yes in the Use more secure Internet passwords field.
4. Save and close the document.

Anonymous Internet/intranet access


When you set up anonymous access, Internet/intranet clients can access
servers without identifying themselves. Domino does not record these
clients database activity for example, in the log file and in the User
Activity dialog box.
With anonymous access, you never know who is accessing databases on
the server. Therefore, you cannot use the clients identity that is, the
clients name and password to control access to databases and design
elements. Use anonymous access when you do not need to know who is
accessing the database and/or when you do not need to control access
based on client identity.
You can use anonymous access with TCP/IP and/or SSL on any server
that runs LDAP, HTTP, SMTP, or IIOP. For each Internet protocol
enabled on the server, you can specify the method of security. For
example, you can enable SSL for HTTP connections, but require
name-and-password authentication for LDAP connections that use
TCP/IP.
In addition to using anonymous access, you can enable
name-and-password authentication and SSL client authentication. Then
users can use any authentication method to connect to the server. For
example, if the user has an SSL client certificate, the user can access the
server using SSL; whereas a user who does not have an SSL client
certificate can access the server anonymously.
For more information on how Domino validates and authenticates users
when anonymous, SSL client authentication, and name-and-password
authentication are set up on a server, see the topic Validation and
authentication for Internet/intranet clients later in this chapter.

Setting Up Name-and-Password and Anonymous Access to Domino Servers 42-25

Security

For new Person documents


1. From the Domino Administrator, click Configuration, and select All
Server Documents.

Setting up Internet/intranet clients for anonymous access


To set up Internet/intranet clients for anonymous access, you either set
up the Internet Site or the server for anonymous access, and then set up
database ACLs to include the entry Anonymous. The anonymous
setting in the Internet Site document (or Server document) overrides
individual database ACLs for anonymous users for example, if the
database ACL includes an Anonymous entry but the setting in the
Internet Site document does not allow anonymous access to the server,
clients do not have anonymous access. If you do not allow anonymous
access and a user tries to access the server anonymously, the user is
prompted to authenticate.
Tip For strategic databases on the Domino server such as the
Domino Directory set Anonymous to No Access.
To enable anonymous access for Internet/intranet clients in Internet
Site documents
1. From the Domino Administrator, click Configuration - Web - Internet
Sites.
2. In the Internet Sites view, select the Internet Site document for which
you want to enable anonymous access.
Note You cannot enable anonymous access for IMAP and POP3
Internet Site documents.
3. In the Internet Site document, click Security.
If you want to allow clients to use anonymous access when they
connect using TCP, select Yes in the Anonymous field in the TCP
Authentication section.
If you set up SSL on the server and you want to allow clients to
use anonymous access when they connect using SSL, select Yes in
the Anonymous field in the SSL Authentication section.
4. Save and close the document.
To enable anonymous access for Internet/intranet clients in the
Server document
1. From the Domino Administrator, click Configuration, and open the
Server document.
2. Click Ports - Internet Ports. This displays four tabs: Web, Directory,
Mail, and IIOP. Each tab lists protocols appropriate for its name
for example, the Web tab lists HTTP/HTTPS and the Mail tab lists
IMAP, POP, and SMTP.

42-26 Administering the Domino System, Volume 2

If you want to allow clients anonymous access when they connect


using TCP/IP, select Yes in the Anonymous field in the TCP/IP
section.
If you set up SSL on the server and you want to allow clients
anonymous access when they connect using SSL, select Yes in the
Anonymous field in the SSL section.
4. Save and close the document.
5. Restart the Internet protocol that you modified.
To edit database ACLs for anonymous access
In the ACL of each database on the server for which you want to enable
anonymous access, do the following:
1. Create an entry named Anonymous. If you dont add Anonymous as
an entry in the ACL, users and servers who access the server
anonymously get -Default- access.
2. Assign the appropriate access level typically Reader access.
3. Leave user type set to Unspecified.
For more information on database ACLs, see the chapter Controlling
User Access to Domino Databases.
For information on setting up SSL on a server, see the chapter Setting
Up SSL on a Domino Server.

Validation and authentication for Internet/intranet clients


After you set up name-and-password access and create Person
documents for Internet/intranet users, Domino authenticates users
when:

They attempt to do something for which access is restricted.

Anonymous access is not allowed on the server.

For example, when a user tries to open a database that has an ACL with
No Access as the -Default-, Domino challenges the user for a valid user
name and password. Authentication succeeds only if the user provides a
name and password that matches the name and password stored in the
users Person document and if the database ACL gives access to that
user. Anonymous users are not authenticated.

Setting Up Name-and-Password and Anonymous Access to Domino Servers 42-27

Security

3. Click the tab that lists the protocol for which you want to allow
anonymous access. For each protocol, do the following:

You can use name-and-password and anonymous access with TCP/IP


and SSL. Name-and-password and anonymous access with TCP/IP are
described below.
This section also applies to Web clients who are accessing a Domino Web
server for which session authentication has been enabled.
Note The Domino Web Server Application Programming Interface
(DSAPI) is a C API that you use to write extensions to the Domino Web
server. Using these extensions, or filters, you can customize the
authentication of Web users. For more information on DSAPI, see the
Lotus C API Toolkit for Domino and Notes. The toolkit is available at
www.lotus.com/techzone.

How validation and authentication works


This example describes how a client (Andrew) uses TCP/IP to connect to
a server (Mail-E).
1. Andrew tries to access a database on Mail-E.
2. The server checks the Internet Site document (or Server document) to
determine if anonymous access is enabled for TCP/IP. If it is, then:
a. The server checks the database ACL for an entry named
Anonymous. If Anonymous exists and the level of access for
Anonymous is Reader or higher, then Andrew will access the
database anonymously.
b. If the ACL does not contain an entry named Anonymous, the
server checks the -Default- access in the database ACL. If the
-Default- access is Reader or higher, Andrew accesses the
database anonymously using the -Default- access level.
3. If anonymous access is disabled for the protocol or if the database
ACL does not allow anonymous access, then the server checks the
Internet Site (or Server document) to determine if
name-and-password access is enabled for TCP/IP. If
name-and-password access is enabled, then:
a. The server prompts Andrew for his user name and password.
b. The server looks up the user name that Andrew entered in the
browser. The server uses either More name variations with
lower security or Fewer name variations with higher security
as the lookup mechanism to search all directories for the name
entered.

42-28 Administering the Domino System, Volume 2

Note When Domino authenticates an Internet user, it uses the


distinguished name, which is the first name that appears in the
Full Name field of a Person document. This name should be used
in entries for groups, delegated server administration, database
ACLs, and file protection documents.
d. Next, the server compiles a grouplist, which contains
Andrews distinguished name, plus any wildcard entries and any
groups of which he is a member on that server.
e. The server then checks the database ACL to determine if
Andrews name is listed explicitly on the ACL, or if any of the
grouplist entries for his name appear in the ACL.
f. If Andrews distinguished name, or the name of any group of
which is a member, matches an entry in the ACL, then Andrew
gets access to the database using the access level specified for
that entry in the ACL. Otherwise, he is denied access.

Setting Up Name-and-Password and Anonymous Access to Domino Servers 42-29

Security

c. If a match is found for the user name Andrew entered, and the
password that Andrew entered matches the password in the
Internet password field of his Person document, then Andrew
will be authenticated. The server checks the primary Domino
Directory for the Person document. The server also checks
secondary Domino Directories and LDAP directories if it is
configured to search secondary Domino Directories and LDAP
directories.

Security

Chapter 43
Encryption and Electronic Signatures
This chapter describes how to use encryption to secure messages and
how to use digital signatures to verify the author of the message.

Encryption
Encryption protects data from unauthorized access. Using Notes and
Domino, you can encrypt:

Messages sent to other users. Then an unauthorized user cannot read


the message while it is in transit. You can also encrypt saved and
incoming messages.

Network ports. Encrypting information sent between a Notes


workstation and a Domino server, or between two Domino servers,
prevents unauthorized users from reading the data while it is in
transit.

SSL transactions. You can use SSL to encrypt information sent


between an Internet client, such as a Notes client, and an Internet
server, to prevent unauthorized users from reading the data while it
is in transit.

Fields, documents, and databases. Application developers can


encrypt fields within a document, an entire document, and local
databases. Then only the specified users can read the information.

For information on SSL encryption, see the chapter Setting Up SSL on a


Domino Server.
For information on field, document, and database encryption, see the
book Application Development with Domino Designer.

Public and private keys


For all types of encryption except network port encryption, Domino uses
public and private keys so that data encrypted by one of the keys can be
decrypted only by the other. The public and private keys are
mathematically related and uniquely identify the user. Both are stored in
the ID file. Within the ID file, the public key is stored in a certificate, but
the private key is stored separately from the certificate. The certificate
43-1

containing the public key is also stored in the Domino Directory, where it
is available to other users.
Domino uses two types of public and private keys Notes and Internet.
You use the Notes public key to encrypt fields, documents, databases,
and messages sent to other Notes users, while the Notes private key is
used for decryption. Similarly, you use the Internet public key for
S/MIME encryption and the Internet private key for S/MIME
decryption. For both Notes and Internet key pairs, electronic signatures
are created with private keys and verified with public keys.
You can use one set of Internet public and private keys or you can set up
Notes to use a set of Internet keys for S/MIME signatures and SSL and
another set for S/MIME encryption.
For information on dual Internet certificates, see the chapter Setting Up
Clients for S/MIME and SSL.
When you register a user, Domino automatically creates a Notes
certificate, which contains the users public keys, and adds it to the ID file
and the Domino Directory. The private key is created and stored in the
ID file. You can also create Internet public and private keys after user
registration. Domino stores Internet certificates, which contain public
keys, in the ID file and also in the Domino Directory. The Internet private
key is stored in the ID file, separately from the certificate.
To create Notes public and private keys, Domino uses the dual-key RSA
Cryptosystem and the RC2 and RC4 algorithms for encryption. To create
the Internet public key, Domino uses the x.509 certificate format, which is
an industry-standard format that many applications, including Domino,
understand.
Both the Notes client and Domino server support 1024-bit RSA key and
128-bit symmetric key for S/MIME and SSL. The Notes proprietary
protocols use a 630-bit key for key exchange, and a 64-bit symmetric key.

Encryption strength
All Notes IDs contain two public/private key pairs. Prior to 5.0.4, key
lengths were restricted for the purposes of encrypting data, but not for
authentication or signing. Anything over 512-bit RSA key and 56-bit
symmetric key was considered strong encryption and was not allowed
for export by the U.S. Government. Customers were required to order
and choose among kits of different cryptographic strengths.
With the relaxation of US government regulations on the export of
cryptography, the Domino server and the Domino Administrator,
Domino Designer, and Lotus Notes client products have consolidated all
previous encryption strengths North American, International, and
43-2 Administering the Domino System, Volume 2

When you upgrade to a Global release of Domino and Notes, stronger


cryptography will be used without a requirement to reissue existing IDs.
These changes are seamless to users as well as administrators. When two
different versions of software are communicating, the encryption
negotiation will result in a step-down to the weaker level. Therefore, the
full benefits of stronger encryption will only be realized when all
software has been upgraded to the Global (release 5.0.4 and later) level.
However, any mixed versions of the software will interoperate.
The Register New User dialog box still offers a choice between North
American and International IDs. It was left this way because
administrators often use the North American or International distinction
for administration purposes, or there may be older versions of the
software still in use in some companies. In addition, countries have their
own import rules. Preserving this distinction will allow Lotus to respond
to specific country changes, if required.
Note These regulations pertain only to export from the United States.
For other countries with import regulations, customers need to check the
requirements of the specific country. While Lotus takes all steps to
acquiesce with governmental encryption regulations worldwide, Lotus
recommends that customers familiarize themselves with local encryption
regulations to remain in compliance.
Interoperability issues
Support for ID types. Both North American and International ID
types continue to be supported for the Global release. This is for
backward compatibility with pre-5.0.4 clients. Lotus Notes users can
keep their existing International IDs if the Global version of the
software is installed. The Global version will automatically allow the
use of stronger encryption. Browser users can keep their existing key
ring, but users must follow the manufacturers recommendations for
upgrading the browser to stronger encryption.

Interoperability with post-5.0.4 releases. If your organizations


clients and servers are all running release 5.0.4 or later, it makes no
difference whether you create North American or International IDs.
Both types of ID will work the same way.
Encryption and Electronic Signatures 43-3

Security

France into one strong encryption level resulting in a single Global


release of the products. The Global release adopts the encryption
characteristics previously known as North American. Strong encryption
in Global products can be used worldwide, except in countries whose
import laws prohibit it, or except in those countries to which the export
of goods and services is prohibited by the U.S. government. Customers
are no longer required to order Notes software according to
cryptographic strength.

Interoperability with pre-5.0.4 releases. Lotus Notes users, as well


as Domino servers which have been upgraded to release 5.0.4 and
later, can authenticate and continue day-to-day operations securely
with clients and servers running on earlier releases of software.
However, if your organization has clients or servers running releases
earlier than Notes and Domino 5.0.4, you should continue to create
the same types of IDs you created with the earlier versions.
International versions of releases prior to 5.0.4 do not allow users to
switch to North American IDs, so when registering new international
users, you shouldnt create only North American IDs. Similarly,
North American versions of earlier releases use weaker
cryptography when running with International IDs, so you shouldnt
create only International IDs.

The best strategy for deciding between North American and


International IDs is to continue using the decision process that was in
place for earlier releases of Notes and Domino. Eventually, as you
upgrade the Notes clients and Domino servers, the decision will not
matter.

Mail encryption
Mail encryption protects messages from unauthorized access. Only the
body of a mail message is encrypted; the header information for
example, the To, From, and Subject fields is not.
Notes users can encrypt mail sent to other Notes users or to users of mail
applications that support S/MIME for example, Microsoft Outlook
Express and Netscape Communicator.
Users can use Notes mail encryption to encrypt mail sent to other Notes
users, encrypt mail received from other Notes users, or encrypt all
documents saved in a mail database. Notes uses the recipients public
key, which is stored in the senders Personal Address Book or in the
Domino Directory, to encrypt outgoing and saved mail.
In general, mail sent to users in a foreign domain cannot be encrypted.
However, if the recipient of the mail uses Notes and the sender has
access to the recipients public key, the sender can encrypt the mail
message. The recipients public key can be stored in the Domino
Directory, in an LDAP directory to which the sender has access, or in the
senders Personal Address Book.
Notes users can also use S/MIME to encrypt mail sent to recipients
who use mail applications that support S/MIME. Senders must have
the recipients public key in order to encrypt the message for S/MIME.
43-4 Administering the Domino System, Volume 2

For information on setting up a Notes client for S/MIME encryption, see


the chapter Setting Up Clients for S/MIME and SSL.
Encrypting a message with either Notes mail encryption or S/MIME
encryption does not affect the speed at which the message is routed
from sender to recipient. However, encryption does increase the time
required to send and to open a message. The extra time is required
because the message must be encrypted at the beginning of the
transmission and decrypted each time the recipient opens it. The time
required to send and open a message is based on the size of the message
and the number of bitmaps and other graphics, objects, and attachments
in the message. In most cases, the delay is not noticeable.

How outgoing Notes mail encryption works


1. The sender sends an outgoing message and selects the Encrypt
option.
2. Notes generates a random encryption key and encrypts the message
with it.
3. Notes encrypts the random encryption key with the recipients
public key and appends the new key to the message. The recipients
public key must be stored in either a Domino Directory or LDAP
directory that a user can access or in the senders Personal Address
Book.
4. If the encrypted message is addressed to multiple recipients, the
message is encrypted only once with one random key, and the
random key is encrypted using the public key of each recipient.
5. When the recipient attempts to open the encrypted message, the
users mail application attempts to decrypt the random key, using
the recipients private key. If this is successful, the random key
decrypts the message.
6. If decryption is successful, the recipient can read the message. If
decryption is unsuccessful, the user receives a message indicating
that the decryption failed and the mail application does not allow the
user to access the message.

Encryption and Electronic Signatures 43-5

Security

The recipients public key is stored in an Internet certificate in either a


Domino Directory or LDAP directory to which the sender has access or
in the senders Personal Address Book. The sender must also have a
cross-certificate that indicates to Notes that the recipients public key can
be trusted.

How outgoing S/MIME mail encryption works


1. The sender sends an outgoing message and selects to encrypt it. (The
exact option to do this depends on the mail application used.)
2. The senders mail application (Notes or another S/MIME-compliant
mail program) generates a random encryption key and encrypts the
message with it.
3. The senders mail application looks for the recipients public key. For
S/MIME mail sent from Notes, the recipients Internet certificate
must be stored in the senders Personal Address Book or a Domino
Directory or LDAP directory to which the sender has access.
a. If a certificate is found, Notes looks for a cross-certificate in the
senders Personal Address Book to validate the Internet
certificate. If a cross-certificate does not exist, Notes asks whether
the client wants to create a cross-certificate on demand.
b. If no certificate for the recipient is found or if a cross-certificate is
not created for the certificate, the sender receives a warning that
encryption is not possible for this recipient. The sender is then
given a choice of not sending the message or sending it
unencrypted.
4. The senders mail application encrypts the random encryption key
with the recipients public key and appends the encrypted key to the
message. Notes uses the recipients public key, found in the
certificate, to encrypt the message.
Some recipients may have dual Internet certificates one certificate
used for encryption and the other used for signatures and SSL. If so,
Notes extracts the Internet encryption certificate, and uses it to
encrypt the message.
5. If the encrypted message is addressed to multiple recipients, the
message is encrypted only once with one random key, and the
random key is encrypted using the public key of each recipient.
6. When the recipient attempts to open the encrypted message, the
users mail application attempts to decrypt the random key, using
the recipients private key. If this is successful, the random key
decrypts the message.
7. If decryption is successful, the recipient gains access to the message.
If decryption is unsuccessful, the user receives a message indicating
that the decryption failed, and the mail application does not allow
the user to access the message.

43-6 Administering the Domino System, Volume 2

Encrypt outgoing, incoming, and saved mail to protect messages while


they are in transit and stored in mail databases on the server. Users can
encrypt outgoing mail messages sent to recipients who use either Notes
or S/MIME. If recipients prefer to receive mail in MIME format, then
encrypted mail will be in S/MIME format. Users can encrypt incoming
and saved mail only if they use Notes mail.
To encrypt outgoing mail
Encrypting outgoing mail ensures that only the recipient of a message
can read it while the message is in transit, stored in intermediate
mailboxes, or in the recipients mail file.
Each Notes client user must encrypt outgoing mail. The administrator
cannot encrypt all outgoing mail on a server.
Senders control the choice of MIME format or Notes format when
sending mail directly to the Internet or for messages that are addressed
to Internet addresses. Mail recipients control the format of incoming mail
in their user preferences. The message format determines the choice of
encryption method.
Notes uses S/MIME encryption for outgoing mail in the following
situations:

The user selects directly to Internet in the Send outgoing mail


field in the Mail tab of the current Location document. Mail messages
sent from this location will use MIME format.

The user selects MIME format in the Format for messages


addressed to Internet addresses field in the Mail tab of the current
Location document. Mail messages sent from this location to Internet
addresses that cannot be found in a Personal Address Book or
Domino Directory will use MIME.

The user enables the field When receiving unencrypted mail,


encrypt before storing in your mail file on the Basics tab of the
users Person document. Mail sent to this user will use MIME.

The user creates a message using a form in which the Body field in
the forms design has Store contents as HTML and MIME selected
in Field Properties. If the recipient can accept either Notes or MIME
format (or if Notes cannot find a Person document for the recipient),
the message will use MIME format.

The sender of an encrypted S/MIME mail message must find an Internet


certificate for each intended recipient and a cross-certificate that verifies
the Internet certificate. The Internet certificate can be stored in the
Domino Directory, an LDAP directory that is accessible to the sender, or
Encryption and Electronic Signatures 43-7

Security

Encrypting mail

in the senders Personal Address Book. The cross-certificate must be


stored in the senders Personal Address Book. If a Notes recipients
Internet certificate is not available to the sender, Notes attempts to use
the recipients Notes public key (if available) to encrypt the message.
Some recipients may have dual Internet certificates, meaning one
certificate is for encryption and the other is for signatures and SSL. If the
recipient uses dual certificates, Notes extracts the Internet encryption
certificate and uses it to encrypt the message.
The sender of an encrypted Notes mail message must have the public
key for each intended recipient. The public key can be stored in the
Domino Directory, in an LDAP directory that is accessible to the sender,
or in the senders Personal Address Book.
For information on encrypting outgoing mail, see Lotus Notes 6 Help.
To encrypt incoming mail for a mail file
If users have Editor access to their Person documents in the Domino
Directory, they can encrypt all incoming mail they receive. Otherwise,
the administrator must complete this procedure for them.
1. Open the users Person document in the Domino Directory.
2. Click Edit Person, and then click Basics.
3. In the field When receiving unencrypted mail, encrypt before
storing in your mail file, select Yes.
4. Save the document.
To encrypt saved mail
Users can encrypt drafts of unsent messages and messages that they save
after sending. For unsent mail, the message is encrypted only with the
senders public key. For sent mail, the message is encrypted with the
senders and the recipients public keys.
Only messages saved after this option is chosen are encrypted. To
encrypt previously saved messages, users must open and resave the
messages. Encrypting saved mail prevents unauthorized access to
messages by other users with unauthorized access to the mail server.
For information on encrypting outgoing mail, see Lotus Notes 6 Help.

43-8 Administering the Domino System, Volume 2

Electronic signatures are closely associated with encryption. An


electronic signature verifies that the person who originated the data is
the author and that no one has tampered with the data. Users can add an
electronic signature to mail messages and to fields and sections of
documents. A database designer controls whether or not users can sign
fields and sections of a database can be signed; individual users can
choose to sign mail messages.
Users can sign mail messages sent to other Notes users or to users of
other mail applications that support the S/MIME protocol for
example, Microsoft Outlook Express and Netscape Communicator.
Domino uses the same keys used for encryption the Notes and
Internet public and private keys for electronic signatures.
You can also set up Notes to use separate keys for S/MIME signatures
and encryption, by adding two Internet certificates to your Notes ID file
and using one certificate for S/MIME encryption and the other for
S/MIME signatures and SSL client authentication. Having dual Internet
certificates lets you maintain separate public and private key pairs for
encryption and electronic signatures and SSL client authentication.
For information on creating signed fields and sections, see the book
Application Development with Domino Designer.
For information on dual Internet certificates, see the chapter Setting Up
Clients for S/MIME and SSL.

How electronic signatures work


Notes signatures
When the sender signs a message with a Notes signature, all fields of the
message are signed.
1. Notes generates a hash of the data that is, a number that
represents the data and then encrypts the hash with the private
key of the author of the data, forming a signature. The hash is also
sometimes called a message digest, and has some necessary special
properties:
It is not possible to guess the original message from looking at the
digest.
Even a small change in the message changes the digest in an
unpredictable way, and produces a completely different value.
2. Notes attaches the signature, the signers public key, and the signers
certificates to the data.
Encryption and Electronic Signatures 43-9

Security

Electronic signatures

3. When the reader accesses the signed data, Notes verifies that the
signer has a common certificate or common certificate ancestor from
a certifier that the reader trusts. If so, Notes attempts to decrypt the
signature using the public key that corresponds to the private key
with which the data was signed.
4. If decryption is successful, Notes indicates who signed the message.
If decryption is unsuccessful, Notes indicates that it cannot verify the
signature. Unsuccessful decryption and comparision may indicate
that the data has been tampered with.
Note Certificate trust checking occurs independently of hash
decryption and comparison. Decryption and comparison may
succeed even if the certificate is not trusted. This might happen, for
example, when a user receives mail from a user in another company
and that user doesnt have a cross-certificate.
S/MIME signatures
When the sender signs a message with an S/MIME signature, only the
body of the message and accompanying attachments are signed.
1. Notes generates a hash of the data being signed and then encrypts
the hash with the private key of the author of the data, forming a
signature.
2. Notes attaches a certificate chain that is, all certificates in the
hierarchy for the certificate and the signature to the data.
3. When the reader accesses the signed data, Notes or the mail
application attempts to decrypt the signature using the public key
that corresponds to the private key with which the data was signed.
If successful, Notes or the application verifies that the signer has a
common certificate or common certificate ancestor from a certifier
that the reader trusts.
Note Typically, the Notes users organizational certifier issues a
cross-certificate to the signers certificate authority (CA). Trust can
also be established if the Notes user issues a cross-certificate directly
to the signers certificate or to the signers Certificate Authority. Or,
the Notes users organizational certifier can issue a cross-certificate
directly to the signers certificate.
4. Notes or the mail application compares the decrypted hash with a
hash of the message generated by the reader. A match means that the
signature is valid.

43-10 Administering the Domino System, Volume 2

Note Certificate trust checking occurs independently of hash


decryption and comparison. Decryption and comparison may
succeed even if the certificate is not trusted. This might happen, for
example, when a user receives mail from a user in another company
and that user doesnt have a cross-certificate.
For more information on cross-certificates, see the chapter Protecting
and Managing Notes IDs.

Signing sent mail


Notes client users control whether the mail they send is signed. Users can
sign individual mail messages or sign all mail messages that they send.
When sending signed messages to users of S/MIME mail applications,
Notes users must have an additional set of Internet public and private
keys.
For information on obtaining Internet public and private keys, see the
chapter Setting Up Clients for S/MIME and SSL.
For more information on signing mail, see Lotus Notes 6 Help.

Encryption and Electronic Signatures 43-11

Security

5. If the digest comparison is successful, Notes or the S/MIME mail


application indicates who signed the message. If decryption is
unsuccessful, the application indicates that it could not verify the
signature. Unsuccessful decryption and comparision may indicate
that the data has been tampered with.

Security

Chapter 44
Setting Up a Domino Server-Based Certification
Authority
This chapter describes how to set up a Domino server-based certification
authority (CA) to issue server and client certificates using the CA process
server task.

Domino server-based certification authority


You can set up a Domino certifier that uses a server task, the CA process,
to manage and process certificate requests. The CA process runs as an
automated process on Domino servers that are used to issue certificates.
When you set up a Notes or Internet certifier, you link it to the CA
process on the server in order to take advantage of CA process activities.
Only one instance of the CA process can run on a server; however, the
process can be linked to multiple certifiers.
You can set up Notes and Internet certifiers to use the CA process.
Consider using the CA process because it:

Provides a unified mechanism for issuing Notes and Internet


certificates.

Supports the registration authority (RA) role, which you use to


delegate the certificate approval/denial process to lower-echelon
administrators in the organization.

Does not require access to the certifier ID and ID password. After


you enable certifiers for the CA process, you can assign the
registration authority role to administrators, who can then register
users and manage certificate requests without having to provide the
certifier ID and password.

Simplifies the Internet certificate request process through a


Web-based certificate request database.

Issues certificate revocation lists, which contain information about


revoked or expired Internet certificates.

44-1

Creates and maintains the Issued Certificate List (ICL), a database


that contains information about all certificates issued by the certifier.

Is compliant with security industry standards for Internet certificates


for example, X.509 and PKIX.

To manage the CA process from the Domino console, you use a set of
server Tell commands.
For more information on CA process Tell commands, see the appendix
Server Commands.
Issued Certificate List (ICL)
Each certifier has an Issued Certificate List (ICL) that is created when the
certifier is created or migrated to the CA process. The ICL is a database
that stores a copy of each unexpired certificate that it has issued,
certificate revocation lists, and CA configuration documents.
Configuration documents are generated when you create the certifier
and sign it with the certifiers public key. After you create these
documents, you cannot edit them.
CA configuration documents include:

Certificate profiles, which contain information about certificates


issued by the certifier.

CA configuration document, which contains information about the


certifier itself.

RA/CA association documents, which contain information about the


RAs who are authorized to approve and deny certificate requests.
There is one document for each RA.

ID file storage document, which contains information about the


certifier ID.

Another CA configuration document, the Certifier document, is created


in the Domino Directory when you set up the a certifier. This document
can be modified.
For more information, see the topic Modifying a certifier later in this
chapter.
Certificate Revocation List (CRL)
A CRL is a time-stamped list identifying revoked Internet certificates
for example, certificates belonging to terminated employees. The CA
process issues and maintains CRLs for each Internet certifier. A CRL is
associated with a certifier, is signed by that certifier, and resides in the
certifiers ICL database. A copy of the CRL is also stored in the Domino
Directory, where it is used to assert certificate validity by entities that
require certificate authentication.
44-2 Administering the Domino System, Volume 2

Using CRLs, you can manage the certificates issued in your organization.
You can easily revoke a certificate if the subject of the certificate leaves
the organization or if the key has been compromised. HTTP servers and
Web browsers check the CRLs to determine whether a given certificate
has been revoked, and is therefore no longer trusted by the certifier.
When you use Internet Site documents to configure Internet protocols on
the Domino, you can also enable CRL-checking for each protocol.
There are two kinds of CRLs: regular and non-regular. For regular CRLs,
you configure a duration interval the time period for which the CRL is
valid and the interval at which new CRLs are issued. Each certifier
issues a CRL at the specified time, even if no certificates have been
revoked since the last CRL was issued. This means that if an
administrator revokes a certificate, it appears in the next scheduled CRL
issued by the certifier. The CRL duration period should be greater than
the time period between each CRL issuance. This ensures that the CRL
remains valid. Otherwise, the CRL could expire before a new one is
issued.
However, in the event of a critical security break for example, if the
administrator needs to revoke a particularly powerful certificate or the
certifier certificate is compromised you can manually issue a
non-regular CRL that is, an unscheduled CRL to enforce the
emergency revocation. This type of revocation does not affect either the
timing or the content of the next scheduled CRL. You use a Tell
command to issue a non-regular CRL.
For more information on revoking a certificate, see the topic Revoking a
certificate later in this chapter.
For more information on enabling CRL-checking, see the chapter
Installing and Setting Up Domino Servers.
For more information on configuring a regular CRL, see the topic
Creating an Internet CA later in this chapter.
For more information on issuing a nonscheduled CRL, see the appendix
Server Commands.

Setting Up a Domino Server-Based Certification Authority 44-3

Security

You configure the CRL when you create a new Internet certifier. You can
specify the length of time for which a CRL is valid and the interval
between publication of new CRLs. After CRLs are configured, the
certifier issues them on a regular basis and they operate unattended.

Administering a Domino CA
There are a number of tasks associated with managing a certifier. If you
implement a certifier that uses the CA process, you can delegate Notes
and Internet certificate request approval and denial to other
administrators, each of whom acts as a registration authority.
Note Many of the manual tasks associated with managing a CA prior to
Domino 6 are now automated when you use the CA process.
Domino certificate authority administrator tasks
The Domino certificate authority administrator (CAA) is responsible for
these tasks:

Create and configure certifiers.

Modify certifiers. For example, only a CA administrator can edit ID


recovery information for a Notes certifier.

Add or remove Certification and Registration Authority


administrators, or change the CA and RA roles assigned to users.

The CAA must have at least Editor access to the master Domino
Directory for the domain.
As a best practice, designate at least two CAAs for each certifier. You
then have a backup if one leaves the organization.
Note By default, the administrator who creates a certifier is
automatically designated as both a CAA and an RA for that certifier.
When you create additional CAAs, they must be assigned the RA role in
order to register users.
Domino Registration Authority administrator tasks
A registration authority (RA) administrator registers Notes users and
Domino servers, approves or denies Internet certificate requests, and, if
necessary, revokes Internet certificates. While a CA administrator can
also be a registration authority, the main advantage of having a separate
RA role is to offload these tasks from the Domino and/or CA
administrator. Moreover, the Domino administrator can establish one or
more RAs for each certifier enabled for the CA process.
An RA should approve only those requests that will be accepted by the
certifier. The CA Configuration document, stored in the CAs ICL
database, describes what is acceptable.
Domino administrators who register Notes users should also be listed as
RAs for the Notes certifier.
If you are using the Web Administrator client, you need to set up a
server-based certification authority to register Notes users. The Web
44-4 Administering the Domino System, Volume 2

The Domino Registration Authority (RA) administrator is responsible for


these tasks:

Register users, servers, and additional Notes certifiers.

Approve or deny Internet certificate requests.

Revoke certificates if they can no longer be trusted, such as if the


subject of the certificate leaves the organization, or if the key has
been compromised.

Note CAs and RAs must have at least Editor access to the master
Domino Directory for the domain.

Setting up a server-based Domino certification authority


To set up a server-based Domino certification authority, you must
configure and enable Notes and Internet certifiers to use the CA process.
You can enable only one type of certifier under the CA process for
example, set up only Internet certifiers for the CA process or you can
enable all certifiers for the CA process.
If your organization has existing Domino certifiers, you can migrate them
to the CA process.
To set up a Domino server-based certification authority, perform the
following tasks:
1. Migrate existing certifiers to the CA process.
2. Create new certifiers.
3. Add certifiers to the CA process on the server.
4. For each Internet certifier, set up the Certificate Requests database.
5. Set up SSL on the server.

Migrating a certifier to the CA process


To migrate an existing certifier to the CA process, you set up an Issued
Certificate List (ICL) database and configure its certificate duration. In
addition, for Internet certifiers, you configure CRL and key usage
information for the certificate.
1. From the Domino Administrator, click Configuration.
2. On the Tools pane, choose Certification - Migrate Certifier.
3. In Migrate Certifier dialog box, click Select.

Setting Up a Domino Server-Based Certification Authority 44-5

Security

administrator, as well as the server on which the Web Administrator


database resides, must be listed as an RA for that certifier.

4. In the Chose ID/key ring file dialog box, select the CERT.ID of the
certifier you want to migrate.
Choose the certifier ID (CERT.ID) and click Select to migrate a
Notes certifier.
Choose the certifier key ring file and click Select to migrate an
Internet certifier.
5. The certifier IDs path and filename now appear in the Migrate
Certifier dialog box. Enter the password for the certifier ID or key
ring file and click OK.
6. If you are migrating a Notes certifier, complete the procedure To
migrate a Notes certifier. Otherwise, see the procedure To migrate
an Internet certifier.
To migrate a Notes certifier
1. On the Basics tab, complete these fields:
Field

Action

Select the
Select the server that will store the migrated certifier.
server where
Make sure that the client location document points to this
the certifier will server.
run
Name of ICL
database to be
created

(Optional) ICLs are created automatically when you


create a certifier, and named by default. You can modify
the default name (for example: icl\icl_Acme.nsf for the
Acme certifier).
Although you can change the location of the ICL, it is
recommended that you use the default directory and
path.

2. For Encrypt Certifier ID with, choose one:


Option

Security Password
level
required

Encrypt ID Lowest
with
Server ID

None

Encrypt ID Medium Enter a


new
with
password
Server ID
for this
certifier

Action required
None

If you choose to encrypt the certifier ID


with the server ID and password, you
need to activate the certifier. Use the tell
command:
tell ca activate <password>
continued

44-6 Administering the Domino System, Volume 2

Security Password
level
required

Encrypt ID Highest Registered


with Lock
user ID
ID
and
password

Action required
If you choose to encrypt the certifier ID
with a lock ID, the certifier is locked
when you create it. Use the tell
command:
tell ca unlock
<idfile><password>

Note Encrypting a certifier ID with the password-protected Server


ID protects only that certifier. If you use a lock ID, you have the
option of using it with multiple certifiers. You then need to lock and
unlock those certifiers simultaneously.
3. (Optional) In the Administrators list, enter names of additional
CAAs and RAs. The name of the administrator migrating the CA is
automatically included in the list as both a CAA and an RA.
4. On the Certificates tab, complete these fields:
Field

Action

Certificate duration
for EE certificate

Enter the default, minimum, and maximum


duration, in months, for an end-entity (EE)
certificate. An end-entity certificate is granted to
servers or end users.

Certificate duration
for CA certificate

Enter the default, minimum, and maximum


duration, in months, for an certificate authority
(CA) certificate. A CA certificate is granted to
certifiers.

5. Click OK. A message appears saying that you have successfully


migrated the certifier.
6. Add the certifier to the CA process.
To migrate an Internet certifier
1. Migrate the key ring file.
2. Complete the Migrate Certifier dialog as described in the procedure
To create an Internet certifier later in this chapter.
For more information on using CA server commands, see the appendix
Server Commands.

Adding a certifier to the CA process


When you create a certifier specifically for the CA process, you must
make sure that the CA process task is running on the server. To manage
the CA process, you use Tell commands at the server console.

Setting Up a Domino Server-Based Certification Authority 44-7

Security

Option

To add a certifier to the CA process


1. Make sure that you have already migrated or created a certifier.
2. If this is the first certifier you are setting up to use the CA process, or
if the CA process is not already running, at the server console enter:
load ca

3. If the CA process task is already running, it automatically adds


newly-created certifiers when it refreshes, which takes place every 12
hours. However, the time period in which the Administration
Requests database processes CA requests will vary. If you want to
hasten the process, at the console enter:
tell adminp process all
tell ca refresh

And then enter the following to see if the new certifier has been
added:
tell ca stat

Note To load the CA task automatically, add the parameter ca to the


Server setting in the NOTES.INI file.
For more information on using CA server commands, see the appendix
Server Commands.

Creating a certifier for a server-based CA


You can create additional Notes and Internet certifiers for your
organization and configure them to use the CA process.
To create a Notes certifier
1. Register an additional organization certifier or organizational-unit
certifier.
2. Migrate the certifier to the CA process.
To create an Internet certifier
You create one or more Internet certifiers to issue server and client
Internet certificates.
1. From the Domino Administrator, click Configuration.
2. On the Tools pane, select Registration - Internet Certifier.
3. In the Register Internet Certifier dialog box, select I want to register
a new Internet certifier that uses the CA process.
4. In the Register a New Internet Certifier dialog box, click Basics.
5. Create the certifier name. Specify a common name and at least one
additional component:
44-8 Administering the Domino System, Volume 2

Organizational unit (optional) Enter the name of the certifiers


organizational unit, if applicable.
Organization (optional) Enter the name of the certifiers
organization.
City or locality (optional) Enter the organizations city or
locality.
State or province (optional) Enter the full name of the state or
province in which the organization resides.
Country (optional) Enter the two-character abbreviation for the
country in which the organization resides.
6. Choose the server on which to store the certifier.
7. (Optional) Modify the default ICL database name (for example:
icl\icl_Acme.nsf).
Note It is recommended that you use the default directory
structure.
8. For Encrypt Certifier ID with, select one:
Option

Security
level

Password
required

Action required

Encrypt ID with Lowest


Server ID

None

None

Encrypt ID with Medium


Server ID

Server ID
password

If you choose to encrypt the


certifier ID with the server
ID and password, you need
to activate the certifier. Use
the tell command:
tell ca activate
<password>

Encrypt ID with Highest


Lock ID

Registered
user ID and
password

If you choose to encrypt the


certifier ID with a lock ID,
the certifier is locked when
you create it. Use the tell
command:
tell ca unlock
<idfile><password>

Note Encrypting a certifier ID with the password-protected Server


ID protects only that certifier. If you use a lock ID, you have the
option of using it with multiple certifiers. You then need to lock and
unlock those certifiers simultaneously.

Setting Up a Domino Server-Based Certification Authority 44-9

Security

Common name Enter the certifier name.

9. (Optional) In the Administrators list, enter the names of additional


CAAs and RAs. The name of the administrator creating the CA is
automatically included in the list as both a CA administrator and an
RA administrator.
For more information on certifier administrators and registration
authorities, see the topic Administering a Domino CA earlier in this
chapter.
10. On the Certificates tab, complete these fields:
Field

Action

Include CRL distribution (Optional) Select to enable an attribute that


point extension
identifies the distribution point for the certifier
CRL on the server that you select in the Using
server list.
Backdate certificate
validity

Enter the date when the certificate becomes


valid, as this may differ from the date on which
the certificate is created.

Certificate duration

Enter the default, minimum, and maximum


certificate duration in months.

Key usage

Choose the key usage extensions for this


certificate.

Note The default certificate type is end entity certificate. This means
that Internet certificates issued by this certifier apply to users of
certificates and/or end-user systems that are subjects of a certificate.
11. Click Miscellaneous, and then click Create a local copy of the
certifier ID. Specify the certifier ID file name and password, and
click OK. A copy of the certifier ID is saved to the default path
...\notes\data\ids\certs\cert.id. You can select a different path. Use
this local copy of the certifier ID as a backup to re-create the certifier
if it become corrupted.
12. Complete these fields to specify Certificate Revocation List
information for this certifier:
Field

Action

Duration of CRL (in


days)

Enter the length of time, in days, for which a


given CRL is valid. It is recommended that this
time period extend beyond the time period
between issued CRLs, as this ensures that the
CRL is always valid.

Time between CRLs (in


days)

Enter the time interval, in days, between issued


CRLs.

44-10 Administering the Domino System, Volume 2

Field

Action

Signing algorithm

Select the algorithm used to encrypt the


certificates signature.

Key length

Enter the key length to use for encryption. This


setting determines the number of bits needed to
be able to represent any of the possible values of
a cryptographic key. The longer the key length,
the more difficult it is to decrypt encrypted text.

Certificate will expire on

(Optional) Change the default certificate


expiration date.

14. Complete these fields to specify the Certifier PKIX Alternative


Name(s) information for this certifier:
Alternative name fields allow alternate names to be listed in
certificates. Alternate subject names can appear in any certificate. If a
CA has alternate names, those names should be included in the
certificates it issues. For example, you can include the certifiers
e-mail address in the certificates it issues, so that users know how to
contact the certifier that issued them.
Note A PKIX Alternative Name is not the same as a Notes alternate
name. The Notes alternate name is the foreign language version of a
user name.
Field

Action

Type

Enter the type of alternative name you want to


use.

Value

Enter the alternative name you want to use.

15. Click Add to add the alternative name to the certifiers certificate.
16. Click OK. A message appears saying that you have successfully set
up a CA.
17. Complete these procedures:
Add the new certifier to the CA process.
Create the Certificate Requests application.

Setting Up a Domino Server-Based Certification Authority 44-11

Security

13. Complete these fields to specify Key and certifier certificate


information for this certifier:

Key usage extensions and extended key usage


Key usage extensions
Key usage extensions define the purpose of the public key contained in a
certificate. You can use them to restrict the public key to as few or as
many operations as needed. For example, if you have a key used only for
signing, enable the digital signature and/or non-repudiation extensions.
Alternatively, if a key is used only for key management, enable key
encipherment.
The following table describes the key usage extensions available for keys
created using the CA process.
Note The digital signature and data encipherment key usage extensions
are enabled by default for all Internet certificates.
Key usage extension Description
Digital signature

Use when the public key is used with a digital signature


mechanism to support security services other than
non-repudiation, certificate signing, or CRL signing. A
digital signature is often used for entity authentication and
data origin authentication with integrity.

Non-repudiation

Use when the public key is used to verify digital signatures


used to provide a non-repudiation service.
Non-repudiation protects against the signing entity falsely
denying some action (excluding certificate or CRL signing).

Key encipherment Use when a certificate will be used with a protocol that
encrypts keys. An example is S/MIME enveloping, where
a fast (symmetric) key is encrypted with the public key
from the certificate. SSL protocol also performs key
encipherment.
Data
encipherment

Use when the public key is used for encrypting user data,
other than cryptographic keys.

Key agreement

Use when the sender and receiver of the public key need to
derive the key without using encryption. This key can then
can be used to encrypt messages between the sender and
receiver. Key agreement is typically used with
Diffie-Hellman ciphers.

Certificate signing Use when the subject public key is used to verify a
signature on certificates. This extension can be used only in
CA certificates.
CRL signing

Use when the subject public key is to verify a signature on


revocation information, such as a CRL.
continued

44-12 Administering the Domino System, Volume 2

Encipher only

Use only when key agreement is also enabled. This enables


the public key to be used only for enciphering data while
performing key agreement.

Decipher only

Use only when key agreement is also enabled. This enables


the public key to be used only for deciphering data while
performing key agreement.

Extended key usage

Extended key usage further refines key usage extensions. An extended


key is either critical or non-critical. If the extension is critical, the
certificate must be used only for the indicated purpose or purposes. If the
certificate is used for another purpose, it is in violation of the CAs
policy.
If the extension is non-critical, it indicates the intended purpose or
purposes of the key and may be used in finding the correct
key/certificate of an entity that has multiple keys/certificates. The
extension is then only an informational field and does not imply that the
CA restricts use of the key to the purpose indicated. Nevertheless,
applications that use certificates may require that a particular purpose be
indicated in order for the certificate to be acceptable.
If a certificate contains both a critical key usage field and a critical
extended key usage field, both fields must be processed independently,
and the certificate be used only for a purpose consistent with both fields.
If there is no purpose consistent with both fields, the certificate must not
be used for any purpose.
Extended key

Enable for these key usage extensions

TLS Web server


authentication

Digital signature, key encipherment or key agreement

TLS Web client


authentication

Digital signature and/or key agreement

Sign
(downloadable)
executable code

Digital signature

Email protection

Digital signature, non-repudiation, and/or key


encipherment or key agreement

IPSEC End System


(host or router)

Digital signature and/or key encipherment or key


agreement

IPSEC Tunnel

Digital signature and/or key encipherment or key


agreement
continued

Setting Up a Domino Server-Based Certification Authority 44-13

Security

Key usage extension Description

Extended key

Enable for these key usage extensions

IPSEC User

Digital signature and/or key encipherment or key


agreement

Timestamping

Digital signature, non-repudiation.

Examples of required key usage extensions


Application

Required key usage extensions

SSL Client

Digital signature

SSL Server

Key encipherment

S/MIME Signing

Digital signature

S/MIME Encryption

Key encipherment

Certificate Signing

Certificate signing

Object Signing

Digital signature

Creating the Certificate Requests database


Each Internet certifier you create requires a Certificate Requests database
(CERTREQ.NSF) to manage server and client certificate requests. This
database stores active certificate and revocation requests that have been
submitted to the Administration Process for processing. Using a
browser-based interface, servers and clients request certificates and pick
up issued certificates.
You can store Certificate Requests databases on any server in the
domain, including servers that reside outside of a network firewall.
For more information on using the Certificate Requests database to
process certificate requests, see the chapter Setting Up Clients for
S/MIME and SSL.
To create the Certificate Requests database
1. Choose File - Database - New and select the server to store the
Certificate Requests database.
2. Enter the database title and file name for example: Certificate
Requests and CERTREQ.NSF.
3. Choose the Certificate Requests (R6) template (CERTREQ.NTF).
4. Click OK. When the Certificate Requests database has been created,
it will open and the About... document will appear.
5. Close the About... document, and the Database Configuration form
will appear.

44-14 Administering the Domino System, Volume 2

Field

Action

Supported CA

Do the following:
1. In the Server field, enter the name of the server that
hosts the Internet certifier.
2. In the Certifier field, enter the name of the Internet
certifier to associate with the Certificate Request
database.

Supported
certificate types

Choose one:
Client certificates only Select this option if the
certifier will issue client Internet certificates. Do not
select this option if you want to create a server key
ring for SSL. If you select this option, you must
customize client requests.
Server certificates only Select this if the certifier
will issue server Internet certificates. If you select this
option, you must customize server requests.
Both client and server certificates Select this if the
certifier will issue both client and server Internet
certificates. If you select this option, then you need to
customize both server and client requests.

7. (Optional) In the Client Request Customization section, complete


these fields:
Field

Action

Validity period

Enter the number of years that client requests generated


with this database will specify as a validity period,
beginning at the time of request submission. Default is 1
year.

Key usages

Choose the default key usage that will be submitted in


client certificate requests generated from this database.
Default settings are Key Encipherment and Digital
Signature, which are sufficient for a client S/MIME
certificate.

Extended key
usages

Choose the default extended key usage that will be


submitted in client certificate requests generated from
this database. Default settings are Client Authentication
and Email Protection.

Setting Up a Domino Server-Based Certification Authority 44-15

Security

6. In the Database Administration section, complete these fields:

8. (Optional) In the Server Request Customization section, complete


these fields:
Field

Action

Validity period

Enter the number of years that server requests generated


with this database will specify as a validity period,
beginning at the time of request submission. Default is 1
year.

Key usages

Choose the default key usage that will be submitted in


server certificate requests generated from this database.
Default settings are Key Encipherment and Digital
Signature, which are sufficient for an SSL server
certificate.

Extended key
usages

The default extended key usage that will be submitted in


server certificate requests generated from this database.
Default is Server Authentication.

9. For Processing method, choose the method by which requests are


submitted to the Administration Process:
Manual (default) Choose this if you want an RA to review
requests submitted to the Certificate Requests to approve or deny
each request individually.
Automatic Choose this to have requests submitted to the
Certificate Requests database processed without RA intervention.
Requests will be approved or denied according to the certificate
policy. If this method is chose, the Automatic Transfer Server
field appears, in which you need to specify the server running the
administration process and to which certificate requests will
automatically be transferred.
Note If the Automatic method is chosen, the RA must be listed in
the group of users who can run unrestricted methods and operations
on the server. This can be set on the Security tab in the Server
document. There must also be a replica of the Certificate Requests
database on the specified transfer server.
10. For Mail notification, choose whether or not to send e-mail
notification when a certificate request has been processed by the CA.
Yes (default) Choose this if you want the requester to be
notified by e-mail when a certificate request has been processed
by the CA.
No Choose this if you do not want the requester to be notified
by e-mail when a certificate request has been processed by the CA.
11. Click Save & Close.

44-16 Administering the Domino System, Volume 2

Because server administrators and clients use browsers to access the CA


server to request and pick up certificates, use SSL to protect the CA
server. When you set up the CA server for SSL, you create the server key
ring file and request a server certificate. Domino automatically approves
the server certificate and merges the CA certificate as a trusted root.
For information on approving server certificate requests for Domino
servers that are not CA servers, see the topic Signing server certificates
later in this chapter.
To set up SSL on a server-based CA server
1. Create an Internet certifier.
2. Create the Certificate Requests application (CERTREQ.NSF).
3. Do the following to create a server key ring file to store the server
certificate, and merge the CA certificate as a trusted root into the
server key ring file:
a. In the Certificate Requests database, choose Domino Key Ring
Management - Create Key Ring.
b. In the Create Key Ring form, complete these fields:
Field

Action

File name

Enter a file name for the Key Ring file and keep
the .kyr.

Password

Enter a password for the key ring file.

Key size

Choose a key size.

Common name

Enter the fully qualified host name for


example, server.company.com.

Organization name Enter the name of the certifier organization.


State or province

Enter the full name of the state or province in


which the organization is located.

Country

Enter a two-letter abbreviation for the country in


which the organization is located.

c. Verify the information in the Key Ring Created dialog box,


then click OK to add your CA as a trusted root and generate a
certificate request for the server.
d. Verify the information in the Merge Trusted Root Certificate
Confirmation dialog box and click OK.

Setting Up a Domino Server-Based Certification Authority 44-17

Security

Setting up SSL on a server-based CA server

e. When the Certificate received into key ring and designated as


trusted root confirmation dialog box appears, click OK.
f. When the Certificate Request Successfully Submitted for Key
Ring dialog box appears, click OK.
If you chose Automatic as the processing method used by the
Certificate Requests database, continue with Step 5. If you chose
Manual, then complete Steps 4 through 6.
4. Do the following to transfer the certificate request to the
Administration Requests database:
a. In the Certificate Requests database, open the
Submitted/Waiting for Approval view. If the request does not
appear, press F9 to refresh the view.
b. If the request has been Submitted to Administration Process,
continue with Step 5. If the request is still Pending, highlight the
request and click Submit Selected Requests.
c. When you see Successfully submitted 1 request(s) to the
Administration Process, click OK.
5. Have an authorized registration authority approve the request. This
RA should be authorized for the certifier for which you are setting
up SSL.
a. Open the Administration Requests database (ADMIN4.NSF), and
then open the Certification Authority Requests/Certificate
Requests view and find the new request.
b. Open the request and verify the information in it.
c. Click Edit Request, then Approve Request. Press F9 until the
request changes from New to Issued.
6. Transfer the certificate request out of the Administration Requests
database:
a. Close the Administration Requests database and return to the
Certificate Requests database.
b. Open the Pending/Submitted Certificates view and locate the
request. If necessary, refresh the view.
c. If the certificate has not yet been issued, click Pull Selected
Request(s).

44-18 Administering the Domino System, Volume 2

a. Do one:
Open the Administrators mail file, locate and open a message
with the subject Your certificate request has been approved,
and copy the pickup ID to the Clipboard.
From the Certificate Requests database, open the
Submitted/Accepted view, then open the issued server request
and copy the Request ID to the clipboard.
b. In the Certificate Requests database, choose Domino Key Ring
Management, then Pickup Key Ring Certificate.
c. Enter the key ring file name and password, paste the pickup ID
into the form, and click Pickup Certificate.
8. Do the following to merge the approved server certificate into the
key ring file:
a. When the Merge Signed Certificate Confirmation dialog box
appears, verify the information and click OK.
b. When the Certificate received into key ring confirmation box
appears, click OK.
c. Copy or use FTP (in binary mode) to transfer the new key ring
file and its associated .STH file to the servers data directory.
9.

Configure the port for SSL:


a. In the Domino Directory, open the Server document. In the
Ports/Internet Ports section, click Edit Server and enter the name
of the new key ring file. (Do not include the full path to the key
ring file. Specify only the file name.) Enable the SSL Port Status
field and then click Save and Close.
Note As an optional step, while editing the Server document,
enable Session authentication in the Internet
Protocols/Domino Web Engine section. This ensures that HTTP
sessions will time out in the number of minutes that are specified
in the Idle session timeout field. The Maximum active sessions
may also be specified.
b. If HTTP is already running, at the console type te http restart
to enable SSL on the server.
c. To show SSL status and to verify that the HTTP server is
listening on both 80 and 443, type te http show security at the
server console.

Setting Up a Domino Server-Based Certification Authority 44-19

Security

7. After the CA signs the request for a server certificate and notifies you
to pick up the certificate, do the following:

10. Do the following to confirm that SSL is working on the server.


a. Open a browser, and enter the URL of the server for example:
https://Server.Company.com/certreq.nsf

b. If the New Site Certificate dialog box appears, click Next.


c. Click More Info to verify the information, then click Next.
d. Decide whether or not to accept the new site certificate, and for
how long, then click Next.
e. Decide whether or not you want to see a warning every time you
access the new site, then click Next. When the dialog box
appears, click Finish.
If the Security indicator (a padlock icon) is closed (locked), you have
successfully established a secure session over SSL.

Signing server certificates using the Certificate Requests database


A Domino administrator can request a server certificate from a
server-based CA in order to enable SSL on a Domino server. The request
is entered and processed in the Certificate Request database, where a
registration authority (RA) administrator approves or denies the request.
Note If you chose Automatic as the processing method used by the
Certificate Requests database, you only need to complete Step 3. If you
chose Manual processing, then complete the entire procedure.
To sign a server certificate request
1. From the Domino Administrator, open the Certificate Requests
database.
2. Transfer the certificate request to the Administration Requests
database:
a. In the Certificate Requests database, open the
Pending/Submitted Requests view. If the request does not
appear, press F9 to refresh the view.
b. If the request has been Submitted to Administration Process,
continue with Step 3. If the request is still Pending, highlight the
request and click Submit Selected Requests.
c. When you see a Successfully submitted 1 request(s) to the
Administration Process, click OK.
3. Have an RA who is listed for this certifier approve the request.
a. Open the Administration Requests database (ADMIN4.NSF), and
then open the Certification Authority Requests/Certificate
Requests view and find the new request.
44-20 Administering the Domino System, Volume 2

c. Click Edit Request, then Approve Request. Press F9 until the


request changes from New to Issued.
4. Transfer the certificate request out of the Administration Requests
database:
a. Close the Administration Requests database and return to the
Certificate Requests database.
b. Open the Pending/Submitted Certificates view and locate the
request. If necessary, refresh the view.
c. If the certificate has not yet been issued, click Pull Selected
Request(s).
5. The certifier signs the request for a server certificate and notifies the
requester to pick up the certificate.

Modifying a server-based CA
After you migrate or create a certifier, you can modify it through the
certifier ICL or through the certifier document in the Domino Directory.
Note that how you open a certifier to modify it affects the number and
type of changes you can make.
Note Only CA administrators can modify a server-based CA. A CA
administrator must have Editor access to the Domino Directory in order
to modify a certifier.
To modify a certifier through the ICL
1. Shut down the CA process used by the certifier that you want to
modify. At the server console, type:
tell ca quit

2. From the Domino Administrator, click Configuration.


3. On the Tools pane, choose Certification - Modify Certifier.
4. Select the server that hosts the CA you want to modify, if necessary
5. Select the certifier to recover by doing one of the following:
Select the certifier document from the Domino Directory.
Select the certifier ICL database.
Note If the certifier is protected with a lock ID, you must unlock it
in order to modify it.

Setting Up a Domino Server-Based Certification Authority 44-21

Security

b. Open the request and verify the information in it.

6. In the Certifier dialog box, modify the certifier as needed. You can
change these features:
Encryption mechanism for certifier ID
CAs and RAs, and roles of current entries
CRL distribution point extension
Enable or disable backdating of certificate
Certificate duration
Certificate key usage (Internet certifiers only)
CRL publication and duration (Internet certifiers only)
For detailed information on these options, see the topic Creating
a certifier for a server-based CA earlier in this chapter.
7. Click OK.
To modify a certifier through the Certifier document
To modify a Certifier document, you must have Editor access to the
Domino Directory. Full-access administrators and administrators have
this access by default; however, be sure that all certificate authority (CA)
administrators also have this access.
1. From the Domino Administrator, click Configuration.
Note If the certifier is protected with a lock ID, you must unlock it
in order to modify it.
On the Basics tab, you can modify certifier name and issuer.
Click Modify CA configuration to change CAA and RA
associations.
2. Click Save and Close.

Disabling a certifier
To modify a Certifier document, you must have Editor access to the
Domino Directory. Full-access administrators and administrators have
this access by default; however, be sure that all certificate authority (CA)
administrators also have this access.
1. From the Domino Administrator, click Configuration and open the
Certificates view in the Server pane.
2. Select the certifier document you want to disable and double-click to
open it.
3. Click Edit Certifier.

44-22 Administering the Domino System, Volume 2

5. Click Save and Close.


Caution If you disable the CA process for a certifier, and later want
to enable it, you must open the certifier document and enable it. You
can also repeat the CA migration process to enable it however,
this creates a new ICL database for the certifier.

Revoking a certificate
A CA administrator can easily revoke an Internet certificate if the subject
of the certificate leaves the organization, or if the key has been
compromised. After a certificate is revoked, it can never again be trusted.
If you revoke a certificate, especially if a key has been compromised,
issue a non-regular CRL so that any entity checking CRLs has the most
updated revocation information.
To revoke a certificate
1. From the Domino Administrator, click Files. Open the ICL directory.
2. From the list of ICL databases, open the ICL for the certifier that
issued the certificate you need to revoke.
3. Open the Issued Certificates\By Subject Name view.
4. Open the Issued Certificate document for the certificate you want to
revoke.
The document name is the same as the subject name.
5. At the top of the document, click Revoke Certificate.
6. In the Revocation Reason dialog box, select the reason for revoking
the certificate, and click OK.
7. Issue a non-regular CRL.
The next time the CA process refreshes, the Issued Certificate document
will be updated to indicate that the certificate has been revoked. When
you open the Issued Certificate document again, the Revocation
Information section will indicate that the certificate has been revoked, the
revocation date and time, the reason for the certificates revocation, and
date and time the certificate became invalid.
For more information on issuing non-regular CRLs, see the appendix
Server Commands.

Setting Up a Domino Server-Based Certification Authority 44-23

Security

4. On the CA Configuration tab, disable the CA process for the certifier.

Viewing certifiers running under the CA process


You can view a list of all the certifiers running under the CA process. At
the server console type:
tell ca status

The server returns a list of all certifiers using the CA process and their
current status. The number associated with each certifier is used in some
CA Tell commands.
For example:
10/22/2001 02:38:12 pm
CA Process status:
10/22/2001
1. O=Acme

02:38:12 pm

10/22/2001 02:38:12 pm
Certifier type: Notes
10/22/2001 02:38:12 pm
Active: Yes
10/22/2001 02:38:12 pm
ICL DB Path: icl\icl_Acme.nsf
10/22/2001 02:38:12 pm
2. CN=East/O=Acme/ST=Massachusetts/C=US
10/22/2001 02:38:12 pm
Certifier type: Internet
10/22/2001 02:38:12 pm
Active: Yes
10/22/2001 02:38:12 pm
ICL DB Path: icl\icl_East.nsf

For more information about using CA Tell commands, see the appendix
Server Commands.

Viewing certificate requests


Domino CAs and RAs can view information about server and client
certificate requests waiting for approval, as well as approved and
rejected requests.
1. From the Domino Administrator, click Files and open the Certificate
Requests database for the certification authority for which you want
to see certificate requests.
2. Click Pending/Submitted Requests or Issued/Rejected Certificates.

44-24 Administering the Domino System, Volume 2

Back up each certifier that you create, so that you can recover if there is a
problem for example, if error messages are generated by the certifier
when you issue a lo ca or tell ca refresh command.
To back up a certifier
1. When you create a new certifier, keep a local copy of the certifier ID
file.
2. After you create the certifier, make a copy of the ICL database and
keep it in a safe place. Back up the ICL periodically to incorporate
any changes you make to the certifier.
To recover a certifier
1. From the Admin client, click Configuration.
2. On the Tools pane, choose Certification - Modify Certifier.
3. Select the CA server from the list, and click OK.
4. Select the server that hosts the CA you want to modify, if necessary.
5. Select the certifier to recover by doing one of the following:
Select the certifier document from the Domino Directory.
Select the certifier ICL database.
6. You may be prompted for the certifier ID and password. Enter the
path and filename for the local copy of the ID that you created when
you first set up the certifier, and click OK.
Note You will be prompted for the certifier ID only if the certifier
determines that it cannot proceed without it.
7. In the Modify Certifier dialog box, confirm that the certifier
information is correct. Click OK.
If the certifier is still having problems for example, configuration
documents are corrupted or missing replace the ICL database with the
back up copy. The location of the ICL database is specified in the certifier
document.

Setting Up a Domino Server-Based Certification Authority 44-25

Security

Backing up and recovering a certifier

Security

Chapter 45
Setting Up a Domino 5 Certificate Authority
This chapter describes how to set up a Domino 5 certificate authority
(CA) to issue server and client certificates using a CA key ring file.

Using a Domino 5 certificate authority


You can set up a Domino certificate authority (CA), or certifier, in one of
two ways: you can use a CA key ring or you can use the CA process.
Using a Domino 5 certificate authority requires that you:

Have access to the CA key ring and password in order to administer


the certifier and issue certificates.

As an administrator, must administer and safeguard the certifier ID.

Issue Notes and Internet certificates separately.

A CA key ring file is a binary file that is password-protected and is used


to store the CA certificate. This certificate is then used to sign server and
client Internet certificates.
Once you have created a certifier on a Domino server, you can then
enable SSL on that server to provide secure communications for
certificate requests and pickups. You do this by creating a server key ring
file and merging the CA certificate into it as a trusted root certificate.

Setting up a Domino 5 certificate authority


A Domino CA server hosts the Domino Certificate Authority application.
Users, server administrators, and Domino CAs use the application to
manage server and client certificates. Most organizations need only a
single Domino CA server.
To set up a Domino CA server, you must perform these tasks:
1. Set up the server as a Domino Web server.
For more information, see the chapter Setting Up the Domino Web
Server.
2. Create the Domino 5 Certificate Authority application.
45-1

3. Create a CA key ring file and CA certificate.


4. Configure the CA profile to specify key ring and mail settings.
5. Set up SSL on the CA server.

Creating the Domino Certificate Authority application


1. Set up the server as a Domino Web server.
2. Using the Domino Designer, create the Domino Certificate Authority
application on the server using the Domino R5 Certificate Authority
template (CCA50.NTF). To view the template file, select the option
Advanced templates. You can name the application anything you
wish for example, CERTCA.NSF.
3. Edit the ACL of the Domino 5 Certificate Authority database, as
follows:
a. Add the names of the administrators who will issue and manage
Internet certificates. Assign Editor with Delete access and the
[CAPrivlegedUser] role to each administrator.
b. Set the -Default- access to Author with Create documents
privilege.
4. Create a CA key ring file and certificate.
Tip To hide the Domino Certificate Authority application so that it
doesnt appear when users choose File - Database - Open and when Web
clients browse a database list, deselect Show in Open Database dialog
on the Tools tab in the Database Properties box.

Creating a CA key ring file and certificate


When you use the Domino Administrator to create the CA key ring file, it
is stored by default in the clients data directory.
Make sure that you keep the key ring file in a secure location, especially
if you copy it to a shared location. To prevent unauthorized access, only
the administrators that you specify should have access to the CAs key
ring file and password.
To create a CA key ring file and certificate
1. Make sure you created the Domino Certificate Authority application.
2. From the Domino Administrator, click Files, and open the Domino
Certificate Authority application.
3. Click Create Certificate Authority Key Ring & Certificate.

45-2 Administering the Domino System, Volume 2

Field

Action

Key ring file


name

Enter the explicit path and file name for the CA key
ring. The default is CAKEY.KYR in the Domino
Administrators data directory. Its helpful to use the
extension .KYR to keep server and CA key ring file
names consistent.

Key ring
password

Specify a password for the key ring.

Password verify

Enter the password entered into the previous field. This


helps ensure the password is entered correctly.

Key Size

Select the size of the public and private key pairs. The
larger the size, the stronger the encryption.

Common name

Enter a descriptive name that identifies the CA


certificate for example, Acme SSLCA.

Organization

Enter the name of the certifier organization. This is


usually a company name, such as Acme.

Organizational
Unit

(Optional) Enter the division or department in which


the certifier resides.

City or Locality

(Optional) Enter the city or town where the certifier


resides.

State or Province Enter three or more characters that represent the state
or province where the certifier resides, such as
Massachusetts. (For U.S. states, enter the complete state
name, not the abbreviation.)
Country

Enter the two-character representation of the country


where the certifier resides for example, US for
United States or CA for Canada.

Note The Common name, Organization, Organizational Unit, City


or Locality, State or Province, and Country make up the CA servers
distinguished name. Choose the CA name carefully; it is a costly
process to reissue certificates if you change the name.
5. Click Create Certificate Authority Key Ring.
6. After you review the information about the key ring file and CA
name, click OK.
7. Make a backup copy of the Certificate Authority key ring file, and
store it in a secure location.
8. Configure the Domino Certificate Authority application profile.

Setting Up a Domino 5 Certificate Authority 45-3

Security

4. Complete these fields:

To change the password for the CA key ring file


To ensure the continued security of the CA key ring file, periodically
change its password.
1. From the Domino Administrator, click Files, and open the Domino
Certificate Authority application.
2. Click View Certificate Authority Key Ring, and then click Change
CA Key Ring Password.
3. Enter the old password, and then click OK.
4. Enter a new password, and then click OK.

Configuring the Domino Certificate Authority application profile


The Domino Certificate Authority application profile identifies the CAs key
ring file and specifies the name of the CA server. Domino adds a link to the
CA server when you send a message to clients and server administrators
who request certificates. The clients and server administrators use this
information to determine where to pick up certificates.
1. Make sure you created a CA key ring file and certificate.
2. From the Domino Administrator, click Files, and open the Domino
Certificate Authority application.
3. Click Configure Certificate Authority Profile.
4. If necessary, enter the CA key ring path and file name in the CA Key
File field. By default, Notes looks for the key ring file on the local
hard drive. You can also specify a network drive accessible to other
administrators.
5. Enter the TCP/IP DNS name of the server that runs the CA
application in the Certificate Server DNS name field. Domino uses
this name to indicate where to pick up signed certificates in the
messages sent to administrators and clients.
The following fields set default values for the Approved Client
Certificates screen. You can override these when approving a certificate.
Field

Action

Use SSL for


certificate
transactions?

Choose one:
Yes (default) to specify whether the e-mail message
generated during the security request process includes
a reference to the SSL port for secure certificate pick-up.
No to specify SSL will not be used.

Certificate Server Enter the number of the TCP/IP port for the server.
port number
Domino uses this port when sending an e-mail notification to clients to pick up certificates. The default is 80.
continued
45-4 Administering the Domino System, Volume 2

Action

Mail confirmation Choose one:


of signed
Yes to generate an e-mail confirmation for a signed
certificate to
certificate request.
requester?
No (default) to not send the confirmation.
Submit signed
certificates to
AdminP for
addition to the
Directory?

Choose one:

Default validity
period

Specify the period, in years, for which the signed


certificate is valid. Default is 2 years.

Yes (default) to submit the signed certificate request


to the Administration Process, which then stores this
certificate in the Domino Directory.
No to not submit the certificate.

6. Click Save & Close.


7. Set up SSL on the CA server.

Setting up SSL on the CA server


Because server administrators and clients use browsers to access the CA
server to request and pick up certificates, use SSL to protect the CA
server. When you set up the CA server for SSL, you create the server key
ring file and request a server certificate. Domino automatically approves
the server certificate and merges the CA certificate as a trusted root.
1. Make sure you configured the Domino Certificate Authority
application profile.
2. From the Domino Administrator, click the Files tab, and open the
Domino Certificate Authority application.
3. Click Create Server Key Ring & Certificate.
4. Complete these fields:
Field

Action

Key ring file


name

Enter the name of the server key ring file. By default,


this is stored in the data directory of the Domino
Administrator used to create the file. Do not use the
same name as the CA key ring file.

Key ring
password

Specify a password for the key ring.

Password verify

Enter the password entered into the previous field. This


helps ensure the password is entered correctly.

Key size

Select the size of the public and private key pairs. The
larger the size, the stronger the encryption.
continued
Setting Up a Domino 5 Certificate Authority 45-5

Security

Field

Field

Action

CA certificate
label

Enter the label to display when you view the CA


certificate in the server key ring file.

Common name

Enter the TCP/IP fully-qualified host name for


example, www.lotus.com.
Set up the server certificate so that the common name
matches the DNS name, since some browsers check for
this match before allowing a connection.

Organization

Enter the name of the certifier organization. This is


usually a company name, such as Acme.

Organizational
Unit

(Optional) Enter the division or department where the


certifier organization resides.

City or Locality

(Optional) Enter the city or town where the certifier


organization resides.

State or Province Enter three or more characters that represent the state or
province where the certifier organization resides, such
as Massachusetts. (For U.S. states, enter the complete
state name, not the abbreviation.)
Country

Enter a two-character representation of the country


where the certifier organization resides for example,
US for United States or CA for Canada.

5. Click Create Server Key Ring.


6. Enter the CA key ring file password, and then click OK. The server
SSL key ring file is created.
7. Copy the server key ring file to the Domino data directory on the
server. The Domino Certificate Authority application creates the file
locally; however, the server needs the key ring file to use SSL.
Note If you choose to store the server key ring file in some place
other than the Domino data directory, you must specify the full
directory path to it in the Server document or Site document.
8. Configure the SSL port. Enable server authentication on the server.
For more information on configuring an SSL port, see the chapter
Setting Up SSL on a Domino Server.
9. If clients use Netscape Navigator, do the following:
a. From the Domino Administrator, click the Files tab, open the
Domino Certificate Authority application, and then open the
Database Properties box.
b. On the Basics tab, choose Web Access: Require SSL connection
to force browsers to use SSL to connect to this database.

45-6 Administering the Domino System, Volume 2

Displaying the CA key ring file


1. From the Domino Administrator, click Files, and open the Domino
Certificate Authority application.
2. Click View Certificate Authority Key Ring.
3. Click Display CA Key Ring.
4. Enter the password when prompted.
5. Double-click the CA Key Pair document you want to open and view.
6. To exit the document after viewing, click Close.

Exporting the CA key ring file


Export the CA key ring to a text file to troubleshoot problems with the
CA server and compare key ring files.
1. From the Domino Administrator, click Files, and open the Domino
Certificate Authority application.
2. Click View Certificate Authority Key Ring.
3. Click Dump CA Key Ring to Text.
4. Enter the password when prompted.
5. Enter the name of the file to which you want to export the key ring.
Notes creates this text file and places it in the data directory.
6. To view the text file, open it with a text editor.

Signing server certificates


The certificate authority signs a server certificate to add its digital
signature to the certificate. A request for a server certificate appears in
the Server Certificate Requests view in the Domino Certificate Authority
application. When the certificate authority signs a certificate, the
certificate authority can automatically notify the requesting server
administrator by e-mail. The e-mail describes how to pick up the
certificate and includes a pick-up ID, which the server administrator
must use to identify the certificate during the pick-up process. Domino
automatically generates the pick-up ID.

Setting Up a Domino 5 Certificate Authority 45-7

Security

Note If clients use Microsoft Internet Explorer, do not complete this


step, which forces users to use SSL to access the application. Clients
who use Internet Explorer must use TCP/IP to access the Domino
Certificate Authority application and merge the certificate as a
trusted root. Internet Explorer does not allow clients to accept a site
certificate for a server for which they do not have the trusted root
certificate.

To sign a server certificate with a Domino 5 Certificate Authority


Before you begin, make sure that:

The requesting server administrator has merged the Certificate


Authoritys certificate into the server key ring as a trusted root.

You understand your organizations policy on signing certificates.


Sign certificates only if the certificate requests comply with your
organizations security policy.

1. From the Domino Administrator, click Files and open the Domino
Certificate Authority application.
2. Click Server Certificate Requests.
3. Open the request to sign.
4. Review the user information and distinguished name. Make sure that
the information provided complies with your organizations security
policy.
If you want to deny the request, complete Step 5. Otherwise, go to
Step 6.
5. To deny the request, do the following:
a. Enter a reason for the denied request.
b. If you do not want to notify the server administrator by e-mail,
deselect Send a notification email to the requester. Otherwise,
Domino sends the server administrator an e-mail indicating that
you denied the request and the reason why you denied the
request.
c. Click Deny.
6. To approve the request, do the following:
a. Enter a validity period. For short-term projects, 90 days is typical;
for ongoing projects, you can enter several years.
b. If you do not want to notify the server administrator by e-mail to
pick up the certificate, deselect Send a notification email to the
requester. Otherwise, Domino sends the server administrator an
e-mail with a URL indicating the location to pick up the
certificate.
c. Click Approve.
d. Enter the password for the CAs key ring file, and then click OK.
7. Have the server administrator complete the procedure Merging a
server certificate into the key ring file.

45-8 Administering the Domino System, Volume 2

Domino certificate authority administrators can view information about


server and client certificates waiting for approval, approved requests
waiting for pick-up, and requests that have been denied.
1. From the Domino Administrator, click Files and open the Domino
Certificate Authority application.
2. Click Server Certificate Requests or Client Certificate Requests.
3. Use the Actions menu to display requests waiting for approval,
approved requests, and denied requests.

Setting Up a Domino 5 Certificate Authority 45-9

Security

Viewing requests for certificates

Security

Chapter 46
Setting Up SSL on a Domino Server
This chapter describes how to set up SSL on a Domino server to allow
secure Internet and intranet access at your organization.

SSL security
Secure Sockets Layer (SSL) is a security protocol that provides
communications privacy and authentication for Domino server tasks that
operate over TCP/IP.
SSL offers these security benefits:

Data is encrypted to and from clients, so privacy is ensured during


transactions.

An encoded message digest accompanies the data and detects any


message tampering.

The server certificate accompanies data to assure the client that the
server identity is authentic.

The client certificate accompanies data to assure the server that the
client identity is authentic. Client authentication is optional and may
not be a requirement for your organization.

Internet protocols supported by Domino and SSL


You must set up the Domino server and then set up SSL. You can use SSL
security for Internet clients who use one of the following Internet
protocols to connect to the Domino server:

Web server and Web Navigator (HTTP)

Internet Inter-ORB Protocol (IIOP)

The Java applet that uses this protocol must be set up to use SSL.

Internet Message Access Protocol (IMAP)

Lightweight Directory Access Protocol (LDAP)

Post Office Protocol 3 (POP3)

Simple Authentication and Security Layer (SASL)

46-1

Domino uses SASL automatically if SSL with client authentication is set


up on the server and if the LDAP client supports the protocol. No
additional configuration is necessary.

Simple Mail Transport Protocol (SMTP)

Setting up SSL on a Domino server


Set up SSL on a Domino server so that clients and servers that connect to
the server use SSL to ensure privacy and authentication on the network.
You set up SSL on a protocol-by-protocol basis. For example, you can
enable SSL for mail protocols such as IMAP, POP3, and SMTP and
not for other protocols.
To set up SSL on your server, you need a key ring containing a server
certificate from an Internet certificate authority. You can request and
obtain a server certificate from either a Domino or third-party certificate
authority (CA) and then install it in a key ring. A server certificate is a
binary file that uniquely identifies the server. The server certificate is
stored on the servers hard drive and contains a public key, a name, an
expiration date, and a digital signature. The key ring also contains root
certificates used by the server to make trust decisions.
This describes the process to follow if you need to set up SSL on a
Domino server that is not already a Domino certificate authority server.
You complete the setup process regardless of whether you request a
server certificate from a Domino or third-party CA.
Note You can enable SSL on a server when you register the server if you
have already have a Domino server-based certification authority running
in the Domino domain.
For more information about enabling SSL on a server at server
registration, see the chapter Installing and Setting Up Domino Servers.

To set up SSL on a Domino server


1. Set up the Server Certificate Admin application (CERTSRV.NSF),
which Domino creates automatically during server setup.
2. Create a server key ring file to store the server certificate.
3. Request an SSL server certificate from the CA.
4. Merge the CA certificate as a trusted root into the server key ring file.
5. The CA approves the request for a server certificate and sends
notification that you can pick up the certificate.
6. Merge the approved server certificate into the key ring file.
46-2 Administering the Domino System, Volume 2

8. If you are using client authentication, add the clients name to


database ACLs and access lists for design elements.

Setting up the Server Certificate Admin application


Domino automatically creates the Server Certificate Admin application
during server setup. If the Server Certificate Admin application is not
available after you start the Domino server, use the Server Certificate
Admin template (CSRV50.NTF) to create it. Use the Server Certificate
Admin application to:

Request server certificates from either a Domino or third-party CA

Add a CA certificate as a trusted root

Manage server certificates in a key ring file

Create a self-certified certificate for testing purposes

To set up the Server Certificate Admin application


1. Make sure you set up the server as a Domino Web server.
For more information, see the chapter Setting Up the Domino Web
Server.
2. Edit the ACL of the Server Certificate Admin application, as follows:
Add the names of server administrators who will need to obtain
and manage server certificates. Assign Manager access.
Set -Default- access to No access to prevent others from using the
database.
3. Create a server key ring file.
Tip To hide the Server Certificate Admin application when users
choose File - Database - Open, deselect Show in Open Database
dialog in the Database Properties box.

Creating a server key ring file


Before you request a certificate from a CA, you must create a key ring file
to store the certificates. A key ring file is a binary file that is
password-protected and stored on the servers hard drive. When you
create a server key ring file (.KYR), Domino generates an unsigned server
certificate and automatically includes several trusted root certificates.
The unsigned server certificate is not valid until it is signed by a certifier.
Domino also creates a stash file (.STH) using the same name as the key
ring file, but with the file extension .STH. Domino uses the stash file to
store the key ring file password for unattended access to the server key
ring file.
Setting Up SSL on a Domino Server 46-3

Security

7. Configure the port for SSL.

Every server certificate includes a distinguished name used for SSL


connections. You set up this distinguished name when you create the
server key ring file. Some components of a distinguished name are
optional; however, the more components you include, the less likely you
are to encounter an identical name elsewhere on the Internet.
Note If you are requesting a server certificate from a server-based
certification authority, you can use the Notes client to create the server key
ring and request a server certificate in the Certificate Requests database.
For more information, see the topic Requesting an SSL server
certificate later in this chapter.
To create a server key ring file
1. Set up the Server Certificate Admin application.
2. From the Notes client, open the Server Certificate Admin application
on the server for which you want to enable SSL.
3. Click Create Key Ring.
4. Complete these fields:
Field

Action

Key Ring File


Name

Enter the key ring file name. The default is


KEYFILE.KYR. Its helpful to use the extension .KYR to
keep key ring file names consistent.
Note The servers key ring file name appears in any
Internet Site documents that you have configured, or, if
Internet Site documents are not being used, on the Ports
- Internet Ports tab of the Server document. If you
specified a name other than the default, you need to edit
the name where it appears - in the Internet Site
documents or in the Server document.

Key Ring
Password

Enter the password for the key ring.

Key Size

Specify the key size Domino uses when creating the


public and private key pairs. The larger the size, the
stronger the encryption.

Common name

Enter the servers TCP/IP fully-qualified domain name


for example, www.acme.com.
Set up the server certificate so that the common name
matches the host name since some browsers check for
this match before allowing a connection.

Organization

Enter the name of the organization for example, a


company name, such as Acme.
continued

46-4 Administering the Domino System, Volume 2

Action

Organizational
Unit

(Optional) Enter the name of certifier division or


department.

City or Locality

(Optional) Enter the organization city or locality.

State or Province Enter the full name of the state or province in which the
certifier organization resides.
Country

Enter the two-character abbreviation of country in


which organization resides

5. Click Create Key Ring.


6.

After you read the information about the key ring file and
distinguished name, click OK. Notes creates the key ring file and
stash (.STH) file and places them in the Notes data directory on the
client machine used to create the key ring.

7. Copy the key ring file and stash (.STH) file to the Domino data
directory on the server.
Caution You must ensure that the key ring password in the stash
file is protected. The key ring file password is altered in the stash file
so that it cannot be recognized by a casual observer, but it is not
encrypted. You should not allow unauthorized persons access to
either the stash file or the key ring file. In the normal course of
operation, only the server itself should have access to those files;
however, administrators may also need permission to remove or
replace the files. As with all server resources, managing proper file
permissions and protections is vital to the security of the system.
8. Request an SSL server certificate.

Requesting an SSL server certificate


When you request an SSL server certificate, you use Public-Key
Cryptography Standards (PKCS) format, an industry-standard format
that many CAs, including Domino, understand. Before you request a
certificate from a third-party CA, make sure the CA uses the PKCS
format, not some other format, such as Privacy-Enhanced Mail (PEM). If
you are unsure of the format required by a third-party CA, check with
that CA.
A certificate request is essentially certificate data that has not been signed
by a CA. The CA turns the request into a certificate by signing it.
If you are requesting a server certificate from a server-based certification
authority, you can use the Notes client to create the server key ring and
the server certificate in the Certificate Requests database. You must be
able to access the Domino server using the Notes client.
Setting Up SSL on a Domino Server 46-5

Security

Field

To request a server certificate using a Notes client

1. From the Notes client, open the Certificate Requests database for the
certifier from which you want to request a server certificate.
2. Do the following to create a server key ring file to store the server
certificate and merge the CA certificate as a trusted root into the
server key ring file:
a. In the Certificate Requests database, choose Domino Keyring
Management - Create Keyring.
b. In the Create Key Ring form, complete these fields:
Field

Action

File name

Enter a file name for the Key Ring file and keep the .kyr.

Password

Enter a password for the key ring file.

Key size

Choose a key size.

Common name Enter the fully qualified host name for example,
server.company.com.
Organization
name

Enter the name of the certifier organization.

State or
province

Enter the full name of the state or province in which


the organization is located.

Country

Enter a two-letter abbreviation for the country in


which the organization is located.

c. Verify the information in the Key Ring Created dialog box,


then click OK to automatically add the CA as a trusted root and
generate a certificate request for the server.
d. Verify the information in the Merge Trusted Root Certificate
Confirmation dialog box and click OK.
e. Click OK when the Certificate received into key ring and
designated as trusted root confirmation dialog box appears.
f. Click OK when the Certificate Request Successfully Submitted
for Key Ring dialog box appears.
After an RA approves the request for a server certificate, the CA
issues a server certificate and sends notification that you can pick up
the certificate.
3. In the Issued/Rejected Certificates view, open the issued server
request and copy the Request ID to the Clipboard.
4. Choose Domino Key Ring Management - Pickup Key Ring Certificate.
5. Enter the key ring file name and password, paste the pickup ID into
the form and click Pickup Certificate.
46-6 Administering the Domino System, Volume 2

7. When the Certificate received into key ring dialog box appears,
click OK.
8. Copy or use FTP (in binary mode) to transfer the new key ring and
its associated .STH file to the servers data directory.
From a Domino CA using a Web browser
This procedure for generating a server certificate request is the same
regardless of whether you are requesting a server certificate from a
Domino server-based certification authority or a Domino 5 certificate
authority.
1. Make sure you already created the server key ring file and mapped a
drive to the directory that contains the server key ring file.
2. From the Notes client, open the Domino Directory of the server on
which you want to create SSL, and open the Server Certificate
Admin application.
3. Click Create Certificate Request.
4. Complete these fields:
Field

Enter

Key Ring File


Name

The name of the server key ring file, including the


path to the file

Log Certificate
Request

Choose one:
Yes (default) to log information in the Server
Certificate Admin application
No to not log information

Method

Choose Paste into form on CAs site

5. Click Create Certificate Request.


6. Enter the password for the server key ring file.
7. Copy the certificate request to the system Clipboard (include the
Begin Certificate and End Certificate lines), and click OK.
8. On the server, use one of these methods to browse to the Domino
certificate authority application (the Certificate Requests application
for a server-based certification authority, and the Domino Certificate
Authority for a Domino 5 Certificate Authority) on the Domino
servers Web site:
If you use Microsoft Internet Explorer, use SSL (HTTPS) to
connect to the application. You need to trust server certificate in
order to use SSL to access the server. To install (and trust) the
Setting Up SSL on a Domino Server 46-7

Security

6. Verify the information in the Merge Signed Certificate


Confirmation dialog box and click OK.

server certificate, in the IE security alert dialog box click View


Certificate - Install Certificate, and follow the instructions. To
trust all site certificates certified by a given CA, click Accept this
authority in your browser before accessing the server with SSL.
This option is available in both the Certificate Requests and
Domino Certificate Authority applications.
If you use Netscape, use SSL to connect to the application. Then
use the instructions provided by the browser software to accept
the site certificate.
9. Click Request Server Certificate.
10. Enter your name, e-mail address, phone number, and any comments
for the CA.
11. Paste the certificate request into the dialog box, and then click
Submit Certificate Request.
12. Merge the CA certificate as a trusted root.
From a third-party CA
1. Make sure you already created the server key ring file.
2. From the Notes client, open the Server Certificate Admin application
on server for which you want to set up SSL.
3. Click Create Certificate Request.
4. Complete these fields:
Field

Enter

Key Ring File


Name

The name of the server key ring file including the path
to the file

Log Certificate
Request

Choose one:
Yes (default) to log information in the Server
Certificate Admin application
No to not log information

Method

Choose one:
Paste into form on CAs site (recommended)
Send to CA by e-mail
Note You must choose the paste option to submit a
request to VeriSign, which doesnt use PKCS format for
requests sent by e-mail. If you choose Send to CA by
e-mail, enter the CAs e-mail address, and your e-mail
address, phone number, and location.

5. Click Create Certificate Request.


6. Enter the password for the server key ring file.

46-8 Administering the Domino System, Volume 2

a. Copy the certificate request to the system Clipboard (include the


Begin Certificate and End Certificate lines).
b. Use a browser to visit the CAs site, and then follow the
instructions that the CAs site provides for submitting a request
for a new certificate.
8. Merge the CA certificate as a trusted root.

Merging a CA certificate as a trusted root


The server certificate must contain the CA certificate as a trusted root.
The trusted root allows servers and clients that have a common CA
certificate to communicate. Before you merge a server certificate signed
by a CA, merge the CA certificate into your key ring file as a trusted root.
From a Domino CA
Note This procedure is the same regardless of whether you are using a
Domino server-based certification authority or a Domino 5 certificate
authority.
1. Make sure that you requested the server certificate and mapped a
drive to the directory that contains the key ring file.
2. Browse to the certificate authority application (the Certificate
Requests application for a server-based certification authority, and
the Domino Certificate Authority for a Domino 5 Certificate
Authority) on the Domino CA:
If you use Microsoft Internet Explorer, use HTTP to connect to the
application.
If you use Netscape, use SSL to connect to the application. Then,
use the instructions provided by the browser software to accept
the site certificate.
3. Click Accept This Authority in Your Server.
4. Highlight the certificate text and copy it to the system Clipboard
(include the Begin Certificate and End Certificate lines).
5. From the Notes client, open the Server Certificate Admin application.
6. Click Install Trusted Root Certificate into Key Ring.
7. Enter the name of the key ring file that will store this certificate. You
specified this name when you created the server certificate request.
8. Enter the name that the key ring file will use to identify this
certificate. If you leave this field blank, Domino uses the
distinguished name of the certificate.
Setting Up SSL on a Domino Server 46-9

Security

7. If you selected Paste into form on CAs site in Step 4, do the


following:

9. In the Certificate Source field, choose Clipboard. Paste the Clipboard


contents into the next field.
10. Click Merge Trusted Root Certificate into Key Ring.
11. Enter the password for the key ring file, and then click OK.
12. Have the CA sign the server certificate.
From a third-party CA
View the default trusted roots in the key ring file to make sure the
third-party CAs certificate is not already included. If it is already
included, you do not need to complete these steps.
For more information, see the topics Default Domino SSL trusted roots
and Viewing SSL server certificates later in this chapter.
1. Make sure that you requested the server certificate and mapped a
drive to the directory that contains the key ring file.
2. Browse to the Web site of the CA and obtain the CAs trusted root
certificate. In most cases, the trusted root certificate is in a file
attachment, or the certificate is available for you to copy to the
Clipboard.
3. From the Notes client, open the Server Certificate Admin application.
4. Click Install Trusted Root Certificate into Key Ring.
5. Enter the name of the key ring file that will store this certificate. You
specified this name when you created the server certificate request.
6. Enter the name that the key ring file will use to identify this
certificate. If you leave this field blank, Domino uses the
distinguished name of the certificate.
7. Do one of the following:
If you copied the contents of the CAs certificate to the Clipboard
in Step 2, choose Clipboard in the Certificate Source field. Paste
the Clipboard contents into the next field.
If you received a file that contained the CAs certificate in Step 2,
detach the file to your hard drive and select File in the Certificate
Source field. Enter the file name in the File name field.
8. Click Merge Trusted Root Certificate into Key Ring.
9. Enter the password for the key ring file, and then click OK.
10. Have the CA complete the procedure Signing server certificates.

46-10 Administering the Domino System, Volume 2

Domino includes several trusted root certificates by default when you


create a server key ring file. You do not need to merge a third-party CAs
certificate as a trusted root if it exists in the key ring file by default.
Trusted root certificate name

Organization

Organizational Unit Country

VeriSign International Server VeriSign, Inc.


CA - Class 3

Class 3 Public
Primary
Certification
Authority

US

VeriSign Class 3 Public


Primary Certification
Authority

VeriSign, Inc.

Class 3 Public
Primary
Certification
Authority

US

VeriSign Class 2 Public


Primary Certification
Authority

VeriSign, Inc.

Class 2 Public
Primary
Certification
Authority

US

VeriSign Class 1 Public


Primary Certification
Authority

VeriSign, Inc.

Class 1 Public
Primary
Certification
Authority

US

VeriSign Test Certificate


Authority

VeriSign, Inc.

Test CA

US

RSA Secure Server


Certificate Authority

RSA Data
Security, Inc.

Secure Server
Certification
Authority

US

Netscape Test Certificate


Authority

Netscape
Test CA
Communications
Corp.

RSA Low Assurance


Certificate Authority

RSA Data
Security, Inc.

Low Assurance
Certification
Authority

US

US

Setting Up SSL on a Domino Server 46-11

Security

Default Domino SSL trusted roots

Signing server certificates


The CA creates a digital signature over the server certificate request
using the CAs private key. This action creates a server certificate.
Essentially, the act of signing the certificate request turns the request into
a certificate. The server certificate is then considered valid.
The method used to sign a server certificate depends on whether the
certificate was issued by a Domino or third-party CA.
For more information on how a Domino server-based certification
authority signs certificates, see the chapter Setting Up a Domino
Server-Based Certification Authority.
For more information on how a Domino 5 certificate authority signs
certificates, see the chapter Setting Up a Domino 5 Certificate
Authority.
Signing methods for third-party CAs will vary. If you choose to use a
third-party CA, check with that CA for information about how they sign
certificates.

Merging a server certificate into the key ring file


After you merge the CAs certificate as a trusted root and the CA
approves your server certificate request, merge the signed certificate into
the servers key ring file.
From a Domino CA
Note This procedure is the same regardless of whether you are
requesting a server certificate from a Domino server-based certification
authority or a Domino 5 certificate authority.
1. Make sure the CA signed the certificate and you mapped a drive to
the directory that contains the server key ring file.
2. Obtain the server certificate by doing one of the following:
If the CA gave you the URL to use to pick up the certificate in the
Domino Certificate Authority database, browse to the URL
provided in the e-mail.
or
Obtain the pickup ID from the CA, and then do the following:
a. Open the Certificate Requests or Domino 5 Certificate
Authority application with a browser.
b. Click Pick Up Server Certificate.
c. Enter the pickup ID and click Pick Up Signed Certificate.

46-12 Administering the Domino System, Volume 2

4. From the Notes client, open the Server Certificate Admin application.
5. Click Install Certificate into Key Ring.
6. Enter the file name for the key ring that will store this certificate. You
specified this key ring file when you created the server certificate
request.
7. In the Certificate Source field, choose Clipboard. Paste the Clipboard
contents into the next field.
8. Click Merge Certificate into Key Ring.
9. Enter the password for the key ring file, and then click OK to
approve the merge.
10. Configure the SSL port.
From a third-party CA
1. Make sure the CA signed the certificate and you mapped a drive to
the directory that contains the server key ring file.
2. Use the instructions provided by the CA to pick up the certificate. In
most cases, the CA mails the certificate as a file attachment or gives
you a URL to visit to copy and paste the certificate to the Clipboard.
3. From the Notes client, open the Server Certificate Admin application.
4. Click Install Certificate into Key Ring.
5. Enter the file name for the key ring that will store this certificate. You
created this key ring file when you created the server certificate
request.
6. Do one of the following:
If you copied the certificate to the Clipboard, choose Clipboard in
the Certificate Source field. Paste the Clipboard contents into the
next field.
If you received a file attachment that contains the certificate,
detach the file to your hard drive, and then choose File in the
Certificate Source field. Enter the file name in the File name field.
7. Click Merge Certificate into Key Ring.
8. Enter the password for the server key ring file, and then click OK to
approve the merge.
9. Configure the SSL port.

Setting Up SSL on a Domino Server 46-13

Security

3. Highlight the certificate text and copy it to the system Clipboard


(include the Begin Certificate and End Certificate lines).

SSL port configuration


The SSL protocol always provides an encrypted, integrity-checked,
communications channel and authenticated server identity. SSL servers
can be optionally configured to request various forms of client identity
authentication.
You must enable SSL on a protocol-by-protocol basis. Some Internet
protocols do not support client certificate authentication.
To set up a port for SSL authentication, do the following:
1. Configure the port.
2. Determine whether you require users to access the server using only
SSL or both SSL and TCP/IP.
If you are using Internet Site documents, you configure most SSL port
parameters in the Internet Site document for each protocol. However,
you must still configure the following settings in the Server document for
each Internet protocol: TCP/IP port and status, SSL port and status. You
must also specify whether you want to enforce server access settings for
the TCP/IP port of a given protocol.

Using server authentication only


Server authentication encrypts data and authenticates server identity. To
control access to databases on the server by user name, set up
name-and-password authentication. To enable SSL for server
authentication only:

The server must have a certificate from a Domino or third-party CA.

The clients must have the servers CA certificate marked as a trusted


root. Clients can also trust the SSL server certificate directly, by
creating a cross-certificate for it.

If you are using a Notes client, the Notes client must have a
cross-certificate for the server CA or the SSL servers certificate.

For more information on name-and-password authentication, see the


chapter Setting Up Name-and-Password and Anonymous Access to
Domino Servers.

46-14 Administering the Domino System, Volume 2

In addition to the security provided by server authentication, client


certificate authentication verifies the clients identity through the use of
Internet (x.509) client certificates. Using server and client certificate
authentication, you can control access to databases by specifying
individual client user names in the database ACLs. To enable SSL for
client certificate authentication:

Complete the above requirements for server authentication.

The clients must have certificates from a Domino or third-party CA.

The server must have the clients CA certificate marked as a trusted


root.

Each client must have a Person document in the Domino Directory


that contains the SSL public key from the client certificate.

For more information on setting up client authentication, see the chapter


Setting Up Clients for S/MIME and SSL.

Configuring a port for SSL


You can configure a port to use only server authentication or to use both
server and client authentication.
If you are using Internet Site documents, see the chapter Installing and
Setting Up Domino Servers.
To configure a port for SSL in the Server document
1. From the Domino Administrator, click Configuration - Servers, and
open the Server document.
2. Click the Ports - Internet Ports tabs.

Setting Up SSL on a Domino Server 46-15

Security

Using client certificate authentication

3. Complete these fields:


Field

Enter

SSL key file

The file name of the server key ring file that the server uses.
Note Domino does not use this field for IIOP, which uses a
separate key ring file. You cannot change the name of the
IIOP key ring file.

SSL protocol Choose one:


version
V2.0 only to allow only SSL 2.0 connections.
V3.0 handshake to attempt an SSL 3.0 connection. If this
fails and the requester detects SSL 2.0, then attempts to
connect using SSL 2.0.
V3.0 only to allow only SSL 3.0 connections.
V3.0 and V2.0 handshake to attempt an SSL 3.0
connection, but start with an SSL.2.0 handshake, which
displays relevant error messages. Makes an SSL 3.0
connection, if possible.
Negotiated (default) to attempt an SSL 3.0 connection. If it
fails, the server attempts to use SSL 2.0. Use this setting
unless you are having connection problems caused by
incompatible protocol versions.
Note Domino does not use this field for HTTP.
Accept SSL
site
certificates

Choose one:
Yes to allow this server to accept the site certificate and
use SSL to access an Internet server, even if the Domino
server does not have a certificate in common with the
Internet server.
No to not allow this server to accept site certificates.

Choose one:
Accept
expired SSL Yes to allow clients to access the server, even if the client
certificates
certificate is expired.
No to not allow clients to access the server with expired
client certificates.

46-16 Administering the Domino System, Volume 2

Field

Enter

SSL port
number

Enter the port number on which Domino listens for SSL


requests. You configure this here regardless of whether you
are using Internet Sites or the Web Configurations view.
Note If you change the default port number, clients must
change their configurations as well. The default port
number is usually changed only if a firewall proxy uses the
reserved port number.

SSL port
status

Choose Enabled to allow SSL connections on the port. You


configure this here regardless of whether you are using
Internet Sites or the Web Configurations view.
Note Since a Domino server can be either an SMTP server
or an SMTP client, you have two choices for the SSL port
status field. To set up a Domino server as an SSL-enabled
SMTP server, choose Enabled in the SMTP Inbound field.

Client
certificate

Choose one:

Name &
password

Choose one:

Anonymous

Choose one:

No to not use client authentication.


Yes to use client authentication.
SMTP and IIOP do not support client authentication.
No to not use name-and-password authentication.
Yes to use name-and-password authentication.
Yes to allow anonymous access. You must choose Yes if
you want users to connect using server authentication
only.
No to prevent anonymous access.
If you choose Yes for both Anonymous and Client
certificate, Domino first tries to authenticate the client. If
that fails, Domino tries to connect the user anonymously.
If you choose Yes for Anonymous, Client certificate, and
Name & password, Domino first tries to authenticate the
client using the client certificate. If that fails, Domino tries
to use name-and-password authentication. If that fails,
Domino tries to connect the user anonymously.
LDAP must be configured to allow anonymous SSL
connections in order to do name lookups.
IMAP, POP3, and SMTP do not support anonymous access.

Setting Up SSL on a Domino Server 46-17

Security

4. Click the tab for the protocol that you want to configure, and then
complete these fields:

For information on how Domino authenticates clients when


anonymous, client authentication, and name and password are
enabled, see the chapter Setting Up Name and Password and
Anonymous Access to Domino Servers.

Requiring an SSL connection to a server


Require SSL connections when you want to make sure that clients use a
secure connection to access databases on the server. You do this by
redirecting connection requests that come in over the TCP/IP port to the
SSL port. If you do not require an SSL connection, clients can use either
SSL or TCP/IP to connect to the server.
You can set up the redirection of TCP/IP to SSL for the HTTP, IMAP,
and LDAP protocols only. POP3 and SMTP do not support the Redirect
to SSL setting.
You enable Redirect to SSL in one of two ways:

For Domino 6 servers, use a Web Site document for requiring SSL
connections for HTTP clients. For IMAP and LDAP, you do this in
the Server document.

For all protocols on Domino 5 servers, configure this in the Server


document.

To require SSL connections to a server in the Server document


1. From the Domino Administrator, click the Configuration tab, and
open the Server document.
2. Click the Ports - Internet Ports tab.
3. Click the tab for the protocol for which you want to require SSL.
4. In the TCP/IP port status field, select Redirect to SSL.
For individual databases
You can also require clients to use SSL to connect to the server on a
database-by-database basis, by configuring the requirement to connect
with SSL in the database application itself.
1. Start the Notes client.
2. Select the database for which you want to force clients to use SSL.
3. Open the Database Properties box.
4. On the Basics tab, click Web Access: Require SSL connection.

46-18 Administering the Domino System, Volume 2

After you set up SSL on a Domino server, you must give the clients
access to databases on the server.
For anonymous users
If you set up a client for server authentication only, you cannot enter the
users name in a database ACL since the client does not use a user name
to access the server. Instead, you add the entry Anonymous to database
ACLs and design element access lists. If you do not specify Anonymous
access, Domino gives anonymous users -Default- access.
For client authentication
If you set up a client for client and server authentication, you can control
the clients access to databases by adding the clients name to database
ACLs and design element access lists. You must use the first name listed
in the User name field of the Person document for the client. For example,
if a User name field contains the entries Alan Jones/Acme, ajones, Alan,
AJ; add the name Alan Jones/Acme to the ACL and design element
access lists. Alan Jones can authenticate with the server using any of the
names listed, but Domino uses the first name in the User name field to
verify entries in ACL and design element access lists. It is strongly
recommended that the first name be in hierarchical name format.
For more information, see the chapter Controlling User Access to
Domino Databases.

SSL session resumption


SSL session resumption greatly improves performance when using SSL
by recalling information from a previous successful SSL session
negotiation to bypass the most computationally intensive parts of the SSL
session key negotiation. HTTP is the protocol that benefits the most from
SSL session resumption, but other Internet protocols may benefit as well.
By default, the server caches information from the 50 most recently
negotiated sessions. This number can be modified by setting the variable
SSL_RESUMABLE_SESSIONS in the NOTES.INI file. Increasing that
number may improve performance on servers that tend to carry large
numbers of concurrent SSL sessions.
SSL session resumption can be disabled by setting
SSL_RESUMABLE_SESSIONS=1 on the server.
SSL_RESUMABLE_SESSIONS has no effect on the Notes client. The
Notes client will cache the most recent SSL session.
Note You cannot configure SSL sessions to time out and expire.
Setting Up SSL on a Domino Server 46-19

Security

Setting up database access for SSL clients

Managing server certificates and certificate requests


Do the following to manage your server certificates and certificate
requests:

View SSL server certificates

Renew an expired certificate

View requests for certificates

Mark or unmark a CAs certificate as a trusted root

Change the password for the server key ring file

Viewing SSL server certificates


Each SSL server certificate contains this information:

The expiration date. The default trusted roots that come with
Domino do not have expiration dates.

The distinguished name of the server that requested the certificate.

The distinguished name of the CA that signed the certificate.

The size of the public key. The size determines the strength of the
encrypted public key.

To view an SSL server certificate


1. Map a network drive to the directory that contains the key ring file.
2. From the Notes client, open the Server Certificate Admin
(CERTSRV.NSF) application.
3. Click View & Edit Key Rings.
4. Click Choose Key Ring to Display.
5. Enter the name of the key ring file that contains the certificates you
want to view.
6. Enter the password for the key ring file.
7. Do one of these:
To view the server certificate, select a document in the Site
Certificates category.
To view a trusted root certificate, select a document in the
Certification Authorities category.

46-20 Administering the Domino System, Volume 2

After a certificate expires, you can no longer use it to communicate with


servers and clients.
If you obtained a server certificate from a Domino certificate authority,
request a new one.
If you obtained a server certificate from a third-party certificate
authority, you may be able to renew it by submitting a request to the
third-party CAs Web site, which often includes your user name,
password, and a challenge phrase. If it is possible to renew your server
certificate, this information is accepted and you will be prompted to
renew. If you cannot renew your server certificate, you will have to
submit a request for a new one.

Viewing requests for certificates


Server administrators can view information about certificate requests
that they sent to a CA to keep track of the request. The request document
tracks the method used to submit the certificate, date and time of the
request, the key ring file for the certificate, information about the
certificate, and, if used, the e-mail address to which the server
administrator sent the request.
To view certificate requests
1. From the Notes client, open the Server Certificate Admin application.
2. Click View Certificate Request Log.
3. Open the request document.

Marking or unmarking a CAs certificate as a trusted root


Remove a CAs certificate as a trusted root from the server certificate
when you no longer want to communicate with servers and clients that
use certificates signed by that CA.
1. Map a drive to the directory that contains the key ring file.
2. From the Notes client, click the Files tab, and open the Server
Certificate Admin application.
3. Click View & Edit Key Rings.
4. Click Choose Key Ring to Display.
5. Enter the name of the key ring file that contains the certificates you
want to view.
6. Enter the password for the key ring file.

Setting Up SSL on a Domino Server 46-21

Security

Renewing expired certificates

7. In the Certification Authorities category, open the document that


contains the certificate you want to edit.
8. Click one:
Trust This Certificate to mark a certificate as a trusted root.
Do Not Trust This Certificate to unmark a certificate as a trusted
root.
Domino marks the certificate as untrusted but does not remove
the certificate from the database. To delete a certificate
permanently from the key ring file, click Delete. After you delete
the certificate, you cannot recover it. Instead, you must merge the
certificate as a trusted root again.
9. Enter the password for the key ring file.

Changing the password for the server key ring file


1. From the Notes client, click the Files tab, and open the Server
Certificate Admin application.
2. Click View & Edit Key Rings.
3. Click Change Key Ring password.
4. Enter the name of the key ring file, and then click OK.
5. Enter the current password, and then click OK.
6. Enter the new password of at least 12 alphanumeric characters, and
then click OK.

Creating a self-certified certificate to test SSL certification


You can create a self-certified certificate to test the certificate procedure
at your organization. Because this certificate is not certified by a CA, use
it only for testing purposes.
1. From the Notes client, open the Server Certificate Admin application,
and then click Create Key Rings & Certificates.
2. Click Create Key Ring with Self-Certified Certificate.
3. Complete these fields, and then click Create Key Ring with
Self-Certified Certificate:
Field

Enter

Key ring file


name

A file name with the extension .KYR.

Key ring
password

At least 12 case-sensitive, alphanumeric characters.


continued

46-22 Administering the Domino System, Volume 2

Enter

Common name

A descriptive name that identifies the server certificate


such as, Acme SSLCA.

Organization

The name of the organization for example, a


company name, such as Acme.

Organizational
Unit

(Optional) Name of certifier division or department.

City or Locality

(Optional) The organization city or locality.

State or Province Three or more characters that represent the state or


province in which the organization resides for
example, Massachusetts. (For U.S. states, enter the
complete state name, not the abbreviation.)
Country

A two-character representation of the country in which


the organization resides for example, US for United
States or CA for Canada.

4. Copy the key ring file and stash (.STH) file to the Domino data
directory of the server.
5. Configure the port for SSL.
6. Set up database access.

Modifying SSL cipher restrictions


SSL uses public, private, and negotiated session keys. Every SSL certificate
has one pair of keys a public key and private key that are created
when the SSL certificate is generated, and enable certificate owners to
identify themselves over the network and to use S/MIME to encrypt and
sign messages. Certificates contain only the public key. The private key is
kept in the ID file for the Notes client, and is kept in the key ring in the case
of the SSL server.
The session key is negotiated during the handshake the main
purposes of the handshake are to generate the session key and to identify
the server to the client and, optionally, the client to the server. The size of
the session key is determined by the cipher being used. For example, the
cipher RSA_WITH_RC4_128_MD5 uses a 128-bit session key. The cipher
RSA_EXPORT_WITH_DES40_CBC_SHA uses a 40-bit session key.
What ciphers are available are also limited by the size of the servers
public key. The RSA_EXPORT_ ciphers can only be used with 512-bit
RSA keys and smaller. The RSA_EXPORT1024_ ciphers can only be used
with 1024-bit RSA keys and smaller. Ciphers that do not contain the
EXPORT designation do not have any RSA key size restrictions.

Setting Up SSL on a Domino Server 46-23

Security

Field

You can restrict the use of SSL ciphers for Internet protocols. You can
specify the use of a 128-bit cipher only for the HTTP service, for example,
to require users to access a server using a domestic browser version. If no
configuration parameters are set, then there is no restriction on the SSL
ciphers used for that protocol.
There are three ways to configure SSL ciphers, depending on how you
choose to configure Internet protocols on your Domino server:

In an Internet Site document. If you use Internet Site documents, you


can specify a different set of SSL cipher restrictions for each protocol.

Through the Server document. However, if you use the Server


document you can restrict SSL ciphers for HTTP only. You must use
the NOTES.INI variable SSLCipherSpec to restrict ciphers for
protocols other than HTTP.

Through the NOTES.INI variable SSLCipherSpec. All SSL cipher


settings configured in either Site documents or in the Server
document will be superseded by the INI variable.

For information about changing SSL cipher restrictions in Internet Site


documents, see the chapter Installing and Setting Up Domino Servers.
To modify SSL cipher restrictions in the Server document
1. From the Domino Administrator, click Configuration and open the
Server document in the Domino Directory.
2. Click Ports - Internet Ports - Web.
3. In the SSL Ciphers field, click Modify. This displays a list of available
SSL cipher specifications.
4. Select the cipher specification(s), then click OK.
5. Save and close the document.
To modify SSL cipher restrictions using the NOTES.INI file
Use the NOTES.INI setting SSLCipherSpec to specify SSL restrictions for
all protocols. Ciphers are specified by a 2-digit code. You can add as
many ciphers as you need.
For example, to enable 3DES and RC4128SHA ciphers, enter the
following line in the NOTES.INI file:
SSLCipherSpec=050A

where 05 = 3DES and 0A = RC4128SHA.


Caution Using SSLCipherSpec overrides all SSL cipher restrictions in
Internet Site documents and in the Server document.
For more information, see the appendix NOTES.INI File.
46-24 Administering the Domino System, Volume 2

When a Web client authenticates with a server, by default, the server


checks the primary Domino Directory to see if the client certificate exists
in the Person document. If your organization uses a secondary Domino
Directory and/or an LDAP directory to verify client certificates, you can
set up Domino to check those additional directories. To do so, you set up
the secondary Domino and LDAP directories as trusted domains in the
Directory Assistance database.
When you mark the domain as trusted, Domino searches the primary
Domino Directory for the user and then searches the trusted secondary
Domino and LDAP directories. When you set up directory assistance,
you specify the order in which Domino searches the secondary
directories.
In addition, Domino checks the primary Domino Directory and
secondary directories you trust when you add SSL client certificates to
the Domino Directory using the Domino Certificate Authority
application. You cannot, however, add client certificates to an LDAP
directory even if the LDAP directory is set up on a Domino server.
It is recommended that you use SSL to secure information sent between
the server and the LDAP directory server.
For information on adding client certificates to the Domino Directory and
using SSL to secure LDAP directory lookups, see the chapter Setting Up
Clients for S/MIME and SSL.
For information on using SSL for LDAP directory lookups, see the
chapter Setting Up Directory Assistance.
The hierarchical name returned by the Domino Directory or LDAP
directory is checked against the trusted rule in the Directory Assistance
database to verify that the organization and organizational units match
the specified rule. For example, if the user name returned is Dave
Lawson/Acme, the Directory Assistance document must include the rule
*/Acme.
Searching multiple directories is also available for authenticating users
who use name-and-password authentication.
For more information on setting up secondary Domino and LDAP
directory authentication of SSL clients, see the chapter Setting Up
Directory Assistance.

Setting Up SSL on a Domino Server 46-25

Security

Authenticating Web SSL clients in secondary Domino and LDAP


directories

Security

Chapter 47
Setting Up Clients for S/MIME and SSL
This chapter describes how to set up a Notes client to use SSL and send
secure S/MIME messages. It also describes how to set up an Internet
client to use SSL to connect to a Domino server.

SSL and S/MIME for clients


Clients can use a Domino certificate authority (CA) application or a
third-party CA to obtain certificates for secure SSL and S/MIME
communication.

Authenticating clients and servers using SSL


Notes and other Internet clients use the SSL protocol to encrypt data,
authenticate server identity and, optionally, authenticate client identity
when a Notes or other Internet client connects to an Internet server for
example, a Web server or an LDAP server.
On the server, SSL is set up on a protocol-by-protocol basis. You can
enable SSL on all protocols or enable SSL on some protocols but not
others. For example, you can enable SSL on mail protocols (IMAP, POP3,
SMTP) and disable it for HTTP.
Server authentication lets clients verify the identity of the server to which
they are connecting, to make sure that another server is not posing as the
server they want to access.
Client certificate authentication lets server administrators identify the
client accessing the server and control access to applications based on
that identity. For example, if you want Alan Jones to have Editor access
to a database and all others accessing the database to have no access, you
can set up the application database ACL to include Alan Jones as an
Editor and Anonymous as No Access.

47-1

Notes and other Internet clients that use client certificate authentication
have an Internet certificate that is stored in the Notes ID file for Notes
client, and in a local file for Internet clients. The certificate includes a
public key, a name, an expiration date, and a digital signature. The
corresponding private key is stored in the ID file, but is stored separately
from the certificate. For Notes clients, the client certificate is also stored
in the Domino Directory so that others can access the public key.
Notes and Internet clients can obtain Internet certificates from either a
Domino certification authority or a third-party certifier.
How you set up the client depends on whether the server requires client
certificate authentication.
As an administrator, you should carefully consider whether you want to
require client certificate authentication. If you do not need to identify
Internet users who access the server, you do not need to set up client
authentication. In fact, in some cases, requiring an Internet certificate
may deter users from accessing a server for example, a server that
hosts a Web site. If you require an Internet certificate, users need to
perform additional steps to obtain the certificate and set up client
certificate authentication.
Note By enabling the setting Accept SSL Site Certificates in the
Location record, the Notes client can ignore cross-certificates and server
authentication entirely. The user can also choose to create
cross-certificates on the fly when connecting to a server using SSL.

Securing messages with S/MIME


S/MIME is a protocol used by clients to sign mail messages and send
encrypted mail messages over the Internet to users of mail applications
that also support the S/MIME protocol for example, Microsoft
Outlook Express and Netscape Communicator. The Notes client uses the
public key stored in the Internet certificate in the Personal Address Book,
Domino Directory, or LDAP directory to encrypt messages.
Encrypted mail messages cannot be read by unauthorized users while
the message is in transit. Electronically signed messages show that the
person who signed the message had access to the private key associated
with the certificate stored in the signature.
For more information on S/MIME signatures and encryption, see the
chapter Encryption and Electronic Signatures.

47-2 Administering the Domino System, Volume 2

You can set up Notes or other Internet clients for server authentication to
encrypt data and authenticate the server identity when connecting to an
Internet server. You do not need an Internet certificate if you set up a
client for server-only authentication.
On the server, SSL is set up on a protocol-by-protocol basis. You can
choose to enable SSL on all protocols, or enable SSL on some protocols
but not others. For example, you can enable SSL on mail protocols
(IMAP, POP3, SMTP) and disable it for HTTP. You must also enable the
port for anonymous access; otherwise, Domino requires an Internet
certificate or a name and password from the client.
To access an Internet server using SSL, clients must have:

Software, such as a Web browser or a Notes client, that supports SSL.

A trusted root certificate from a Domino or third-party certifier.

(Notes client only) A cross-certificate created using the trusted root


certificate for the Domino or third-party certifier. The trusted root
certificate is no longer necessary after you create a cross-certificate.

Note Secure transactions are indicated by the use of the term https:// in
URLs for SSL-secured sites. A browser user can specify this when
initiating a secure transaction. More likely, the user will navigate to a
login page, where it is necessary to log in with a name and password in
order to access the secure Web page.

Obtaining a trusted root certificate for SSL authentication


The copy of the CAs certificate is called a trusted root certificate. After
obtaining the trusted root certificate and if you are using a Notes
client an Internet cross-certificate for the root certificate, the client will
trust the CA and by extension, any certificates issued by this CA. If you
are setting up server authentication for an Internet client, you add this
trusted root to a local file. If you are setting up server authentication for a
Notes client, you add this trusted root to a Domino Directory that users
can access to generate a cross-certificate in their Personal Address Book.
Notes clients can also obtain a trusted root certificate and cross-certificate
to gain access to the server; however, adding the trusted root certificate to
the Domino Directory simplifies the process of setting up server
authentication for users.

Setting Up Clients for S/MIME and SSL 47-3

Security

Setting up Notes and Internet clients for SSL authentication

Note A users can accept certificates automatically, without having to


obtain the roots or cross-certificates, by enabling the option Accept site
certificates in the location document for the Notes client. However,
accepting certificates from unknown servers is a security risk. If a user
doesnt know the sources of the certificates being accepted, it is possible
to accept certificates from malicious sources.
To obtain a trusted root certificate for a Notes client
1. Make sure that you have a trusted root certificate for the CA. In the
Domino Administrator, click Configuration - Certificates Certificates, and view the certificate in the Internet Certifiers
category.
2. Instruct clients to complete the procedure Creating an Internet
cross-certificate for a CA.
To obtain a trusted root certificate for an Internet client
You can use the following procedures to obtain a trusted root certificate
for an Internet client.
If the trusted root certificate is for a Domino CA, the Internet client
performs these steps:
1. Browse to the Domino Certificate Requests (for Domino 6) or
Certificate Authority (Domino 5) application.
2. Select Accept This Authority In Your Browser.
Note If you use an SSL connection to browse to the application, the
server prompts you to accept the site certificate. Check the CA properties
to make sure that the certificate that is presented is from a source you
trust before accepting the certificate as a trusted root.
If the trusted root certificate is for a third-party CA, the Internet client
follows the third-party CAs established procedure to merge the trusted
root certificate for the CA. If both the client and server have certificates
issued from the CA or already have a CA in common, then this step is
not necessary.

Creating an Internet cross-certificate for a CA


Before a Notes client can authenticate servers or send secure S/MIME
messages, the client must first create a cross-certificate for the CA server
and store it in the Personal Address Book. This allows the Notes client to
trust servers or clients that have certificates issued by that CA. The client
uses a trusted root certificate to create the cross-certificate. Once the
cross-certificate is created, the client no longer needs the trusted root
certificate.

47-4 Administering the Domino System, Volume 2

A Notes client can also create a cross-certificate for a server or client;


however, this allows the Notes client to trust only that server or client.
The Notes client does not then trust other servers and clients with
certificates issued by a CA.
To create an Internet cross-certificate
1. Make sure the CA created a trusted root certificate in the Domino
Directory.
2. Instruct clients to retrieve an Internet cross-certificate through the
User Security dialog box.
For information on how Notes users can retrieve Internet
cross-certificates, see Lotus Notes 6 Help.
To view Internet cross-certificates
Notes users can view the Internet cross-certificates contained in their
Personal Address Book.
For information on how Notes users can see their Internet
cross-certificates, see Lotus Notes 6 Help.

Internet certificates for SSL and S/MIME


Before Internet and Notes clients can use client authentication or send
signed mail, they must have an Internet certificate. To send encrypted
mail using S/MIME, they must have the recipients Internet certificate.
You need to complete these steps for Internet and Notes clients who are
creating new public and private keys for the Internet certificate. You do
not need to complete these steps if you are using a Notes client and the
CA issued certificates in the Person document of the Domino Directory.
Notes automatically adds Internet certificates stored in the Person
document to the Notes ID file when the user authenticates with the
server.
You can also set up Notes clients to use different certificates for signing
and encryption. You designate one Internet certificate authentication and
signing, and another for encryption.
For more information, see the topic Dual Internet certificates for
S/MIME encryption and signatures later in this chapter.

Setting Up Clients for S/MIME and SSL 47-5

Security

SSL server authentication for Internet clients other than Notes does not
require a cross-certificate.

To obtain an Internet certificate for a Notes client


The procedure that Notes clients follow to request an Internet certificate
is same whether a Domino CA or third-party CA is issuing the
certificates.
1. Have users request an Internet certificate.
2. The CA approves the request, and Domino automatically adds the
clients Internet certificate to the users Person document.
3. Have users merge the Internet certificate into their ID file.
For information on how Notes users request and merge Internet
certificates, see Lotus Notes 6 Help.
You can also issue Internet certificates for Notes clients without requiring
them to submit an Internet certificate request. See the topic Issuing
Internet certificates in a Person document later in this chapter.

To obtain an Internet certificate for an Internet client


The procedure you follow to request an Internet certificate depends on
whether you want to request a certificate from a Domino CA or a
third-party CA.
Domino CA
1. If you are using a Domino server-based certification authority,
browse to the Certificate Request application. If you are using a
Domino 5 certificate authority, browse to the Domino Certificate
Authority application.
If you use Microsoft Internet Explorer, use HTTP without SSL to
connect to the Certificate Authority application. Internet Explorer
does not allow you to accept site certificates into your browser.
If you use Netscape, use SSL to connect to the Domino Certificate
Authority application. When the browser asks whether you want
to accept the server certificate as a trusted root, follow the steps
provided by the browser to accept the certificate.
2. Click Request Client Certificate in the left pane.
3. Enter your name and organizational information. This information
will appear on your Internet certificate.
4. Enter any additional contact information that you want to send to the
CA.
5. Enter the size for the public and private keys. The larger the number,
the stronger the encryption.
6. Click Submit Certificate Request to send the request to the CA.
47-6 Administering the Domino System, Volume 2

Signing an Internet client certificate and adding the certificate to the


Domino Directory
When a CA signs an Internet client certificate, the CA adds a digital
signature to the certificate and, if you are using a Domino CA, adds the
public key to the Domino Directory. If you are using a third-party CA,
you must complete additional steps to add the public key to the Domino
Directory.
You do not need to complete these steps if you are using a Notes client
and the CA issued certificates in the Person document of the Domino
Directory. Notes automatically adds Internet certificates stored in the
Person document to the Notes ID file when the user authenticates with
the server.
The steps you follow to sign and add an Internet client certificate to the
Domino Directory depend on whether the certificate is issued from a
Domino server-based certification authority, a Domino 5 Certificate
Authority, or a third-party CA.
Before you approve client certificates for signing:

Make sure you understand your organizations policy on signing


certificates. Sign client certificates for clients if the certificate requests
comply with your organizations security policy.

Make sure you have the Administration Process set up on the server.
If you are signing a certificate for an Internet client, make sure you
created a Person document.

Domino server-based certification authority


The steps are completed by the Domino CA. You must be a registration
authority (RA) to approve client certificates for signing.
1. From the Domino Administrator, click Files, and open the Domino
Certificate Requests application.
2. Transfer the certificate request into the Administration Requests
database.
a. In the Certificate Requests database, open the
Pending/Submitted Requests view. Press F9 to refresh the view
if the client request does not appear there.

Setting Up Clients for S/MIME and SSL 47-7

Security

Third-party CA
The third-party CA determines how you request an Internet certificate.
Browse to the third-party CAs site, and enter the certificate request. A
dialog box appears that allows you to request the certificate.

b. If the view shows that the request has been Submitted to


Administration Process, go to the next step. If it is still in the
Pending state, highlight the request and click Submit Selected
Requests.
c. You should see a Successfully submitted 1 request(s) to the
Administration Process message. Click OK.
3. Approve or deny the request.
a. Open the Administration Requests database (ADMIN4.NSF),
open the Certification Authority Requests/Certificate Requests
view, and find the new client request.
b. Open the request and verify the information in it.
c. Click Edit Request, and then click Approve Request or Reject
Request. Press F9 to make sure that the request changes state,
from New to Approved (or Rejected).
4. Transfer the certificate request out of the Administration Requests
database.
a. Close the Administration Requests database and return to the
Certificate Requests database.
b. Open the Issued/Rejected Certificates view and locate the client
request (you may need to refresh the view).
5. Notify the user who requested the client certificate.
a. If you enabled the option for e-mail confirmation upon
completion of the client request, then the once, the CA
automatically notifies the requester to pick up the certificate. If it
is denied, it sends the requester e-mail indicating that the request
was rejected.
b. If you did not enable the option for e-mail confirmation upon
completion of the client request, then you need to click Send
Confirmation Mail to notify the requester of the outcome.
Note If the Certificate Requests database is configured for automatic
request processing, then client requests are sent to the Administration
Requests database automatically by the database. The Registration
Authority only to approve or reject the request.
Domino 5 Certificate Authority
The Internet certificate request appears in the Client Certificate Requests
view in the Domino Certificate Authority application. When the CA signs
a certificate, the CA can automatically send e-mail to the client. This
e-mail describes where to pick up the certificate and includes a pickup
ID, which the client must use to identify the certificate during the pickup
process. Domino automatically generates the pickup ID.
47-8 Administering the Domino System, Volume 2

1. From the Domino Administrator, click Files, and open the Domino
Certificate Authority application.
2. Click Client Certificate Requests in the left pane.
3. Open the request you want to sign.
4. Review the user information and distinguished name. Make sure the
information provided complies with your organizations security
policy.
5. Leave the option Register certificate in the Domino Directory
selected to add the clients public key automatically to the Person
document.
If you want to deny the request, complete step 6. Otherwise, go to
step 7.
6. To deny the request:
a. Enter a reason for the denied request.
b. If you do not want to send the person e-mail, deselect Send a
notification e-mail to the requester; otherwise, the Domino
Certificate Authority application sends the person e-mail
indicating that you denied the request and the reason why you
denied the request.
c. Click Deny.
7. To approve the request:
a. Enter a validity period. For short-term projects, 90 days is typical;
for ongoing projects, you can enter several years.
b. If you do not want to send the client e-mail indicating that the
client can now pick up the certificate, deselect Send a
notification e-mail to the requester; otherwise, the Domino
Certificate Authority application sends an e-mail with a URL
indicating the location to pick up the certificate.
c. Click Approve and enter the password for the CA key ring file.
This places a request in the Administration Requests database.
When the Administration Process next runs, it processes the
request and adds the certificate to the clients Person document
in the Domino Directory.
Note The client cannot use the certificate to authenticate against
database ACLs until the Administration Process completes the
request.

Setting Up Clients for S/MIME and SSL 47-9

Security

Note The steps below apply to signing client certificates issued by a


Domino CA. The steps are completed by the Domino CA.

Third-party CA
If a user obtains an Internet certificate from a third-party CA using the
Notes client, the certificate is automatically added to their Person
document.
If a user obtains an Internet certificate from a third-party CA through a
browser, the certificate must then be added to their Person document.
For more information, see the topic Publishing third-party CA client
certificates in a Person record later in this chapter.

Issuing Internet certificates in a Person document


If you need to issue Internet certificates for Notes clients and you do not
want to require each user to submit an Internet certificate request and
merge the certificate into the ID file, you can issue the Internet certificate
using the existing public and private keys in the Notes ID file and add it
to the users Person document. Using the Domino Directory to issue
Internet certificates simplifies the process of distributing Internet
certificates to users.
The server on which you issue Internet certificates must be set up for the
Administration Process, and the users must have an Internet address
specified in their Person documents. In addition, you must add Internet
certificates that are created using a Domino certifier.
To issue an Internet certificate in a Person document
1. Make sure you have the Administration Process set up on the server.
2. From the Domino Administrator, click People & Groups.
3. Select the names of the users who need Internet certificates.
4. Choose Actions - Add Internet Cert to Selected People.
5. Check to make sure that the name of the correct registration server
appears at the top of the dialog box next to the Server button. If it
does not, click Server to choose the correct registration server.
6. Choose whether to supply the certifier key ring file and password, or
to use the CA process.
If you choose to supply the certifier key ring file and password,
select the CAs key ring file, and when prompted, enter the
password.
If you choose to use the CA process, choose a certifier from the
drop-down list.
7. In the Add Internet Certificates to Selected Entries dialog box,
confirm that the expiration date is valid. If not, enter the correct date.
8. Click Certify.
47-10 Administering the Domino System, Volume 2

If you chose to provide a certifier ID, Domino creates a certificate for


each selected user and stores it in an Add Internet Certificate to
Person Record request in the Administration Request database.
If you chose to use the CA process, a certificate request is created in
the Administration Request database for each selected user. When
the CA processes the request, it creates the Add Internet Certificate
to Person Record request.
a. When the Administration Request database replicates with the
Domino Directorys administration server, the Administration
Process places the certificate in the users Person document.
b. After the Domino Directory replicates with the users mail server
and the user subsequently accesses the mail server, Notes
recognizes there is a certificate in the Domino Directory that is
not in the users ID file. Notes automatically places the Internet
certificate in the users ID file.

Exporting and importing Internet certificates


Users can only use Internet certificates in the browser in which they
requested them. However, you can export Internet certificates from a
Person document and make them available to other users. You can also
import others Internet certificates into Person documents in the Domino
Directory. You can also import and export Internet certificates for use
between other Internet applications, such as Microsoft Outlook.
To export an Internet certificate from a Person document
1. From the Domino Administrator, click People & Groups, and open
the People view.
2. Open the Person document from which you want to export Internet
certificates.
3. Click Action - Export Internet Certificates.
4. In the Export Internet Certificates dialog box, select the certificate
that you want to export from the list box and click OK.
5. In the Select Export File Format dialog box, choose the file format in
which to save the exported certificate, and click OK. The default is
PKCS 12 encoded.
6. In the Export Options dialog box, enter a user-friendly name for the
exported file. Domino will suggest a default name.

Setting Up Clients for S/MIME and SSL 47-11

Security

9. The certifier processes the request.

7. In the Password for Export File Containing Internet Certificates,


enter a password to protect the export file. If you choose not to
assign a password to this file, click No Password. However, it is
highly recommended that you assign a password to protect this
information.
8. In the Specify Export File dialog box, choose the directory path and
file name for the file that contains the exported certificates, and click
OK. The certificates are successfully exported to the specified file.
9. Note the file name and password of the exported file for future
reference.
To import an Internet certificate into a Person document
1. From the Domino Administrator, click People & Groups, and open
the People view.
2. Open the Person document for which you want to import Internet
certificates.
3. Click Action - Import Internet Certificates.
4. In the Specify Export File dialog box, choose the directory path and
file name for the file that contains the exported certificates, and click
OK. Note that the file may not appear with the assigned file
extension. It is recommended that you choose the all files option in
the Files of type field to ensure that the exported files are
displayed in the file selection list box.
5. In the Select Import File Format dialog box, choose the file format in
which to save the imported Internet certificate, and click OK. The
default is PKCS 12 encoded.
6. In the Enter Password dialog box, enter the file password.
7. In the Import Internet Certificates dialog box, choose the Internet
certificate that you want to import, if there is more than one. Or you
can click Accept All to import all certificates in the file.

Viewing and deleting Internet certificates


When you no longer want an Internet client to use SSL client
authentication to access a Domino server or a Notes client to send
S/MIME encrypted mail to a specified recipient, delete the Internet
certificate from the Internet clients Person document or the specified
recipients Person document in the Domino Directory. The client still has
the Internet certificate, but without the Internet certificate in the Person
document, the Internet client cannot use client authentication to access a
Domino server, and the Notes client cannot send S/MIME encrypted
mail to the specified recipient.

47-12 Administering the Domino System, Volume 2

You can also view information about Internet certificates in the Domino
Directory.
To view or delete an Internet certificate
1. From the Domino Administrator, click People & Groups, and edit the
Person document for the Internet user whose certificate you want to
view or delete.
2. Click Examine Internet Certificate(s).
3. To delete the Internet certificate, select the certificate and click
Delete. Note that the certificate will remain displayed until you exit
or save the document.

Setting up Notes clients for S/MIME


You can set up a Notes client to use S/MIME encryption and electronic
signatures when sending mail to other users of mail applications that
support S/MIME.
For information on selecting MIME format for sent mail, see the chapter
Encryption and Electronic Signatures.
Setting up Notes clients to send encrypted messages
Notes clients need the following to send encrypted messages:

The recipients Internet certificate stored in the Personal Address


Book, Domino Directory, or LDAP directory. If the Internet certificate
is stored in a Domino Directory in another domain or in an LDAP
directory, the directory needs to be accessible using directory
assistance.

A cross-certificate issued for either the recipient or the CA that


issued the recipients Internet certificate. This cross-certificate must
be stored in the clients Personal Address Book.
Note It is not necessary to have the cross-certificate prior to sending
S/MIME encrypted mail. Users will be prompted to generate the
cross-certificate when they try to send the message.

For more information, see the topic Adding a recipients Internet


certificate and cross-certificate for encrypted S/MIME messages later in
this chapter.

Setting Up Clients for S/MIME and SSL 47-13

Security

An Internet client can still access the Domino server anonymously if you
have anonymous access set up on the server, or use name-and-password
authentication to access the server. A Notes client can still send
unencrypted mail messages to the user.

Setting up Notes clients to decrypt encrypted messages and send


signed messages
To decrypt sent messages and send signed messages, Notes clients need
an Internet certificate stored in the Notes ID file.
For more information, see the topic Creating Internet certificates for
Notes S/MIME clients later in this chapter.
Setting up Notes clients to verify signed messages
To verify the signature on a signed message, Notes clients need a
cross-certificate issued for either the sender of the message or the CA that
issued the senders Internet certificate. This cross-certificate must be
stored in the clients Personal Address Book.
For information on creating cross-certificates, see the topic Creating an
Internet cross-certificate for a CA later in this chapter.

Creating Internet certificates for Notes S/MIME clients


The procedure you complete to create Internet certificates is the same,
whether you use Domino or a third-party CA to issue the certificates.
To set up Notes clients with certificates for S/MIME
The CA and client complete these steps to add a Domino Internet
certificate to the Notes ID file. A Notes client can use one Internet
certificate or use dual Internet certificates for S/MIME encryption and
signatures.
1. Before issuing certificates, the CA must determine if Internet
certificates should be created using the existing public and private
keys from the Notes ID file or if the CA wants to issue certificates
based on new keys generated from a browser certificate request. If
clients use a browser that supports PKCS #12, clients can also import
an existing Internet certificate into the Notes ID file. Depending on
the environment, the administrator may choose to use a combination
of these options for different users.
For more information on importing Internet certificates in a Notes
client, see Lotus Notes 6 Help.
2. The CA adds a trusted root certificate to a Domino Directory that the
client can access.
The client can also add a trusted root certificate to the Personal
Address Book; however, adding a trusted root certificate to the
Domino Directory simplifies the process of setting up Notes clients
for S/MIME because the trusted root is accessible to many clients.
3. The client creates a cross-certificate using the trusted root certificate
for the CA and stores it in the Personal Address Book.
47-14 Administering the Domino System, Volume 2

a. The CA adds an Internet certificate to the Person document.


b. The client authenticates with the home server. Notes
automatically merges the Internet certificate into the ID file.
5. To use new public and private keys to create an Internet certificate,
do the following:
a. The client requests the Internet certificate from the CA.
b. The CA approves the request, and Domino automatically adds
the clients Internet certificate to the users Person document.
c. The client merges the Internet certificate into the ID file.
For more information on how Notes clients merge Internet certificates
into their ID files, see Lotus Notes 6 Help.

Adding an Internet certificate and cross-certificate for encrypted


S/MIME messages
To send an S/MIME-encrypted message, the sender must have the
recipients Internet certificate in the Personal Address Book, Domino
Directory, or LDAP directory. The sender must also have a
cross-certificate issued for the recipient or for the certifier who issued the
recipients Internet certificate. If a cross-certificate is issued for a
recipients Internet certificate, only messages to that recipient can be
encrypted. If a cross-certificate is issued to the recipients CA, you can
send encrypted messages to all recipients who have certificates issued by
that CA, if you have the recipients Internet certificates.
If the Internet certificate is stored in a Domino Directory in another
domain or in an LDAP directory, the directory needs to be accessible
using directory assistance.
To add an Internet certificate and cross-certificate for encrypted
S/MIME messages
1. The recipient must send an S/MIME signed message to you.
For information on signing mail, see Lotus Notes 6 Help.

Setting Up Clients for S/MIME and SSL 47-15

Security

4. To create a certificate using the existing public and private keys in


the Notes ID file, do the following:

2. When you open the signed message, Notes asks if you want to add a
cross-certificate if you do not already have a cross-certificate issued
for either the author or the CA who issued the certificate to the
author. Complete these fields and then click Cross Certify:
Field

Enter

Certifier

The certifier ID that is cross-certifying the


certificate. By default, the certifier is your ID. If
you have access, you can choose an ID that is
higher in the hierarchical name scheme.

Server

The registration server that holds the


cross-certificate that is created. By default, it is
stored locally in your Personal Address Book. Do
not change this setting, since the cross-certificate
must be stored in your Personal Address Book in
order to validate the Internet certificate of the
person to whom you are sending an encrypted
message.

Subject name

The certificate that is being cross-certified. You


can choose to cross-certify the sender of the
signed message or you can cross-certify the CA
that issued the certificate to the sender. If a
cross-certificate is issued to the sender of the
signed message, you can encrypt messages to
only that person. If a cross-certificate is issued to
the senders CA, you can send encrypted
messages to anyone who has an Internet
certificate issued by that CA and for whom you
have an Internet certificate.

Subject alternate name


list

Alternate names attached to the ID, if any.

Expiration date

The date that the cross-certificate expires.

3. To add the authors Internet certificate to the Personal Address Book,


choose Tools - Add Sender to Address Book. Notes creates a Contact
document for the person and adds an Internet certificate to the
document.
For information on adding an Internet certificate and cross-certificate
when users have dual certificates, see the topic Dual Internet certificates
for S/MIME encryption and signatures later in this chapter.

47-16 Administering the Domino System, Volume 2

You can add two Internet certificates to your Notes ID file and then use
one certificate for S/MIME encryption and another for S/MIME
signatures and SSL client authentication. Doing so lets you maintain
separate public and private key pairs for encryption and electronic
signatures and SSL client authentication.

Adding multiple certificates


To add multiple Internet certificates to your Notes ID file when the
certificates are issued by different CAs, follow the procedure provided
by the CA. If the Internet certificates you want to add are issued by the
same CA, add one of the certificates by following the CAs procedure
and add the second certificate by importing it into the ID file. If you try
to add multiple Internet certificates issued by the same CA and you do
not import the certificate, Notes uses the last certificate added to the ID
file for S/MIME encryption and signatures.
For information on importing certificates, see Lotus Notes 6 Help.

Specifying the default signing certificate


Once the Internet certificates are added to the ID file, you can specify a
default certificate to use for S/MIME signatures. You specify this
certificate in the User Security dialog box. If the Internet certificate you
select is used for both signatures and encryption, then Notes uses this
certificate as the default for signatures and encryption. Otherwise, Notes
uses the Internet certificate you specify for signatures and the last
Internet certificate added to the Notes ID file for encryption. The default
signing certificate is also the certificate used for SSL client authentication.
For information on specifying a default signing certificate, see Lotus
Notes 6 Help.

Adding an Internet certificate to the Personal Address Book


If you send a signed message and you have two different certificates for
signatures and encryption, Notes sends the recipient the default Internet
certificates used for encryption and signatures. When the recipient
chooses Tools - Add Sender to Address Book, Notes adds a Contact
document and adds the Internet certificates for encryption and
signatures to the Contact document. When you send an encrypted
message, Notes extracts only the Internet certificate for encryption from
the Contact document.

Setting Up Clients for S/MIME and SSL 47-17

Security

Dual Internet certificates for S/MIME encryption and signatures

Adding a cross-certificate on demand


When a recipient receives a signed message, Notes checks the Personal
Address Book for a cross-certificate that indicates that the signing
certificate included with the message is trusted. If the cross-certificate is
not present, Notes displays a dialog box that allows the recipient to
cross-certify on demand. You can create a cross-certificate to either the
leaf certificate or to the CA. Creating a cross-certificate to a leaf certificate
indicates trust for only the owner of the certificate, in this case the sender
of the signed message. A cross-certificate to a CA indicates trust for all
people who have a certificate issued by that CA.
When you cross-certify on demand, Notes creates a cross-certificate for
the signing certificate, but does not create a cross-certificate for the
encryption certificate. However, if the signing and encryption certificates
are issued from the same CA and you create a cross-certificate for the
CA, the cross-certificate created for the signing certificate can also be
used to validate the encryption certificate. If the signing and encryption
certificates are issued from different CAs, then you must create a
cross-certificate for the CA that issued the encryption certificate before
you can send an encrypted message.
For more information on adding an Internet certificate and creating a
cross-certificate on demand, see the topic Adding a recipients Internet
certificate and cross-certificate for encrypted S/MIME messages in this
chapter.

Setting up Notes and Internet clients for SSL client authentication


You can set up a Notes or Internet client for client authentication with a
server. You cannot use client authentication for SMTP and IIOP
connections. For SSL client authentication, the Notes or Internet client
must have:

An Internet certificate issued by a Domino or third-party certifier.

A trusted root certificate for a Domino or third-party certifier.

(Notes clients only) A cross-certificate for the Domino or third-party


certifier created from the trusted root certificate. The trusted root
certificate is not necessary for Notes clients after you create the
cross-certificate.

Software, such as a Web browser or a Notes workstation, that


supports the use of SSL.

47-18 Administering the Domino System, Volume 2

To set up Notes clients with certificates issued by a Domino CA


The CA and client complete these steps.
1. Before issuing certificates, the CA must determine if Internet
certificates should be created using the existing public and private
keys from the Notes ID file or if the CA wants to issue certificates
based on new keys generated from a browser certificate request. If
clients use a browser that supports PKCS #12, clients can also import
an existing Internet certificate into the Notes ID file. Depending on
the environment, the administrator may choose to use a combination
of these options for different users.
2. The CA adds a trusted root certificate to a Domino Directory that the
client can access.
The client can also add a trusted root certificate to the Personal
Address Book; however, adding a trusted root certificate simplifies
the process of setting up Notes clients for SSL because the trusted
root is accessible to many clients.
3. The client creates a cross-certificate using the trusted root certificate
for the CA and stores it in the Personal Address Book.
4. To create a certificate using the existing public and private keys in
the Notes ID file:
a. The CA adds an Internet certificate to the Person document.
b. The client authenticates with the home server. Notes
automatically adds the Internet certificate to the ID file.
5. To use new public and private keys to create an Internet certificate,
do the following:
a. The client requests the Internet certificate from the CA.
b. The CA approves the request, and Domino automatically adds
the clients public key to the users Person document.
c. The client merges the certificate into the ID file.
d. The CA adds an Internet certificate to the users Person
document.

Setting Up Clients for S/MIME and SSL 47-19

Security

If an LDAP client supports the Simple Authentication and Security Layer


protocol (SASL), Domino automatically uses this protocol when the client
uses SSL client authentication to connect to the server. SASL is not
supported for TCP/IP connections or SSL connections with only server
authentication.

To set up Internet clients with certificates issued by a Domino CA


1. The CA administrator creates a Person document for the Internet
client.
2. The client obtains the trusted root certificate for the servers CA.
3. The client requests the Internet certificate from the CA.
4. The CA approves the request, and Domino automatically adds the
clients public key to the users Person document.
5. The client merges the certificate into the local file.
To set up Notes and Internet clients with certificates issued by a
third-party CA
The CA and client complete these steps.
1. (Internet clients only) The CA administrator creates a Person
document for the client.
2. Using any browser, the client follows the third-party CAs
established procedure to request and merge the Internet certificate.
For example, to obtain an Internet certificate from VeriSign, visit the
site http://digitalid.verisign.com and follow the instructions
provided.
3. The Internet client follows the third-party CAs established
procedure to merge the trusted root certificate for the CA.
4. The CA adds the clients public key to the Person document.

Setting up a Person document for an Internet user using SSL client


authentication
In the Domino Directory on your Domino server, set up a Person
document for Internet clients using SSL client authentication to connect
to a Domino server. The Person document for the user stores the users
Internet certificate, which is used to verify the users identity. The Person
document also lists the names that a Domino server can use to
authenticate an Internet user. When an Internet user tries to connect to a
server, Domino looks for the Internet certificate name in the User name
field in the users Person document. Domino compares the Internet
certificate presented with the one stored in the Person document. The
comparison lets Domino authenticate the user, even if there are multiple
users with the same name, since each users public key is unique. If
Domino finds a match and the public key is valid, then the first name
listed in the User name field is used to check database ACLs and design
element access lists.

47-20 Administering the Domino System, Volume 2

For more information, see the chapter Controlling User Access to


Domino Databases.
To set up a Person document
1. Create a new Person document in the Domino Directory.
2. Enter the clients first, middle, and last names in the First name,
Middle initial, and Last name fields.
3. Enter the clients common name on the certificate in the User name
field.
4. (Optional) Enter additional information about the client in the
Work/Home tab.
5. Save the document.
Tip If the client wants to authenticate with a Domino server in another
domain, add the users Person document to the Domino Directory for
that domain. Make sure you set up directory assistance so Domino can
find the client in the Domino Directory for the domain.
For information on setting up directory assistance, see the chapter
Setting Up Directory Assistance.

Publishing third-party CA client certificates in a Person record


Notes and Internet users who have a client certificate from a third-party
certifer may want to have this certificate published in their Person record
so that, if a user authenticates with a Domino server over SSL with that
certificate, Domino will be able to determine the users Notes identity.
The server can the use the Notes identity to check server database ACLs
to determine the users access to those databases. If the certificate with
which a user authenticates isnt in a Person document, Domino gives the
user anonymous access, even though the user has authenticated using
SSL authentication.
To publish a third-party client certificate in a users Person record, use
the Certificate Publications Request database. Clients submit certificate
publication requests to the database, where they are approved by an
administrator. After a request is approved, a publication request is

Setting Up Clients for S/MIME and SSL 47-21

Security

For example, if the User name field contains these entries: Alan Jones,
AJones, Alan, Al Jones and the client uses the name Al Jones to access the
server, Domino authenticates the user, verifies that the public key
presented matches the public key in the Person document, and uses the
name Alan Jones to check database ACLs and design element access lists.

created automatically in the Administration Process database. When the


request is completed, the third-party client certificate is published in the
requesters Person record.
In order to use this database, the server on which it is hosted must:

Be configured for SSL, accepting both client certificates and


anonymous access

Have trusted root certificates installed in its server key ring for any
certifier whose certificates you want to accept for publication

In order for users to make a publication request, they must be able to


authenticate to the Certificate Publications database with the certificate
they want to have published.
Note The user does not have to have a Person document in the Domino
Directory to make a publication request. The administrator can create a
Person document once the request has been entered, and it has been
decided that the certificates owner can be trusted.
To create the Certificate Publications Request database
1. From the Domino Administrator, click File - Database - New.
2. Create a new database using the Domino Certificate Publications
Request template (CERTPUB.NTF).
To publish a third party CA client certificate in a Person record
1. The client opens the Certificate Publications Request database using a
browser, completes the Certificate Registration Request form, and
submits it.
2. The administrator approves or denies the publication requests in the
Waiting for Approval view.
3. If the request is approved, it is submitted to the Administration
Process and the client certificate is published in the requesters
Person record.

Setting up SSL for Notes or Domino using SMTP


A Notes client or Domino server can act as an SMTP client when routing
mail to an SMTP server. The Notes client or Domino server can use SSL
to connect to a Domino server running the SMTP service or to another
type of SMTP server. You cannot set up a Notes client or Domino server
for SSL client authentication when connecting using SMTP.
For more information on SMTP, see the chapter Setting Up Mail
Routing.

47-22 Administering the Domino System, Volume 2

For information on setting up a Notes client to use SSL to connect to an


SMTP server, see Lotus Notes 6 Help. Or got to www.lotus.com/ldd/doc
to download or view Lotus Notes 6 Help.
To set up SSL for a Domino server routing mail to an SMTP server
1. From the Domino Administrator, click the Configuration tab, and
open the Server document.
2. Select the Ports - Internet Ports - Mail tab.
3. In the SMTP Outbound column, select Disabled in the TCP/IP port
status field.
Note If you do not select Disabled in the TCP/IP port status field,
Domino always connects to the SMTP server without using SSL.
4. In the SMTP Outbound column, select Enabled in the SSL port status
field.
5. Save and close the document.
6. Add the trusted root certificate for the CA of the SMTP server.

Using SSL when setting up directory assistance for LDAP directories


Directory assistance allows you to extend directory services from a
servers primary Domino Directory to other Notes directories, such as
secondary Domino Directories, and to remote LDAP directories. To set
up directory assistance, you create a directory assistance database from
the DA50.NTF template, and then create Directory Assistance documents
in the database to configure services for specific directories.
When setting up directory assistance for an LDAP directory, you can
instruct a Domino server to use SSL when connecting to the LDAP
directory server. This helps secure communications between the Domino
server and the LDAP server. You should use SSL if a Domino server uses
the remote LDAP directory to authenticate Internet clients, or to look up
groups for database authorization.

Setting Up Clients for S/MIME and SSL 47-23

Security

If you do not have the servers CA marked as a trusted root in the server
key ring file for the Domino server, Domino automatically adds the
certificate and logs the condition in the log file. Other Internet protocols
do not allow users to proceed unless they have the servers CA marked
as a trusted root. You should, however, mark the CA certificate as a
trusted root instead of automatically adding the trusted root to ensure
that the trusted root you receive is valid.

When a Domino server uses SSL to connect to an LDAP directory server,


both servers must have certificates trusted by the other. If this is not the
case, you must add a trusted root certificate to the servers key ring file
before your server can connect to the LDAP server.
For more information on directory assistance for LDAP, see the chapter
Setting Up Directory Assistance.
For more information on adding a trusted root certificate, see the chapter
Setting Up SSL on a Domino Server.

47-24 Administering the Domino System, Volume 2

Chapter 48
Rolling Out Databases

Database design, management, and administration


The tasks involved with application design, database design, database
management, and Lotus Domino system administration may overlap,
depending on the size of your organization and the structure of job
responsibilities. In some organizations, an application developer may be
responsible for both application and database design, while in others, a
database manager may handle all database design and management
tasks. In addition, database management overlaps with Domino system
administration.
Therefore, depending on your organization, make sure you work closely
with the people who are responsible for design, management, and
administration tasks. For example, controlling user access is primarily a
Domino system administrators responsibility, yet the application
developer may determine these access levels because they are often
integral to the database design. If design changes are necessary after a
database is in production, be sure to:

Work with the application developer or database designer to


implement and coordinate design changes

Consider server resources and the connections between servers when


putting databases on servers

For more information on designing or redesigning databases, see the


Release Notes and the book Application Development with Domino Designer.

Rolling out a database


The following tables list mandatory and optional tasks for a Domino
administrator to complete before putting a database into production. You
must have Manager access in a database access control list (ACL) to
perform these tasks.
48-1

Database Management

This chapter describes the tasks involved in rolling out a database for
production after it has been designed. Be sure to test the database
application thoroughly before announcing its location to users.

Mandatory tasks
Perform these tasks before copying a new database or database replica to
a production server.
Task

Considerations

Set up the database ACL If you plan to make replicas of a database, make sure
for users and servers that that the database ACL lists the name of each server
containing a replica. If the database uses roles,
require access
assign all roles to each server.
If you assign ACL settings on the original database
before copying it to a server, assign yourself
Manager access on the original. Otherwise, you
wont have Manager access to the new copy.
Verify that server ACLs
are set up correctly

Without proper access in a server ACL, users and


servers wont have access to databases on the server.

Verify that the Domino


Directory contains the
necessary Group
documents

Create a Group document in the Domino Directory


before adding a Group name in a database ACL. If
you must create a Group, make sure that the Group
document replicates before you copy the database to
a server.

Copy the new database


to a server

Consider server disk space, topology, and network


protocols. Placing a database on a cluster requires
that you consider cluster resources.

Verify that the database


appears in the Open
Database dialog box

While designing a database, the database designer


often removes the database title from the list that
appears in the Open Database dialog box. This
deters users from opening the database. After the
database is completed, make sure that the database
title appears in the Open Database dialog box.

Decide which servers


require replicas of the
database and then create
the replicas

To make this decision, consider the purpose and size


of the database, the number and location of users
who need access to the database, and the existing
replication schedules between servers.

Verify that Server


documents in the
Domino Directory are
enabled for replication

Server documents are, by default, enabled for


replication, but to avoid any problems, verify this.

Create or edit
Connection documents

If several servers have a replica of the database,


make sure that any necessary Connection
documents are set up so that replication can occur.

Set up a replication
schedule

Consider the location and time zones of users and


the frequency of database updates.

48-2 Administering the Domino System, Volume 2

Optional tasks
The following tasks are not required, but you may want to perform them
after your database is in production. Whether or not you need to do these
tasks depends on the type of database you are rolling out to the
production server and the roles assigned to an application developer,
database manager, or Domino administrator in your organization.
Considerations

Create About This Database Provide the name, phone number, and e-mail
and Using This Database
address of database managers in the About This
documents
Database document. Provide information about
the application in the Using This Database
document.
For more information, see Application Development
with Domino Designer.
Create an index for the
database

Create a full-text index for the database if users


need to search the database for information. If
you create the index before you copy a new copy
of the database or a replica to a server, the index
settings carry over to the new copy or replica.

Distribute encryption keys

If the database design includes encrypted fields,


distribute encryption keys to users.
For more information, see the book Application
Development with Domino Designer.

Create a Mail-In Database


document

If the database is designed to receive mail, you


must create a Mail-In Database document in the
Domino Directory.

List the database in the


database catalog

By default, all databases except mail databases


are listed in the default views of the database
catalog. You can add categories to control how
the database appears in the catalog views and to
help users narrow the scope of a domain search.

Publish the database in a


database library

Create a library of selected databases on one


server or several servers for users.

Sign the database

Sign a database to provide a signature for it. Do


this, for example, so that an Execution Control
List (ECL) can evaluate the signature.

Add the database to the


Domain Index

If an application database will be useful to a wide


audience, include the database in the Domain
Index.

Notify users that the


database is available

Provide the database title, file name, and server


location.

Rolling Out Databases 48-3

Database Management

Task

Copying a new database to a server


Plan the deployment of new databases before copying them to a server.
Tasks to perform include:

Setting up all appropriate Server documents in the Domino


Directory, including a Mail-In Database document if the database is
designed to receive mail.

Making sure that users and other servers are listed in the servers
access control list. Otherwise, they wont be able to access the
database.

Using subdirectories to group related databases rather than copy


them to the root directory. Users can find related databases more
easily if they are in one location. This also helps administrators by
allowing them to replicate like databases, because Connection
documents let you replicate according to directory.

For more information on replication, see the chapter Creating Replicas


and Scheduling Replication.

To copy a new database to a server


1. Make sure that you have Manager access in the database ACL or the
Create new databases privilege in the Server Access section of the
Server document in the Domino Directory.
2. Select the database icon from your bookmarks page, choose File Database - Properties, click the Design tab, and make sure that
Show in Open Database dialog is selected.
3. Choose File - Database - New Copy.
4. Next to Server, click the arrow to display a list of servers. Then select
the server on which you want to place the copy.
5. Next to Title, enter a title for the database. The database icon and the
Open Database dialog box display this title.
6. Next to File Name, enter the path and file name of the database.
Limit the file name to eight characters plus the NSF extension.
7. Choose one:
Database design and documents to copy the database design
and all documents
Database design only if you do not want to copy any existing
documents

48-4 Administering the Domino System, Volume 2

8. Optional steps:
Choose Access Control List to copy the ACL.

Select Create Full Text index to create a full-text index on the


new copy.
Note You can also create a full-text index later.
Choose Encryption to encrypt the new copy of the database.
This option is intended to prevent unauthorized users from
accessing a database from a workstation, laptop computer, or
server. If you use this option, Notes encrypts the database using a
specified ID so that only a user with that ID can gain access to the
database directly from a server or workstation. You can choose
one of three encryption levels. This encryption setting also carries
over to copies of the database made at the operating system level.
Note The maximum database size is 64GB on Windows and UNIX.
For more information on encryption, see the book Application
Development with Domino Designer.

Creating a Mail-In Database document for a new database


If a database is designed to receive mail, you must create a Mail-In
Database document in the Domino Directory. This document must exist
in the Domino Directory of every server that stores a replica of the
database. The database cannot receive mail until you create this
document. When replicating Mail-in databases to servers in another
Domino domain, create a matching Mail-in database document in the
Domino Directory of the target server.
1. Make sure you have at least Author access with the Create
Documents privilege selected.
2. From the People & Groups tab of the Domino Administrator, choose
Create - Server - Mail-in Database.

Rolling Out Databases 48-5

Database Management

You can assign ACL settings (including roles) before or after


copying a local database to a server. Before copying the database,
assign yourself Manager access to the ACL so that you will have
Manager access to the new copy. If you do not copy the ACL
when you copy the database to a server, the ACL in the new copy
automatically lists you with Manager access.

3. On the Basics tab, complete these fields and then save the document:
Mail-in name The entry for this database in the Domino
Directory. Users and applications use this name to send
documents to the database.
Internet message storage The message storage preference: No
preference (default); Prefers MIME or Prefers Notes Rich Text.
Internet address SMTP address in the format
mailfile@organization.domain. Complete this field if you want
Internet users to be able to send messages to the database.
4. On the Database Information tab, complete these fields:
Domain Domino domain of the server where the database
resides.
Server The fully-distinguished hierarchical name of the server
where the database resides; for example, Server1/Sales/Acme.
Filename The path and filename of the database relative to the
Domino Directory. For example, if the database named
MAILIN.NSF is in the MAIL directory of the DATA directory,
enter MAIL\MAILIN.NSF.
5. On the Administration tab, complete these fields and then click Save
& Close:
Owners Fully distinguished hierarchical name of users allowed
to modify this document.
Administrators Users or groups who can edit this document.
Foreign directory sync allowed Yes allows entry to be
exchanged with foreign directories for example, a cc:Mail
directory so that users on the other system can look up the mail-in
database in the cc:Mail post office directory and send mail to it.
Encrypt incoming mail Mail sent to the mail-in database is
encrypted with the Notes certified public key entered in the next
field.
Notes certified public key The certified public key to use when
encrypting mail sent to this database. To copy a certified public
key from the Domino Directory to this field, click Get
Certificates and choose a name.
6. Give the name of the database to users so they can enter it in the To:
field of messages destined for the database.
For more information on setting up a database to receive mail, see the
book Application Development with Domino Designer.

48-6 Administering the Domino System, Volume 2

Adding a database to the Domain Index


If an application database will be useful to a wide audience, include the
database in the Domain Index.
1. From the Domino Administrator, choose File - Database - Open.

3. Choose File - Database - Access Control, and make sure you have
Manager access.
4. Choose File - Database - Properties.
5. Click the Design tab.
6. Make sure that the List in Database Catalog option is selected, and
enter one or more categories.
Note These categories appear on the Domain Search form to
provide a user with a way to narrow a search. Categories are also
displayed in views of the database catalog and Domain Catalog.
7. Select Include in multi-database indexing.

Signing a database or template


You can sign a template or database to vouch for its integrity. You might
want to do this, for example, to sign an agent so that the Agent Manager
on a server can verify that the signer has the rights to execute the agent.
Or you might sign a database or template so an ECL on a Notes client can
evaluate which database actions to carry out. If you sign a template, any
databases created from the template inherit the signature.
Note If you want to sign only one specific design document or one
design element in a document, for example, a specific agent, you must
first determine the Note ID for the document. To determine the Note ID
for a document, select the document, choose File - Document Properties,
click the last tab of the properties box. The bottom line is the Note ID, for
example NT00000902.
1. Select the server that stores the databases or templates that you want
to sign.
2. On the Files tab, select the databases or templates that you want to
sign.
3. Choose Tools - Database - Sign.

Rolling Out Databases 48-7

Database Management

2. Select the database that you want to add to the Domain Index, and
click Open.

4. Choose one of the following:


Active Users ID to sign using your ID.
Active Servers ID to sign using the ID of the server that stores the
database or template.
5. Choose one of the following options to specify which elements to
sign:
All design documents to sign every design element. If you sign
multiple databases or templates and select this option, the signing
process may take a while.
All data documents to sign all active content (Hotspots) found in
the data documents.
All documents of type to sign a specific type of design element
This specific Note ID to sign a specific design element.
6. Select Update existing signatures only (faster) to update only
design elements that have been signed previously. Use this to change
the signature on previously signed design elements.
7. Click OK. A dialog box shows the number of databases processed
and the number of errors that occurred (if any). See the Notes Log for
details.

48-8 Administering the Domino System, Volume 2

Chapter 49
Organizing Databases on a Server

Organizing databases on a server


When organizing databases on a server, you can:

Store databases in the Domino data directory. This is the default.

Create subdirectories of the Domino data directory to store groups of


related databases.

Create directory folders to store databases outside the Domino data


directory and create links to the databases from the Domino data
directory.

Restrict access to the servers data directory

When you create directory and database links, you can increase database
security by specifying the ACL access for an individual user or group in
the Create New Link dialog box. The database ACL, not the database
link, controls access to individual databases that have database links.

Directory links
You can store databases in a directory outside the Domino data directory
to take advantage of disk space available on other servers. Then you
create a link in the Domino data directory that points to that directory. In
the Domino data directory, users see the directory link MKTG.DIR as the
subdirectory MKTG, with a directory folder icon next to it. Users who do
not have access to a linked directory can see the directory link, but
cannot access the directory.
You can use a directory link on a Web server to point browser users to a
directory outside the Domino data directory. When you create this link,
you must specify access for browser users for example, you can
specify access for anonymous users or enter the names of users who use
name-and-password or SSL client authentication.

49-1

Database Management

This chapter discusses how to organize databases that are in the Domino
data directory or on another server and how to create links to directories
and databases that are not in the Domino data directory.

Database links
You can store a single database outside the Domino data directory and
create a database link to it from the Domino data directory. A database
link appears in the Domino data directory as a database icon followed by
the name of the linked database.
You can use a database link on a Web server to point browser users to a
database in a directory outside the Domino data directory. If the
database link points to a database on another server, browser users
cannot access the database.

Creating directory folders


When you create a directory folder, enter only the folder name. After you
create the directory folder, you can create directory or database links to
the folder.
To create a directory folder
1. From the Domino Administrator Server list, select the name of the
server on which you want to create the directory folder. The server
can be local or remote.
2. Click the Files tab, and then choose Tools - Folder - New.
3. In the Create New Folder dialog box, enter the name of the new
directory, and then click OK.
4. To verify that the directory was created, click the refresh icon.
5. Move designated databases into the directory you just created, and
then create a directory or database link.
To delete a directory folder
After you delete a directory folder that is no longer needed, delete the
links that point to it.
1. From the Domino Administrator Server list, select the name of the
server. The server can be local or remote.
2. Click the Files tab, and then select the directory to delete.
3. Choose Tools - Folder - Delete.
4. In the Delete Folder dialog box, click Yes.
5. To verify that the directory was deleted, click the refresh icon.
6. Delete the links that point to the deleted directory folder.

49-2 Administering the Domino System, Volume 2

Creating directory and database links


Directory links and database links are text files that appear as directory
or database icons in the Domino data directory. In the Domino
Administrator and in the Open Database dialog box in the Notes client,
directory links appear to the user as a directory folder icon, and database
links appear as a database icon.

Create the database link using the complete path and file name of the
database you want to link to. For example, create the database link
SALES.NSF to point to the database D:\PROJECTS\SALES\SALES.NSF.
Domino automatically appends the NSF extension to the database name.
If you want to move a linked database to another location, delete the old
link, create a new database link, and move the database to the new
location. When you delete the database link, you remove the link, but not
the database link references.
To create or update a link
Use links to organize databases on servers. Create a directory folder link
to point users to multiple databases stored in the Domino data directory,
in subdirectories of the Domino data directory, or in directories outside
of the Domino data directory. Create a database link to point users to a
single database stored in the Domino data directory, in subdirectories of
the Domino data directory, or in a directory outside the Domino data
directory.
1. From the Domino Administrator Server list, select the name of the
server on which to create the link. This server can be local or remote.
2. Click the Files tab, and then choose Tools - Folder - New Link or
Tools - Folder - Update Link.
3. In the Link name box, enter a name for the link as the link name
should appear to the user.
Domino automatically appends a DIR extension to the file name for a
directory link and an NSF extension for a database link.
4. Next to Link to a, choose Folder for a directory link or Database for
a database link.
5. In the Path and filename to that folder or database box, enter the
complete path to the directory or database to which the link points.

Organizing Databases on a Server 49-3

Database Management

Create the directory link to point to a subdirectory, not to a root


directory. For example, create the directory link PROJECTS.DIR to point
to the directory D:\PROJECTS\SALES. On a Domino Server for
NetWare, a DIR file can point to SYS:SALES but not to SYS:. On a
Domino Server for UNIX, a DIR file can point to /sales but not to /.

Be sure to move the database named in this step to the directory you
specify here.
For example, for a directory link, enter the directory path,
D:\PROJECT\SALES. For a database link, enter the complete
directory and file name path, D:\PROJECT\SALES\SALES.NSF.
6. (Optional) To restrict access to a linked directory, enter the names of
specific users to whom you want to grant access in the Who should
be able to access this link? box. Click the person icon to select the
names or groups from the Domino Directory that you want to have
access to the link.
Note The database ACL, not the database link, controls access to
individual databases that have database links.
7. Click OK.
8. To verify that the link was created, click the refresh icon.
9. (Optional) To prevent Web browser users from using directory links,
edit the NOTES.INI file to include this setting:
DominoNoDirLinks=1

To delete a link
1. From the Domino Administrator Server list, select the name of the
server.
2. Click the Files tab, and then select the directory or database link to
delete.
3. Choose Tools - Folder - Delete, and then click Yes.
4. To verify that the link was deleted, click the refresh icon. View the
result in the Results pane.

Restricting access to a servers data directory


You can restrict Notes user access to a servers data directory or a
subdirectory of the data directory by defining an access list for it. By
default any Notes user who can access a server can access the servers
entire data directory.
Creating a data directory access list
To restrict access to a servers data directory:
1. Make sure you have at least database administrators access to the
server.
2. From the Domino Administrator, connect to the server.
3. Click the Files tab.

49-4 Administering the Domino System, Volume 2

4. In the left pane, select the directory to which you are restricting
access. The access restrictions apply to any subdirectories of the
directory as well.
5. In the Tools pane on the right, select Database - Directory ACL.
6. Below Who should be able to access this directory? click the person
icon.

a. Select the name from a Domino Directory, or type the name in


the Add name not in list box. You can specify the name of a
user, server, group or a wildcard, for example, */Sales/Acme.
b. Click Add.
8. When you are finished defining the access list, click OK.
9. Click OK again. In the left pane, the directory now displays a lock
icon.
Changing or deleting a data directory access list
To change or delete a data directory access list:
1. Make sure you have at least database administrators access to the
server.
2. From the Domino Administrator, connect to the server
3. Click the Files tab.
4. In the left pane, select the directory with the access list.
5. In the Tools pane on the right, select Database - Directory ACL.
6. Do one of the following:
To remove a name from the access list, below Who should be
able to access this directory? select the name and click the red X.
To delete the access list entirely, remove each name from the list.
To add a name to the access list, below Who should be able to
access this directory? click the person icon, select or type the
name, click Add, then click OK.
7. Click OK to save your changes.

Organizing Databases on a Server 49-5

Database Management

7. In the dialog box that opens, do the following for each name that you
want to allow to access the directory:

NOTES.INI file settings used to organize databases on a server


The following table lists the NOTES.INI setting you can use to organize
databases on a server.
For more information on NOTES.INI settings, see the appendix
NOTES.INI File.
NOTES.INI file
setting

Description

DominoNoDirLinks

Prevents Web browser users from using directory links.

49-6 Administering the Domino System, Volume 2

Chapter 50
Setting Up and Managing Full-text Indexes

Full-text indexes for single databases


You can create full-text indexes to allow users to quickly search for
information in databases. To search in a database, users enter a word or
phrase in the search bar of the database to locate all documents
containing the word or phrase.
To create an index for a single database, you must have at least Designer
access to the database. Sometimes the application developer of the
database has already created an index. You can find out whether or not a
database is indexed by looking at the Database Properties box (Full Text
tab, Last Index Time from the Files tab of the Domino Administrator.)
The Domino Administrator lets you create single indexes for more than one
database at a time. Users can create full-text indexes for local databases.

Database indexes and replication


Because full-text indexes dont replicate, you must create a full-text index
for each database replica. When you create the replica, you have the
option to create a full-text index on the replica. The index options on the
replica are the same as the index options for the full-text index of the
original database.
For more information, see the chapter Creating Replicas and Scheduling
Replication.

Database indexes and the Domain Index


You can also include the full text of databases in the Domain Index, a
centralized full-text index of multiple databases on subjects of
widespread interest across a Notes domain that allows users to search on
a word or phrase when they dont know which database contains the
information. To search in the Domain Index, users click the arrow beside
the Search icon on the right-hand side of the Notes menu bar and choose
Domain Search.
50-1

Database Management

You must index a database for full-text searches to allow users to quickly
search and locate information within that database.

The Domain indexing process is completely separate from that for


individual databases, and including a database in the Domain Index does
not preclude the need to create a separate index for a popular database.
For more information on adding the full text of a database to the Domain
Index or on setting up the Domain Index, see the chapter Setting Up
Domain Search.

Security and full-text indexes for single databases


When you create a full-text index for a single database, selecting the
option Index encrypted fields can compromise system security in the
following ways:

Search results might display a list of all documents that contain a


specific word or phrase, even in encrypted fields. The user wont be
able to read the field but will know that the document contains the
word or phrase. For example, the Employee form in the Personnel
database contains the encrypted field Salary. Any user can search the
full-text index for 50,000, and documents that contain that figure
are included in the search results. However, the user cannot read the
contents of the field without the encryption key.

A full-text index file is unencrypted plain text; therefore, anyone


with access to the server can read the file. A user may be able to read
text that was previously encrypted.

The encryption key, which is part of the server ID, is active for all
databases on the server. If you index a different database and do not
deselect Index encrypted fields, any fields using that encryption
key are compromised.

For more information on encrypted fields, see the chapter Encryption


and Electronic Signatures.

Creating and updating full-text indexes for single databases


As you create a full-text index for a database, select indexing options and
update frequency options carefully, as they can affect server disk space
and processing speed.
Lotus Domino stores the index file in a subdirectory of the directory
where the database file is located, usually the Domino data directory. The
name of this subdirectory is filename.FT, where filename is the file name of
the indexed database for example, /EMPLOYEE.FT. Domino can also
store the index file in a directory to which you have created a link.
For more information on directory and database links, see the chapter
Organizing Databases on a Server.

50-2 Administering the Domino System, Volume 2

You must periodically update full-text indexes on servers to keep them


synchronized with changes to the databases. When you create an index,
you can either accept the default schedule for updating it (nightly at 2
AM) or specify a different schedule. You can modify this setting at any
time.
You can also do manual index updates for server databases at any time
from the Domino Administrator.

To create one or more indexes


1. From the Domino Administrator, select the server that stores the
database or databases you want to index.
2. Click the Files tab.
3. In the Tools pane, make sure that you have at least Designer access in
the ACL of any database you want to index.
4. Select one or more databases to index.
5. In the Tools pane, choose Database - Full Text Index.
6. Select Create.
7. (Optional) Select any of the following indexing options (all of which
increase index size). Index size is also dependent on the amount of
text in the database (non-text elements such as bitmaps, buttons, and
agents are not indexed). To check index size after indexing a
database, look on the Full Text tab of the Database Properties box.
Indexing option

Description

Index attached files Indexes attachments. Also choose either With found
text to include just the ASCII text of attachments, or
With file filters to include the full binary content of
attachments. Choosing With found text creates the
index faster than choosing With file filters, but is
less comprehensive.
Index encrypted
fields

Indexes text in encrypted fields.


Selecting this option can compromise system security.

Index sentence and Includes sentence and paragraph breaks in addition to


paragraph breaks word breaks to allow users to do proximity searches.
Enable case
sensitive searches

Allows searches by exact case match. This option


increases the size of the index by about 15%, as each
word must be indexed twice for example, apple
and Apple.

Setting Up and Managing Full-text Indexes 50-3

Database Management

Note Users update full-text indexes for local databases whenever they
replicate with the server. Users can also do manual index updates for
local databases at any time.

Note You can view your indexing selections later on the Search tab
of the Database Properties box.
8. (Optional) Change the default setting for index update frequency.
Update frequency options are described in the following table.
Update frequency Updates occur
option

Select when

Daily (the
default)

Nightly when the Updall


The database is very large,
server program runs at 2
because updating a large
AM.
index can take some time.
To change the time that
Updall performs automatic
daily index updates, use the
ServerTasksAthour setting
in the NOTES.INI file.

Hourly

Every hour, as scheduled by Frequent changes are made


to the database contents. If
the Chronos server task.
subsequent monitoring of
the database and server
reveals slow performance
of either, change to another
frequency setting.

Immediate

As soon as possible after


you close the database.

Very frequent changes are


made to the database
contents. If subsequent
monitoring of the database
and server reveals slow
performance of either,
change to another
frequency setting.

Scheduled

As scheduled by a Program
document for the Updall
server task in the Domino
Directory.
If you select the Scheduled
option, you must specify a
schedule for Updall in a
Program document;
otherwise, scheduled
updates will not occur.

None of the update


frequency options
described here meet your
needs.

9. Click OK.
10. Inform users that the database or databases are indexed.

50-4 Administering the Domino System, Volume 2

Setting a schedule for Updall in a Program document


When creating a full-text index for a single database, if you select the
index update frequency option Scheduled, you must set up a Program
document in the Domino Directory to specify the schedule you want for
the Updall server task.

2. Click Programs.
3. Create or edit a Program document.
4. On the Basics tab:
a. Type Updall in the Program name box.
b. Type any optional arguments in the Command line box.
c. Type the server name on which the full-text indexed database
resides in the Server to run on box.
5. On the Schedule tab:
a. Select Enabled in the Enabled/disabled box.
b. Select the time for Updall to update the index in the Run at
times box.
c. Select a repeat interval, if any, in the Repeat interval of box.
d. Select the days of the week for Updall to update the index in the
Days of week box.
6. Save and close the Program document.

Changing update frequency for a databases full-text index


If a database is already full-text indexed, you can change the existing
frequency setting on the Full Text tab of the Database Properties box.
1. From the Domino Administrator, select the server that stores the
database.
2. On the Files tab, select the database for which you want to change
the index update frequency.
3. Using the Tools pane, make sure that you have at least Designer
access in the database ACL.
4. Choose File - Database - Properties, and click the Full Text tab.
Note If you know you want multiple indexes to have the same
frequency setting, you can select the databases and use the Tools
panes Databases - Full Text Index command to change all their
indexes to that setting, but the Tools pane does not provide a means
Setting Up and Managing Full-text Indexes 50-5

Database Management

1. From the Domino Administrator, click the Configuration tab and


expand the Server section.

to check whether databases are indexed or verify current update


settings.
5. In the Update frequency (servers only) box, select one of the
options described here.
Update frequency option Updates occur
Daily

Nightly when the Updall server program runs by


default at 2 AM

Hourly

Every hour, as scheduled by the Chronos server


task

Immediate

As soon as possible after you close the database

Scheduled

Note As scheduled by a Program document for


the Updall server task in the Domino Directory
If you select the Scheduled option and do not
create a Program document for Updall, scheduled
updates do not occur.

6. Click OK.

Manually updating full-text indexes for single databases


You can use Domino Administrator to update indexes manually after
new information or documents have been added to databases. You can
update a single index in the Database Properties box, or update one or
more indexes from the Tools pane.
Note The Database Properties box (Full Text tab) provides useful
information about an index, such as the number of unindexed documents
currently in the database, the last time the index was updated, and its
size.
To update an index in the Database Properties box
1. From the Domino Administrator, select the server that stores the
database.
2. On the Files tab, select the database whose index you want to update.
3. Choose File - Database - Access Control and make sure that you have
at least Designer access in the database ACL.
4. Choose File - Database - Properties.
5. Click the Full Text tab.
6. Click Update Index.

50-6 Administering the Domino System, Volume 2

To update one or more indexes from the Tools pane


1. From the Domino Administrator, select the server that stores the
databases.
2. Click the Files tab.
3. From the Tools pane, make sure that you have at least Designer
access in the ACL of any database for which you want to update the
index.
5. From the Tools pane, choose Tools - Database - Full Text Index.
6. Select Update.
7. Click OK.

Deleting full-text indexes for single databases


Delete a full-text search index when you no longer need it, when you
need to the change the index options, or when you discover problems
with the index.
1. From the Domino Administrator, select the server that stores the
database or databases.
2. Click the Files tab.
3. Using the Tools pane, make sure that you have at least Designer
access in the ACL of any database for which you want to delete the
index.
4. Select all the databases for which you want to delete the index.
5. From the Tools pane, choose Tools - Database - Full Text Index.
6. Select Delete.
7. Click OK.

Setting Up and Managing Full-text Indexes 50-7

Database Management

4. Select all the databases for which you want to update the index.

Chapter 51
Setting Up Database Libraries and Catalogs

For information on the Domain Catalog, see the chapter Setting Up


Domain Search.

Database libraries
You can create a database library that contains databases that pertain to a
specific collection of users or to a specific topic. For example, a corporate
database library might include all databases that deal with corporate
policies and procedures, and a marketing database library might include
databases that are useful to the marketing staff.
The main view in a library lists the databases it contains alphabetically
by title, and gives a short description of each database. Each database
document displays the databases title, short and long descriptions,
replica ID, and database manager, as well as buttons that let users
browse the database or add it to their bookmarks.
Note Instead of creating database libraries to point users to the
databases they need, you can use Desktop policy settings to add
bookmarks directly to their workspaces.
For more information on Desktop policy settings, see the chapter Using
Policies.

Server libraries
The databases you choose to include in a library can be located on any
server. More than one library can reside on a server. When a user opens a
database from a database library, Lotus Domino uses the databases
replica ID number to search for it. Domino first searches for the database
on the users workspace, then on the users home server, and finally
looks for a Domain Catalog to find a path to a replica of the database on
51-1

Database Management

This chapter discusses setting up and managing database libraries


which administrators create to help particular groups of users find
pertinent databases and database catalogs which list for users all
databases on a given server. This chapter does not cover the Domain
Catalog, which lists databases on all servers across a Domino domain.

another server. If a database is moved to another server, Domino


automatically opens the database at its new location and then updates
the databases replica ID in the database library.
When you create a database library on a server, you automatically
become the librarian for that database library with Manager access in the
library ACL. The -Default- access in the library ACL is Reader. If a user
with Reader access in the database library ACL attempts to publish a
database, Domino automatically sends the librarian an e-mail containing
the request to publish the database. The librarian then publishes the
database for the user. If you want users to be able to publish databases in
the library themselves, change -Default- access to Author.

Local libraries
You can create a local library for your own use, which lists databases on
your own hard drive as well as databases on servers. The only difference
between a local library and libraries on servers is that no other users can
use your local library or become librarians for it.

Creating a database library and assigning librarians


To use the library template to create a library on a server, you must have
Create new databases access in the Server Access section of the Server
document.
If you plan to create many libraries on a server, create a subdirectory in
the Domino data directory to store them. Then users can easily locate all
available libraries.

To create a database library


1. From the Domino Administrator, choose File - Database - New.
2. Enter a location for the database library (server or local), title, and
file name for the library.
3. Select Show advanced templates at the bottom of the dialog box.
4. Select the Database Library template (DBLIB4.NTF), and click OK.
If you do not see the template in the list, click the Template server
arrow, and choose a server that contains the advanced templates
from the list.
Note You are automatically listed in the database as a librarian.

51-2 Administering the Domino System, Volume 2

To assign librarians
You must be a librarian of a database library in order to make other users
librarians.
1. If someone other than you created the library, make sure you have
Editor or higher access in the library ACL.

3. From the Domino Administrator, select the server that holds the
database library.
4. On the Files tab, double-click the title of the database library.
5. In the Librarians view, click Edit Librarians.
6. Type the names of all users who will be librarians, pressing ENTER
after each name.
7. Close and save the Librarians document.

Publishing databases in a library


To publish a database in a database library means to add a database to
the library. Unlike a database catalog, which lists all the databases on a
server, a library contains links to selected databases from one or several
servers. For the convenience of different user groups, there can be more
than one library on a server.

To publish a database in a library


1. Make sure you have Author or higher access in the database library
ACL.
2. From the Domino Administrator, select the server that holds the
database you want to publish to the library.
3. On the Files tab, select the title of the database you want to publish to
the library.
4. Choose File - Database - Publish.
5. Select the database library title from the Available libraries list,
and click OK.

Setting Up Database Libraries and Catalogs 51-3

Database Management

2. Make sure that the users to whom you are giving librarian status
have at least Author access in the database library ACL.

6. Enter information in the following fields, and then close and save the
database document:
In the Abstract field, type a short description of the database to
serve as the description that appears next to the databases title in
the database library.
In the Long Description field, type a more complete description
of the database contents that appears when you open the database
document.

To delete a database from a library


1. In the database library ACL, make sure you have Author access to a
database to delete the database documents youve created and Editor
or higher access to delete documents others have created.
2. From the Domino Administrator, select the server that holds the
database library.
3. On the Files tab, double-click the title of the database library.
4. In the Databases by Title view, select the database you want to delete.
5. Choose Edit - Delete.

Database catalogs
A database catalog provides a list of all databases on a server. You use
the server Catalog task to create a database catalog. The Catalog task
bases the catalog file (CATALOG.NSF) on the CATALOG.NTF template
and adds the appropriate entries to the catalogs ACL.
All databases on a server are included in the catalog when the Catalog
task runs. Only administrators can see listings for some databases (those
with the List in Database Catalog option selected in the Database
Properties box), as these databases are not included in the default views.
For databases in the default views, you can specify categories in the
Database Properties box to determine how the databases appear in the
categorized view of the catalog. For large catalogs, you can create a
full-text index to make searching the catalog faster.
To help users locate databases across an organization, or to keep track of
all the replicas for each database, you must set up a Domain Catalog a
catalog that combines the information from the database catalogs of
multiple servers on one of your servers. You can set up a Domain
Catalog regardless of whether you plan to implement Dominos Domain
Search capability.
For more information on the Domain Catalog, see the chapter Setting
Up Domain Search.
51-4 Administering the Domino System, Volume 2

Uses for a servers database catalog

Administering a servers database catalog


Lotus Domino runs the Catalog task daily at 1 AM by default to create or
update a database catalog on every server. The Catalog task creates a
CATALOG.NSF database from the CATALOG.NTF template and
populates the catalog with a list of all databases on the server. You can
populate the catalog at any time by typing the following server
command at the server console:
load catalog

To view the documents in the database catalog, open the catalog from the
Domino Administrator or the Web Administrator tool (Files tab).

Setting up a servers database catalog


You create a servers database catalog by running the Catalog task. Then
you can make the catalog more useful for your users by:

Creating your own categories to control the list of databases that


appear in the Databases by Category view of the catalog.

Determining if there are any databases to exclude from the catalogs


default views (such as mail files).

Notifying users that the catalog exists and is ready for use.

To create a database catalog


From the server console, type the following server command:
load catalog

Note The Catalog task assigns Manager access in the ACL to


administrators and to the server that stores the catalog.

Setting Up Database Libraries and Catalogs 51-5

Database Management

Besides allowing users to see what databases are on a particular server,


catalogs provide useful information about databases. For each database
in a view, a Database Entry document provides information such as file
name, replica ID, design template, database activity, replication, full-text
index, and ACL, as well as buttons that let users browse the database or
add it to their bookmarks. In addition, the document displays a link to
the databases Policy (About This Database) document, which, for
databases users are not authorized to access, they can view by sending
an e-mail request to the database manager.

To assign a category to a database


Assign one or more categories to a database to determine how the
catalog groups the databases listed in the Databases by Category view. If
you do not specify categories, then the Databases by Category view is
blank.
1. Make sure you have at least Designer access in the database ACL.
2. From the Domino Administrator, select the server that holds the
database that you want to assign a category to.
3. On the Files tab, select the database that you want to categorize.
4. Choose File - Database - Properties.
5. Click the Design tab, and select List in Database Catalog.
6. In the Categories box, type one or more categories for the database.
Separate category names with a comma or semicolon.

To exclude a database from a catalogs default views


All databases on the server are listed in the catalogs default views. You
might want to exclude some databases, such as mail databases, from the
default views by performing the following steps for each database that
you want to exclude.
Note Excluding a database from a catalogs default views does not
prevent administrators from creating views that display a complete
listing of databases on the server.
1. Make sure you have at least Designer access in the database ACL.
2. From the Domino Administrator, select the server that holds the
database that you want to exclude from the catalog.
3. On the Files tab, select the database that you want to exclude.
4. Choose File - Database - Properties.
5. Click the Design tab, and then deselect List in Database Catalog.

51-6 Administering the Domino System, Volume 2

Chapter 52
Monitoring the Domino Server
This chapter explains how monitor the statistics and events that occur on
the Domino server and how to view and analyze performance statistics.

Monitoring the Domino system

The Domino Administrator includes these system-monitoring tools that


you use to configure, view, and track the Domino system:

Monitoring databases Store monitoring documents, information, and


results. The Monitoring Configuration database (EVENTS4.NSF) stores
the documents you use to set up monitoring. It also includes information
about statistics, statistic thresholds, and event messages. The Monitoring
Results database (STATREP.NSF) stores the gathered statistics reports
and can be configured to store information about logged events. The log
file (LOG.NSF) stores the servers log documents.

Monitoring Configuration documents Define and configure what


constitutes an event, and how the event is handled. Also allow you to
customize the messages that appear on the console when an event
occurs.

Server tasks Collect and record information about the Domino


system. The Event Monitor task determines if an Event Handler has
been configured for the event, and if so, routes the event to the
specified person, database, or server-management program for
processing. The Statistic collector task gathers Domino server
statistics and creates statistics reports in the Monitoring Results

52-1

Monitoring

Domino generates statistics that you can use to monitor system activity and
platform use, and includes many server-monitoring features that work
together to inform you about the processes, networks, and use of the
Domino system. Using one of three tools the Domino Administrator, the
Web Administrator, or the server console you can monitor the system. For
example, from the Domino Administrator, you can use the Domino server
monitor and statistics charts to view graphical representations of system
status; and from the server console, you can view a representation that uses
your predefined colors and text attributes to illustrate the status of a process.

database (STATREP.NSF) or to another database you can specify.


The ISpy task executes TCP server and mail-routing event
generators.

Statistics Domino gathers statistics that show the status of


processes currently running on the system for example, the
statistic Free space on drive C indicates the amount of free space
available on drive C. You use these statistics along with the
predetermined statistics thresholds to monitor both your Domino
system and platform statistics.

Domino server monitor Provides a visual representation of the


status of the servers you are monitoring.

Monitoring Configuration database


The Monitoring Configuration database (EVENTS4.NSF) includes a set of
default documents you use to set up system-monitoring. You can edit the
default documents or use the configuration wizards in the Monitoring
Configuration database to create new ones. The Monitoring
Configuration database includes these documents:
Document

Description

Event Generator

Defines the parameters of an event.

Event Handler

Describes what action to take when an event occurs.

Event Notification
Method

Defines the notification method to use when the Event


Handler document prescribes notification.

Log Filter

Specifies events that you do not want to log.

Server Console
Configuration

Sets the text, background, and color attributes for the


Domino server console.

Statistic Description Describes a statistic.


Server Statistic
Collection

Specifies one or more servers from which statistics are


collected and identifies the server that performs the
collecting.

Monitoring events on the Domino system


Every occurrence that happens on the Domino system is an event. Events
signal both that the system is working smoothly, processing data, and
performing tasks; and that the system is malfunctioning, perhaps by not
processing data or performing required tasks.

52-2 Administering the Domino System, Volume 2

Domino generates events continuously. Therefore, to monitor the


Domino system efficiently, you must decide which events you want to
know about. For example, the event Replicating files with servername
occurs every time a file replicates with a specified server; consequently,
you may want to know about the event only if it fails. You configure
events that you want to know about, based on what type of information
is important to you. To configure an event, you determine three critical
pieces of information: what type of event it is, what the severity level is,
and how you want it handled. You configure your events using Event
Generator and Event Handler documents. Event generators describe the
condition that must be met for an event to be generated; event handlers
describe what happens when the event occurs.

You create an Event Handler document to specify to log the event to a


specified destination, and simultaneously receive notification of the
events occurrence and run a program for additional processing. You can
also prevent the event from being logged or handled at all. However, if
you want to know about an event, you must have an Event Handler
document. Otherwise the event is not recorded. There is no default way
of handling an event. So if you do not create event handlers, then events
are not logged or stored anywhere (except for server or add-in task
events, which are stored in the log). After an event is passed to the Event
Monitor task, it can invoke one or more configured Event Handlers.

Event generators
Event generators gather information by monitoring a task or a statistic or
by probing a server for access or connectivity. Each event generator has a
specified threshold or condition, which, when met, causes an event to be
created The event is passed to the Event Monitor task, which checks
whether an associated event handler has been defined. If an event
handler has not been defined, the Event Monitor task does nothing. If an
event handler has been defined, the Event Monitor carries out the
instructions in the event handler. The Event Monitor task, formerly know
as the Event task, starts automatically when you start the server and
must run on all servers that you want to monitor.
For more information about event handlers, see the topic Event
handlers later in this chapter.
Monitoring the Domino Server 52-3

Monitoring

After deciding which events you want to know about, decide what will
happen when the event occurs. You have several choices. You can log the
event to the log file (LOG.NSF); you can mail a notification of the event
to a file or an administrator; or mail the event to another application for
further processing.

The Domino Administrator includes a set of default event generators,


which are listed in the Event Generators view of the Monitoring
Configuration database (EVENTS4.NSF). To monitor other events that
are important to you, you must create an event generator and define the
type and severity of the event. The following table lists the types of event
generators you can create. If you purchased an add-in product designed
to work with server-management programs, you may see additional
types of events listed.
Event generator

Description

Database event generator

Monitors database activity and free space


Monitors frequency and success of database
replication
Reports on ACL changes, including those made
by replication or an API program

Domino server response


event generator

Checks connectivity and port status of


designated servers in a network

Mail routing event


generator

Sends a mail-trace message to a particular


users mail server and gathers statistics
indicating the amount of time, in seconds, it
takes to deliver the message

Statistic event generator

Monitors a specific Domino or platform statistic

Task status event generator Monitors the status of Domino server and
add-in tasks
TCP server event generator Verifies the availability of Internet ports (TCP
services) on servers and generates a statistic
indicating the amount of time, in milliseconds,
it takes to verify that the server is responding
on the specified port

Event severity levels


The severity of an event indicates the level of required action.
Severity level

Meaning

Fatal

Imminent system crash

Failure

Severe failure that does not cause a system


crash

Warning (high)

Loss of function requiring intervention

Warning (low)

Performance degradation

Normal

Status messages

52-4 Administering the Domino System, Volume 2

Creating a database event generator


Create a database event generator to monitor database use and ACL
changes.
1. From the Domino Administrator, click the Configuration tab, and
then open the Monitoring Configuration view.
2. Open the Event Generators - Database view, and then click New
Database Event Generator.
3. On the Basics tab in the Databases to monitor section, complete
these fields:
Field

Action

File name

Enter the name of the database.

Servers

Choose one:

4. In the What to monitor section, choose one or more of the


following:
Monitor ACL Changes To monitor all ACL changes, including
those made by replication.
Monitor replication To monitor the frequency and success of
database replication. Then complete these fields on the Replication
tab:
Field

Action

Server(s) with
which the database
must replicate

Choose one:
All in the domain.
Only the following. Then select one or more
servers from the list.

Replication timeout Enter a time-out value. The default is 24 hours.

Monitor unused space To monitor the amount of white space


(free space) in one or more selected databases on a server. Then
complete these fields on the Unused Space tab:
Field

Action

Trigger the event when unused


space exceeds

Enter a percent. The default is 30%.

Automatically compact the


database when the above
condition is met

(Optional) Select this option (the


default) to compact the database.

Monitoring the Domino Server 52-5

Monitoring

All in the domain


Only the following. Then select one or more servers to
monitor.

Monitor for user inactivity To monitor database activity and to


determine which databases are not being used. Then complete
these fields on the user Inactivity tab:
Field

Action

Time periods to
monitor

Choose one:

Minimum sessions

Enter a minimum number of sessions that will


trigger an event. The defaults are:

Daily
Weekly
Monthly

Daily 10 sessions
Weekly 50 sessions
Monthly 300 sessions

5. On the Other tab, complete these fields, and then save the document:
Field

Action

Generate a database event Select a severity level.


of severity
Create a new event
handler for this event

Click this button to launch the Event


Notification Wizard and create an event
handler.

Creating a Domino server event generator


Create a Domino server event generator to configure a server that checks
connectivity and port status of designated servers in the network every
three minutes.
1. From the Domino Administrator, click the Configuration tab, and
then open the Monitoring Configuration view.
2. Open the Event Generators - Domino Server Response view, and
then click New Domino Server Event Generator.
3. On the Basics tab, complete these fields:
Field

Action

Target server(s)

Choose one or more servers to probe.

Probing server
(source)

Choose the server that will probe the target servers.

4. For the field Interval n minutes, enter an interval in minutes at


which you want to send the probe. The default is three.

52-6 Administering the Domino System, Volume 2

5. Choose one of the following options:


Check just the ability to access the destination server
Check the ability to access the destination server and open this
database, and then enter a file name
6. Click the Probe tab, and then complete these fields:
Field

Action

Ports

Do one:
Enable the field to use any configured port to check
access.
Disable the field, and specify the port to use.

Time-out
threshold

Enter a number that represents the allocated amount of


time (in milliseconds) to open the database or access
the server. The default is 1000 milliseconds.

7. Click the Other tab, complete these fields, and then save the
document:
Field

Action

On time-out, generate a Server Select a severity level.


event of severity
Create a new event handler for Click to launch the Event Notification
this event
Wizard and create an event handler.

Creating a mail-routing event generator


Create a mail-routing event generator to test and gather statistics on mail
routes. To test a mail route, the ISpy task sends a mail-trace message to a
specified users mail server.
This event generator creates a statistic that indicates the amount of time,
in seconds, it takes to deliver the message. If the mail-routing trace fails,
the statistic has the value -1. If the Statistic Collector task is running, the
Monitoring Results database (STATREP.NSF) stores the statistics. The
format of a mail routing statistic is:
QOS.Mail.RecipientName.ResponseTime

In addition, the ISpy task monitors the local mail server by default and
generates events for traces that fail. To monitor other Domino mail
servers, create an event generator and set up an event handler to notify
you when an event has occurred.

Monitoring the Domino Server 52-7

Monitoring

The Resulting Statistic field, which is not editable, shows the name of
the statistic that is generated.

To create a mail-routing event generator


1. Make sure that you started the ISpy task on the server.
For more information on the ISpy task, see the topic Starting and
stopping the ISpy task later in this chapter.
2. From the Domino Administrator, click the Configuration tab, and
then open the Monitoring Configuration view.
3. Open the Event Generators - Mail view, and click New Mail Routing
Event Generator.
4. On the Basics tab, complete these fields:
Field

Action

All Domino servers in Do one:


the domain will probe Check this option to have each server to probe
themselves
only the local mail box.
Uncheck this option to probe specified servers.
Recipient

Enter the address of the recipient for which you


want to check the mail route or use the drop-down
box to select a recipient from a Domino Directory
or Address Book. Do not enter more than one user
and do not enter a group name.

Probing servers
(source)

Select the name of the server from which to start


the probe.

Show intermediate
hop times

Enable this option to track intermediate hop times.

5. Click the Probe tab, and complete these fields:


Field

Action

Send interval

Enter the number of minutes between probes. The


default is 15.

Time-out threshold

Enter the number of minutes the probing server


(source) waits for a response before logging a
failure.

6. Click the Other tab, complete these fields, and then click Save &
Close.
Field

Action

On time-out, generate Select the severity level.


a Mail event of
severity
Create a new event
Click this button to launch the Event Notification
handler for this event Wizard and create an event handler.

52-8 Administering the Domino System, Volume 2

Creating a statistic event generator


The Monitoring Configuration database (EVENTS4.NSF) includes a
definition of each Domino system and platform statistic. Each definition
also includes a default threshold value. To monitor a statistic, create a
statistic event generator. In the statistic event generator, you can change
the default threshold and specify how you want the event to be handled
when the threshold is met.

You enable alarms in the Domino Administrator by setting


Administration Preferences. You enable alarms on the server, in the
Server Statistic Collection document.
For more information on enabling statistics alarms in the Domino
Administrator, see the chapter Setting Up and Using Domino
Administration tools. For more information on enabling alarms on the
Domino Server, see the topic Creating a Server Statistic Collection
document, later in this chapter.
To create a statistic event generator
1. From the Domino Administrator, click the Configuration tab, and
then open the Monitoring Configuration view.
2. Open the Event Generators - Statistic view, and click New Statistic
Event Generator.
3. Under Servers to monitor, choose one:
All in the domain
Only the following. Then select one or more servers you want to
monitor.
4. Under Statistic to monitor, select a statistic, and then choose one:
Monitor as a percent of the whole (Disk.C.Size). Then click the
Threshold tab and enter the percentage of the total (Disk.C.Size)
that is the threshold value.
Monitor as a number (bytes). Then click the Threshold tab, and
enter a threshold value in bytes.
Monitoring the Domino Server 52-9

Monitoring

To generate statistic events, statistic alarms must be enabled on either the


Domino Server or the Domino Administrator. Enabling statistic alarms
instructs the Collector task to periodically check the value of configured
statistics with the thresholds specified in their event generator
documents. When a threshold is exceeded an alarm document is created
in the Monitoring Results database (STATREP.NSF). The first time an
alarm is reported, a statistic event is generated. Alarms continue to be
reported at the alarm interval specified when you enabled alarms.
However, after the first alarm, subsequent events are generated, by
default, once daily until you clear the alarm in the Statistics - Alarms
view of the Domino Administrator.

5. For the Generate the event when field, choose one:


The statistic is less than the threshold value
The statistic is greater than the threshold value
The statistic is a multiple of the threshold value
6. Click the Other tab, complete these fields, and then click Save &
Close.
Field

Action

Generate a statistic
event of severity

Select a severity level.

Create a new event


Click this button to launch the Event Notification
handler for this event Wizard and create an event handler.

Creating a task status event generator


Create a task status event generator to monitor when a task starts, stops,
or stalls.
1. From the Domino Administrator, click the Configuration tab, and
then open the Monitoring Configuration view.
2. Open the Event Generators - Task Status view, and click New Task
Monitor.
3. On the Basics tab under Tasks to monitor, complete these fields:
Field

Action

Task name

Select the name of the task.

Servers

Choose one:
All in the domain
Only the following. Then select the name of one
or more servers

What to monitor

Monitor task down


Monitor task up
Monitor task not responding
Monitor task resumed responding

4. Click the Other tab, complete these fields, and then save and close.
Field

Action

Generate a monitor
event of severity

Select a severity level.

Create a new event


Click this button to launch the Event Notification
handler for this event Wizard and create an event handler.

52-10 Administering the Domino System, Volume 2

Creating a TCP server event generator


Create a TCP server event generator to verify the availability of the
services on Internet ports on one or more servers. A TCP server event
generator uses the Ispy task to send a probe to test whether the server is
responding on a port. The probe generates a statistic that indicates the
amount of time, in milliseconds, it takes to verify that the server is
responding on the specified port. If the probe fails, the statistic has the
value -1. The format of a server probe statistic is:
QOS.TCPservice.ServerName.MonitorId.ResponseTime

If the Collector task is running, the Monitoring Results database


(STATREP.NSF) stores the Internet port statistics.

To create a TCP server event generator


1. Make sure that the ISpy task is running on the server.
For more information on the ISpy task, see the topic Starting and
stopping the ISpy task later in this chapter.
2. From the Domino Administrator, click the Configuration tab, and
then open the Monitoring Configuration view.
3. Open the Event Generators - TCP Server view, and click New TCP
Server Event Generator.
4. On the Basics tab for the field All Domino servers in the domain
will probe themselves, do one:
Check the option to have each server probe all services on its own
configured ports. Then continue with Step 6.
Uncheck the option to specify the server ports and services to
probe.
5. Under Target Servers, choose one:
All in the domain (default) To probe the ports of all servers in
the domain.
Only the following To probe the ports of selected servers in the
domain. Then select one or more servers.
6. Under Probing servers (source), select the server from which the
probes will be sent.
Monitoring the Domino Server 52-11

Monitoring

By default, the ISpy task monitors all enabled Internet ports (TCP services)
on the server on which it is running. When you create a TCP server event
generator, you can have each server probe its own configured ports and all
services that are running on those ports, or you can select which servers
and services to probe. To verify the statistic name and the type of event
generated upon failure, click the tab for each service.

7. Click the Probe tab, and complete these fields:


Field

Action

Probe interval

Enter the number of minutes between probes.


Default is 15.

Service time-out
threshold

Enter the number of seconds the probing server


(source) waits for a response before logging a
failure. Default is 30.

8. If all servers are probing themselves, continue with Step 8. If you


chose to specify services, choose one.
Probe all configured TCP services
Probe these services. Then check the services to probe.
9. If all servers are probing themselves or if you selected the HTTP
service to probe, click the HTTP tab and choose one
Probe just the port To probe the availability of the HTTP service
on the port.
Fetch this URL To probe for the availability of a Web server.
Then enter a URL specifying the file path. Do not include the
server in the URL address.
10. If all servers are probing themselves or if you selected the NNTP
service to probe, click the NNTP tab and choose one:
Probe just the port To probe the availability of the NNTP
service on the port.
Send this command Then enter the command and the news
group name.
11. Click the Other tab, complete these fields, and then click Save &
Close:
Field

Action

On time-out, generate Select the severity level.


an event severity
Create a new
Click this button to launch the Event Notification
notification profile for Wizard and create an event handler.
this event

Disabling an event generator


You may want to use some event generators only temporarily. For
example, if you suspect that server performance is slow, you can set up a
statistic event generator document to report if more than five server
sessions are dropped (Server.Sessions.Dropped), and then disable this
event generator after you monitor dropped server sessions for a week.
52-12 Administering the Domino System, Volume 2

To disable an event generator


1. From the Domino Administrator, click the Configuration tab, and
then open the Monitoring Configuration view.
2. Open the Event Generators view, and select the event generator to
disable.
3. Click the Other tab.
4. Check the field Disable this event generator.
5. Save and close.

Starting and stopping the ISpy task


You must start the ISpy task before you can create server and mail
routing event generators. The ISpy task does not start automatically. Use
any of these methods to start and stop the ISpy task. Because the ISpy
task is case-sensitive, you must enter it exactly as shown in this table.
To do this

Perform this task

Start the ISpy task manually

Enter the command load runjava ISpy at the


console.

Stop the ISpy task

Enter either the command tell runjava ISpy


quit or tell runjava quit at the console.

For more information about NOTES.INI settings and server commands,


see the appendices.

Using event generator and event handler wizards


If you know the type of event generator you want to create and are
familiar with the options available in that event generator document, use
the following wizards in the Monitoring Configuration database
(EVENTS4.NSF) to create event generators and event handlers:

Event handler wizard Creates an event handler.

Database and statistic wizard Creates database and statistic event


generators.

Mail-routing and server response wizard Creates mail-routing,


Domino server, and TCP event generators.

To start a wizard
1. From the Domino Administrator, click the Files tab.
2. Open the Monitoring Configuration database, and then choose the
Setup Wizards view.
3. Click the wizard you want to use.
Monitoring the Domino Server 52-13

Monitoring

Start the ISpy task automatically Edit the ServerTasks setting in the
when the server starts
NOTES.INI file to include RunJava ISpy.

Viewing event generators


Event Generator documents are stored in the Monitoring Configuration
database (EVENTS4.NSF). Each type of event generator has a view that
provides a list of all event generators, plus additional configuration
information.
To view event generator documents
1. From the Domino Administrator, click the Configuration tab, and
open the Monitoring Configuration database (EVENTS4.NSF).
2. Open the Event Generators view, and select the type of event
generator documents to view.
3. Double click an event generator document to display additional
information.

Event handlers
An event handler defines the action that Domino takes when a specific
event occurs. You can define an event handler to do one or more of the
following:

Log the event to a configured destination

Notify you that the event occurred and specify the method of
notification

Forward the event to another program for additional processing

Prevent the event from being logged to the server console or to a


specified destination

The Monitoring Configuration database (EVENTS4.NSF) includes


default event handlers for server tasks. However, to customize how
events are handled, you may want to create a custom event handlers.
You can enable or disable an event handler, so you can easily disable a
default event handler and replace it with a custom one.
When you create an event handler, you specify the condition for
example, when an event meets or exceeds a threshold or meets a
specified severity level that triggers it. To specify event handler
conditions, you define a set of criteria, specify a task, or select a custom
event generator that triggers the event handler.
For example, suppose you create an event handler that defines the
criteria as a replication event with a severity level of Fatal. Then any
replication event that matches that criteria is handled based on the event
handler you created. Or, you can create an event handler for all events of
any type that have a severity level of Fatal. An event handler is
generated only if the specified task creates an event. And event handlers
52-14 Administering the Domino System, Volume 2

based on custom event generators are triggered only if the associated


event generator creates the event.
You can also create different handlers for different severities. For
example, you may want to be notified immediately if an event has a
severity level of Fatal or Failure and choose to write the information to
the log file or to the Monitoring Results database (STATREP.NSF).
Normal levels of events may not interest you, so you may want to create
a log filter to prevent normal events and severity levels from being
logged to the log file or the server console.

Event handler notification methods


Depending on the type or severity of an event, you may want to be
notified immediately by an alarm, e-mail message, or server-console
message. When you specify a handler notification method, you also
specify where events are reported. Domino provides the notification
methods listed in the table below.

Broadcast

Reports the event to all users logged onto the server or to a


specified group of users.

Log to database

Logs the event to a database, typically STATREP.NSF, on a


local server. Select this method only if the specified server
is reporting events to its own collection database.

Mail

Mails the event to a person or to a mail-in database


(typically STATMAIL.NSF) on a server in a different
domain or one that uses an incompatible mail protocol.

NTLog

Reports the event to the Windows NT Event Viewer.

Pager

Uses the mail address of an alphanumeric pager to report a


modified version of an event to a pager.

Prog

Runs an add-in program or specified command to correct


problems automatically.

Relay

Relays the event to another server that is in the same


Domino domain and that runs a common protocol. These
events are collected in a database, typically STATREP.NSF.

Sound

Sounds an alarm on the designated server when the event


occurs.

SNMP Trap

Sends the event as an SNMP trap. Select this method only if


the specified server is running the Event Interceptor task
and the Domino SNMP Agent.

UNIXLog

Reports the event to the UNIX system log.

For more information on SNMP agents, see the chapter Using the
Domino SNMP Agent.
Monitoring the Domino Server 52-15

Monitoring

Notification method Result

Using an API to create an event notification method


If you use an API, there may be additional types of notification methods.
To use one of these methods, create a notification based on the name and
description provided by the API.
1. From the Domino Administrator, click the Configuration tab, and
open the Monitoring Configuration view.
2. Open the Names & Messages (Advanced) - Notification Methods
view, and click New Notification Method.
3. Enter a description of the notification method.
4. Enter the name of the notification method.

Event types used to specify event criteria


When you create an event handler based on matching the event criteria,
you must specify the type of event.
Event type

Generates

Add-in

Messages related to the Add-in task.

Adminp

Messages related to the Adminp task.

Agent

Messages related to agents.

Client

Messages related to the client.

Comm/Net

Messages related X.PC.

Compiler

Messages related to compute and compile functions.

Database

Messages related to databases.

Directory
(LDAP)

Messages related to directory services.

Mail

Messages related to mail routing.

Misc

Miscellaneous messages not in another event category.

Monitor

Messages related to events generated on the Domino


Administrator by Server Monitoring.

Network

Messages related to the LAN.

Replica

Messages related to replication, including event handler


notifications generated by a database event generator.

Resource

Messages related to system resources.

Router

Messages related to mail events.

Security

Messages related to ID files and server and database access,


including event handler notifications generated by a database
event generators.
continued

52-16 Administering the Domino System, Volume 2

Event type

Generates

Server

Messages related to conditions on a particular server or server


connectivity. These messages can include event handler
notifications generated by Domino server event generators.

Statistic

Messages related to statistic alarms.

Unknown

Messages that have an unknown prefix and are not listed in


another event category.

Update

Messages related to indexing.

Web
Messages related to the HTTP task.
(HTTP/HTTPS)

Creating an event handler

For more information on the wizard, see the topic Using event generator
and event handler wizards, earlier in this chapter.
To create an Event Handler document
1. From the Domino Administrator, click the Configuration tab, and
open the Monitoring Configuration view.
2. Open the Event Handlers - All view, and click New Event Handler.
3. On the Basics tab in the Server(s) to monitor field, choose one:
Notify of the event on any server in the domain
Notify of the event only on the following servers. Then select the
server from a list.
4. Under Notification trigger, choose one:
Any event that matches a criteria. Then complete these fields on
the Event tab:
Field

Action

Event type

Choose one:
Events can be any type
Events must be this type. Then select the type from the list.

Event
severity

Choose one:
Events can be any severity
Events must be one of these severities. Then select a
severity level from the list.
continued
Monitoring the Domino Server 52-17

Monitoring

When you create an event generator, you can launch the event handler
wizard to create an event handler at the same time. You can also
manually create an Event Handler document in the Monitoring
Configuration database (EVENTS4.NSF).

Field

Action

Message
text

Choose one:
Events can have any message
Events must have this text in the event message. Then
type the message text.

For more information about event types and event severity levels,
see the topics Event types used to specify event criteria, and
Event generators, earlier in this chapter.
A built-in or add-in task event. Then click Select Event, select the
event from the list, and choose one:
Events can have any message
Events must have this text in the event message. Then type the
message text.
A custom event generator. Then select it from the list or click New
to create a new custom event generator.
(Optional) Click Details to view a custom Event Generator
document.
5. Click the Action tab and choose the notification method.
For more information on event notification methods, see the topic
Event handler notification methods, earlier in this chapter.
Note If you purchased an add-in product designed to work with
server-management programs, you may see additional notification
methods.
6. Choose one enablement option:
Enable this notification To enable the notification during all hours.
Enabled only during these times Then click the clock and move
the slider to select the start and end time during which this event
handler is enabled.
7. Click Save & Close.

Disabling an event handler


You may want to disable an event handler that you created. For example,
if you create an event handler to help you troubleshoot replication
problems, after you resolve the problems, you can disable the event
handler. Then, when you need to do replication troubleshooting again,
just enable the event handler.

52-18 Administering the Domino System, Volume 2

To disable an event handler


1. From the Domino Administrator, click the Configuration tab, and
open the Monitoring Configuration view.
2. Open the Event Handlers - All view.
3. Open the event handler you want to disable in edit mode.
4. Click the Action tab, and choose the field Disable this notification.
5. Save and close.

Creating log filters


By default, Domino logs all events to the log file (LOG.NSF), which can
become quite large, depending on the log level set for each event. To
prevent events from being logged either to the log file or to the server
console, create a log filter that specifies both the type and severity of the
event to filter. Then only events that meet the specified criteria appear in
the log file.

2. Click New Event Filter.


3. On the Basics tab, select the name of the server on which you want to
set log filters.
4. Click the Database tab. For the field Log unknown
types/severities? select Yes or No to filter events from the log file.
5. Choose one:
Log All Types Then specify a severity level.
Select types Then check each type of event to log.
6. Click the Console tab. For the field Log unknown types/severities?
select Yes or No to filter events from the console.
7. Choose one, and then Save & Close:
Log All Types Then specify a severity level.
Select types Then check each type of event to log.
Tip You can also create a log filter from the server console.
For more information about setting log levels, see the chapter Using Log
Files.

Monitoring the Domino Server 52-19

Monitoring

To create a log filter


1. From the Domino Administrator, click the Configuration tab and
then open the Monitoring Configuration - Log Filters view.

Viewing event handlers and log filters


You can view default and custom event handlers and log filters.
To view an event handler
1. From the Domino Administrator, click the Configuration tab.
2. Open the Monitoring Configuration - Event Handlers view.
3. Open one of these views:
All
By Action
By Author
By Severity
By Type
4. Double-click the Event Handler document to open it.
To view an event filter
1. From the Domino Administrator, click the Configuration tab.
2. Open the Monitoring Configuration - Log Filters view.
3. Double-click the Log Filter document to open it.

Viewing an event report


The Monitoring Results database (STATREP.NSF) stores statistic and
event information, depending on how you configured the Statistic
Collector server task and event handler documents. For each event, a
report records the server that originated the event; the time, severity,
type and error code of the event; and a brief description of the event.
To view a report
1. From the Domino Administrator, click the Server - Analysis tab.
2. Click the Monitoring Results - Events view.
3. Double-click a report to view the information.

Viewing event messages, causes, and solutions


Each event that occurs on the Domino system has an associated event
message that is stored in the Monitoring Configuration database
(EVENTS4.NSF). The message text often provides information about
possible causes and solutions. You can view event messages by text or by
type.
52-20 Administering the Domino System, Volume 2

To view an event message


1. From the Domino Administrator, click the Configuration tab.
2. Open the Names and Messages view, and choose one of these views:
Event Messages To view all messages, sorted by type and then
by severity level.
Event Messages by Text To view all messages, sorted
alphabetically by message text.

Customizing the appearance of the Domino server console and


Domino Administrator console

To customize the appearance of the Domino server console


1. From the Domino Administrator, click the Server - Status tab.
2. Open the Server Console view.
3. From the menu, select Live Console - Server - Set Server Console
Attributes.
4. Select the server whose attributes you are configuring.
5. Click the color palette to select a color attribute for the background
and event text. Look at the console display beneath the palette to
view your choices in real time.
Console display

Default color

Console Background

Black

Normal Events

Light grey

Fatal Events

Red

Failure Events

Magenta

Warning (High) Events

Yellow

Warning (Low) Events

White

6. (Optional) To reset the colors to the defaults, click Reset to Defaults.


7. Click Save & Close.

Monitoring the Domino Server 52-21

Monitoring

By creating a Server Console configuration document for the server you


are monitoring, you can specify the text, background, and color attributes
that the Domino server console uses to display monitoring information.
By default, the Domino Administrator server console uses the same
attributes, but you can override the defaults and customize the
appearance of the Domino Administrator server console.

To customize the appearance of the Domino Administrator server


console
1. From the Domino Administrator, click the Server - Status tab.
2. Open the Server Console view.
3. From the menu, select Live Console - Local - Set Console Properties.
4. Click the Color tab. For the field Use server default, do one:
Check the field to use the defaults set in the Server Console
Configuration document for the server. This is the default.
Clear the check box, and then select a color for background, text,
and severity levels.
5. Click the Filters tab, and clear the check box for any status level you
do not want to log to the Domino Administrator server console. The
default is all levels are checked.
6. Click the Attributes tab, and then select the font, size, and
appearance for the local console text.
To view a Server Console Configuration document
1. From the Domino Administrator, click the Configuration tab.
2. Open the Monitoring Configuration - Console Attributes view.

Using the Domino Administrator server console to monitor events


When you use the Domino Administrator server console to monitor
events, you can set a stop trigger for an event. The stop trigger causes the
console to pause and display only the event and the next 10 lines of
console text when the event occurs. In addition, you can retrieve
additional information about error messages, including possible causes
and solutions, and create event handlers.
To set or remove a stop trigger
After you troubleshoot the problem for which you set the stop trigger, be
sure to remove it.
1. From the Domino Administrator, click the Server - Status tab.
2. Open the Server Console view.
3. Click Pause or Stop to stop the logging of information to the console.
4. Do one:
To remove a stop trigger, select Live Console - Local - Remove
Stop Trigger.
To set a stop trigger, select the event for which to set a stop
trigger. Then from the menu, select Live Console - Set Watch.

52-22 Administering the Domino System, Volume 2

5. Do one to restart the Domino Administrator server console:


If you clicked Pause, click Resume.
If you clicked Stop, click Live.
To get error information
1. From the Domino Administrator, click the Server - Status tab.
2. Open the Server Console view.
3. Click Pause or Stop to stop the logging of information to the console.
4. Select the event error message for which you want more information.
5. Select Live Console - Lookup Error.
6. Do one to restart the Domino Administrator server console:
If you clicked Pause, click Resume.
If you clicked Stop, click Live.

2. Open the Server Console view.


3. Click Pause or Stop to stop the logging of information to the console.
4. Select the event for which you want to create an event handler.
5. Select Live Console - Create Local Event Handler.
6. If an event handler for the specified event already exists, you are
prompted to edit the Event Handler document or create a new one.
7. Do one to restart the Domino Administrator server console:
If you clicked Pause, click Resume.
If you clicked Stop, click Live.
For more information on event handlers, see the topic Creating an event
handler, earlier in this chapter.
To start or stop the Domino Administrator server console
1. From the Domino Administrator, click the Server - Status tab.
2. Open the Server Console view.
3. Click Live to start the console, or click Stop to stop it.

Monitoring the Domino Server 52-23

Monitoring

To create an event handler


1. From the Domino Administrator, click the Server - Status tab.

Statistics and the Domino system


Domino continuously generates and updates server statistics, which you
can collect and monitor in a number of ways. From the server, you can
use the Show Statistic or Show Platform Statistic commands. From the
Domino Administrator, you can create statistics profiles and charts.

Monitoring from the server


To collect server statistics and store them in the servers Monitoring
Results database (STATREP.NSF), the Statistic collector task (also called
the Collector task) must be running on the server or on a server
designated to collect statistics from one or more other servers.

Monitoring from the Domino Administrator


To use the Domino Administrator to monitor statistics, you must set up
statistic Administration Preferences to generate statistics reports, which
are stored in the local Monitoring Results database (STATREP.NSF).
Then you can use the Domino Administrator to monitor and chart the
statistics. In the Domino Administrator, the Collector task collects
statistics locally from specified servers and saves them to memory. For
example, when you create real-time charts, it collects statistics from the
servers listed in the statistics profiles or those selected for charting.
For more information on setting Administration Preferences, see the
chapter Setting Up and Using Domino Administration Tools.

Statistic Collector task


The Statistic Collector task, formerly known as the Collector task, gathers
statistics for one or more servers in a domain and, by default, creates
statistic reports in the Monitoring Results database (STATREP.NSF).
There are two ways to set up statistic collection. You can start the Statistic
Collector task on each server, which then collects its own statistics and
creates reports in the local Monitoring Results database. Or you can start
the Statistic Collector on one server that you set up to collect statistics
from one or more servers and create reports in a specified Monitoring
Results database.
For example, if you use one designated server to collect statistics from
other servers, you start the Statistic Collector task only on that server and
create a Server Statistic Collection document to identify the servers from
which to collect statistics. Reports are created in the Monitoring Results
database (STATREP.NSF) on the designated server.
The Statistic Collector task loads automatically on a server if it is in the
task line of the NOTES.INI file.
52-24 Administering the Domino System, Volume 2

In the Domino Administrator, the Statistic Collector starts when you start
the Domino server monitor, when you chart real-time statistics, or when
you access the Server - Statistic tab. You can also set a Monitoring
Administration Preference so that the Statistic Collector task starts
automatically when you start the Domino Administrator. The Statistic
Collector task continually adds new servers from which it gathers
statistics as you monitor or chart statistics from additional servers.
For example, in the Domino server monitor, if you begin monitoring the
servers in the Acme1monitoring profile, the Collector task begins
collecting statistics from the servers listed in the Acme1 profile. Then if
you switch to charting and chart the statistics in the AcmeEast statistics
profile, the Statistic Collector task simply adds the servers in the
AcmeEast statistics profile to the list of servers from which it is gathering
statistics. It does not stop gathering statistics from the servers in the first
group you monitored in the Acme1 profile.

You must set monitoring Administration Preferences to generate


statistics and reports and to specify the location from which you are
monitoring statistics. You set statistics Administration Preferences to
enable the reporting of statistics to the local Monitoring Results database
(STATREP.NSF), which is used when creating statistics charts. To
generate statistic event generators, you must enable statistics alarms.
For information on setting preferences, see the chapter Setting Up and
Using Domino Administration Tools.

Creating a Server Statistic Collection document


You use a Server Statistic Collection document to designate one collector
server and one or more other servers from which the collector server
collects statistics. By default, the collector server reports the statistics to
the local Monitoring Results database (STATREP.NSF), unless you
specify a different database.
To create a Server Statistic Collection document
1. From the Domino Administrator, click the Configuration tab, and
open the Monitoring Configuration - Server Statistic Collection view.
2. Click New Statistics Collection.
3. On the Basics tab, select the collecting server.

Monitoring the Domino Server 52-25

Monitoring

Setting Administration Preferences for monitoring and statistics

4. Choose one of the following:


All servers in this domain To collect statistics from all servers
connected to the collector server.
All servers that are not explicitly listed to be collected To collect
statistics from all servers in the domain from which statistics are
not currently being collected.
From the following servers Then choose the servers from which
to collect statistics.
5. To log statistics to a database click the Options tab. Check the field
Log statistics to a database and then complete these fields:
Field

Action

Database to receive
reports

Enter the name of the database to store the


reports. The default is STATREP.NSF.

Collection report interval Enter the number of minutes between reports.


The minimum is 15; the default is 60.
Collection alarm interval Enter the number of minutes between alarms.
The minimum is 15; the default is 60.
Statistic filters

Select the types of statistics to omit from the


report.

6. Click Save & Close.

Platform statistics
In addition to tracking server statistics, Domino tracks operating-system
performance statistics. You can view these statistics from the Domino
Administrator, along with your Domino statistics, which helps you with
Domino server monitoring and tuning. You can include platform
statistics in any statistic monitoring task you perform with the Domino
statistics, including using them in monitoring and statistic profiles, and
charting them.
There may be slight overhead incurred while running platform statistics,
however the overhead is insignificant. No disk space is consumed by
enabling platform statistics, since no log files are created. As with
Domino statistics, disk space is used only if you log platform statistics to
the log file or to the Monitoring Results database (STATREP.NSF). The
amount of disk space used depends on the frequency of capture.

52-26 Administering the Domino System, Volume 2

By default, the Statistic Collector task continuously gathers these statistics:

Logical disk Statistics for individual disks and total percent use of
all disks

Paging file Statistics that show use of paging files

Memory Statistics showing memory allocation and use, including


available memory

Network Statistics for individual network adapters and


cumulatively for all the network adapters on the system

Process Statistics that show the percent of CPU use, along with
process ID of Domino tasks, if the task is present. (Information for
idle tasks is reported as zero.)

System Statistics on the information captured for example, a


summary of system CPU use and queue length.

Platform statistics on partitioned servers

Confirming platform statistics metrics using other performance monitoring


tools
Because of the differences in sampling intervals, you cannot use native
monitoring tools to confirm platform statistics. There will be
discrepancies between platform statistics and those obtained using
Perfmon (for Windows NT or Windows 2000) or a system command,
such as this UNIX command:
iostat /vmstat/ netstat

Viewing platform statistics


From the console, you can use the Show Stat Platform command to view
all platform statistics or just a subset of them. When you show all the
platform statistics, they display alphabetically in these categories:

Logical disk

Memory

Network

Paging file
Monitoring the Domino Server 52-27

Monitoring

When collecting statistics from a partitioned server, Domino collects


platform statistics that pertain to the system as a whole, not to an
individual partition. For example, memory use or CPU use statistics are
the same value on a partitioned and non-partitioned server. The only
statistics that are specific to a partition are those that reflect tasks, such
process statistics, where one partition might run 10 tasks, while another
partition runs 15 tasks.

Process

System

To view a list of all statistics


To view a list of all statistics, use the Show Stat command.
For more information on server commands, see the appendix Server
commands.

Controlling platform statistics reporting


From the console, you can use the Platform command to set a sampling
period that determines how often statistics are gathered, and you can pause
and resume the collection of platform statistics. In addition, you can control
how often statistics are reset to zero and samplings are gathered.
Three types of statistic values are reported:

Fixed Statistic values that do not change. They include


information such as number of disks, or an assigned name. For
example, in the statistic Platform.LogicalDisk.<identifying
number>.PctUtil, the identifying number is a variable that identifies
the disk. This information does not change when you issue a
Platform Reset command.

Primary Statistic metrics from which secondary statistics are


derived. For example, the total paging file utilization statistic
(Platform.PagingFile.TotalPctUtil) is the basis for secondary statistics
that calculate the average and the peak values
(Platform.PagingFile.TotalPctUtil.Avg and
Platform.PagingFile.TotalPctUtil.Peak).

Secondary Statistic values that are a combination of or are derived


from primary statistics. For example, these are often average,
minimum, or peak statistics.

For information on using the Platform command, see the appendix


Server Commands.

Evaluating platform statistics


Use this information to help you evaluate platform statistics.

Using Perfmon on Windows 2000 and Windows NT systems


If you use Perfmon on Windows NT or Windows 2000, some counters
may report inaccurate information because of the way that Perfmon
collects statistics. Logical disks that are actually very busy may report
average queue lengths of zero. Unplugged network adapters may show
traffic.
52-28 Administering the Domino System, Volume 2

Network statistics
On Solaris, AIX, and OS/400, Domino provides statistics for a
maximum of ten network adapters. On Windows 2000 and Windows NT,
there is no limit on the number of network adapters. The loopback
interface is not included in the list of adapters. On AIX, only Ethernet
and token ring network adapters are supported.

Process statistics
On Windows 2000 and Windows NT, when you view process statistics,
the Percentage Total Domino CPU Utilization value may be greater than
the Total System CPU Utilization. This is because the CPU utilization
value for each individual process is calculated based on the total number
of processes used in a sampling interval.

On Solaris, AIX, and OS/400 platforms, process statistics indicate how


busy the processes are, but these are not absolute values. On these
platforms, the utilization is based on how busy the processes are in the
current sampling period as compared to how busy they were in the
previous sampling period. For example, if a process reports 30%
utilization in the first sampling and 60% in the second, the process is
twice as busy.
On all platforms, by default, the performance statistics for processes that
are idle have the value zero.

Logical disk statistics


On Windows NT, Windows 2000, and Solaris, the values for disk
utilization counters may exceed 100%, indicating that the disks are being
heavily utilized. Similarly, on multiprocessor systems, the individual
CPU utilization for a process may exceed 100%, depending on the
number of processors in the system.
On OS/400, there are statistics for a maximum of ten logical disks
(auxiliary storage pools).

Monitoring the Domino Server 52-29

Monitoring

On Windows 2000 and Windows NT, Domino process names include the
letter n as a prefix. For example, in Perfmon, Adminp the process
name for the Administration Process is nadminp. To maintain
platform-independence in naming, Domino does not include the prefix
on any platform statistics.

System statistics
On Windows 2000 and Windows NT, the value of the combined CPU
utilization statistic (Platform.System.PctCombinedCpuUtil) is not defined
as sum of the user and privileged CPU utilization values
(Platform.PctUserCpuUtil and Platform.PctPrivilegedCpuUtil). However,
on Solaris and AIX, the value of the combined CPU utilization statistic is
defined as sum of the user and privileged CPU utilization values.

Viewing information about platform statistics


To view information about platform statistics, open the Monitoring
Configuration database (EVENTS4.NSF), which includes a complete list
of platform statistics and average and peak values, where applicable. In
addition, the Monitoring Configuration database also lists equivalent
metrics from other performance-monitoring tools, as well as displays
statistic descriptions and reports.
To view a list of platform statistics and definitions
1. Click the Files tab.
2. Open the Monitoring Configuration database (EVENTS4.NSF).
3. Open the view Names & Messages (Advanced) - Platform Statistic
Names.
4. Select one:
Domino 6 To view platform statistics available for both Domino
5 and Domino 6 servers.
R5 To view platform statistics available only for Domino 5
servers.
5. Select a statistic, and click the triangle to expand the view for average
and peak values, if available.
6. Double-click the name of the statistic to open the Statistic Description
document.
To view statistics reports
You can view a predefined set of platform statistics reports for each
server. For more information on viewing platform statistics reports, see
Viewing statistics reports later in this chapter.

Disabling platform statistics


By default, platform statistics are enabled. To disable platform statistics,
enter this setting in the NOTES.INI file, and then restart the Domino
server:
Platform_Stastics_Disabled=1
52-30 Administering the Domino System, Volume 2

Using the Domino Administrator to monitor statistics


Using the Domino Administrator, you can create a statistic profile that
you use to monitor the same set of statistics periodically or to compare
performance on different servers. You can view statistic reports or view
real-time statistics. You can also chart statistics in real time or historically.
You can monitor statistics in the following ways:

View statistic reports of the most commonly used statistics.

View default statistic thresholds

Define new statistics

View a list and description of all statistics

Export statistics to a spreadsheet

Mail statistics to a mail-in database

Create a statistic profile

Domino includes these default statistics reports:

Calendaring and Scheduling

Clusters

Communications

Mail and Database

Network

Platform

System

Web Server & Retriever

The information in these reports provides a subset of statistics in each


category. To view all statistics, use the Show Statistic command at the
console or from the Domino Administrator, click the Server - Statistics
tab.
To view statistics reports
1. From the Domino Administrator, click the Server - Analysis tab.
2. Click the Monitoring Results view, and select Statistics Reports.
3. Select a report.

Monitoring the Domino Server 52-31

Monitoring

Viewing statistics reports

Viewing default statistic thresholds


Each Domino statistic has an associated default threshold that you use
when you create an event generator. Statistic thresholds are stored in the
Monitoring Configuration database (EVENTS4.NSF).
To view a default statistic threshold
1. From the Domino Administrator, click the Configuration tab.
2. Open the Names and Messages view, and then open the Default
Statistic Threshold view

Viewing descriptions of statistics


The Monitoring Configuration database (EVENTS4.NSF) includes a
complete list of statistics. For more information on a statistic, select the
statistic and view the Statistic Description document.
To view a statistic description
1. Click the Files tab.
2. Open the Monitoring Configuration database (EVENTS4.NSF).
3. Open the view Names & Messages (Advanced) - Statistic Names.
4. Double-click the name of a statistic to open the corresponding
Statistic Description document.

Creating a new statistic


You can create a new statistic and then use it in statistic profiles and
statistic charts. To use a new statistic to create a statistic event generator,
you must specify a threshold.
You can create an operating system statistic for use as a template. You
can create a new statistic template that includes a variable. For example,
you can create a statistic that includes the variable <portname>. Then to
collect statistics on more than one port, copy the statistic and replace the
variable with the actual port name.
When you create a statistic, you define the type of data the statistic will
collect and the measurement unit. You also specify whether it is an
operating system statistic or a trended statistic.
Trended statistics are gathered by the Activity Trends Collector task, and
used to provide activity trends statistics information. The Activity Trends
Collector task is used by the IBM Tivoli Analyzer for Lotus Domino.
For more information on the IBM Tivoli Analyzer for Lotus Domino and
resource balancing, see the topic Activity Trends for IBM Tivoli Analyzer
for Lotus Domino.
52-32 Administering the Domino System, Volume 2

For more information on the IBM Tivoli Analyzer for Lotus Domino and
resource balancing, see the chapter Using IBM Tivoli Analyzer for Lotus
Domino.
To create a new statistic
1. From the Domino Administrator, click the Configuration tab, and
open the Monitoring Configuration - Names & Messages (Advanced)
- Statistic Names view.
2. Click New Statistic.
3. On the Basics tab, complete these fields:
Field

Action

Statistic name

Enter the name of the new statistic.

Data type

Choose one:

Statistic unit

Enter one:
The unit in which the statistic is measured for
example, bytes or minutes
The word none, if this is a text statistic

Statistic description

Enter a description of the statistic

4. Click the Advanced tab, and do one of the following:


If you selected Text or Time as the data type, go on to Step 5.
If you selected Number as the data type, in the Normal values
field, enter a normal value for this statistic for example, 350KB
or the word varies, if the normal value of the statistic varies.
5. For the field Is an OS statistic? the default is No. Check Yes if the
statistic is an operating system or platform statistic.
6. For the field Is an Activity statistic? the default is No. Check Yes if
the if the statistic is generated using the Activity Trends Collector
task, and then check one or more of the following:
Has trended values If the statistic has both trended and
last-occurrence values.
Has prime/24-hour values If the statistic includes values for the
prime shift and for a 24-hour period.
Is user selectable If the statistic will be used as a selection for
example, in a dialog box.
Used in resource balancing If the statistic will be used when
balancing resources using the IBM Tivoli Analyzer for Lotus
Domino.
Monitoring the Domino Server 52-33

Monitoring

Text
Number
Time

7. For the field Is a statistic template? the default is No. Check Yes if
the statistic will be used to create other statistics using a variable
for example, <portname>.
8. For the field Useful for thresholds? the default is No. Check Yes if
this statistic will be used to generate statistic alarms. To use this
statistic in a statistic event generator, you must define a threshold.
Complete these fields:
Field

Action

Threshold operator

Select the condition against which to evaluate the


threshold:

Less than
Greater than
Multiple of
Percentage of

Threshold value

Enter a number.

Event severity

Select the severity that will cause an alarm.

Suggested response

(Optional) Enter an explanation of a how to resolve


the event that caused the alarm.

Useful in setup

Click Yes to use the statistic during setup and


include this statistic when a new Monitoring
Configuration database (EVENTS4.NSF) is created.

9. Click Save & Close.

Exporting statistics to a spreadsheet


To perform further analysis, you can export a statistics report to a
spreadsheet.
1. From the Domino Administrator, click the Server - Analysis tab.
2. Open the Monitoring Results - Statistics Reports view.
3. Select the report you want to export, and click File - Export.
4. In the Export dialog box, enter a name for the file, and select a file
type.
5. Click Export.
6. For How much to export, choose one:
All documents
Selected documents
7. For Detail to incorporate, check Include view titles to include
titles.

52-34 Administering the Domino System, Volume 2

Using mail-in statistics


If you can access Notes mail on a server, you can collect statistics from
the server and mail them to yourself. Use mail-in statistics when the
Domino Administrator is not available or you do not have administrator
access to a server.
When you start the Stats task, Domino creates a mail-in database
(STATMAIL.NSF) for the server. The title of the mail-in database is server
Stats/org. For example, for the Everest server in the Acme organization,
the mail-in database is titled Everest Stats/Acme. By default, during
server registration, a Mail-in Database document is created. This
document, which is stored in the Domino Directory, defines the
properties and location of a database that can receive mail. To open the
document from the Domino Administrator, click the People & Groups
tab, and then open the Mail-in Databases & Resources view.

To mail statistics to yourself


1. Open the Monitoring Configuration database (EVENTS4.NSF).
2. Choose Create - Mail - Message.
3. Complete these fields, and then send the message:
Field

Action

To

Enter the title of one or more mail-in databases for one or more
servers.

Subject

Do one:
Enter a statistic category for example, disk or platform
to get a subset of statistics.
Enter the name of one statistic for example, Disk.C.Free.
Use an asterisk to indicate a group of specific statistics. For
example, enter Disk.C.* to report all disk statistics for drive C.
Leave the field blank to mail all server statistics.

Monitoring the Domino Server 52-35

Monitoring

You can mail all or a subset of statistics to yourself. The names of all
statistics are listed on the Configuration tab in the Monitoring
Configuration - Names & Messages (Advanced) view. The category for a
statistic is the first part of the statistic name. For example, the category
for the statistic Disk.C.Free is Disk.

Charting statistics
You can graphically display the statistics generated by Domino, by
creating statistics charts. To chart sets of statistics on a regular basis, you
can define statistics profiles. Using statistics charts you can track and
visualize statistics in real time or historically. Real-time charts reflect the
current server activity. Historical charts pull information from the local
Monitoring Results database (STATREP.NSF). You can also create
statistic profiles so that you can chart a specified set of statistics
routinely.
To create statistics charts you must enable the field Generate statistic
reports while monitoring or charting statistics in Administration
Preferences, and the Domino server monitor must be running.
For more information on setting Administration Preferences for statistic
monitoring, see the chapter Setting Up and Using Domino
Administration Tools.
When you chart statistics, you choose the servers and the statistics to
chart. Using the charting feature you can:

Create and edit statistic profiles

Remove existing statistic profiles or combine them into a new one

Gather historical statistics over a specified period of time

View the details of each statistic

View an isolated statistic

Start and stop real-time charting dynamically

Use right-click functionality to add a statistic event generator

Note Charting is not available in the Web Administrator.

Creating statistic profiles


You can create a statistic profile to capture information about specific
performance patterns or problems. For example, if your system has a
slow response time, create a profile to gather statistics on memory, buffer
pool size, database cache, and number of users. Then save the statistic
profile so that you can later run the same analysis.
Note Statistic profiles are not available in the Web Administrator.

52-36 Administering the Domino System, Volume 2

To create a statistic profile


1. From the Domino Administrator, click the Server - Performance tab.
2. Do one:
If there are no statistics profiles displayed in the statistic profiles
list, click Add.
If there is a statistic profile currently displayed, choose
Performance Monitor - Saved Statistics Profiles - New to clear the
list, and then click Add.
3. Select the domain and server for which you are creating the statistic
profile.
4. Choose one:
Bundled statistics To create a group made up of predefined sets
of statistics.
Individual statistics To create a new group made up of selected
individual statistics.

6. Click Done, choose Performance Monitor - Saved Statistics Profiles Save As, and then type a name for the statistic profile.

Displaying and manipulating statistic charts


You can view a chart of historical or real-time performance statistics. Use
a real-time chart to view a current performance problem or assess current
peak usage. Use a historical chart to monitor statistics over period of time.
Note The charting feature is not available in the Web Administrator.
To scale the data
Before you chart statistics that are in vastly different number ranges
for example, dead mail, which has a usual range of 0 to 10, and disk
space, which might be in gigabytes enable Autoscale. Disable
Autoscale when you chart statistics that all have a low number range
for example, from 0 to 500
To change the color of a statistic
1. From the Domino Administrator, click the Server - Performance tab.
2. Click the color bar on the statistic list.
3. In the Line Color dialog box, click the arrow, and do one of the following:
Click the Notes tab, and select a predefined color.
Click RGB and then use the sliders or dropper to create a custom
color. When you have the color you want, click the color that
displays in the box.
Monitoring the Domino Server 52-37

Monitoring

5. Click the arrow to open a statistic category. Select the specific


statistic, and then click Add.

To change the layout of the panes


You can change the layout of the chart display using the Performance
Monitor menu or the layout button:

1. From the Domino Administrator, click Server - Performance.


2. From one of the Statistics charting views, choose Performance
Monitor - Layout, and then choose one:
Maximized To display only the statistic chart.
Maximum Width To display the list of statistics and the statistic
chart.
Maximum Height To display the statistic chart and the server
pane.
Restore To restore the original layout.
To manipulate statistic performance charts
The following table describes ways to view the information on statistics
performance charts.
Task

Action

Stop or start the charting

Click the Stop/Start button.

Get a numerical representation of Click the statistic in the profile list. Then
a graphical statistic
look at the bar area between the profile list
and the chart.
Get a textual representation of
the statistic chart

Double-click the chart to display a document


that you can edit and print.

Chart an isolated statistic

Double-click a graph line.

52-38 Administering the Domino System, Volume 2

To add or remove a statistic


You can add or remove a statistic or a server from a statistic chart
without affecting the statistic profile.
1. Select the statistic profile.
2. Do any of the following:
Task

Action

Dynamically remove a statistic


from the chart displayed

In the profile list, clear the check box


next to the statistic.

Dynamically add a statistic

Click Add, and then select a statistic.

Dynamically add a server

Click the down arrow, and then select a


server.

Dynamically remove a statistic

Select a statistic in the profile list, and


then click Remove.

Note Save the profile to keep any changes.

To modify a statistic profile, you can add or delete statistics, add servers,
or save or delete the entire profile. To add or remove statistics and
servers from a profile for the current session only, make the changes, but
dont save the profile.
To modify a statistic profile
1. From the Domino Administrator, click the Server - Performance tab.
2. Select a statistic profile from the list, and do any of the following:
Task

Action

Add a statistic

1. Click Add.
2. Select the Domain and server, and then select
the statistic.
3. Click Add Statistic.

Add a server

1. Click the down arrow next to the Add button,


and then click Add Server.
2. Specify the Domain and server, and then click
Add.

Delete (remove) a
statistic from a profile

Select the statistic, and click Remove.

Delete the entire profile

1. Select the name of the profile in the Statistics


profile field.
2. Click Performance Monitor - Saved Statistics
Profiles - Delete.

Monitoring the Domino Server 52-39

Monitoring

Modifying statistic profiles

3. To save the profile, do one:


Click Performance Monitor - Saved Statistics Profiles - Save To
overwrite the original statistic profile with the changes.
Click Performance Monitor - Saved Statistics Profiles - Save As
To save the modified statistic profile under a new name, leaving
the original statistic profile intact.

Domino server monitor


The Domino server monitor displays real-time statistics and provides a
visual representation of the status of servers and server tasks. You can
view all servers or a subset of servers, and you can view the status by
state or by timeline.
The Domino server monitor creates a set of default system profiles that
include all servers, servers in each domain, servers in clusters in each
domain, and servers in the Favorites bookmark file. In addition, you can
create custom profiles that specify the servers, server tasks, and statistics
to monitor. For example, you can create a mail-server profile and select
only server tasks and statistics related to mail delivery.
You can use the server monitor to perform these tasks:

View server monitor statistics by timeline or by state

Display past error states only

Add or remove a server to monitor

Add or remove server tasks or statistics from a selected server or


from all servers

Create and edit server monitor profiles

Move to the Status or Messaging tab to troubleshoot an error report

Sort statistics columns that have numerical values

Use right mouse functionality to retrieve additional information


about a statistic

For numerical statistics, display the difference between the current


statistic and the statistic generated one hour earlier

Note The Domino server monitor is not available in the Web


Administrator.

52-40 Administering the Domino System, Volume 2

Starting the Domino server monitor


The Domino server monitor does not start by default; however, you can
change the monitoring defaults in the Administration Preferences so that
it does.
To start or stop the server monitor manually
1. From the Domino Administrator, click the Server - Monitoring tab.
2. Do one:
To start the server monitor, click the Green arrow. When the
server monitor is running, the arrow changes to a Red stop button.
To stop the server monitor, click the Red stop button.
To start the server monitor automatically
1. From the Domino Administrator, click the Server - Monitoring tab.
2. Click File - Preferences - Administration Preferences.
4. Enable Automatically monitor servers at startup.
For more information on setting Administration Preferences, see the
chapter Setting Up and Using Domino Administration Tools.

Viewing the Domino server monitor


The Domino server monitor has two views: By Timeline and By State.
The By Timeline view displays historic information about server status.
The By State view displays real-time statistics and status of server tasks.
By Timeline view
Use the By Timeline view to track the status of server tasks. In this view,
you can see which tasks are having problems and approximately when
the problems occurred. Using the Column scale selector, you can choose
a data display time interval of 1 to 60 minutes. As you increase the time
interval, you increase the summation of the data. You can change the sort
order of both the Server Name and Server Status columns in this view.
By State view
The By State view displays a detailed status of Domino servers and their
associated tasks and statistics. Each server and server task displays a
status indicator that identifies its current state. Using the option Display
past states reporting errors exclusively, you can view only error states.
If a statistic is numeric, you can display the difference between the
current statistic value and its value from one hour earlier. A differences
icon appears in the statistic column and points to the previous value. In
this
Monitoring the Domino Server 52-41

Monitoring

3. Click Monitoring.

view, you can change the sort order of the Server Name and Server
Status columns and of any Statistic Value columns that contain numeric
values.
To view the Domino server monitor
1. From the Domino Administrator, click the Server - Monitoring tab.
2. Choose one view:
By Timeline Then set the Column scale selector to a value from
1 to 60 minutes.
By State Then to view past errors only, select the check box
Display past states reporting errors exclusively.
3. Click Start to start the server monitor.
Note If you enable Automatically monitor servers at startup in
the Administration Preferences, the server monitor starts
automatically and monitors the most recently viewed profile.

Setting task status indicators for the Domino server monitor


In the By State view, each task that you monitor has an associated status
level. You determine which status levels to monitor, then each task that
you monitor displays a current status indicator or task error.
For example, you may want to turn off the status indicators for tasks that
are not running or those that are running without a problem. You may,
however, want to see tasks that are generating failure or fatal errors. The
status level indicators display which tasks are generating errors that may
need your attention.
To enable task status indicators
1. From the Domino Administrator, click Server - Monitoring.
2. Check the box to enable the following task indicators:
Indicator

Meaning

Fatal

The task is running, but fatal errors are being


generated.

Failure

The task is running, but failure errors are being


generated.

Warning

The task is running, but warning errors are being


generated.

Not responding

The task is running slowly.

Not running

The task has not been running since the server monitor
started.

Running

The task is running without a problem.

52-42 Administering the Domino System, Volume 2

Profiles and the Domino server monitor


To facilitate monitoring servers, tasks, and statistics, the Domino server
monitor creates a set of default profiles:

All servers Includes all servers in all domains you are monitoring,
as listed in Administration Preferences

Domain name Domain Includes all servers in the named domain

Favorites Includes all servers in the Favorites bookmark file

Clusters Includes clusters within the domains being monitored

By default, the Domino server monitor contacts servers in the currently


displayed profile and any profiles that have been displayed since the
monitor started.
To customize the profiles that the Domino server monitor uses, you can
do any of the following:
Modify a default profile

Create a new profile

Specify the profiles to monitor on startup

Note The Domino server monitor and profiles are not available in the
Web Administrator.

Modifying a default profile in the Domino server monitor


You can add tasks or statistics to a default profile. If you add or remove a
server from a default profile, Domino prompts you to save the profile
with another name.
1. From the Domino Administrator, click the Server - Monitoring tab.
2. Select a default profile.
3. From the Monitoring menu, select one of the following:
Monitor New Task
Monitor New Statistic
Remove Task
Remove Statistic
4. Choose one or more tasks or statistics from the task list, and then
click OK.
Note You do not need to save the profile. The change remains in effect
when you end the Domino session

Monitoring the Domino Server 52-43

Monitoring

Creating a custom profile in the Domino server monitor


To create a custom profile, you modify a default profile and then save it
with a new name.
1. From the Domino Administrator, click the Server - Monitoring tab.
2. Select a system profile to modify.
3. To add or remove tasks or statistics, do the following:
a. Select the server whose tasks or statistics you want to modify.
b. From the Monitoring menu, select one of the following:
Monitor New Task
Monitor New Statistic
Remove Task
Remove Statistic
Select the task or statistic to add or remove.
4. To add a server, select Monitoring - Monitor New Server, and then
select the server from the list.
5. To remove a server, select the server to remove, and then select
Monitoring - Remove Server.
6. Choose Monitoring - Save as, and enter a new profile name.

Specifying profiles to use when you start the Domino server monitor
By default, the profile that was being monitored when you stop the
server monitor is the profile that will be monitored when you start the
server monitor. To override this default behavior, you can specify which
profiles to monitor when you start the Domino server monitor.
1. From the Domino Administrator, click the Server - Monitoring tab.
2. Select a server profile.
3. From the Monitoring menu, select Profile Properties.
4. Make sure the name of the profile you want to monitor at startup is
displayed.
5. Check Contact servers in this profile at startup.
Tip You can also rename a nonsystem profile in Profile Properties.

Using shortcuts in the Domino server monitor


The Domino server monitor includes shortcuts that provide additional
information on the server and server task status without having to move
from the Server - Monitoring tab.

52-44 Administering the Domino System, Volume 2

You can perform the following tasks to troubleshoot server performance


using the Domino server monitor:

Open a different Domino Administrator tab from the Domino server


monitor

Display the differences in current and previous statistic values

View additional information about a server or server task

Create an event handler for a server that is down


Note The Domino server monitor is not available in the Web
Administrator.

Or perhaps you are monitoring 14 servers, and troubleshooting dead


mail statistics (dead.mail). To see which servers have the highest amount
of dead mail, sort the statistic column so that the servers with the most
dead mail messages appear at the top. To get an idea of when the dead
mail really started piling up, locate the cursor in the Dead statistic
column and right click. Select Show Statistics Difference to see if the
error occurred within the last hour. To release the dead mail, right click
and select Display Messaging tab to switch to the Messaging - Mail tab.
To open a different Domino Administrator tab from the Domino
server monitor
1. From the Domino Administrator, click the Server - Monitoring tab.
2. Select a server.
3. From the Monitoring menu, select one:
Display Status Tab To view the status and access the Server
Console to issue commands for the selected server
Display Messaging Tab To monitor mail tracking for the
selected server

Monitoring the Domino Server 52-45

Monitoring

Example using the Domino server monitor


Suppose you are monitoring eight servers and are troubleshooting errors.
Server Hub-E/East/Acme appears at the top of the server list and
displays a failure indicator. In the By State view, you notice that one of
the status indicators is reporting a Failure error. You can tell from the
column which server task is reporting the error, but you still dont know
what the error is. Hover over a task status indicator or to see a brief
explanation of the problem. To take immediate constructive action on the
server, you select the server, right click and select Display Status Tab.
You are now ready to diagnose and take corrective action from the
Server - Status tab.

To display differences for statistic values


For numerical statistics, you can display the difference between the
current statistic value and its value from one hour earlier. A delta icon
appears in the statistic column when the earlier, or differences value is
displayed. If the server monitor has been running less than one hour, it
displays the difference between the current statistic value and the oldest
value available.
1. From the Domino Administrator, click the Server - Monitoring tab.
2. Click in the statistic column to select the statistic.
3. From the Monitoring menu, select Show Statistics Difference.
4. To remove the difference value and icon, click the statistic column,
and chose Monitoring - Show Statistics Difference again.
To view additional information about a server or task
1. From the Domino Administrator, click the Server - Monitoring tab.
2. Do one:
Server tasks In either view, locate the cursor in the tasks frame
and hover over the error indicator to see what event cause the
error.
Servers In either view, locate the cursor in the server pane and
hover over the error indicator to see what event cause the error.
To create event handlers and event generators
You can generate statistic events and invoke event handlers when a
server goes down or comes back up, when a task reports an error, or
when a statistic has reported a particular threshold.
1. From the Domino Administrator, click the Server - Monitoring tab.
2. Do one:
Locate the cursor in the server pane and right click.
Locate the cursor in the tasks pane and right click. Select Create
event handler and then select one of the following to create an
event handler when a task reports an error.
Any Error (Local)
Current Error (Local)
Current Status (Local)
Current Error (On Server)
Locate the cursor in the statistics pane and right click. Select
Create event generator and then select either local or server to
create a new statistics event generator.
52-46 Administering the Domino System, Volume 2

Chapter 53
Using the Domino SNMP Agent
This chapter provides information about the Domino Simple Network
Management Protocol (SNMP) Agent and the Domino Management
Information Base (MIB), which allow aspects of Domino to be monitored
and managed by third-party management stations.

The Domino SNMP Agent

LNSNMP An independent application that receives trap


notifications from the Event Interceptor and then sends them to the
management station using the platform-specific, master SNMP
Agent. LNSNMP also handles requests for Domino-related
information from the management station by passing the request to
the QuerySet Handler and responding back to the management
station. LNSNMP includes the:
Recent Trap Table A dynamic table stored in LNSNMP
containing the last ten trap notifications sent from the Event
Interceptor.
Trap Generator Part of the Domino SNMP Agent that receives
Domino events from the Event Interceptor and sends them to the
management station using the master SNMP Agent.

QuerySet Handler An add-in task that queries server statistics


information and sets the value of configurable Domino-based
parameters. The QuerySet Handler returns Domino statistics
information to LNSNMP, which then forwards the information to the
management station using the platform-specific, master SNMP
Agent.

Event Interceptor An add-in task that responds to the SNMP Trap


notification for Domino Event Handlers by instructing the Trap
Generator to issue a trap.

53-1

Monitoring

The Domino SNMP Agent enhances the monitoring and control features
of Domino by enabling third-party management stations, which use
industry standard SNMP, to manage aspects of the Domino server. It
consists of:

The Domino SNMP Agents main functions


The agent provides:

Out-of-band server status through the MIB

Control of a Domino server through SNMP

Real-time alerts on server status

Forwarding of Domino events as SNMP traps

Domino statistics through the MIB

The Domino SNMP Agent supports SNMP version 1.


Out-of-band server status through the MIB
The Domino SNMP Agent constantly monitors the status of the server
indirectly through a Domino SNMP Agent server add-in task using IPC
to determine whether the server is up or down. The Domino SNMP
Agent is not a Lotus Notes API application; all of its status information is
gathered out of band.
Control of a Domino server through SNMP
The following three control functions are available through SNMP:

Stop the Domino server

Start the Domino server

Reboot the operating system


Note Rebooting is not supported on the zSeries (S/390) platform.

As a security feature, these functions are not available by default. Each


function must be configured on a per-server basis.
Real-time alerts on server status
The Domino SNMP Agent constantly monitors the status of the server.
Changes in status are sent as SNMP traps. Real-time alerts on server
status significantly enhance monitoring whether a server is up or down
in three ways:

The information is provided in real-time.

The information is available out-of-band. Determining whether the


server is up or down does not require the Notes client or Domino
server.

53-2 Administering the Domino System, Volume 2

The information is qualitatively better. Instead of two states, up or


down, SNMP can determine seven states or events as follows:
Message

Status

Specific trap Clearing


trap
number
number
11

12

Domino server is shut down:


Disabled
[server name] (This server has been
shut down by a console command
or using SNMP.)

12

11

Domino server pulse has failed:


[server name] (This server is
excessively busy or unresponsive
to the SNMP pulse.)

Warning

13

14

Domino server pulse is restored:


[server name] (This server is no
longer busy and now responding
to the SNMP pulse.)

Normal

14

13

System is rebooting (The Domino


SNMP Agent is rebooting the
entire system.)

Informational

15

N/A

Domino server is not responding: Critical


[server name] (This server may
have crashed or hung.)

16

17

Domino server is now


responding: [server name] (This
server is now responding again.)

17

16

Normal

Note The above traps are all Generic number 6.


The most important additional state is whether the server has been
disabled intentionally. This avoids situations such as paging support staff
during periods of routine maintenance.
The method for determining the server state is a pulse between LNSNMP
and its Domino server add-in tasks (first the QuerySet Handler or else
the Event Interceptor). Traps 13 and 16 get raised only if LNSNMP first
determines that the server is working by communicating with the SNMP
add-in tasks. Traps are not raised if the server starts up with a problem.
Trap 16 will occur if the trap 13 condition persists (server not responding);
in other words, you will see a trap 13 before you see a trap 16.

Using the Domino SNMP Agent 53-3

Monitoring

Domino server is up: [server name] Normal


(This server has been started by a
console command or using
SNMP.)

Forwarding of Domino events as SNMP traps


Forwarding of Domino events is similar to real-time alerts. SNMP traps
are forwarded in real-time as soon as Domino generates them using the
Event server task. Statistics monitors are not strictly real-time because
Domino generates them only periodically using the Collector server task.
One advantage of the Domino SNMP Agent is that it allows these events
to be consolidated across Domino domains.
The text message of the Domino event contains several items of
information that are labeled as follows:
Server Full name of the originating Domino server.
Type Event Type (see below).
Severity Event Severity (see below).
TimeStamp Time stamp is converted to UNIX Epoch format. Note
that this is the servers time stamp, not the consoles.
Text The Event Message (in the local language of the server).
Seq Assigned by LNSNMP.
Note All of these fields come directly from the Domino server
except for the Seq field.
Type codes are numeric and correspond to the respective Event Types
seen in Domino Event Monitors:
0 Unknown
1 Comm
2 Security
3 Mail
4 Replica
5 Resource
6 Misc
7 Server
8 Statistic
9 Update

53-4 Administering the Domino System, Volume 2

Severity codes are numeric and correspond to the respective Event


Severities seen in Domino Event Monitors:
0 Unknown
1 Fatal
2 Failure
3 Warning (high)
4 Warning (low)
5 Normal
Domino statistics through the MIB
Many Domino statistics are available using SNMP. Its possible to see
which MIB objects are derived directly from Domino statistics by
examining comments in the Domino MIB that begin with the string
--<<.

Domino SNMP Agent architecture


Domino SNMP Agent services are provided by two types of programs:

LNSNMP The Lotus Notes SNMP agent. As an independent


application, LNSNMP is insulated from most Domino server
malfunctions and, by itself, adds negligible overhead to the server.

Two Domino server add-ins the QuerySet Handler and the Event
Interceptor.
The QuerySet Handler and the Event Interceptor depend on the
Domino server; if the server fails for any reason, these programs fail
as well.

The following components comprise the Domino SNMP Agent


architecture:

A platform-specific master SNMP Agent An independent,


non-Lotus, agent usually supplied with the operating system
platform that provides SNMP services for the machine. This SNMP
Agent transports the SNMP traps and Get/Set responses across the
network to the management station.
Using the Domino SNMP Agent 53-5

Monitoring

SNMP security
SNMP version 1 is not a secure protocol. SNMPs native security uses
only community names and IP addresses. All sites should review
deployment of the Domino SNMP Agent with their security staff.
However, the control functions provided by the Domino SNMP Agent do
not present significant security risks (for example, access to the console
or databases is not affected).

The Domino SNMP Agent consisting of:


LNSNMP Which receives trap notifications from the Event
Interceptor and then forwards them to the management station
using the platform-specific SNMP Agent. LNSNMP also handles
requests for Domino-related information from the management
station by passing the request to the QuerySet Handler and
responding back to the management station.
QuerySet Handler Which queries server statistics information,
sets the value of configurable Domino-based parameters, and
returns Domino statistics information to LNSNMP, which then
forwards the information to the management station using the
platform-specific master SNMP Agent.
Event Interceptor Which responds to the SNMP Trap
notification for Domino Event Handlers by instructing LNSNMP
to issue a trap.

The Domino MIB A standard Management Information Base (MIB)


file for Lotus Domino servers that can be compiled and used by a
network management program such as NetView or OpenView.

The architecture looks like this:

For additional information, refer to your operating systems or network


management tools documentation (such as NetView or OpenView).
53-6 Administering the Domino System, Volume 2

About the Domino MIB


The Domino Management Information Base (MIB) covers only the
Domino server and not any other IBM or third-party server add-ins. The
branch (object ID) is named:
iso.org.dod.internet.private.enterprises.lotus.notes

and is numbered 1.3.6.1.4.1.334.72.


The main branches in numeric order are as follows:
lnInfo Information about the server provided by the QuerySet
server add-in task. This includes values and sub-branches. The main
sub-branch is lnStats, which contains the Domino statistics organized
into sub-branches that mirror the Domino statistics branches. For
example, the Server.* Domino statistics are in the lnServer
sub-branch. Comments with these objects, beginning with the string
--<<, indicate which Domino statistic an object is derived from.

lnControl Values provided by LNSNMP including those


monitoring and controlling the server.

lnInterceptor An internal branch relating to the Event Interceptor


add-in task.

lnUnix An internal branch that supports for NetView for AIX.

lnMPAInfo A branch with one value provided by LNSNMP that


gives the version of the Domino SNMP Agent.

Note Some Domino statistics are in floating-point format. SNMP


version 1 does not support floating-point numbers, truncating these
statistics to integers.

System requirements
The following are system requirements for the Domino SNMP Agent:
Windows requirements:
Windows native TCP/IP.

Windows SNMP Agent service.

AIX requirements:
AIX native TCP/IP.

AIX Master SNMP Agent (snmpd).

Using the Domino SNMP Agent 53-7

Monitoring

Linux requirements:
Linux native TCP/IP.

An extensible Master SNMP Agent that supports the SMUX protocol


(RFC 1227), such as UCD-SNMP 4.1 or later (4.2.3 or later is strongly
recommended), or NET-SNMP 5.0 or later. UCD-SNMP and
NET-SNMP are distributed by http://www.net-snmp.org and must
be built to include SMUX support by first running their source
configure script with --with-mib-modules=smux as an argument.

Solaris requirements:
Solaris native TCP/IP.

An extensible Master SNMP Agent that supports the SMUX protocol


(RFC 1227), such as PEER Networks OptiMaster Release 1.8a
(included).

zOS (OS/390) requirements:


OS/390 Version 1 Release 3 TCP/IP for OpenEdition MVS
Applications or OS/390 Version 2 Release 4 TCP/IP.

The most current PTFs for the zSeries (S/390) platform, which you
can access on www.ibm.com.

Configuring the Domino SNMP Agent


To configure the Domino SNMP Agent, you need to perform a procedure
specific to each platform and then complete the configuration by
performing another procedure that applies to all platforms.
Note Before configuring the Domino SNMP Agent on a partitioned
server, see the topic Special considerations for partitioned servers.
1. Perform the platform-specific procedure:
Windows
AIX
Linux
Solaris
OS/390
2. Complete the configuration.

53-8 Administering the Domino System, Volume 2

Special considerations for partitioned servers


If you plan to use SNMP on a partitioned server, you should read this
section prior to using SNMP with Domino 6.
There are several different ways to use the Domino SNMP Agent on a
partitioned server.
If you want to use the Domino SNMP Agent on only one of your
partitions, then configure it on that partition just as you would on any
server. Do not configure it on any other partitions. With this option, you
will get full functionality and control for one server partition. It is not
necessary to configure the LNSNMP.INI as described below.

If you want to manage multiple partitions and always be able to start their
servers using SNMP, then its necessary to configure those partitions into
LNSNMP.INI as described below. Configuring LNSNMP.INI also causes
the virtual rows in the MIBs lnServerTable to be allocated in the order
specified in LNSNMP.INI instead of in the order that the partitions are
started. The MIBs lnServerTable contains a virtual row for each partition,
so having prior knowledge about which row will represent a particular
partition could simplify certain management functions.
The Windows operating system limits all SNMP traps to using one IP
address. On UNIX, each partition needs a separate DNS entry in order to
distinguish each trap origin. On the client side, while traps from
partitions will be received, not all SNMP consoles can associate traps
from partitions to map objects. In particular, due to a limitation of
WINSNMP, which is used with OpenView Professional Suite, it cannot
assign traps to Domino icons.
Configuring the LNSNMP.INI file
If you need to always be able to start partitions using SNMP, or if you
need to know which virtual row in the MIBs lnServerTable a partition
will occupy, then you should perform the following steps.
Note By adding a server to LNSNMP.INI youre implicitly allowing
SNMP to start that server if asked to do so. The server may then disallow
Using the Domino SNMP Agent 53-9

Monitoring

If you want to use the Domino SNMP Agent for out-of-band control on
multiple partitions, configure it on each partition. With this option, you
can control servers individually and receive SNMP traps for each
partition, but you lose the ability to query certain branches of the lnInfo
branch of the MIB, including all Domino server statistics. Its also not
possible to use SNMP to start a server that hasnt otherwise been started
since SNMP was itself started. If you dont need to use SNMP to start
partitions, it is not necessary to configure the LNSNMP.INI as described
below.

further SNMP initiated starts once its own configuration options become
known. This situation becomes possible each time the Domino SNMP
Agent is started because the Domino SNMP Agent does not retain server
configuration information when it is stopped.
1. Create a file called LNSNMP.INI in the appropriate directory
depending on platform:
Windows: Windows System directory
AIX, Linux or Solaris: /opt/lotus
zOS (OS/390): /opt/lotus
Note These are the recommended directories. However,
LNSNMP.INI can be in any path in the PATH environment variable
that you like.
2. Edit the file and include one line for each server partition with the
following format:
Server=<Data_Directory>;<Server_Name>;<Domino_Partition_
Number>

Data_Directory: The directory that is the servers Domino data


directory for a given partition
Server_Name: The name of your Server
Domino_Partition_Number: This value is arbitrary because Domino
no longer uses numbers to uniquely identify partitions. However, for
historical reasons, a value must still be present.
For example, if you have a UNIX server with two partitions and data
directories of /home/domino/venus and /home/domino/saturn,
your LNSNMP.INI file should look like this:
Server=/home/domino/venus;Venus Server;1
Server=/home/domino/saturn;Saturn Server;2

Note The case of the text to the right of the equals sign is significant
in UNIX environments.
Troubleshooting
If LNSNMP does not start properly, then check that the LNSNMP.INI file
is correct. LNSNMP will always attempt to reference the LNSNMP.INI
file.

53-10 Administering the Domino System, Volume 2

Configuring the Domino SNMP Agent for Windows


Follow the steps below, once per platform, to configure the Domino
SNMP Agent for Windows.
Note Before using the Domino SNMP Agent, make sure TCP/IP and
SNMP are properly installed and configured on the server. Also, make
sure that the Domino executable and the Domino data directories are in
your search path.
Tip If you need to add the Windows SNMP Service to your system, be
prepared to reinstall any Windows service packs immediately after
adding the Windows SNMP Service.
Tip The Windows SNMP Service is configured by double-clicking the
Network icon in the Control Panel, then selecting the Services tab, then
selecting SNMP Service, and then clicking the Properties button. You will
want to configure appropriate trap destinations and community names
for your remote management infrastructure.

1. Stop the LNSNMP and SNMP services. Enter these commands:


net stop lnsnmp
net stop snmp

2. Configure the Lotus Domino SNMP Agent as a service. Enter this


command:
lnsnmp -Sc

3. Start the SNMP and LNSNMP services. Enter these commands:


net start snmp
net start lnsnmp

You have completed the Windows-specific portion of the Domino SNMP


Agent configuration. You should now follow the instructions found in
Completing the Configuration of the Domino SNMP Agent.
Removing the LNSNMP service
If you ever need to undo the configuration of the Lotus Domino SNMP
Agent as a service, enter this command:
lnsnmp -Sd

Using the Domino SNMP Agent 53-11

Monitoring

Note The Domino SNMP Agent is configured as a Windows Service


and is set up to run automatically. This means that once the Domino
SNMP Agent is configured, it is virtually always running, even when
Domino is not. If you later upgrade Domino you should stop the
LNSNMP and Windows SNMP Services before beginning the upgrade
process.

Configuring the Domino SNMP Agent for AIX


Follow the steps below, once per platform, to configure the Domino
SNMP Agent for AIX.
Note Before using the Domino SNMP Agent, make sure TCP/IP and
SNMP are properly installed and configured on the server. Also, make
sure that the Domino executable and the Domino data directories are in
your search path.
Tip The trap destinations and community names for AIX are configured
in the /etc/snmpd.conf file. You will want to configure appropriate trap
destinations and community names for your remote management
infrastructure. Remember to keep the view identifiers unique for each
trap destination.
Note The Domino SNMP Agent is set up to run automatically. This
means that once the Domino SNMP Agent is configured, it is virtually
always running, even when Domino is not. If you later upgrade Domino
you should stop the LNSNMP process before beginning the upgrade
process.
Note All the following commands should be executed as the root user.
1. Stop the LNSNMP process. Enter this command:
lnsnmp.sh stop

2. Stop the SNMPD subsystem. Enter this command:


stopsrc -s snmpd

3. Configure SNMPD to accept LNSNMP as an SMUX peer. Add the


following line to /etc/snmpd.peers:
"Lotus Notes Agent" 1.3.6.1.4.1.334.72 "NotesPasswd"

4. Configure SNMPD to accept an SMUX association from LNSNMP.


Add the following line to /etc/snmpd.conf:
smux 1.3.6.1.4.1.334.72 NotesPasswd

5. Start the SNMPD subsystem. Enter this command:


startsrc -s snmpd

6. Start the LNSNMP process. Enter this command:


lnsnmp.sh start

7. Create a link to the LNSNMP script. Enter this command, changing


the Domino executable path if necessary:
ln -f -s /opt/lotus/notes/latest/ibmpow/lnsnmp.sh
/etc/lnsnmp.rc

53-12 Administering the Domino System, Volume 2

8. Arrange for LNSNMP to be restarted after a reboot. Add the


following line to the end of /etc/rc.tcpip:
/etc/lnsnmp.rc start

You have completed the AIX-specific portion of the Domino SNMP


Agent configuration. You should now follow the instructions found in
Completing the Configuration of the Domino SNMP Agent.

Configuring the Domino SNMP Agent for Linux


Follow the steps below, once per platform, to configure the Domino
SNMP Agent for Linux.

Tip If you are using UCD-SNMP or NET-SNMP the trap destinations


and community names are configured in the
/usr/share/snmp/snmpd.conf file. Otherwise, refer to the
documentation for the master agent technology you are using. You will
want to configure appropriate trap destinations and community names
for your remote management infrastructure.
Note The Domino SNMP Agent is set up to run automatically. This
means that once the Domino SNMP Agent is configured, it is virtually
always running, even when Domino is not. If you later upgrade Domino
you should stop the LNSNMP process before beginning the upgrade
process.
Note All the following commands should be executed as the root user.
1. Stop the LNSNMP process. Enter this command:
lnsnmp.sh stop

2. Stop the Master SNMP Agent. If youre using UCD-SNMP or


NET-SNMP enter this command:
/etc/rc.d/init.d/snmpd stop

If youre not using UCD-SNMP or NET-SNMP refer to your Master


SNMP Agents documentation.

Using the Domino SNMP Agent 53-13

Monitoring

Note Before using the Domino SNMP Agent, make sure TCP/IP and
SNMP are properly installed and configured on the server. If you are
using UCD-SNMP or NET-SNMP its source should have been configured
and built with --with-mib-modules=smux set. If you are not using
UCD-SNMP or NET-SNMP verify your Master SNMP Agent supports
the SMUX protocol, per RFC 1227. Also, make sure that the Domino
executable and the Domino data directories are in your search path.

3. Configure the Master SNMP Agent to accept LNSNMP as an SMUX


peer. If youre using UCD-SNMP or NET-SNMP add the following
line to /usr/share/snmp/snmpd.conf:
smuxpeer 1.3.6.1.4.1.334.72 NotesPasswd

If youre not using UCD-SNMP or NET-SNMP refer to your Master


SNMP Agents documentation.
4. Start the Master SNMP Agent. If youre using UCD-SNMP or
NET-SNMP enter this command:
/etc/rc.d/init.d/snmpd start

If youre not using UCD-SNMP or NET-SNMP refer to your Master


SNMP Agents documentation.
5. Start the LNSNMP process. Enter this command:
lnsnmp.sh start

6. Arrange for LNSNMP to be restarted after a reboot. Enter these


commands, changing the Domino executable path and default run
levels if necessary:
ln -f -s /opt/lotus/notes/latest/linux/lnsnmp.sh
/etc/rc.d/init.d/lnsnmp
chkconfig --add lnsnmp
chkconfig lnsnmp on

You have completed the Linux-specific portion of the Domino SNMP


Agent configuration. You should now follow the instructions found in
Completing the Configuration of the Domino SNMP Agent.

Configuring the Domino SNMP Agent for Solaris


Follow the steps below, once per platform, to configure the Domino
SNMP Agent for Solaris.
Note Before using the Domino SNMP Agent, make sure TCP/IP is
properly installed and configured on the server. The steps below will
install a suitable Master SNMP Agent, but if you already use a Master
SNMP Agent that supports the SMUX protocol, per RFC 1227, you may
use that instead. Also, make sure that the Domino executable and the
Domino data directories are in your search path.
Tip If you will be installing the PEER Master agent, then the trap
destinations and community names are configured in the
/etc/peer.snmpd.conf file. Otherwise, refer to the documentation for the
master agent technology you are using. You will want to configure
appropriate trap destinations and community names for your remote
management infrastructure.
53-14 Administering the Domino System, Volume 2

Note The Domino SNMP Agent is set up to run automatically. This


means that once the Domino SNMP Agent is configured, it is virtually
always running, even when Domino is not. If you later upgrade Domino
you should stop the LNSNMP process, and the PEER Agent(s) if
applicable, before beginning the upgrade process.
Note All the following commands should be executed as the root user.
1. Stop the LNSNMP process. Enter this command:
lnsnmp.sh stop

2. Stop the Master SNMP Agent. If youre using the PEER Agent(s)
enter this command:
peerinit.sh stop

If youre not using the PEER Agent(s) refer to your Master SNMP
Agents documentation.

ln -f -s /opt/lotus/notes/latest/sunspa/peer.snmpd /etc
cp /opt/lotus/notes/latest/sunspa/peer.snmpd.conf /etc

If youre using another Master SNMP Agent refer to its


documentation for how to configure LNSNMP as an SMUX Peer.
The three parameters associated with SMUX authentication for
LNSNMP are:
Description: Lotus Notes Agent
Identity: 1.3.6.1.4.1.334.72
Password: NotesPasswd

4. Start the Master SNMP Agent. If youre using the PEER Agent(s)
enter this command:
peerinit.sh start

If youre not using the PEER Agent(s) refer to your Master SNMP
Agents documentation.
5. Start the LNSNMP process. Enter this command:
lnsnmp.sh start

6. Create a link to the LNSNMP script. Enter this command, changing


the Domino executable path if necessary:
ln -f -s /opt/lotus/notes/latest/sunspa/lnsnmp.sh
/etc/init.d/lnsnmp
Using the Domino SNMP Agent 53-15

Monitoring

3. Install or configure the Master SNMP Agent. If youre going to be


using the PEER Master Agent, its already configured for LNSNMP;
enter the following commands to install it, changing the Domino
executable path if necessary:

7. Arrange for LNSNMP to be restarted after a reboot. Enter these


commands:
ln -f -s /etc/init.d/lnsnmp /etc/rc2.d/S77lnsnmp
ln -f -s /etc/init.d/lnsnmp /etc/rc1.d/K77lnsnmp

8. Create a link to the PEER script, if youre using the PEER Agent(s).
Enter this command, changing the Domino executable path if
necessary:
ln -f -s /opt/lotus/notes/latest/sunspa/peerinit.sh
/etc/init.d/peerinit

9. Arrange for the PEER Agent(s) to be restarted after a reboot, if youre


using them. Enter these commands:
ln -f -s /etc/init.d/peerinit /etc/rc2.d/S76peer.snmpd
ln -f -s /etc/init.d/peerinit /etc/rc1.d/K76peer.snmpd

If youre not using the PEER Agent(s) refer to your Master SNMP
Agents documentation.
You have completed the Solaris-specific portion of the Domino SNMP
Agent configuration. You should now follow the instructions found in
Completing the Configuration of the Domino SNMP Agent.
Configuring the PEER Encapsulator Agent with other master agents
If you installed the PEER Master Agent above, but were using another
Master SNMP Agent and need to continue using it, you should read the
remainder of this section.
Most Network Management Stations (NMS) view managed objects on a
host through a single SNMP Agent. The NMS will usually direct its
SNMP requests to an agent listening on port 161. Because only a single
SNMP Agent can be listening at port 161, this limits the NMS to
managing only the variables accessible to the one agent listening at that
port. If you install the PEER Master agent, it will listen on port 161, so
that all queries directed to that host will go to the PEER Master agent.
If you already have non-PEER master agents installed on that host, they
too will want to listen on port 161, so you need to reconfigure these
non-PEER agents to listen on other ports. Then, configure the PEER
Encapsulator agent to emulate an NMS and pass on the appropriate
SNMP requests from the PEER Master agent to the encapsulated agents
at their respective ports. The PEER Encapsulator agent works by hiding
the non-PEER agents, so they are visible to the NMS only through the
PEER Master agent.
Configure the PEER Encapsulator agent to recognize non-PEER agents,
respective sub-trees, SNMP ports, and traps. Then when a non-PEER
53-16 Administering the Domino System, Volume 2

agent sends a trap, the PEER Encapsulator agent listening for the trap
forwards it up to the PEER Master agent or discards it, as configured.
When the PEER Master agent receives an NMS SNMP request about an
encapsulated agents managed sub-tree, it passes it on to the
Encapsulator agent which, in turn, forwards the request to that
encapsulated agent at its listening port.
To install the PEER Encapsulator Agent enter these commands:
ln -f -s /opt/lotus/notes/latest/sunspa/peer.encaps /etc
cp /opt/lotus/notes/latest/sunspa/peer.encaps.conf /etc

To configure the PEER Encapsulator Agent edit the


/etc/peer.encaps.conf file, using the comments as a guide. Refer to your
other Master SNMP Agents documentation for information about
configuring it.
To start the PEER Encapsulator Agent enter this command:
This is the same command script used to start the PEER Master Agent
and is responsible for both Agents if theyre both installed. Therefore, if
you already configured the PEER Master Agent to restart automatically
after a reboot, the PEER Encapsulator Agent will also restart
automatically.

Configuring the Domino SNMP Agent for zOS (OS/390)


Follow the steps below, once per platform, to configure the Domino
SNMP Agent for zOS (OS/390).
Note Before using the Domino SNMP Agent, make sure TCP/IP and
SNMP are properly installed and configured on the server. Also, make
sure that the Domino executable and the Domino data directories are in
your search path.
Tip Trap destinations are defined in the SNMPTRAP.DEST dataset.
You will want to configure appropriate trap destinations and community
names for your remote management infrastructure.
1. Start the LNSNMP process. Enter this command:
lnsnmp

Note Automatic start of the Domino SNMP Agent is not supported on


zOS (OS/390).
You have completed the OS/390-specific portion of the Domino SNMP
Agent configuration. You should now follow the instructions found in
Completing the Configuration of the Domino SNMP Agent.
Using the Domino SNMP Agent 53-17

Monitoring

peerinit.sh start

Completing the Configuration of the Domino SNMP Agent


Once youve performed the platform-specific configuration steps, follow
these steps, which apply to all platforms, to complete the configuration of
the Domino SNMP Agent. Repeat these steps as necessary for each
Domino partition.
Starting the Domino server add-in tasks
1. To support SNMP queries, start the QuerySet add-in task. Enter this
command on the Domino Server console:
load quryset

2. To support SNMP traps for Domino events, start the Event Interceptor
add-in task. Enter this command on the Domino Server console:
load intrcpt

3. To support Domino statistic threshold traps, start the Statistic


Collector add-in task. Enter this command on the Domino Server
console:
load collect

4. Arrange for the add-in tasks to be restarted automatically when


Domino is next restarted. Add quryset and/or intrcpt and
collect to the ServerTasks variable in Dominos NOTES.INI file.
Configuring traps for Domino events
Once the Domino SNMP Agent is configured, your SNMP management
console is able to receive traps for basic SNMP events for that server (for
example, server down). Additional configuration is required to receive
traps for Domino events. You must create appropriate Event Handlers in
the Domino Monitoring Configuration database. The Event Handlers
Notification Method must be set to SNMP Trap, and the Notification
Server must be set to an asterisk.
For more information about Event Handlers, see the chapter Monitoring
the Domino Server.
Configuring statistic threshold traps
You can receive SNMP traps for Domino statistics that exceed a specified
value when you have configured appropriate Statistic Event Generators
and appropriate Event Handlers in the Domino Monitoring Configuration
database. Domino must also be running the Statistic Collector and Event
Interceptor add-in tasks. The Notification Method of the Event Handler must
be set to SNMP Trap, and the Notification Server must be set to an asterisk.
For more information about creating Statistic Event Generators and
Event Handlers, see the chapter Monitoring the Domino Server.
53-18 Administering the Domino System, Volume 2

Enabling the SNMP Agent to start or stop a Domino server


You can start or stop Domino servers from a remote management console
using the Domino SNMP Agent. To do so, you must enable the Domino
SNMP Agent to start or stop a specific server. By default, the Domino
SNMP Agent does not allow the remote server to start or stop. You do
not need to modify a servers Configuration Settings unless you want to
enable the Domino SNMP Agent to start or stop that server.
Note If the server ID is password protected, then the Domino SNMP
Agent cannot be used to remotely restart a Domino server because
SNMP cannot pass a password parameter to the server.
Note It may not be possible for SNMP to start a server until that server
has first identified itself to the Domino SNMP Agent. This situation can
be overcome by putting information about the server into the lnsnmp.ini
file. For additional information see Special Considerations for a
Partitioned Server.

For more information about server Configuration Settings documents,


see the chapter Setting Up Mail Routing.
Enabling the SNMP Agent to reboot the system
You can reboot the system from a remote management console using the
Domino SNMP Agent. To do so, you must enable the Domino SNMP
Agent to reboot the system. By default, the Domino SNMP Agent does
not allow remote system reboot. You do not need to modify a servers
Configuration Settings unless you want to enable the Domino SNMP
Agent to reboot the system.
Note Rebooting is not supported on the zSeries (S/390) platform.
Note In the case of a partitioned server, all running partitions must
agree that its permissible to reboot the system. If one running partition is
configured to not allow a system reboot then the reboot will not be
performed.
The Allow System Reboot configuration option can be found in the
SNMP tab of a server Configuration Settings document.
For more information about server Configuration Settings documents,
see the chapter Setting Up Mail Routing.
To initiate a system reboot the remote management console must set the
lnRemoteReboot MIB object.

Using the Domino SNMP Agent 53-19

Monitoring

The Allow Server Start and Allow Server Stop configuration options can
be found in the SNMP tab of a server Configuration Settings document.

Manually starting and stopping the Domino SNMP Agent


Normally, after youve completed the configuration of the Domino
SNMP Agent, it starts automatically when you restart the system. If you
need to, you can stop the agent, then restart it manually.
Windows
To stop the Lotus Domino SNMP Agent service, enter this command:
net stop lnsnmp

To start the Lotus Domino SNMP Agent service, enter this command:
net start lnsnmp

AIX
To stop the lnsnmp process, enter this command as root:
/etc/lnsnmp.rc stop

To start the lnsnmp process, enter this command as root:


/etc/lnsnmp.rc start

Linux
To stop the lnsnmp process, enter this command as root:
/etc/rc.d/init.d/lnsnmp stop

To start the lnsnmp process, enter this command as root:


/etc/rc.d/init.d/lnsnmp start

Solaris
To stop the lnsnmp process, enter this command as root:
/etc/init.d/lnsnmp stop

To start the lnsnmp process, enter this command as root:


/etc/init.d/lnsnmp start

To stop the PEER Agent process(es), enter this command as root:


/etc/init.d/peerinit stop

To start the PEER Agent process(es), enter this command as root:


/etc/init.d/peerinit start

53-20 Administering the Domino System, Volume 2

zOS (OS/390)
To start the lnsnmp process, type the lnsnmp command from an
OpenEdition command line. The command and its parameters are shown
below:
lnsnmp [-I ipaddress] [-C community] [-P dpiport]

All parameters are optional. The defaults are as follows:

ipaddress: the value returned from GETHOSTBYNAME.

community: public

dpiport: 161. The value must match the value in the SNMP
configuration file (SNMP.PORT).

Using the Domino MIB with your SNMP management station

Note Unlike previous releases of the Domino SNMP Agent, the Domino
MIB is actually used by the Domino 6 server, specifically the QuerySet
add-in task, so a copy of the Domino MIB must remain in the Domino
executable directory.
If you are running multiple versions of the Domino SNMP Agent in your
network, for instance, because of migration, your management stations
should use the MIB corresponding to the latest installed version of the
Domino SNMP Agent.

Configuring traps for HP OpenView


In order to translate Domino SNMP traps into readable messages in the
alarm log of HP OpenView, you must use the Domino SNMP Trap
Definition File.
To configure the Trap Definition File, follow these steps:
1. Copy the Trap Definition File, DOMINO.TDF, to your management
workstation. This file can be found in the Domino executable
directory of any Domino 6 server.
2. Choose Monitor - Customize Traps.
The Customize Trap Alarms dialog appears.

Using the Domino SNMP Agent 53-21

Monitoring

To access any Domino servers objects in the Domino MIB, you must load
the Domino MIB on your SNMP management station. Refer to your
management station documentation for details on adding MIBs. The
name of the Domino MIB file is domino.mib. This file can be found in the
Domino executable directory of any Domino 6 server.

3. Click Load Traps.


The Load Traps Definition File dialog appears.
4. Select the Trap Definition File, domino.tdf, that you copied in step 1.
5. Click OK.
The Load Device Traps dialog box appears.
6. Select 1.3.6.1.4.1.334.72 in the Device Class field.
7. Click OK.
The Customize Trap Alarms dialog reappears.
8. Click OK.

Configuring traps for Domino events


The default states for Domino event traps can be configured in
OpenView for Windows with the DOMINO.TDF file. The entries are:
0=1,FirstEntry,2,LOG,MAP,BELL,NONE,NONE,NONE,X0,$5
1=2,0,0,LOG,MAP,BELL,NONE,NONE,NONE,X1,$5
2=3,1,7,LOG,MAP,NOBELL,NONE,NONE,NONE,X2,$5
3=4,2,8,LOG,MAP,NOBELL,NONE,NONE,NONE,X3,$5
4=5,3,1,LOG,MAP,NOBELL,NONE,NONE,NONE,X4,$5
5=11,4,3,LOG,MAP,NOBELL,NONE,NONE,NONE,X5,$5
The third field after the equals sign controls the OpenView severity (see
section Trap Definition Entry in the OpenView Programmers Guide):
4 - Unknown
11 - Unmanaged
2 - Informational
9 - Disabled
3 - Normal
10 - Marginal
1 - Warning
8 - Minor
7 - Major
0 - Critical
You could also customize the BELL | NOBELL option.
53-22 Administering the Domino System, Volume 2

Configuring traps for NetView for AIX


Adding traps
If you are using NetView for AIX as your management platform and
using the Domino SNMP Agent to forward Domino events, you can
make these events more readable by performing the following
configuration:
1. Copy the trap configuration script, addtraps.sh, to your management
workstation. This file can be found in the Domino executable
directory of any Domino 6 server.
2. Stop the NetView demons. Enter this command:
ovstop

3. Start the NetView demon trapd. Enter this command:


ovstart trapd

4. As root, run the trap configuration script, addtraps.sh, that you


copied in step 1. Enter this command:
sh addtraps.sh

You receive a message for each trap added.


5. Restart NetView. Enter this command:
ovstart

Removing traps
To remove these traps, log in as root, and run:
removetrap -n "Notes"

Upon completion, you receive the message Enterprise has been


removed.

Using the Domino SNMP Agent 53-23

Monitoring

Having traps running causes traps to be updated as the script runs.


See the NetView trapd man pages for more details.

Troubleshooting the Domino SNMP Agent


Check Server Tasks
If an Agent function is not working, first check that the QuerySet
Handler and Event Interceptor server add-in tasks are running by using
the Show Tasks command on the Domino console. You can do this
remotely if you are authorized. If neither task is running, then the SNMP
Agent will report that the server is down.
Check MIB Values using the SNMP Management Station
Query the MIB remotely to determine which components are up and
running. There are three components in the SNMP architecture for MIB
variables:

The platform-specific Master SNMP Agent

The Domino SNMP Agent

The QuerySet Handler

Each can respond to MIB requests. You can test them together or
sequentially to determine which pieces are responding. You should use
the community name configured into your Master SNMP Agent.
Test the:

Base system MIB variable, for example,


iso.org.dod.internet.mgmt.mib-2.system.sysDescr (.1.3.6.1.2.1.1.1.0),
to determine if the platforms SNMP Agent is working and to find
out which version of the platform-specific Master SNMP Agent is
running.
If this fails, you can (ICMP) ping the server to determine if TCP/IP is
responding. If TCP/IP is running, check the community name used
by the servers Master SNMP Agent. If you cannot verify the
community name, try the public community name.
Refer to your SNMP management software documentation for
specific instructions.

MIB variable to determine if the Domino SNMP Agent is working,


for example, iso.org.dod.internet.private.enterprises.lotus.notes.mp
aInfo.lnMainProxyAgentVersion (.1.3.6.1.4.1.334.72.100.1.0), which
indicates the version of the Domino SNMP Agent.
QuerySet sends a heartbeat to the Domino SNMP Agent every few
seconds. If the Domino SNMP Agent is not running, you will receive
the following message for each failed heartbeat at the Domino server
console:
Lotus Domino SNMP Agent is not available.

53-24 Administering the Domino System, Volume 2

The message stops if you start the agent or tell the QuerySet Handler
to quit running.

MIB variable to determine if the QuerySet Handler is working, for


example,
iso.org.dod.internet.private.enterprises.lotus.notes.lnInfo.lnQSBuild
Number (.1.3.6.1.4.1.334.72.1.5.0), which indicates the version of the
QuerySet Handler.

If the other variables are successful, but the QuerySet Handler is not
responding, verify that the task is running using the Show Tasks
command on the Domino console. You can perform this test remotely if
you are authorized, or you can open a database, such as the Domino
Directory, with the Notes client to verify the server is running.

Using the Domino SNMP Agent 53-25

Monitoring

Caution Every 30 seconds, the Domino SNMP Agent tests whether the
QuerySet Handler is responding. If this test fails you will receive a
Warning trap Domino Server pulse has failed. This is usually a
temporary problem because the server is overloaded. If the condition
lasts 5 cycles, however, you will get a Critical trap Domino Server is not
responding. This means that the server may have crashed or hung. In
either case, while it is occurring you will not be able to query the Domino
MIB. When the pulse returns, you will receive a canceling trap message
that the server pulse is restored.

Chapter 54
Using IBM Tivoli Analyzer for Lotus Domino
This chapter describes the IBM Tivoli Analyzer for Lotus Domino and
explains how you use it to monitor system health, analyze resource
distribution, and balance resources. The IBM Tivoli Analyzer for Lotus
Domino includes the Server Health Monitor and Activity Trends.

IBM Tivoli Analyzer for Lotus Domino

The IBM Tivoli Analyzer for Lotus Domino is a separate product offering
from Tivoli Systems.
The Server Health Monitor determines server health by calculating
health statistics and comparing them against preset thresholds. The
Server Health Monitor reports the information, pinpoints problematic
server components, and provides short-term and long-term
recommendations for restoring server health.
Activity Trends collects and stores activity statistics as current
observations and historical trends. The activity statistics relate to the
server, databases, users, and connections of users to databases. You can
explore the collected data to see how database workload is distributed
across servers. Using the data, Activity Trends recommends a
resource-balancing plan. Then, working with the Domino Change
Manager, which is a part of the Domino server, Activity Trends provides
a workflow that facilitates implementing the recommended changes.

54-1

Monitoring

The IBM Tivoli Analyzer for Lotus Domino includes two integrated
system-management tools: the Server Health Monitor, which offers
real-time assessment and recommendations for server performance, and
Activity Trends, which provides data collection, data exploration, and
resource balancing. Using these tools, you can manage servers and
databases, ensure better server performance, and plan for current and
future needs.

Server Health Monitor


In Domino, performing traditional performance troubleshooting
involves:

Using event generators and notifications and Domino server


monitoring to perform real-time data-analysis

Using information from the server log (LOG.NSF), the Monitoring


Results database (STATREP.NSF), and the Administration Requests
database (ADMIN4.NSF) to perform historical data-analysis

Using Domino Directory documents and NOTES.INI settings to


customize the server configuration

The Server Health Monitor extends the usefulness of traditional


performance troubleshooting by automatically calculating health
statistics, comparing those statistics to predefined thresholds, and
reporting on overall server health. If the server health rating is Warning
or Critical, a health report, which is stored in the Health Monitoring
database (DOMMON.NSF), suggests short-term and long-term
recommendations for tuning the server and returning its performance
status to Healthy.
The Server Health Monitor is incorporated into the Domino server
monitor, which is part of the Domino Administration client. All health
statistics generated by the Server Health Monitor are local to the Domino
Administration client.
For each server being monitored, the Server Health Monitor reports a
health rating for the server and for all enabled individual server
components namely, CPU, disk, memory, and network utilization;
NRPC name lookup; mail delivery latency; and server, HTTP, LDAP,
and IMAP response.
The health rating of each server and server component is based on a
collection of indices. Health ratings, such as healthy, warning, or critical,
are assigned, based on these index values. Each index has a calculated
value between 0 and 100. These values are based on server health
monitoring assessment algorithms and rules. Each index has two related
thresholds: a warning threshold and a critical threshold. When the index
value is less than both thresholds, the server or server component is rated
Healthy. When the index value is greater than the warning threshold, the
server or server component is rated Warning. When the index value is
higher than the critical threshold, the server performance is judged to be
Critical and requires immediate attention.

54-2 Administering the Domino System, Volume 2

The Server Health Monitor includes threshold values for each index on
these platforms: AIX, IBM eServer iSeries (OS400), IBM eServer zSeries
(Z/OS), Linux/Intel, Solaris/Sparc, Windows NT and Windows 2000.
You can modify the thresholds to customize server assessment for each
platform. You reduce or increase the thresholds to make the algorithms
more or less sensitive.
Health Monitoring reports on each server area for which data can be
retrieved. If no data is available, nothing is reported for that component.
You can customize this behavior by specifying which servers you want to
monitor. You can exclude any component from the health report, which
is useful for filtering out known situations about which you dont want to
be constantly reminded.
If you use the Server Health Monitor, the Current Reports view of the
Health Monitoring database (DOMMON.NSF) displays a health rating
for each monitored server and server component.

The Server Health Monitor reports a statistic for the overall server and
for individual components. Each statistic corresponds to a rating.
Occasionally, the Server Health Monitor assigns the rating of Unknown.
This happens when the Domino Administration client workstation
performs at 100 percent of its CPU capacity for an extended period of
time. If this happens you may need to make some adjustments to
improve the performance of the Server Health Monitor.
Server Health reports are stored in the Health Monitoring database
(DOMMON.NSF).
For information on how to improve the performance of the Server Health
Monitor, see the topic Improving the performance of the Server Health
Monitor, later in this chapter.

Using IBM Tivoli Analyzer for Lotus Domino 54-3

Monitoring

Table of Server Health Monitor statistics

Overall server health statistics


Statistic

Rating

Explanation

0 = Health.Overall.Value

Never Seen The server has never been


seen running during the
current server monitor
session.

0 < Health.Overall.Value
and
Health.Overall.Value <
Health.Overall.Threshold.Warning

Healthy

The server is performing


within acceptable levels
of tolerance.

Health.Overall.Threshold.Warning < = Warning


Health.Overall.Value
and
Health.Overall.Value <
Health.Overall.Threshold.Critical

One or more server


components are
approaching
unacceptable levels of
poor performance.

Health.Overall.Threshold.Critical <=
Health.Overall.Value
and
Health.Overall.Value <= 97

Critical

One or more server


components are failing to
perform acceptably.

98 = Health.Overall.Value

Critical

One or more server tasks


issued a fatal error
message.

99 = Health.Overall.Value

Critical

One or more tasks are not


responding.

100 = Health.Overall.Value

Server
Down

The server is not


responding.

54-4 Administering the Domino System, Volume 2

Component health statistics


Overall health ratings are based, in part, on component health statistics
values.
Statistic

Rating

Explanation

0 = Health.*.Value

Never Seen

The component is not being


monitored.

0< Health.*.Value
and
Health.*.Value <
Health.*.Threshold.Warning

Healthy

The component is performing


within acceptable levels of
tolerance.
The component is approaching
unacceptable levels of poor
performance.

Health.*.Threshold.Critical <=
Health.*.Value and
Health.*.Value <= 97

Critical

The component is failing to


perform acceptably.

98 = Health.*.Value

Fatal

The task associated with the


component issued a fatal error
message.

99 = Health.*.Value

Not
The task associated with the
Responding component is not responding.

Table of Server Health Monitor ratings


The Current Reports view of the Health Monitoring database
(DOMMON.NSF) displays the assigned rating for each enabled server
and server component. When a server rating is Warning or Critical, the
Overall Health Report provides recommendations for correcting the
problems.

Server ratings
Rating

Description

Never Seen

The server has never been seen running during the current
server monitor session.

Healthy

The server is performing within acceptable tolerances.


continued

Using IBM Tivoli Analyzer for Lotus Domino 54-5

Monitoring

Health.*.Threshold.Warning <= Warning


Health.*.Value
and
Health.*.Value<
Health.*.Threshold.Critical

Rating

Description

Warning

One or more server components are approaching


unacceptable levels of poor performance.

Critical

The server is experiencing one or more of these critical


problems:
One or more server components are failing to perform
acceptably
One or more tasks on the server have issued a fatal error
One or more tasks on the server are not responding

Server Down

The server is not responding; therefore, it isnt responding to


requests for statistics.

Component ratings
Rating

Description

Healthy

The server component appears to be running correctly.

Warning

The server component is approaching unacceptable levels of


poor performance.

Critical

The server component is failing to perform acceptably.

Fatal

The task related to this component has issued a fatal error.

Not Responding The task related to this component is not responding.

Server Health Monitor configuration


The Server Health Monitor is part of the IBM Tivoli Analyzer for Lotus
Domino.
For information on the license required to use the Server Health Monitor,
see the topic Installing the IBM Tivoli Analyzer for Lotus Domino, later
in this chapter.
To set up the Server Health Monitor, complete these procedures:
1. Install the IBM Tivoli Analyzer for Lotus Domino.
2. Start the Domino server monitor.

Installing the IBM Tivoli Analyzer for Lotus Domino


To install the IBM Tivoli Analyzer for Lotus Domino:
1. Make sure you have installed the Domino Administrator.
2. Run the install program (SETUP.EXE) from the Tivoli Analyzer
directory.
54-6 Administering the Domino System, Volume 2

For more information about installing the Domino Administrator, see the
chapter Setting Up and Managing Notes Users.
The IBM Tivoli Analyzer for Lotus Domino is a separate product offering
from Tivoli Systems. To learn more about how this integrated system
management tool can help manage your servers and databases, ensure
better performance, and help you plan for current and future needs, visit
http://www.ibm.com/software/tivoli/r/analyzerfordomino or contact
your Tivoli sales representative or Business Partner.

Setting up the Server Health Monitor


To create Server Health Monitor reports and historical charts, you must
enable both the Server Health Monitor and statistic reporting.
1. From the Domino Administrator, choose File - Preferences Administration Preferences.

3. For Poll servers every n minutes, enter a value from 1 to 60


minutes.
Tip The higher the number of servers to monitor, the larger the
polling interval to enter. For timely monitoring, enter a value
between 1 and 10.
4. (Optional) To start the server monitor automatically, check
Automatically monitor servers at startup.
5. Click Statistics, and then check Generate statistic reports while
monitoring or charting statistics.
6. For Generate reports every n minutes, enter a value greater than or
equal to the server polling interval specified in Step 3.
7. Wait a few minutes longer than the polling interval, and then open
the Health Monitoring Database (DOMMON.NSF) to see the Health
report.
Before you start the Server Health Monitor
The Server Health Monitor does not require any specific Domino server
configuration, but you can generate more accurate reports by following
these guidelines:

Enable platform statistics on the server. Platform statistics are


enabled, by default, in Domino 6. Follow the specific instructions for
your platform. You may need to perform additional steps to ensure
that platform statistics are working and are fully enabled on your
platform.
Using IBM Tivoli Analyzer for Lotus Domino 54-7

Monitoring

2. Click Monitoring, and then check Generate server health statistics


and reports.

Make sure you have at least View-only Administrator rights for


every server you want to monitor.

Use a TCP server event generator as a self probe to create Quality of


Service (QOS) statistics.

For information on setting up platform statistics and using TCP Server


Event Generators, see the chapter Monitoring the Domino Server.

Starting the Server Health Monitor


To start the Server Health Monitor, you start the Domino server monitor,
which automatically monitors the most recently viewed server profile or
profiles that you configured to run in the background. The Domino
server monitor does not begin on startup by default.
To start and stop the Domino server monitor manually
1. From the Domino Administrator, click the Server - Monitoring tab.
2. Click the Green arrow in the upper-right of the task screen. When the
server monitor is running, this arrow toggles to a red Stop button.
3. To stop the server monitor, click Stop.
To start the Domino server monitor automatically
1. From the Domino Administrator, click the Server - Monitoring tab.
2. Click File - Preferences - Administration Preferences.
3. Click Monitoring.
4. Enable Automatically monitor servers at startup.
For more information on the Domino server monitor and server profiles,
see the chapter, Monitoring the Domino Server.

Using the Server Health Monitor


Using the Server Health Monitor, you can perform these tasks to monitor
the health of servers and server components:

Specify which server components to monitor

Enable statistic alarms

Modify threshold values for server components

Create health reports

Excluding a server from monitoring by the Server Health Monitor

Change the purge interval for historical health reports

Improve the performance of the Server Health Monitor

54-8 Administering the Domino System, Volume 2

Selecting server components to include in health reports


Each server you monitor has a Health Monitoring Configuration
document in the Health Monitoring database (DOMMON.NSF). This
document specifies the server components you want to include in health
reports. Based on statistics and task information obtained from the
server, the Server Health Monitor automatically determines which
components to include in health reports. For example, if the HTTP task is
not running on a particular server, then the Server Health Monitor
automatically excludes the HTTP component from any analysis.
Occasionally, you may want to exclude a component manually. For
example, if you know that a particular server has a disk I/O bottleneck,
exclude the Disk Utilization component so that it doesnt adversely affect
the servers overall health rating.

To select server components to include


1. From the Domino Administrator, click the Server - Monitoring tab.
2. From the menu, choose Monitoring - Display Health Reports, and
then open the Configuration view.
3. Choose Server Components.
4. Choose the server you want to modify, and click Edit Server
Document.
5. Under How should component indices be enabled? choose one:
Automatic to allow the Server Health Monitor to select the
components to include in health reports, based on which server
tasks are running.
Custom to manually select the components to include in health
reports. Statistics for selected components are included in health
reports, whether the server task is running or not.
To reset server component select to automatic.
1. From the Domino Administrator, click the Server - Monitoring tab.
2. From the menu, choose Monitoring - Display Health Reports, and
then open the Configuration view.
3. Choose Server Components.
4. Choose the server you want to modify, and click Edit Server
Document.
5. Click Restore Automatic Selections and click OK.
Using IBM Tivoli Analyzer for Lotus Domino 54-9

Monitoring

Server components that are selecting components manually display a


pencil icon next to the server name. If there is no pencil icon, the
components are being selected automatically.

Setting up statistic alarms for the Server Health Monitor


Just as you create an event generator for a Domino system statistic, you
create an event generator for a health statistic. Then when the statistic
does not meet the defined threshold, an event is generated. For an event
to be created, however, you must enable statistic alarms. Then, the first
time a statistic alarm is reported, an event is generated and reported to
the Monitoring Results database (STATREP.NSF). In addition to an
alarm, you can create an event handler to notify you of the event. Event
generators and event handlers are stored in the Monitoring
Configuration database (EVENTS4.NSF).
For more information on creating event generators and event handlers,
see the chapter Monitoring the Domino Server.
To enable statistic alarms
1. From the Domino Administrator, choose File - Preferences Administration Preferences.
2. Click Statistics, and then check Check statistic alarms while
monitoring or charting statistics.
3. For Check alarms every <n> minutes (greater than monitoring poll
interval) enter a value that is greater than the server polling value.
The default is 15.
Tip If you are not sure what the polling value is, click Monitoring
and locate the value for Poll servers every <n> minutes (1-60 mins).
For more information on setting Administration Preferences for server
monitoring, see the chapter Setting Up and Using Domino
Administration Tools.

Modifying threshold values for the Server Health Monitor


The Index Thresholds view in the Health Monitoring database
(DOMMON.NSF) displays the threshold values for each platform. To
modify the sensitivity to a particular component, change the threshold
value. For example, if you want to run your networks with higher
utilization for servers running on a specific platform, increase the
threshold for the Network Utilization component for the platform.
Keep these considerations in mind if you decide to modify threshold
values. First, have a strategy in mind before you change the them. Your
strategy should address your system performance needs and reflect your
philosophy toward managing servers. Second, if you change threshold
values remember that you have done so. Changing any system
configuration parameters or adjusting user workload behavior might also
have a future impact on these settings. And finally, remember that
54-10 Administering the Domino System, Volume 2

changing threshold values inappropriately may result in health values


that do not accurately reflect server capacity and availability. If you get
results that seem inaccurate, restore the default threshold values.
To modify a threshold value
1. From the Domino Administrator, click the Server - Monitoring tab.
2. From the menu, choose Monitoring - Display Health Reports.
3. Under Configuration, choose Index Thresholds.
4. Choose the operating system whose threshold you want to change,
and choose Edit Threshold Document.
5. Change the value for the Warning Threshold and/or Critical
Threshold.
6. Click OK.
If you later decide to restore the default threshold values, perform Steps
1 through 5 above and then click Restore Defaults.

Based on information gathered by the Domino Server Monitor, the Serve


Health Monitor issues Health reports. Health reports are stored in the
Health Monitoring database (DOMMON.NSF). There are two views of
Health reports, current and historical. Current reports are based on
information reported by the Domino server monitor. Historical reports
are an accumulation of past reports.
Each report includes the following information:

Server Health information Information about the server, including


the version of Domino and operating system. Displays the rating and
rating value, and lists the first time this rating appeared. Also shows
the last time the server was evaluated.

Configuration Issues Identifies any configuration issues that may be


preventing the Server Health Monitor from generating the most accurate
diagnoses possible. Failing to correct these configuration issues will
result in health reports that are less accurate and less detailed.

Details Regarding Rating This information backs up the


recommendations. Information can include details about the servers
configuration or performance.

Short Term Recommendations These are things you can do


immediately to improve the servers performance.

Long Term Recommendations These are suggestions for making


lasting improvements that will prevent a poor health rating in the
future.
Using IBM Tivoli Analyzer for Lotus Domino 54-11

Monitoring

Server Health reports

Displaying Server Health reports


If a server is repeatedly rated Warning or Critical, look at historical
health reports to get a better picture of server health.
To display a current health report
1. From the Domino Administrator, click the Server - Monitoring tab.
2. From the menu, choose Monitoring - Display Health Reports.
3. Select the view Health Reports - Current Reports.
4. Double-click a server to display the Overall Health Report for that
server.
To display a historical health reports
1. From the Domino Administrator, click the Server - Monitoring tab.
2. From the menu, choose Monitoring - Display Health Reports.
3. Select the view Health Reports - Historical Reports.
4. Find the target server in the list and expand its report documents.

Changing the purge interval for historical health reports


By default, the historical reports are purged from the Health Monitoring
database (DOMMON.NSF) after 7 days. To change this default, edit the
NOTES.INI file on the Domino Administration client to include this
setting:
HEALTH_REPORT_PURGE_AFTER_N_DAYS=n

Improving the performance of the Server Health Monitor


If the Domino Administration client workstation performs at 100 percent
CPU utilization for a long period of time, the Server Health Monitor
discards server statistic data to keep up with the workload. If statistic
data is discarded over an extended period of time, the Server Health
Monitor assigns the rating Unknown to every server. When that
happens, each health report includes the statement The Domino
Administrator workstation CPU is constantly saturated. Too much server
statistic data is being retrieved. This condition causes inaccurate server
monitoring reports.

54-12 Administering the Domino System, Volume 2

To reduce the amount of statistic data:

Increase the server polling interval in Administration Preferences.

Reduce the number of servers being actively monitored during a


Domino server monitor session. The servers for each monitoring
profile you use are added to the total number of servers being
monitored. To clear this list to the servers a specific profile only, stop
the Domino server monitor, and then restart it.

Dedicate one workstation to the Server Health Monitor

Working with Server Health Monitor statistics

You can do any of these:

Use monitoring profiles to monitor server health

View server health

Define event generators and event handlers for health statistics


(Jump to topics)

Excluding a server from monitoring by the Server Health Monitor


from being monitored or from generating health reports

Create statistics profiles and chart health statistics

Monitoring server health in the Domino server monitor


You monitor server health in the Domino server monitor, using
monitoring profiles. You must be actively monitoring each server from
which you want to collect health statistics. This means that the Domino
server monitor must be running for you to collect Server Health statistics.
By default, the Domino server monitor includes a set of default server
profiles that are created in the Domino Directory. However, you can
create custom profiles that monitor the servers, server tasks and health
statistics that you choose.
By default, when you start the Domino server monitor, it begins
monitoring servers in the last profile that was selected when you shut
down the Domino server monitor. The servers in each subsequent profile
that you monitor, are added to those servers previously monitored. If
you monitor several different profiles in a single session, the number of
Using IBM Tivoli Analyzer for Lotus Domino 54-13

Monitoring

Health statistics are recorded in the Monitoring Results database


(STATREP.NSF). Health statistics are local to the Domino Administration
client; therefore, they do not reside on the servers being monitored. Just
as you use a Domino server statistic, you use a health statistic to monitor
the system.

servers monitored may be quite lengthy, which may impact the


performance of the Server Health Monitor. To clear the list of servers
monitored, stop and then start the Domino server monitor.
You can also customize which profiles to monitor upon startup, by
specifying profiles you want to monitor in the background, no matter
which profile was monitored when you shut down the Domino server
monitor.
You can perform the following tasks when you work with monitoring
profiles:

Creating monitoring profiles in the Domino server monitor

Modify a system profile

Specify monitoring profiles to monitor when you start the Domino


server monitor

For more information on creating and modifying server profiles, and


specifying which profiles to monitor when you start the Domino server
monitor, see the chapter Monitoring the Domino Server.

Viewing server health with the Server Health Monitor


After the first polling interval passes, the Server Health Monitor posts a
report of server health, which you can view in the Domino server
monitor for a quick visual representation of your servers health. When a
server rating is Warning or Critical, or when there is a configuration
issue, check the Overall Health Report in the Health Monitoring database
(DOMMON.NSF). Each server health report provides short-term and
long-term recommendations for restoring the servers rating to healthy.
For example, if the Memory Utilization component receives a Warning
rating, the short-term solution may be to check the server for
unnecessary processes that have been loaded. The long-term
recommendation may be to add memory or to check the servers
page-file allocation.
Note A red exclamation mark next to a server indicates a configuration
issue. Read the server health report for information on configuration
issues.
To view server health
1. Make sure you enabled the Server Health Monitor in Administration
Preferences, started the Domino Server Monitor, and allowed the
monitor to run for a few minutes longer that the specified polling
interval.
2. From the Domino Administrator, click the Server - Monitoring tab.
54-14 Administering the Domino System, Volume 2

3. In the Health column (Hea), the Server Health Monitor uses these
icons to indicate the servers overall health:
Green thermometer the servers overall health rating is
Healthy. All server components are within the appropriate range.
Yellow thermometer the servers overall health rating is
Warning. One or more server components being monitored are
approaching unacceptably poor levels of performance.
Red thermometer the servers overall health rating is Critical.
One or more server components being monitored are failing to
perform within acceptable tolerance levels.

Excluding a server from the Server Health Monitor report


documents

To exclude a server from a monitoring profile


Use this procedure when you do not want to see the continued output of
the server health rating for the server, but you want to continue listing
the health report for the server in the Health Monitoring database.
1. From the Domino Administrator, click the Server - Monitoring tab.
2. Select the server you want to remove and right-click. From the menu,
choose Remove Server.
3. Click the Stop button.
The next time you press the Start button, the server will no longer be
monitored. However, it will continue to be listed in the current health
report view.
To exclude a server from generating Health Reports
Use this procedure when you do not want to monitor the server and do
not want to continue receiving health reports on it in the Health
Monitoring database.

Using IBM Tivoli Analyzer for Lotus Domino 54-15

Monitoring

The Server Health Monitor creates health reports for each server you are
actively monitoring and stores them in the Health Monitoring database
(DOMMON.NSF). You can exclude a server from a monitoring profile, so
that the server is removed from the current monitoring view in the
Domino server monitor. However, the Server Health Monitor continues
to include that server in the health reports until you remove the server
permanently from DOMMON.NSF. You permanently exclude a server
from being included in health reports by removing its current report
documents and its configuration server component document. After you
exclude a server permanently, the Server Health Monitor no longer
generates reports.

1. Perform the steps listed above to exclude temporarily the server from
the server monitor view.
2. From the Domino Administrator, click the Files tab.
3. Open the Health Monitoring database (DOMMON.NSF), and open
the Configuration - Server Components view.
4. Delete the Health Monitoring Server Configuration document for the
server being excluded.
5. Open the Health Reports - Current Reports view and delete the
current health report and all the response documents for the server.
6. (Optional) Open the Health Reports - Historical Reports view and
delete the historical health reports and the associated response
documents for the server.

Charting Server Health Monitor statistics


To chart the performance of Server Health statistics, you must be actively
monitoring all servers whose performance you want to chart in the
Domino server monitor. In addition, if you want to chart health statistics
historically, you must enable the generation of statistic reports while
monitoring or charting statistics in the statistic Administration
Preferences.
For more information on enabling statistic reports, see the topic Setting
up the Server Health Monitor, earlier in this chapter.
You can chart real-time and historical performance of Server Health
statistics. Real-time health statistics are gathered by the Statistic Collector
server task in the Domino Administrator and are stored in memory, for
use when charting real-time statistics. Historical health statistics are
created from the historical statistics information stored in the local
Monitoring Results database (STATREP.NSF).
You can also create statistic profiles to monitor groups of servers and
associated statistics routinely. There is a limit of 25 statistics in each
statistic profile.
You can perform the following tasks when charting server health
statistics:

Create statistics profiles

Modify statistic profiles

Display statistic charts

For information on creating statistic profiles and charting statistics, see


the chapter Monitoring the Domino Server.

54-16 Administering the Domino System, Volume 2

Activity Trends
Domino server resource utilization can be separated into two types,
system activity and user activity. System activity, which includes the
level of processor, disk, memory, and network consumption that Domino
generates to keep the server running, is a fixed amount of activity, as
long as systems are healthy and performing smoothly. Domino servers
typically use a modest percentage of their resources to run. The
remaining server capacity is used to support user activity, which varies
with the usefulness of the data on the server.

Activity Trends is part of the IBM Tivoli Analyzer for Lotus Domino, a
separate product offering from Tivoli Systems. The Activity Trends
Collector is a Domino server add-in task that records and reports
statistics about database activity on a server. Information is stored in the
Activity Trends database (ACTIVITY.NSF).
The IBM Tivoli Analyzer for Lotus Domino uses the collected data to
determine the load on the server. Then, using resource-balancing
functionality, the Analyzer applies trends analysis and statistics to
intelligent algorithms that can provide computer-aided load balancing on
a set of servers or simplify the server decommissioning process.
Integrated with the IBM Tivoli Analyzer for Lotus Domino, the Domino
Change Manager provides workflow capability that creates
resource-balancing plans and implements database moves, using the
Tivoli Analyzer tools and analysis. The Domino Change Control
database (DOMCHANGE.NSF) and Domino Change Manager are part
of the Domino server core functionality.
Activity Trends includes:

Server profile definition For easy access to a named group of


servers.

Statistics profile creation For easy access to a named group of


statistics.

Using IBM Tivoli Analyzer for Lotus Domino 54-17

Monitoring

Using Activity Logging servers account for their time precisely,


recording user activity by person, database, and access protocol. When
summarized and averaged, or trended over time, activity logging of
trended statistics provides a way to measure and compare workloads
across servers. You can use this information to identify the most active
users and databases on each server. Using the Domino Change Manager,
you can automate the creation and execution of workload redistribution
plans to load a new server, decommission an old one, or balance
workloads across unevenly burdened servers

Activity trends charting You can chart a selected group of


statistics for a single server or a group of servers.

Resource balancing Analyzes server resource use and creates


recommendations for balancing the servers based on specified
resource goals.

Activity Trends uses these Domino server features:

Activity logging To collect information that will be used for


resource-balancing.

Activity Trends To set up times for data collection and retention.

Domino Change Manager To implement a workflow process in


which changes made to the system are controlled and approved.

Setting up Activity Trends


The basic setup for Activity Trends includes these tasks:
1. Make sure the IBM Tivoli Analyzer for Lotus Domino is installed.
2. For each server for which you want to collect activity logging
information and analyze activity trends, enable activity logging and
activity trends in the Configuration Settings document.
3. To set up resource balancing, do the following:
a. Load the Domino Change Manager administration task on one
server in the domain.
b. Define a set of server profile options that specify the locations,
goals, and behavior of resource balancing.

Enabling activity logging and setting up Activity Trends


You enable activity logging and set up Activity Trends in the
Configuration Settings document. First, you enable activity logging to
gather data for the selected server tasks. The first time you start Activity
Trends, the system must run and collect data for 24 hours before you can
work with the data.
Then you specify how you to collect the Activity Trends and create the
Activity Trends database (ACTIVITY.NSF), which is stored, by default,
in the Domino data directory.
To enable activity logging and set up Activity Trends
1. From the Domino Administrator, click the Configuration tab, expand
the Server section, and click Configurations.
2. Select the server, and click Edit Configuration or Add Configuration.
54-18 Administering the Domino System, Volume 2

3. Click the Activity Logging tab, and check Activity logging is


enabled.
4. Under Server Activity Logging Configuration, complete these fields:
Field

Action

Enabled logging
types

Select the server tasks to use to produce activity


logging data.
For Activity Trends, enable all tasks except
Domino.MAIL. At a minimum, you must enable
Domino.Notes.Session and Domino.Notes.Database.

Checkpoint interval Enter the number of minutes to wait between the


creation of checkpoint records. The default is 15
minutes.
Log Checkpoint at
Midnight

Check Yes to log ongoing session activity at


midnight. This is required for Activity Trends.
You must enable this field to enable Activity
Logging.

Prime Shift Interval Specify the start and end time of prime shift. Set the
interval on the hour.

5. Click the Activity Trends tab, and complete the following fields on
the Basics tab:
Field

Action

Enable activity
trends collector

Click yes to run the Activity Trends Collector.


Activity Trends Collector uses the raw data from
activity logging and prepares it for use with Activity
Trends.

Activity trends
collector database
path

Enter the name and path of the database where


Activity Trends data is stored if you want to change
this. The default is ACTIVITY.NSF.

Time of day to run


activity trends
collector

Enter a time. The default is 3:23 AM. Schedule the


Activity Trends Collector to run after the Catalog
task runs. By default, the Catalog task runs at 1 AM.

Days of the week to Select the days for which you want to collect
collect observations observations. The default is Monday through Friday.

Using IBM Tivoli Analyzer for Lotus Domino 54-19

Monitoring

Log Checkpoints for Check Yes and then specify the prime shift interval to
log checkpoints for the prime shift.
Prime Shift
You must enable this field to enable Activity
Logging.

6. Under Activity Trends Data Profile Options, keep the Use defaults
field enabled. If you choose not to use the defaults, complete these
fields.
Field

Action

Trends cardinal
interval

Enter the number of recent observations you want to


use. The default is 10.
When computing trended values, recent observations
are weighted the most. For example, if you select
Monday through Friday in the Day of the week to
collect observations field and use the default 10 in the
Trends cardinal interval field, the trended values
will include two weeks of observations (five days each
week).
Note If you know there has been a recent change in
user activity, you may choose not to use trended
values.

Observation time Specify the time in seconds for one bucket. The default
bucket (seconds) is 300.
The observation time controls how many buckets you
will have for one 24-hour observation period.
Maximum
observation list
time

Specify the maximum length of time data is kept in the


Trends database before it is overwritten with new data.
The default is 366, the number of days in a leap year.

Trends history
interval

Choose one:

Daily
Weekly (default)
Monthly
Trend Interval

7. Click the Retention tab. Keep the Use defaults field enabled.
Documents are overwritten after the retention period expires. The
defaults are:
Server history 366 days
Server observations 15 days
Database observations 10 days
User observations 10 days
Connection observations 10 days
Inactive database trends 10 days
Inactive user trends 28 days
Inactive connection trends 28 days
Run log 20 days
54-20 Administering the Domino System, Volume 2

8. Click the Proxy Data tab, and enter the names of the databases
containing activity data to search.
9. Click Save and Close.
For detailed information on checkpoint records, see the chapter, Setting
Up Activity Logging.

Understanding how Activity Trends collects data


Activity Logging collects data from the log file (LOG.NSF) and the
Catalog task and stores it in the Activity Trends database
(ACTIVITY.NSF). The Activity Trends Collector task processes this data
and produces the trended data that is used in charting and resource
balancing.
The Trends cardinal interval, Observation time bucket, and Proxy
data settings affect Activity Trends.

Consequently, the newest observations are weighted most heavily, and


older observations are weighted exponentially less and less in the new
computed trend. Keep in mind that increasing the cardinal interval
increases the number of recent observations that are heavily weighted,
and decreasing the cardinal interval decreases the number.
Observation Time Bucket
Activity Trends stores data in a time bucket, or array, that represents a
distribution of activity across one observation period. When you set up
Activity Trends, you specify the size of each bucket, by specifying the
number of seconds that make up one bucket. The specified number must
divide evenly into one hour. For example, the default is 300 seconds, or 5
minutes; therefore, there are 288 5-minute buckets in one observation
period.
Proxy data
By default, the server from which you are running Activity Trends will
find the local Activity Trends database (ACTIVITY.NSF). However, you
may replicate Activity Trends databases that contain data you want to
access. You use proxy data to include the names of other Activity Trends
databases that contain trends data from other servers.

Using IBM Tivoli Analyzer for Lotus Domino 54-21

Monitoring

Trends Cardinal Interval


Trend statistics are based on data gathered during an observation period,
which is a 24-hour period from midnight to midnight. Each trend statistic
is a weighted running average, which is computed by adding data from a
new observation to the existing trend, or running average, with an
exponential weighting.

Activity Trends server and statistics profiles


Using profiles simplifies the work of managing groups of servers and
groups of statistics. In Activity Trends, you can collect servers into a server
profile, and you can specify the statistics to be included in a server profile.
In a server profile, you collect servers from the same domain into a
named group. Then when you perform resource balancing or use
charting to review performance, you have easy access to those servers.
After you create a server profile, you can select a statistics profile to view
the statistics for the selected server profile.
When you perform resource balancing, the server profile can include one
or more phantom servers. Phantom servers do not physically exist, but
you can use them in what if scenarios to evaluate how adding servers
might alleviate load problems. Phantom servers are not visible when
viewing activity trends, in either the Latest or Historical views, because
there is no activity trends data for phantom servers.
Activity Trends analysis includes default statistics that differ depending
on the view you are in. The Users view, for example, has only one default
statistic, while the Server view has two. You can create statistics profiles
that contain an unlimited number of Domino system statistics. Then you
can use any statistic profile with any server profile.
For more information on profiles, see:

Creating an Activity Trends statistics profile

Creating an Activity Trends server profile

Creating an Activity Trends server profile


You can create one or more Activity Trends server profiles.
To create a server profile
1. From the Domino Administrator, click the Server - Performance tab,
expand the Activity Trends section, and do one:
Select a view in the Latest folder or Historical folder
Select Resource Balancing
2. In the Server profiles area, click the green plus sign.
3. In the Add Server dialog box, select the domain to use.
4. Under Server, do one or both of these:
Click Existing Server, and select from the list of available servers.
Click Phantom (Resource Balancing only), and enter a name for
the phantom server.
54-22 Administering the Domino System, Volume 2

5. Click Add to add each server, and then click Done when you have
completed your selections. This group is only temporary. To save
this server profile, proceed to the next step.
6. Click the document icon and choose Save As.
7. In the Save Server Profile dialog box, enter a group name and
click OK.
To create an additional server profile
Use this procedure to clear the current server profile and create a new
one.
1. In the Server profile area, click the document icon, and choose
New.
2. Click the green plus sign, and complete Steps 4 through 7 in the
above procedure.

Modifying an Activity Trends server profile

To add a server to a profile


1. From the Domino Administrator, click the Server - Performance tab,
and expand the Activity Trends section.
2. Select an Activity Trends view.
3. Under Saved server group configurations, choose a server profile.
4. Click the green plus sign to display the Add Server dialog box.
5. Under Server, do one or both of these:
Click Existing Server, and then select from the list of available
servers.
Click Phantom (Resource Balancing view only), and then enter a
name for the phantom server.
6. Click Add to add each server, and then click Done when you
complete the selections. This group is only temporary. To save this
server profile, proceed to the next step.
7. Click the document icon, and do one:
Click Save As, and enter a new profile name.
Click Save to update the existing profile.

Using IBM Tivoli Analyzer for Lotus Domino 54-23

Monitoring

You can add or delete servers to an existing server profile. In Resource


Balancing, you can also add phantom servers. A phantom server does
not physically exist, but is factored in to the resource-balancing plan to
evaluate how adding servers might alleviate current load problems.

To delete a server from a profile


1. From the Domino Administrator, click the Server - Performance tab,
and expand the Activity Trends section.
2. Select an Activity Trends view.
3. Under Server profiles, choose a profile.
4. Select the name of one or more servers to delete.
5. Click the red minus sign.

Deleting an Activity Trends server profile


You can delete a server profile that was previously saved.
1. From the Domino Administrator, click the Server - Performance tab,
and expand the Activity Trends section.
2. Select an Activity Trends view.
3. Select a server profile from the list.
4. Click the document icon, and choose Delete.

Creating an Activity Trends statistics profile


To create a statistics profile
1. From the Domino Administrator, click the Server - Performance tab,
expand the Activity Trends section, and select a view in the Latest
folder or Historical folder.
2. In the Statistics profiles area, click the green plus sign.
3. In the Add Activity Statistic dialog box, expand the statistic
categories. The list of activity statistics varies depending on the view.
4. Choose one or more statistics to add, and click OK.
Tip To select more than one statistic, locate your cursor in the
column to the left of the list and click next to each statistic you want
to add. Drag the mouse to select large group of statistics.
5. Click the document icon, and choose Save As.
6. In the Save Statistics Profile dialog box, enter a name for the group.
To create another statistics profile
1. In the Statistics Profiles area, click the document icon, and choose
New.
2. Click the green plus sign, then complete Steps 4 through 6 in the
above procedure.

54-24 Administering the Domino System, Volume 2

Modifying an Activity Trends statistics profile


You can add or delete statistics from a saved statistics profile.
To add a statistic to a saved profile
1. From the Domino Administrator, click the Server - Performance tab,
expand the Activity Trends section, and select a view in either the
Latest folder or Historical folder.
2. Under Statistics profiles, choose a group.
3. Click the green plus sign to display the Add Activity Statistic
dialog box.
4. For each statistic you want to add, select the statistic, and click OK.
When you finish adding statistics, click Done.
Tip To select more than one statistic, position the cursor in the
column to the left of the list and click next to each statistic to add, or
drag the mouse to select a large group of statistics.
Click Save As, and enter a new profile name.
Click Save to update the existing profile.
To delete a statistic from a saved profile
1. From the Domino Administrator, click the Server - Performance tab,
expand the Activity Trends section, and select a view in the Latest
folder or Historical folder.
2. Under Statistics profiles, choose a profile.
3. Select the statistic you want to remove, and click the red minus sign.
4. Click the document icon, and do one:
Click Save As, and enter a new profile name.
Click Save to update the existing profile.

Viewing Activity Trends charts


You can view the latest available data and historical data charts of
Activity Trends statistics. You can also set display options that customize
the appearance of the charts. You can select servers and statistics to view,
or you can select predefined server and statistic profiles.
You can also drill down for more information on any user or database
statistic in the Latest Folder view. For example, to see which databases a
user is accessing, select a user from the Latest Folder - User view and
double-click the users name; the Connection view displays a chart of
that users database use.

Using IBM Tivoli Analyzer for Lotus Domino 54-25

Monitoring

5. Click the document icon, and do one:

For information about setting charting display options, see the topic
Setting charting options for resource balancing later in this chapter.
To view Activity Trends charts
1. From the Domino Administrator, click the Server - Performance tab.
2. Select the Activity Trends view.
3. Select one of these views:
Latest folder - Server To view the set of data available for
selected statistics on each selected server.
Latest folder - Database To view the databases on each selected
server.
Latest folder - User To view the users statistics for all databases
on the selected servers.
Latest folder - Connection To view information for a selected
statistic from either the User or Database charts.
Historical folder Weekly
Historical folder Daily

Resource balancing in Activity Trends


Using resource balancing, you can balance selected resources, such as
database transaction load and disk space, among a selected group of
servers. You decide which databases are available to be relocated as part
of the resource balancing. All system databases are automatically
pinned and cannot be moved. You can pin other databases to prevent
them from being moved.
In addition to balancing the resources of existing servers, you can create
phantom servers to use for future planning. Each phantom server
represents a new server that can be loaded with databases. Then you can
evaluate the effect of adding a new server before you incur the expense
of additional hardware.

Server roles
The role you assign to a server affects the resource-balancing results.

Source Only These servers cannot have any databases moved to


them.

Destination Only These servers cannot have any databases


removed from them. A phantom server is a Destination Only server
and cannot be changed.

Any These servers can have databases moved to or from them.

54-26 Administering the Domino System, Volume 2

Setting up resource balancing in Activity Trends


Within an Activity Trends server profile, you define criteria that
determines which databases and servers to evaluate and how to balance
resources.
1. Specify locations of the databases and servers to search for activity
data.
2. (Optional) Set display options for Activity Trends charts.
3. Set the primary and secondary goals for analyzing the database
activity that you want to balance.
4. Specify which databases can move during resource balancing.
5. Specify the location of the Change Manager database and set
resource-balancing behavior.

Specifying database and server locations for resource balancing

You can open the Server Profile Options dialog box from the Activity
Trends menu or by clicking the Server Profile Options button:

To specify locations
1. From the Domino Administrator, click the Server - Performance tab.
2. Select the Activity Trends - Resource Balancing view.
3. Choose Resource Balancing - Options to open the Server Profile
Options dialog box.
4. Click General.
5. Under Activity Data Search Order, choose one or both:
Search Local Activity Databases To search the Activity
databases (ACTIVITY.NSF) on each server on which Activity
Trends is enabled.

Using IBM Tivoli Analyzer for Lotus Domino 54-27

Monitoring

Use the Server Profile Options dialog box to specify which databases and
servers will be searched for activity data, and whether to use cached
data. Because Activity Trends data changes only on a daily basis, caching
data is highly recommended to increase system performance by avoiding
a read across a potentially slow network. The first time a servers data is
read, the data is cached and remains available. For example, if you read
and then delete a servers activity data and later add the same server, the
in-memory data is used.

Search Activity Data Proxy Servers To use servers that contain


activity data copied or replicated from another server. Enter the
name of the servers that have the proxy data. Activity Trends
Collector proxy data options are configured in the Configuration
Settings document in the Domino Directory.
6. Under Activity Trends Data Cache for the field Enable caching of
activity data, do one:
Check Yes (default) To cache Activity Trends data. When data
is cached, if the data for a server has already been retrieved (even
though the server may not appear in any of the server lists), the
cached data is used.
Uncheck Yes To gather Activity Trends data every time a new
server is added. Data from servers that are removed is discarded
immediately, and new data is retrieved.
7. For the field Cache expiration time out, enter the number of
minutes that data remains cached after the servers data is first
retrieved. The default is 360 minutes.
8. Choose one of the following to set location defaults. These defaults
apply only to items on the current tab.
Use Defaults To revert to previously stored custom defaults.
Save as Defaults To save a custom set of defaults and override
the system defaults.
Reset Defaults To revert to the system defaults.

Setting charting options for resource balancing


You can set options for how Activity Trends charts display on the
Domino Administrator Server - Performance tab. For all Activity Trends
views, you can specify font appearance and show database names
instead of file names. You can specify additional charting options that
apply individually to the Latest folder, Historical folder, and the
Resource Balancing views.
You can open the Server Profile Options dialog box from the Activity
Trends or Resource Balancing menus, or by clicking the Server Profile
Options button:

54-28 Administering the Domino System, Volume 2

To set chart options


1. From the Domino Administrator, click the Server - Performance tab,
expand the Activity Trends section, and click Resource Balancing.
2. Choose Resource Balancing - Options to open the Server Profile
Options dialog box.
3. Click Charting.
4. Under Font Preferences, select the way that type will appear on all
charts in all Activity Trends views. The defaults are:
Chart Element

Font

Chart Heading Font

Default Sans Serif 12

Bold

Chart Axis Label Font

Default Sans Serif 8

Plain

ChartLegend Font (when visible) Default Sans serif

Size

Appearance

Plain

5. Under Resource Balancing Display Options, check Yes to enable


these options for Resource Balancing view. The default is unchecked.
Show chart using 3D effect
6. Under Latest Activity Display Options, do the following to set the
appearance of for the Activity Trends - Latest folder views:
a. For the field Maximum X-axis items that can be displayed
enter the number of items that can be shown in the horizontal
position on the chart. The default is 1000.
b. Check Yes to enable these display options. The default is
unchecked:
Show database titles on X-axis
Show actual values on Y-axis when displaying single data type
(such as bytes, transactions, milliseconds)
Show chart using 3D effect
7. Under Historical Activity Display Options, check Yes to enable these
options for the Activity Trends - Historical folder views. The default
is unchecked.
Show actual values on Y-axis
Show chart using 3D effect
8. Choose one of the following to set Charting defaults:
Use Defaults To revert to previously saved custom defaults.
Save as Defaults To save a custom set of defaults and override
the system defaults.
Reset Defaults To revert to the system defaults.
Using IBM Tivoli Analyzer for Lotus Domino 54-29

Monitoring

Show actual values on Y-axis when displaying non-normalized data

Primary and secondary goals for resource balancing


To balance resources, first determine your primary and secondary goals,
and specify how much weight to give each of these goals. The default
goals are Notes Transactions and Disk Space, which are the defaults for
Primary and Secondary goals respectively. Because transactions factors
in almost all user and server activity, and disk space is typically a
constrained resource, these are a good measurement on which to balance.
The second factor in resource balancing is tolerance. When you specify
tolerance, you indicate the level of accuracy you want for the resource. A
low value typically generates more moves (it is less tolerant when the
values are lower), but produces a better distribution of the resources that
are closer to the targeted accuracy. A higher tolerance value creates
fewer moves, but does not distribute the activity as evenly. You set
tolerance values for both the Primary and Secondary Goals, however the
primary tolerance is much more important than the secondary tolerance
in determining the number of moves.
Finally, you specify whether to use trended data or data collected from
one observation period. You also choose when to gather the data.
For more information about trended data see the topic Understanding
how Activity Trends collects data, earlier in this chapter.
The resulting resource chart may show heavy activity on some servers
and light activity on others. You can choose to balance the activity across
the servers so that no single server shows a high incidence of activity.
You can balance resources based on a primary and a secondary goal.
Unless you have specific requirements in mind, the recommended
primary and secondary goals are Notes Transactions and Disk Space,
respectively.
Because the primary goal is given more weight than the secondary goal,
set the resolution of the most troublesome resource area as the primary
goal. For example, if you suspect that some servers have available disk
space, while others have almost none, choose the statistic Disk Space as
the primary goal.
Statistic Name

Description

AvgSpaceUsed

Percentage of the disk space actually in use, as


recorded by the database activity data.

DiskSpace

The number of bytes of disk space occupied by the


database, as recorded by the database activity data.

FullTextIndexSize

Size of the full-text index for this database.


continued

54-30 Administering the Domino System, Volume 2

Statistic Name

Description

HTTP BytesFromServer The number of bytes sent from the database, as


recorded by the user session data.
HTTP BytesToServer

The number of bytes sent to the database, as recorded


by the user session data.

HTTP RequestMsecs

Request time, in milliseconds.

HTTP Requests

The number of HTTP requests.

Notes BytesFromServer The number of bytes sent from the server, as recorded
by the user session data.
The number of bytes sent to the server, as recorded by
the user session data.

Notes Connects

The number of database connections, as recorded by


the user session data.

Notes DocumentsRead

The database read count, as recorded by the database


activity data.

Notes
DocumentsWritten

The database write count, as recorded by the database


activity data.

Notes Transactions

The number of transactions, as recorded by the user


session data.

Replica BytesRead

The number of bytes read, as recorded by the


Replicator task.

Replica BytesWritten

The number of bytes written, as recorded by the


Replicator task.

Users

The count of unique users, as recorded by the user


session data.

Setting primary and secondary resource-balancing goals


To balance resources, you establish two goals based on two selected
statistics. Each goal is based on a statistic that is associated with the
activity you want to balance.
You can open the Server Profile Options dialog box from the Resource
Balancing menu, or by clicking the Server Profile Options button:

1. From the Domino Administrator, click the Server - Performance tab.


2. Select the Activity Trends - Resource Balancing view.
3. Choose Resource Balancing - Options to open the Server Profile
Options dialog box.
Using IBM Tivoli Analyzer for Lotus Domino 54-31

Monitoring

Notes BytesToServer

4. Expand the Balancing section, and then click Goals.


5. Complete these fields to specify the primary goal:
Field

Action

Statistic Name

Select a statistic from the list. The default is Notes


Transactions.

Tolerance

Enter a percentage. The default is 10%.

Analyze

Choose one:
Trended Data (default) To analyze the resource
balance based on trended data.
Last Observation Data To analyze the resource
balance based on the data that was gathered during
the most recent observation time.

Over period

Choose one:
Complete Day (24 hours) To analyze data gathered
during a 24-hour period.
Prime Shift Only (default) To analyze data gathered
during the prime shift hours.
Note The prime shift hours are defined on the Activity
Logging tab of the Configuration Settings document.

For more information on defining prime shift hours, see the topic
Setting up Activity Trends earlier in this chapter.
6. Click Secondary Goal, and repeat Step 5 to specify the values for the
secondary goal. Goals that were selected as Primary goals will not
appear in the list of available statistics for secondary goals.
7. (Optional for secondary goal only) Enable Other options if any
tolerance value is acceptable as a solution for resource balancing.
8. Choose one of the following to set defaults for goals. You can set
these defaults on either the Primary or Secondary Goal tab.
Use Defaults To revert to previously saved custom defaults.
Save as Defaults To save a custom set of defaults and override
the system defaults.
Reset Defaults To revert to the system defaults.

Specifying which databases can move during resource balancing


To specify which databases can move during resource balancing, you
create a master pin list. Because system databases, such as the Domino
Directory, are never moved, do not include them in the pin list.

54-32 Administering the Domino System, Volume 2

You pin databases in one of two ways. You can list databases you do not
want to move, or you can list only the databases that you do want to
move. After you define a pin list, you can save it as a pin list profile.
Tip You can also pin individual databases from the Available Databases
list in the Server - Performance tab, in the Resource Balancing view of the
Domino Administrator.
By default, all databases are associated with all servers. The server name
can be specified as part of the entry. Use a colon to specify the server
part. For example, Acme/East:mail/*.nsf applies to all mail/*.nsf
databases on the server Acme.

You can open the Server Profile Options dialog box from the Resource
Balancing menu, or by clicking the Server Profile Options button:

To create a master pin list


1. From the Domino Administrator, click the Server - Performance tab.
2. Select the Activity Trends - Resource Balancing view.
3. Choose Resource Balancing - Options to open the Server Profile
Options dialog box.
4. Expand the Balancing section, and then click Pin List.
5. Click the Database Pin List tab.
6. Under Pin Method, choose one:
Pin listed databases To pin the listed databases so that they will
not be moved.
Pin all but listed To make the listed databases available to be
moved, and pin all other databases.
7. Under Database List, add or delete databases. To add a database,
enter the name directly on the list.

Using IBM Tivoli Analyzer for Lotus Domino 54-33

Monitoring

When you select servers to balance resources, you should be aware that
Activity Trends does not recognize that servers are in a cluster. If you
include servers from different clusters or some servers that are in a
cluster and some servers that are not in a cluster, Activity Trends may
suggest moving a database out of a cluster in order to balance the
resources. To prevent this, you can create a separate server profile for
each cluster and one for nonclustered servers, or you can pin databases
that you want to exclude from resource balancing.

8. Next to the list of database names, do one:


Choose Reset to return the list to its original set of databases.
Choose Save as, and enter a name to save a new pin list.
9. Choose one:
Use Defaults To revert to previously saved custom defaults.
Save as Defaults To save a custom set of defaults and override
the system defaults.
Reset Defaults To revert to the system defaults.
To edit or delete a saved pin list profile
1. Under Saved Pin List Profiles, select a profile.
2. Do one:
Edit the list of databases, and then click Save.
Click Delete.

Understanding resource-balancing behavior


When you set the resource-balancing behavior, you balance the amount
of moves made during resource balancing with the amount of accuracy
achieved. Accuracy is how successfully the moves were made, based on
the number of moves allowed. The higher the accuracy, the more evenly
resources are balanced.
You also specify the location of the Domino Change Control database
(DOMCHANGE.NSF). By default, Activity Trends automatically selects
a server. However, you must specify the Domino Change manager server
in the Configuration Settings document. Use the default unless you want
to use a local replica or are working remotely and want to use a server
that has a replica of the Domino Change Control database.
Resource balancing distributes database activity across three bins:

Light The top bin when graphed, has the lightest amount of
activity.

Medium The middle bin when graphed, has a medium amount of


activity. This percentage is calculated based on the percentage in the
other two bins.

Heavy The bottom bin when graphed, has the heaviest amount of
activity.

54-34 Administering the Domino System, Volume 2

Resource balancing attempts to balance the bins among the servers as


well as the total for the servers. This is important because heavily utilized
databases (databases with a high number of transactions) also have the
greatest variance. That is, their usage is more likely to vary from the
mean more frequently. This means that when there is a spike in activity,
the spike will be a big spike, and the dip will be a big dip. Dividing the
databases into bins separates the few databases that account for a large
amount of activity, from the large amount of databases that account for
little activity. For example, out of 100 databases on a server, 10 databases
may account for 30% of activity, while 65 databases account for another
30%. The remaining 40% of activity is accounted for by the medium
usage 250 databases.
Balancing according to the bins, ensures that the spread of heavily used
and lightly used databases are evenly distributed across the servers. This
results in more predictable usage patterns, increased availability, and
more efficient use of resources.

For more information about charting bin activity and how the values are
calculated, see the topic Understanding current and projected profile
charts, later in this chapter.
You also specify how Activity Trends analyzes the server resource
capacities. By default, server capacities are determined relative to other
servers in the list. For example a server that has a capacity of x1
transactions has half the transactional capability (CPU) of a server at x2.
You could, however balance resources based on actual values (such as
the number of transactions per day, or the total amount of disk space
available). Using the example above, you would specify the servers as
having a capacity of 10,000 and 20,000 transactions. However, if you
choose to balance resources based on actual values, you have to know
that the servers involved can actually handle the capacities specified.
Another way in which you indicate server resource capabilities, is to
specify how the server volume is determined. You can either use server
volume and file system information when resource balancing, or ignore
volume information and treat all space as flat. The default is to use the
volume information, which uses the different physical volumes and their
sizes that comprise the space available to Domino, rather than just the
total amount of space on the server. Volume balancing is recommended.
Using IBM Tivoli Analyzer for Lotus Domino 54-35

Monitoring

Deciding the exact percentages for each of the bins depends on how your
organization uses their databases and the type of server being balanced
(mail server versus application server). For mail servers in most
organizations you may want to increase the size of the light bin and
decrease the size of your heavy bin, while for application servers the mix
may be different.

This may produce plans in which a database moves to a different server


and has a different destination path because of space requirements on a
particular volume on the destination server.

Customizing resource-balancing behavior


Customizing resource-balancing behavior is an advanced feature.
Therefore, unless you know how changes will affect the outcome of
resource balancing, use the default settings
To customize resource-balancing behavior
1. From the Domino Administrator, click the Server - Performance tab,
expand the Activity Trends section, and click Resource Balancing.
2. Choose Resource Balancing - Options to open the Server Profile
Options dialog box.
3. Expand the Balancing section, and then click Advanced.
4. Under Resource Balancing Behavior, choose one:
Minimize Moves To minimize the number of moves made,
even though the balance may not be as accurate when completed.
Balance Moves and Accuracy To allow more moves, in an effort
to reach a higher level of accuracy.
Maximize Accuracy To allow as many moves as it takes to get
the most accurate resource balance.
5. Under When submitting a resource balancing plan choose one of
these:
Automatically Select Server to automatically locate the server in
the domain that has the Domino Change Control database
(DOMCHANGE.NSF). This is the default.
Use Local Database Replica and then enter the path to use a
replica of the Domino Change Control database
(DOMCHANGE.NSF) located on the local drive.
Use Remote Server and then enter the name of the server that
has the Domino Change Control database (DOMCHANGE.NSF).
6. Under Bin Sizes, choose the percentage for each bin:
Light Bin Default is 30%
Middle Bin Default is 40%
Heavy Bin Default is 30%

54-36 Administering the Domino System, Volume 2

7. For the field Enter server resource capacities as relative values


when editing server properties, do one:
Check Yes (default) to specify server resource capabilities relative
to other servers in the list.
Uncheck Yes to specify actual values, such as the number of
transactions per day or the total amount of available disk space.
8. For the field Use server volume and file system information when
resource balancing, do one:
Check Yes (default) to use the volume information, such as
physical volumes and their sizes that comprise the space available
to Domino.
Uncheck Yes to ignore volume information and use the total
amount of space on the server, treating all space as flat.

10. Choose one of the following options to set Resource Balancing


behavior defaults:
Use Defaults To revert to previously saved custom defaults.
Save as Defaults To save a custom set of defaults and override
the system defaults.
Reset Defaults To revert to the system defaults.

Analyzing resource-balancing distributions


Use any of these procedures to analyze the current and proposed
distribution of user activity on specified databases. The statistics and
charts displayed during this process reflect the choices you made in the
Server Profile Options dialog boxes.
1. Create a proposal for a new, balanced distribution.
2. Compare the current and projected distribution of databases on
servers.
3. Review the distribution of user activity represented in the light,
medium, and heavy bins. Review the effect of changes on other
resource statistics in these charts as well. The accuracy is only a
guide as to how well it achieved the balance within the tolerance
specified. Sometimes the required accuracy may not be achieved for
Using IBM Tivoli Analyzer for Lotus Domino 54-37

Monitoring

9. For the field Warning when data is older than n days, enter the
number of days before a warning is generated. The default is 7 days.
Then if you create a resource-balancing plan and the data is older
than 7 days, you receive a warning that the resulting plan will be
based on old data.

a particular server. There are many reasons why this could happen.
Sometimes, there is no solution within the parameters specified and
resources are balanced as well as they can be.
4. Review the server capacity and accuracy information before and
after proposed targets.
5. Change the mix of servers and server properties and run the analysis
again, if necessary.
6. Submit a plan to the Domino Change Manager to implement the new
balance of resources.

Creating a proposal for balanced resources


Based on the selections made in the Server Profile Options dialog box,
you can balance resources for a server profile that you created. During
the resource-balancing process, it may take several attempts before
databases are distributed in a way that you find acceptable. You may
need to change source server or database selections. You can make these
adjustments during this process to help make the analysis process run
smoothly.

Pin and unpin databases

Change server properties or add a phantom server

Filter out servers and their databases that you do not want displayed
on the Available Databases tab

Change the layout of the Activity Trends view on the Server Performance tab of the Domino Administrator

To create a proposal
1. From the Domino Administrator, click the Server - Performance tab.
2. Under Activity Trends, click Resource Balancing.
3. Choose a server profile.
4. Click the Available Databases tab to display the list of databases
that can be moved.
5. (Optional) To change the databases that are available for moving,
select a database and click Pin or Unpin.
6. Make sure that each server in the top frame has an arrow next to its
name. If there is a red (x) instead of an arrow, the server is not
reporting its trended data. You must remove the server or make it a
phantom server; otherwise, the Analyze button will be disabled and
you will not be able to create a proposal.
7. Check the server properties to make sure that the capacity of each
server is weighted correctly.
54-38 Administering the Domino System, Volume 2

For information on editing server properties, see the topic Editing


server properties for resource balancing later in this chapter.
8. Click Analyze.
9. When the analysis is complete, view the Recommended Plan and
Project Profile.

Comparing current and projected resource balances

Available Databases Lists the databases that are not pinned in the
Master Pin List and are, therefore, available to be moved

Recommended Plan Shows the new source and proposed


destination for the databases

Current Profile Shows how the servers are currently balanced

Projected Profile Shows how the servers will be balanced after the
plan is carried out

Evaluate the changes that are proposed during resource balancing. If you
are not satisfied with the proposed changes, change the mix of servers or
databases or adjust the specified tolerance level in the Server Profile
Options dialog box. If you are happy with the proposal, then you are
ready to submit the plan to the Domino Change Manager.

Evaluating server activity for resource balancing


To balance resources, evaluate the database activity for each server on
which you want to balance resources. Then compare that activity to
redistributed database activity that would result from balancing
resources. The Resource Balancing view on the Server - Performance tab
of the Domino Administrator provides this information in a number of
ways. First, the status of selected servers or of servers in a selected server
profile displays. A red X next to the server indicates that the server is not
available for resource balancing, possibly because the server is down.
Using IBM Tivoli Analyzer for Lotus Domino 54-39

Monitoring

After creating a proposal for balanced resources, compare the proposal


against the current resource profile by reviewing the information on the
Resource Balancing tabs. The Available Databases and Current Profile
tabs display information about the current state of the servers. You can
also look at the information in the upper frame, which shows you the
current and projected activity, and the targeted and achieved accuracy.
The Recommended Plan and Projected Profile tabs, which are populated
after you analyze current resources, display the distribution of resources
after the plan is completed. The Resource Balancing view is on the Server
- Performance tab of the Domino Administrator. The four tabs provide
the following information about the servers for which you want to
balance resources:

Hover over the red X with your mouse to see the status of the server,
including the error message. The Edit Server Properties dialog box also
shows associated error messages in the Status field.
For each goal specified in the Server Profile Options dialog box, Activity
Trends displays the following information that you use to evaluate
whether a server is a candidate for resource balancing:

Current The current value of the metric as recorded.

Capacity The resource capacities of each server. Resources are


balanced using either capacity or target values. By default, the
capacity is the value used in determining the targets during resource
balancing. You set this value by editing server properties.

Target The target value that you want to meet during resource
balancing. This value is based on the statistics specified as primary
and secondary goals. For example, if Notes Transactions is a goal, the
value is the number of transactions. So, if a server has a target of
2000 transactions, the resource-balancing solution attempts to
provide this server with 2000 transactions.

Projected The calculated final value of the servers resource, if the


generated solution (plan) were to be applied.

Accuracy A percentage from 0 to 100 that represents how


successfully the moves were made, based on the behavior criteria
you specified. A low percentage is bad and a high percentage is
good. Servers whose values are within the tolerance for the goal (set
in server profile options) display in blue. Values that did not achieve
the tolerance specified for the Goal display in red. This is not
necessarily bad, sometimes it means you need to use other servers or
that there is no good solution for this resource problem. In a good
balance, there should be almost no red values for the primary goal,
and perhaps a few ones for the secondary.

If you do not like the distribution of activity or servers based on this


evaluation, you can edit the server properties to change the server role.
Likewise, you can alter some of the options selected in the Server Profile
Options dialog box. If you have not set server profile options, you can
edit the server properties to change some of the option defaults, and then
analyze again using the new server values.
For more information on editing server properties, see the topic Editing
server properties for resource balancing later in this chapter.

54-40 Administering the Domino System, Volume 2

Understanding current and projected profile charts


To determine the proposed resource distribution, view the charts of
trended statistics created by Activity Trends. The Resource Balancing
view on the Server - Performance tab of the Domino Administrator
displays database activity for each server. The chart on the Current
Profile tab represents the current server load. The chart on the Projected
Profile tab shows how the servers will be rebalanced if the proposed plan
is implemented.

Example
The following chart shows database transactions on each server. The
overall height of the bar represents the sum (total) of the database
transactions. The three bins represent the light, medium, and heavy
modal distribution of the database metric in this case, transaction. In
this example, heavy is the first 30% of databases; middle is the next 40%;
and light is the top 30%, all adding up to 100%.
100
90
Light activity

80
70
60
50

Medium activity

40
30
20
10

Heavy activity

Using IBM Tivoli Analyzer for Lotus Domino 54-41

Monitoring

The charts use light, medium, and heavy bins to show the distribution of
user activity. Each bin represents a group of databases and their metric
values. These bins reflect the bin sizes values specified in the Server
Profile Options dialog box. View the distribution of activity before it is
balanced (Current Profile), and then view it again to determine if your
goals have been met. Resources that are not well balanced show a
disproportionate amount of activity in the heavy bin. After resource
balancing has been applied, the recommended distribution in bins
should be relatively even across the servers, if your goals were achieved.
The higher the accuracy of resource balancing, the more evenly activity is
distributed.

Light The light bin is the top bin when graphed, using the lightest
color of blue. This indicates the bin with the lightest amount of activity.

Medium The medium bin is the middle bin when graphed, using a
medium blue. This indicates the bin with a medium amount of activity.

Heavy The heavy bin is the bottom bin when graphed, using the
darkest color of blue. This indicates the bin with the heaviest amount
of activity.

How bin values are calculated


To understand how bin values are calculated, assume there are 20
databases, each with a varying number of transactions. Five is the lowest
number of transactions on any database, and 420 is the highest number
of transactions on the most active database. The total transactions per
database is represented as follows:
5,5,10,10,15,25,25,50,75,100,120,125,140,150,250,300,310,350,400,420 =
2885 transactions
When you group these transactions based on the bin sizes designated in
the Server Profile Options (30% light, 40% medium, and 30% heavy), the
transactions are distributed as follows:
Light = 5,5,10,10,15,25,50,75,100,120,125,140,150 (14 databases
account for 855 transactions; 865 is the target)
Middle = 250,300,310 (3 databases account for 860 transactions; 1154
is the target)
Heavy = 350,400,420 (3 databases account for 1170 transactions; 866
is the target).
1

0.8

Server: Sales1/Acme
Stat: Notes Transactions
Units: transactions

0.7

Total: 2885 [DBs: 20]

0.6

Light: 855 [DBs: 14]


Medium: 860 [DBs: 3]
Heavy: 1170 [DBs: 3]

0.9

0.5
0.4
0.3
0.2
0.1
0

Sales1

54-42 Administering the Domino System, Volume 2

When you view these charts, you see that 29% of the chart is light blue;
30% is medium blue; and 40% is dark blue. Hovering over the bar on the
chart, the pop-up shows that most transactions on the server occur on
relatively few (three) databases. In this case, 15% of the databases
account for about 40% of the transactions. If the bars for the other servers
on which you are balancing resources have different proportions for
light, medium and high bins, then resource balancing would better
spread the load across the system and probably result in better server
performance.

Using resource balancing in Activity Trends to decommission a


server

Use these guidelines to decommission a server:


1. Edit the server properties and do the following:
Set the server as source only to prevent Activity Trends from
moving any databases to it.
Set the server capacity to 0% for the unit you are using as the
primary balancing goal.
2. Use the default pin list so that Activity Trends relocates all databases
other than the system databases and the databases installed on every
server. You can also use an empty pin list since system databases are
always pinned.

Editing server properties for resource balancing


You can balance resources based on capacity or on a specified target. For
example, if you have a new server, you can redistribute server activity to
accommodate the increased resource capacity. However, if you need to
increase the number of transactions per server, you balance resources by
redistributing activity based on achieving a new target value.
In addition, you can assign a weight to each servers capacity. For
example, assume you have one server with 1.5GB of RAM and a 60GB
hard drive and have a second server with 3GB of RAM and a 120GB hard
drive. You can enter the capacity of the first server as 1 and the second
server as 2, giving it twice the weight.
Using IBM Tivoli Analyzer for Lotus Domino 54-43

Monitoring

Decommissioning a server is a special case of workload balancing in


which everything outside the default pin list is moved from the server.
The databases that remain, which may still account for significant
activity, are either system databases or databases that are typically
installed on every server, such as templates or help files. In most cases
the latter group will be the same on every server, with the possible
exception of unread marks.

If you set a capacity (or target) of zero for source-only or any-role


servers, resource balancing tries to move all unpinned databases on the
server. This is useful when decommissioning servers and moving their
contents to new servers.
If a servers data cannot be obtained, you can treat the server as a
phantom server and then change it back to a real server when data
becomes available. After changing it back, press F9 to refresh and read
the data from the server.
To edit server properties
1. From the Domino Administrator, click the Server - Performance tab
and open the Resource Balancing view.
2. Under Server profiles do one:
Select a profile
Select All Servers
3. In the Servers section, double-click the server whose properties you
want to edit. In the Edit Server Properties dialog box, the server name
and domain name appear by default. Complete the following fields:
Field

Action

Type

Choose one:
Real To identify a server that physically exists in the
domain.
Phantom To identify a server that does not physically exist
but is factored in to the resource-balancing analysis.
Note The option to toggle between a real server and a
phantom server is available only for real servers whose data
cannot be obtained.

Role

Choose one:
Any Databases can be moved to or from the server.
Source Only This server will not have any databases
moved to it.
Destination Only This server will not have any databases
moved from it.
Note Phantom servers are always Destination Only.

Goals

Select either the primary or secondary goal from the list. These
are the goals set in the Server Profile Options dialog box.
For more information about goals, see the topic Primary and
secondary goals for resource balancing.
continued

54-44 Administering the Domino System, Volume 2

Field

Action

Capacity Select this option to balance resources for the selected goal,
based on server capacity. Enter the number of resource units.
The default is 1.
Target

Select this option to balance resources based on achieving a


target goal. Enter a target value for the goal you selected.

Filtering servers used during resource balancing

To filter servers
1. From the Domino Administrator, click the Server - Performance tab
and open the Resource Balancing view.
2. Click the Filter button on the Available Databases tab.
3. In the Servers field choose one:
All Servers
Selected Servers
4. Check or uncheck one or more:
Hide System Databases (default is checked)
Hide Master Pin Databases (default is checked)
Hide Databases appearing in Plan (default is unchecked)

Pinning additional databases during resource balancing


When you set the Server Profile Options, you create a pin list of
databases that cannot be moved during resource balancing. However, as
part of the resource-balancing process, you can pin or unpin databases.
For example, you may want to evaluate the effect of pinning an
additional database, or you may want to unpin a database to see if
resources balance with fewer moves.
Pinning or unpinning databases as you balance resources does not
change the saved pin list. You cannot unpin a system database or a
Using IBM Tivoli Analyzer for Lotus Domino 54-45

Monitoring

You can change the displayed list of available databases by setting filters
that hide databases from display without affecting the master pin list or
affecting how a plan is generated. Using these options provides you with
the information you want quickly and easily. For example, using hide
databases appearing in plan shows only the databases that will remain
and filters out all databases that will move. The hide system databases
and hide master pin databases options show all of the databases on the
servers, even though you dont want to move them. This option is useful
when you need to see the complete picture of databases on a server and
is useful especially when decommissioning a server.

database that is pinned by the master pin list. However, the status of
each database is saved with the server profile information for the
selected server profile.
To pin or unpin databases as you balance resources
1. From the Domino Administrator, click the Server - Performance tab,
expand the Activity Trends section, and choose Resource Balancing.
2. Click the Available Databases tab.
3. Do one of the following:
Select the databases that cannot be moved, and then click Pin.
Select one or more databases that are currently pinned, and then
click Unpin.
4. Click the Analyze button to see the effect of the new pinning
information.

Displaying additional statistics during resource balancing


You can change the statistic that displays on the current or projected
profile chart so that you can view the balance of other types of database
activity. By default, when you balance resources, the primary goal is the
statistic that displays.
1. From the Domino Administrator, click the Server - Performance tab
and open the Resource Balancing view.
2. Click the Filter button on the Available Databases tab.
3. Select the statistic you want to display.
4. Under Options, select one or more of the following. The defaults
vary depending on the statistic.
Use Trended values to use trended statistics, instead of current
statistics.
Use Prime Shift values to use statistics collected during the
prime shift hours. Prime shift hours are specified in the
Configuration Settings document when you set up Activity
Trends.
Size in proportion to capacity to base statistics on server
capacity. Server capacity is specified in the server properties.
For more information on setting prime shift hours and editing server
properties, see the topics Enabling activity logging and setting up
Activity Trends and Editing server properties for resource balancing,
earlier in this chapter.

54-46 Administering the Domino System, Volume 2

Changing the layout of the Activity Trends view


You can change the layout of the charts in the Activity Trends or
Resource Balancing view. For example, you can maximize the sections
you are working on to reduce the amount of scrolling. You can change
the layout of the chart display using the Resource Balancing or Activity
Trends menus, or the layout button:

1. From the Domino Administrator, click Server - Performance.


2. From the Resource Balancing menu, select layout, and then choose
one:
Maximize
Maximum Width
Restore

Submitting a resource-balancing plan to the Domino Change


Manager
When you decide to implement resource balancing, you submit a plan to
the Domino Change Manager.
To submit a resource-balancing plan
1. From the Domino Administrator, click the Server - Performance tab.
2. Select the Resource Balancing view, and then select the
Recommended Plan tab.
3. Click Submit to submit the current data to the Domino Change
Manager.
4. Enter a plan name and a description of the plan.
5. The field Submit to displays the option selected in the Advanced
section of the Server Profile Options. Click the button at the right of
this field to open the Server Profile Options dialog box and change
this selection.

Using IBM Tivoli Analyzer for Lotus Domino 54-47

Monitoring

Maximum Height

Domino Change Manager


To implement a resource-balancing plan, you use the Domino Change
Manager task, which you load on only one server, usually the
Administration server, in a domain. The Domino Change Manager uses
the Domino Change Control database (DOMCHANGE.NSF) to manage
and implement a plan.
After you submit a plan, you track the status of the plan in the Domino
Change Control database (DOMCHANGE.NSF). To access the Domino
Change Manager from the Domino Administrator, choose Server Analysis, then expand the Domino Change Control view and choose
Plans - by Status.

The Domino Change Manager and the Administration Process


The Domino Change Manager uses the Administration Process to move
databases from one server to another. Data is collected and stored in the
Activity Trends database (ACTIVITY.NSF). When you use resource
balancing to create a plan for redistributing the database load, it first
initiates a database move command. Then it generates the Maintain
Trends Database Record request during the standard execution of the
database move. The Maintain Trends Database Record request is
posted in the Administration Requests database (ADMIN4.NSF) after the
database is created on the destination server.
During the execution of the Maintain Trends Database Record request,
the administration requests that typically require your approval are
automatically approved because the plan has been approved. You do not
have to manually approve requests in the Administration Requests
database (ADMIN4.NSF).
For more information on the Maintain Trends Database Records
Administration Process request, see the appendix Administration
Process Requests.

Setting up Domino Change Manager


To set up the Domino Change Manager, you load the Change Manager
task. Then, the first time you run the task, it creates the Domino Change
Control database (DOMCHANGE.NSF). Load this task on only one
server in the domain usually the Administration server.
To set up and run the Change Manager task
1. Open the NOTES.INI file for the server on which the Change
Manager will run.

54-48 Administering the Domino System, Volume 2

2. Add the following to the ServerTasks setting:


runjava ChangeMan

3. Save and close the NOTES.INI file.


4. At the console, enter this case-sensitive command exactly as shown:
load runjava ChangeMan

Tip To display full help text for this task, append -? or -help to the
command.

Specifying maximum concurrent tasks for Domino Change Manager

Increase the number of concurrent messages when you have many


people drafting, preparing, and submitting many plans. If you have
only a few plans, this is not necessary.

Increase the number of concurrent plans when you want many plans
to execute at the same time.

You set these options in the Configuration Settings document for the
domain. This Configuration Settings document applies the settings as the
default settings for all servers and uses the * [All Servers] as the group or
server name.
To specify the maximum concurrent tasks
1. From the Domino Administrator, click the Configuration tab, expand
the Server section, and click Configurations.
2. Select the * [All Servers] Configuration Settings document, and click
Add Configuration or Edit Configuration.

Using IBM Tivoli Analyzer for Lotus Domino 54-49

Monitoring

There are three thread pools that control the number of concurrent tasks
that the Domino Change Manager can carry out. The combination of the
number of concurrent plans and demands creates a pool from which all
the demands of all the plans are run. How the size of these thread pools
affects performance depends on the size of the server. If necessary, you
can limit the amount of CPU used by the Domino Change Manager. On
very powerful machines, however, you may want to increase these
numbers considerably. You typically want to increase the number of
concurrent demands to change the total number of demands (across all
executing plans) that can run simultaneously. This is the key variable
that will affect performance. As a general guideline:

3. Click the Change Control tab, and complete these fields:


Field

Action

Domain Change
Server

Choose the server that stores the Domino Change


Control database (DOMCHANGE.NSF).

Database file
name

Enter the name of the Domino Change Manager. The


default name is DOMCHANGE.NSF in server/data
directory. If the database is not in the default directory,
enter a full path name.

Max. concurrent
messages

Enter the maximum number of messages that can be


executed at the same time. The default is 5. The
recommended number is between 1 and 10.

Max. concurrent
plans

Enter the maximum number of plans that can be


executed at the same time. The default is 5. The
recommended number is between 1 and 10.

Max. concurrent
demands

Enter the maximum number of demands (for example,


database moves) that can be simultaneously processed.
The default is 40. This number should be equal to or
larger than the Max. concurrent plans number.

4. Click Save & Close.

Using the Tell ChangeMan command at the Domino console


You can use the Tell ChangeMan command at the console to control the
Domino Change Manager. The following options are available. The
command Tell ChangeMan is not case sensitive.
Option

Action

quit

Stops the Change Manager and all plug-ins.

stop

Stops the Change Manager and all plug-ins. Same as Quit.

exit

Stops the Change Manager and all plug-ins. Same as Quit.

help

Refers you to documentation.

Refers you to documentation. Same as Help.

restart

Stops and then restarts the Change Manager and all plug-in
subsystems.

start plug-in

Starts the plug-in. Currently, Control, Monitor, and


RoboAdmin are the defined plug-ins.

stop plug-in

Stops the plug-in. Currently, Control, Monitor, and


RoboAdmin are the defined plug-ins.
Note Alternatively, you can also use the forms plug-in stop,
plug-in quit and plug-in kill.
continued

54-50 Administering the Domino System, Volume 2

Option

Action

restart plug-in

Stops and then starts the plug-in. Currently, Control,


Monitor, and RoboAdmin are the defined plug-ins.
Note Alternatively, you can also use the form plug-in
restart.

plug-in command Attempts to issue the command to the named plug-in, if it


exists and is running.
reset

Resets the internal lookup caches.

For more information on using Domino server commands, see the


appendix Server Commands.

ACLs for the Domino Change Control database

Change Admin
A Change Administrator has the authority to change the settings in any
plan or plan element, such as a constraint or variable. In addition, a
Change Administrator can alter and add some elements used to create a
plan. Specifically, a Change Administrator can edit, create, and delete
constraints and constraint sets, approval profiles, keywords, and resources.
A Change Administrator must commit a plan to be executed. All plans
(including move requests created in the Administration Process
database) execute with the authority of the Change Administrator who
committed the plan. For that reason, the Change Administrator must also
have Create Replica access on each destination server. A Change
Administrator automatically has the Plan Reader role.
System Admin
The System Admin role is distinct from the Change Admin role, which
does not automatically include the role of System Admin. Each of these
roles is independent but not mutually exclusive in terms of the access that
the role grants. As with a Change Administrator, a System Administrator
can edit, create, and delete keywords, resources, interfaces, functions,
domain configurations, and plug-Ins. Because users with the System
Admin role can make powerful and potentially catastrophic changes,
assign the role only to users or groups of users who have an in-depth
understanding the Domino Change Manager. In addition, all control
Using IBM Tivoli Analyzer for Lotus Domino 54-51

Monitoring

There are four ACL roles created specifically for those who are working
with the resource-balancing plan. However, users or groups can also
have standard Domino ACL roles, such as Author or Reader. The roles
specific to resource balancing are: Change Admin, System Admin, Plan
Creator, and Plan Reader.

documents (Interface and Function Definitions, Domain Configurations


and Plug-ins) must be signed by either the Change Manager server or a
user who has the System Admin role. When the database is first created,
all control documents are signed by the server. This is to ensure the
security of the Change Manager system and the Domino Server.
Plan Creator
This role designates users and groups of users who can create plans.
Plan Reader
This role allows users and groups of users to read all plans. By default a
Change Administrator can read all plans and does not explicitly need
this role. Authors and Requesters of plans do not need this role to read
their own plans.

Default ACL settings for the Domino Change Control database


When the Change Control database (DOMCHANGE.NSF) is created,
these default access levels and roles are assigned.
Name

Access level Role

Full Access Administrator


Administrator
(Listed in the Server document of the current
server.)

Manager

Change Admin
System Admin
Plan Creator

Default

No access

No roles

LocalDomainServers

Manager

Plan Reader

OtherDomainServers

No access

No roles

Anonymous

No access

No roles

Recommended ACL settings


Assign the roles of Change Administrator and System Administrator
only to administrators who require them. Administrators who have these
roles have the ability to alter the basic system documents of a plan. The
recommended access level is Editor for most Change Administrators and
System Administrators. However, you can assign the Author access
level, but add restrictions on editing existing system documents such as
Interface or Function definitions. The System Admin role should be
especially restricted.
Assign the Plan Creator role only to those people or groups in an
organization that can create plans. Plan Creators only create plans, they
cannot commit them.

54-52 Administering the Domino System, Volume 2

Assign the Plan Reader role to people and groups that will be allowed to
read plans only. This role assumes that the people and groups reading
the plans are not Authors or Requesters.
Make sure that the Change Administrators and servers in the
LocalDomainServers group have Create Replica access rights.

Setting ACLs for mail database moves during resource balancing


To move databases within the domain, both the LocalDomainServers
group and the Change Administrator who committed the plan must have
Create Replica and Create Database rights.
1. From the Domino Administrator, click the Configuration tab, and
open the Server view.
2. Open the Server document for the mail server.
3. Select the Security tab.

Create databases & templates


Create new replicas
5. Save and close the document.
Note When load balancing, you dont have to approve the deletion of
the mail database on the source server. This is handled by the Domino
Change Manager.

Resource-balancing plans
The purpose of a resource-balancing plan is to move databases according
to the set of criteria defined in the Server Profile Options. The plan is
based on the analysis and proposal created during data exploration in
Activity Trends. When a plan is first submitted to the Domino Change
Manager, the plan has draft status. By default, the person who submits
the plan to the Domino Change Manager is the author and has the Plan
Creator role.
After the plan is submitted, it follows a prescribed course of submissions
and approvals until the final plan is activated and then completed. The
flowchart below shows the progression of a resource balancing plan from
its original draft state through its completed, archived state.

Using IBM Tivoli Analyzer for Lotus Domino 54-53

Monitoring

4. Under server access, add LocalDomainServers and any users with


the Change Admin role to these fields:

Promoting a plan from one state to another, such as from drafted to


prepared, can be made from within the plan document or from the
Change Control database (DOMCHANGE.NSF).
Draft
Legend

Prepare

Author or Administrator activated


Approver activated
System activated
Administrator or System activated

Submitted
Redraft

Prepared
Commit

Redraft

Committed

Redraft

Reject

Rejected

Approve

Cancelled

Cancel

Approved
Activate

Retry
Fail

Activated
Hold

Failed

Complete

Release

Completed

On Hold

Archive

Archive
Archive

Archived
(Pseudo-state)

The workflow for processing a plan submitted by Resource Balancing


follows these steps:
1. The author fully defines a plan by editing the draft plan.
2. The author or a Change Administrator prepares the plan, thereby
changing the plans status to prepared. The prepared state signals
that the author is satisfied with the details of the plan and wants to
have it executed.
3. A Change Administrator reviews the details of the plan and makes
any necessary changes, which are typically limited to adding or
removing approvers. At this time a Change Administrator can cancel
the plan or commit the plan to execution, subject to approval by
various groups and roles.
4. A committed plan is either approved or rejected by approvers.
Approval must be unanimous for a plan to be approved. If one of the
approvers is a group, only one member must approve the plan. If
one approver rejects a plan, it passes into the rejected state. If no
approvers are assigned, the plan automatically passes to the
approved state.
54-54 Administering the Domino System, Volume 2

5. At any stage, a plan can be canceled. An author can cancel a plan


prior to its prepared state. A Change Administrator can cancel a plan
any time prior to completion. Canceled and rejected plans can be
redrafted. Plans can be changed only in the draft state. If change to a
plan is required, cancel or reject it, and then redraft the plan. A
redrafted plan begins again in draft status.
6. After a plan is approved (and is within the plans optional start and
end times for activation), it is moved to activated status. While the
plan is in the activated state, a Change Administrator can put any
part of the plan on hold.
7. The activated plan runs to completion unless an error causes the plan
to fail. If the plan fails, the Change Administrator can change the
environment or the plan, and then retry it.

Database move sequences

In the Domino Change Manager, these demand sets are titled database
move sequences. Each database move sequence has a maximum of 25
moves. The contents of each move sequence is generated automatically.
You can see these database move sets when you submit a
resource-balancing plan to the Domino Change Manager. You can
restructure the contents by cutting and pasting the demands from one
demand set into another or by creating additional demand sets and new
demands. (To cut and paste, select a demand and use the Edit menu.)
The Domino Administrator creates as many of these demand sets as
needed to accomplish a move. For example, the Acme Move Plan
includes 55 database moves, so the Domino Change Manager creates
three database move sequences two that include 25 moves, and one
that includes 5 moves.
You can determine whether the database moves and database move
sequences are executed sequentially or concurrently or any combination
of the two. By default, all are moved concurrently. Using the Acme Move
Plan example, the Domino Change Manager attempts to perform all
three database move sequences at the same time. Within each database
move sequence, the Domino Change Manager attempts to move all
databases at the same time.

Using IBM Tivoli Analyzer for Lotus Domino 54-55

Monitoring

Database move sequences are generated by Activity Trends Resource


Balancing in the Domino Administrator. To move large groups of
databases that include more than 25 moves, it groups them into sets of 25
moves or more, called demand sets. A demand set can involve any
grouping of commands to be executed.

What happens if a move fails


A database move can fail for a number of reasons. For example, a
database move fails if a server is down, if the destination server does not
have create replica rights, or if the source database has been manually
moved or deleted. How the Domino Change Manager handles the failure
depends on how the moves are executed:

Concurrently If any demand fails, the plan continues with other


demands. When all demands are in a state of completion or failure,
the plan reports a failure to the Domino Change Control database
(DOMCHANGE.NSF). You can then retry the move, and the plan
will attempt to complete only the demands that failed during the
previous attempt.

Sequentially If any demand fails, the plan stops.

Choosing how database moves are executed


You can specify whether database moves are sequential or concurrent.
1. From the Domino Administrator, click the Server - Analysis tab.
2. Open the Domino Change Control view, and then select the Plan - By
Status.
3. Select one and then click Edit:
A plan
A database move sequence
4. Under Execution Options, for the field Execution Method choose one:
Sequential
Concurrent
5. Click OK to save and close the document.

Viewing database moves


Anyone with access to the Domino Change Control database
(DOMCHANGE.NSF) can view database moves. Approvers can view
database moves in the plan document when they are notified to approve
the plan.
To view database moves in the Domino Change Control database
1. From the Domino Administrator, click the Server Status tab. view.
2. Open the Domino Change Control - Plans view, and then choose one
of the following views:
By Status if you know the status of the plan you want to view
By Author if you dont know the status of the plan but you
know who the author is
54-56 Administering the Domino System, Volume 2

3. Find the target plan and expand the plan to view the database move
sequences.
4. Expand any of the database move sequences and view the individual
moves.
To view database moves in the resource-balancing plan
1. From the e-mail notification, click the link to the plan.
2. In the plan document, select the Demand Details tab.

Preparing a plan document for resource balancing

Each plan can have an associated approval profile that lists the names of
persons or groups who must approve the plan document. If there is no
approval profile, you can list the names of approvers in the plan
document. If you assign a group as an approver, any one of the group
members can approve the plan.
For more information on creating an approval profile, see the topic
Creating a resource balancing plan approval profile later in this
chapter. For more information about demand sets, see the topic
Understanding demand set moves later in this chapter.
The Resource Balancing plan document is a dynamic document that
provides the current status of the plan and keeps a history of plan
modifications, including the author and date of each modification.
Whether you make any changes to the plan document, it must be moved
to its next state, which is the prepared state. In its draft state the plan can
be edited by its author.
To prepare a plan document
1. From the Domino Administrator, click the Server - Analysis tab.
2. Open the Domino Change Control view, and then select the Plans by Status view.
3. Select the draft plan to move to the prepared state and then click Edit.

Using IBM Tivoli Analyzer for Lotus Domino 54-57

Monitoring

After you submit a plan, the plan document is a draft document that may
require additional input before it is ready to be submitted to the Change
Administrator. In the plan document, you specify how the moves are
carried out, when the plan is submitted to the Administration Process,
and when you want the Administration Process to execute the plan.
When the Domino Change Manager moves databases, it creates groups
of database move sequences, called demand sets. You can choose
whether to move the demand sets one at a time or all at the same time.

4. In the Basics section, complete these fields:


Field

Action

Name

Enter a unique name for the plan.

Categories

(Optional) Select a category or enter a new


category name.

Description

(Optional) Enter a description of the plan.

5. Under Execution options, choose one:


Sequential To execute each demand set (database move
sequence) one at a time.
Concurrent To move all demand sets at the same time.
6. In the field Activate Plan, do one:
Choose Only between specified start and stop periods and
specify a time during which the request can be sent to the
Administration Process.
Choose Anytime after specified start and specify a time after
which the request can be sent to the Administration Process.
Choose Anytime before specified end and specify a time by
which the request must be sent to the Administration Process.
Choose At any time (after approval) to submit the request to the
Administration Process any time after the plan is approved.
7. Under Requesters and Authors, the plan automatically displays the
name of the person who submitted the plan. However, you can edit
either field if, for example, you submitted the plan for someone else
but you do not want to remain as the requester or the only author.
8. Click the Approval tab, and complete one or both of these fields:
Field

Action

Approval profile

Do one:
Click Choose Profile and select the approval
profile from the list.
Click Clear Profile to remove the assigned
profile.

Require approval from

Enter the names of users or groups to add to the


approval list.

9. Click the Notifications tab. This tab lists, by role, those who will be
notified at each stage of the plan. Add or remove the selection of any
role as needed. Check Others, and then select from the list to add
users to the notification list.

54-58 Administering the Domino System, Volume 2

10. (Optional) Click the Variables tab. The default variable is Execution
time, and the value is unspecified. To specify an execution time at
which the Administration Process executes the plan, you must edit
the variable.
For information on editing variables see the topic Editing and
creating resource balancing plan variables later in this chapter.
11. Click the Constraints tab to view and edit the constraints that will
apply to the moves executed by this plan. By default, no constraints
are assigned automatically.
Referenced constraints Lists the constraints that apply to this
plan. Click Edit to add or remove one of the constraints.
Ad-hoc constraints Click New to create a new constraint.
For information on creating constraints see the topic Creating
constraints in the Domino Change Manager later in this chapter.
12. When you finish changing the draft plan, click Apply.

Creating an approval profile for resource balancing


You use an Approval Profile document to create a set of approvers. Then
you can assign the approval profile to one or more resource-balancing
plans. You can include users and groups as members of an approval
profile. However, if you list a group as a profile member, only one group
member must approve the plan. For example, if you move a database
that is used by the marketing group, you may want one user, but not all,
to approve the plan. If you want all members of a group to approve a
plan, enter each users name in the approval profile.
Changes to the Approval Profile document are tracked for you and listed
in the Creation and Modifications section.
To create an approval profile
1. Make sure that you have the Change Admin role in the ACL of the
Domino Change Control database.
2. From the Domino Administrator, click the Server - Analysis tab.
3. Open the Domino Change Control view, and then select the Setup Approval Profiles.
4. Click Create - Approval Profile.

Using IBM Tivoli Analyzer for Lotus Domino 54-59

Monitoring

13. Click Change Control to promote this plan from draft state to
prepared state, and then click OK.

5. On the Basics tab, complete these fields:


Field

Action

Name (unique)

Enter a unique name for the profile.

Description

(Optional) Enter a description.

Category

(Optional) Select a category or enter a new category


name.

Members

Select the names of users or groups to include in this


approval profile.

6. Click the Administration tab, and complete these fields:


Field

Action

Owner

By default, the owner is the person who creates this


document.

Administrators

Enter the names of users who can edit this document.

Prevent deletion Choose one:


No (default) To allow a Change Administrator to
delete the plan.
Yes To prevent anyone except a Change
Administrator from deleting the plan.
Prevent design
refresh

Choose one:
No To allow the upgrade of all template
documents during a version upgrade.
Yes (default) To prevent edited template
documents from being overwritten during a version
upgrade. This will not affect any documents that the
user creates it will only affect documents that
match those from the templates copy.

7. Click OK.

Viewing the status of resource-balancing plans


You can view the status of resource-balancing plans in the Domino
Change Control database (DOMCHANGE.NSF).
1. From the Domino Administrator, click the Server - Status tab and
open the Plans view.
2. Choose one of the following views:
Awaiting Approval To view plans that have been drafted and
submitted, but have not been approved by all approvers.

54-60 Administering the Domino System, Volume 2

Awaiting Commitment To view plans that have been fully


approved, but have not yet been committed for completion.
Active Plans To view plans that have been fully committed and
are being carried out by Change Manager.
By Status to view all plans grouped by status.

Setting up plan documents for resource balancing


When you create a resource-balancing plan document, you access
directly or edit information in other documents in the Domino Change
Control database (DOMCHANGE.NSF). These documents support the
plan and play a critical role in providing structure to the plan.
You use the following resource balancing plan documents to provide the
following information:
Constraints Specify when moves can be made.

Variables Assign a common name that has a referenced value.

Notification messages Create custom notification messages that


are sent whenever the plan status changes.

Working with Domino Change Manager constraints


When you create a plan, you can add constraints to specify when the
moves will be made to affected databases. By default, no constraints are
added to a plan automatically. When you edit the plan, you can assign
one or more constraints or constraint sets. You can add a constraint to
plans or to database move sequences in a plan. The Domino Change
Control database (DOMCHANGE.NSF) includes predefined constraints
and constraint sets.
The default constraints are:

During standard change windows

Is after hours

Not during change freeze period

Not on workdays

The default constraints sets are:

Major change

Minor change

Trivial change

Using IBM Tivoli Analyzer for Lotus Domino 54-61

Monitoring

To view constraint definitions


You can view a definition of each constraint and constraint sets.
1. Make sure that you have the Change Admin role so that you can
edit, create, and delete constraints.
2. From the Domino Administrator, click the Server - Analysis tab.
3. Click Domino Change Control, and then select the Setup Constraints view.

Creating constraints in the Domino Change Manager


Use constraints to specify time limitations for database moves.
1. You must have the Change Admin role to create a new constraint.
2. From the Domino Administrator, click the Server - Analysis tab.
3. Click Domino Change Control, and then select the Setup Constraints view.
4. Click Create - Constraint.
5. On the Basics tab, complete these fields:
Field

Action

Name

Enter a name. This name appears in the Setup view.

Unique name

Enter a unique name. This is the name of the document


you are defining.

Description

Enter a description of the constraint.

6. Under Behavior, click Choose Function, and then select a function.


7. Click the Variables tab, and then click Edit to add a variable to this
constraint.
8. Click OK to save and close the document.
Note To edit a constraint, select a constraint and edit the fields listed in
Steps 5 through 7. When you edit a constraint, you can also edit the
arguments for assigned variables.

Creating constraint sets in the Domino Change Manager


You use constraints to specify time limitations for database moves.
1. You must have the Change Admin role to create a new constraint.
2. From the Domino Administrator, click the Server - Analysis tab.
3. Click Domino Change Control, and then select the Setup Constraints view.
4. Click Create - Constraint Set.
54-62 Administering the Domino System, Volume 2

5. On the Basics tab, complete these fields:


Field

Action

Name

Enter a name. This name appears in the Setup view.

Unique name

Enter a unique name. This is the name of the document


you are defining.

Description

Enter a description of the constraint.

6. Click the Constraints tab, and then click Edit.


7. Select the constraints you want to include in this constraint set.
8. Click OK to save and close the document.

Working with plan variables

For example, you can define a plan variable called ExecutionTime. Then
you can specify the value (in time) that you want a plan to be executed.
You define a variable at a higher level (usually within a plan) and then
reference it within a demand. When the value of a variable changes, all
demands and plans that reference that variable automatically use the
new value.
If you have the Change Administrator role, you can add, delete, or
modify local variables that are referenced by function arguments and
other variables.

Editing and creating plan variables


The one default variable for the Domino Change Control database is
called Execution Time. This variable determines when the
Administration Process executes the plan.
To edit a variable
1. You must have the role Change Admin role.
2. From the Domino Administrator, click the Server - Analysis tab.
3. Open the Domino Change Control view, and then select the Plans by Status view.
4. Open a plan in edit mode, and then select Variables tab.
5. Click Edit.
6. In the Edit Variables dialog box, select a variable from the list, and
then click edit.
Using IBM Tivoli Analyzer for Lotus Domino 54-63

Monitoring

A variable is a convenient way to specify context for the execution of the


demand sets and their demands. Values for variables that are defined
within parent objects (such as plans and demand sets) can be used by
lower-level objects, such as demands and constraints.

7. Select a Type:
Text
Number
Time
Boolean
8. For the field Special, do one:
Choose Simple value, and then enter a Text value.
Choose Formula, and then click Keywords and Variables and copy
a text formula.
Chose Unspecified to leave the value undefined.
To create a new variable
1. Perform Steps 1 through 5 in the procedure above.
2. In the Edit Variables dialog box, click New
3. In the Name field, enter a name for the variable.
4. Complete the Type and Special fields.

Creating plan notification messages


Resource documents define the standard messages that are sent during
the various phases of plan execution. The plan Resources are referenced
by the Interface message definitions. They correspond to each step of the
workflow, such as Approve, Prepare, or Commit. You can edit the text of
any of the plan messages to customize them.
To edit a resource document
1. Make sure that you have the Change Admin role.
2. From the Domino Administrator, click the Server - Analysis tab.
3. Click Domino Change Control, and then select the Setup - Resources
view.
4. Select the Standard Plan Message resource, and then click Edit.
5. Under Content body, make changes to the message text.
6. Click OK to save and close the document.

54-64 Administering the Domino System, Volume 2

Chapter 55
Transaction Logging and Recovery
This chapter explains how to set up and use database transaction logging
and how to take advantage of fault-recovery strategies.

Transaction logging
Domino supports transaction logging for servers that run Domino 5 and
later, and for databases that are in a Domino 5 or later on-disk structure.

A transaction is a related series of changes made to a database on a


server. For example, opening a new document, adding text, and saving
the document is one transaction. In this case, the transaction consists of
three separate implicit API calls: NotesOpen, NoteUpdate, and
NoteClose.
A transaction log is a record of changes made to Notes databases. The
transaction log consists of log extents and the log control file
(NLOGCTRL.LFH). A log extent is one of the log files into which the
transaction logs are written. It has the form Sxxxxxxx.TXN, where x
character represents a seven-digit number that is unique to that server.
Domino fills each extent sequentially before writing data to a new one.
The records are secured using a proprietary byte-stream format. Each
server has only one transaction log that captures all the changes to
databases that are enabled for transaction logging.
Use transaction logging to:

Schedule regular backups. Backups based on transaction logs are


faster and easier than full database backups that do not use
transaction logging.

Recover from a media failure. If you have a media failure, you can
restore the most recent full backup from tape, then use the
transaction logs to add the data that was not written to disk.

55-1

Monitoring

Transaction logging captures all the changes made to a database and


writes them to a transaction log. The logged transactions are then written
to disk in a batch, either when resources are available or when
scheduled.

Recover from a system crash. When the server restarts, it runs


through the end of the transaction logs and recovers any writes that
were not made to disk at the time of the crash. Logged databases do
not require a consistency check.

Log the database views. You can avoid most view rebuilds.

To use all the features of transaction logging for backups and backup
recovery, you need a third-party backup utility that uses the backup and
recovery methods of the Domino C API Toolkit (Release 5 or later). For
example, in the case of a media recovery, a database backup is taken with
the third-party utility, while logging keeps track of updates to the database.
When the database is then lost, the backup is brought up to current state by
going through the transaction log and applying any updates which have
happened to that databases since the database backup was taken.
Note that restart recovery does not require a third-party utility. In this
case, logging goes on while updates are happening. When the server
crashes then restarts, any updates which would have otherwise been lost
are written to the database. This significantly reduces lost data and
database corruption because of server crashes, and reduces overall
restart time since the consistency check of databases is not required.

Understanding the database instance ID (DBIID)


When you enable transaction logging, Domino assigns a unique database
instance ID (DBIID) to each Domino database. When Domino records a
transaction in the log, it includes this DBIID. During recovery, Domino
uses the DBIID to match transactions to databases.
Some database maintenance activities, such as using the Compact
command with options, cause Domino to reconstruct the database in
such a way that old transaction log records are no longer valid. When
this happens, a new DBIID is assigned to the database. From that point
on, all new transactions recorded in the log for that database use the new
DBIID. After a database is assigned a new DBIID, take a new full backup
of the database. The new full backup captures the database in its current
state with the new DBIID. Then, if you have to restore the database,
Domino needs only the new transactions that contain the new DBIID.
Domino assigns a new DBIID when:

You enable transaction logging for the first time.

You run the Compact task with an option for example, the option
to reduce file size.

You run the Fixup task on corrupted databases.

You move a Domino database to a logged server.

55-2 Administering the Domino System, Volume 2

How transaction logging works


Following is a general example of transaction logging from both the
administrators and the employees points of view.
The administrator enables transaction logging for all the databases on the
servers. The administrator chooses the Archived logging style so that
there is plenty of room for the transaction logs; uses a separate, mirrored
device for safe and speedy storage of the transaction logs; and installs a
backup utility to recover from media failures and any resulting
corrupted databases.
The administrator backs up the transaction logs daily. This procedure
doesnt take long because the administrator is backing up only the
changes, rather than doing a full backup of all the databases on the server.
When the server crashes, its down, but not for long. As the administrator
restarts the server, it replays all the changes from the transaction logs to
the databases. The server is soon back in business.

The employees who use the databases do not notice any difference in
how they do their work. They might notice, however, that servers are up
and running more often and that there is less down time.

How changes are made to the database


Transaction logging posts all the database transactions to the log file,
without waiting for the transaction to commit to disk. After being posted
to the log file, the change is considered successful. The physical write
process can wait until the server is less busy or occur at periodic
intervals. The changes are written to disk in a batch.
What happens between the time when the transaction is posted to the log
file and when the database is updated on the disk? Databases are cached
in memory while they are open. The writes to the database happen to the
in-memory copy of the database. They are then immediately sent to the
transaction logs. Later, the memory-cached version of the database is
posted to disk, updating the databases. Since the transaction log is
sequential, there is no seek time, and only enough information is written
to the logs to redo (or undo if necessary) the operation. In many cases,
this is less information than the database write to disk.
If the database is not yet completely written to disk and you open it, you
are opening the memory-cached version. If the server crashes before the
version on disk has been updated with the changes, restarting the server
applies the logs to the database during restart.
Transaction Logging and Recovery 55-3

Monitoring

A few days later, theres a media failure. The administrator restores the
corrupted databases from the most recent weekly backup and replays the
changes.

Planning for transaction logging


Transaction logging captures all the changes that are made to databases
and writes them to a transaction log. The logged transactions are written
to disk in a batch when resources are available or at specified intervals.
Use this checklist for your transaction logging planning.

Allocate space for the log files. Use a dedicated, mirrored device,
such as RAID level 1 with a dedicated controller for optimal
performance and data integrity.

Plan a backup strategy. Plan to archive the transaction logs daily


using incremental backups. Schedule weekly full database backups.
You will then be prepared if you have a media failure.

Decide which servers and databases will use transaction logging.


Transaction logging is available for servers running Domino 5 and
later. Consider enabling transaction logging for all databases on the
server.

Select a Domino-compatible backup utility. The utility must be able


to use the backup and recovery methods of the Domino C API
Toolkit (Release 5 or later).

Choose the logging style that fits your needs. Logging styles include
archived, circular, and linear.

Set up a Domino server for transaction logging.

Comparing transaction logging styles


There are three logging styles to choose from circular, linear, and
archived. The logging style you choose is also dependent on your disk
size and backup strategy.
With circular logging, Domino reuses a fixed amount of disk space (up to
4GB) for transaction logs. After the disk space is used up, Domino starts
overwriting old transactions, starting with the oldest. When the space
fills up, perform a backup on the databases. You may need to do daily
backups to capture database changes before they are overwritten,
depending on the server activity level. Use circular logging if the size of
the log needed between full database backup intervals is less than 4GB.
Linear logging is like circular logging, except it allows more than 4GB.
Use linear logging if the size of the log needed between full database
backup intervals is greater than 4GB, and you are not using archive
media.

55-4 Administering the Domino System, Volume 2

Archived logging creates log files as needed. It simplifies backup and


restoration, and provides online and partial backups. The log files are not
overwritten until you archive them. With archived logging, you must
have a backup utility to back up the filled log extents so that they are
ready if needed. If you do not have a backup utility, the server continues
to create log extents, fills up the disk space, and then panics.

Setting up a Domino server for transaction logging


You can enable and set up transaction logging on any server.
1. Make sure that all the databases you want to log are in the Domino
data directory, either at the root, or in a subdirectory.
2. From the Domino Administrator, click the Configuration tab, expand
the Server section, and click All Server Documents.

4. Click the Transactional Logging tab, complete these fields, and then
save the document:
Field

Action

Transactional
Logging*

Choose one:

Log path*

Enter the path name location of the transaction log.


For best results, use a separate mirrored device, such
as a RAID (Redundant Array of Independent Disks)
level 0 or 1 device with a dedicated controller. This
provides better performance and data integrity than
using the default path (\LOGDIR) in the Domino
data directory.

Enabled To start transaction logging


Disabled (default) To not use transaction
logging

Note If the device is used solely for storing the


transaction log, set the Use all available space on
log device field to Yes.
Use all available
space on log device

For circular and linear logging only. Choose one:


Yes To use all available space on the device for
the transaction log. Choose Yes if you use a
separate device dedicated to storing the log.
No To use the default or specified value in the
Maximum log space field.
continued

Transaction Logging and Recovery 55-5

Monitoring

3. Select the Server Document for the Domino server you want to edit
and then click Edit Server.

Field

Action

Maximum log space For circular and linear logging only. The maximum
size, in MB, for the transaction log. Default is 192MB.
Maximum is 4096MB (4GB).
Allocate a separate disk with at least 1024MB (1GB)
of disk space for the transaction log.
Domino formats at least 3 and up to 64 log files,
depending on the maximum log space you allocate.
Automatic fixup of
corrupt databases

Choose one:
Enabled (default) To run the Fixup task automatically if a database is corrupted and Domino
cannot use the transaction log to recover it. Domino
assigns a new DBIID and notifies the administrator
that a new database backup is required.
Disabled To not run the Fixup task
automatically. Domino notifies the administrator
to run the Fixup task with the -J parameter on
corrupted logged databases.

Runtime/Restart
performance

This field controls how often Domino records a


recovery checkpoint in the transaction log. This
affects server performance as databases may be
flushed from the cache to disk.
To record a recovery checkpoint, Domino evaluates
each active logged database to determine how many
transactions would be necessary to recover each
database after a system failure. When Domino
completes this evaluation, it:
Creates a recovery checkpoint record in the
transaction log that lists each open database and
the starting point transaction needed for recovery
Forces database changes to be saved to disk if
they have not been saved already
Choose one:
Standard (default and recommended) To
record checkpoints regularly.
Favor runtime To record fewer checkpoints.
This option requires fewer system resources and
improves server run-time performance but causes
more of the log to be applied during restart.
Favor restart recovery time To record more
checkpoints. This option improves restart
recovery time because fewer transactions are
required for recovery.
continued

55-6 Administering the Domino System, Volume 2

Field

Action

Logging style**

Choose one:
Circular (default) To re-use the log files and
overwrite old transactions.
Archived (recommended) To re-use the log files
after they are archived. A log file can be reused
when it is inactive, which means that it does not
contain any transactions necessary for a restart
recovery. Use a third-party backup utility to copy
and archive the existing log. When Domino using
the existing file again to Start, Domino increments
the log file name. If all the log files become inactive
and are not archived, Domino creates additional
log files.
Linear To re-use the log files and overwrite old
transactions for log size greater than 4GB.

** If you change this field, Domino assigns a new DBIID to each database.
You must restart the server and perform another full backup.

Changing transaction logging settings


You can change the transaction logging settings.
1. Perform a full backup of all databases.
2. Open the Domino Administrator, click the Configuration tab, and
open the Server document.
3. Click Edit Server.
4. Click the Transactional Logging tab and change the fields you want,
taking into consideration the issues in the following table:
For more information on the fields, see the topic Setting up a
Domino server for transaction logging earlier in this chapter.
Field

Issue

Transactional
Logging

Consider carefully before you disable transaction


logging. If you do not use transaction logging, you
should back up your databases daily. You will also
need Fixup to recover from media failure. When you
restart the server, Domino runs restart recovery a
final time to ensure that all databases are consistent.
Then it disables transaction logging.
continued
Transaction Logging and Recovery 55-7

Monitoring

* If you change this field, you must restart the server so that the change
takes effect.

Field

Issue

Log path

If you edit the log path, save this document, then


you must stop the server and use the operating
system to move the existing log files to the new path.

Use all available


space on log device

If you change only this field, you do not need to


restart the server. As Domino logs the transactions,
the changes take effect.

Logging style

If you change the logging style, you must perform a


full backup of all databases because Domino assigns
new DBIIDs to all the databases.

5. Click Save & Close.


6. Restart the server so that the settings take effect.

Disabling transaction logging for a specific database


After you set up transaction logging on a server, Domino logs all databases
on that server. You can disable transaction logging of specific databases,
but this practice is not recommended because if unlogged databases are
corrupted during a system or media failure, you must run the Fixup task
to recover the database.

To disable transaction logging for a specific database


1. Do one of the following to choose Disable transaction logging:
If you are creating a new database, use the Advanced Database
Options dialog box.
If you are working in an existing database, use the Advanced tab
of the Database Properties box.
In the Domino Administrator, select a database on the Files tab,
choose Tools - Database - Advanced Properties.
2. Be sure that all users have closed the database.
3. Use the Dbcache command with the flush parameter to close the
database in the database cache.
4. Open the database.

To reenable transaction logging for a specific database


Follow the steps above, but de-select Disable transaction logging.

55-8 Administering the Domino System, Volume 2

View logging
View logging provides a way to maintain consistent views in failure
conditions and allows media recovery to update those views. View
logging is transaction logging support for Notes views and folders. All
updates to Notes views or folders are recorded in the transaction log for
recovery purposes.
To enable view logging, you use Domino Designer. In Designer, open a
view or folder, select the Advanced tab, and check Logging - Include
updates in transaction log.
Note If you enable view logging in a template, all databases created
from that template and all databases whose designs are replaced from
that template have those views logged.

Using transaction logging for recovery

System failure recovery


A system failure causes the server to stop and requires you to restart the
server. During restart, Domino automatically performs database recovery.
The system uses the transaction logs to apply full transactions and undo
partial transactions that were not written to disk for databases that were
open during the system failure. Domino runs the Fixup task for:

Databases in formats that are earlier than Domino 5

Databases that are in Domino 5 format but have transaction logging


disabled

Corrupted databases, if you choose Yes for Auto fixup of corrupt


databases in the Server document.

When you restart a server after a system failure, Domino automatically


restores the affected databases.

Transaction Logging and Recovery 55-9

Monitoring

Transaction logging is an integral part of recovering from system and


media failures. Using transaction logging provides insurance against
system failure, but creating regular backups is essential so that you can
recover data after a failure.

Media failure recovery


A media failure causes databases to be damaged or lost. To recover, you
use the third-party backup utility to restore database backups and
transactions from the transaction log files. The backup utility you choose
must use the backup and recovery methods of the Domino C API Toolkit
(Release 5 or later).
For information on recovering after a media failure, see the
documentation included with your backup utility.

Fault recovery
You can set up fault recovery to automatically handle server crashes.
When the server crashes, it shuts itself down and then restarts
automatically, without any administrator intervention. A fatal error such
as an operating system exception or an internal panic terminates each
Domino process and releases all associated resources. The startup script
detects the situation and restarts the server. If you are using multiple
server partitions and a failure occurs in a single partition, only that
partition is terminated and restarted.
Domino records crash information in the data directory. When the server
restarts, Domino checks to see if it is restarting after a crash. If it is, an
e-mail is sent automatically to the person or group in the Mail Crash
Notification to field. The e-mail contains the time of the crash, the server
name, and, if available, the FAULT_RECOVERY.ATT file, which
includes additional failure information from an optional cleanup script,
will be attached.
The fault-recovery system is initialized before the Domino Directory can
be read. During this initialization, fault-recovery settings are read from
the NOTES.INI file, and then later read from the Domino Directory and
saved back to the NOTES.INI file. Any changes to the Domino Directory
or the NOTES.INI file become effective when the Domino server is
restarted. To disable the reading of the Domino Directory, and
subsequent update to the NOTES.INI file, use the NOTES.INI setting
FaultRecoveryFromIni=1.

Operating systems and fault recovery


Because fault recovery runs after an exception has occurred, it cannot
rely on Dominos internal facilities. Instead, fault recovery makes heavy
use of operating system features.
UNIX systems primarily use message queues. Therefore, it is important
to configure the operating system so that sufficient message queue
55-10 Administering the Domino System, Volume 2

resources are available. If you are using multiple Domino server


partitions, each partition requires a complete set of resources. Consult
your operating system documentation for additional details on
configuring message queue parameters.
Windows NT and Windows 2000 systems do not require any system
resource changes.

Specifying a cleanup script for fault recovery


You can create an optional script that runs before any other cleanup takes
place. Use the file FAULT_RECOVERY.ATT to collect the information
from the script.
1. From the Domino Administrator, click the Configuration tab, and
expand the Server section.
2. Open the Server document, click Edit document, and click the Basics
tab.

Field

Action

Cleanup Script
Name

Enter the entire script name, including any extensions.


Note Directory separators (slashes) in the file name
portion are converted for the operating system, but
slashes in optional arguments are not converted.

Cleanup Script
Maximum
Execution Time

Enter the number of seconds for the cleanup script to


run. Default is 300 seconds (5 minutes). Maximum is
1800 seconds.

Maximum Crash Enter the number of restarts allowed during a specified


Limits
time limit for example, 3 crashes within 5 minutes. If
the number of crashes exceeds the time limit, the server
exits without restarting.
Mail Crash
Notification to

Enter a user or group name. When the server restarts,


Domino checks if it is restarting after a crash and sends
e-mail to the person or group.

Enabling fault recovery


1. From the Domino Administrator, click the Configuration tab, and
expand the Server section.
2. Open the Server document, click Edit document, and click the Basics
tab.
3. Check Fault Recovery Enabled.

Transaction Logging and Recovery 55-11

Monitoring

3. Complete these fields:

Chapter 56
Using Log Files
This chapter describes how to use the Domino server log (LOG.NSF) and
the Domino Web server log (DOMLOG.NSF) to collect information about
the Domino system.

The Domino server log (LOG.NSF)

Control the size of the log file

Record additional information in the log file

View the log file

Search the log file

Controlling the size of the log file (LOG.NSF)


By default, the log file (LOG.NSF) records information about the Domino
system. Because the log file can become quite large, it is important to
manage its size. You can control the size of the log file automatically,
using NOTES.INI settings, user preferences, and other settings. For
example, the Log setting in the NOTES.INI file determines how long
documents are maintained before being deleted from the log file. By
default, documents are deleted after 7 days.
If you are troubleshooting a system problem, you may want to record
additional information in the log file. The log file becomes large quickly
when you set a higher logging level for purposes of analyzing a system
problem. For example, if you are troubleshooting a mail routing problem,
you can set the logging level to verbose. When you do, the log file will
contain a large amount of information regarding that activity. If you set a
high logging level during troubleshooting, remember to reset the logging
level after you solve the problem.

56-1

Monitoring

Every Domino server has a log file (LOG.NSF) that reports all server
activity and provides detailed information about databases and users on
the server. The log file is created automatically when you start a server
for the first time. You can do the following:

For more information on NOTES.INI settings, see the appendix


NOTES.INI File. For more information on setting additional logging
levels, see the topic Recording additional information in the log file,
later in this chapter.

NOTES.INI settings for log files


The following table contains the NOTES.INI settings that determine what
is reported in the log file and set size limitations.
For more information on these settings, see the appendix NOTES.INI
File.
Setting

Description

Log

Specifies the contents of the log file and controls


other logging actions.

Log_AgentManager

Specifies whether or not the start of agent execution


is recorded in the log file and shown on the server
console.

Log_Console

Enforces logging of server console command


output, which can otherwise be prevented if the
command is prefixed with an exclamation point (!).

Log_DirCat

Logs information about the Directory Catalog task


to the Miscellaneous Events view of the log file
(LOG.NSF).

Log_Replication

Specifies the level of logging of replication events


performed by the current server.

Log_Sessions

Specifies whether individual sessions are recorded


in the log file and displayed on the console.

Log_Tasks

Specifies whether the current status of server tasks


is recorded in the log file and displayed on the
console.

Log_Update

Specifies the level of detail of Indexer events


displayed at the server console and in the log file.

Log_View_Events

Specifies whether messages generated when views


are rebuilt are recorded in the log file.

Mail_Log_To_MiscEvents Determines whether all mail event messages are


displayed in the Miscellaneous Events view of the
log file.

56-2 Administering the Domino System, Volume 2

Recording additional information in the log file


In addition to controlling the size of the log file using NOTES.INI
settings, you can use the following settings, fields, and commands to
specify additional information and establish logging levels for the log
file.
Setting, field, or command

Mail routing

Logging level field on the Router/SMTP Advanced - Controls tab of the Configuration
Settings document.

Modem I/O

File - Preferences - User Preferences - Ports COMx - Trace

Modem script I/0

File - Tools - Preferences - Notes Preferences Ports - COMx - Trace - Options

Traced network
connections

Set a com port option in the Port Setup dialog box.

Web Navigator

The Retriever log level field on the Server Tasks


- Web Retriever tab of the Server document.

Web server

Additional information regarding the Web server


is logged in the Domino Web server log
(DOMLOG.NSF).

For more information on the Domino Web server log, see the topic
Viewing the Domino Web server log (DOMLOG.NSF) later in this
chapter.

Viewing the log file (LOG.NSF)


You can also use the Web Administrator to open the log (LOG.NSF).
1. From the Domino Administrator, click the Server - Analysis tab.
2. Select the server that stores the log file you want to view.
3. Click Notes Log.
4. Click the desired view.
5. Open the desired document.
Tip You can also view the search results from the Server - Analysis tab
using the tool Analyze - View Log Document. This tool gives you more
details about the messages in the current log document and allows you to
sort the messages in several different ways. Doing this makes it easier
find the information you are looking for and to see patterns of server
activity.

Using Log Files 56-3

Monitoring

To record information about

Views in the log file (LOG.NSF)


View

Contains information about

Database - Sizes

Size and activity of all databases on the server


Percentage of each databases disk space that is in use
Total disk space of each database
Weekly usage of the database
Populated by the nightly Statistics Log task

Database Usage

Mail Routing
Events

Mail routing details not available in the Miscellaneous


Events view

Miscellaneous
Events

Events that do not appear in other views


Modem I/O messages
Script I/O messages
Server task messages
Sorted by date

Object Store
Usage

Object store file name


Mail database file name
Mail database title
Number of documents referenced in the object store
Total size of the documents in the object store
Details on the shared mail object store usage on your
server

Passthru
Connections

Starting and Ending times, destination, and protocol for


each passthru connection

Phone Calls By Date


Phone Calls By User

Information about calls made and received by a server,


sorted by date or by user

Replication
Events

All replication sessions between servers, sorted by server


Information includes the name of the initiating server,
time and duration of replication, port used, and the
number of documents added, deleted, or modified

Sample Billing

Uncategorized billing information provided in the Usage


by Date and Usage by User views, sorted by user and
including totals for each column and session

Sessions (including K transferred)


Documents read and written
Replications
Sorted by database
Populated by the nightly Statistics Log task

continued

56-4 Administering the Domino System, Volume 2

View

Contains information about

Usage by Date
Usage by User

Sessions this server had with users or other servers, sorted


by date or by user
Information includes: sessions opened; session duration;
databases opened; database-access duration; number of
transactions (workstation-to-server database requests);
and network usage (K transferred)
Transactions for operations, such as opening a document,
updating a document, reading a section of a view, and
going to a specific section of a view
Includes totals by date, by user/server, and for all usage

Search Results

Results of log analysis


Information includes starting time and name of server

Searching the log file (LOG.NSF)

Some advanced queries can be made on Domino 6 servers only, and then
only if the Event task is running on them.
When you perform a log analysis, the search results display
automatically and are also saved in the Search Results view of the log file
(LOG.NSF). They include the following types of information:

Status of the event, displayed as an icon

Type of event

Severity of the event

Time the event occurred

A description of the event

To search the log file


1. From the Domino Administrator, click the Server - Analysis tab.
2. Click Analyze, and then click Log.
3. In the Log Analysis dialog box, create a search query by specifying
the search criteria.
Using Log Files 56-5

Monitoring

The log file (LOG.NSF) contains a wealth of information for the Domino
Administrator. However, if you are troubleshooting a problem, searching
through all of the information can be time consuming. Using the Log
Analysis tool, you can search the log file for specific events, event
severities, or for specific words, and you can specify the dates you want
to search. For example, if you are troubleshooting a mail routing
problem, you can search for routing events with an event severity of
warning or failure, that occurred during the time you were experiencing
difficulties.

Note You can select more than one when specifying search criteria.
For example, you can select more than one event type, then you must
select one of these options:
The results must match one of the criteria select this option if
the results must match the selected criteria, such as event type, or
event severity.
The results can match one of the criteria select this option if
results that do not match the selected criteria can be included in
the log search as well.
Search criteria

Complete the following

Date

Start and End Date Select the dates you want to search.
Start and End Time Select the times you want to
search.
Select one:
Use above time range in any time zone Use this
setting when you do not need to vary the search start
and end parameters.
Convert time range to servers time zone Use this
setting if you are searching the log file for a server in
a different time zone.
Any time Use this setting if you do not want to
limit the log search by date or time.

Event Type

Select the type of event for which you want to search.

Event Severity Select the type of severity for which you want to search.
Add-in Name Select the add-in name for which you want to search.
Add Add-in Name Enter the name of an add-in task
if you do not find it on the list.
Error Code

Click in the column to the left of a message to select the


error message for which you want to search.

Event Text

Do any of the following to refine your text.


Look for Choose one of these:
any of the words
all the words
exact phrase
Enter Enter the words or phrases for which you
want to search.
Must Contain the Words Enter the words that the
log search must contain to be successful.
Must Not Contain the Words Enter the words or
phrases that would make a search result invalid.
continued

56-6 Administering the Domino System, Volume 2

Search criteria

Complete the following

Queries

Select Existing Query Choose any predefined query.


Save query on exit Select this option if you want to
save your query criteria.
Save Query As Enter a name for your query.
Query Formula Displays the new or selected query
for your verification.

4. When you click OK, the Log Analysis Results are displayed and a
copy of the results is stored in the Search Results view of the log file.
Tip Search strings can be any length containing any type of character
and the search is not case sensitive.
To view a search result
1. Open the log file (LOG.NSF).
2. Select the Search Results view.

4. Use File - Open or double-click to open the search results document.


Tip You can also view the search results from the Server - Analysis tab
using the tool Analyze - View Search Results, which gives you additional
sorting abilities when viewing the results.
Analyzing Domino 6 log files using a Domino 5 server
If you have a mixed environment in which you are using a Domino 6
Administration client and a server that is Domino 5 or earlier, the log
analysis is based on the Domino 5 Log Analysis functionality, and the
results are saved in the Results database (RESULTS.NSF).
The Results database is based on the LOGA4.NTF template. It shows the
date and time of events, their source (event or console message), and the
text of messages. The view doesnt display times for server console
messages.
If you are using a Lotus Domino Administrator 6 client to analyze a
Domino 6 server log file, you can still create a Results database and save
the results to this database. To do so, open the document from the Search
Results view in LOG.NSF, then use the File - Save As menu to save it to
the desired location.
For more information about the Results database, see the Domino 5
documentation.

Using Log Files 56-7

Monitoring

3. Results are listed by starting time and server name. Select the results
you want to view.

Logging Domino Web server requests


You can log Domino Web server requests to a database or to text files.

Text files Text files are smaller and can be used with third-party
analysis tools.

Domino Web Server Log (DOMLOG.NSF) Logging to a database


allows you to create views and view data in different ways.
However, the size of the database can become large so that
maintenance becomes an issue.

Note You can log to both text files and a database. These options are not
mutually exclusive.

The Domino Web server log (DOMLOG.NSF)


You can log your server activity and Web server requests to the Domino
Web server log (DOMLOG.NSF) database. This option may be preferable
if you want to create views and view data in different ways. Logging to a
database is somewhat slower than logging to text files, especially at very
busy sites, and the size of the database can become large so that
maintenance becomes an issue. However, if you use the Domino Web
server log, you can treat this information as you would other Notes
databases, and you can use built-in features to analyze the results.
The Domino Web server log (DOMLOG.NSF) logs all Domino Web
server activity and tracks this information about each HTTP request:

Date and time the request was made

Users IP address (or the DNS address if DNS lookup is enabled in


the Server document)

Users name (if the user supplied a name and password to access the
server)

Status code the server returns to the browser to indicate its success or
failure in generating the request

Length of the information, in bytes, sent from the server to the


browser

Type of data accessed by the user for example, text/html or


image/gif

HTTP request sent to the server from the browser

56-8 Administering the Domino System, Volume 2

Type of browser used to access the server

Internal and Common Gateway Interface (CGI) program errors

URL the user visited to gain access to a page on this site

Servers IP address or DNS name

Amount of time, in milliseconds, to process the request

Cookies sent from the browser

Translated URL (the full path of the actual server resource, if


available)

Setting up the Domino Web server log (DOMLOG.NSF)

To enable logging to the Domino Web server log


1. From the Domino Administrator, click the Configuration tab.
2. Open the Server document for the Web server.
3. Click the Internet Protocols - HTTP tab.
4. Under Enable Logging To, choose Enabled in the DOMLOG.NSF
field.
5. (Optional) Under Exclude From Logging, complete these fields to
exclude certain types of information from the log file:
Field

Enter

URLs

URL paths to exclude for example, *.gif or /anydir/*

Methods

HTTP methods for example POST or DELETE

MIME types

MIME types to exclude for example, image (for all


images) or image/gif (for .gif images)

User agents

Strings that are part of user agent (browser) strings to


exclude requests from a particular user agent.
To exclude Microsoft Internet Explorer, enter MSIE*
To exclude Netscape:
For version 4.7, enter Mozilla/4.7
For version 4.6, enter Mozilla/4.6
continued
Using Log Files 56-9

Monitoring

To set up the Domino Web server log, you must enable logging (by
default, logging is disabled). You can restrict the information logged to
the Domino Web server log to analyze log file results. Some information
may increase the size of the log file without providing meaningful
information requests for graphics or icons, for example, so you may
want to exclude that type of information from the log. Domino creates
the Web server log database when the HTTP task starts after you enable
logging to DOMLOG.NSF.

Field

Enter

Return codes

HTTP response status codes to exclude for example,


300 or 400

Hosts and
domains

Browser client DNS names or IP addresses to exclude


for example, 130.333.* or *.edu
Note To enter DNS names in this field, you must first
enable the DNS Lookup setting in the HTTP Server
section of the Server document. Otherwise, you can
enter only IP addresses in this field. Enabling this setting
will impact performance.

6. Save the document and then restart the HTTP task so that the
changes take effect.

Viewing the Domino Web server log (DOMLOG.NSF)


1. From the Domino Administrator, click the Files tab.
2. Open the Domino Web server database (DOMLOG.NSF).
3. Click Requests to display request documents, and then click a
request document to display its content.

Domino Web server logging to text files


When setting up Domino Web server logging to text files, you must
determine the Access file format. The content of the Access log varies
depending on which log file format you choose:

Extended Common

Common

The most commonly used Access log format is Extended Common,


which logs all Web server information into a single text file.
Optionally, you can choose Common for the Access log file format;
however, the Common format is an older log file format and is available
primarily for legacy information. If you choose the Common format for
your Access file, it contains a subset of the server request information,
with the requesting agent and referer information stored in separate
Agent and Referer log files. It is difficult to match the entries in these
different log files because a referer is not always sent with every request,
so the number of referer entries may not match the number of requests.

56-10 Administering the Domino System, Volume 2

When you log to a text file, the following information is recorded:


Text file

Records

Access

Depending on the file format you choose, the Access log file records
the following Web server request information in the order shown:
Common
1. Client DNS name or IP address if DNS name is not available
2. Host header from request, or server IP address if Host header is
not available
3. Remote user if available
4. Request time stamp
5. Http request line
6. Http response status code

Agent

User agent if available, otherwise shows -

Referer

URL the user visited to gain access to a page on this site

Using Log Files 56-11

Monitoring

Extended Common
1. Client DNS name or IP address if DNS name is not available
2. Host header from request, or server IP address if Host header is
not available
3. Remote user if available
4. Request time stamp
5. Http request line
6. Http response status code
7. Request content length if available, otherwise shows -
8. Referring URL if available, otherwise shows -
9. User agent if available, otherwise shows -
10. Amount of time, in milliseconds, to process the request
11. Value of the cookie header
12. Translated URL, (the full path of the actual server resource, if
available)

CGI Error file


Standard errors (stderr) from CGI programs are captured in the CGI
Error file, regardless of which text file format you set up.

Setting up Domino Web server logging to text files


To set up logging the Domino Web server to text files, you must enable
logging (by default, logging is disabled). By default, Domino stores log
files in the data directory. While the Web server is running, it creates new
log files depending on the log file duration settings. If the Web server is
not running, it creates log files as needed when the Web server is started.
Some information may increase the size of the log file without providing
meaningful information requests for graphics or icons, for example, so
you may want to exclude that type of information from the log.
To enable logging to text files
1. From the Domino Administrator, click the Configuration tab.
2. Open the Server document for the Web server.
3. Click the Internet Protocols - HTTP tab.
4. Under Enable Logging To, choose Enabled the Log Files field.
5. Under Log File Settings, complete these fields:
Field

Enter

Access log
format

Choose one:
Common To log information in three separate log
files
Extended Common To log information in one file
Note Although you have the option of logging to three
separate files, most third-party log-analysis tools require
a single text file.

Time format

Choose one to record the time of requests:


LocalTime (default) To use the time zone currently
set on the server
GMT To use Greenwich Mean Time
continued

56-12 Administering the Domino System, Volume 2

Field

Enter

Log file duration Choose one to determine how often a new log file is
created:
Note The prefixes used in the file names are chosen in
the Log File Names section of the Server document.
Daily (default) To create a new log file each day,
starting at midnight. Daily log files use the file
naming convention:
file name prefixDDMMYYYY.log

Example: The access log file for May 29, 2001 is


access-log29051998.log
Weekly To create a new log file each week, starting
on Sunday at midnight. Weekly log files use the file
naming convention:
file name prefix__WWYYYY.log

file name prefixMMYYYY.log

Example: The access log file for May 2001 is


access-log052001.log.
Never To create log files of unlimited duration.
The file naming convention is:
file name prefix.log

Example: The CGI error log file is cgi-error-log.log.


Maximum log
entry length

The maximum length allowed for an individual entry in


the access log file. If the entry exceeds this length it is
not written to the file. The default is 10 kilobytes.

Maximum size of The maximum size allowed for the access log file. If this
access log
limit is reached no more entries are written to the file. A
value of zero (the default) indicates that the size is
unlimited.

6. Under Log File Names, complete these fields:


Field

Enter

Directory for log The directory to store the log files; if this field is blank,
files
Domino stores the log files in the data directory
Access log

The prefix to use when creating the Access log file. The
default is access. Do not enter a file extension.
continued

Using Log Files 56-13

Monitoring

Example: The access log for the week of May 24, 2001
is access-log__212001.log.
Monthly To create a new log file each month,
starting at midnight on the first day of the month.
Monthly log files use the file naming convention:

Field

Enter

Agent log

The prefix to use when creating the Agent log file. The
default is agent.
Note If you chose the Extended Common format, you
will not have an agent log; this information will be
included in the access log.

Referer log

The prefix to use when creating the Referer log file. The
default is referer.
Note If you chose the Extended Common format, you
will not have a referer log; this information will be
included in the access log.

CGI error log

The prefix to use for the CGI error log. The default is
cgi-error.
Note The cgi-error log is created only if the CGI script
logs information to stderr. The format of cgi-error log
information is CGI script dependent. The Access log
format does not affect the cgi-error log in any way.

7. (Optional) Under Exclude From Logging, complete these fields to


exclude certain types of information from the log file:
Field

Action

URLs

Enter URL paths to exclude for example, *.gif or


/anydir/*

Methods

Enter HTTP methods for example, POST or DELETE

MIME types

Enter MIME types to exclude for example, image (for


all images) or image/gif (for .gif images)

User agents

Enter strings that are part of user agent (browser)


strings to exclude requests from a particular user agent.
To exclude Microsoft Internet Explorer, enter MSIE*
To exclude Netscape:
For version 4.7, enter Mozilla/4.7
For version 4.6, enter Mozilla/4.6

Return codes

Enter HTTP response status codes to exclude for


example, 300 or 400

Hosts and
domains

Enter browser client DNS names or IP addresses to


exclude for example, 130.333.* or *.edu
Note To enter DNS names, you must first enable the
DNS Lookup setting in the HTTP Server section of the
Server document. Otherwise, you can enter only IP
addresses. Enabling this setting impacts performance.

8. Save the document.

56-14 Administering the Domino System, Volume 2

Chapter 57
Setting Up Activity Logging
This chapter describes how to set up and use the Lotus Domino 6 activity
logging feature.

Activity logging

Domino writes the activity logging information in the Domino log file
(LOG.NSF). To create activity logging reports, you write a Notes API
program to access the information in the log file. You can also view the
activity logging information by using Activity Analysis.
In a hosted environment, enable activity logging on all of your ASP
servers, that is, the servers used to house and maintain your hosted
organizations.

The information in the log file


Domino logs activity in the log file (LOG.NSF). The information is not
visible in the log file, but you can access the information in the file by
writing an API program. For information about writing an API program
to access this information, see the Lotus C API Toolkit for Notes/Domino
6. The toolkit is available for download at http://www.lotus.com/ldd.
Note Activity logging records in the log file are hidden. The records you
can see in the log file do not contain as much detail as activity logging
records and are not updated as often as activity logging records. You can
view activity logging information by running Activity Analysis.

57-1

Monitoring

You use activity logging to collect information about the activity in your
enterprise. You can use this information to charge users for the amount
they use your system, monitor usage, conduct resource planning, and
determine if clustering would improve the efficiency of your system.

You use the Domino Administrator to specify which types of activity to


log. This table describes the types of activity you can log.
Activity type What this logs
Agent

When a Domino server runs scheduled agents, as well as the


running time of the agents

HTTP

Web server requests

IMAP

Activity generated during an IMAP session

LDAP

Activity generated by all LDAP activity. Each type of LDAP


activity generates a separate record. The types of LDAP activity
include abandon, add, bind, compare, delete, extended, modify,
modify distinguished name, search, and unbind.

Mail

Activity generated by mail and mail-related messages being


routed to and from the server. The messages can come from a
Domino server or an SMTP server.

Notes
Database

When Notes clients and Domino servers open, use, and close
Notes databases and the duration of use.

Notes
Passthru

When users or servers connect through a Domino passthru


connection, as well as the activity that is generated through that
connection

Notes
Session

When Notes clients and Domino servers acting as clients start and
end sessions with a Domino server

POP3

Activity generated during a POP3 session

Replica

Activity generated by replication with another server or with a


client

SMTP

Activity generated during an SMTP session

Activity logging records


The records in the log file keep track of all activity generated. Domino
creates different types of records for each type of activity. For some types
of activity, Domino creates multiple records during a session; for other
types of activity, Domino creates a single record.
Checkpoint records
For types of activity that could require long sessions to complete,
Domino generates an Open or Authorization record when a session
begins. This record indicates that a session is open and shows the time at
which the session began. During the session, Domino generates
Checkpoint records, which log all activity that has occurred so far during
the session. Checkpoint records ensure that activity is logged even if a
server stops functioning before a session ends. When a session ends,
Domino generates a Close record, which consolidates all the activity for
the entire session.
57-2 Administering the Domino System, Volume 2

Domino creates Checkpoint records for the following types of activity:


IMAP, Notes session, Notes database, Notes passthru, POP3, and SMTP.
The Checkpoint records are cumulative; each one contains all of the
activity that was logged to that point during the open session.
By default, Domino creates a Checkpoint record the first time there is
activity after a 15 minute waiting period, and every 15 minutes when
there is activity thereafter. This waiting period is called the checkpoint
interval. Domino generates a Checkpoint record the first time activity
occurs after the checkpoint interval has completed. For example, if
several transactions occur during the first 10 minutes of the checkpoint
interval but no more activity occurs until minute 21, Domino generates
the Checkpoint record in minute 21. For each type of activity for which
there is an open session, Domino creates only one Checkpoint record per
period, no matter how much activity occurs. To change the duration of
the checkpoint interval, you can change the Checkpoint interval setting
on the Activity Logging tab of the Configuration Settings document.

Note For types of activity that generate multiple activity logging


records, the record type is indicated in the EventType field in the record.

Agent activity logging


Agent activity logging generates a record for each Domino server-based
agent that runs successfully. The record shows the name of the agent, the
name of the database that contains the agent, the amount of time it took
to run the agent, and the name of the person who last saved the agent.
The record does not show the types of activities the agent performed.
Domino does not generate activity logging records for agents that run on
a Web server, for agents that you run manually from a client, or for
agents that are scheduled to run locally on a client.
For information about restricting who can run agents on a server, see the
chapter Controlling Access to Domino Servers.

Setting Up Activity Logging 57-3

Monitoring

To determine how long to make the checkpoint interval, consider three


factors: the need to record information, the need to preserve storage
space, and the need for quick performance. The longer you make the
checkpoint interval, the more activity data that could be lost if the server
crashes before Domino writes the Checkpoint records. The shorter you
make the checkpoint interval, the more Checkpoint records that could be
created, requiring more storage space. In addition, if you set a short
checkpoint interval, system performance could be affected if there is a lot
of activity.

HTTP activity logging


HTTP activity logging tracks requests from browsers to access Domino
Web servers. Domino generates an HTTP activity logging record each
time a browser sends an HTTP request to a Domino Web server. For
example, if a user opens a Web page that includes information from three
separate files, Domino generates three separate activity logging records.
HTTP activity logging records include such information as the name of
the Web server, the name of the user accessing the Web server, the HTTP
request, the URL the user clicked, the number of bytes returned as a
result of the request, the amount of time it took to process the request,
the HTTP status code returned as a result of the request, and the time at
which the request occurred. In addition, if you have set URL translation
rules in the Server Configuration document, the HTTP activity logging
record shows the results of the translations.

IMAP activity logging


IMAP activity logging tracks IMAP session activity, such as the user
name, the server name, the IP address of the client, the number of bytes
the client sent to and read from the server, and the duration of the
session.
There are three types of activity logging records for IMAP sessions:

Authorization records, which log when an authenticated IMAP


session begins. Authorization is logged after any of the following
occur: a successful Login command; a successful Auth command; a
successful Greeting command, if the client is preauthorized.

Checkpoint records, which log activity that occurs when an IMAP


session has been open for a specified length of time

Close records, which consolidate IMAP information into a single


record when an IMAP session ends

LDAP activity logging


LDAP activity logging tracks information about every LDAP request.
Because each type of LDAP request has a different structure, Domino
generates a different activity logging record for each type.

57-4 Administering the Domino System, Volume 2

This table shows the types of LDAP requests and some of the information
that Domino logs for each type of request. Domino does not generate
Checkpoint records for LDAP requests.
Request type Information logged
Organization name, user name, server name, client IP address, the
message ID of the command to abandon, the LDAP result code,
and any error messages returned to the client

Add

Organization name, user name, server name, client IP address, the


distinguished name of the object to be added, the attributes that
are added and their new values, the names of the directories to
which the entry was added, the number of entries added, the
number of bytes sent to the server, the LDAP result code, and any
error messages returned to the client

Bind

Organization name, user name, server name, client IP address,


LDAP version, the name the client is using to bind, the
authentication method, the LDAP result code, and any error
messages returned to the client

Compare

Organization name, user name, server name, client IP address, the


distinguished name of the object that was compared, the attribute
and value portions of the attribute value assertion, names of the
directories searched, the number of bytes sent to the server in the
query, the LDAP result code, and any error messages returned to
the client

Delete

Organization name, user name, server name, client IP address, the


distinguished name of the object that was deleted, names of
directories from which the object was deleted, the number of
entries deleted, the number of bytes sent to the server, the LDAP
result code, and any error messages returned to the client

Extended

Organization name, user name, server name, client IP address, the


name of the extended command, the LDAP result code, and any
error messages returned to the client

Modify

Organization name, user name, server name, client IP address, the


distinguished name of the entry to be modified, the operations to
be performed on the entry (add, delete, replace), the attributes that
are modified and their new values, the names of the directories in
which the entry was modified, the number of entries modified, the
number of bytes sent to the server, the LDAP result code, and any
error messages returned to the client

ModifyDN Organization name, user name, server name, client IP address, the
directory entry that is modified, the new Relative Distinguished Name
(RDN), whether the old RDN was deleted, the new parent entry, the
names of the directories in which the entry was modified, the number
of entries modified, the number of bytes sent to the server, the LDAP
result code, and any error messages returned to the client
continued
Setting Up Activity Logging 57-5

Monitoring

Abandon

Request type Information logged


Search

Organization name, user name, server name, client IP address, the


base object, the scope of the search, deref aliases, the maximum
number of entries the client requests, the time limit a client
requests for a session, the types of information to include in a
record (field names only or field names and values), filters, the
attributes that you want displayed for each entry, the amount of
time the search took, the names of the directories searched, the
number of entries and the number of bytes sent to the client, the
LDAP result code, and any error messages returned to the client

Unbind

Organization name, user name, server name, client IP address, the


LDAP result code, and any error messages returned to the client

You can customize the LDAP service configuration to limit the amount of
data collected in the Values fields in Add and Modify records.

Mail activity logging


Mail activity logging tracks mail that is sent from and received by a
server. Activity logging records for mail include such information as the
name of the server that created the record, the originator and recipients
of the message, the message ID, the preceding and next hops on the
delivery route, and the size of the message.
There are five types of activity logging records for mail activity:
Type of record Description
Deposit

Mail is deposited into MAIL.BOX on a server. This mail can


come from a Domino server or a Domino SMTP server. The
receiving server logs this activity as a Deposit. The sending
server logs this activity as a Transfer.

Delivery

Mail is delivered from MAIL.BOX to a user.

Delivery
failure

The router could not deliver a message.

Transfer

Mail is transferred from one server to another on the way to its


final destination. The sending server logs this as a Transfer. The
receiving server logs this as a Deposit.

Transfer
failure

The router cannot transfer a message to another server. This is


logged on the sending server.

For each mail message, at least two types of records are logged a
Deposit record and at least one of the other types of records, depending
on the disposition of the attempted delivery.

57-6 Administering the Domino System, Volume 2

Domino logs updates to messages in MAIL.BOX as new deposits. For


example, if you change the address on a message in MAIL.BOX so that it
routes correctly, that message is logged as a new deposit.
If a message is split because the recipient list is too large, a separate
record is generated for each copy of the message. Each of these records
contains the same MessageID and Originator.

Notes session activity logging


Notes session activity logging tracks network traffic that occurs during a
server session with a Notes client or with another Domino server acting
as a client. Session records include such information as the name and
network address of the session user, the number of documents read and
written, the number of bytes read and written, the total number of
transactions executed during the session, and the duration of the session.
Servers, users, and API programs can all generate session activity.

Open records, which log when a session begins

Checkpoint records, which log activity that occurs when a session


has been open for a specified length of time

Close records, which consolidate all session information into a single


record when a session ends

This table contains a few examples of the types of activities that generate
each type of session record.
Type of record Type of activity
Open

Opening a database or any action that opens a database, such


as checking database properties
Starting replication
Having a remote server open another servers MAIL.BOX

Checkpoint

Reading documents
Editing documents
Saving and updating documents
Viewing or changing an ACL
Rebuilding a database view
Performing any other activity while a session is open

Close

Closing a database
Ending replication
Logging off, either manually or automatically
Exiting Notes
Having a remote server close MAIL.BOX
Setting Up Activity Logging 57-7

Monitoring

There are three types of activity logging records for session activity:

Notes database activity logging


Notes database activity logging tracks Notes database activity that occurs
during a server session. Database records include such information as the
name of the database, the name and address of the database user, the
number of documents read and written, the number of bytes read and
written, the total number of transactions executed in the database, and
the length of time the database was open. Servers, users, and API
programs can all generate database activity.
There are five types of activity logging records for database activity:

Open records, which log when a database opens

Checkpoint records, which log activity that occurs when a database


has been open for a specified length of time

Close records, which consolidate all log information for a database


session into a single record when a database closes

CloseEnd records, which consolidate database information at the end


of a Notes session (when the client logs off of the server)

MailDeposit records, which log when a mail message that does not
contain an attachment is deposited into MAIL.BOX. (Mail messages
that contain attachments generate Open records, Close records, and
possibly Checkpoint records.)

This table contains a few examples of the types of activities that generate
each type of database record.
Type of record Type of activity
Open

Opening a database or any action that opens a database, such


as checking database properties
Starting replication, including opening a database to
determine if replication is needed (even if no replication is
needed)*
Having a remote server open another servers MAIL.BOX

Checkpoint

Editing documents
Saving and updating documents
Viewing or changing an ACL
Performing any other database activity while a database is
open
continued

57-8 Administering the Domino System, Volume 2

Type of record Type of activity


Close

Closing a database
Ending replication
Logging off, either manually or automatically (one record for
each open database)
Exiting Notes (one record for each open database)
Having a remote server close MAIL.BOX

CloseEnd

Closing a database at the end of a session


Closing databases that the server opened for replication
Logging off of Notes
Exiting Notes

MailDeposit

Depositing a mail message that does not contain an attachment


into MAIL.BOX

CloseEnd records log the total activity in a database during a Notes


session. Each time a user opens and closes a database during a session,
Domino creates separate database Open and Close records. When the
user closes the Notes session, Domino generates a CloseEnd record for
each database that was open during the session. The CloseEnd record
consolidates the total activity in the database during the entire Notes
session. Therefore, if you open and close a database several times during
a Notes session, Domino generates multiple Open and Close records for
that database, but only one CloseEnd record.

Notes passthru activity logging


Notes passthru activity logging tracks activity that is generated by a
client or a server through a passthru connection. This includes such
information as the number of bytes sent and received, the number of
documents read and written, the number of transactions executed, and
the duration of the passthru session.
There are three types of activity logging records for passthru
connections:

Open records, which log when a passthru connection begins

Checkpoint records, which log activity that occurs when a passthru


session has been open for a specified length of time

Close records, which consolidate information into a single record


when a passthru session ends, such as when a client logs off or
disconnects from the passthru server
Setting Up Activity Logging 57-9

Monitoring

* When Domino closes databases after determining that replication is not


necessary, it generates a Close record that contains 0 (zero) in the Duration
field.

POP3 activity logging


POP3 activity logging tracks such POP3 information as the name of the
user, the IP address of the client, the number of bytes the client sends to and
reads from the server, the number of messages sent to the client, the
number of messages deleted from the client, and the duration of the session.
There are three types of activity logging records for POP3 activity:

Authorization records, which log when a user is authenticated and a


session begins

Checkpoint records, which log activity that occurs when a POP3


session has been open for a specified length of time

Close records, which consolidate POP3 information into a single


record when a POP3 session ends

If a session ends before authentication is complete, Domino generates


only a Close record. The user name in this record is Anonymous.

Replication activity logging


When you use activity logging for replication, Domino generates one
activity logging record for each database replication request that a server
initiates. Only the initiating server generates activity logging records.
Activity logging records for replication include such information as the
names of the source and destination servers, the replicaID of the database
that was replicated, and the number of bytes replicated in each direction.
There are no Checkpoint records for replication activity logging.
When a client initiates replication with a server, Domino logs the activity
as session activity, not as replication activity. In addition, using the Cluster
Replicator does not generate activity logging records for replication.

SMTP activity logging


SMTP activity logging tracks SMTP session activity, such as the IP
address of the connected client, the number of messages the client sends
to the server, the number of bytes the client sends to and receives from
the server, the number of recipients to whom messages are sent, and the
duration of the session.
There are three types of activity logging records for SMTP sessions:

Open records, which log when an SMTP session begins

Checkpoint records, which log activity that occurs when an SMTP


session has been open for a specified length of time

Close records, which consolidate SMTP information into a single


record when an SMTP session ends

57-10 Administering the Domino System, Volume 2

Example of creating activity logging records


This example shows the activity logging records that Domino generates
when a user sends mail to another user whose mail database is on a
different mail server. In this example, the message goes directly to the
recipients mail server without making any intermediate hops.
Domino generates some of these records, such as Notes session Checkpoint
records and Notes database Checkpoint records, only if the activity occurs
after the checkpoint interval has elapsed during the session.
Records generated

Server that
generates
records

1. User opens mail


database

Notes Session Open


Notes Database Open

Sending server

2. User creates a mail


message

The following are possible:


Notes Session Checkpoint
Notes Database Checkpoint

Sending server

3. User sends message


to MAIL.BOX

Mail Deposit plus the following:


If the message contains an
attachment:
Notes Database Open
Notes Database Close
If the message does not contain an
attachment:
Notes Database MailDeposit

Sending server

4. User saves message

The following are possible:


Notes Session Checkpoint
Notes Database Checkpoint

Sending server

5. The Router picks up


the message from
MAIL.BOX

Mail Transfer

Sending server

6. The Router deposits


the message in the
destination servers
MAIL.BOX

Mail Deposit plus the following:


If the message contains an
attachment:
Notes Database Open
Notes Database Close
If the message does not contain an
attachment:
Notes Database MailDeposit

Receiving
server

continued

Setting Up Activity Logging 57-11

Monitoring

Activity

Activity

Records generated

Server that
generates
records

7. The Router delivers


the message to the
users mail database

Mail Delivery

Receiving
server

8. User opens mail


database and reads
message

Notes Database Open

Receiving
server

Configuring activity logging


You configure activity logging by editing the Configurations Settings
document.
1. From the Domino Administrator, click the Configuration tab.
2. In the Task pane, expand Server and click Configurations.
3. In the Results pane, select the Configuration Settings document you
want, and click Edit Configuration.
4. On the Configuration Settings document, click the Activity Logging tab.
5. Select Activity logging is enabled.
6. In the Enabled logging types field, select the types of activity you
want to log.
7. (Optional) To increase or decrease the frequency of creating
Checkpoint records, change the checkpoint interval.
8. (Optional) To automatically create Notes session and Notes database
Checkpoint records every day at midnight, select Log checkpoint at
midnight.
9. (Optional) To automatically create Notes session and Notes database
Checkpoint records every day at the beginning and end of a specific
time period, select Log checkpoints for prime shift and then
specify the times for the Prime shift interval.
10. Click Save & Close.
11. (Optional) If you are logging activity for LDAP Add and Modify
operations and want to change the amount of information logged in
the Attributes field from the default of 4096 bytes, follow the steps in
the topic Limiting the amount of attribute information logged for
LDAP Add and LDAP Modify activity.

57-12 Administering the Domino System, Volume 2

Limiting the amount of attribute information logged for LDAP Add


and LDAP Modify activity
Since it is possible for LDAP Add and LDAP Modify operations to add
or modify many attribute values, by default activity logging stops
logging attribute information in a record when the amount logged
reaches 4096 bytes in that record. To specify a different amount of
attribute information to log:
1. From the Domino Administrator, open the server that runs the LDAP
service or a server in the same domain as the server that runs the
LDAP service.
2. Click the Configuration tab.
3. In the Task pane, expand Directory; then expand LDAP; and then
select Settings.
4. Do one of the following:

If you do not see this message, click Edit LDAP Settings.


5. In the field Activity Logging truncation size, type a value (in
bytes).
6. Click Save & Close.

Viewing activity logging data


You can view the activity logging information by running Activity
Analysis, which copies the information you specify to the Log Analysis
database (LOG4A.NSF or whatever name you specify). Domino creates
the Log Analysis database on your local computer. The Log Analysis
database includes views for the following activity information:
View

Description

Agent

For agent activity, shows the user, date, database, agent name,
and run time

All

Shows the activity type and timestamp of all activity logging


records

HTTP

For HTTP activity, shows the target server, user name, date,
HTTP request, time of the request, and the length of the content

IMAP

For IMAP activity, shows the organization name, server name,


user name, timestamp, bytes sent and received, and the duration
continued
Setting Up Activity Logging 57-13

Monitoring

If you see the message Unable to locate a Server Configuration


document for this domain. Would you like to create one now? click
Yes, and then click the LDAP tab on the document that is created.

View

Description

LDAP Add

For LDAP Add activity, shows the organization name, user


name, timestamp, name of the added object (entry), number of
bytes received, and any error messages

LDAP All

For all LDAP activity, shows the organization name, type of


activity, user name, and the timestamp

LDAP Delete For LDAP Delete activity, shows the organization name, user
name, timestamp, name of the deleted object (entry), number of
entries deleted, and any error messages
LDAP
Modify

For LDAP Modify activity, shows the organization name, user


name, timestamp, name of the modified object (entry), number
of bytes received, and any error messages

LDAP
ModifyDN

For LDAP ModifyDN activity, shows the organization name,


user name, timestamp, name of the modified object (entry), the
new RDN, the new superior, and any error messages

LDAP Search For LDAP Search activity, shows the organization name, user
name, timestamp, base object, filter, bytes sent, and the search
time
Mail
Deposited

For mail deposited into MAIL.BOX, shows the server name, who
the message was from and to, when the message was deposited,
the message ID, and the action taken upon the message
(depositing the mail into MAIL.BOX)

Mail
Processed

For messages processed in MAIL.BOX, such as mail transferred


to other servers and mail delivered to users, shows the server
name, who the message was from and to, when the message
was deposited, the message ID, and the action taken upon the
message

Notes
Database

For Notes database activity, shows the organization name,


server name, user name, database name, timestamp, number of
bytes sent and received, number of documents read and written,
and the total number of transactions

Notes
Passthru

For Notes passthru activity, shows the date, duration of the


connection, and the number of bytes sent and received by the
client and by the target server

Notes Session For Notes session activity, shows the organization name, server
name, user name, timestamp, number of bytes sent and
received, number of documents read and written, and the total
number of transactions
continued

57-14 Administering the Domino System, Volume 2

View

Description

POP3

For POP3 activity, shows the organization name, server name,


user name, timestamp, number of messages retrieved by and
deleted from the client, number of bytes the client sent to the
server and received from the server, and the duration of the
session

Replica

For replication activity, shows the date, source server and


database name, destination server and path, and the number of
bytes transferred

SMTP
Session

For SMTP activity, shows the organization name, server name,


IP address of the connected client, timestamp, number of
messages the client sent, number of recipients to whom the
messages were sent, number of bytes the client sent to and
received from the server, and the duration of the session

Running activity analysis


1. In the Domino Administrator, make the server on which you want to
run activity analysis current.
2. Click the Server - Analysis tab.
3. In the Tools pane, expand Analyze; and then click Activity.
4. Do one of the following to select the types of activity you want to log:
To log all the types of activity, skip this step. By default, all
activity types are selected.
To deselect a type of activity to log, click the activity type in the
Selected types of activity pane, and then click Remove. To
deselect all the types of activity, click Remove All.
To select a type of activity to log, click the activity type in the
Select server activity types to search for pane; and then click
Add. To add all the types of activity, click Add All.
5. Choose the starting and ending dates and times of the activity you
want to view.
6. (Optional) To write the analysis results to a database other than the
Log Analysis database, click Results Database and specify a different
database. Then click OK.

Setting Up Activity Logging 57-15

Monitoring

Note In addition to containing the results of running activity analysis,


the Log Analysis database may contain the results of running log
analysis, especially if you run log analysis using a version of Domino
earlier than Lotus Domino 6.

7. Select Append to this database to append the results of the


analysis to previous results in the database, or select Overwrite this
database to create a new database that contains only the results of
the current analysis.
8. Click OK to run the analysis and to open the Log Analysis database.

Viewing the data in the Log Analysis database


1. If the Log Analysis database is not already open, do the following:
On your local computer, choose File - Database - Open.
Select the Log Analysis database, and then click Open. (By default,
the database title is Log Analysis and the file name is
LOGA4.NSF.)
2. In the Task pane, expand Server Activity; and then click the view for
the type of activity you want to view.
3. (Optional) In the Results pane, double-click the record you want to
view.

57-16 Administering the Domino System, Volume 2

Chapter 58
Maintaining Databases
This chapter describes how to maintain databases after you deploy them.

Database maintenance
To keep a specific database in good working order, perform these tasks
regularly.
Frequency

Monitor replication, if a database


replicates

Daily

Monitoring

Task

Check for and consolidate replication or Daily, for large active databases;
save conflicts
weekly for other databases
Monitor database activity

Weekly

Monitor database size

Weekly

For information on monitoring database replication and database


activity, see topics in this chapter. For information on monitoring
database size, see the chapter Improving Database Performance.
In addition, if youre a server administrator, perform the following tasks
regularly to maintain all databases on a server.
Task

Frequency

Run the Updall task to update all views


and full-text indexes

Daily. Occurs by default daily at 2


AM.

Run the Designer task to keep databases Daily. Occurs by default daily at 1
that inherit design from master templates AM.
in sync with the master templates
Run the Compact task

Weekly or monthly with the -B


argument and in conjunction with a
certified backup utility.

Monitor the database cache

Occasionally

For information on running the Updall and Designer tasks, see the topic
Synchronizing databases with master templates, later in this chapter.
For information on running the Compact task and monitoring the database
cache, see the chapter Improving Database Performance.
58-1

The Files tab in the Domino Administrator


The Files tab in the Domino Administrator provides an easy way for you
to manage files in the Domino data folder. From the Files tab, you can:

View file information

Manage databases for example, compact databases and manage ACLs

Manage folders and links

Display disk space information


To customize the Files tab, you can:

Choose the types of files you see

Choose the folder contents you see

Customize the column display

To display the Files tab


1. From the Domino Administrator, select a server in the Server pane
on the left. To expand the pane, click the Servers icon.
2. Click the Files tab.

To open a specific database or template


Select the database or template in the files pane of the Files tab, and then
double-click.

Choosing the types of files you see in the Files tab


Do the following to choose the types of files you see in the Files tab:
1. From the Domino Administrator, click the Files tab.
2. In the Show me box, select one of the following options to control
the type of files that the files pane displays:
Databases only Displays databases but not templates
Templates only Displays templates and databases that act as
templates
Mail Boxes only Displays only MAIL.BOX databases for
administrators to quickly open when monitoring mail
All database types Displays all databases and templates
All files Displays all types of files
Database links only Displays only database links

58-2 Administering the Domino System, Volume 2

3. To choose a combination of files to display, in the box, select Custom,


select one or more of these options, and then click OK:
Databases
Templates Displays all templates except advanced templates
Advanced templates Displays advanced templates
Database Links
Mail boxes
ID files
Modem files
Alternately, you can specify one or more custom file extensions to
display files with those extensions, for example, TXT or BMP.

Choosing the folder contents you see in the Files tab


To choose the contents of folders that you see in the Files tab, do the
following:
2. Use the left pane in the Files tab to select a folder. By default, you see
only files in the selected folder. To see all the files in the Domino data
folder, click the files icon.
The Files tab can display files only in the data folder and in any folders
within the data folder.

Customizing the columns in the Files tab


The files pane of the Files tab in the Domino Administrator displays the
following information about databases in the order specified, by default:

Title

File name

Physical Path

File Format

Size

Max Size

Quota

Warning

Created

Last Fixup

Is Logged

Template

Maintaining Databases 58-3

Monitoring

1. From the Domino Administrator, click the Files tab.

To add and remove columns


1. From the Domino Administrator, choose Files - Preferences Administration Preferences.
2. Click the Files icon.
3. To add a column, select the column in the Available Columns box
and then click the right arrow to include the column in the Use These
Columns box. All available columns are displayed by default.
4. To remove a column, select the column in the Use These Columns
box, and then click the left arrow to remove the column.
5. Click OK.
To change the order of columns
1. From the Domino Administrator, choose Files - Preferences Administration Preferences.
2. Select the Files icon.
3. Select the column in the Use These Columns box and do the following:
To move the column one place to the right, click the up arrow
below the box.
To move the column one place to the left, click the down arrow
below the box.
4. Click OK.

Managing databases with the Files tab


Use the Files tab to manage databases from the Domino Administrator.
1. From the Domino Administrator, click the Files tab.
2. Select one or more databases in the files pane.
3. In the tools pane on the right, select Database and then select a tool
described in the following table. Or drag selected database(s) to the
tool.
Database tool

Description

Manage ACL

Manages access control lists

Create Replica

Creates replicas of databases using the


Administration Process server task

Compact

Compacts databases

Full-text index

Manages full-text indexes

Multi-Database Index Enables and disables multi-database indexing for


databases
Advanced Properties

Set advanced database properties


continued

58-4 Administering the Domino System, Volume 2

Description

Quotas

Set quotas to limit the size of databases

Move

Moves databases using the Administration Process


server task

Sign

Signs databases with signatures that can be used


for workstation data security

Replication

Enables and disables replication of databases

Fixup

Fixes corrupted databases

Cluster

Manages databases in a cluster

Analyze

Runs a database analysis

Find Note

Finds a document based on Note ID or UNID and


displays its properties to aid in troubleshooting

Create Db Event
Generator

Monitors a database based on various criteria

Manage Views

Frees space used by view indexes

Managing folders and links with the Files tab


Use the Folder tool in the Files tab to manage folders, and folder and
database links from the Domino Administrator.
1. From the Domino Administrator, click the Files tab.
2. Select a folder location in the left pane.
3. In the Tools pane on the right, select Folder and choose one of the
following options:
New
New Link
Update Link
Delete
For more information, see the chapter Organizing Databases on a
Server.

Displaying disk space information with the Files tab


Use the Disk Space tool in the Files tab of the Domino Administrator to
display the disk size and free disk space on a selected server.
1. From the Domino Administrator, select the server for which you
want to display disk space.
2. Click the Files tab.
3. In the Tools pane on the right, select Disk Space.
Maintaining Databases 58-5

Monitoring

Database tool

Monitoring replication of a database


If there are replicas of a database, you can use any of these methods to
monitor replication daily.
Method

Description

Replication history

Records each successful replication session for a


database. Useful for determining at a glance if a
replication is occurring.

Replication Events
view of the log file
(LOG.NSF)

Shows details about replication events between servers.


Useful for determining the cause of replication failure
and for verifying that the expected number of
replication updates occurred.

Replication monitor

Notifies you when replication of a database hasnt


occurred within a specified time period. A server
administrator creates replication monitors as a part of
configuring the Event Monitor task.

Database Analysis
tool

Lets you collect replication history, replication events


from the log file, and other information specific to a
database into a results database that you can analyze.

In addition to ensuring that a database is replicating, you should


routinely check for and consolidate replication and save conflicts.
For more information on the Database Analysis tool, see the topic
Database analysis, later in this chapter.

The database replication history


A databases replication history is stored in the Basics tab of the Database
Properties box. The first time one server replica successfully replicates
with a replica on another server, Domino creates an entry in the
replication history. The entry contains the name of the other server, as
well as the date and time of the replication. Separate entries are created
when a replica sends information and when a replica receives it. On each
subsequent replication with a specific server, Domino updates the entry
in the history to reflect the most recent replication time.
Domino uses the replication history to determine which documents to
scan for changes during the next replication. For example, if a database
successfully replicated with the HR-E/East/Acme server 24 hours ago,
Domino replicates only those documents that were added, modified, or
deleted in the replica on HR-E/East/Acme within the last 24 hours.
Before replication starts between two databases, Domino checks the
replication history of both databases to make sure that they agree. If they
dont, Domino scans each document created or modified since the date
58-6 Administering the Domino System, Volume 2

specified in the Only replicate incoming documents saved or modified


after setting on the Other panel of the Replication Settings dialog box.
If a database doesnt replicate successfully, Domino doesnt update the
replication history.

Within a server cluster, the Cluster Replicator stores replication history


information in memory and updates the replication history about once an
hour.
For information on viewing cluster replication data, see the book
Administering Domino Clusters. For more information on the Only
replicate incoming documents saved or modified after setting, see the
chapter Creating Replicas and Scheduling Replication.

Displaying and clearing the replication history


To display a replication history
1. Make sure you have Reader access or higher in the database ACL.
2. Open the database.
3. Choose File - Replication - History.
4. Do one of the following:
Select Date to view the information by date.
Select Server name to view the information by server.
5. Click Done when you finish reviewing the history.
Tip If the replication history dialog box truncates an entry, click Zoom
to display the complete entry. To copy the entire replication history to the
Clipboard, click Copy.

Maintaining Databases 58-7

Monitoring

Clearing the replication history


If you have Manager access to a database, you can clear the database
replication history if you think the database doesnt contain all the
documents it should or if the database replication history is not
synchronized with that of other replicas. Clear the replication history
only as a last resort to solve replication problems. If you clear the history,
during the next replication, Domino scans each document created or
modified since the data specified in the Only replicate incoming
documents saved or modified after setting on the Other panel of the
Replication Settings dialog box. Scanning all these documents can be
time-consuming, especially over dial-up connections. If you clear the
Only replicate incoming documents saved or modified after setting,
Domino scans all documents in the database.

To clear a replication history


1. Make sure you have Manager access in the database ACL.
2. Open the database.
3. Choose File - Replication - History.
4. Do one of the following:
To clear one entry, select it, click Zoom, click Remove, then click
Yes.
To clear the entire replication history, click Clear, then click Yes.
5. Click Done.

Viewing replication events in the log file


The Replication Log entries in the Replication Events view of the log file
(LOG.NSF) display detailed information about the replication of specific
databases. For each database that has replicated on a specified server, a
Replication Log shows the access the server has to the database; the
number of documents added, deleted, and modified; the size of the data
exchanged; and the name of the replica that this database replicated
with. The Events section of a Replication Log shows any problems that
occurred when a specific database replicated. For example, the Events
section shows if replication is disabled or if the database ACL is
preventing replication.
1. From the Domino Administrator, select the server that stores the log
file you want to view.
2. Click the Server - Analysis tab.
3. Select Notes Log - Replication Events.
4. Open a recent Replication Log.

Replication or save conflicts


Multiple users can simultaneously edit the same document in one copy
of a database or edit the same document in different replicas between
replication sessions. When these conditions occur, Domino stores the
results of one editing session in a main document and stores the results
of additional editing sessions as response documents. These response
documents have the title Replication or Save Conflict. Domino uses the
$Revisions field, which tracks the date and time of each document
editing session, to determine which document becomes the main
document and which documents become responses.

58-8 Administering the Domino System, Volume 2

Replication conflicts
A replication conflict occurs when two or more users edit the same
document and save the changes in different replicas between
replications. These rules determine how Domino saves the edit sessions:

The document edited and saved the most times becomes the main
document; other documents become Replication or Save Conflict
documents.

If all of the documents are edited and saved the same number of
times, the document saved most recently becomes the main
document, and the others become Replication or Save Conflict
documents

If a document is edited in one replica but it is deleted in another


replica, the deletion takes precedence, unless the edited document is
edited more than once or the editing occurs after the deletion.

A save conflict occurs when two or more users open and edit the same
document at the same time on the same server, even if theyre editing
different fields. When this situation occurs, the first document saved
becomes the main document. Before the second document is saved, a
dialog box indicates that the user is about to save a conflict document
and if the user saves the document, it becomes a Replication or Save
Conflict document.
Note ACL and design changes never result in replication or save
conflicts; the most recent change always prevails.

Preventing replication or save conflicts


The following techniques reduce or eliminate replication or save
conflicts. The first four are techniques that a database designer uses:

Select the Form property Merge replication conflicts to


automatically merge conflicts into one document if no fields conflict.
This applies to replication conflicts only and not to save conflicts.

Specify a Form property for versioning so that edited documents


automatically become new documents.

Lock documents in a database.

Use LotusScript to write a custom conflict handler.


For information on designing forms and using LotusScript, see the
books Application Development with Domino Designer and Domino
Designer Programming Guide, Volumes 2A and 2B:
LotusScript/COM/OLE Classes.
Maintaining Databases 58-9

Monitoring

Save conflicts

The last three are techniques that a system administrator or database


manager can use:

Assign users Author access or lower in the database ACL to prevent


users from editing other users documents.

Keep the number of replicas to a minimum.

If the database property Limit entries in $Revisions fields is set to a


value greater than 0, increase the limit by specifying a greater value
than the existing one or specify -1 to remove the limit.

For more information on the database property Limit entries in


$Revisions fields, see the chapter Improving Database Performance.

Consolidating replication or save conflicts


Regularly look for and consolidate replication or save conflicts. To
consolidate a conflict, merge information into one document and remove
the other document. Conflicts are easiest to consolidate immediately after
they occur, since the conflict document is still closely synchronized with
the information in the main document. Its important to consolidate
replication or save conflicts quickly, so users access the correct
information.
Tip To locate replication or save conflicts, create a view that displays
only conflict documents. Then, to see a conflict document in context with
its main document, select the Replication or Save Conflict document in
the view that displays conflicts, hold down the CTRL key, and switch to
the view that shows the main document.
To consolidate replication or save conflicts, you can save the main
document or save the Replication or Save Conflict document

To save the main document


1. Copy any information you want to save from the Replication or Save
Conflict document into the main document.
2. Delete the conflict document.

To save the Replication or Save Conflict document


1. Do one of the following:
Copy any information you want to save from the main document
into the Replication or Save Conflict document.
If you do not need to save any information from the main
document, perform a minor edit in the replication or save conflict
document for example, delete a space.

58-10 Administering the Domino System, Volume 2

2. Save the conflict document. The conflict document becomes a main


document.
3. Delete the original main document.

Monitoring database activity


Monitor database activity regularly. If database activity is high and users
report performance problems, do any of the following:
Set database properties that improve performance.

Create a replica of the database on another server, if possible, one


within a server cluster.

Move the database to a more powerful server.

Move the database to a disk that is less heavily used, or if its a large
database, to its own disk.

Track database activity with activity logging.

If a database or view is inactive, consider deleting the database or view


to free disk space on the server.

How the Statlog task generates activity statistics


The Statlog task on a server runs by default once a day at 5 AM, at which
time it reports database activity for databases on the server in Database
Activity Log entries in the Database - Usage and Database - Sizes views
of the log file (LOG.NSF) and to the User Activity dialog box of
individual databases. This table compares the information generated in
each location.
Information provided

Database
Activity Log
entry

User
Activity
dialog box

Shows total number of times user and servers


Yes
accessed, read, and wrote to a database in past 24
hours, past week, past month, and since the
creation of the database*

Yes

Shows inactive views (indicated by the size 0)

Yes

No

Shows names of users and servers who read and No


wrote documents, sorted by date*

Yes

* Includes activity for anonymous and authenticated Internet clients.

Maintaining Databases 58-11

Monitoring

Tip In addition to viewing activity statistics reported by Statlog, you


can evaluate database activity by creating a view that sorts documents by
date. You can also create File Monitor documents as part of Event
Monitor configuration. File Monitors report user activity for specific
databases.
For information on creating views, see the book Application Development
with Domino Designer. For information on monitoring database activity
within a server cluster, see the book Administering Domino Clusters.
Statlog always reports activity information to the log file, but to save disk
space, you can prevent it from automatically reporting to User Activity
dialog boxes.
Note The Statlog task also reports database size statistics in the
Database - Sizes view of the log file.

Viewing database activity statistics generated by the Statlog task


Instead of opening the log file or viewing the User Activity dialog box
directly as described below, you can use the Database Analysis tool to
see activity statistics.
For information on monitoring database activity using the Database
Analysis tool, see the topic Database analysis, later in this chapter.
In the log file (LOG.NSF)
1. From the Domino Administrator, select the server that stores the log
file you want to view.
2. Click the Server - Analysis tab.
3. Do one of the following:
Select Notes Log - Database - Sizes
Select Notes Log - Database - Usage
4. Double-click a Database Activity Log entry to view it.
Tip If you dont have access to the Domino Administrator, select the log
file database and choose File - Database - Open.
In the User Activity dialog box
1. Open the database and choose File - Database - Properties.
2. Click the i tab, and then click User Detail.
Tip To track usage over a period of time, choose Copy to Clipboard to
copy the summary to a document that you use to track usage statistics.

58-12 Administering the Domino System, Volume 2

Managing database activity recording in databases


Disable automatic activity recording in User Activity dialog boxes
By default, Statlog reports database activity to all database User Activity
dialog boxes when it runs. Even if a user disables User Activity reporting
for a specific database, the next time Statlog runs, it enables recording in
the dialog box again.
To prevent Statlog from automatically recording activity in User Activity
dialog boxes, add No_Force_Activity_Logging=1 to the NOTES.INI file.
Then, you can enable activity recording per database, as needed. Because
recording activity in the User Activity dialog box adds 64K to the size of
each database, disabling automatic activity recording saves disk space on
the server.
Tip Disable automatic activity recording to improve database
performance.

Enable activity recording in a single databases User Activity dialog


box
Even if the server administrator uses the No_Force_Activity_Logging
setting in the NOTES.INI file to disable automatic activity recording in
databases, you can enable recording for a single database.
1. Make sure that you have Designer or Manager access in the database
ACL.
2. Open the database and choose File - Database - Properties.
3. Click the i tab, and then click User Detail.
4. Select Record Activity to enable activity recording.
5. (Optional) Select Activity is Confidential to allow only users with
at least Designer access in the database ACL to view the activity.
6. Click OK.
Disable activity recording in a single databases User Activity dialog
box
Use the above procedure, but deselect Record Activity in Step 4.
Disabling activity recording also removes any existing activity statistics
in the User Activity dialog box.

Maintaining Databases 58-13

Monitoring

Note If you use No_Force_Activity_Logging, Statlog still reports


activity to the log file (LOG.NSF).

Updating database indexes and views


A view index is an internal filing system that Lotus Notes uses to build
the list of documents to display in a database view or folder. View
indexes should be kept up-to-date so that information in views and
folders stays synchronized with document updates. You can also purge
or delete view indexes to improve database performance.
A full-text index is an index of the text in a database. To perform
advanced searches for text in a database, users need an up-to-date
full-text index that reflects the latest content of a database.
You can use any of these methods to update database indexes:

The Update task

The Updall task

Keyboard shortcuts

The Database Properties box

For information on using the Database Properties box to update full-text


search indexes, see the chapter Setting Up and Managing Full-text
Indexes.

Indexer tasks: Update and Updall


The Update and Updall tasks keep view indexes and full-text indexes
up-to-date.

Update
Update is loaded at server startup by default and runs continually,
checking its work queue for views and folders that require updating.
When a view or folder change is recorded in the queue, Update waits
approximately 15 minutes before updating all view indexes in the
database so that the update can include any other database changes
made during the 15-minute period. After updating view indexes in a
database, it then updates all databases that have full-text search indexes
set for immediate or hourly updates.
When Update encounters a corrupted view index or full-text index, it
rebuilds the view index or full-text index in an attempt to correct the
problem. This means it deletes the view index or full-text index and
rebuilds it.
To improve view-indexing performance, you can run multiple Update
tasks if your server has adequate CPU power.

58-14 Administering the Domino System, Volume 2

Note The Update task spawns a directory indexer thread. The directory
indexer runs at one-minute intervals and is dedicated to keeping Domino
Directory view indexes up-to-date. The directory indexer runs against
any local or remote Domino Directory or Extended Directory Catalog
that a server uses for directory services.

Updall
Updall is similar to Update, but it doesnt run continually or work from a
queue; instead you run Updall as needed. You can specify options when
you run Updall, but without them Updall updates any view indexes or
full-text search indexes on the server that need updating. To save disk
space, Updall also purges deletion stubs from databases and discards
view indexes for views that have been unused for 45 days, unless the
database designer has specified different criteria for discarding view
indexes. Use the NOTES.INI setting Default_Index_Lifetime_Days to
change when Updall discards unused view indexes.

By default Updall is included in the NOTES.INI setting ServerTasksAt2,


so it runs daily at 2 AM. Running Updall daily helps save disk space by
purging deletion stubs and discarding unused view indexes. It also
ensures that all full-text search indexes that are set for daily updates are
updated.
The following table compares the characteristics of Update and Updall.
For Updall, the table describes default characteristics. For information on
options you can use to modify some of these characteristics, see the topic
Updall options later in this chapter.
Characteristic

Update

Updall

When it runs

Continually after server


startup

2 AM and when you run


it

Runs on all
databases?

No. Runs only on databases


that have changed.

Yes

Refreshes views
indexes?

Yes

Yes

Updates full-text
indexes?

Yes. Updates full-text indexes


set for immediate and hourly
updates.

Yes. Updates all full-text


indexes.

Detects and attempts Yes


to rebuild corrupted
view indexes?

Yes

continued
Maintaining Databases 58-15

Monitoring

Like Update, Updall rebuilds all corrupted view indexes and full-text
search indexes that it encounters.

Characteristic

Update

Updall

Detects and attempts Yes


to rebuild corrupted
full-text indexes?

Yes

Purges deletion
stubs?

No

Yes

Discards unused
view indexes?

No

Yes (after a view is


unused for 45 days or
according to a view
discard option specified
by a designer)

Ignores Refresh
index view
property?

Yes

Yes

Can customize with


options?

No

Yes

Updall options
You can use any of these methods to run Updall on a server:

Task - Start tool in the Domino Administrator Use this method if


you dont want to use command-line options.

Load Updall console command Use this method if youre


comfortable using command-line options or if you want to run
Updall directly at the server console when there is no Domino
Administrator running on the server machine.

Program document that runs Updall Use this method to schedule


Updall to run at particular times.

Run Updall on a Win32 platform Use this method if you are


unable to run Updall at the server console. This method requires that
you use the n prefix for example, nupdall - R.

When you use these methods, you can include options that control what
Updall updates. For example, you can update all views and not update
any full-text search indexes.
The following tables describe the options you can use with Updall. The
first column describes the option names as they appear in the Task - Start
tool. The second column lists the equivalent command-line options that
you use when you use a console command to run Updall and when you
schedule Updall to run in a Program document.

58-16 Administering the Domino System, Volume 2

Use this syntax when you use the Load updall console command:
Load updall databasepath options

For example:
Load updall SALES.NSF -F

You can specify multiple options for example:


Load updall -F -M

For information on Updall behavior when you dont specify options, see
the topic Indexer tasks: Update and Updall, earlier in this chapter.
Updall - Basic options
Description

Index all
databases

Index only this


database or
folder

databasepath
For more
information on
databasepath, see
the topic Using
a console
command, later
in this chapter.

Only this database updates only the


specified database. To update a
database in the Domino data folder,
enter the file name, for example,
SALES.NSF. To update databases in a
folder within the data folder, specify
the database path relative to the data
folder, for example,
DOC\README.NSF.
Index all databases (or no database
path) updates all databases on the
server.

database -T
viewtitle

Updates a specific view in a database.


Use, for example, with -R to solve
corruption problems.

Update this view


only

Updall - Update options


Option in Task - Start
tool

Command-line Description
option

Update: All built


views

-V

Updates built views and does not


update full-text indexes.

Update: Full text


indexes

-F

Updates full-text indexes and does not


update views.

Update: Full text


indexes: Only those
with frequency set to:
Immediate

-H

Updates full-text indexes assigned


Immediate as an update frequency.

continued

Maintaining Databases 58-17

Monitoring

Option in Task - Start Command-line


tool
option

Option in Task - Start


tool

Command-line Description
option

Update: Full text


indexes: Only those
with frequency set to:
Immediate or Hourly

-M

Updates full-text indexes assigned


Immediate or Hourly as an update
frequency.

Update: Full text


indexes: Only those
with frequency set to:
Immediate or Hourly
or Daily

-L

Updates full-text indexes assigned


Immediate, Hourly, or Daily as
an update frequency.

Updall - Rebuild options


Option in Task - Start
tool

Command-line Description
option

Rebuild: Full-text
indexes only

-X

Rebuilds full-text indexes and does not


rebuild views. Use to rebuild full-text
indexes that are corrupted.

Rebuild: All used


views

-R

Rebuilds all used views. Using this


option is resource-intensive, so use it as
a last resort to solve corruption
problems with a specific database.

Rebuild: Full-text
indexes and
additionally: All
unused views

database -C

Rebuilds unused views and a full-text


index in a database. Requires you to
specify a database.

Updall - Search Site options


Option in Task - Start
tool

Command-line Description
option

Update database
configurations:
Incremental

-A

Incrementally updates search-site


database configurations for search site
databases.

Update database
configurations: Full

-B

Does a full update of search-site


database configurations for search site
databases.

58-18 Administering the Domino System, Volume 2

Running the Updall task


Using the Task - Start tool
1. From the Domino Administrator, select the server on which to run
Updall.
2. Click the Server - Status tab.
3. In the task panel on the right, click Task - Start.
4. Select Update all. Do not select Update.
5. Do one of the following:
To customize how Updall runs, click Select advanced options,
click Start Task, specify options to customize how Updall runs,
then click OK.
To run Updall without options, deselect Select advanced
options and then click Start Task.

2. Click the Server - Status tab.


3. Click Console.
4. Enter the following command in one of the following ways: 1) In the
command line at the bottom of the console, and then press ENTER,
or 2) Directly at the console on a server:
Load updall databasepath options

where databasepath specifies the files on which to run Updall


and options are Updall command-line options.
For example, enter :
Load updall SALES.NSF -F

The following table illustrates how you can use databasepath to specify
databases, folders, and subfolders.
To compact

Example command

Load updall
Specific databases in
the Domino data folder SALES.NSF,DEV.NSF

All the databases in a


folder relative to the
Domino data folder

Load updall SALES

Files compacted
DATA\SALES.NSF
DATA\DEV.NSF
DATA\SALES\all
databases
continued

Maintaining Databases 58-19

Monitoring

Using a console command


1. From the Domino Administrator, select the server on which to run
Updall.

To compact

Example command

A specific database in a Load updall


SALES\USER1.NSF
folder relative to the
Domino data folder

Files compacted
DATA\SALES\
USER1.NSF

All the files specified in Load updall WEEKLY.IND DATA\SALES.NSF


an IND file created in
DATA\DEV.NSF
where WEEKLY.IND
the Domino data folder contains:
DATA\SALES\
SALES.NSF
USER1.NSF
DEV.NSF
DATA\SALES\NEW\all
SALES\USER1.NSF
databases
SALES\NEW

Using a Program document


Use a Program document to schedule Updall to run with options at a
regular time. Note that by default Updall is included in the NOTES.INI
setting ServerTasksAt2, so it runs daily at 2 AM on all databases without
options.
For more information on Program documents, see the appendix Server
Tasks.
1. From the Domino Administrator, click the Configuration tab.
2. Next to Use Directory on, select the server with the replica of the
Domino Directory that you want to modify.
3. Expand Server - Programs and then click Add Program.
4. Complete these fields on the Basics tab:
Field

Enter

Program name

Updall

Command line

Command line options. Dont specify load before the


options.

Server to run on

Server on which to run Updall

Comments

Optional comments

For more information on the available command-line options, see the


topic Updall options, earlier in this chapter.

58-20 Administering the Domino System, Volume 2

5. Complete these fields on the Schedule tab:


Field

Enter

Enabled/disabled

Enabled

Run at times

Times to run Updall each day

Repeat interval of

How soon to run Updall again after it completes

Days of week

The days to run Updall

6. Click Save and Close.

Keyboard shortcuts that update or rebuild views


This table describes the keyboard shortcuts you can use to update or
rebuild views.
Description

When to use

F9

Updates the current


view

To display current information in the


view

SHIFT+ F9

Rebuilds the current


view

To fix problems with a view

CTRL+SHIFT+ Rebuilds all views in a


F9
database that are not
built; updates all other
views

To rebuild or update all views if you


are unable to run the Updall task.
You must wait until the process is
complete, so use Updall instead if
possible.

Running multiple Update tasks


To improve view indexing performance, you can run multiple Update
tasks. Doing this can affect server performance and is recommended
primarily for multi-processor machines. On a server with multiple
processors, enable a maximum of one Update task per processor.
Using a Configuration settings document
1. From the Domino Administrator, click the Configuration tab.
2. Next to Use Directory on, select the server that stores the Domino
Directory you want to modify.
3. Expand Server - Configurations.
4. Do one of the following:
Click Edit Configuration to edit an existing Configuration settings
document
Click Add Configuration to create a new Configuration settings
document

Maintaining Databases 58-21

Monitoring

Shortcut

5. Click the NOTES.INI Settings tab.


6. Click Set/Modify Parameters.
7. In the Item box, select Updaters. In the Value box, enter the number
of Update tasks to run. Then click OK.
8. Click Save and Close.
9. Restart the server so that the setting takes effect.
Using the Task - Start tool
Use the Task - Start tool to run multiple Update tasks without having to
shut down and restart the server. If you eventually shut down the server,
you must repeat this procedure when you restart it.
Each time you enter this command, the server loads another Update task.
1. From the Domino Administrator, select the server on which to run
Update.
2. Click the Server - Status tab.
3. In the Tools pane on the right, click Task - Start.
4. Select Update. Do not select Update all.
5. Click Start Task.
Tip You can also enter the following command at the console:
Load update

Changing the temporary folder used for view rebuilds


When Domino rebuilds views for example, when you use updall -R or
when a user opens a view whose index has been deleted it may
generate temporary files to sort the data in order to rapidly update the
views; Domino deletes these files after rebuilding the views. By default,
these temporary files are located in your systems temporary folder for
example, C:\TEMP. If your system doesnt have a temporary folder, then
Domino puts the files in the Domino data folder.
Depending on the amount of memory available during rebuilding, the
space required in the temporary folder for each view being rebuilt is
approximately two times the size of the largest view or two times the size
of all the data in documents, whichever value is greater. It is
recommended that you change the location of the temporary files to a
different drive from the Domino data folder. Putting the temporary
folder on a different drive distributes disk I/O and ensures that there is
enough space to rebuild views. Domino is very conservative when
estimating the amount of disk space needed for optimized view rebuilds
so that it wont spend unnecessary time sorting data only to discover that

58-22 Administering the Domino System, Volume 2

theres inadequate disk space. Make sure that the temporary folder you
specify has plenty of disk space available.
To change the temporary folder used for view rebuilds, add the setting
View_Rebuild_Dir to the servers NOTES.INI file and specify a new
location. For example, add:
View_Rebuild_Dir=D:\REBUILD

If Domino estimates that theres not enough space available in the


temporary folder to rebuild a specific view, Domino uses a slower
method to rebuild the view and logs this message to the Miscellaneous
Events view of the log file (LOG.NSF):
Warning: unable to use optimized view rebuild for view due
to insufficient disk space at directory. Estimate may need x
million bytes for this view. Using standard rebuild instead.

Disable_View_Rebuild_Opt=1

Managing view indexes


A view index is an internal filing system that Lotus Notes uses to build
the list of documents to display in a database view or folder. Because a
database grows when you add views and folders, you can improve
database performance by occasionally purging view indexes.
To purge one or more of the view indexes in a database:
1. From the Domino Administrator, click the Files tab.
2. Select the database.
3. Choose Database - Manage Views.
4. For each view index in the database you want to purge:
a. Select the view index.
b. Click Purge.
c. Click Yes at the prompt.
5. Click Done.

Maintaining Databases 58-23

Monitoring

You can add the following setting to the NOTES.INI file to disable
optimized view rebuilding. However, do this only as a last resort if
youve specified a view rebuild folder and you still see the preceding
message for many views. If you see the message for just a few views,
dont disable view rebuilding.

Synchronizing databases with master templates


To use a consistent design for multiple databases, database designers can
associate databases or elements within databases with a master template.
Designers can manually synchronize databases with a master template,
but more often they rely on the Designer task to do this. When a master
template design changes, the Designer task updates all databases that
inherit their designs from the master template. The Designer task runs
daily by default at 1 AM. The Updall task, which runs by default at 2
AM, updates the view indexes of databases changed by Designer.
For a servers Designer task to update databases, you must create a
replica of the master template on each server that stores databases that
inherit from the master template.
After updating database designs, the Designer task also reloads the
LDAP schema on a Domino server that runs the LDAP service.
You cant run the Designer task against a specific database or folder. It
runs only against all databases on a server.
For more information on master templates, see the book Application
Development with Domino Designer.
You can run the Designer task by using one of the following methods.

Running the Designer task using the Task - Start tool


1. From the Domino Administrator, select the server on which to run
Designer.
2. Click the Server - Status tab.
3. In the task panel on the right, click Task - Start.
4. Select Designer and then click Start Task.

Running the Designer task using a console command


1. From the Domino Administrator, select the server on which to run
the Designer task.
2. Click the Server - Status tab.
3. Click Console.
4. Enter the following command in the command line at the bottom of
the console, and then press ENTER:
Load design

58-24 Administering the Domino System, Volume 2

The following table describes the command line options you can use with
the Designer task.
Command line option Description
-d directory name

Synchronizes the databases in a directory relative to the


data directory. For example, to synchronize databases in
the directory DATA\SALES, specify -d SALES.

-f filename

Synchronizes a specific database. For example, to


synchronize the database DATA\SALES.NSF, specify -f
SALES.NSF.

-i name

Synchronizes the databases specified by name, which can


be a database, folder, or file name that contains a list of
paths, each of which can be a database or a folder.

The following table shows an example of the -i command line option.


then load design -i
SCHEDULE is the same as this

SALES
DEV
DEV\USER1.NSF

load design -d SALES

SALES is a directory
and
DEV is a directory

load design -d DEV


load design -f
DEV\USER1.NSF

Fixing corrupted databases


Corrupted databases dont occur frequently when you use transaction
logging. When you use transaction logging to log changes to databases, a
server automatically uses the transaction log to restore and recover
databases after a system failure for example, after server failures or
power failures. If a disk failure occurs, you use the transaction log along
with a certified backup utility to restore and recover the databases.
For information on upgrading database format, see the Upgrade Guide.
The Miscellaneous Events view of the log file (LOG.NSF) records
detailed messages about corrupted documents and views. These
messages in the log file indicate document corruption:

Document NTdocument number in database database name is damaged

Document document number in database database name has been


deleted

Maintaining Databases 58-25

Monitoring

If the file SCHEDULE where


contains this

The following messages indicate that Domino has rebuilt, is in the


process of rebuilding, or was unable to rebuild damaged views:

Page format is incorrect

Invalid CNO vector - position == 0

Container integrity has been lost - rebuild

For information on using the log file, see the chapter Using Log Files.

Ways to fix corrupted databases


If you encounter database corruption in a database, you can use any of
these methods to try to fix the problem. Because corruption is much less
of an issue for logged databases, these methods are primarily used for
solving corruption problems in unlogged databases.

Run Fixup to fix corrupted views and documents.

Run Updall to fix corrupted views and full-text indexes; if a


corrupted view is the problem, try Updall before trying Fixup.

Run Compact with the -c option to fix corruption problems that


Fixup doesnt correct.

Press SHIFT+F9 to rebuild one view; press CTRL+SHIFT+F9 to


rebuild all views in a database.

Create a replica of the database.

For information on using Compact, see the chapter Improving Database


Performance.

Using Fixup
When you restart a server, the server quickly searches for any unlogged
databases that were modified but improperly closed because of a server
failure, power failure, hardware failure, and so on. A few minutes after
server startup is complete, the Fixup task then runs on these databases to
attempt to fix any inconsistencies that resulted from partially written
operations caused by a failure. When users attempt to access one of these
databases and Fixup hasnt yet run on the database, the users see the
message This database cannot be opened because a consistency check of
it is in progress. A similar Fixup process occurs when you restart a
Lotus Notes client.

58-26 Administering the Domino System, Volume 2

Multiple Fixup tasks run simultaneously at server startup to reduce the


time required to fix databases. The number of Fixup tasks that Domino
runs by default at startup is equal to two times the number of processors
available on the server. Although this default behavior should be
adequate in most circumstances, you can edit the NOTES.INI file to
include the Fixup_Tasks setting. The actual number of tasks run is the
smaller of the configured number of tasks that can run and the number
of databases that require fixing. For example, if you set Fixup_Tasks to 4
but only one database requires fixing, then only one Fixup task runs.
Keep in mind that after you set up transaction logging, Fixup is not
needed or used to bring databases back to a consistent state.

Ways to run Fixup manually


Use Domino Administrator to use any of these methods to run Fixup
manually to fix a corrupted database. With each of these methods, you
can customize how Fixup runs.
Run Fixup using the Fixup tool in the Files tab Use this method to
run Fixup on one or a few databases; you can easily select the
databases and you dont have to use command-line options, but you
cant use the Domino Administrator until Fixup finishes.

Run Fixup using the Task - Start tool Use this method to run Fixup
on all databases; you can continue to use the Domino Administrator
while Fixup runs and you dont have to use command-line options.

Run Fixup using a console command Use this method if you want
to use command-line options or to run Fixup directly at the server
console when there isnt a Domino Administrator client available.

Run Fixup using a Program document Use this method to


schedule Fixup to run at particular times.

Run Fixup on a Win32 platform Use this method if you are unable
to run Fixup at the server console. This method requires that you use
the n prefix, for example, nfixup - F.

Maintaining Databases 58-27

Monitoring

Fixup options
The following table describes the options you can use with Fixup. The
first column lists the options as they appear when you run Fixup using
the Fixup tool or the Task - Start tool in the Domino Administrator. The
second column lists the equivalent command-line options that you use
when you run Fixup using a console command or using a Program
document.
Fixup options in Fixup Command-line Description
tool and Task - Start tool equivalent

Fixup all databases databasepath


Fixup only this
database or folder

Fixup only this database or folder


runs Fixup only on a specified database
or all databases in a specified folder. To
run Fixup on a database in the Domino
data folder, enter the file name, for
example SALES.NSF. To run Fixup on a
database or databases in folders within
the data folder, enter the path relative to
the data folder. For example, to run
Fixup on all databases in the
DATA\SALES folder, specify SALES.
Fixup all databases or no command
line database path runs Fixup on all
databases on the server.
Note To specify databases or folders to
run on using the Fixup tool, select the
database(s) or folder(s).

Report all processed


databases to log file

-L

Reports to the log file every database


that Fixup opens and checks for
corruption. Without this argument,
Fixup logs only actual problems
encountered.

Scan only since last


fixup

-I

When you run Fixup on a specific


database, Fixup checks only documents
modified since Fixup last ran. Without
this option, Fixup checks all documents.

Scan all documents

-F

When you run Fixup on all databases,


Fixup checks all documents in the
databases. Without this option, Fixup
checks only documents modified since it
last ran.
Note To specify this option using the
Fixup tool, deselect Scan only since last
fixup.
continued

58-28 Administering the Domino System, Volume 2

Fixup options in Fixup Command-line Description


tool and Task - Start tool equivalent
Perform quick fixup

-Q

Checks documents more quickly but


less thoroughly. Without this option,
Fixup checks documents thoroughly.
Prevents Fixup from running on views.
This option reduces the time it takes
Fixup to run. Use if view corruption
isnt a problem.

Dont purge corrupted -N


documents

Prevents Fixup from purging corrupted


documents so that the next time Fixup
runs or the next time a user opens the
database, Fixup must check the database
again. Use this option to salvage data in
documents if the corruption is minor or
if there are no replicas of the database.

Optimize user unread


lists

-U

Reverts ID tables in a database to the


previous release format. Dont select
this option unless Customer Support
recommends doing so.

Fixup
transaction-logged
databases

-J

Runs on databases that are enabled for


transaction logging. Without this
option, Fixup generally doesnt run on
logged databases.
If you are using a certified backup
utility, its important that you schedule
a full backup of the database as soon
after Fixup finishes as possible.

Fixup open databases

-O

If you run Fixup on open databases,


Fixup takes the databases offline to
perform the fixup.
This is the default if you run Fixup and
specify a database name. Without this
option, when you do not specify
database names, Fixup does not run on
open databases.

Dont fixup open


databases

-Z

Applies only to running Fixup on a


single database. When a database isnt
taken offline and is in use, then Fixup is
not run.
This is the default when Fixup is run on
multiple databases.
continued

Maintaining Databases 58-29

Monitoring

Exclude views (faster) -V

Fixup options in Fixup Command-line Description


tool and Task - Start tool equivalent
Verify only

-C

Verifies the integrity of the database and


reports errors. Does not modify the
database (for example, does not purge
corrupted documents).

Fixup subdirectories

-Y

Runs Fixup on databases in subfolders


(subdirectories).

Dont fixup
subdirectories

-y

Does not run Fixup on databases in


subfolders (subdirectories).

For information on transaction logging, see the chapter Transaction


Logging and Recovery.

Running the Fixup task


Using the Task - Start tool
Use this method primarily to run Fixup on all unlogged databases on a
server.
1. From the Domino Administrator, select the server on which to run
Fixup.
2. Click the Server - Status tab.
3. In the task panel on the right, click Task - Start.
4. Select Fixup.
5. Do one of the following:
To specify options to control how Fixup runs, Click Select
advanced options, click Start Task, select options to customize
how Fixup runs, then click OK.
To run Fixup without options, deselect Select advanced options
and then click Start Task.
For information on the options available, see the topic Fixup options
earlier in this chapter.
Using a console command
1. From the Domino Administrator, select the server on which to run
Fixup.
2. Click the Server - Status tab.
3. Click Console.

58-30 Administering the Domino System, Volume 2

4. Enter the following command in one of the following ways: 1) In the


command line at the bottom of the console, and then press ENTER,
or 2) Directly at the console on a server:
Load fixup databasepath options

where databasepath specifies the files on which to run Fixup


and options are Fixup command-line options.
The following table illustrates how you can use databasepath to specify
databases, folders, and subfolders.
Example command

Files on which Fixup runs

Specific databases in the


Domino data folder

Load fixup
SALES.NSF,DEV.NSF

DATA\SALES.NSF
DATA\DEV.NSF

All the databases in a


folder relative to the
Domino data folder

Load fixup SALES

DATA\SALES\all databases

A specific database in a
folder relative to the
Domino data folder

Load fixup
SALES\USER1.NSF

DATA\SALES\USER1.NSF

Load fixup
All the files specified in
an IND file created in the WEEKLY.IND
Domino data folder
where WEEKLY.IND
contains:
SALES.NSF

DATA\SALES.NSF
DATA\DEV.NSF
DATA\SALES\USER1.NSF
DATA\SALES\NEW\all
databases

DEV.NSF
SALES\USER1.NSF
SALES\NEW

Using a Program document


Use a Program document if you want to schedule Fixup to run at a
regular time.
For more information on Program documents, see the appendix Server
Tasks.
1. From the Domino Administrator, click the Configuration tab.
2. Next to Use Directory on select the server with the replica of the
Domino Directory that you want to modify.
3. Select Server - Programs and then click Add Program.

Maintaining Databases 58-31

Monitoring

To fixup

4. On the Basics tab, complete these fields:


Field

Enter

Program name

Fixup

Command line

Command line options. Dont specify load before the


options.

Server to run on Server on which to run Fixup


Comments

Optional comments

For more information on the available command-line options, see the


topic Fixup options earlier in this chapter.
5. On the Schedule tab, complete these fields:
Field

Enter

Enabled/disabled

Enabled

Run at times

Times to run Fixup each day

Repeat interval of

How soon to run Fixup again after it completes

Days of week

The days to run Fixup

6. Click Save and Close.


Using the Fixup tool
Use this method to run Fixup on one or a few databases.
1. From the Domino Administrator, select the server that stores the
databases you want to run Fixup on. If the Domino Administrator
does not run on a server, you can select local to run Fixup on
databases stored on the client.
2. Click the Files tab.
3. Select the databases on which to run Fixup.
4. In the Tools panel at the right, select Database - Fixup.
5. (Optional) Select options to control how Fixup runs.
For information on the options available, see the topic Fixup
options earlier in this chapter.
6. Click OK.

58-32 Administering the Domino System, Volume 2

Moving databases
It may be necessary to move a database from one server to another for
example, to distribute databases evenly among servers. If there are
replicas of the database, the server to which you move the database
should have the appropriate Connection documents to replicate the
database to other servers that store replicas. If youre moving a database
to a server in a cluster, replication between the server and other servers
in the cluster that have replicas of the database occurs without
Connection documents.
Keep in mind that within a cluster, the Cluster Manager distributes
workloads and provides failover to database replicas if one cluster server
becomes disabled. Before moving a database in a cluster, you should
analyze the cluster workload to be sure it will remain balanced after you
move the database. Only the person who administers the cluster should
perform the move.

You can use any of these methods to move a database:

Use the Domino Administrator and the Administration Process to


move the database.

Manually move the database. Use this option when you do not have
access to the Domino Administrator and the Administration Process.

Moving databases using the Administration Process


This feature isnt intended for moving mail files.
For information on moving mail files, see the chapter Setting Up and
Managing Notes Users.
1. Make sure the source and destination servers are running the
Administration Process.
2. Make sure that you have Create Database access in the Server
document of the destination server and at least Manager with Delete
documents access in the ACL of the databases on the source server.
3. Make sure that the source server (or another server that replicates
with the source server and has a replica of the database) has Create
Replica access in the ACL of the destination server.
4. Make sure the destination server has at least Reader access in the
ACL of the replica on the source server.
For information on specifying server access in an ACL, see the chapter
Creating Replicas and Scheduling Replication. For information on
Maintaining Databases 58-33

Monitoring

For more information on clusters, see the book Administering Domino


Clusters.

using a Server document to set Create replica databases access, see


the chapter Controlling Access to Domino Servers.
5. From the Domino Administrator, select the server that stores the
databases you want to move.
6. Click the Files tab.
7. In the files pane, select one or more databases to move.
8. In the Tools pane on the right, select Database - Move. Or drag the
selected database(s) to the Move tool.
9. (Optional) If the current domain includes a cluster, click Show only
cluster members to display only destination servers that are
members of the cluster.
10. Select one or more destination servers. To select a server that doesnt
appear in the list, click Other, specify the hierarchical server name,
then click OK.
11. (Optional) Select a destination server, click File Names to choose a
custom file path on the destination server for any database youre
moving and then click OK. You can repeat this procedure for each
destination server. If you dont choose this option, the database is
stored on the destination server in the same location as on the source
server.
To move a database to a folder below the data folder, type the folder
name, backslash, and then the file name for example,
JOBS\POSTINGS. If the specified folder does not exist, Domino
creates it for you.
12. Click OK. A dialog box shows the number of databases processed
and indicates if any errors occurred. See the status bar for more
information.
13. If the source server is not a cluster server, you must approve the
deletion of each original source database after the Administration
Process completes the Non Cluster Move Replica request, which
creates a replica at the new location. To do this:
a. Make sure you have Editor access to the Administration Requests
database (ADMIN4.NSF).
b. Open the Administration Requests database.
c. Select the Pending Administrator Approval view.
d. Open the Approve Deletion of Moved Replica request for each
source database that you moved, click Edit Document, click
Approve File Deletion, click Yes, and then click Save and Close.
14. Notify users that youve moved the database.

58-34 Administering the Domino System, Volume 2

Moving databases by dragging them to a destination server


Rather than choosing Database - Move, you can drag databases to a
destination server. When you use this method, you must store all
databases in one preexisting folder on the destination server. This
method also uses the Administration Process to automate moving the
database. You cant use this method to move a database to another
Domino domain.
1. From the Domino Administrator, click the Files tab.
2. In the files pane, select one or more databases to move.
3. Drag the selected databases to a destination server in the server pane
on the left.
4. In the dialog box that appears, select Move database, select a
folder on the destination server in which to store the database(s),
then click OK.

Moving a database without using the Administration Process

For information on moving mail files, see the chapter Setting Up and
Managing Notes Users.
1. Make sure that you have Create Replica access in the Server
document of the destination server.
2. Make sure you have Manager with Delete documents access in the
ACL of the original database.
3. Choose File - Replication - New Replica to create a replica of the
database on the destination server.
4. Make a note of the file name and path of the original database. Youll
include this information when you notify users of the move.
5. Choose File - Database - Delete to delete the original database.
6. If the database receives mail, change the Mail-In Database document
in the Domino Directory to reflect the new location.
7. In the ACLs of any replicas of the database, remove the name of the
server that you moved the database from and add the name of the
destination server.
8. Notify users that you have moved the database.

Maintaining Databases 58-35

Monitoring

Use this procedure to move a database to a server in another Domino


domain or to move a database when you dont have access to the
Domino Administrator. Do not use this procedure to move a mail file.

Deleting databases
To keep a server performing efficiently and to free disk space, delete
databases that are no longer active. To delete databases from a cluster
server, you use the Cluster database tool in the Domino Administrator.
To delete databases on non-cluster servers, select the databases and
delete them manually, or use the Delete database tool in the Domino
Administrator to have the Administration Process deletes replicas of the
database.
Within a cluster of servers, you create a number of replicas for each
database to ensure user access to an updated replica even if a particular
cluster server becomes unavailable. You can mark a cluster replica for
deletion while users are working with the replica. Domino then prevents
new users from accessing the marked replica and deletes the database
after all current users exit the database. Before deleting the database,
Domino replicates any changes to other replicas in the cluster.
For more information on clusters, see the book Administering Domino
Clusters.

Deleting a replica in a cluster


1. Make sure you have Manager access in the database ACL.
2. From the Domino Administrator, select the server that stores the
replicas you want to delete.
3. Click the Files tab.
4. Select the folder containing the replicas you want to delete.
5. In the files window, select the replicas you want to delete.
6. In the Tools pane on the right, select Database - Cluster. Or drag the
selected replicas to the Cluster tool.
7. Select Pending delete.
8. Click OK to mark the database for deletion.

Deleting a non-cluster database and its replicas using the


Administration Process
1. Make sure you have Manager access in the database ACL.
2. From the Domino Administrator, select the server that stores the
database you want to delete.
3. Click the Files tab.
4. Select the database to delete.
5. Click Database - Delete

58-36 Administering the Domino System, Volume 2

6. (Optional) Select Also delete replicas of this database on all other


servers if you want the Administration Process to delete other
replicas.
7. Click OK.

Deleting a non-cluster database manually


1. Make sure that you have Manager access in the database ACL.
2. Notify users of the impending deletion and the reason for it.
3. If there are no replicas of the database, make an archive copy of it.
4. Record the file name and path of the original database. This allows
you to replace the deleted database with a new database that notifies
users that the original database has been deleted.
5. Select the database icon.
6. Select File - Database - Delete.
8. Click Yes to confirm the deletion.
9. Delete any Mail-In Database documents associated with the deleted
database.
10. Remove references to the database in database libraries and
bookmarks.
11. Notify users that you have deleted the database.

Archiving an obsolete database

If users occasionally need to access the database, keep the archive


copy on a Domino server. If no access or very little access is required,
copy the database to a file server or optical disk.

In the database ACL of the archive copy, assign Manager access to at


least two users and assign Reader access to all other users.

Indicate in the database title and in the About This Database


document that the database is an archive copy.

Notify users of the location of the archive copy.

Database analysis
You can perform a database analysis to collect information about one or
more databases from a variety of sources the replication history, the
User Activity dialog box, and the log file (LOG.NSF) and view it in a
single results database. You can perform a database analysis only if
you have access to the Domino Administrator.
Maintaining Databases 58-37

Monitoring

7. (Optional) Select Delete all replicas of this database.

Use database analysis to collect the following information about a database:

Replication history, as recorded in the Replication History dialog box

User reads and writes, as recorded in the User Activity dialog box

Document creations, edits, and deletions, as recorded in a database

Design changes, as recorded in a database

Replication additions, updates, and deletions, as reported in the log


file (LOG.NSF)

Mail messages delivered by the mail Router


You can collect this information from multiple replicas of a database.

The results database


When you perform a database analysis, you create a database that holds
the results, which are stored in analysis documents. After you create a
results database, each time you perform a database analysis, you can
choose to overwrite its contents or append new results to its contents.
The results database is created from the Database Analysis (DBA4.NTF)
template.

Analysis documents
Each analysis document in the results database contains fields that
describe a particular event.
Field

Describes

Date

Date of the event

Time

Time of event

Source of Event The analyzed database or its replicas or the log file (LOG.NSF)
Information
Source
Database

Name of a database containing documents that were read


For database replication events, name of database from which
information was pulled

Source

Name of server that stores a database containing documents


that were read or written
For database replication events, name of server that stores the
database from which information was pulled

Destination

Name of a database on which documents were updated


For database replication, name of the database to which
information was replicated

Destination
machine

Name of a server that stores a database that was updated


For database replication, name of a server that stores a
database to which information is replicated

Description

Description of the event

58-38 Administering the Domino System, Volume 2

Events
Analysis documents describe these types of events:
Event

Describes

Required database
analysis option

Activity

Number of user or server reads and


writes generated by the Statlog task

User reads
User writes

+Activity

Number of user reads and writes as


noted in the database and in the log file

Log file activity


User reads or User
writes

Mail Router

Number of documents delivered to the


database

User writes

Data Note

Document creations, edits, and deletions Changes to documents

Design Note Changes to the database ACL and design Changes to design
Replication history

Replication history

+Replicator

Number of replication additions,


Log file activity
updates, and deletions, as reported in the
log file (LOG.NSF)

Running a database analysis


1. From the Domino Administrator, select the server that stores the
databases you want to analyze.
2. Click the Files tab.
3. Select the folder containing the databases you want to analyze.
4. In the files window, select the databases you want to analyze.
5. In the Tools pane on the right, select Database - Analyze. Or drag the
selected database(s) to the Analyze tool.
6. In the Analyze last x days of activity field, enter a number that
represents how many days worth of information to report. You can
specify up to 99; the higher the number, the longer it takes to
generate the results.
7. Select one or more of the remaining options from the following table.

Maintaining Databases 58-39

Monitoring

Replicator

8. Click Results, do one of the following, then click OK.


Specify the server, title, and file name of the database where you
want to store the results. Its recommended that you create the
results database on a local client rather than on a server. If
multiple people generate results databases on a server, they
should each specify a different file name so the results dont
conflict.
If the specified results database already exists, click Overwrite
database to write over the existing contents or click Append to
this database to add the new results to existing ones.
9. Click OK to run the analysis.
10. To see the results, open the database and choose one of the available
views.
11. Open Database Analysis Results documents in the selected view.
Database analysis options
Option

Reports

Changes in: Data documents

Details of document additions, edits, and


deletions

Changes in: Design documents Changes to the database ACL and design
User activity: User reads

Total times users opened documents in the


database
Total times servers read documents

User activity: User writes

Total times users and servers created,


modified, or deleted documents
Total number of mail messages delivered to
the database

Replication: Find replicas on


other servers

Data for other replicas

Replication: Replication history Successful replications of a database as


reported in the database replication history
In logfile: Miscellaneous Events Events relating to this database, as recorded in
view
the Miscellaneous Events view of the log file
In logfile: Database usage view Database activity, as recorded in the Usage By User view of log file

58-40 Administering the Domino System, Volume 2

NOTES.INI file settings used to maintain databases


The following table summarizes the NOTES.INI file settings you can use
to maintain databases.
For more information on these settings, see the appendix, NOTES.INI
File.
NOTES.INI file setting

Description

Default_Index_Lifetime_Days Changes when Updall discards unused view


indexes.
Disables optimized view rebuilding.

Fixup_Tasks

Specifies the number of Fixup tasks to run


concurrently on the server.

No_Force_Activity_Logging

Prevents Statlog from automatically recording


activity in User Activity dialog boxes.

ServerTasksAt[n]

Specifies which server tasks to run at time n.

Update_NO_BRP_Files

When set to 1, the Fixup task creates a BRP file


when it encounters an error in a view index.

Updaters

Specifies the number of Update tasks to run


concurrently on the server.

View_Rebuild_Dir

Changes the temporary folder used for view


rebuilds.

Maintaining Databases 58-41

Monitoring

Disable_View_Rebuild_Opt

Chapter 59
Maintaining Domino Servers
This chapter describes how to manage your existing Domino servers. It
includes information on recertifying a server, deleting a server name and
decommissioning servers as well as other server-related activities.

Managing servers
To manage servers, you can do any of the following tasks:
Change the server administrator

Decommission a server

Decommission a Domain Search server

Delete a server name

Find a server name in the domain with the Domino Administrator or


the Web Administrator

Recertify a server ID

Upgrade a server name to hierarchical

Uninstall a Domino server partition

While managing servers, you may also need to recertify a certifier ID. To
do so, see Recertifying a Certifier or User ID.

Changing the server administrator


If the name of the former administrator is explicitly listed in the access
control list (ACL) for the Domino Directory, delete the name of the
former administrator from the ACL. Add the name of the new
administrator and assign the administrator Manager access.
For more information on modifying ACLs, see the chapter Controlling
User Access to Domino Databases.

59-1

Monitoring

If the name of the former administrator is included in any groups, delete


the former administrators name from the Group document(s), if
appropriate. Add the name of the new administrator.
1. From the Domino Administrator, select the Configuration tab.
2. Click Server, and then select one:
Current Server Document to change the administrator name for
the current server.
All Server Documents and then select the server document you
want to change.
3. Click Edit Server.
4. Click the Administration tab.
5. In the Administrator field, type the administrators name or click the
arrow and complete the following fields as necessary in the Select
Names dialog box:
Field

Action

Choose address Select the address book and choose a name from the list.
Click one of the following:
book
Add to add the name to the Names list.
Details to view address details from the Person
document.
Find names
starting with

(Optional) Enter a user name, last name followed by first


name, to search for a name if you are unsure of the
spelling or the complete name.

Add name not


in list

Enter a user name and then click Add to add the name to
the Names list without selecting it from an address book.

Names

(Optional) Do one:
Select a name and then click Remove to remove the
selected name from the Administrator field.
Dont select any names. Click Remove all to remove all
names from the Administrator field.
Select a name and click to copy a name from the open
address book to the local address book.

6. Click OK, and then click Save & Close in the Server document.
7. Use the Replicate server command at the console to force replication
of the Domino Directory and disseminate the change quickly.
For more information on the Replicate command, see the appendix
Server Commands.

59-2 Administering the Domino System, Volume 2

Decommissioning a server
You use the Decommission Server Analysis tool when you are
consolidating existing servers and/or permanently removing a server from
service. Whether you are combining two servers into one server or
renaming a server, the result is the same the old server name is replaced
with the new server name. The analysis tool can help you avoid a loss of
service for your Domino server and can be used to help build a foundation
for a decommission to do checklist. The role of the Server Analysis Tool
is to compare the responsibility of the source server to that of the target
server and to report differences that could cause a possible loss of service.
When you run the Decommission Server Analysis tool, you create a
Results database containing detailed information comparing the source
server and the target server. The source server is the server being
removed from service, and the target server is the server taking the place
of the source server. The source and the target servers must be Domino
servers that have hierarchical names and that are in the same domain.

Before decommissioning a server


Before decommissioning a server, you may need to perform the
following types of administrative activities:

Check each database for formulas that contain specific server name
references.

Update the documents in the Domino Directory, such as the


Connection and Program documents, to reflect the new server name.

If the old server had cross-certificates, make sure the new server has
the same cross-certificates.

Notify other domains that access the server about the change.

Inform users about the new location for databases, including their
mail database, if necessary.

Make sure the network protocols on the old and new servers match.

Replicate all the databases from the old server to the new server.

Update mail routing tables to ensure that mail gets delivered correctly.
Maintaining Domino Servers 59-3

Monitoring

Inconsistencies between the source and target servers are marked in the
Results database to alert you to the administrative tasks you may need to
do before you can decommission the server. Each comparison that the
Decommission Server Analysis tool makes is somewhat individual.
Relationships between analysis items are not determined by this tool;
therefore, you need to review each report and make your own
comparisons before taking any action. Perform comparisons between
only two servers at a time. You do not need to resolve all differences
before you decommission a server.

To run an analysis report on Decommission Server


1. To use the Decommission Server Analysis Tool, you must have
administrator access to both the source and the target servers.
If you dont have administrator rights, some portions of the report
may not be completed properly.
2. From the Domino Administrator, click the Server - Analysis tab.
3. From the tools pane, select Analyze - Decommission Server.
4. Complete these fields:
Field

Enter

Source server

Name of the server being decommissioned

Target server

Name of the server that will replace the server


being decommissioned

Results database

Name and/or location of the Results database if


you are not using the default file name
DECOMSRV.NSF. Complete these fields:

Server
Title
File Name
Folder

Append to this database (Default) Adds the new report to the end of the
existing information in the Results database
without deleting any existing data
Overwrite this database Adds the new Results database by overwriting
the existing database

5. Click OK.
When the analysis is complete, the Results database opens to the
Reports view. This can take up to several minutes depending on
network traffic and the number of databases on both the source and
target servers.
Note You can create multiple reports in the same database or in
different databases and then use these reports to verify that differences
between the two servers are remedied and cannot be seen by the system
when you run the Decommission Server Analysis tool. You can re-run
the reports as many times as you wish.
Viewing the report in the Results database
The Decommission Server Analysis tool generates a categorized list of
items that were analyzed. Each category represents a different aspect of a
servers configuration that needs attention. Within each category, items
are listed alphabetically. Each item lists any differences between the
59-4 Administering the Domino System, Volume 2

source and the target servers settings or values. In the Results database,
you can view the categorized list of the items that were analyzed.

Icon

Explanation
A difference was found when doing the comparisons and may
require the attention of an administrator.
An error was encountered when performing or trying to perform a
comparison.

No icon

No attention is required because the fields being compared are


either equivalent or the sources values are a complete subset of the
targets values.

Maintaining Domino Servers 59-5

Monitoring

Each item is represented by a document. A documents status is


indicated by an icon to the left of the document as follows:

Click a document to open it and view the actual report that was
generated. A sample report is shown here:

Report Field

Description

Report category

The section or category that the document belongs to.


These categories are: Certificates, Cluster, Connections,
Databases, Domains, Internet, Miscellaneous, Network,
Programs, Security, SMTP, and Router.

Report title

The specific field or item that is being analyzed for


example, Databases Mail Users or Databases No
Matching Replica.

Report date

Date the report is generated.

Server to be
decommissioned
(source server)

Name of the server being retired.

Server to accept
Name of the server that will assume the responsibilities
responsibility (target of the server being decommissioned.
server)
Errors

Errors that occur during the analysis on this item or field.


This field is blank if there are no errors.

Report details

Information that indicates the problem or inconsistency


that exists between the source and target servers.

59-6 Administering the Domino System, Volume 2

Report comparisons
The following types of field comparisons are done between the two
Server documents and the Configuration documents:
Explanation

Boolean

The content of the two fields being compared must be an exact


match. In some cases, if the field on the source server is not
set, no comparison is done with the value for the target server.

Numeric

The two fields are compared and differences are reported.

Text list

Two text lists are compared and a report is generated if the


source is not a complete subset of the target.

Name list

Two names lists are compared by expanding both lists to


single entries, removing duplicates, and generating a report
if the source is not a complete subset of the target. When
expanding names lists, all groups are expanded until only
single entries remain.

Special cases

In some cases, a blank field has a special meaning. In these


cases, the specific interpretation of blank for each field is
taken into consideration when comparisons are performed.

Comparisons are made to the following documents:


Document
comparison

Explanation

Connection
documents

A comparison is performed on any connection in which the


server to be decommissioned is listed as the source server in
the Connection document. The comparison ensures that all
destination servers in those connections are also included in
the target servers Connection documents. A report is
generated if the Tasks differ or if any corresponding
connections do not exist.
All connections listing the server to be decommissioned as
the Destination server are reported.

Program
documents

All Program documents that list the source server as the server
on which to run the program are included in the report. No
comparison between the source and target Program documents
is done because there is no way to ensure that the executables
exist or are the same on the source and target.

Domain
documents

All Foreign domain documents are checked to see if the


Gateway server name lists the source server. If one is found,
a document is generated showing which foreign domain
documents list the source.

Cross-Certificates Any cross-certificate that lists the source server in the Issued
By field is reported.

Maintaining Domino Servers 59-7

Monitoring

Field Comparison

These comparisons are made to databases:


Database comparison

Explanation

Mail-in databases, Rooms, Each document that lists the source server as the
Resources, Certifiers,
Mail server is reported.
Person documents
Replicas

Any database on the source server that does not


have a matching replica on the target server is
reported.
A file name comparison for all databases that do
not have replicas on the target is done. Any
database on the source that has a name conflict
with a different database with the same name on
the target is listed.

These comparisons are made to networks:


Network comparison

Explanation

Enabled ports

A comparison is done for both port name and


protocol. A report is generated for any differences.

Notes named networks

If the source and target servers do not share the


same Notes named networks, a report is
generated.

Deleting a server name


Follow these steps to use the Administration Process to delete references
to a server from the Domino Directory and from database ACLs and
Extended ACLs. The Administration Process automatically deletes
mail-in database documents and cross-certificate documents as necessary
during the Delete Server process.
For more information on the Administration Process, see the chapter
Setting Up the Administration Process.
1. To delete a server name, you must have:
At least Author with Delete documents role and the
ServerModifier privilege, or Editor access to the Domino Directory
2. From the Domino Administrator, click the Configuration tab.
3. Click Server - All Server Documents.
4. Select the server name you are deleting and click Delete Server.

59-8 Administering the Domino System, Volume 2

5. Do one of these:
Click the check box Delete servers from Domino Directory
immediately to immediately remove the server name from the
Domino Directory, and post Administration Requests to remove
the server name from ACLs, Names fields, and other locations.
Leave the check box Delete servers from Domino Directory
immediately not selected, to create Administration Requests to
remove the server name from the Domino Directory, ACLs,
Names fields, and all other locations.
6. Click OK.
For information on removing a server from service and replacing it with
another server, see the topic Decommissioning a server in this chapter.

Recertifying a server ID

1. To recertify a server ID, you must have:


Author with Create documents access and the ServerModifier
role, or Editor access to the Domino Directory
At least Author with Create documents access to the Certification
Log
2. From the Domino Administrator, click the Configuration tab, and
then click Server - All Server Documents.
3. Select the server you are recertifying.
4. Choose Actions - Recertify Selected Servers.
5. Choose one:
Click Supply certifier ID and password if you want to use a
certifier ID and password instead of the new server-based
certification authority (CA). To change to a different certifier ID,
click Certifier ID, select the new ID, enter the password, and then
click OK.
Use the CA Process Click to use the Domino server-based
certification authority (CA) to recertify the server ID. Choose a
CA-configured certifier from the list.
6. Accept the default certificate expiration date (two years from the
current date), or enter a different date.
7. (Optional) Enter a date in the field Only renew certificates that will
expire before if you want to limit which server IDs can be
recertified.
Maintaining Domino Servers 59-9

Monitoring

Follow this procedure to use the original certifier to recertify a server ID


that has a certificate that is about to expire.

8. (Optional) Click the check box Inspect each entry before submitting
request if you want to view the server ID before finalizing the
recertification.
9. Click OK.
10. Select one of the following:
OK to submit the recertification.
Skip if you are recertifying more than one server ID and you
want to continue to the next server ID without submitting a
recertification for the current server ID.
Cancel Remaining Entries to cancel this server recertification
and recertifications for any other server names you selected and
have not yet submitted.
11. Review the processing statistics that appear and then click OK.
Note You can use the @Certificate function to create a custom view of
specific IDs for recertification based on the ID name, issuer of the
certificate, and expiration date. If you create a custom view, be sure to
include the Recertify Servers or an equivalent action in the Actions menu
of the view.
For more information on the @Certificate function, see the Domino
Designer Programming Guide.

Upgrading a server name to hierarchical


Use this procedure to upgrade a flat server name to a hierarchical server
name. After upgrading a server name to a hierarchical name, the server
cannot be renamed.
1. From the Domino Administrator, Server view, select the server you
are upgrading.
2. Choose Actions - Upgrade server to hierarchical.
3. Choose the new certifier ID.
4. Enter the password for the certifier ID and click OK.
5. (Optional) Enter the qualifying organizational unit.
6. Accept or change the certification ID expiration date.
7. Click Upgrade and then click OK.

59-10 Administering the Domino System, Volume 2

Finding a server name in the domain with the Domino Administrator


or the Web Administrator
You can search for a server name in the domain and then view a log that
includes document links and directory links to each occurrence of the
server name.
1. From the Domino Administrator or the Web Administrator, click the
Server - Analysis tab.
2. From the Tools pane, click Analyze - Find Server.
3. Do one of these:
From the Domino Administrator, select a server name from the list
box, and click OK.
From the Web Administrator, enter a server name and click Send.
4. One of these occurs:

On the Web Administrator, the status line displays a message


indicating that an administration request has been generated to
locate the server name. Click Done or enter another server name
and repeat the process.
To view the log of locations
1. To view the log of locations where the server name has been located,
from the same view, click Administration Requests(R6).
2. Click All Requests by Name.
3. Locate the server name you are looking for.
4. Expand the section and locate the Find Name in Domain request.
5. Open the request. View the documents that contain that server name
in the Links to items found within Domino Directory documents
field. View the database ACLs that contain that server name in the
Links to item found in Database ACLs field.
6. Click Cancel to close the Response Log document.
For more information on using the Web Administrator, see the chapter
Setting Up and Using Domino Administration Tools.

Maintaining Domino Servers 59-11

Monitoring

On the Domino Administrator, a message appears indicating that


an administration request will be initiated to search the enterprise
for the server name. Click Yes.

Decommissioning a Domain Search server


If you want the server that creates full-text indexes of the Domino
domain to resume duty as a regular Domino server, remove it from the
appropriate group in the Domino Directory, edit its Server document,
and then delete some files from its directory structure.
To decommission a Domain Search server
1. From the Domino Administrator, click the Files tab.
2. Open the Domino Directory (NAMES.NSF), and then click Groups.
3. Select LocalDomainCatalogServers and click Edit Group.
4. On the Basics tab, in the Members field, remove the indexing server
you want to decommission.
5. Click Save and Close.
6. Expand the Servers section in the view pane, and then click Servers.
7. Select the server that you want to decommission, and click Edit
Server.
8. Click the Server Tasks - Domain Catalog tab.
9. In the Domain Catalog field, select Disabled and click OK.
Disabling the Domain Catalog automatically disables the Domain
Indexer schedule on the next tab.
10. Click Save and Close.
11. Delete the Domain Catalog (CATALOG.NSF) from the server.
12. Delete the FTDOMAIN.DI subdirectory from the servers Domino
data directory.
Note Users Location documents can be automatically updated with the
name of your new indexing server if you include the new server in your
desktop policy settings.
For more information on policy settings documents, see the chapter
Using Policies.

59-12 Administering the Domino System, Volume 2

Uninstalling a Domino partitioned server


You can remove all server partitions from a computer or you can remove
just one server partition.

To remove all Domino partitions on a computer


To remove all server partitions from a computer, complete these steps:
1. Run the Uninstall program that comes with your operating system.
2. Delete the Domino data directories for those partitions.

To remove one Domino partition


1. Save any files you want, and then delete the Domino data directory
for the partition that you want to uninstall.

3. If the partitioned server used port mapping, edit the NOTES.INI file
of the port-mapping partition so that it no longer refers to the
Domino partition you want to remove. If you are uninstalling the
port-mapping partition, set up another Domino partition to do the
port-mapping.
4. If you use Windows NT, edit the NT registry as follows:
a. In the folder HKEY_LOCAL_MACHINE - SOFTWARE - Lotus Domino check each numbered subkey (for example, 1,2,3) that
has a named value DATA whose value is the directory path of
the partition you want to remove. Remove the whole numbered
subkey and all of its values.
b. In the folder HKEY_LOCAL_MACHINE - SOFTWARE - Lotus Domino, remove the corresponding numbered key from the
value of the key named PARTITIONS. Ensure that the list ends in
a comma. For example, if you are removing partition 2 from a
3-partition install, you would change the PARTITIONS value
from 1,2,3 to 1,3.

Maintaining Domino Servers 59-13

Monitoring

2. If the Domino partition used a unique IP address, disable support for


the IP address. Do this only if you added the IP address when you
set up the partition. If the Domino partition used the computer host
name as its Domino server name, do not disable its IP address.

Chapter 60
Improving Server Performance
This chapter describes ways you can improve the performance of your
Domino server.

Improving Domino server performance


You can improve basic server performance and capacity, as well as the
performance of these Domino features:

Agent Manager

Databases and the Domino Directory

Directory catalog
For more information on improving directory catalog performance,
see the chapter Setting Up Directory Assistance.

LDAP searches

Mail

Web server
For more information on improving Web server performance, see the
chapter Setting up the Domino Web Server.

Windows NT server

UNIX server

For more information on performance, visit the Domino Performance


Zone at www.lotus.com/performance.
See the Notes.net column, Performance Perspectives for detailed
information about performance issues.
For more information on improving network performance see the
chapter Setting up the Domino Network. For more information on
database performance properties, see the chapter Improving Database
Performance.

60-1

Performance

For more information on improving LDAP searches, see the chapter


Setting up the LDAP Service.

Tools for measuring server performance


Domino offers performance tools you can use to measure and evaluate
server performance.

Domino Server.Load
Using Domino Server.Load, you run a script (a simulated workload) in
your own environment to obtain server capacity and response metrics.
You can run a built-in script or create a custom script. Domino
Server.Load includes real-time control of the test environment and
variables, such as the number of simulated users. Using Domino
Server.Load, you can evaluate the capacity of your servers and evaluate
the requirements for additional CPU, memory, or disk storage upgrades.
Server.Load can also be used to determine the effect of changes to the
machine, such as upgrading a device drive, an OS service pack, or a
Domino maintenance release.
Domino Server.Load is included as part of the Administrator client. For
details about setting up and working with Server.Load, see the chapter
Using Server.Load.

NotesBench
NotesBench is a collection of benchmarks (workloads) that simulate the
behavior of workstation-to-server or server-to-server operations.
Vendors and other organizations use NotesBench to evaluate the
performance of various Domino and Notes platforms and configurations.
Using NotesBench, hardware vendors and business partners generate
benchmark information, which they can distribute to their customers. In
turn, customers can use the benchmark information to evaluate vendors,
select configurations, and plan resource budgets.
To use NotesBench for testing, you must be a member of the NotesBench
Consortium, which is an independent, nonprofit organization dedicated
to providing Domino and Notes performance information to customers.
The consortium requires that each member run the NotesBench tests in
the same manner and allows tests to be audited.
To view published data and test results, go to the NotesBench Web site at
www.notesbench.org.

60-2 Administering the Domino System, Volume 2

Improving basic server performance and capacity


This section contains suggestions for improving basic server performance
and increasing server capacity.

Improving server capacity and response time


These tips for improving server capacity and response time come from
the analysis of NotesBench reports, which are published by NotesBench
Consortium members. Some of this information may derive from earlier
versions of Domino, and, therefore, may not be completely applicable to
Lotus Domino 6.
Make sure your server memory matches the number of users you want to
support. Most NotesBench vendors use 300K to 400K per active user.
They also set their NSF_BUFFER_POOL_SIZE to the maximum for their
memory configuration. This setting isnt necessary, because the Domino
server initially obtains a third of available memory and grows only if
necessary (depending on the load). You should use published physical
memory configurations as a ceiling for memory configuration decisions.
1. Make I/O subsystem improvements. For example you can:
Move from EISA-based systems (such as, controllers) to PCI-based
systems
Exchange EISA/PCI boards for PCI-only boards (this way, lower
speed EISA devices wont decrease the I/O throughput)

Use multiple I/O controllers to distribute logical volumes (and


use file pointers to databases across separate controllers). Make
sure you have the latest BIOS for your I/O subsystem. This is an
inexpensive way to remove a likely throughput bottleneck.
2. Use faster disk drives.
3. Increase the stripe size. Refer to the NotesBench reports to see what
the vendors use. NotesBench vendors use a stripe size of 8K
(Hewlett-Packard systems) or 16K (IBM NetFinity reports). (The
IBM NetFinity report provides additional information on I/O
settings such as IOQ Depth, Outbound Posting, PCI Line Prefetch,
and Address Bit Permitting.)
4. Use faster CPUs. NotesBench vendors have moved beyond the
Pentium, Sparc, and PowerPC processors, which were in the
100Mhz to 200Mhz range, to higher speed processors. However, they
consistently use P6-based systems over the Pentium II systems for
Improving Server Performance 60-3

Performance

Use stripping to balance the load across all drives in the array. Use
hardware RAID, such as RAID 0+1, to improve performance and
availability.

high-end Domino server loads. The size of your Level 2 cache should
match your expected user loads and the response time you want.
Vendors have moved from 256K to 512K, 1MB to 2MB Level 2 cache
systems, especially on their greater than two-CPU configurations.
5. Improve your network. NotesBench vendors have:
Moved from 10Mbps cards and networks to 100Mbps
configurations
Used multiple LAN segments (one for each partition) to isolate
network traffic, at the high-end user loads
6. Change your network protocol to IP. Vendors initially used NetBIOS
and SPX internally but have unanimously moved to IP for their
performance publishing efforts.
7. You can improve Web server performance by disabling HTTP server
logging. Logging options are stored in the Server document. In the
HTTP server Enable logging to section are two fields, Log files and
DOMLOG.NSF. Disabling both of these fields improves Web server
performance.
8. You can improve general server performance by disabling the
type-ahead mail addressing feature. (Type-ahead allows users to
enter the first few characters of a users name; the server then
completes the rest of the name automatically.) To disable type-ahead
on a server, open the servers Configuration Settings document in the
Domino Directory. On the Basics tab, choose Disabled in the
Type-ahead field. Then save and close the document.

NOTES.INI file settings that affect Domino server performance


Replicators
This setting specifies the number of Replicator tasks that can run
concurrently on the server. The default is 1. Typically, the number of
replicators should equal the number of processors on the server.
However, hub servers can run more replicators.
Server_Availability_Threshold
This setting specifies the acceptable level (a percentage) of system
resources available to a server. By setting this value for each server in a
cluster, you determine how the workload is distributed among cluster
members. The default is 0, which indicates a fully available state
(workload balancing is disabled). A value of 100 indicates the server is
busy; the Cluster Manager then tries to redirect user requests to more
available cluster members.

60-4 Administering the Domino System, Volume 2

Server_MaxUsers
This setting sets the maximum number of users that are allowed to access
a server. When this number is reached, the server state becomes
MaxUsers, and the server stops accepting new Database Open
requests. The default is 0 (unlimited access to server by user). By setting a
maximum number of users allowed on the server, you can prevent server
performance from degrading because of demand overload.
Server_Session_Timeout
This setting specifies the number of minutes of inactivity after which the
server automatically terminates network and mobile connections. The
minimum recommended setting is 15 minutes. If you specify a lower
time, the server must reopen database server sessions too frequently,
which slows server performance. For best performance, the
recommended time is 45 minutes.
For mobile connections, X.PC has its own internal time out. If the X.PC
time-out value is shorter than the Server_Session_Timeout value, the
X.PC time out takes precedence.
ServerTasks
This setting controls the tasks that the server runs. These tasks start
automatically at server startup and continue until the server is shut
down. Improve performance by removing tasks that arent appropriate
to the server. Do not remove the Update task from a server. If you do so,
the Domino Directory will not update.

Note You must upgrade databases to Domino Release 5 or later format


before they can use transaction logging.

Improving partitioned server performance and capacity


You use the same set of tools to monitor partitioned servers as you use to
monitor individual servers. However, remember that a partitioned server
can use a large amount of system resources, denying those resources to
other partitioned servers on the same computer. For example, the
Indexer on one partitioned server may be using a large percentage of the
available CPU cycles, causing the other partitioned servers to have a
slow response time. Therefore, it is important to look at your operating
Improving Server Performance 60-5

Performance

Translog_Status
This setting enables transaction logging for all Release 5 and later
databases on the server. Default is 0 (transaction logging disabled). Set
this to 1 to enable transaction logging. Transaction logging improves the
availability and reliability of the server.

systems performance monitor as well as the Domino statistics to


determine which partitioned server is using the system resources.
For more information about monitoring Domino servers, see the chapters
Monitoring the Domino Server and Using Log Files.
Optimizing performance
If one partitioned server uses significant system resources, consider
moving that server to a different computer. If partitioned servers causes
slow disk access, consider moving the Domino data directories of the
partitioned servers to separate disk drives.
Another way to limit access to a server is to limit the number of users
who can use a partitioned server at one time. To do this, you can use the
Server_MaxUsers setting in the NOTES.INI file. When the server reaches
the number of users you specify, Domino denies additional user requests
for access to the server.
For additional information about these NOTES.INI settings, see the
appendix NOTES.INI File.

Improving Agent Manager performance


The Agent Manager controls when agents run on a server. Every time an
agent runs, it uses server resources. To control when scheduled and
event-triggered agents run, you specify settings in the Server document
and in the NOTES.INI file. Customizing when agents run may conserve
server resources, but it may also delay when agents run.

Controlling how often Agent Manager runs agents


These NOTES.INI settings affect how often the Agent Manager executes
agents. In general, the more frequently agents run, the sooner they
perform their tasks. Running agents more frequently, however, may
increase demand on server resources and adversely affect overall system
performance.
AMgr_DocUpdateAgentMinInterval
This setting specifies the minimum elapsed time, in minutes, between
executions of the same document update-triggered agent. This lets you
control the time interval between executions of a given agent. Default is
30 minutes. A longer interval can result in the agent running less often,
reducing server demand. If document update events are infrequent, you
can reduce the delay.

60-6 Administering the Domino System, Volume 2

Note Setting this and other Agent Manager variables to zero does not
completely eliminate the delay; a built-in delay will always exist.
AMgr_DocUpdateEventDelay
This setting specifies the delay time, in minutes, the Agent Manager
schedules a document update-triggered agent after a document update
event. The default is 5 minutes. The delay time ensures the agent runs no
more often than the specified interval, regardless of how frequently
document update events occur. When the agent executes, it will also
process all additional events (if any) that occurred during the interval.
A longer interval results in the agent running less often, thus reducing
demand for server time. If document update events are infrequent,
however, you can reduce the delay to ensure the agent runs soon after
the event occurs.
AMgr_NewMailAgentMinInterval
This setting specifies the minimum elapsed time, in minutes, between
execution of the same new mail-triggered agent. The default is 0 (no interval
between executions). Similar to AMgr_DocUpdateAgentMinInterval,
entering an interval can result in the agent running less frequently.

DominoAsynchronizeAgents
This setting specifies whether Web agents triggered by browser clients
can run at the same time (asynchronously). The default is zero (only one
agent can run at a time). Set this to 1 to allow multiple agents to run
simultaneously. This can result in faster execution of agents. However, a
high number of agents executing at the same time can slow overall
system performance. Open the Server document you want to change,
and click the Internet Protocols - Domino Web Engine tab. In the Web
Agents section, enable or disable the Run Web agents concurrently?
option. For Web agent time-out (in seconds), the default is 0 (no
time-outs).

Improving Server Performance 60-7

Performance

AMgr_NewMailEventDelay
This setting specifies the time (in minutes) that the Agent Manager delays
before scheduling a new mail-triggered agent after new mail is delivered.
The default is 1 minute. Similar to AMgr_DocUpdateEventDelay, the
delay time ensures the agent runs no more often than the specified
interval. When the agent executes, it will also process all additional events
(if any) that occurred during the interval. A longer interval results in the
agent running less often, thus reducing demand for server time. If
document update events are infrequent, however, you can reduce the
delay to ensure the agent runs soon after the event occurs.

Controlling how quickly the Agent Manager queues agents


The Agent Manager periodically checks to see if it has any new agents
that it needs to schedule. These NOTES.INI settings control how quickly
an agent gets into the schedule queue.
AMgr_SchedulingInterval
This setting specifies a delay (in minutes) between running of the Agent
Managers scheduler. Valid values are 1 minute to 60 minutes. The
default value is 1 minute.
AMgr_UntriggeredMailInterval
This setting specifies a delay (in minutes) between running of the Agent
Managers check for untriggered mail. Valid values are 1 minute to 1440
minutes (the number of minutes in a day). The default value is 60 minutes.

Controlling when the Agent Manager runs agents


When you create or modify an event-triggered agent, the Agent Manager
schedules it to run immediately. This ensures the agent can quickly
process new documents. These NOTES.INI settings let you specify a time
interval between subsequent running of the agent. This can prevent
repeated running of the agent for example, because of a rapid series of
triggering events.
Scheduling an agent to run immediately means that it will execute as
soon as possible. If there are many agents ahead of it, it may not be
executed right away.
These settings control when the Agent Manager runs agents.
For more information, see the topic Controlling how often Agent
Manager runs agents, earlier in this chapter.

AMgr_NewMailEventDelay

AMgr_DocUpdateEventDelay

AMgr_DocUpdateAgentMinInterval

AMgr_NewMailAgentMinInterval

Monitoring the load on the Agent Manager


Domino 4.6 and earlier include the field Max % busy before delay in
the Server document. This field limits the percentage of time the Agent
Manager can use to run agents. When this limit is exceeded, the Agent
Manager delays agent execution. Agent Manager performance has
significantly improved, so this delay is no longer necessary. Domino
Release 5 and later releases do not include this limitation. This field is
still valid for Domino Release 4.6 and earlier releases.
60-8 Administering the Domino System, Volume 2

If your server attempts to schedule agents at a rate faster than the Agent
Manager can run them, the message AMgr: Agent scheduling is
paused appears on the console. The Agent Manager will not schedule
any new agents until the server processes some agents that are already
scheduled. Therefore, the running of new agents may be slightly delayed.

Controlling how many concurrent agents are running


You can relieve a heavily loaded Agent Manager by allowing agents to
run concurrently. To do this, modify the Max concurrent agents field
in the Server Tasks/Agent Manager section of the Server document.
Values greater than 1 allow more than one agent to run at the same time.
Valid values are 1 through 10. Default values are 1 for daytime and 2 for
nighttime.
An Agent Executive runs each concurrent agent. To see a snapshot of the
Agent Manager status, including the number of Agent Executives
currently running, enter the command tell amgr status at the server
console. To see a list of scheduled agents, enter the command tell amgr
schedule at the server console.

Improving database and Domino Directory performance

For more information on database performance properties, see the


chapter Improving Database Performance.
NSF_Buffer_Pool_Size
This NOTES.INI setting sets the size of the NSF buffer pool, a section of
memory used for buffering I/O transfers between the NSF and NIF
subsystems and disk storage. The number of server partitions, users, size
and number of views, and number of databases all affect how you should
set the buffer pool specification. The default value (determined
automatically by the server) is usually sufficient, but if Database Statistics
indicate more memory is needed, increase the value a few megabytes at a
time. You can use a performance monitor to find out if a larger value is
causing too much swapping or paging. (NSF_Buffer_Pool_Size sets the
buffer pool size in bytes; NSF_Buffer_Pool_Size_MB sets the size in
megabytes.)

Improving Server Performance 60-9

Performance

By default, the Domino Directory uses two database performance


properties Document table bitmap optimization and Dont
maintain unread marks to improve performance. The following
NOTES.INI settings can affect database and Domino Directory
performance.

NSF_DbCache_Maxentries
This NOTES.INI setting sets the maximum number of databases stored in
the database cache (if enabled). For short intervals, Domino stores up to
1.5 times the number entered for this setting. Increasing the maximum
number of databases improves performance but requires more memory.
Improving performance for users accessing the Web using the Web
Navigator
There are several ways to improve performance:

Speed up your access to Web pages by speeding up your server


connection to the Internet. Contact your Internet Service Provider to
find out what options you have.

Improve database performance by managing your database with the


Purge and Refresh agents or any other agents you may create for the
database.

Manage the number of users retrieving pages in the Web Navigator


database by setting the maximum number of concurrent retrievals
(the number of Web pages the server retrieves at the same time). The
default maximum number of concurrent retrievals is 25. The number
of concurrent retrievals that your server allows depends on your
specific system environment.

Show DBS command


The Show DBS command is a tool for monitoring the performance of a
database. This command returns the following information:

Refs The number of times the database has been opened (the
DBHANDLE count for the database).

Mod Whether the database has been modified, but not yet flushed
to disk.

FDs The number of file descriptors currently being used for the
database.

LockWaits The number of times a user has had to wait for a lock
on the database (read or write).

AvgWait The average wait time in milliseconds for each wait.

#Waiters The number of waiters currently on the database lock.


(This number changes rapidly.)

MaxWaiters The maximum number of waiters ever on the


database lock.

Note To display LockWaits and AvgWait values, you must temporarily


add the setting COLLECT_DB_LOCK_WAITS=1 to the servers
NOTES.INI file. Because this setting consumes server resources, remove
it after you view Show DBS statistics.
60-10 Administering the Domino System, Volume 2

Tips for tuning mail performance


You can modify settings on the Configuration Settings document, or
change NOTES.INI settings to help improve mail performance.
For more information on monitoring mail performance, see the chapter
Monitoring Mail. For more information on using multiple MAIL.BOX
databases and disabling type-ahead addressing to improve mail
performance, see the chapter Customizing the Domino Mail System.

Controlling message delivery


You set delivery controls in the Configuration Settings document on the
Router/SMTP - Restrictions and Controls - Delivery Controls tab, under
Delivery Controls.
Maximum delivery threads
This setting determines the maximum number of threads the Router can
create to perform local mail delivery. Increasing this value can improve
message throughput for local deliveries. The ideal number ranges from 3 to
25. This is determined by a formula, based upon the NSFBufferPoolSize.
You can increase or decrease the value based on the server configuration.
Monitor Mail.Waiting over a period of time. If there is a backlog over a
period of time, increase the number. Monitor Mail.Delivery.Threads.Total.
If the value is less than Mail.Delivery.Threads.Max, set the value to the
total.

You set transfer limits in the Configuration Settings document on the


Router/SMTP - Restrictions and Controls - Transfer Controls tab, under
Transfer Controls.
Maximum concurrent transfer threads
This setting determines the maximum number of concurrent transfer
threads per destination. The default is the value entered for Maximum
transfer threads divided by 2.
Maximum transfer threads
This setting determines the maximum number of threads the mail Router
can create to perform mail transfers. Without this variable, the default is
one thread per server port. Increasing this number creates more threads
to handle mail transfers. However, additional threads may increase the
demand for server processing time.

Improving Server Performance 60-11

Performance

Setting transfer limits

Setting the number of mailboxes


If there are a small number of users on a server, the default (1) is usually
sufficient. For larger numbers of users, set the number to 2 or higher. To
determine the optimum number, enter SHOW STAT MAIL at the server
console. If MAIL.WaitingRecipients is large or increasing, adding a
mailbox may improve performance if the server resources are not
overloaded.
You set the number of mail.boxes in the Configuration Settings document
on the Router/SMTP - Restrictions and Controls - Basics tab. Under
Router/SMTP Basics, enter a value for Number of mailboxes.
For more information on creating multiple MAIL.BOX databases, see the
chapter Customizing the Domino Mail System.

Setting IMAP session time-out


If the server supports IMAP users and has limited resources, it may free
up server resources and improve performance to set this to a value of 30
minutes or more.
For more information on IMAP settings, see the chapter Setting Up the
IMAP Service.
MinNewMailPoll
This setting determines how often workstations can contact the server to
see if new mail has arrived for the user. This setting overrides the users
selection in the Mail Setup dialog box. You can increase the mail polling
interval if there are a large number of mail users on your server and you
want to prevent frequent polling from affecting server performance.
NoMsgCache
This setting disables per-user message caching by the IMAP task. This
can improve capacity (number of users) on a server by reducing memory
consumption. However, response time for some user operations may be
slower.
POP3_Config_Update_Interval
This setting determines how often (per minute) the Domino server that
runs the POP3 service updates its configuration information. The default
is 2 minutes.

60-12 Administering the Domino System, Volume 2

Improving Windows NT and Windows 2000 server performance


In general, use the default settings for your Windows server. You may
gain some performance improvements by doing the following:

Take care of fragmented disks. Run a defragmenter utility frequently


on your disks, including the OS disk to prevent performance
degradation. Do this weekly on busy disks. You can use the
defragmenter that ships with Windows 2000, or use a defragmenter
that automatically runs on a number of systems at specified intervals.

Use a separate pagefile disk. For best performance on all medium


and large systems (especially for Windows NT), use a separate
pagefile disk.

Optimize performance for applications or background services.


Windows 2000 In the Control Panel, select System - Advanced Performance Options and select Background services.
Windows NT In the Control Panel, select System - Performance,
then set Boost for foreground to None.

RAID sets. When setting up data disk RAID sets, set the stripe size to
be approximately equal to the average logical disk transfer per
second measured in Perfmon for the typical workload for the server.
Set the cache write policy to write back. Set the cache read policy
to read ahead.

Balance the I/O bandwidth for each PCI bus. Distribute the network
adapters and RAID controller across multiple buses if your server
has them. Do not put the RAID controller on a bus that has a network
adapter.

Use LargeSystemCache. Both Windows NT and Windows 2000 have


this disk-I/O cache. The default setting favors file sharing. This uses
more memory than the other settings. If server memory is a
bottleneck, set the cache to favor network applications, or, in extreme
cases, set it to minimize memory. Otherwise, leave the default
setting.

Improving Server Performance 60-13

Performance

Use the NTFS file system (NT File System). The NTFS file system
has significant performance advantages over FAT or FAT32. For
best performance, format the disks with a cluster size of at least
4KB. Use a cluster size that is a little larger than the average file
size on the disk. NTFS supports these sizes: 512, 1024, 2048, 4096,
8192, 16KB, 32KB, and 64KB. For example, to use a 16KB
allocation size for formatting the NTFS volumes, at the command
prompt enter (format <drive>:/fs:ntfs/A:16K).

To change the setting in Windows 2000, go to the Control Panel, click


the Network and Dial up Connections icon, click Local Area
Connection. Right-click on the properties for a network connection,
and click File And Printer Sharing for Microsoft Networks.
To change the setting in Windows NT, go to the Control Panel, click
the Network icon, and then click the Services icon.
Choose one of the following:
Maximize data throughput for file sharing (Windows NT and
Windows 2000)
Maximize data throughput for network applications (Windows
NT and Windows 2000)
Minimize memory used (Windows NT and Windows 2000)
Balance file sharing and network applications (Windows NT
only).

Improving UNIX server performance


NOTES.INI settings
Most NOTES.INI settings that affect Domino server performance apply
to all UNIX platforms.

NSF_Buffer_Pool_Size_MB
Many machines that run UNIX have very large amounts of physical
RAM. Use the parameters NSF_Buffer_Pool_Size_MB or
PercentSysAvailable Resources to control how much memory Domino is
allowed to use. Each Domino instance on a UNIX machine can reference
a maximum of 4GB of RAM.

Disk and memory requirements


When a UNIX system runs Domino server software, the server must
have enough disk space for program and data files and enough memory
to handle swapping and the number of processes. You can also change
several system parameters to improve server performance.
System V Shared Memory
This is used on AIX and HP-UX. Run the ipcs -a command to list all
shared memory segments used by the Domino server. The maximum
segment size is the default value of Notes_SHARED_DPOOLSIZE on
that platform.

60-14 Administering the Domino System, Volume 2

Disk I/O tuning


Maintaining multiple file systems for operating system files, swap space,
transaction logs, and data improves overall server performance. Use
RAID 0+1 hardware for the disk drives that the data files are on. Keeping
swap space on their own separate striped volumes improves server
performance at high loads on systems that have high swap rates.
Transaction logging should be on its own disk drive for improved server
restart time, reliability, and availability.

Console and database logging


To improve server performance, limit the amount of information that is
logged to the log file (LOG.NSF) and the console.
For more information on controlling logging, see the chapter Using Log
Files.

Sources for improving server performance


The following links provide up-to-date information and
recommendations. These links were current at the time this
documentation was created:
Individual articles and the Performance Perspectives monthly
column in the Lotus Developer Domain at www-10.lotus.com/ldd

NotesBench Consortium at www.notesbench.org

Domino Performance Zone at www.lotus.com/performance

IBM Redbooks at www.redbooks.ibm.com

Solaris at www.lotus.com/dominosolaris

Windows NT and Windows 2000 internals at www.sysinternals.com

Hewlett-Packard at www.hp.com

IBM performance pages for the following machines:


iSeries at www-1.ibm.com/servers/eserver/iseries/
xSeries at www.pc.ibm.com/ww/eserver/xseries/domino
zSeries at www-1.ibm.com/servers/eserver/zseries/

Improving Server Performance 60-15

Performance

Chapter 61
Improving Database Performance
To optimize database performance, you can set properties for individual
databases and configure the database cache to improve overall database
access time on a server. To keep database size to a minimum, you can set
database properties that save disk space, compact databases, set database
size quotas, and regularly delete inactive documents in databases.

Setting advanced database properties


Set advanced database properties to:

Optimize database performance

Enable or disable transaction logging

Allow more fields in a database

Allow soft deletions

Setting database properties that optimize database performance

Make sure you fully understand these database properties before


changing their settings.
1. Make sure you have Designer or Manager access in the database ACL.
2. Do one of the following:
Open a database and choose File - Database - Properties.
As you create a new database, click the Advanced button.
3. Select or deselect properties listed in the table below.
4. After you select any of these three properties, compact the database
for the property to take effect:
Dont maintain unread marks
Document table bitmap optimization
Dont support specialized response hierarchy
61-1

Performance

You can set database properties to optimize database performance and to


reduce database size. Set database performance properties by opening
the Database Properties box on an existing database or as you create a
database.

Tip You can use the Compact task with specific options to enable or
disable the above three properties and then compact the database.
Property

Tab

To optimize
performance/
size

Improves
Reduces
database
database
performance? size?

Allow use of stored Basics


forms in this
database

Deselect option

Yes

Yes

Display images
after loading

Basics

Select option

Yes

No

Dont maintain
unread marks

Advanced Select option

Yes

Yes

Document table
bitmap
optimization

Advanced Select option

Yes

No

Dont overwrite
free space

Advanced Select option

Yes

No

Maintain
LastAccessed
property

Advanced Deselect option

Yes

No

Dont support
Advanced Select the option Yes
specialized
response hierarchy
Dont allow
headline
monitoring

Slightly

Advanced Select the option Prevents


No
performance
degradation

Limit entries in
Advanced Select the option Yes
and specify the
$UpdatedBy fields
number of
entries
$UpdatedBy
fields can
contain

Yes

Advanced Select the option Yes


and specify a
limit on the
number of
entries
$Revisions fields
can contain. The
suggested limit
is 10 entries.

Yes

Limit entries in
$Revisions fields

61-2 Administering the Domino System, Volume 2

Database properties that optimize database performance


Properly setting database properties can improve the performance of an
active database. Setting database performance properties on many
databases or on one, large, active database can also improve server
performance. In addition, some of these property settings also help
reduce the size of databases. Many of these properties require knowledge
of application design, and the database designer often sets these
properties when creating a database.
For information on designing applications, see the book Application
Development with Domino Designer.

Display images after documents


To quickly display documents that contain images, select the Basics
database property Display images after loading. Then Notes users can
read the text while the images load. If you dont load images after text,
Notes loads images in the order in which they appear in a document; if
an image appears first, Notes loads it before displaying text. With large
images or slow connections, loading images in order may slow the
display of the document.
This setting applies only when using Notes to view databases; Web
browser settings control the display of images to Web browser users.

Prevent the use of stored forms


To ensure that a document always displays correctly, you can store the
form with the document. However, storing a form with every document
uses system memory and may require as much as 20 times more disk
space than not doing so. To save memory and disk space, you may want
to prevent the use of stored forms, especially if users experience
performance problems when trying to read the documents. To prevent
the use of stored forms, deselect the Basics database property Allow use
of stored forms in this database. Before preventing the use of stored
forms, make sure you understand how this design feature works and
how the database uses it.

Dont maintain unread marks


Maintaining unread marks in a database requires system resources and
can significantly slow database performance. For some databases, unread
marks arent useful for example, reference databases such as the Help
Improving Database Performance 61-3

Performance

Tip Users also can specify Load images: On request in the Advanced
section of a Location document to display images only when users click
them. For more information, see Lotus Notes 6 Help.

databases provided with Domino, administration databases such as the


Domino Directory, or databases such as the log file (LOG.NSF) that are
continually updated. In these types of databases, consider disabling
unread marks. To disable unread marks, select the Advanced database
property Dont maintain unread marks.
Note Designing views that dont display unread marks doesnt improve
database performance because they are still maintained but not
displayed.
If you select or deselect the Dont maintain unread marks property,
you must compact the database so that the setting takes effect.
Compacting in this case makes a temporary copy of the database, so your
system must have the disk space to make the copy.
Tip You can also run the Compact server task with the -u or -U option
to enable or disable this property and then compact.

Associate document tables with forms for view updates


When updating a view, Domino refers to tables of document
information. These tables are stored internally in the database. By
default, during view updates and rebuilds, Domino searches each table
for documents that appear in the view being updated. To update views
more efficiently, select the Advanced database property Document table
bitmap optimization. This property associates tables with the forms
used by the documents the tables contain. Then during a view update,
Domino searches only the tables associated with the forms used by
documents in the view being updated. This significantly improves the
performance of view updates, especially updates of small views within
large databases for example, the Connections view in the Domino
Directory.
This property only works for views that use Form= as part of the
selection criteria. Theres a slight performance cost to maintaining the
table/form association; however, when updating small views in large
databases, the benefits offset the cost.
If you select or deselect the Document table bitmap optimization
property, you must compact the database so that the setting takes effect.
Compacting in this case makes a temporary copy of the database, so your
system must have the disk space to make the copy.
Tip You can also run the Compact server task with the -F or -f option to
enable or disable this property and then compact.

61-4 Administering the Domino System, Volume 2

Prevent overwriting of deleted data


When data is deleted from databases, Domino, by default, overwrites the
deleted data on disk with a pattern. This pattern prevents an
unauthorized user from using a utility to access the data. This
overwriting affects disk I/O and can affect database performance.
Preventing the overwriting of deleted data is appropriate in these
circumstances:

The data is already secure for example, the database is on a server


in a locked room.

Deleted space in the database is constantly reallocated for


example, in a system database such as MAIL.BOX.

Data security isnt an issue for example, in an informal discussion


database.

To prevent the overwriting of deleted data, select the Advanced database


property Dont overwrite free space.

Dont maintain Accessed (In this file) document property


The Document Properties box displays the property Accessed (In this
file) which can show the date a document was last modified or read.
The Advanced database property Maintain LastAccessed property
controls whether the Accessed (In this file) property is updated if the
last document access was a read. Maintaining the Accessed (In this
file) property for reads causes disk I/O that wouldnt otherwise occur.

You should select Maintain LastAccessed property if you use the


document archiving tool, available in the Database Properties box, to
delete documents based on days of inactivity.

Disable specialized response hierarchy information


By default every document stores information that associates it with a
parent document or a response document. Only the @functions
@AllChildren and @AllDescendants, which are often used in view
selection and replication formulas, use this stored information.
Maintaining this information has a significant, negative effect on
database performance.

Improving Database Performance 61-5

Performance

By default, the database property Maintain LastAccessed property is


not selected, meaning the Accessed (In this file) property isnt updated
when the last document access was a read, only when the last access was
a document modification. Change the default behavior by selecting
Maintain LastAccessed property.

To improve database performance, disable the response hierarchy


information in databases that dont use these @functions by selecting the
Advanced database property Dont support specialized response
hierarchy.
Disabling the response hierarchy information has no effect on views and
replication formulas that display information hierarchically without
using @AllChildren and @AllDescendants.
Disabling the response hierarchy information sets
NotesDocument.Responses to 0 documents.
If you select or deselect the Dont support specialized response
hierarchy property, you must compact the database so that the setting
takes effect. Compacting in this case makes a temporary copy of the
database, so your system must have the disk space to make the copy.
Tip You can also run the Compact server task with the -h or -H option
to enable or disable this property and then compact.

Prevent headline monitoring


Users can set up headline monitoring to automatically monitor databases
for information that interests them. Monitoring a database this way
affects performance, especially if many users do this. To prevent users
from monitoring a database, select the Advanced database property
Dont allow headline monitoring. You can also use the Security section
of a Server document in the Domino Directory to control headline
monitoring at the server level.

Allow more fields in a database


You can increase the number of fields in a database by selecting the
advanced database property Allow more fields in database which
allows the database to contain up to 23,000 fields.
For a database without this option selected, all the field names in a
database when concatenated cannot exceed 64 kilobytes, which results in
a database limit of approximately 3000 fields.

Use LZ1 compression for attachments


In Lotus Domino Designer 6, you can choose to compress attachments
using the new LZ1 algorithm instead of the Huffman algorithm. Because
LZ1 compression can be performed quickly and efficiently, it is favored
over the Huffman method. However, if you are working in an
environment that uses different versions of client and server software
(for example, a Lotus Domino Designer 6 client and a Domino 5 server)
and you choose this option, attachments are automatically recompressed
61-6 Administering the Domino System, Volume 2

on the server using the Huffman method. Note that recompressing has
performance implications. For best performance, use LZ1 in primarily
Domino 6 environments.

Limit the size of $UpdatedBy fields


Every document includes an $UpdatedBy field that stores, by default,
the name of the user or server associated with each document editing
session. Storing a complete edit history consumes disk space and slows
view updates and replication. To conserve disk space and improve
database performance, use the Advanced database property Limit
entries in $UpdatedBy fields to specify the number of entries that the
$UpdatedBy field can contain. When the $UpdatedBy field reaches this
limit, the oldest entry is removed to make room for the newest entry.

Limit the size of $Revisions fields


Every document includes a $Revisions field that stores, by default, the
date and time of each document editing session. Domino uses this field
to resolve replication or save conflicts that occur when two users
simultaneously edit the same document on one replica or edit the same
document on different replicas between replications.

Consider limiting the entries in $Revisions fields on a database with all of


the following characteristics:

The database contains many documents.

The database replicates often or has no replicas.

The database contains documents that are not often edited.

A suggested upper limit is 10 entries in the $Revisions field. If you set the
limit lower than 10, you run the risk of increased replication or save
conflicts.

Improving Database Performance 61-7

Performance

By default, the $Revisions field stores a history of up to 500 edit sessions,


each of which requires 8 bytes of disk space. Over time, $Revisions fields
can grow large, taking up disk space and slowing view updates and
replication. To conserve disk space and improve database performance,
use the Advanced database property Limit entries in $Revisions fields
to specify the number of entries that the $Revisions field can contain.
When the $Revisions field reaches this limit, the oldest entry is removed
to make room for the newest entry.

Specify expiration time for soft deletions


When Allow soft deletions is selected, documents marked for deletion
are held in the database for a specified time before they are deleted. On
the Advanced tab of the Database Properties box, you can specify the
number of hours documents are held before they are deleted from the
database.

Soft deletions
In some databases, deleting a document permanently removes it from the
database. In other databases, such as the Notes mail file database,
deleting a document moves it into a Trash folder and stores it in a state of
soft deletion. From this folder, users can restore deleted documents by
dragging them from the Trash folder into another folder or by selecting
Remove from Trash.
Deleted documents are not permanently removed until a specified
expiration time or until the user empties the Trash folder. By default, soft
deletions are enabled for mail databases created from the Domino 6 mail
template (MAIL6.NTF). The default expiration time is 48 hours. You can
turn soft deletions on or off for any database and specify how long to
retain soft deletions before removing them from the database.
To display soft-deleted documents in other types of databases, you must
create a view to list the documents and provide users with an action
programmed to un-delete documents and restore them to the database.
For information on creating views to display soft-deletions, see the book
Application Development with Domino Designer.
Because deleted documents are not removed immediately from a
database that has soft deletions enabled, space in the database is not
reclaimed as quickly as in a database that does not use soft deletions. If
space consideration is an issue, consider disabling soft deletions.
To enable or disable soft deletions for a database
1. From the Files tab of the Domino Administrator, select the database
and choose Edit - Properties.
2. On the Advanced tab of the Database properties box, check Allow
soft deletions.
3. Set a value for Soft delete expire time in hours. The default is 48
hours. After that amount of time, soft deletions are permanently
removed from the database.

61-8 Administering the Domino System, Volume 2

The database cache


To minimize delays that occur when users, servers, or API programs
open and close databases on a server, each server maintains a database
cache. When a database closes and there are no users or processes using
the database, Domino puts the database in the cache so it can close it
quickly. The database remains in the cache until its opened again or for
about 15 to 20 minutes, whichever comes first. Databases in the cache can
be opened quickly.
The database cache is available to the first process that starts on a
machine and to any processes spawned from it. If you run the Domino
Administrator and the Domino server on the same machine a
configuration that is not recommended start the server before you
start the Domino Administrator. If you start the Domino Administrator
first, it owns the cache and prevents the Domino server from using it
effectively.

Database cache size


By default, the number of databases that the cache can store
simultaneously is the greater of these values:

The value of the NSF_Buffer_Pool_Size setting in the NOTES.INI file,


divided by 300K

25

The actual number of databases allowed in the cache is 1.5 times the
maximum allowed. This buffer increases the chance that when a user
opens a database from the cache, Domino can return the database to the
cache when the user closes it.

How databases are dropped from the cache


Databases are dropped from the cache by an ager thread that performs
necessary writes, deallocates memory, and completes other tasks to close
databases. This process happens over a period of 15 to 20 minutes.
Ideally, databases are dropped from the cache in time to allow new
databases to be added without exceeding the maximum databases

Improving Database Performance 61-9

Performance

To change this limit, add the NSF_DbCache_Maxentries setting to the


NOTES.INI file or increase physical memory. Increasing the database
cache size improves system performance but requires additional
memory. The minimum number of databases allowed in the cache at one
time is 25; the maximum is 10,000.

allowed in the cache. However, if the maximum is exceeded, one of the


following occurs:

If the number of databases in the cache is less than the maximum


allowed times 1.5, when a database is closed it is added to the cache,
and the ager accelerates to reduce the number of databases to the
maximum allowed. This action may increase stress on the server I/O
subsystem and increase competition for cache resources.

If the current number of databases in the cache is greater than or


equal to the maximum allowed times 1.5, when a database is closed,
Domino doesnt put the database in the cache. Instead it uses the
slower, non-cache method to close the database. And when a user or
process next opens the database, Domino reads the database from
disk rather than from the cache, causing the database to open more
slowly than if it were in the cache.

Monitoring the database cache


Monitor the effectiveness of the database cache by occasionally checking
cache statistics. You can view the following statistics by viewing Mail &
Database Statistic Reports or by using the server command:
Show Stat Database.DbCache.*

For information on statistics reporting, see the chapter Monitoring the


Domino Server. For more information on server commands, see the
appendix Server Commands.
Statistic

Description

Database.DbCache. Number of databases currently in the cache. If this number


CurrentEntries
frequently approaches the value of
Database.DbCache.MaxEntries, increase the number of
databases the cache can hold.
Database.DbCache. Maximum number of databases in the cache during this
HighWaterMark
running of the server program. This number may be
artificially high because of startup activity, so it may not
be a genuine indicator of cache performance.
Database.DbCache. The number of times an InitialDbOpen is satisfied by
finding the database in the cache. A high hits-to-opens
Hits
ratio indicates that the database cache is working
effectively. If the ratio is low, increase the number of
databases the cache can hold.
continued

61-10 Administering the Domino System, Volume 2

Statistic

Description

Database.DbCache. The number of times a user/server opened a database that


was not already being used by another user/server. For
InitialDbOpens
example, if a user opens a mail file while it is being used
by the Replicator, this number does not increase. Compare
this number to Database.DbCache.Hits to gauge the
effectiveness of the cache.
Database.DbCache. The number of lookups to the database cache. A high
Lookups
Database.DbCache.Hit to Database.DbCache.Lookups
ratio means the database cache is effective. If the ratio is
low, increase the number of databases the cache can hold.
Database.DbCache. The number of databases the server can currently hold in
MaxEntries
its cache at once. To change this value, use the NOTES.INI
file setting, NSF_DbCache_Maxentries, or increase
physical memory.
Database.DbCache. Number of times a database is not placed into the cache
OvercrowdingReje when it is closed because
ctions
Database.DbCache.CurrentEntries equals or exceeds
Database.DbCache.MaxEntries times 1.5. This number
should stay low. If it begins to rise, increase the number of
databases the cache can hold.

Managing the database cache

NSF_DbCache_Maxentries=value

Where value is the maximum number of databases allowed in the


database cache at one time.
The alternative to using NSF_DbCache_Maxentries is to increase physical
memory.
To show databases in the cache
Enter this command at the server console to display the names of the
databases currently in the cache:
dbcache show

Improving Database Performance 61-11

Performance

To change the number of databases the cache holds


If after monitoring the database cache you determine that you should
increase the number of databases the cache can hold, use the NOTES.INI
file setting, NSF_DbCache_Maxentries, as follows:

To close databases in the cache


Enter this command at the server console to close all databases in the
cache:
dbcache flush

To disable the cache


By default, the database cache is enabled on a server. To disable the
cache, add the following NOTES.INI file setting:
NSF_DbCache_Disable=1

Controlling database size


Databases whose size is monitored and minimized show increased
performance: database operations require less I/O and fewer CPU
resources; view rebuilding and updating is quicker; and memory and
disk space allocation is improved. The maximum database size is 64GB
on Windows and UNIX. Use the following methods to minimize and
monitor the size of databases:

Compact databases

Set database size quotas to prevent databases from growing beyond


a specified size

Delete inactive documents using the document archiving tool or


using agents

Set database performance properties that also reduce database size

Use replication settings to limit the size of a replica by replicating to


it only whats necessary

Decrease the database purge interval to remove deletion stubs more


often

Disable the default user activity recording in databases

Disable soft deletions in databases

For information on replication settings and the database purge interval,


see the chapter Creating Replicas and Scheduling Replication. For
information on user activity recording, see the chapter Maintaining
Databases.

61-12 Administering the Domino System, Volume 2

Tools for monitoring database size


This table summarizes the methods you can use to monitor database size
and the information each method provides.
Monitoring method

Database
size

View size

Quotas

Percent of
used space**

Domino Administrator
Files tab

Yes

No

Yes

No

Database - Sizes view of the


log file (LOG.NSF) or logs in
the view

Yes

Yes

No

Yes

Logs in Miscellaneous Events No


view of the log file (LOG.NSF)

No

Messages No
relating to

File statistic reports in the


Statistics database

No

No

Yes

Yes

** Not always a reliable indicator of used space.

Monitoring database size


Use the following method to monitor database size and used space in a
database.
1. Open the database and choose File - Database - Properties.
3. Click % Used to display the percentage of database space in use.

Compacting databases
When documents and attachments are deleted from a database, Domino
tries to reuse the unused space, rather than immediately reduce the file
size. Sometimes Domino wont be able to reuse the space or, because of
fragmentation, cant reuse the space effectively until you compact the
database.

Improving Database Performance 61-13

Performance

2. Click the Info tab (i) to see the size of the database.

Styles of compacting
There are three styles of compacting:

In-place compacting with space recovery

In-place compacting with space recovery and reduction in file size

Copy-style compacting

In-place compacting with space recovery only


This style of compacting recovers unused space in a database but doesnt
reduce the size of the database on disk. Databases retain the same
database instance IDs (DBIIDs), so the relationship between the
compacted databases and the transaction log remains intact. Users and
servers can continue to access and edit databases during compacting.
This style of compacting is useful for databases that you expect to stay
the same size or to grow in size.
When you run Compact without specifying options, Domino uses this
style of compacting on all databases enabled for transaction logging.
Domino also uses this style of compacting when you use the -b option
(case sensitive) when compacting any database.
Tip Use this compacting method the most frequently it is the fastest
method and causes the least system impact.
In-place compacting with space recovery and reduction in file size
This style of compacting reduces the file size of databases as well as
recovers unused space in databases. This style of compacting is
somewhat slower than in-place compacting with space recovery only.
This style of compacting assigns new DBIIDs to databases, so if you use it
on logged databases and you use a certified backup utility, perform full
backups of the databases shortly after compacting is complete. This style
of compacting allows users and servers to continue to access and edit
databases during compacting.
When you run Compact without specifying options, Domino uses this
style of compacting on databases that arent enabled for transaction
logging. Domino also uses this style of compacting when you use the -B
option. To optimize disk space, its recommended that you run Compact
using the -B option on all databases once a week or once a month.
Copy-style compacting
Copy-style compacting creates copies of databases and then deletes the
original databases after compacting completes, so extra disk space is
required to make the database copies. This style of compacting
essentially creates a new database with a new database ID. If you use
copy-style compacting on logged databases (using the -c option),
61-14 Administering the Domino System, Volume 2

compacting assigns new DBIIDs, so if you use a certified backup utility,


you should perform full backups of databases shortly after compacting
completes. When you use copy-style compacting, users and servers cant
edit databases during compacting, and they can only read databases if
the -L option is used.
Domino uses copy-style compacting by default when you use an option
with Compact to enable a database property that requires a structural
change to a database or when you run Compact on a database that has a
structural change pending that was initiated from the Database
Properties box. Enabling or disabling the database properties Document
table bitmap optimization and Dont support specialized response
hierarchy require structural database changes.
The following table compares the three styles of compacting.
Characteristics

In place, space
recovery

In place, space
Copy-style
recovery with file
size reduction
Unlogged
databases with
no pending
structural
changes

Databases with
pending
structural
changes

Databases you can use it


on

Current release

Current release Current release


(need -c)

Relative speed

Fastest

Medium

Slowest

Users can read databases


during compacting

Yes

Yes

No (unless -L
option used)

Users can edit databases


during compacting

Yes

Yes

No

Reduction in file size

No

Yes

Yes

Extra disk space required

No

No

Yes

Renaming a copy-style compacted database


Domino attempts only once to rename a database that was copy-style
compacted. You can request successive attempts by specifying the value
of the Num_Compact_Rename_Retries setting in the NOTES.INI file.
Domino tries to rename until it succeeds or the number of retries is
exhausted. For example, to request that Domino try once again to
rename, specify Num_Compact_Rename_Retries=1; to request that
Domino try 5 more times to rename, specify
Num_Compact_Rename_Retries=5.

Improving Database Performance 61-15

Performance

Databases that use it when Logged


compact runs without
databases with
options
no pending
structural
changes

If you have specified a value for the Num_Compact_Rename_Retries


setting, Domino waits 30 seconds before trying to rename a database that
was copy-style compacted. You can request a different amount of time to
wait by specifying the value of the Compact_Retry_Rename_Wait setting
in the NOTES.INI file. For example, to request that Domino wait 2
minutes before trying to rename a database that was copy-style
compacted, specify Compact_Retry_Rename_Wait=120.
Domino enforces the following upper limit when trying to rename a
copy-style compacted database:
Num_Compact_Rename_Retries
60 minutes

x Compact_Retry_Rename_Wait <=

When to compact databases


Its recommended that you compact databases weekly or monthly using
the -B option to recover disk space. If you use a certified backup utility,
remember to run it after compacting is complete.
Also compact databases to:

Enable or disable specific database properties for example,


transaction logging

Run the document archiving tool on server databases that are


configured for document deletion and archiving

Fix corrupted databases

For information on transaction logging, see the chapter Transaction


Logging and Recovery. For information on the document archiving tool,
see the topic Running the document archiving tool later in this chapter.
Note The Database - Sizes view of the log file (LOG.NSF), the File
Statistic reports generated by the Statistics Collector server task, and the
Info tab (i tab) of the Database Properties box, all report the percentage of
used space in a database. These are often not accurate indicators of used
space; therefore, you shouldnt use them.

Ways to compact databases


Use any of these methods to run Compact. Each of these methods allows
you to customize how Compact runs.

Run Compact using the Compact tool in the Files tab of the Domino
Administrator Use this method to compact a few databases; you
can select the databases to compact, but you cant use the Domino
Administrator until compacting finishes.

61-16 Administering the Domino System, Volume 2

Run Compact using the Task - Start tool in the Domino


Administrator Use this method to compact all databases on a
server; you can continue to use the Domino Administrator during
compacting and you dont have to remember specific command-line
options.

Run Compact using a console command Use this method if youre


comfortable using command-line options or to compact databases
directly at the server when there isnt a Domino Administrator client
running on the server.

Run Compact using a Program document Use this method to


schedule compact to run at particular times.

Run Compact on a Win32 platform Use this method if you are


unable to run Compact at the server console. This method requires
that you use the n prefix. For example: ncompact - C.

Determining the file format of a database


Follow these steps to check the ODS (on-disk structure) and determine
the file formats of databases before compacting them.
1. From the Domino Administrator, in the Server pane on the left, select
the server on which to run Compact. Click the servers icon to expand
the Server pane.
2. Click the Files tab.
3. Select the folder containing the files you want to check.

Compact options
The following tables describe the options you can use with the Compact
server task. The first column lists the options as they appear when you
run Compact using the Task - Start tool or the Files tab in the Domino
Administrator. The second column lists the equivalent command-line
options that you use when you run Compact using a console command
or using a Program document.

Improving Database Performance 61-17

Performance

4. Look at the File Format column in the files window.

Compact - Basics
Option

Command-line Description
equivalent

Compact only
this database
or folder
(To specify
databases to
compact using
the Files tab,
select the
databases in
the files pane.)

database path
Specify any
additional
options after
the database
path.

To compact a database in the Domino data


folder, enter the file name, for example
SALES.NSF. To compact databases in a folder
within the data folder, specify the database
path relative to the data folder. For example, to
compact all databases in the folder
DATA\SALES, specify SALES.
If you choose Compact all databases (or dont
specify a database path at the command line)
Compact compacts all databases in the data
folder and in folders within the data folder.

For more information on database path, see the topic Running Compact
using a console command later in this chapter.
Compact - Options
Option

Command-line Description
equivalent

Compact
-S percent
database only
if unused space
is greater than
x percent

Compacts all databases with a specified percent


of unused space. For example, if you specify 10,
databases with 10% or more recorded unused
space are compacted. Note that the unused
space calculation is not always a reliable
measure of unused space.

Discard any
built view
indexes

-D

Discards built view indexes. Use this option to


compact databases just before you store them
on tape, for example. Does copy-style
compacting.

Keep or revert
database to
previous
format

-R

Compacts databases without converting to the


current release file format of the server that
stores the databases or reverts databases in the
current release file format to the previous
release file format. For example, on Domino 6
servers, this option compacts Domino 5
databases without converting them to the
Domino 6 file format and converts Domino 6
databases to the Domino 5 file format. This
option uses copy-style compacting.

61-18 Administering the Domino System, Volume 2

Compact - Style
Option

Command-line
equivalent

Description
Uses in-place compacting and recovers
unused space without reducing the file size,
unless theres a pending structural change to
a database, in which case copy-style
compacting occurs. This is the recommended
method of compacting.

In-place with
file size
reduction

-B

Uses in-place compacting, recovers unused


space and reduces file size, unless theres a
pending structural change in which case
copy-style compacting occurs. If you use
transaction logging, do full database backups
after compacting completes.

Copy-style

-c

Uses copy-style compacting. Use this option,


for example, to solve database corruption
problems.

Copy-style:
Allow access
while
compacting

-L

Enables users to continue to access databases


during compacting. If a user edits a database
during compacting, compacting is canceled.
This is useful only when copy-style
compacting is done.

Copy-style:
Ignore errors
and proceed

-i

Enables compacting to continue even if it


encounters errors such as document
corruption. Only used for copy-style
compacting.

Compact - Advanced
The advanced compact options are not available through the Compact
tool in the Files tab of the Domino Administrator.
Option*

Command-line
equivalent

Description

Document table -f
bitmap
optimization: Off

Disables Document table bitmap


optimization database property. Does
copy-style compacting.

Document table -F
bitmap
optimization: On

Enables Document table bitmap


optimization database property. Does
copy-style compacting.

Dont support
specialized
response
hierarchy: Off

Disables Dont support specialized response


hierarchy database property; in other
words, support specialized response
hierarchy. Does copy-style compacting.

-h

continued
Improving Database Performance 61-19

Performance

In-place
-b
(recommended)

Option*

Command-line
equivalent

Description

Dont support
specialized
response
hierarchy: On

-H

Enables Dont support specialized response


hierarchy database property; in other
words, do not support specialized response
hierarchy. Does copy-style compacting.

Enable
transaction
logging: Off

-t

Disables transaction logging.

Enable
transaction
logging: On

-T

Enables transaction logging.

Dont maintain
unread marks:
Off

-u

Disables Dont maintain unread marks


database property; in other words, maintain
unread marks.

Dont maintain
unread marks:
On

-U

Enables Dont maintain unread marks


database property; in other words, do not
maintain unread marks.

* Select Set advanced properties before you enable or disable any of these
properties.

Compact - Archive
When you use the document archiving tool to archive and delete
documents in a database, you can use the following Compact options to
archive documents if the database is located on a server and youve
chosen the advanced archiving option Automatically on server.
Option*

Command-line
equivalent

Description

Archive only

-A

Archives and deletes documents from a


database without compacting the database.

Archive and then -a


compact

Archives and deletes documents from a


database and then compacts the database.

Delete and then


archive

Deletes documents from a database and


then compacts the database.

-j

*The Compact tool in the Files tab of the Domino Administrator provides only
the option Archive database; this option archives and then compacts.

61-20 Administering the Domino System, Volume 2

Running Compact using the Files tab


Use the Compact tool in the Files tab of the Domino Administrator to run
Compact on specific databases. The databases can be stored on a server
or stored locally on a Domino Administrator client.
1. From the Domino Administrator, select the server in the Server pane
that stores the databases you want to run Compact on. If the Domino
Administrator does not run on a server, you can select local to run
Compact on databases stored on the client. To expand the Server
pane, click the servers icon.
2. Click the Files tab.
3. Select the databases on which to run Compact.
4. In the Tools pane at the right, select Database - Compact. Or drag the
selected database(s) to the Compact tool.
5. (Optional) Select options to control how Compact runs.
For information on the options available, see the topic Compact
options earlier in this chapter.
6. Click OK.

Running Compact using the Task - Start tool


Use this method to compact many databases on a server. You can
continue using the Domino Administrator during compacting.

2. Click the Server - Status tab.


3. In the Task pane on the right, click Task - Start.
4. Select Compactor.
5. Do one of the following:
To run Compact with options (to control how Compact runs), click
Show advanced options, click Start Task, select options, and
then click OK.
To run Compact without options, click Start Task.
For information on the options available, see the topic Compact
options earlier in this chapter.

Improving Database Performance 61-21

Performance

1. From the Domino Administrator, on the Server pane on the left,


select the server on which to run Compact. To expand the pane, click
the servers icon.

Running Compact using a console command


1. From the Domino Administrator, on the Server pane on the left,
select the server on which to run Compact. To expand the pane, click
the servers icon.
2. Click the Server - Status tab.
3. Click Console.
4. Enter the following command in one of the following ways: 1) in the
command line at the bottom of the console, and then press ENTER or
2) directly at the console on a server:
Load compact databasepath options

where databasepath specifies the files to compact


and options are Compact command-line options.
The following table illustrates how you can use databasepath to specify
databases, folders, and subfolders.
To compact

Example command

Files compacted

Specific databases in
the Domino data
folder

Load compact
SALES.NSF,DEV.NSF

DATA\SALES.NSF
DATA\DEV.NSF

All the databases in a Load compact SALES


folder relative to the
Domino data folder

DATA\SALES\all
databases

A specific database in Load compact


SALES\USER1.NSF
a folder relative to
the Domino data
folder

DATA\SALES\USER1.NSF

All the files specified


in a .IND file created
in the Domino data
folder

Load compact
WEEKLY.IND
where WEEKLY.IND
contains:
SALES.NSF
DEV.NSF
SALES\USER1.NSF
SALES\NEW

61-22 Administering the Domino System, Volume 2

DATA\SALES.NSF
DATA\DEV.NSF
DATA\SALES\USER1.NSF
DATA\SALES\NEW\all
databases

Running Compact using a Program document


Use a Program document to schedule Compact to run at a regular time.
For example, schedule Compact to run with the -B option once a week.
Remember to perform full backups of the databases after compacting is
complete.
For more information on Program documents, see the appendix Server
Tasks.
1. From the Domino Administrator, click the Configuration tab.
2. Next to Use Directory on, select the server with the replica of the
Domino Directory you want to modify.
3. Expand Server - Programs and then click Add Program.
4. On the Basics tab, complete these fields:
Field

Enter

Program name

Compact

Command line

Command line options. Dont specify load


before the options.

Server to run on

Server on which to run Compact

Comment

Optional comments

5. On the Schedule tab, complete these fields:


Enter

Enabled/disabled

Enabled

Run at times

Times to run Compact each day

Repeat interval of

How soon to run Compact again after it


completes

Days of week

The days to run Compact

6. Click Save and Close.


For more information on the available command-line options, see the
topic Compact options earlier in this chapter.

Database size quotas


Set a database size quota to specify the maximum size a database can
attain. When a database exceeds its quota, the following message appears
in the Miscellaneous Events view of the log file (LOG.NSF); a user
attempting to open the database sees it as well: Cannot allocate
database object - database would exceed its disk quota. Although a
database may have reached its quota, a user may be able to add
Improving Database Performance 61-23

Performance

Field

documents to it if the database contains unused space that is, space


that remains from deleted data.
In conjunction with setting a quota, you can specify that when a database
reaches a certain size threshold, this warning message appears in the
Miscellaneous Events view of the log file: Warning, database has
exceeded its size warning threshold. For example, if the quota is 50MB,
you might specify that the warning appear when the database size
reaches 45MB so you can take steps to reduce the size of the database or
move it to a server that has more disk space available.
Note You can set quotas on user mail files, but, by default, when a mail
file exceeds its quota, the Router continues to deliver mail to it, and users
can update existing mail views. This ensures that users can continue to
receive and read all mail sent to them. The quota is enforced only for
other means of increasing the size of the mail file for example, when a
mail file reaches its quota, users cant manually add documents or views
to it. However, you can customize routing to strictly enforce quotas on
mail files.
For more information on customizing mail, see the chapter Customizing
the Domino Mail System.

Database size limits


Databases can attain a maximum size of 64GB on Windows and UNIX.

Setting database size quotas


1. From the Domino Administrator, on the Server pane on the left,
select the server that stores the databases you want to set quotas for.
To expand the pane, click the servers icon.
2. Click the Files tab.
3. Select the databases you want to set quotas for.
4. In the tools panel on the right, select Database - Quotas. Or drag the
selected databases to the Quotas tool.
5. Below Database size quotas, click Set database quota to x MB
and specify a maximum size in megabytes the selected databases can
attain.
6. Below Quota warning thresholds, click Set warning threshold to x
MB and specify a size in megabytes at which a message appears in
the log file (LOG.NSF).
7. Click OK. When processing is complete, a dialog box indicates how
many databases were affected and if any errors occurred. See the
status bar for details.
61-24 Administering the Domino System, Volume 2

Deleting inactive documents


Regularly delete inactive documents from databases to save disk space,
to make it easier for users to find information, and to improve database
performance. This table compares the deletion methods available.
Deletion method

Leaves
Multiple Archive
deletion capability? deletion
stubs*?
criteria?

Create an archive settings document

Yes

Yes

Yes

Document archiving tool in the Database


Properties box

Yes

Yes

Yes

Remove documents not modified in the last x


days replication setting

No

No

No

Agents

Yes

Yes

Yes

* Deletion stubs are markers that remain from deleted documents so that the
documents are deleted in other replicas of the database.
In addition to these methods, you can also create an API program that
deletes documents.
For information on the Remove documents not modified in the last x
days setting, see the chapter Creating Replicas and Scheduling
Replication.

If you have disk space available and you want users to be able to access
deleted documents, archive the documents before deleting them. When
doing so, follow these guidelines:
1. Determine an archive frequency based on the type of database. For
example, you might archive an infrequently accessed database, such
as a company policy database, every three months. Archive a heavily
used tracking database, such as a customer call-tracking database,
once a month or once a week.
2. Notify users that you plan to archive the database.
3. In the About This Database document of the active database, post the
archiving schedule and the location of the archive database.
4. Archive the database when it is not in use and server traffic is low
for example, on Sunday night.
5. After archiving is complete and youve deleted documents from the
active database, compact the active database.

Improving Database Performance 61-25

Performance

To archive deleted documents

6. If the database has replicas, replicate the active database when


database use is light so that you minimize user interruptions.
7. Limit access to the archive database. Assign Manager access in the
database ACL to one or two users and replicating servers. Assign
Reader access in the database ACL to everyone else. By doing this,
you ensure that view indexes and full-text search indexes update
only when archiving occurs.

To customize an archive database for fast access


Using an archive database ensures that users can continue to access the
archived data. Use any of these methods to make accessing the archive
database fast and easy.
Note Dont customize an archive database used by the document
archiving tool.
Remove unnecessary fields
Removing unnecessary fields makes the documents smaller and the
views smaller and faster. For example, although the active database
might include fields for the customer name, phone number, address, and
fax number, the archive database might require only the customer name.
Use only a few views and create a full-text index
Using only a few views improves view performance by keeping the total
size of the view indexes to a minimum. Providing a full-text index allows
users to retrieve information easily.
Create buttons or agents in the active database
Buttons and agents allow users to quickly open the archive database
when necessary.

To use an archive copy for statistical analysis


To analyze statistics within a database, create a view that generates
statistics in an archive copy of the database. For example, in an archive
copy of a Call Tracking database, create a view that generates totals for
specific categories of call records and for all call records. Because archive
databases usually contain data that span a long period of time, they are
ideal for performing statistical analysis.

61-26 Administering the Domino System, Volume 2

Running the document archiving tool


If you selected the option Automatically on server, run the Compact
task on the server that stores the source database.

Use the -A option to archive documents without compacting the


source database.

Use the -a option to archive documents and then compact the source
database.

Viewing a document Archiving Log


If you set up the document archiving tool to log archiving information to
an Archiving Log database, an entry is created in the Archiving Log
database when either the client or server finishes archiving. To view this
entry:
1. Open the entry in the Archiving Log database.
2. Click Archive statistics to display the date of the archive, the
number of documents archived to the Archive database, and the
number of archived documents deleted from the original database.
3. Click Database/Server to display the location, title, and path for
the original database and for the Archive database.

Using an agent to delete and archive documents


Agents give you a very high degree of control over document deletion
criteria. However, agents can be slow to run.
The following procedure describes creating an agent using simple
actions. You can also create agents using Notes formulas, LotusScript, or
Java.
When you run the agent, if Domino cannot copy all specified documents
to an archive database for example, if there is not enough disk space
on the target folder the agent stops.
For more information on agents, see the chapter Agents. For more
information on Notes formulas, LotusScript, and Java see Domino
Designer Programming Guide, Volumes 1 through 4.

Improving Database Performance 61-27

Performance

4. Click Links to archived docs to use document links to access


documents in the Archive database that have been removed from the
original database. This doesnt apply if you selected the advanced
archiving option Delete matching documents without archiving
them.

To use an agent to delete and archive documents


1. (Optional) To archive deleted documents, choose File - Database New Copy to create a copy of the database as the archive copy. Copy
only the database design.
2. Open the database and choose Create - Design - Agent.
3. Type a name for the agent.
4. Below When should this agent run, click the arrow and select an
option.
5. Below Which documents should it act on? click the arrow and
select an option. Click Add Search, specify the search criteria, then
click OK.
6. (Optional) To archive deleted documents, on the bottom pane next to
Run, select Simple action(s) then click Add Action. Then select
Copy to Database and select the archive copy of the database
created in Step 1. Click OK and go to Step 8.
7. In the bottom pane next to Run, select Simple action(s) then click
Add Action. Then select Delete from Database.
8. Close and save the agent. Then choose View - Agents, select the
agent and choose Actions - Test to simulate a run and test that it
works correctly.
9. Save and close the agent if necessary.

Examples of using an agent to delete and archive documents


An agent that archives documents according to date modified
These selections create an agent that copies all documents modified more
than 60 days ago from the active database to an archive database with
the file name ARCHIVE.NSF. The agent deletes the archived documents
from the active database after all the documents have been copied.
When should this agent run?

On Schedule Monthly

Which document(s) should it All documents in the database


act on?
Add Action: @Function formula
Search for documents created more than 60 days
ago
What should this agent run? Simple action: Copy to Database ARCHIVE.NSF
Simple action: Delete from Database

61-28 Administering the Domino System, Volume 2

An agent that archives documents according to field status


These selections create an agent that weekly copies all documents with a
Status field set to Closed from the active database to an archive
database with the file name ARCHIVE.NSF. Then the agent deletes the
archived documents from the active database.
When should this agent run?

On Schedule Weekly

Which document(s) should it All documents in the database


act on?
Condition: by Field
Search for documents where field Status contains
Closed
What should this agent do?

Add Action: Copy to Database ARCHIVE.NSF


Add Action: Delete from Database

Allowing more fields in a database


You can increase the number of fields in a database by selecting the
advanced database property Allow more fields in database which
allows the database to contain up to 23,000 fields.
For a database without this option selected, all the field names in a
database when concatenated cannot exceed 64K, which results in a
database limit of approximately 3000 fields.
To allow more fields in a database:
2. Click the Advanced tab.
3. Select Allow more fields in database.

NOTES.INI file settings used to optimize database performance


The following table summarizes the NOTES.INI file settings you can use
to optimize database performance.
For more information on these settings, see the appendix NOTES.INI
File.
NOTES.INI file setting

Description

Compact_Retry_Rename_Wait

The amount of time to wait before trying to


rename a copy-style compacted database.
The default value is 30 seconds.

NSF_Buffer_Pool_Size

Specifies the amount of memory allocated to


database operations.

Improving Database Performance 61-29

Performance

1. Open the database and choose File - Database - Properties.

NOTES.INI file setting

Description

NSF_Dbcache_Disable

When set to 1, disables the database cache on


the server.

NSF_Dbcache_Maxentries

Specifies the maximum number of databases


allowed in the database cache at one time.

Num_Compact_Rename_Retries The number of times to try renaming a


copy-style compacted database. The default
value is 0.

61-30 Administering the Domino System, Volume 2

Chapter 62
Using Server.Load
This chapter discusses Server.Load, a capacity-planning tool for the
Domino server.

Server.Load
Server.Load is a capacity-planning tool that you use to run tests, also
called scripts and workloads, against a targeted Domino server to
measure server capacity and response metrics.
Server.Load supports any platform that is supported by the Domino
Administrator client. The client runs the Server.Load tests and generates
the transactions that are presented to the server. A typical Server.Load
configuration has one or more client systems driving the server under
test (SUT). Each client running Server.Load generates a simulated user
load of Notes transactions against the SUT, which reports server statistics
back to the client. If you configure multiple clients, you set up and run
the test from each client system.

Using Server.Load, you have real-time control of the test environment


and variables. Prior to running a test, you can change test parameters,
stop conditions, and existing script variables. You can also monitor
real-time server metrics. While the script is running, the Metrics window
displays an immediate characterization of server performance by
updating metrics on a per-minute basis.

62-1

Performance

You can run built-in scripts, create custom scripts from a library of
commands, or submit commands manually. For example, run the built-in
R5 Simple Mail Routing script to simulate users on a Notes client reading
and sending mail. Or create a custom script to create and open a Notes
mail database and populate it with messages. To test or execute
individual commands, you can use the manual command line mode to
delete documents from a database or issue remote server commands.

Built-in and custom Server.Load scripts


Server.Load includes a set of built-in scripts. You can also create a
custom script from scratch.
Built-in scripts
The following table describes the scripts that are built into Server.Load.
To see the actual code of each script, see the appendix Server.Load
Scripts.
Script

Description

Idle Workload

Establishes the upper boundary of the number of


sessions that a Domino server can support. You can use
the metric derived from this script to help you set up
other tests.

R5 IMAP Workload

Runs Notes transactions that model a server for mail


users at sites that rely on IMAP for communication. This
test stresses the IMAP protocol by receiving messages
and exercises SMTP and LDAP by sending SMTP
messages to recipients and performing LDAP lookups
on them. You use the IMAP Initialization Workload
script to initialize the SUT.

R5 Simple Mail
Routing

Simulates one or more Notes mail users performing


basic mail operations such as opening mail files, reading
and categorizing documents, sending calendar and
schedule items, and composing multiple mail messages
to multiple recipients. You use the NRPC Mail
Initialization Workload script to initialize the SUT.

R5 Shared Database

Simulates one or more active users performing database


operations on the same Discussion database. The script
includes performing view operations, navigating unread
documents, adding users to the database, and updating
documents.

SMTP and POP3


Workload

Runs Notes transactions that model a server for mail


users at sites that rely on SMTP and POP3 mail for
communication. You use the SMTP and POP3
Initialization Workload script to initialize the SUT.

Web Idle Workload

Simulates users connecting to the default page or home


page on a Domino Web server.

Web Mail Workload

Runs transactions that model a server for Web Mail


users. The test simulates a Web browser user sending,
retrieving, and deleting Notes mail. You use the Web
Mail Initialization Workload script to initialize the SUT.

62-2 Administering the Domino System, Volume 2

Custom scripts
You can use the Server.Load command language to build a script from
scratch, copy a built-in script and modify it, or use a sample script. Then
by modifying only test parameters and script variables, you can further
customize the script without changing the actual script code. Script
variables are environmental values that are referenced through the
NOTES.INI file. Test parameters control the number and creation of
simulated users, or threads; the number of times the test runs for each
user; and the test duration. If you create a script from scratch, you can
test each line of code by entering it in the command line. In addition,
using the command line, you can issue remote server console commands.
NotesBench
A related performance tool, NotesBench is a collection of benchmarks, or
workloads, for evaluating the performance of Domino servers. To learn
more about NotesBench, go to http://www.notesbench.org.

Tips for running a Server.Load test


1. Consider the number of simulated users you plan to assign to the
SUT and evaluate how that number relates to system limitations,
such as disk space and memory. Server.Load creates one thread per
simulated Notes user. If, for example, you assign 100 users to one
client system, 100 threads will run the test script. Note that all
threads run the specified test concurrently.

3. Plan to enter values for the Starting Thread No. and Max No. of
Users parameters. The values you enter depend on how many client
systems and database users the test is simulating. For example, to
simulate 400 database users across 4 client systems, with 100 users
spread across the 4 clients specify these values when you run the test
on each client.
Client

Max. No. of Users

Starting Thread No.

100.00

1.00

2.00

100.00

101.00

3.00

100.00

201.00

4.00

100.00

301.00

4. Simulate the behavior of actual users by providing pauses between


commands in your script. Use the built-in scripts as a reference point.

Using Server.Load 62-3

Performance

2. Set the Thread Creation Interval parameter to stagger the creation of


each user. For example, a value of 2 staggers the creation of each user
by 2 seconds.

5. Be aware of both ramp-up and steady state. Ramp-up state occurs after
all threads run at least one iteration of the script. Steady state represents
the servers true, sustainable performance with reproducible results.
Steady state occurs when the number of Notes users on the server is
equal to the total simulated users across all clients.

Server.Load agents
Server.Load includes a set of agents in the file NAMAGENT.NSF, which
is initially installed in the data directory on the Domino Administrator
client. The first agent in this list Create NotesBench Mail Person
Documents is used to set up Person documents for the workloads and
set the HTTP password. The rest of the agents are used to repair and
change the workload setup.
To use the agents, you must use Domino Designer to add them to the
Domino Directory on the SUT.

Create NotesBench Mail Person Documents

Refresh All Documents

Set HTTPPassword to NotesBench

Set Message Storage Format = MIME

Set Message Storage Format = No Preference

Set Message Storage Format = Notes

Update ACL of MailDBs to include Owner (mail1, mail2, ...)

Agent to set up a workload: Create NotesBench Mail Person


Documents
This agent prompts you for information required to create the necessary
number of Person documents for a workload. The following table
describes the prompts and defaults.
Prompt

Default

Starting value to create mail users

1.00

Number of users to create

1000.00

Number of Mailn.NSF files to create 1000.00


Starting Mailn.NSF file

1.00

Location for mail databases

mail\
continued

62-4 Administering the Domino System, Volume 2

Prompt

Default

Mail domain

Default is read from the servers mail


domain

Mail server directory is on

Name of the server that stores the


Domino Directory

Message storage format

2 (MIME)

Mail system

1 (NOTES)

Internet host name

Host name of the server that stores the


Domino Directory

Agents to repair and change a workload setup


After you use the Create NotesBench Mail Person Documents agent, you
may need to use the Refresh All Documents agent to refresh the view in
the Domino Directory.
If you have trouble connecting with HTTP-based workloads and the
Person documents do not display any encrypted passwords, use the Set
HTTPPassword to NotesBench agent to reset the password in all
Person documents.
When you change to a different workload, you must remake all of the
mail files, but you can use one of these agents to change the mail type in
the Person documents without having to recreate all of the Person
documents:
Set Message Storage Format = MIME

Set Message Storage Format = No Preference

Set Message Storage Format = Notes

Update ACL of MailDBs to include Owner (mail1, mail2, ...) Use


this agent for a workload that has authentication on.

Using Server.Load 62-5

Performance

Server.Load test parameters


Before you run a Server.Load test, you can modify any of these
parameters, which are located on the Test Parameters tab.
Field

Action

Max No. of Users

Enter the number of simulated users. Default is 1.


Maximum value for this setting is 512.
Note To verify that a script is running properly, run the
test the first time with only one simulated user.
If you are running the test on multiple clients, increment
the value of the Max No. of Users parameter when you run
the test on each client.
The client should not run at anything higher than 75% to
85% CPU. If the client is running at 100%, reduce the
number of users.

Script Loop Count Enter the number of times the script runs per simulated
user. Default is 1.
To calculate total iterations, multiply Script Loop Count by
Max. No. of Users.
Note For long-duration tests, enter a large value, and
specify No Time Limit in the Test Time Parameter field.
If a test uses the ScriptIterationLimit script variable, set both
the variable and the Script Loop Count to the same value.
Thread Creation
Interval (sec)

Enter the rate, in seconds, at which simulated users are


created. Default is 1
To calculate total ramp-up time, multiply Thread Creation
Interval by Max. No. of Users.

Starting Thread
No.

Enter the thread number that will start the test. Default is 1.

Test Time
Parameter

Choose one:

Note If you use multiple clients in a test, you must stagger


the starting thread number for example, client 1 starts at
thread 1; client 2 starts at thread 101, and so on.

No time limit (default) To run the test indefinitely.


Run between two time periods To run the test
between Start and Stop times that you enter in standard
format (1:00 PM) or military format (13:00).

Specify Total Test Time To run the test for a specific


number of minutes.

Click Browse and select the Domino Directory or Personal


Build Recipient
List using Name Address Book to use when building a list of recipients of
and Address Book the test results.
Storage test
output to

Click Browse to choose the location to store test output.

62-6 Administering the Domino System, Volume 2

Server.Load metrics
As you run a test, you can view various script metrics and server statistic
metrics and optionally store the test output in a separate file. Server
statistic metrics are generated by the Domino server. Script metrics
correspond to Server.Load command names and display the
performance of particular commands. For example, if you select the Add
metric, the Metrics window displays the results of the Add command.
For more information on script commands, see the appendix
Server.Load Command Language.
Note If the server runs Windows, you can also use the Windows
Performance Monitor to measure performance.

Database statistics
Description

Database.BufferPool.Reads

Number of database buffer pool


reads.

Database.BufferPool.Used

Number of bytes allocated in the


buffer control pool.

Database.BufferPool.Writes

Number of database buffer pool


writes.

Database.DbCache.CurrentEntries

Number of entries in the database


cache.

Database.DbCache.HighWaterMark

High water mark of the database


cache.

Database.DbCache.Hits

Number of hits to the database


cache.

Database.DbCache.InitialDbOpens

Number of database opens done by


the database cache.

Database.NIFPool.Used

Number of database NIF pools

Using Server.Load 62-7

Performance

Statistic

System statistics
Statistic

Description

Disc.c.Free (bytes)

Free disk space in bytes on drive n. When disk space


is low, compact, delete, or move databases. If problem
persists, consider a larger hard disk.

Disc.c.Size (bytes)

Total size in bytes of drive n.

Server.Trans.PerMinute Number of transactions that took place in the last


minute. Useful to monitor server use. If this number is
consistently higher than that of other servers and
performance is a problem, redistribute the server load
to other servers.
Server.Users

Number of users with sessions open on the server.


Useful to monitor overall server use. If this number is
consistently higher than that of other servers and
performance is a problem, redistribute the server load
to other servers.

Mail statistics
Statistic

Description

Mail.AverageDeliverTime

Average delivery time of messages in seconds

Mail.AverageServerHops

Average number of server hops for a delivered


message.

Mail.AverageSizeDelivered

Average size of message delivered, in K.

Mail.Dead

Number of undeliverable messages in


MAIL.BOX. Useful for detecting problems with
the Router. Check the server MAIL.BOX to view
the dead mail messages and determine the
problem.

Mail.Delivered

Number of messages received by the Router.

Mail.MaximumDeliverTime

Slowest delivery time of messages in seconds.

Mail.MinimumServerHops

Least number of server hops for a delivered


message.

Mail.MaximumSizeDelivered Largest message delivered, in K.


Mail.MinimumDeliverTime

Slowest delivery time of messages in seconds.

Mail.MaximumServerHops

Most number of server hops for a delivered


message.

Mail.MinimumSizeDelivered Smallest message delivered, in K.


Mail.TotalFailures

Total number of mail failures.


continued

62-8 Administering the Domino System, Volume 2

Statistic

Description

Mail.TotalRouted

Total number of recipients that mail has routed


to since the server started.

Mail.Waiting

Number of outgoing mail messages waiting to


be either delivered locally or transferred in
MAIL.BOX. Useful for detecting problems with
the mail Router.

Mail.WaitingRecipients

Number of recipients awaiting either local


delivery or transfer.

Network statistics
Statistic

Description

NET.TCPIP.BytesReceived

Amount of data received from


client to server using TCP/IP
protocol.

NET.TCPIP.BytesSent

Amount of data sent from client


to server using TCP/IP protocol.

NET.TCPIP.Sessions.Established.Incoming

Incoming sessions from client to


server using TCP/IP protocol.

Per Minute Thread Statistics


These statistics are automatically provided and collected for every test.
Description

Avg. Trans (Per


Thread)

The average number of transactions per thread.

Min. Trans (Per


Thread)

The minimum number of transactions per thread.

Max. Trans (Per


Thread)

The maximum number of transactions per thread.

Total Trans (All


Threads)

The total number of transactions per thread.

Running Threads

The total number of all threads currently running.

Agg. Replications

The aggregate number of replications that occurred.

Avg. Rsp. Time (ms)

The average NRPC response time. This is the average


response across all threads and is the best overall value
to track general server response curves.
Note This value is not applicable to the Web Mail
script

Running time (min)

The total running time.

Using Server.Load 62-9

Performance

Statistic

Monitoring Server.Load metrics


1. Click Execute from the main window.
2. Choose a script metric or server statistic metric.
3. Do one:
Click Add Metric to add a metric to monitor.
Click Delete Selected Metric to stop monitoring a metric.
4. (Optional) Click Browse next to Store the Metrics to this File and
then choose a file to store the metrics.
Tip The Output monitor displays real-time test results,
command-by-command, as the test runs. You can see up to 64KB of data
in the Output monitor.

Setting a Server.Load stop condition


You can control what happens if the SUT fails to respond appropriately
during a test.
1. From the main window, click the Stop Conditions tab.
2. Do one:
Choose If Total Number of Timeouts Exceeds and then enter the
number of timeouts after which the test will stop.
Choose If Average Response Time Exceeds (msec) and then
enter a number, in milliseconds, after which the test will stop.

Changing a Server.Load script variable


To further refine a test, you can change the default values of script
variables. Within a script, each variable appears enclosed in square
brackets [ ]. Each variable must have a value. After you edit a test
variable, its corresponding setting in the NOTES.INI file changes.
1. From the main window, click the Script Variables tab.
2. Locate the row containing the variable to change, and click the
leftmost column.
3. Double-click the value of the variable to activate Edit mode, and then
enter the new value.
4. Click next empty variable row.
5. Open the script so that Server.Load acknowledges the change.

62-10 Administering the Domino System, Volume 2

Testing a Server.Load command


Using the Command Line Screen, you can test an individual Server.Load
command. The results of each command appear in an output window.
1. On the client system, start Server.Load.
2. In the Test Type field, choose Manual.
3. Click the Command Line Screen tab, enter a Server.Load command
or a server command in the Command Line field, and click Submit.

Modifying a built-in Server.Load script


Rather than build a script from scratch, modify a copy of a built-in script.
For example, to test replication, you can edit the R5 Simple Mail Routing
script to include the Replicate command.
1. On the Domino Administrator client, start Server.Load by running
SLOAD.EXE from the Program directory.
2. In the Test Type field, choose Built-in, and then choose the script to
modify.
3. Click View Script, and a window containing the script code appears.
4. Copy the script to a text editor.
5. Use the Server.Load commands to customize the script.
For more information, see the appendix Server.Load Commands.
6. Save the script as a text file.

If you create a custom script, use these steps to run it.


1. On the Domino Administrator client, start Server.Load by running
SLOAD.EXE from the Program directory.
2. In the Test Type field, choose Custom. Then click Browse and select
the script you want to add; to view or edit the script, choose Edit
Script.
3. Click the Test Parameters tab. If you are running the test on multiple
clients, increment the value of the Starting Thread No. parameter
when you run the test on each client.
4. (Optional) Click the Stop Conditions tab to set a stop condition.
For more information, see the topic Setting a Server.Load stop
condition earlier in this chapter.
5. Click Execute.

Using Server.Load 62-11

Performance

Running a custom Server.Load script

6. (Optional) Select metrics to monitor.


For more information, see the topic Monitoring Server.Load
metrics earlier in this chapter.
7. (Optional) In the Server to receive console commands field, enter
the name of the SUT.
8. Click Start Test.

Setting up clients and servers for Server.Load


To use Server.Load, you must install the Domino server on the server
under test (SUT) and install the Domino Administration client and the
Server Load Utility on each client.
For information on installing the Domino server, see the chapter
Installing and Setting Up Domino Servers. For information on
installing the Domino Administration client, see the chapter Setting Up
and Using Domino Administration Tools.

To set up a SUT
1. Make sure that:
The Domino server is installed and operational
The server has adequate RAM, approximately 512KB per
simulated user (thread) across all clients used in the test
2. Make sure that you have Administrator access, Create database
access, and access to run unrestricted LotusScript and Java agents.
3. Make sure that the Server, Replicator, Router, and Update tasks are
running on the Domino server. Run additional tasks as required for
individual tests.
4. Enable performance monitoring on the Domino server by issuing the
Show Perf command.
5. Use Domino Designer to copy the file NAMAGENT.NSF to the
Domino Directory. This file contains agents that you use to set up
and change workloads.
6. Disable all screen savers.

62-12 Administering the Domino System, Volume 2

To set up a client
If you use multiple clients in a test, they all must have the identical
hardware setup, and you must complete the following procedure on each.
1. Make sure that:
The Domino Administration client and Server.Load are installed
and operational
The client has access to the templates to use in the test
The client has adequate RAM approximately 512KB per
simulated user (thread)
2. Do the following to edit the Location document:
a. Choose File - Mobile - Edit Current Location.
b. Click the Mail tab, and complete these fields:
Field

Action

Mail file location

Choose On server

Mailfile

Enter the path to the mail file for example


mail\mailfile.nsf

c. Click the Servers tab, and in the home/mail server section, enter
the name of the SUT.

d. Click Save and Close.


3. Make sure that you use a Notes ID that has administration access to
the SUT.
4. Do the following to verify the connection to the SUT:
a. Start the Domino Administration client and verify that the
Home/Mail Server field in the Location document contains the
fully distinguished SUT name for example,
MailServer1/Acme.
b. Verify connectivity by running a trace from the client to the
server. Select File - Preferences User Preferences Ports.
c. Verify that the correct communication port is enabled, and click
Trace.
d. Enter the name of the SUT in the Destination field and run the
trace to verify that the client can use the desired protocol to trace
to the server.
Using Server.Load 62-13

Performance

Note If you edit the MailServer script variable before you run a test,
you change the location of the mail server for only that run. The next
time you run Server.Load, the mail server listed in the Location
document is used.

e. If you cannot connect over TCP/IP, verify that TCP/IP has been
enabled on the Domino server and that the port is enabled in the
Server document.
f. Verify that the port has been enabled at the operating system level.
g. Verify that TCP/IP is properly installed and enabled on the client
and that you can use the ping utility to access the Domino server
by name for example, acme.iris.com and by IP address.
5. Disable all screen savers.

Idle Workload script


The Idle Workload script establishes an upper limit of the number of
sessions that a Domino server can support. The test only establishes
sessions between a client and server; no Notes transactions are carried
out. No resources other than those required to start a session are used.
The resulting capacity metric is the maximum number of user sessions
that can exist concurrently. You can use this metric to help set up and
configure the test environment.
To read the code in the test script, see the appendix Server.Load
Scripts.

Running the Idle Workload test


1. Make sure that you already set up clients and servers for
Server.Load.
For information, see the topic Setting up clients and servers for
Server.Load earlier in this chapter.
2. On the Domino Administrator client, start Server.Load by running
SLOAD.EXE from the program directory.
3. In the Test Type field, choose Built-In, and then choose Idle
Workload from the list.
4. Click the Script Variables tab, and enter these values:
Variable

Action

MailServer

Enter the canonical name of the mail server for example,


CN=MailServer1/O=Acme

MaxSessions

Enter the thread capacity of the client. The maximum is 512.

62-14 Administering the Domino System, Volume 2

5. Click the Test Parameters tab. If you are running the test on multiple
clients, increment the value of the Starting Thread No. parameter
when you run the test on each client.
6. (Optional) Click the Stop Conditions tab to set a stop condition.
For more information, see the topic Setting a Server.Load stop
condition earlier in this chapter.
7. Click Execute.
8. (Optional) Select metrics to monitor.
For more information, see the topic Monitoring Server.Load
metrics earlier in this chapter.
9. (Optional) In the Server to receive console commands field, enter
the name of the SUT.
10. Click Start Test.

R5 IMAP Workload test

The measurements obtained by this test are:

Throughput of completed Notes operations

Average response time at maximum capacity

Maximum number of IMAP mail users supported

The resulting capacity metric for an IMAP server is the maximum


number of users that can be supported before the average user response
time becomes unacceptable.
To read the code in the test script, see the appendix Server.Load
Scripts.

Using Server.Load 62-15

Performance

The IMAP Workload test models an active IMAP mail user logging in
once, then receiving and sending mail. The script contains an average of
15 minutes of waiting, so an average user will execute this test no more
than four times an hour. For each iteration of the script, IMAP mail
messages are retrieved, one SMTP message is sent, and a number of
LDAP lookup requests are executed based on the value of the
NumMessageRecipients script variable. The SMTP messages sent by each
test user are delivered to the mail databases of other test users on the
SUT.

Hardware considerations
The following hard disk requirements apply to the SUT and, during
some tests, to the destination systems that receive mail from the SUT:
Initial Disk
Requirement

In Domino 6, approximately 13MB on the SUT for each


user (mail database). In Domino 5, approximately 5.5MB.

Subsequent Disk
Requirement

Increase of 1MB an hour for the duration of the test. (This


figure is not dependent on the number of users.)
Increase of 100KB an hour as impacted by the value of the
nthIteration setting in the NOTES.INI file.
The growth rate of each database is a function of the ratio
of the number of users and recipients sending and
receiving mail.

Tips for running the IMAP Workload test


1. Use these server commands.
Command

Description

Show Task

Show either the Database Server task (Notes clients) or


IMAP task (IMAP users).

Show Stat IMAP

Monitor message counters

Show Stat Mail

Monitor message counters

Show Stat SMTP

Monitor SMTP statistics

Show Stat LDAP

Monitor LDAP statistics

2. Use an IMAP client, such as Netscape or Outlook, to verify that the


IMAP and SMTP server tasks are set up correctly.
3. To minimize environment troubleshooting, put IP information for
example, host information in the \etc\hosts file or its equivalent
on the SUT and driver directories.
4. From the SUT console, enter this command to display additional
routing information:
Set Config Log_MailRouting=40

62-16 Administering the Domino System, Volume 2

Running the R5 IMAP Initialization Workload


The R5 IMAP Initialization Workload creates and populates the IMAP
mail file with SMTP messages, initializes the mail file, and then converts
it to IMAP.
1. Make sure that you already set up clients and servers for Server.Load.
For information, see the topic Setting up clients and servers for
Server.Load earlier in this chapter.
2. On the Domino Administrator client, start Server.Load by running
SLOAD.EXE from the Program directory.
3. Run the Create NotesBench Mail Person Documents agent to
create the desired number of Person documents in the Domino
Directory. When prompted, set these variables:
Variable

Setting

Message storage format

2 (MIME)

Mail system

6 (POP3/IMAP)

4. In the Test Type field, choose Built-In, and then choose R5 IMAP
Initialization Workload from the list.
5. Click the Script Variables tab, and enter these values:
Action

MailServer

Enter the canonical name of the mail server for


example, CN=MailServer1/O=Acme.

MailTemplate

Enter the name of the mail file template for


example, MAIL6.NTF.

nb_dbdir

Enter the directory used to store mail files, relative to


the data directory.

NormalMessageSize Enter the size of the body of the message.


Recommended value is 10000.
MessageLineSize

Enter the number of characters per line.


Recommended value is 80.

RecipientDomain

Enter the name of the domain containing the


intended recipients for example, acme.com.

SMTPHost

Enter the fully qualified domain name of the Domino


server that is running the SMTP Listener task for
example, server1.acme.com

ClientHost

Enter the fully qualified domain name of the client


for example, client1.acme.com

NumMailNotes
PerUser

Enter the number of documents to populate the mail


file when it is created. Recommended value is 100.

Using Server.Load 62-17

Performance

Variable

6. Start the IMAP task on the server.


7. In the Build Recipient List using Name and Address Book field,
enter the name of the SUT and its Domino Directory in the format
servername/org!!dominodirectory.NSF for example,
Server1/Acme!!NAMES.NSF.
8. Verify that the client and server experience no errors while creating
mail files. If a mail file has not been created, the test script creates the
mail file during the first test iteration, but this adds overhead on the
server back end. As a rule, CPU on the client and SUT should not
exceed 75%, and the percentage of Disk Time on the Domino Server
Data directory should not be a factor.
9. Click the Test Parameters tab. If you are running the test on multiple
clients, increment the value of the Starting Thread No. parameter
when you run the test on each client.
10. (Optional) Click the Stop Conditions tab to set a stop condition.
For more information, see the topic Setting a Server.Load stop
condition earlier in this chapter.
11. Click Execute.
12. (Optional) Select metrics to monitor.
For more information, see the topic Monitoring Server.Load
metrics earlier in this chapter.
13. (Optional) In the Server to receive console commands field, enter
the name of the SUT.
14. Click Start Test.
15. Verify that the correct number of test mail files were created in the
data directory. Each mail file is named MAILn.NSF, where n is a
number.
16. Complete the procedure Running the R5 IMAP Workload test.

Running the R5 IMAP Workload test


1. Make sure that you already completed the procedure Running the
R5 IMAP Initialization Workload.
2. In the NOTES.INI file on the SUT, verify that the Server Tasks setting
includes both IMAP and LDAP.
3. On the Basics tab of the Server document for the SUT, make sure that
the SMTP Listener Task is enabled.

62-18 Administering the Domino System, Volume 2

4. For optimal performance, create a Configuration Settings document


in the Domino Directory and do the following:
a. Set the Optimize LDAP queries field to Yes.
b. On the Router/SMTP Basics tab, set the Number of mailboxes
field, to 2 or higher.
5. On the Domino Administrator client, start Server.Load by running
SLOAD.EXE from the Program directory.
6. In the Test Type field, choose Built-In, and then choose R5 IMAP
Workload from the list.
7. In the Build Recipient List using Name and Address Book field,
enter the name of the SUT and its Domino Directory in the format
servername/org!!dominodirectory.NSF for example,
Server1/Acme!!NAMES.NSF.
8. Click the Test Parameters tab, and do the following:
a. For Thread Creation Interval, enter the rate, in seconds, at
which simulated users are created. The recommended value is 3
to 5 seconds.
b. If you are running the test on multiple clients, increment the
value of the Starting Thread No. parameter when you run the
test on each client.
9. Click the Script Variables tab, and enter these values:
Action

R5IMAPBreak

Enter one:
1 To prevent the script from quitting if errors
occur
0 To force the script to quit if errors occur

IMAPHost

Enter the fully-qualified domain name of the SUT


for example, server1.acme.com

NormalMessageSize

Enter the size of the body of the message.


Recommended value is 10000.

MessageLineSize

Enter the number of characters per line.


Recommended value is 80.

NumMessageRecipients Enter the number of recipients for each message.


Recommended value is 3.
RecipientDomain

Enter the name of the domain containing the


intended recipients for example, acme.com.
continued

Using Server.Load 62-19

Performance

Variable

Variable

Action

SMTPHost

Enter the fully qualified domain name of the


Domino server that is running the SMTP Listener
task for example, server1.acme.com

ClientHost

Enter the fully qualified domain name of the


client for example, client1.acme.com

NthIteration

Enter the frequency for how often a message is


sent. Instead of the message being sent on every
script iteration, the message is sent once per n
iterations of the script. Recommended value is 6.

R5IMAP_Loop_N

Enter the number of times the inner loop of the


script runs. Recommended value is 35, resulting
in approximately an 8-hour duration.

ScriptIterationLimit

Enter the number of times the outer loop of the


script runs. Recommended value is 1.

10. (Optional) Click the Stop Conditions tab to set a stop condition.
For more information, see the topic Setting a Server.Load stop
condition earlier in this chapter.
11. Click Execute.
12. (Optional) Select metrics to monitor.
For more information, see the topic Monitoring Server.Load
metrics earlier in this chapter.
13. (Optional) In the Server to receive console commands field, enter
the name of the SUT.
14. Click Start Test.

R5 Simple Mail Routing test


The R5 Simple Mail Routing test models an active Notes mail user
receiving and sending mail, composing and sending meeting invitations,
and scheduling appointments. The script contains an average of 15
minutes of waiting; therefore, an average user runs this test no more than
four times an hour.
For each iteration of the script, five documents are read, two documents
are updated, two documents are deleted, one view is opened and closed,
one view-scroll is performed, one database is opened and closed, and
several other operations are performed. One message is sent to each
active user approximately every 96 minutes; the same frequency is used
for appointments and invitations.
62-20 Administering the Domino System, Volume 2

Because mail routing and delivery are performed on the SUT, locate the
destination addresses and the active users mail files on the SUT.
The measurements obtained by this test are:

Throughput of completed Notes operations

Average response time at maximum capacity

Maximum number of mail users supported

The resulting capacity metric for a mail-only server is the maximum


number of users that can be supported before the average user response
time becomes unacceptable.
To read the code in the test script, see the appendix Server.Load
Scripts.

Hardware considerations
The following hard disk requirements apply to the SUT and, during
some tests, to the destination systems that receive mail from the SUT:
Initial Disk
Requirement

In Domino 6, approximately 13MB for each user (mail


database). In Domino 5, approximately 7.5MB.

Subsequent Disk Increase of 80KB for each user, per hour


Requirement

Running the R5 NRPC Mail Initialization Workload


1. Make sure that you already set up clients and servers for
Server.Load.
For information, see the topic Setting up clients and servers for
Server.Load earlier in this chapter.
2. On the Domino Administrator client, start Server.Load by running
SLOAD.EXE from the Program directory.
3. Run the Create NotesBench Mail Person Documents agent to
create the desired number of Person documents in the Domino
Directory. When prompted, set these variables:
Variable

Setting

Message storage format

0 (NOTES)

Mail system

1 (NOTES)

Using Server.Load 62-21

Performance

The R5 Simple Mail Routing test requires at least one client and the SUT.
If you use multiple client systems, identical hardware configurations are
recommended.

4. In the Test Type field, choose Built-In, and then choose R5 NRPC
Mail Initialization Workload from the list.
5. Click the Test Parameters tab, and do the following:
a. For Thread Creation Interval, enter the rate, in seconds, at
which simulated users are created. The recommended value is 3
to 5 seconds.
b. If you are running the test on multiple clients, increment the
value of the Starting Thread No. parameter when you run the
test on each client.
6. Click the Script Variables tab, and enter these values:
Variable

Action

MailServer

Enter the canonical name of the mail server for


example, CN=MailServer1/O=Acme.

nb_dbdir

Enter a database directory relative to the Notes


data directory. Recommended value is mail\.

MailTemplate

Enter the name of the mail file template.

NumMailNotesPerUser Number of notes used to populate the mail file


when the mail file is created (recommended
value 100)
NormalMessageSize

Enter the size of the body of the message.


Recommended value is 10000.

7. In the Build Recipient List using Name and Address Book field,
enter the name of the SUT and its Domino Directory in the format
servername/org!!dominodirectory.NSF for example,
Server1/Acme!!NAMES.NSF.
8. Verify that no errors occur while creating mail files on the client and
SUT. If a mail file is not created, the test script creates the mail file
during the first test iteration, a process that adds overhead on the
server back end. As a rule, CPU on the client and SUT should not
exceed 75%, and the percentage of disk time on the servers data
directory should not be a factor.
9. (Optional) Click the Stop Conditions tab to set a stop condition.
For more information, see the topic Setting a Server.Load stop
condition earlier in this chapter.
10. Click Execute.
11. (Optional) Select metrics to monitor.
For more information, see the topic Monitoring Server.Load
metrics earlier in this chapter.

62-22 Administering the Domino System, Volume 2

12. (Optional) In the Server to receive console commands field, enter


the name of the SUT.
13. Click Start Test.
14. Verify that the correct number of test mail files were created in the
data directory. Each mail file is named MAILn.NSF, where n is a
number.
15. Complete the procedure Running the R5 Simple Mail Routing test.

Running the R5 Simple Mail Routing test


1. Make sure that you already completed the procedure Running the
R5 NRPC Mail Initialization Workload.
2. On the SUT, do the following:
a. Start the Calendar Connector task (Calconn).
b. In the Configuration Settings document on the Router/SMTP
Basics tab, set the field Number of mailboxes to 2 or higher.
3. In the Test Type field, choose Built-In, and then choose R5 Simple
Mail Routing test from the list.
4. Click the Test Parameters tab. If you are running the test on multiple
clients, increment the value of the Starting Thread No. parameter
when you run the test on each client.
5. Click the Script Variables tab, and enter these values:
Action

MailServer

Enter the canonical name of the mail server for


example, CN=MailServer1/O=Acme.

nb_dbdir

Enter a database directory relative to the Notes


data directory. Recommended value is mail\.

MailTemplate

Enter the name of the mail file template.

NBTestReset

Enter one to control how to handle existing


documents at the start of the test:
1 To delete existing documents
0 To ignore existing documents
Note The number of documents deleted is
dependent on the value set for the variable
MaxDocToDelete.

MaxDocToDelete

Enter the number of documents to delete when


the test starts. After deleting documents, the
initial document count is reset.
continued

Using Server.Load 62-23

Performance

Variable

Variable

Action

NumMailNotesPerUser Number of notes used to populate the mail file


when the mail file is created (recommended
value 100)
NormalMessageSize

Enter the size of the body of the message.


Recommended value is 10000.

NumMessageRecipients Enter the number of recipients for each message.


Recommended value is 3.
NthIteration

Enter the frequency for how often a message is


sent. Instead of the message being sent on every
script iteration, the message is sent once per n
iterations of the script. Recommended value is 6.

ScriptIterationLimit

Enter the number of times the outer loop of the


test script runs. Recommended value is 1. This
value must match the value in the Script Loop
Count field on the Test Parameters tab.

6. (Optional) Click the Stop Conditions tab to set a stop condition.


For more information, see the topic Setting a Server.Load stop
condition earlier in this chapter.
7. Click Execute.
8. (Optional) Select metrics to monitor.
For more information, see the topic Monitoring Server.Load
metrics earlier in this chapter.
9. (Optional) In the Server to receive console commands field, enter
the name of the SUT.
10. Click Start Test.

R5 Shared Database test


The R5 Shared Database test models active users performing shared
database operations that include performing view operations, navigating
unread documents, reading documents, and adding or updating
documents in a shared database.
The measurements obtained by this test are:

Throughput of completed Notes operations

Number of maximum users supported

Average response time at maximum capacity

62-24 Administering the Domino System, Volume 2

To read the code in the test script, see the appendix Server.Load
Scripts.

Hardware considerations
The following hard disk requirements apply to the SUT and, during
some tests, to the destination systems that receive mail from the SUT.
Initial disk requirement

300MB to 400MB free space on the SUT

Subsequent disk requirement

One-half of the mail test space requirement

Running the R5 Shared Database test


1. Make sure that you already set up clients and servers for
Server.Load.
For information, see the topic Setting up clients and servers for
Server.Load earlier in this chapter.
2. On the Domino Administrator client, start Server.Load by running
SLOAD.EXE from the Program directory.
3. In the Test Type field, choose Built-In, and then choose R5 Shared
Database test from the list.
4. Click the Test Parameters tab. If you are running the test on multiple
clients, increment the value of the Starting Thread No. parameter
when you run the test on each client.
5. Click the Script Variables tab, and enter these values:
Action

MailServer

Enter the canonical name of the mail server


for example, CN=MailServer1/O=Acme

DiscussionDB

Enter the name of the test discussion database

DiscTemplate

Enter the name of the template used for the


discussion database

NBTestReset

Enter one to control how to handle existing


documents at the start of the test:
1 To delete existing documents
0 To ignore existing documents
Note The number of documents deleted is
dependent on the value set for the variable
MaxDocToDelete.

MaxDocToDelete

Enter the number of documents to delete when


the test starts. After deleting documents, the
initial document count is reset.
continued
Using Server.Load 62-25

Performance

Variable

Variable

Action

NumMailNotesPerUser

Enter the number of documents to create for


each user to populate the database initially.

DiscDbAddDocRate

Enter the number of documents to add for each


user.

6. (Optional) Click the Stop Conditions tab to set a stop condition.


For more information, see the topic Setting a Server.Load stop
condition earlier in this chapter.
7. Click Execute.
8. (Optional) Select metrics to monitor.
For more information, see the topic Monitoring Server.Load
metrics earlier in this chapter.
9. (Optional) In the Server to receive console commands field, enter
the name of the SUT.
10. Click Start Test.

SMTP and POP3 Workload test


The SMTP and POP3 test models an active user receiving and sending
mail over SMTP and POP3. The script contains an average of 10 minutes
of waiting, so an average user will run this test no more than six times an
hour.
During each iteration, the script checks for and retrieves POP3 messages.
When sending messages, each user sends a mail message to
NumMessageRecipients not more than once every 20 minutes. Twenty
percent of the users receive eighty percent of the send mail messages.
The SMTP messages sent by each user are delivered to the mail
databases of other users on the SUT.
The measurements obtained by this test are:

Throughput of completed Notes operations

Average response time at maximum capacity

Maximum number of SMTP/POP3 mail users supported

The resulting capacity metric for an SMTP/POP3 server is the maximum


number of users that can be supported before the average user response
time becomes unacceptable.
To read the code in the test script, see the appendix Server.Load
Scripts.
62-26 Administering the Domino System, Volume 2

Hardware considerations
The following hard disk requirements apply to the SUT and, during
some tests, to the destination systems that receive mail from the SUT:
Initial disk
requirement

In Domino 6, approximately 11.5MB on the SUT for each


user (mail database). In Domino 5, approximately 7.5MB.

Subsequent disk Increase of 100KB per hour for the duration of the test. This
requirement
figure is not dependent on the number of users.

Tips for running the SMTP/POP3 test


1. To minimize environment troubleshooting, put IP information for
example, host information in the \etc\hosts file or its equivalent
on the SUT and driver directories.
2. If authentication errors occur on the Domino server console, verify
the password in the HTTP field of the respective users Person
document in the SUTs Domino Directory; edit the Domino Directory
if necessary.
3. From the SUT console, enter this command to display additional
routing information:
Set Config Log_MailRouting=40

Running the SMTP and POP3 Initialization Workload

For information, see the topic Setting up clients and servers for
Server.Load earlier in this chapter.
2. Run the Create NotesBench Mail Person Documents agent to create
the desired number of Person documents in the Domino Directory.
When prompted, set these variables:
Variable

Setting

Message storage format

2 (MIME)

Mail system

6 (POP3/IMAP)

3. On the Domino Administrator client, start Server.Load by running


SLOAD.EXE from the Program directory.
4. In the Test Type field, choose Built-In, and then choose SMTP and
POP3 Initialization Workload from the list.

Using Server.Load 62-27

Performance

1. Make sure that you already set up clients and servers for
Server.Load.

5. Click the Script Variables tab, and enter these values:


Variable

Action

MailServer

Enter the canonical name of the mail server for


example, CN=MailServer1/O=Acme.

nb_dbdir

Enter a database directory relative to the Notes data


directory. Recommended value is mail\.

MailTemplate

Enter the name of the mail file template.

6. Click the Test Parameters tab. If you are running the test on multiple
clients, increment the value of the Starting Thread No. parameter
when you run the test on each client.
7. (Optional) Click the Stop Conditions tab to set a stop condition.
For more information, see the topic Setting a Server.Load stop
condition earlier in this chapter.
8. Click Execute.
9. (Optional) Select metrics to monitor.
For more information, see the topic Monitoring Server.Load
metrics earlier in this chapter.
10. (Optional) In the Server to receive console commands field, enter
the name of the SUT.
11. Click Start Test.
12. Verify that the correct number of test mail files were created in the
data directory. Each mail file is named MAILn.NSF, where n is a
number.
13. Complete the procedure Running the SMTP and POP3 Workload
test.

Running the SMTP and POP3 Workload test


1. Make sure that you already completed the procedure Running the
SMTP and POP3 Initialization Workload.
2. Run the Create NotesBench Mail Person Documents agent to
create the desired number of Person documents in the Domino
Directory.
3. On the Domino Administrator client, start Server.Load by running
SLOAD.EXE from the Program directory.
4. In the Test Type field, choose Built-In, and then choose SMTP and
POP3 Workload from the list.

62-28 Administering the Domino System, Volume 2

5. Click the Test Parameters tab. If you are running the test on multiple
clients, increment the value of the Starting Thread No. parameter
when you run the test on each client.
6. Click the Script Variables tab, and enter these values:
Variable

Action

NormalMessageSize

Enter the size of the body of the message.


Recommended value is 10000.

MessageLineSize

Enter the number of characters per line.


Recommended value is 80.

NumMessageRecipients Enter the number of recipients for each message.


Recommended value is 3.
Enter the fully qualified domain name of the
Domino server that is running the SMTP Listener
task for example, server1.acme.com

RecipientDomain

Enter the name of the domain containing the


intended recipients for example, acme.com.

ClientHost

Enter the fully qualified domain name of the


client for example, client1.acme.com

NthIteration

Enter the frequency for how often a message is


sent. Instead of the message being sent on every
script iteration, the message is sent once per n
iterations of the script. Recommended value is 6.

POP3Host

Enter the fully qualified domain name of the


Domino server running the POP3 task, in the
format system.domainname for example,
Server2.acme.com.

7. (Optional) Click the Stop Conditions tab to set a stop condition.


For more information, see the topic Setting a Server.Load stop
condition earlier in this chapter.
8. Click Execute.
9. (Optional) Select metrics to monitor.
For more information, see the topic Monitoring Server.Load
metrics earlier in this chapter.
10. (Optional) In the Server to receive console commands field, enter
the name of the SUT.
11. Click Start Test.

Using Server.Load 62-29

Performance

SMTPHost

Web Idle Workload test


The Web Idle test models a Web browser user accessing the home page
on the SUT. The script contains a one-minute wait, so an average user
runs this script approximately 60 times an hour.
The measurements obtained by this test are:

Average response time at maximum capacity

Maximum number of Web Idle users supported

The resulting capacity metric for a Web Idle server is the maximum
number of users that can be supported before the average user response
time becomes unacceptable.
To read the code in the test script, see the appendix Server.Load
Scripts.

Running the Web Idle Workload test


1. Make sure that you already set up clients and servers for
Server.Load.
For information, see the topic Setting up clients and servers for
Server.Load earlier in this chapter.
2. On the SUT, make sure that the HTTP task is running.
3. On the Domino Administrator client, start Server.Load by running
SLOAD.EXE from the Program directory.
4. In the Test Type field, choose Built-In, and then choose Web Idle
Workload test from the list.
5. Click the Script Variables tab, and for the HTTPHost variable,
enter the TCP/IP address or host name of the Domino Web server.
6. Click the Test Parameters tab. If you are running the test on multiple
clients, increment the value of the Starting Thread No. parameter
when you run the test on each client.
7. Click Execute.
8. (Optional) Select metrics to monitor.
For more information, see the topic Monitoring Server.Load
metrics earlier in this chapter.
9. (Optional) In the Server to receive console commands field, enter
the name of the SUT.
10. Click Start Test.

62-30 Administering the Domino System, Volume 2

Web Mail test


The Web Mail Workload test models an active Web Mail user using a
browser to send, retrieve, and delete Notes mail. The script contains an
average of 15 minutes of waiting, so an average user runs this test no
more than four times an hour. For each iteration of the script, there is a
check and retrieval of POP3 mail messages. When sending messages,
each user sends a mail message to the number of users specified by the
NumMessageRecipients variable, no more than every 15 minutes. The
messages sent by each simulated user are delivered to the mail databases
of other simulated users on the SUT.
The measurements obtained by this test are:

Throughput of completed Notes operations

Average response time at maximum capacity

Maximum number of Web Mail users supported

The resulting capacity metric for a Web Mail server is the maximum
number of users that can be supported before the average user response
time becomes unacceptable.
To read the code in the test script, see the appendix Server.Load
Scripts.

Hardware considerations

Initial Disk
Requirement

In Domino 6, approximately 13MB on the SUT for each user


(mail database). In Domino 5, approximately 5.5MB.

Subsequent Disk Increase of 1MB an hour for the duration of the test. (This
figure is not dependent on the number of users.)
Requirement
Increase of 100KB an hour as impacted by the value of the
nthIteration setting in the NOTES.INI file
The growth rate of each database is a function of the ratio of
the number of users and recipients sending and receiving
mail.

Using Server.Load 62-31

Performance

The following hard disk requirements apply to the SUT and, during
some tests, to the destination systems that receive mail from the SUT:

Tips for running the Web Mail test


1. Use these server commands.
Command

Description

Show Tasks

Show either the Database Server task


(Notes clients) or HTTP task (Web users).

Show Stat Mail

Monitor message counters

Show Stat Domino.Requests.* Monitor message counters

2. If authentication errors occur on the Domino server console, verify


the password in the HTTP field of the respective users Person
document in the SUTs Domino Directory; edit the Domino Directory
if necessary.
3. From the SUT console, enter this command to display additional
routing information:
Set Config Log_MailRouting=40

4. Check that the database properties for the mail database:


Web access: Use JavaScript when generating pages Must be
checked.
Allow soft deletions Must not be checked.
5. In the Server document on the Internet Protocols - HTTP tab,
complete these fields:
Field

Action

Optimize performance based on Choose Advanced (Custom Settings) to


view and modify the number of HTTP
the following primary activity
threads.
Number Active Threads

Specify one active thread for every 10


Web Mail users.

6. Make sure that the administrator has Manager access to the Domino
Directory.
7. Authentication
By default, WebMail assumes user authentication is required.
For authenticated users, Anonymous must have No Access and
-Default- must have Manager access. Use the
WebAuthenticationOff=0 setting in the clients NOTES.INI file.
To run WebMail without authentication, Anonymous must have
Manager access in the ACL of all mail databases and the Domino
Directory. Use the WebAuthenticationOff=0 setting in the clients
NOTES.INI file.
62-32 Administering the Domino System, Volume 2

To run Web Mail with authentication, use the


WebAuthenticationOff=0 setting in the NOTES.INI file and run
the Update ACL of MailDBs to include Owner (mail1, mail2, ...)
agent on the SUT.

Running the Web Mail Initialization Workload


1. Make sure that you already set up clients and servers for
Server.Load.
For information, see the topic Setting up clients and servers for
Server.Load earlier in this chapter.
2. Run the Create NotesBench Mail Person Documents agent to create
the desired number of Person documents in the Domino Directory.
When prompted, set these variables:
Variable

Setting

Message storage format

2 (MIME)

Mail system

0 (SMTP/POP3)

3. On the Domino Administrator client, start Server.Load by running


SLOAD.EXE from the Program directory.
4. In the Test Type field, choose Built-In, and then choose Web Mail
Initialization Workload from the list.
5. Click the Script Variables tab, and enter these values:
Action

NBTestReset

Enter one to control how to handle existing


documents at the start of the test:
1 To delete existing documents
0 To ignore existing documents
Note The number of documents deleted is
dependent on the value set for the variable
MaxDocToDelete.

MailServer

Enter the canonical name of the mail server for


example, CN=MailServer1/O=Acme.

HTTPHost

Enter the TCP/IP address or host name of the


Domino Web server

nb_dbdir

Enter a database directory relative to the Notes


data directory. Recommended value is mail\.
continued

Using Server.Load 62-33

Performance

Variable

Variable

Action

MailTemplate

Enter the name of the mail file template.

NormalMessageSize

Enter the size of the body of the message.


Recommended value is 10000.

NumMailNotesPerUser Enter the number of documents to populate the


mail file when it is created. Recommended value
is 100.
Domain

Enter the name of the Notes mail domain.

6. Verify that the client and server experience no errors while creating
mail files. If a mail file has not been created, the test script creates the
mail file during the first test iteration, but this adds overhead on the
server back end. As a rule, CPU on the client and SUT should not
exceed 75%, and the percentage of Disk Time on the Domino Server
Data directory should not be a factor.
7. Click the Test Parameters tab. If you are running the test on multiple
clients, increment the value of the Starting Thread No. parameter
when you run the test on each client.
8. Set a Server.Load stop condition.
For more information, see the topic Setting a Server.Load stop
condition earlier in this chapter.
9. Click Execute.
10. (Optional) Select metrics to monitor.
For more information, see the topic Monitoring Server.Load
metrics earlier in this chapter.
11. (Optional) In the Server to receive console commands field, enter
the name of the SUT.
12. Click Start Test.
13. Verify that the correct number of test mail files were created in the
data directory. Each mail file is named MAILn.NSF, where n is a
number.
14. Complete the procedure Running the Web Mail test.

Running the Web Mail test


1. Make sure that you already completed the procedure Running the
Web Mail Initialization Workload.
2. Run the Create NotesBench Mail Person Documents agent to
create the desired number of Person documents in the Domino
Directory.

62-34 Administering the Domino System, Volume 2

3. On the Domino Administrator client, start Server.Load by running


SLOAD.EXE from the Program directory.
4. In the Test Type field, choose Built-In, and then choose Web Mail
Initialization Workload from the list.
5. Click the Script Variables tab, and enter these values:
Variable

Action

HTTPHost

Enter the TCP/IP address or host name of the


Domino Web server

nb_dbdir

Enter a database directory relative to the Notes data


directory. Recommended value is mail\.

WebPreferencesOff

Make sure this is set to Off. If its On, the script sets
the mail database to be its own owner.

6. Click the Test Parameters tab. If you are running the test on multiple
clients, increment the value of the Starting Thread No. parameter
when you run the test on each client.
7. (Optional) Click the Stop Conditions tab to set a stop condition.
For more information, see the topic Setting a Server.Load stop
condition earlier in this chapter.
8. Click Execute.
9. (Optional) Select metrics to monitor.

10. (Optional) In the Server to receive console commands field, enter


the name of the SUT.
11. Click Start Test.

Using Server.Load 62-35

Performance

For more information, see the topic Monitoring Server.Load


metrics earlier in this chapter.

Chapter 63
Troubleshooting
Even with careful server maintenance, you may occasionally encounter
unexpected system problems. This chapter provides a server
maintenance checklist, describes troubleshooting techniques, and offers
suggestions for solving common problems.
For information on performance-related issues, see the chapter
Improving Server Performance.

Troubleshooting the Domino system


Even with careful server maintenance, you may occasionally encounter
unexpected system problems.
Domino provides a collection of tools that you can use for general
troubleshooting. The Lotus Support Services team provides additional
troubleshooting assistance. These topics describe the available
troubleshooting tools and how to contact Lotus Support Services:

Table of troubleshooting tools

Searching the Lotus Support Services Web site


(www.lotus.com/support)

Contacting Lotus Support Services

There is detailed troubleshooting information for these areas of Domino:


Administration Process

Agent Manager and agents

Database performance

Directories

Mail routing

Meeting and resource scheduling

Modems and remote connections

Network connections over NRPC

Network dialup connections

Partitioned servers

Troubleshooting

63-1

Passthru connections

Platform statistics

Replication

Server access

Server-based certification authority

Server crashes

Server.Load

Transaction logging

Web Server, Web Navigator, and the Web Administrator

Troubleshooting tools
Domino provides several tools to help you troubleshoot problems. Most
of the tools are available through the Domino Administrator. The table
below summarizes the available tools and indicates how each is useful.
If you havent solved your problem after reading through the section that
applies to the problem, you may want to search the Lotus Support
Services Web site or call Lotus Support Services directly for help with
troubleshooting your problem.
Tool

Problems that the tool resolves How to access the tool

Server log file


(LOG.NSF)

All problems

From the Server - Analysis tab


in the Domino Administrator

Domino Web
Web server problems
server log file
(DOMLOG.NSF)

From the Server - Analysis tab


in the Domino Administrator

Servers
MAIL.BOX

Mail routing problems

From the Messaging - Mail tab


in the Domino Administrator

Mail trace

Mail routing problems

From the Messaging - Mail tab


in the Domino Administrator

ISpy

Slow mail; server problems Configured in the Monitoring


Configuration database on the
Configuration tab in the
Domino Administrator

Mail reports

Mail user activity

From the Messaging - Mail tab


in the Domino Administrator
continued

63-2 Administering the Domino System, Volume 2

Tool

Problems that the tool


resolves

How to access the tool

Mail tracking

Lost mail

From the Messaging - Tracking


Center tab in the Domino
Administrator

Mail routing status Undelivered mail

From the Messaging - Mail tab


in the Domino Administrator

Mail routing
topology maps

From the Messaging - Mail tab


in the Domino Administrator

Mail routing problems


between servers

Mail routing events Undelivered mail


view in the log file
(LOG.NSF)

From the Messaging - Mail tab


in the Domino Administrator

Shared Mail view


in the log file
(LOG.NSF)

Disk space usage

From the Messaging - Mail tab


in the Domino Administrator

Network trace

Connection problems

In User Preferences. Choose File


- Preferences - User Preferences

TCP/IP connection Connection problems


logging
Replication events
in the log file
(LOG.NSF)

Server console on a server with


the setting Log_Connections=1
added to its NOTES.INI file

Replication problems for From the Replication tab in the


a particular server
Domino Administrator

Replication history Replication problems


with a specific database

Under Database Properties.


Choose File - Database Properties; or choose File Replication - History

Replication problems for From the Replication tab in the


a particular server
Domino Administrator

Replication
topology maps

Replication problems
between servers

From the Replication tab in the


Domino Administrator

Monitoring
Configuration

Server statistics and


events you specifically
monitor

Configured from the


Configuration tab of the
Domino Administrator; view
statistics from the Server Analysis tab in the Domino
Administrator

Database analysis

Database problems

From the Files tab in the


Domino Administrator

Administration
Requests database

Administration Process
errors

From the Servers - Analysis tab


in the Domino Administrator

Server commands

Various

From the Servers - Status tab in


the Domino Administrator
Troubleshooting 63-3

Troubleshooting

Replication
schedule

Searching the Lotus Support Services Web site


(www.lotus.com/support)
You may want to search the Lotus Support Services Web site at
www.lotus.com/support for a solution to your problem. You can search
technical documents in Knowledge Base and the FTP site with one
natural language query or participate in peer-to-peer discussions. In
addition, you can make product suggestions and find information about
Lotus authorized support providers, support services, and support
phone numbers.

Contacting Lotus Support Services


If you dont find a solution to your problem here or at the Lotus Support
Services Web site, you may want to contact Lotus Support Services. You
can find information on how to contact Lotus Support Services at the
Lotus Support Services Web site, www.lotus.com/support.
When you call Lotus Support Services, you should have the following
available to you:
1. The computer on which the problem occurred.
2. Any other people who are involved in troubleshooting the problem
for example, server administrators, database managers, network
managers. You might want these people available when you speak
with a support representative.
3. Any pertinent information you gathered from troubleshooting the
problem yourself prior to contacting support.
4. If you have ScreenCam, the movie or event that documents the
problem.
5. If the problem involves the network, print out the PROTOCOL.INI,
CONFIG.SYS, and STARTUP.CMD files. Print out the network file
directory, so that you can compare network file dates.
6. In addition, depending on the problem, be prepared to provide some
of this information:
Required information

Your system

Domino version(s)
Operating system and version,
including any patches or fixpacks
Hardware, including the kind of
CPU(s) and modems installed, and the
amount of RAM and hard disk space
continued
63-4 Administering the Domino System, Volume 2

Required information

Your system

Network operating system(s) and


version(s), protocols, and network
driver version(s)
Network interface card(s)
Domino server names
File names, replica IDs, and ACLs for
all databases involved
Number of users who are affected by
the problem that is, one user,
several users, or all users
Number of servers that are affected by
the problem that is, one server,
several servers, or all servers
Changes to the configuration that
were made before the problem
occurred for example, network,
hardware, or NOTES.INI changes
Error message(s), including the exact
text of the message(s)

For problems that involve more than one server on a network:


Required information

Your system

Physical location of the servers for


example, in different cities or on
FIRST DOMINO SERVERs or WANs
Number of network segments
contributing to the problem that is,
are both machines in the same
network segment or in segments
separated by routers, bridges, or
switches

Troubleshooting

Number of Domino servers for


example, mail hops or replication
hubs that are between the servers
that are having a problem

Troubleshooting 63-5

Overview of server maintenance


As a Domino administrator, a major part of your job is maintaining each
server that you administer. You need to ensure that:

The server is backed up regularly.

Users can access the server quickly and consistently.

Mail is routed properly.

Administration Process requests are carried out.

Databases are replicating correctly.

Server hardware is functioning.

Databases are active and maintained (a task you share with the
manager of each database).

You can use a server maintenance checklist to schedule these tasks.

Server maintenance checklist


This table lists the server maintenance tasks that you should complete
daily, weekly, or monthly to ensure that a server runs efficiently.
Task

Frequency

Back up the server

Daily, weekly, monthly

Monitor mail routing

Daily

Run Fixup to fix any corrupted databases *

At server startup and as needed

Monitor shared mail database


(MAILOBJ.NSF)

Daily

Monitor Administration Requests database


(ADMIN4.NSF)

Weekly

Monitor databases that need maintenance

Weekly

Monitor replication

Daily

Monitor modem communications

Daily

Monitor memory

Monthly

Monitor disk space

Daily, weekly, monthly

Monitor server load

Monthly

Monitor server performance

Monthly
continued

63-6 Administering the Domino System, Volume 2

Task

Frequency

Monitor Web server requests

Monthly

Monitor server first domino servers

Daily

* If the database is in Domino 5 or later format and you are not using transaction
logging, you can use the Fixup task to repair the corrupted database.
If the database is in Domino 5 or later format and you are using transaction
logging, you cannot run the Fixup task on that database, because the Fixup task
interferes with the way transaction logging keeps track of databases. Instead,
you must restore the corrupted database from a backup. You can run the Fixup
task on databases that are in Domino 4.x and earlier format.

Backing up the Domino server


You have two choices for backup procedures. You can use the traditional
method of making backup copies of files, or you can use transaction
logging.
For information on transaction logging, see the chapter Transaction
Logging and Recovery.

Guidelines for backing up a Domino server


Back up all Domino server data files including databases, template files,
the NOTES.INI file, and ID files. Following your companys standardized
backup procedures, back up files directly to tape or to a file server and
then to tape. Never rely only on replication as your method of database
backup. A damaged or accidentally changed database may replicate, and
then your only recourse is to recover the database from a server backup
tape.
Follow these guidelines to back up a Domino server:

2. Copy the server ID file to a disk, and store the disk in a secure place.
3. Make a replica of the Domino Directory on a workstation and keep it
up-to-date by replicating the local replica with the server replica.
Then if the Domino Directory becomes corrupted, you can quickly
restore it by creating a new replica from the local workstation replica.
Even if you do this, continue to back up the Domino Directory to
tape. Never do this when transaction logging is used.

Troubleshooting 63-7

Troubleshooting

1. Domino requires that these files be open when it runs: LOG.NSF,


NAMES.NSF, MAIL.BOX and the server ID file. If your backup
utility cannot back up open files, you must shut down the server
before you create the backup file.

4. If your system uses a shared mail database, back up the shared mail
database(s) along with user mail files.

Administration Process Troubleshooting


These topics describe how to troubleshoot common problems with the
Administration Process.

Administration Process Problems and error messages describes


messages that appear in the Certification Log or at the server console.

How to troubleshoot the Administration Process provides steps for


troubleshooting the Administration process when it isnt running as
you expect.

You can also search for solutions to common problems on the Lotus
Support Services Web site at www.lotus.com/support.

Administration Process Problems and error messages


These errors may appear in the Certification Log or at the server console.
Some of these messages require that you correct a particular condition,
while others are only status messages.
Administration Process: retrying a request that could not be
performed previously because another process was modifying the
document.
This message indicates that in processing separate requests, two threads
of the Administration Process simultaneously attempted to modify a
document in the Domino Directory. As a result, the Administration
Process is retrying one of the requests. This is a status message; no action
is required.
Administration Process: Unable to access transfer context
information.
This message indicates that the Administration Process cant access
global information that is required to execute a specific task. Restart the
Administration Process, or, if necessary, restart the server.
Administration Process: Unable to create entry thread.
This message appears when the Administration Process cant create a
thread to use to run Administration Process tasks. Restart the
Administration Process, or, if necessary, restart the server.
Insufficient memory - Admins request queue pool is full.
This message indicates that there is currently inadequate memory for the
Administration Process. To correct this, restart the server.
63-8 Administering the Domino System, Volume 2

No Address book is present on this server; the Admin Process


cannot continue without one.
This message appears if you start the Administration Process on a server
that doesnt store a replica of the Domino Directory. Create a replica of
the Domino Directory on the server, and then start the Administration
Process again.
Removing viewname view notes in the Address Book.
This message appears when the Administration Process deletes obsolete
monitoring configuration documents from the Domino Directory. This is
a status message; no action is required.
Reporter: Could not locate view viewname.
This message appears when the Administration Process cant find
obsolete monitoring documents in the Domino Directory. This is a status
message; no action is required.
The Administration Process cannot delete the database
databasename at this time because it is in use by someone else; will
try again at time.
This message appears as the result of a Delete Unlinked Mail File
request. The message indicates that the Administration Process is
retrying a request to delete a mail that was initially unavailable because
someone was accessing it. This is a status message; no action is required.
The Administration Process could not change or delete the name
from the document because another process was modifying it.
This message indicates that, in processing separate delete or rename
requests, two threads of the Administration Process attempted to modify
the same document in a database. As a result, only one request was
processed, and the Administration Process is retrying the other. This is a
status message; no action is required.

Troubleshooting 63-9

Troubleshooting

The Administration Process does not have enough memory to


compute the formulas required for request processing.
This message indicates that there is currently inadequate memory for the
Administration Process. To correct this, restart the server.

The Administration Process is retrying a name change or deletion


from the document.
This message appears as the result of a rename or delete request. It
indicates that the Administration Process is retrying a request to rename
or delete a name from a document that was initially unavailable because
someone was accessing the document. This is a status message; no action
is required.
The certificate contained in the note was not issued by the selected
certifier.
This message appears if you choose Actions - Recertify Person or Actions
- Recertify Server but you dont select the original certifier. If you dont
specify the original certifier when you choose this action, you can submit
the request, but it isnt posted in the Administration Requests database.
To correct this, choose the action again, and select the original certifier.
The replica of the database moved by the Administration Process
has not been initialized by the replicator.
This message appears as the result of a Monitor Moved Replica request.
It indicates that the Administration Process is waiting for the replicator to
initialize the replica at its new location before it deletes the original. This
is a status message; no action is required.
The selected certifier isnt an ancestor of the entity to be updated.
This message appears if you attempt to choose Actions - Request Move to
new Certifier to move a person to a different hierarchy, but you dont
select the original certifier. If you dont specify the original certifier, you
can submit the request, but it isnt posted in the Administration Requests
database. To correct this, choose Request Move to New Certifier again,
and select the original certifier.
The selected certifier isnt the target certifier in the move request.
This message appears if you choose Actions - Complete move for
selected entries to attempt to complete moving user names to a different
hierarchy and the target certifier isnt the one you specified when you
originally chose Actions - Rename Person - Request Move to New
Certifier. If the target certifier you specified when completing the move is
wrong, select the user names in the Name Move Requests view of the
Administration Requests database, choose Actions - Complete move for
selected entries again, and specify the correct target certifier. If you
specified the wrong target certifier when you originally chose Actions Request Move to New Certifier, repeat the action again, and specify the
correct target certifier.

63-10 Administering the Domino System, Volume 2

How to troubleshoot the Administration Process


A variety of error conditions can prevent the Administration Process
from working properly. For example, errors can occur when there isnt
enough memory for the Administration Process; when you rename,
delete, or recertify a user; or when you move a user to a different
hierarchy. Use these steps to troubleshoot the Administration Process:
1. Start the Administration Process on a server that does not store a
replica of the Domino Directory.
2. Ensure that the Administration Process is set up correctly.
For more information, see the chapter Setting Up the
Administration Process.
3. If the Administration Process worked successfully in the past but
isnt working as expected now, try to isolate what might have
changed since it last worked successfully.
4. Check for these conditions and correct them if necessary:
a. The Administration Process (the AdminP task) must be running
on all servers. To check this, enter the Show Tasks command at
the server console. Enable AdminP on any servers where it isnt
already running.
b. An Administration Server must be specified for the Domino
Directory. The administration server for the Domino Directory is
designated as such during first server setup in the domain.
c. Make sure that you specific an administration server for all
databases. Each database must have an administration server
specified before a request can be made to the Administration
Process.
d. The Domino Directory (NAMES.NSF) and the Administration
Requests database (ADMIN4.NSF) must replicate properly
between the affected servers. These databases must replicate
correctly between the administration server of the Domino
Directory and the servers where the databases receiving the
updates reside.

f. The Certifier documents must have the correct public key; the
public key must match the key in each CERT.ID.
For more information about correcting errors in the Administration
Requests database, or for any other information regarding the
administration process, see the chapter Setting Up the
Administration Process.
Troubleshooting 63-11

Troubleshooting

e. Each request in the Administration Requests database should


have a corresponding response document that shows that the
Administration Process has completed the request. Correct any
errors indicated by a response document.

Agent Manager and agents Troubleshooting


These topics describe how to troubleshoot problems related to using
Agent Manager and running agents:

Tools for troubleshooting Agent Manager and agents describes tools


you can use to troubleshoot Agent Manager and agent.

Agent manager and agents Problems and error messages


describes problems that may occur when the Agent Manager or an
agent isnt working as you expect.

You can also search for solutions to common problems on the Lotus
Support Services Web site at www.lotus.com/support.

Tools for troubleshooting Agent Manager and agents


Whenever an agent wont run, check the Agent Log to see when the
agent last ran and whether it completed. For additional information,
check the server console or the Miscellaneous events in the log file
(LOG.NSF) for messages from the Agent Manager.
Server commands
Use these server commands to troubleshoot agents:
Tell amgr schedule
Tell amgr status
Tell amgr debug

For information on these commands, see the appendix Server


Commands.
Log file
To enable agent logging in the log file (LOG.NSF), edit the NOTES.INI
file to include the Log_AgentManager setting, which specifies whether or
not the start of agent execution is recorded in the log file and displayed
on the server console. Its important to monitor the server console or log
for information from the Agent Manager because error and warning
messages generated by the Agent Manager on behalf of the agent, as well
as output for example, print statements generated by a background
agent, appear on the console and in the Miscellaneous events view of the
log (LOG.NSF).
For more information on the Log_AgentManager setting, see the
appendix NOTES.INI File.

63-12 Administering the Domino System, Volume 2

The Agent Log


The Agent Log is a view in a database that shows the last time an agent
ran and describes if the agent completed or not.
1. In the database, choose View - Agents.
2. In the Design view that lists all the agents, choose the agent.
3. Choose Agent - Log.
For more information on the Agent Log, see the book Application
Development with Domino Designer.

Agent manager and agents Problems and error messages


These topics present suggestions for troubleshooting certain problems
you may encounter with the Agent Manager and/or agents:

Agent Manager isnt working as expected

An agent isnt running as expected

An agent doesnt run to completion

An agent isnt running at the expected times

The Escrow agent isnt working

Users cant create agents

Agent Manager isnt working as expected


The Agent Manager may work or may not work efficiently.
1. The Agent Manager may not be scheduled to run. If the Agent
Manager isnt running, check the Start time/End time fields on the
Server Tasks - Agent Manager tab in the Server document. Any time
not specified in these fields represents downtime. If necessary, adjust
the times in these settings.
2. The demand for the Agent Manager may be too high. If the Agent
Manager takes too long to run agents, reschedule agents to run at
night when system demand is usually low.

Note If you allocate more resources to the Agent Manager, fewer


will be available to run other server tasks.

Troubleshooting 63-13

Troubleshooting

If the server runs Domino 4.6 or earlier, you can increase the Max %
busy before delay field in the Server document. Domino 5 and
higher does not support this field.

An agent isnt running as expected


In addition to the possibility that there are errors in the agent code, an
agent may fail to run properly because the agent has insufficient access
or because the agent is not set to run on the given server.
1. Insufficient access in the database ACL can prevent an agent from
running properly. For example, a user may design an agent that
copies selected documents from database A to database B. If the user
and by extension, the agent doesnt have Author access in the
ACL of database B, the agent runs, but it is not allowed to copy the
documents. To determine if this problem exists, examine the Agent
Log for access errors after the agent runs unsuccessfully.
2. If an agent wont run on a particular server, check the Agent
Restrictions on the Security tab of the Server document. This section
contains the Run personal agents, Run restricted
LotusScript/Java agents, and Run unrestricted LotusScript/Java
agents fields that specify who has access to run agents on the server.
Although a user who has the appropriate access in the database ACL
may be able to create an agent on the server, without the appropriate
access in the Server document, the user cant run the agent.
You should also check the Server Access section on the Security tab
of the Server document. This section contains the Only allow server
access to users listed in this Directory, Access server, and Not
access server fields, which allow and deny access to the server.
Because an agent inherits the access privileges of the person who
creates it, the agent cant run on a server for which its creator does
not have access.
3. Scheduling conflicts may prevent an agent from running. In the
Server document, click the Server Tasks - Agent Manager tab and
check the Daytime Parameters Start time/End time and
Nighttime Parameters Start time/End time fields. Any time not
specified in these fields represents downtime; if a user creates a
scheduled agent and specifies that it run during the servers Agent
Manager downtime, the agent will not run. Compare these fields in
the Server document to the time the agent is scheduled to run. If a
conflict exists, change the Agent Manager schedule on the server, or
ask the user to reschedule the agent.
4. If a LotusScript or Java agent terminates before completing its tasks,
check the Max LotusScript/Java execution time fields in the Server
document. If a complex agent requires more time than is scheduled,
the Agent Manager terminates the agent before completion.
Ask the user to reschedule the agent to run at night, when the default
maximum execution time is longer; or increase the value of the Max
63-14 Administering the Domino System, Volume 2

LotusScript/Java execution time field in the Server document, as


needed. If neither of these solutions is practical, ask the user to
rewrite the agent as several smaller agents.
An agent doesnt run to completion
When an agent doesnt finish running, check the log file (LOG.NSF), the
server console, and the Agent Log for error messages.
1. If the agent runs to completion when you run it manually, but does
not run when it runs in the background, the agent code may contain
commands such as, LotusScript user-interface methods that
arent intended to run as background processes.
2. The Max LotusScript/Java execution time field in the Server
document specifies how much time a LotusScript/Java agent has to
complete execution. If the agent exceeds this maximum, the agent
doesnt finish, and the Agent Log records the termination. Review
the agent code to make sure it functions correctly for example,
make sure that the code doesnt run an infinite loop. If the code is
correct, consider increasing the execution time limits in the Server
document. However, be aware that increasing these settings may
impact system performance because the Agent Manager will run for
a longer time to accommodate this agent.
An agent isnt running at the expected times
If the agent is running, but not at or near the expected times, the server
may be busy with other tasks. To gather information about when the
agent last ran and if it completed successfully, check the agent log. Then
check for these conditions and correct them, if necessary.

2. The NOTES.INI settings may be incorrect. Check these Agent


Manager settings in the servers NOTES.INI file:
Amgr_DocUpdateAgentMinInterval
Amgr_DocUpdateEventDelay
Amgr_NewMailAgentMinInterval
Amgr_NewMailEventDelay
Troubleshooting 63-15

Troubleshooting

1. Scheduling conflicts may prevent an agent from running. In the


Server document, click the Server Tasks - Agent Manager tab, and
check the Daytime Parameters Start time/End time and
Nighttime Parameters Start time/End time fields. If the values in
these fields dont account for a portion of the day, the Agent
Manager will not run during that period. For example, if the daytime
parameters are 8 AM and 5 PM and the nighttime parameters are 8
PM and 8 AM, Agent Manager will not run any agents between 5
PM and 8 PM.

3. Edit the NOTES.INI file to include the Log_AgentManager setting


and set it to 1. You can also enable this setting in the Configuration
Settings document in the Domino Directory.
4. For servers running Domino 4.6 or earlier, the Max % busy before
delay setting may have been exceeded. The Max % busy before
delay setting on the Server Tasks - Agent Manager tab of the Server
document controls the maximum percent of time the Agent Manager
spends running agents. If the percentage of time is exceeded, a delay
occurs before Agent Manager runs the next agent. After the
percentage falls below the threshold, Agent Manager resumes
running agents.
For more information on NOTES.INI settings, see the appendix
NOTES.INI File.
The Escrow agent isnt working
The Escrow agent wont work if:

There is no Person document containing the phrase Escrow Agent in


the User name field.

More than one Person document contains the phrase Escrow Agent
in the User name field.

The Escrow agent attempts to send encrypted mail to a recipient


whose Person document doesnt contain a public key.

Users cant create agents


If a user cant create agents in a particular database, check the database
ACL to see if the user has the access level required to create agents in
that database. To create personal agents, a user must have at least Reader
access to the database in which the agent will be created. To create
shared agents, a user must have at least Designer access.

Database performance Troubleshooting


The following topics suggest solutions to common performance problems
associated with databases.
You can reduce database performance problems by using:

Domino 6 databases, which are faster than databases created with


earlier Domino releases

Transaction-based logging and recovery

Disk-tuning procedures, such as disk defragment and disk-space


reallocation

63-16 Administering the Domino System, Volume 2

Some of the recommended solutions involve changing the database


design. You should always test design changes on a template or a copy of
the database before applying them to the production copy.
For more information on transaction logging, see the chapter
Transaction Logging and Recovery.
The topics in this section include:

Users cannot access the database

Users experience a delay when accessing the database

Resolving conflicts when names are assigned to more than one access
level

Using Groups and Roles to determine what controls user access

Using Find Note to analyze a document reported in the log file

Users cannot access the database


Users may not be able to access databases for the following reasons:
The server storing the database is temporarily down
Check with the Domino administrator and tell users when the database is
expected to be available again.
Users dont have the appropriate access
Check the database access control list (ACL) to make sure users have the
necessary access to the database. Check with the Domino administrator
to ensure users have access to the Domino server that stores the database.
For more information on user access, see the chapter Controlling User
Access to Domino Databases. For more information on server access, see
the chapter Controlling Access to Domino Servers.

Use a Domino 6-compliant backup program so users can access


databases on a server that is being backed up. Users can make changes to
databases as a backup occurs because Domino provides a point-in-time
image of the database, beginning with the time the database backup
starts.

Troubleshooting 63-17

Troubleshooting

Server backup is occurring during work hours


Users may be unable to access a server that is being backed up during
work hours because a full backup may require significant disk I/O
capacity. Ask the Domino administrator to schedule backups to occur
overnight, if possible.

The server is continuously updating a full-text index


If a database is large and active, database performance can be slow if the
server updates a full-text index too frequently. Change the full-text index
update frequency if necessary.
For more information on update frequency, see the chapter Setting Up
and Managing Full-text Indexes.

Users experience a delay when accessing the database


Users may experience a delay when accessing databases for the following
reasons:
The database is heavily used
View the user activity to see if the database is heavily used. This option is
on the Information tab of the Database Properties box. Check the server
to see if its hardware and memory are powerful enough to support the
user activity for the database. If the server is not powerful enough, you
may need to upgrade hardware or memory on the server. You can also
create an additional replica of the database so all users are not always
using the same one. If disk contention is a problem, move the database to
a less heavily used disk. For more information on the Database
Properties box, see Lotus Notes 6 Help.
There are too many views
If the database contains many views, consider consolidating some of
them. You can consolidate views by creating alternative collations in the
same view, rather than using separate views. Or, you can purge or delete
view indexes. Database performance can suffer when a database contains
many views.
For information on managing view indexes, see the chapter Maintaining
Databases. For more information on improving view performance, see
the book Application Development with Domino Designer.
View indexes are being refreshed too frequently
If the database is heavily used or contains many documents, refresh view
indexes less frequently, if possible.
For information on views, see the book Application Development with
Domino Designer.
Unread mark processing may cause delays
Unread mark processing may cause delays after the database is opened.
It also creates disk contention, which slows down every operation on the
database. Delays occur as the unread marks in a database are updated

63-18 Administering the Domino System, Volume 2

while the database is opening. Disabling unread marks on the database


eliminates the delay.
For information on disabling unread marks, see the chapter Improving
Database Performance.
The database design is complex
A complex database design can cause performance problems. Work with
the designer to redesign or minimize performance problems.
For information on designing applications, see the book Application
Development with Domino Designer.
Database performance properties are not being used
If feasible, set database properties to improve database performance.
For information on setting database properties, see the chapter
Improving Database Performance.
The database cache needs adjustment
If you are a system administrator, monitor the database cache on the
server that stores the database to see if its working effectively. If
necessary, increase the number of the databases the cache can hold. The
NSF buffer pool size may also need to be increased.
For more information on managing the database cache, see the chapter
Improving Database Performance.

Resolving conflicts when names are assigned to more than one


access level
Its possible to assign users or servers more than one level of access to a
database. The following table describes access level conflicts and
resolutions.
Resolution

A name is listed in an ACL


individually and as a
member of a group

The access level assigned to the individual name


takes precedence over the access level for the
group, even if the individual access level is
lower than the group level.

A name is included in two or The name receives the access of the group with
more groups
the highest access.
A name appears in an ACL
and in access lists associated
with forms, views, or
sections

The ACL controls database access; design


element access lists refine this access to a lower
level. For example, if a user has Author access to
a database but is not listed in the access list for a
form in the database, the user cannot use the
form to create a document.
Troubleshooting 63-19

Troubleshooting

Access level conflict

For more information on creating access lists that refine access to specific
design elements, see the book Application Development with Domino
Designer.

Using Groups and Roles to determine what controls user access


You can use the Groups and Roles dialog box to troubleshoot database
access problems. However, use this feature only on databases that have
the option Enforce a consistent Access Control List across all replicas of
this database selected. Otherwise, Notes does not display information in
the Groups and Roles dialog box.
For example, if a group from the database ACL that you think has a
users name does not appear in the Groups and Roles dialog box, then
this indicates that:

The user name is missing from the group or spelled incorrectly

A role that you thought was assigned to a user is not assigned

For more information on Groups and Roles, user access, and the Enforce
a consistent ACL option, see the chapter Controlling User Access to
Domino Databases.

Using Find Note to analyze a document reported in the log file


You can use the Find Note dialog box in the Domino Administrator to
analyze a document reported in the log file. If the log file reports a
problem with a document, you can display the properties for the
document to help you to troubleshoot the problem. The document can be
in a single database or in a database replica. For example, you can use
Find Note to review the document properties for a document that cannot
replicate.
1. Copy the hexadecimal Note ID (for example, NT201B2) of the
reported document from the log file to the Clipboard. Or write down
the Note ID. You may also troubleshoot using the UNID, the
universal Note ID, a unique identifier used to locate the same
document across database replicas.
2. In the Server list, select the server that stores the database containing
the reported document.
3. Use the Files tab to select the database that stores the reported
document.
4. Choose Tools - Database - Find Note.
5. Select one:
by Note ID
by Universal Note ID (UNID)
63-20 Administering the Domino System, Volume 2

6. Paste or enter the Note ID or UNID from Step 1 into the ID field.
7. Click Find.
8. View the document details and properties in the Fields and
Properties fields.

Directories Troubleshooting
These topics describe how to troubleshoot problems related to:

Directory assistance

Directory catalogs

LDAP service

Extended ACL

You can also search for solutions to common problems on the Lotus
Support Services Web site at www.lotus.com/support.

Directory assistance Troubleshooting


These topics describe problems you may encounter with directory
assistance.

Internet user authentication using a secondary Domino Directory or


Extended Directory Catalog fails.

Internet user authentication using an LDAP directory fails.

Database authorization using groups in a secondary directory fails.

Searches in a secondary Domino Directory configured in directory


assistance fail.

Directory assistance could not access Public Address Book on


Server x, error is Server Not Responding.

Internet user authentication using a secondary Domino Directory or


Extended Directory Catalog fails
To authenticate Internet users registered in a secondary Domino
Directory, make sure you complete these steps:
1. Select Notes as the Domain Type in the Directory Assistance
document.

Troubleshooting 63-21

Troubleshooting

Tip To record at the server console detailed information about specific


Web user authentication sessions to help troubleshoot Web user
authentication problems, use the NOTES.INI setting
WebAuth_Verbose_Trace.

2. Set Trusted for credentials to Yes for at least one naming rule in
the Directory Assistance document. The rule or rules should
correspond to the names of the Internet users you want to
authenticate.
3. Enter the secondary directorys Domino domain in the Domain
Name field. Do not enter: the name of a condensed Directory
Catalog, the name of the servers primary domain, or a domain name
that is used in another Directory Assistance document. If you created
the secondary directory manually and its not associated with a
Domino domain, make up a unique domain name.
4. If you use name-and-password authentication, and you choose the
authentication option Fewer name variations with higher security,
make sure users provide either their hierarchical names or common
names for authentication rather than first names, last names, or short
names only.
For more information on this server authentication option, see the
chapter Setting Up Name-and-Password and Anonymous Access to
Domino Servers.
If you include groups of users in database ACLs on the server that
authenticates, store those groups in the servers primary Domino
Directory and/or in one directory enabled for Group authorization in
the directory assistance database.
Internet user authentication using an LDAP directory fails
To authenticate Internet users registered in a remote LDAP directory,
make sure you complete these steps:
1. Select LDAP as the Domain Type in the Directory Assistance
document.
2. Specify a Domain Name that is not the Domino domain of the
servers that use directory assistance and that is not used in another
Directory Assistance document.
3. (Recommended) Enter 1 as the search order.
4. Set Trusted for credentials to Yes for at least one naming rule in
the Directory Assistance document that corresponds to the names of
the users to authenticate.
5. If the remote LDAP server requires a base DN, enter it in the field,
Base DN for search.
6. Select Notes clients/Internet Authentication/Authorization in the
Make this domain available to field.
7. If you enabled Channel encryption, make sure youve configured
SSL properly.
63-22 Administering the Domino System, Volume 2

8. If the LDAP directory server doesnt allow anonymous connections,


make sure youve entered a user name and password in the
Optional Authentication Credential section of the Directory
Assistance document.
9. If the server authentication option More name variations with lower
security is selected, make sure the server has access to the LDAP
directory attributes cn, uid, sn, givenName, and objectClass.
If the server authentication option, Fewer name variations with
higher security is selected, make sure the Web server has access to
the LDAP directory attributes cn, uid, and objectClass.
For more information on the server authentication options, see the
chapter Setting Up Name-and-Password and Anonymous Access to
Domino Servers.
Database authorization using groups in a secondary directory fails
To search a secondary directory Domino or LDAP for the members
of groups listed in database ACLs, make sure you complete these steps:
1. Specify a Domain Name that is not the Domino domain of the
servers that use directory assistance and that is not used in another
Directory Assistance document.
2. Set the Group Authorization field to Yes; enable this option in
only one Directory Assistance document.
3. Set Trusted for credentials to yes for at least one naming rule that
represents the names within the groups to search.
4. If the directory is a Microsoft Active Directory, choose Active
Directory in the Type of search filter to use field of the Directory
Assistance document.

For example, if the name of the LDAP directory group is


cn=managers,ou=groups,o=acme, in the database ACL enter
cn=managers/ou=groups/o=acme. If the name of the group is
cn=managers, in the database ACL enter managers.
6. Select Notes clients/Internet Authentication/Authorization in the
Make this domain available to field.
7. If the directory is a remote LDAP directory and youve enabled
Channel encryption, make sure youve configured SSL correctly.
Troubleshooting 63-23

Troubleshooting

5. If the directory is a remote LDAP directory, when you add the name
of a hierarchical group from an LDAP directory to a Notes database
ACL, use the LDAP format for the name, but use forward slashes as
delimiters (/) rather than commas (,). If the name of the LDAP
directory group is not hierarchical, in a Notes database ACL enter
the value for the group name without the associated LDAP attribute.

8. If the directory is on a remote LDAP directory server that doesnt


allow anonymous connections, make sure youve entered a user
name and password in the Optional Authentication Credential
section of the Directory Assistance document.
9. If the members of groups on a remote LDAP directory server change,
stop and restart the Domino server that connects to the LDAP server.
This ensures that the Domino server flushes its group cache and
retrieves the most up-to-date group information.
Searches in a secondary Domino Directory configured in directory
assistance fail
Make sure the domain specified in the Domain Name field of the
Directory Assistance document for the secondary directory is different
from the primary Domino Directory and any other directories configured
in directory assistance. If the Domain Name specified for the secondary
Domino Directory is not unique, searches of the secondary directory fail,
and you see the message User xxx not found in any Name and Address
Book.
If the secondary directory is not associated with a Domino domain, be
sure to enter a unique Domain Name that is different from the primary
domain of the servers that store the secondary directory.
Dont enter the name of a condensed Directory Catalog in a Directory
Assistance document.
Directory assistance could not access Public Address Book on
Server x, error is Server Not Responding
When you restart a server that uses directory assistance, the server
attempts to access replicas of secondary Domino directories that database
links in directory assistance point to so that it can load information about
the replicas into memory. If the server cant locate the replicas, this server
console message appears. To avoid this problem, in directory assistance
documents, enter server names and file names for replicas, rather than
paste database links to the replicas.
This message may also appear when a server that uses directory
assistance attempts to look up a name in a secondary Domino Directory
that is on an unavailable server. As a failover mechanism, you can
specify more than one replica of a secondary directory for directory
assistance to use.

63-24 Administering the Domino System, Volume 2

Directory catalogs Troubleshooting


These topics describe problems you may encounter with directory
catalogs:

Names are missing from the directory catalog.

Users cant use type-ahead addressing to look up names in a


condensed Directory Catalog.

Domino isnt searching a directory catalog on a server.

Internet user name-and-password authentication using a condensed


Directory Catalog fails.

LDAP searches of a condensed Directory Catalog arent working.

A directory catalog is not full-text indexed or the full-text index is


corrupted.

The User Setup Profile doesnt push Mobile Directory Catalogs to


users.

The Router is finding the same name in multiple directories even


though Exhaustive lookup is disabled.

Users cant do full-text searches of a condensed Directory Catalog.

Names are missing from the directory catalog


If names appear to be missing from the directory catalog, take these steps
to troubleshoot the problem.
Verify that the Dircat task is building the directories as intended
1. Open the directory catalog on the server that aggregates it.
2. Select the Configuration Settings document, and then choose File Document Properties.
3. Click the Fields tab the second tab in the properties box.

Troubleshooting 63-25

Troubleshooting

4. Select the Directories field and look in the box on the right. Verify
that the Dircat task can access all the directories specified in the box.
Typically, this means making sure that the server that aggregates the
directory catalog also stores replicas of all the aggregated directories
locally.

5. Select the Since field and look in the box on the right to see the date
and time the Dircat task last ran on all of the directories specified in
the Directories field. If either of the following is true, run the Dircat
task again:
If there are fewer time/date stamps than directories for
example, if there are four directories in the Directories field but
only two time/date stamps when the Dircat task last ran, it
attempted to rebuild the source directory catalog but didnt
complete the task.
If the time/date stamps are older than expected, the Dircat task
may not have run to completion when it last did an incremental
update of the source directory catalog.
If the Remove duplicate users option is enabled, see if someone
has deleted a duplicate entry from one of the full Domino directories
If the Remove duplicate users option is enabled, the Dircat task doesnt
add into the directory catalog all entries associated with an identical
hierarchical name. Instead, the task adds an entry from the first directory
in which it encounters the name. Dircat searches directories in the order
that theyre specified in the Directories to include configuration field.
If someone removes a duplicate entry from the full Domino Directory
that has already been the entry used in the directory catalog, that name is
removed from the catalog. For example, if the Acme East and the Acme
West directories both contain an entry with the name, Phyllis
Spera/Acme, if Remove duplicate users is enabled, and if Acme East is
listed first in the Directories to include field, when Dircat runs, it
includes only the entry from Acme East. If someone then removes Phyllis
Spera/Acme from Acme East, the name is removed from the directory
catalog the next time Dircat runs.
To correct the problem, make a minor change to the remaining entry
in the above example, the entry in Acme West. This change causes Dircat
to add the entry to the directory catalog the next time it runs. You can
also correct the problem by clicking the Clear History button in the
directory catalog Configuration document, although this approach
rebuilds the entire directory catalog.
Verify that the User Name fields have values
If theres no value in the User Name (FullName) field in a Person
document, the Dircat task wont build the entry in the directory catalog.
Notes registration adds values to User Name fields automatically, but if
you created Person entries without using the Notes registration program,
check that the entries have values in this field.

63-26 Administering the Domino System, Volume 2

Use Log_Dircat=1
If the above steps dont solve the problem, add the NOTES.INI setting
Log_Dircat=1, which logs information about the Dircat task in the log file
(LOG.NSF). Use the logged information to help troubleshoot the
problem.
For more information on the log file, see the chapter Using Log Files.
For more information on the NOTES.INI file, see the appendix
NOTES.INI File.
Users cant use type-ahead addressing to look up names in a
condensed Directory Catalog
Type-ahead addressing looks up a name in a condensed Directory
Catalog only if the order in which the user types the name corresponds to
the Sort by format configured for the directory catalog. For example, if
the configured Sort by format is Distinguished name, type-ahead
looks up the name in a directory catalog only when a user types the first
name before the last name. Or, if the Sort by format is set to Last
name, type-ahead looks up the name in a directory catalog only when a
user types the last name before the first name.
Domino isnt searching a directory catalog on a server
To search an Extended Directory Catalog that is not integrated into its
primary Domino Directory, a server must be set up to use a directory
assistance database that contains a Directory Assistance document for the
directory catalog.
To search a condensed Directory Catalog, a server must store a local
replica of the directory catalog. In addition, you must specify the file
name for this replica in either the Directory Profile or in the Basics
section of the Server document in the servers primary Domino
Directory.
For more information on directory catalogs, see the chapter Setting Up
Directory Catalogs.

Note These steps do not apply to authentication using an Extended


Directory Catalog.

Troubleshooting 63-27

Troubleshooting

Internet user name-and-password authentication using a


condensed Directory Catalog fails
If youre having difficulty setting up a server to use a condensed
Directory Catalog to look up names and passwords to authenticate
Internet users, take these steps to troubleshoot the problem.

1. Test that authentication using directory assistance alone is working.


Temporarily disable the directory catalog. Remove the directory
catalog file name from the servers primary Domino Directory.
Remove the directory catalog file name from the Directory Profile
and from the Basics tab of the Server document; the file name is
probably stored in only one of these locations but if it is in both
locations, remove the name from both.
Restart the appropriate Internet protocol server task. For example,
for a Web server, restart the HTTP task.
Verify that the server can authenticate to each secondary Domino
Directory configured in the directory assistance database that you
want to use for authentication. If authentication fails, go to step 2.
If authentication is successful, go to step 3.
2. If you are trusting all the aggregated directories for authentication,
make sure youve selected the option on the Basics tab of the Server
document: Trust the server based condensed directory catalog for
authentication with internet protocols.
If you are trusting for authentication only some of the aggregated
directories, make sure youve created a Directory Assistance
document for each of the directories to trust in which the users to
authenticate are registered. In each Directory Assistance document,
verify that youve done the following:
Set Trusted for credentials to Yes for at least one naming rule in
the Directory Assistance document. The rule or rules should
correspond to the names of the Web users you want to
authenticate.
Enter the secondary directorys Notes domain in the Domain
Name field. Do not enter: the name of the directory catalog, the
name of the servers primary domain, or a domain name that is
used in another Directory Assistance document. If you created the
secondary directory manually and its not associated with a Notes
domain, make up a unique domain name.
In the Replicas tab of the Directory Assistance document, make
sure one of the replicas specified is the same replica of the
secondary directory specified in the Directories to include field
in the directory catalog Configuration document.
Do not specify a replica of the directory catalog.

63-28 Administering the Domino System, Volume 2

3. In the Directories to include field of the directory catalog


Configuration document, specify a replica of each secondary Domino
Directory that contains the users you want to authenticate. Do not
include the name of an LDAP directory in the Directories to
include field.
4. In the Additional fields to include field of the directory catalog
Configuration document, add the HTTPpassword field.
5. Run the Dircat task to build the directory catalog.
6. If the server on which you ran the Dircat task is not the server doing
the authentication, make sure youve created a replica of the
populated directory catalog on the server, added the directory
catalog file name to either the Directory Profile or the Basics tab of
the Server document, and then restarted the server.
7. If you use name-and-password authentication, and you choose the
server authentication option Fewer name variations with higher
security, make sure users provide either their hierarchical names or
common names for authentication rather than first names, last
names, or short names only.
For more information on the server authentication option, see the
chapter Setting Up Name-and-Password and Anonymous Access to
Domino Servers.
8. If you include groups of users in database ACLs on the server, store
those groups in the servers primary Domino Directory and/or in
one directory configured in the directory assistance database that is
enabled for group authorization.

A condensed Directory Catalog is not full-text indexed or the


full-text index is corrupted
When you first create a condensed Directory Catalog, you must
manually create a full-text index for it; you are prompted to create the
index when you create the database. When you replicate the directory
catalog however, Domino automatically creates the full-text index on the
replica. If you create a copy rather than a replica, you must manually
create the full-text index on the copy.
Troubleshooting 63-29

Troubleshooting

LDAP searches of a condensed Directory Catalog arent working


If the LDAP service isnt searching a local condensed Directory Catalog
as expected, make sure the directory catalog has a functioning, full-text
index. The LDAP service always use the directory catalog full-text index
to process searches. The LDAP service can return the error LDAP error
DSA is unwilling to perform (0x35) when attempting to search a
directory catalog that is not full text indexed. If necessary, delete and
then re-create the full-text index.

The full-text index can become corrupted if there is not enough disk
space to build the index or if you shut down the Notes or Domino
Administrator client before the index is entirely built. To correct the
problem, delete and then recreate the full-text index.
User Setup Profile doesnt push Mobile Directory Catalogs to users
To use a User Setup Profile to set up mobile directory catalogs on Notes
clients, you must paste a database link of a replica of the directory
catalog in the Mobile directory catalogs field of the User Setup Profile.
The Notes clients dont receive a replica of the mobile directory catalog
until the User Setup Profile replicates to the users mail servers and the
users authenticate with the mail servers.
Router is finding the same name in multiple directories even though
the Exhaustive lookup setting is disabled
By default, the Router configuration option Exhaustive lookup
available on the Router/SMTP - Basics tab of a Configuration Settings
document is disabled. If you keep this default setting, once the Router
finds a name, it doesnt continue its search to other secondary Domino
directories. Disabling exhaustive lookups is a way to improve Router
performance .
By design, disabling Exhaustive lookup does not apply to a directory
catalog. The Router always searches the primary Domino Directory and
the entire server directory catalog, even if the exhaustive lookup setting
is disabled. This is intended behavior since the Router can use the
directory catalog to, in effect, quickly search multiple secondary
directories rather than having to take the performance hit of searching
these directories individually. These exhaustive lookups allow the Router
to ensure there are no duplicate recipient names that might prevent the
message from getting to the right person.
The Router returns a delivery failure when it finds a name associated
with more than one directory entry and the entries do not have the same
Mail server, Mail file, or Domains specified. To avoid such delivery
failures when duplicate entries actually represent the same person (for
example, when someones name and directory location within the
organization have changed but you want to allow people to address mail
using the original name), make the entries in the Mail server, Mail file,
and Domain fields identical for each entry.
Users cant do full-text searches of a condensed Directory Catalog
A condensed Directory Catalog doesnt support direct full-text searches
by users, only indirect full-text searches via LDAP, mail addressing, and
so on.

63-30 Administering the Domino System, Volume 2

LDAP service Troubleshooting


These topics describe problems you may encounter with the LDAP
service:

Name and password authentication fails for LDAP clients connecting


to the LDAP service

LDAP searches are slow

Anonymous LDAP users cant search certain fields

LDAP Server: Initialization failure: The full text index needs to be


rebuilt

LDAP searches dont return a cn attribute

LDAP error Insufficient Access returned on an LDAP Add


operation

LDAP clients cant connect to the server over SSL when the server
uses a self-signed Domino server certificate

LDAP Schema: Failed exporting error

Name and password authentication fails for LDAP clients


connecting to the LDAP service
To authenticate using name-and-password security some LDAP clients,
for example Netscape Mail, Microsoft Internet Explorer, and Notes
clients with LDAP accounts, first do an anonymous search to retrieve the
distinguished names used for the authentication, so that users dont have
to specify the distinguished names themselves. To enable such clients to
authenticate using names and passwords, you must enable anonymous
access, as well as name and password authentication, for the LDAP
service port the clients use to connect. You must also allow anonymous
read access to the attribute(s) the clients use to search the directory
anonymously to retrieve the distinguished names. Attributes typically
searched for are cn, uid, sn, givenname, or mail.
For information on anonymous access and the LDAP service, see the
chapter Setting Up the LDAP Service.

Troubleshooting
Troubleshooting 63-31

LDAP searches are slow


If LDAP searches are slow, do the following on the replica of the primary
Domino Directory. If you extend LDAP searches to secondary Domino
Directories, also do the following on each replica of the secondary
directory.
1. Create a full-text index for the directory.
2. If youve created a full-text index for the directory and performance
is still slow, consider editing the value of these LDAP configuration
fields:
Maximum number of entries returned limits the number of
entries that the LDAP server can return. By default there is no
limit, but you might set a limit of 100 entries, for example.
Timeout limits the amount of time that LDAP searches can take.
By default, there is no limit, but you might set a limit of 60
seconds, for example.
Minimum characters for wildcard search increases the number
of characters that users must enter before the first wildcard in a
substring search filter. The default is 1. Dont specify 0 unless the
directory is very small; specifying 0 can result in slow searches.
For more information on improving LDAP service performance, see the
chapter Setting Up the LDAP Service.
Anonymous LDAP users cant search certain fields
Make sure youve enabled the fields for anonymous access, using the
domain Configuration Settings document or the database ACL/extended
ACL. Keep in mind that you configure fields for anonymous access
separately for the LDAP services primary Domino Directory and for
each secondary Domino directory the LDAP service serves.
For more information on anonymous LDAP search access, see the
chapter Setting Up the LDAP Service.
LDAP Server: Initialization failure: The full text index needs to be
rebuilt
If the LDAP service setting Automatically Full Text Index Domino
Directory is set to Yes in a domain Configuration Settings document,
this message can appear on a server running the LDAP service if the

63-32 Administering the Domino System, Volume 2

full-text index for the primary Domino Directory is corrupted and


requires rebuilding. The LDAP service shuts down after displaying the
message. To correct the problem:
1. Use the Exit or Quit command to shut down the Domino server.
2. At the operating system prompt, issue one of the following
commands from the Domino program directory to run the updall
task and rebuild the directory full-text index:
On Windows NT type: nupdall directory.nsf -X
On UNIX type: updall directory.nsf -X
where directory.nsf is the file name of the primary Domino Directory.
3. Restart the server.
LDAP searches dont return a cn attribute
If you add a Person document to the Domino Directory without using
Notes registration, and you enter a hierarchical name in the FullName
(User name) field, the leftmost part of the distinguished name does not
automatically become the cn (common name) attribute value. You must
add the common name as a second value in the FullName field to define
a cn attribute for the entry.
Person documents created through Notes registration automatically have
a second value added to the FullName field to define the cn attribute.
LDAP error Insufficient Access returned on an LDAP Add
operation
If you see this error in response to an LDAP Add operation, do the
following:
1. Verify that the option Allow LDAP users write is set to Yes in
the LDAP section of the Configuration Settings document for that
Domino Directory.

3. If the LDAP user has Author access in the ACL, verify that the LDAP
user has the proper Creator Role ([UserCreator], [GroupCreator],
[ServerCreator] for the type of entry being added.
4. Verify that Form Properties are correctly set to allow the LDAP user
to create documents with the form used to add the entry.

Troubleshooting 63-33

Troubleshooting

2. Verify that the LDAP user has the necessary access in the Domino
Directory database ACL and extended ACL, if an extended ACL is
used.

LDAP clients cant connect to the LDAP service over SSL when the
server uses a self-signed Domino server certificate
If the server that runs the LDAP service uses a self-signed Domino
certificate, non-Notes LDAP clients can only perform LDAP searches
over SSL if they first connect to the Domino server over SSL using a
different protocol (for example HTTPS or IMAP). The client software
then presents a warning dialog stating that the servers self-signed
certificate is not issued by a trusted Certificate Authority and gives the
users the option to accept the certificate. The users must accept the
certificate before they can perform LDAP searches over SSL.
LDAP Schema: Failed exporting error
If you use the tell ldap exportschema command when the Domino
LDAP Schema database (SCHEMA50.NSF) is open, schema exporting
fails and the LDAP service returns this error. Close the database before
using this command.

Extended ACL Troubleshooting


These topics describes situations you may encounter when using
extended ACLs:

The access specified for subject is different than the subjects actual
access.

The Target box doesnt show documents.

I cant change a subjects access to a target.

Notes and Web users are getting unexpected results when accessing
the directory

Extended access controls are enabled in this domain. You must


modify the Domino Directory on a version 6 or later Domino server.

The access specified for subject is different than the subjects


actual access
The access you see set for a subject at an extended ACL target may not
reflect the actual, effective access the subject has. For example, there may
be access set for another subject that takes precedence. Or the database
ACL may not actually allow the access that has been set for the subject in
the extended ACL. Click Effective Access in the Extended access at
target dialog box to find out more about what is controlling a particular
users access to an extended ACL target.

63-34 Administering the Domino System, Volume 2

The Target box doesnt show documents


The Target box in the Extended Access at: target dialog box shows
documents below the target categories only if Show only containers is
not selected. Using categories as targets rather than individual
documents is recommended.
Documents show under a target category only if there names are defined
through a FullName, ListName, or ServerName field. Access set at the /
(root) controls access to documents that dont use FullName, ListName,
or ServerName fields.
I cant change a subjects access to a target
To modify a subjects privileges to a selected target, you must have
Manager access in the directory database ACL, or Editor access and the
Administer privilege to the selected target. If you do not have the
required access, a subjects privileges are grayed out.
In addition, if Show All is selected next to People, Servers, Groups in
the Extended access at: target dialog box, the list of subjects includes
those whose privileges to the selected target are inherited from a higher
target with the scope This container and all descendants selected.
When you select such a subject, the subjects privileges are grayed out. In
this case you can change the subjects privileges at the higher target and
have the current target inherit the changes. Or you can add the subject to
the current target with new privileges that override the inherited
privileges at the current target.

Notes and Web users are getting unexpected results when


accessing the directory
If you are controlling the access of Notes and Web users, be aware of the
following issues. These issues do not apply to access through other
means, such as access through LDAP operations or through the Notes
applications, except where indicated.
If you deny a Notes or Web user access to a field in a document,
when the user opens the document, the document does not show the
field and the text (TRUNCATED) shows in the tab of the document.
In addition, the user is unable to edit the document, even if the user
has write access to the fields in it.

If you deny a Notes or Web user access to a field in a document that


a view uses to sort the document, the name of the document is blank
in the view. The user can still select the document to open it.

To delete a document, a Notes or Web user must be able to see the


document in a view. To see a document requires Browse access to the
document.
Troubleshooting 63-35

Troubleshooting

To create a document, a Notes or Web user or a Notes application


must have Create access to the document as well as Write access to
the fields to which the user/application will add values.

Extended access controls are enabled in this domain. You must


modify the Domino Directory on a version 6 or later Domino server.
This message indicates that you have attempted to modify a Domino
Directory or Extended Directory on a server running a previous release
and the directory has the Extended Access feature enabled. When
Extended Access is enabled, changes to a replica of the directory on a
server running a previous release cannot replicate to a Lotus Domino 6
server, and so you should make the changes to a replica on a Lotus
Domino 6 server instead.

Mail routing Troubleshooting


A variety of error conditions can prevent Domino from properly sending
and delivering mail. These topics describe solutions to common mail
routing problems and provide detailed information on troubleshooting
general mail routing problems:

Tools for troubleshooting mail routing

How to troubleshoot mail routing provides steps for troubleshooting


when mail routing isnt occurring as you expect.

Mail routing Problems and error messages describes problems


and errors that users may experience when they try to send mail.

You can also search for solutions to common problems on the Lotus
Support Services Web site at www.lotus.com/support.

Tools for troubleshooting mail routing


Delivery Failure Reports
Users should always try to resend a memo for which they receive a
Delivery Failure Report. To help users troubleshoot delivery failure, ask
them to use Steps 1 - 3 below to send you a copy of their mail database.
Sending you a copy of their mail database preserves the field properties
of the reports, which you analyze as a means of troubleshooting.
1. The user creates a new mail database on the workstation. From the
menu, choose File - Database - New. Be sure to use the current
(MAIL6.NTF) mail template.
2. The user copies a Delivery Failure Report from the original mail file
and pastes it into the new database.
63-36 Administering the Domino System, Volume 2

3. The user attaches the new mail database to a mail message and sends
it to you.
4. You open the mail database attached to the mail message and select a
Delivery Failure Report.
The Delivery Failure Report identifies the reason the delivery failed
and the routing path over which the message was sent. Use this
information to further investigate the problem.
Mail trace
To troubleshoot mail routing or test mail connections, trace a mail
delivery to test whether a message can be successfully delivered without
actually sending a test message.
1. From the Domino Administrator, click the Messaging - Mail tab.
2. If necessary, click Tools to display the tool bar.
3. From the tool bar, click Messaging - Send Mail Trace.
4. Complete these fields, and then click Send:
Field

Enter

To

The mail address of a particular user

Subject

The subject of the trace

Send delivery Choose one:


report from Each router on path to receive a delivery report from each
router on the path
Last router only to receive a delivery report from the last
router only

Mail routing topology maps


Mail routing topology maps are useful to track mail routing problems
between servers.
1. From the Domino Administrator, click the Messaging - Mail tab.
2. Choose one:
Mail routing topology by named networks
Undelivered mail
From the Domino Administrator, click the Messaging - Mail tab, then
select Mail routing status. You can also check for undelivered mail in the
mail routing events view in the log file (LOG.NSF).

Troubleshooting 63-37

Troubleshooting

Mail routing topology by connections

Mail routing event generators


Using a mail routing event generator, you can test and gather statistics
on mail routes.
For more information on probes, see the chapter Monitoring the
Domino Server.

Mail routing Problems and error messages


These topics describe common problems and errors related to sending
and/or receiving mail:

User cant receive any mail, including mail sent by users whose mail
files are on the same server

File is in use by another process

NAMES.NSF does not contain a required view

No route found to Domain x from Server y

Router: Possibly no DOMAIN set...

Server Error: File Does Not Exist

User name is not unique

User not listed in the Public Address Book

Users unexpectedly required to include @domainname after each


address

User cant receive any mail, including mail sent by users whose mail
files are on the same server
If a user cant receive any mail, including mail sent by other users whose
mail files are on the same mail server, check the Mail Routing Events
view of the workstations log file for deliveries. Also, check the
MAIL.BOX file on the users workstation to see if mail is being trapped
there. Modify the Log_MailRouting setting in the NOTES.INI file to log
more detailed mail routing information on the console and in the log file.
File is in use by another process
If the recipients mail file or the MAIL.BOX file on the sending or
receiving server is being backed up, Domino generates the message File
is in use by another process. Wait for the backup to complete, and then
resend the message.
NAMES.NSF does not contain a required view appears when
sending mail to users on the same mail server
If all users on the same mail server cant send or receive mail and they
receive the message NAMES.NSF does not contain a required view,
you need to update the design of the Domino Directory. Choose File 63-38 Administering the Domino System, Volume 2

Database - Replace design. When you customize the design of the


Domino Directory, the design must be uniform across all replicas. Note
that there are two templates: PUBNAMES.NTF, for the Domino
Directory, and PERNAMES.NTF, for the Personal Address Book. Be sure
to use the PUBNAMES.NTF template when working with the Domino
Directory.
For more information on updating the design of the Domino Directory,
see the appendix Customizing the Domino Directory.
No route found to Domain x from Server y
If users cant send mail to another domain and receive a message such as
No route found to Domain x from Server y, make sure that each
domains Domino Directory has a Connection document from one of its
servers to a server in the other domain. If a Connection document doesnt
exist, create one. If there is a Connection document, make sure the
information contained in it is correct.
Router: Possibly no DOMAIN set; use SET CONFIG DOMAIN=name
to set it; or replace the Name and Address Book design.
If this message appears on console and then the Router shuts down, the
Server document may contain errors. In the Server document, verify that
the domain is set, and that the ServerKeyFileName (or KeyFileName)
both refer to the server ID for that server. If necessary, make corrections
to the Server document. Also check that the Location document that
youre using refers to the correct server ID. If necessary, edit the Location
document so that it refers to the correct server ID.
Server Error: File Does Not Exist
This message occurs when a user tries to read a message that is linked to
an active shared mail file that has been improperly moved to a different
directory, partition, or hard drive.
For information on creating and enabling a shared mail database, see the
chapter Setting Up Shared Mail.

Troubleshooting 63-39

Troubleshooting

User name is not unique in a Delivery Failure Report


Check the Domino Directory for multiple occurrences of the recipients
name. There may be more than one Person document for a user, or a user
and a group may have the same name.

User not listed in the Public Address Book appears with returned
mail
If the recipients name is misspelled, mail is returned to the sender, along
with the message User not listed in the Public Address Book. If the
domain name is misspelled, mail is returned with the message No route
found to domain name from server name. Check the Domino Directory for
the correct spelling of the names, and resend the document.
Users unexpectedly required to include @domainname after each
address
If users report that they cant send mail to another domain unless they
include @domainname after each address, configure directory assistance
and directory catalogs to include the directories from the other domains.

How to troubleshoot mail routing


When dead or pending mail indicates a problem with mail routing or
when users have problems sending or receiving mail, use these tips to
gather information, identify the problem, and then correct it.
1. Analyze any Delivery Failure Reports.
2. Trace the mail delivery route.
3. Check the Domino Directory for errors that affect mail.
4. Check the senders and/or recipients workstation(s) for errors that
affect mail.
5. Checking the server for errors that affect mail.
6. Check the shared mail setup.
Checking the Domino Directory for errors that affect mail
The Domino Directory is the source of many conditions that prevent mail
from routing properly. Check for these conditions and correct them, if
necessary.
1. Check the replication history of the Domino Directory to ensure that
changes to it are replicating properly. Make sure the Domino
Directorys ACL provides servers with at least Editor access. Check
for messages in the Administration Requests database, and verify
that the Administration Process is set up and working properly.
Mail problems occur if replication of the Domino Directory
throughout the domain isnt occurring correctly. For example, if you
move a users mail file and the change recording this move on the
Person document does not replicate, a mail message could bounce
back and forth between two servers and eventually be returned to
the sender. Alternatively, the message could become dead mail if the
maximum hop count is exceeded.
63-40 Administering the Domino System, Volume 2

2. Look for and correct any of these problems with Person documents:
Theres no Person document for the recipient in the Domino
Directory. If necessary, register the recipient to create one.
The mail recipients name, mail server, or mail file is incorrect or is
spelled incorrectly. Correct the entries, if necessary.
There are multiple occurrences of the recipients name in the
Domino Directory. There may be more than one Person document,
or a user and a group may have the same name. You can add a
middle initial to one of the user names if two users share the same
name. You can modify a group name if its duplicate of another.
The recipient receives mail through a gateway. Make sure the
recipients Person document contains a forwarding address.
3. Check the Server documents of the senders and recipients mail
servers. Make sure that the names of the server, domain, and Notes
named network are spelled correctly.
4. Check Connection documents for mail routing. If two servers are in
different Notes named networks (or domains) or dont have a third
server that has a Notes named network in common with both
servers, then you must create pairs of Connection documents to
enable mail routing back and forth. For servers in the same Notes
named network, mail routing is automatic so you dont need
Connection documents.
To check mail routing connections, from the Domino Administrator,
click the Messaging - Mail tab. You can see mail routing topology by
connections or by named networks. Look for servers that cant reach
a server in another Notes named network or domain. Then check the
Domino Directory for these problems, and edit or create the
documents as necessary:
Missing Connection documents. Make sure that each domains
Domino Directory has a Connection document from one of its
servers to a server in the other domain.

An incorrect phone number (for dialup connections) in the


Connection document.
A missing selection for Mail Routing in the Tasks field of the
Connection document.
5. If mail routing occurs through a non-adjacent or foreign domain,
check that the Domino Directory contains a correctly set up
Non-adjacent or Foreign domain document. For a non-adjacent
Troubleshooting 63-41

Troubleshooting

A misspelled Notes network or domain name in the Connection


document.

domain, verify that a Connection document to the intermediary, or


middle, domain also exists.
6. If your organization uses cascading address books, be sure that the
Names setting in the NOTES.INI file contains the correct names of
the cascading address books.
Checking the senders and/or recipients workstation for errors that
affect mail
Check for these conditions and correct them, if necessary.
1. Check the User Preferences (File - Preferences - User Preferences).
Check the settings for Mail for example, the Mail Program field
may be set to None, which disables all mail for the user. Check the
settings under ports; the port(s) necessary to send mail may be
disabled. For more information on User Preferences, see Lotus Notes
6 Help.
2. Check the users Personal Address Book for a missing view. If a view
is missing, replace the design of the Personal Address Book. Choose
File - Database - Replace Design, and specify the Personal Address
Book template, PERNAMES.NTF, not the Domino Directory
template, PUBNAMES.NTF. Replacing the design deletes any
nonstandard private views but does not affect the data.
For more information on replacing the design of a template, see the
book Application Development with Domino Designer.
3. Check if the user is using the appropriate Location document. For
example, a mobile user who is working in the office may be
attempting to use a Location document that is for use only when the
user works at home. Another possibility is that the Location
document may contain incorrect information. To check the current
Location document, from the workstation, choose File - Preferences Location Preferences.
Check that the senders workstation is set up with the correct mail
server and mail file names. Choose File - Preferences - Location
Preferences, and verify the settings in the Home/mail server and
Mail file fields.
For more information on Location documents and on specifying a mail
server and a mail file, see Lotus Notes 6 Help.

63-42 Administering the Domino System, Volume 2

Checking the server for errors that affect mail


Check for these conditions and correct them, if necessary.
1. Verify that the sending and receiving servers have a certificate in
common.
a. From the Domino Administrator, click the People & Groups tab.
b. From the tool bar, click Certification - ID file.
c. Choose the appropriate server ID file, and click Open.
d. Click Certificates to display the certificates held by the server.
e. Repeat for the second server.
f. Recertify one or both server IDs, as necessary.
2. Make sure theres enough memory and disk space on the recipients
mail server. Add memory to the server, and/or increase the disk
space for swapping. Add disk space to the server.
3. Check for a corrupt mail file. On rare occasions a recipients mail file
may become corrupted. Do one of these:
Run the Fixup task. Use this task if the database is in Domino 5 or
higher format and youre not using transaction logging, or if the
database is in Domino 4 format.
Run the Fixup task with the -J option. Use this task if the database
is in Domino 5 or higher format and you are using transaction
logging. If you use a backup utility certified for Domino 5 and you
run Fixup -J, perform a full backup of the database as soon as
Fixup finishes.
4. Check for a missing or incorrect Domain setting in the NOTES.INI
file. At server startup, the Router sends the message Mail Router
started for domain x to the console and to the log file. To see if the
NOTES.INI file on the senders and recipients mail server includes a
Domain setting, enter this command at the console:
Show Configuration Domain

Set Configuration Domain = DomainName

where DomainName is the name of the mail servers Notes domain.


5. Check for a corrupt MAIL.BOX on the server. Do one of these:
Run the Fixup task. Use this task if the database is in Domino 5 or
higher format and if youre not using transaction logging, or if the
database is in Domino 4 format.
Troubleshooting 63-43

Troubleshooting

Then verify that the domain name is correctly spelled. To add the
Domain setting or correct the spelling of the domain name, enter this
command at the console:

Run the Fixup task with the -J option. Use this task if the database
is in Domino 5 or higher format and you are using transaction
logging. If you use a backup utility certified for Domino 5 and you
run Fixup -J, perform a full backup of the database as soon as
Fixup finishes.
If the corruption still persists, shut down the server and rename
MAIL.BOX for example, rename it to BADMAIL.BOX. Then
restart the server to generate a new MAIL.BOX file, and copy any
uncorrupted documents from BADMAIL.BOX to MAIL.BOX.
6. Check for problems with modem connections.
For more information on errors that affect mail, see the topic User cant
receive mail, including mail sent by other users whose mail files are on
the same mail server earlier in this chapter.
Checking the shared mail setup
Check for these conditions and correct them, if necessary.
1. Verify that shared mail is enabled. To determine if a mail file or
individual mail files in a directory use shared mail, enter this
command at the console:
Load Object Info USERMAIL.NSF

where USERMAIL.NSF is the name of a users mail file or the name


of a directory that contains mail files.
If you enter a directory name, the information that appears describes
each mail file in the directory.
2. Check for a corrupt shared mail file. If you suspect the shared mail
file is corrupt, you can restore the file.
3. Verify that theres enough disk space available for the shared mail
file. If there isnt, you can purge obsolete message from a shared mail
file.
4. Make sure the users mail file hasnt been unlinked from the shared
mail file. If necessary, relink the mail file.
For more information about shared mail, see the chapter Setting Up
Shared Mail.

63-44 Administering the Domino System, Volume 2

Meeting and resource scheduling Troubleshooting


These topics describe how to troubleshoot problems with scheduling
meetings and reserving rooms.

Meeting and resource scheduling Problems and error messages


describes problems and errors that users may experience or that are
reported in the log file.

How to troubleshoot Schedule Manager errors reported in the log


provides steps for troubleshooting Schedule Manager errors reported
in the log file.

You can also search for solutions to common problems on the Lotus
Support Services Web site at www.lotus.com/support.

Meeting and resource scheduling Problems and error messages


These topics describe problems and errors that occur with scheduling
meetings or resources:

Free time information isnt available

No resource/room found for time and/or capacity requirements

Cant Find User in Name and Address Book

Cannot perform this action locally

Free time information isnt available


If, while scheduling a meeting, a user cant look up free time for a
particular invitee because the invitees schedule is grayed out in the Free
Time dialog box or if no users free time information can be accessed and
the message No scheduling information for the requested users could be
found at this time appears, use these tips to troubleshoot the problem.
1. Check that the invitees name is spelled correctly on the meeting
invitation. If the invitee belongs to a different domain, be sure to
specify the invitees full hierarchical name, including the domain
name.

3. Make sure that the mail server is running. Free-time lookups fail if
Domino cannot access the free time database on the invitees mail
server because the server is unavailable. If the server isnt running,
the user can still complete invitation processing, including sending
and receiving meeting-related messages. Also, lookups for other
invitees with free time databases on other servers still work.
4. Check that the Schedule Manager task is running on the mail server.
Troubleshooting 63-45

Troubleshooting

2. Check that Domino 4.5 or higher is installed on the invitees mail


server.

5. Check that the invitee saved his or her Calendar Profile after
upgrading the design to the Domino 4.5 or higher mail template.
6. Check that the user is included in the list of users who can read the
invitees Free time Schedule in the Calendar Profile.
7. Check that the free-time lookup finds schedule information for users
whose mail servers are in a foreign or adjacent domain. If the
free-time lookup fails, make sure a valid Domain document exists. In
addition, check the Calendar Server field in the Domain document to
make sure a valid calendar server has been defined for the domain.
8. Check that the mail servers are running the same protocol. The mail
servers must run the same protocol so that the servers can connect to
each other to perform a free-time lookup.
Cant Find User in Name and Address Book
If this message appears, the entry used in the $BusyName field in a
calendar entry for the Note ID reported in the log doesnt exist in the
Domino Directory. This situation typically arises when a user leaves the
company and the Domino Directory no longer contains a Person
document for the user. To resolve this error, find the document
associated with the NoteID, and delete the document.
To find the note ID and the document associated with it, see the topic
Troubleshooting Schedule Manager errors reported in the log later in
this chapter.
Cannot perform this action locally
This message appears when you try to create a Site Profile in the
Resource Reservation database locally on the server. To avoid this
message, when you open the Resource Reservation database, specify the
actual server, instead of Local.
No resource/room found for time and/or capacity requirements
The message No resource/room found for time and/or capacity
requirements may appear when a user creates a reservation in the
Resource Reservation database. This message indicates that the Site
Profile name for that particular resource includes a comma for
example, Acme, East. Re-create the Site Profile name without the comma
for example, Acme East.

63-46 Administering the Domino System, Volume 2

Troubleshooting Schedule Manager errors reported in the log


Schedule Manager errors in the log (LOG.NSF) report information about
databases that may have a mismatch among the entry used in the
$BusyName field in a calendar entry, the name listed in BUSYTIME.NSF,
and the name in the Domino Directory. Use this procedure to determine
a mismatch.
1. Open the database reported in the log.
2. Choose Create - View.
3. In the View Name field, enter a name for the view for example,
NoteID.
4. In the View Type field, select Shared.
5. In the Select a location for the new view field, select where you
want the view to appear.
6. Click OK.
7. Choose View - Design.
8. Under Recent Databases, click Views.
9. Double-click the new view that you created. If you placed the view
under an existing view, the new views name will include the name
of the parent view for example, Inbox\NoteID.
10. Select the first column in the view, and choose Create - Insert new
column.
11. Choose Design - Column Properties.
12. In the Title field, enter a name for the column for example, NoteID
and press ENTER.
13. In the formula pane, for Display, select Formula.
14. Delete anything that currently appears in the Formula pane and
enter the formula:
@NoteID

16. Press ESCAPE, and click Yes to save the design.


17. Press ESCAPE to close the Designer.
18. Refresh the view so that all of the Note IDs appear in the database.
19. Find the Note ID that the Schedule Manager reported in the log, and
select that document in the view.
20. Choose File - Document Properties.
21. Click the Fields tab.
Troubleshooting 63-47

Troubleshooting

15. Click the check mark in the formula pane to accept the new formula.

22. Scroll through the fields in the left box and search for a $BusyName
field.
23. Compare the information in the $BusyName field to the entries in the
BUSYTIME.NSF file and the Domino Directory. Make any
corrections.

Modems and remote connections Troubleshooting


A variety of conditions can prevent a modem from providing a remote
connection that works. These topics describe common problems and
errors and provide specific suggestions for troubleshooting modems and
remote connections.

Tools for troubleshooting modems and remote connections describes


tools that you can use to help troubleshoot modem and remote
connection problems.

How to troubleshoot modems and remote connections describes


steps for trying to solve problems with a modem or remote
connection.

Modems and remote connections Problems and error messages


describes problems and errors that users or Domino servers may
encounter while using a modem and a remote connection to a
Domino server.

You can also search for solutions to common problems on the Lotus
Support Services Web site at www.lotus.com/support.

Tools for troubleshooting modems and remote connections


Logging modem I/O
To record modem phone call information in the log (LOG.NSF), you
must enable logging. Recording modem calls is useful when you
troubleshoot modem connections.
1. Choose File - Preferences - User Preferences and select Ports.
2. Select the port for which you want to log call information.
3. Choose COM Options, and then choose Log modem I/O.
4. Click OK twice.
Reading the message in the log file for a long setup string
When you customize a modem command file, you may include long
setup strings. If a long setup string contains an error, it may be difficult
to determine which command or parameter caused the problem.

63-48 Administering the Domino System, Volume 2

To isolate the problematic command or parameter, split the setup string


in half, and enter a new Setup=AT command on the line immediately
following the first half of the setup string. Try to make the connection
again, and then check the log to determine which half of the setup string
is causes the error. Continue splitting the setup string in half until you
locate the command or parameter that causes the problem.

How to troubleshoot modems and remote connections


A server or workstation may not be able to connect properly through a
dialup modem connection to another server or workstation. As a result,
there may be problems transferring information for example, mail
might not route between two servers connected by a modem. Use these
tips to troubleshoot both sides of the modem connection:
1. Restart the modem and the remote server or workstation. Doing this
usually helps when the modem is behaves erratically for example,
if the modem dials invalid phone numbers, refuses legitimate
modem commands, flashes the LEDs in irregular patterns, or
displays other unusual behavior.
2. Make sure that the modem is the correct type and model for the
server or workstation. If you think the hardware is damaged, replace
the damaged part with one that you know is working. Make one
change at time so that you can evaluate the effect.
3. Check the modem configuration. Check the DIP switch settings, the
telephone line, and option buttons on the modem.
4. Verify that youre dialing the correct number. If youre dialing from
an office that requires it, be sure to precede the phone number with a
9 followed by a comma. Also, be sure to include a 1 and the area or
country code. If youre sure of the number, contact the remote server
administrator to determine what the problem is.

6. Unplug other telephone extensions before you make an outgoing


call. Youll lose the connection if someone attempts to use an
extension on the line youre dialing out on.
7. Make sure that youre using an analog line. If the phone system is
digital and your modem is analog, you wont get a dial tone. Contact
your local phone company for an analog line.
8. Check the COM port, hang-up, dial time-out, and hardware flow
control settings. Port speed and hardware flow control settings
Troubleshooting 63-49

Troubleshooting

5. Disable call-waiting. You can temporarily disable call-waiting for


tone dialing by entering *70 as a prefix for the number you dial. For
pulse-dialing, enter 1170 as the prefix. Alternatively, you can
permanently disable call-waiting.

should be the same for modems that are trying to connect. To check
these settings, choose File - Preferences - User Preferences, select
Ports, select the COM port you want to check, and click COM
options.
9. Check the modem command file. Make sure that its the correct one
for your modem. Make sure it uses the correct syntax and is free of
any spelling errors, missing command parameters, and incorrect
settings or responses. Check the operating system time stamp and
last revision date of the file to make sure youre using the correct
version of the file. To do this, use a file manager such as Windows
Explorer. Make sure you specified the correct directory for the file
for example, the Notes\Data\Modems directory.
10. Check the Connection document in the Domino Directory. Make sure
the fields in the Connection document contain the correct
information for a dialup modem connection.
11. Check the Miscellaneous Events view in the log (LOG.NSF).
Sometimes modems that use the same modem standards cant
connect to each other because of the way the manufacturer
implemented the standard. Contact the modem manufacturer to
resolve the problem.
12. Check the Phone Calls view in the log. Numerous CRC or
retransmission errors indicate that one or both modems detect
transmission errors. A damaged RJ-11 cord and/or poor phone line
quality may cause these errors. Try another cord and ask the phone
company to check the phone line.

Modems and remote connections Problems and error messages


These topics provide suggestions for troubleshooting problems you may
encounter with modems and remote connections:

Data isnt transferring between two servers using a null modem

The dialup server cycles through port speeds without initializing the
modem

Valid commands in the modem command file are ignored

63-50 Administering the Domino System, Volume 2

Data isnt transferring between two servers using a null modem


If you connect two servers with a null modem cable and the servers
make a connection but data does not transfer between them, try these
tips to solve the problem:
1. Replace the modem cable or port with one that you know works
correctly.
2. Change the port speeds. Choose File - Preferences - User Preferences
and select Ports. Select the port you want to modify, and then select
COM Options. Select a port speed that matches the port speed of the
other modem.
The dialup server cycles through port speeds without initializing the
modem
If the log (LOG.NSF) indicates that the server continuously cycles
through port speeds without initializing the modem, the server isnt able
to connect to or synchronize with the modem. Try these tips to solve the
problem:
1. Turn the modem on and off to reset it.
2. Check the cable connection from the server to the modem. Make sure
that the cable is attached to the correct port and isnt damaged.
3. Make sure the communication port is correctly configured.
4. Specify a lower port speed. Choose File - Preferences - User
Preferences and select Ports. Select the port you want to modify, and
select COM Options. Select a lower port speed.
5. Replace the serial card and RS-232 interface card with one that you
know works.
Valid commands in the modem command file are ignored
You may notice this problem if you check the log and find that OK
responses are missing after one or more valid commands. Try these tips
to solve the problem:

2. Make sure that commands in a long setup string do not exceed the
character limit for the modem. Use the Setup=AT command at the
beginning of each line to split the setup strings into smaller sections.

Troubleshooting 63-51

Troubleshooting

1. Make sure letters in the AT commands in the modem command file


are either all uppercase or all lowercase. Many modems do not
recognize mixed-case commands.

Platform statistics Troubleshooting


These topics describe common problems with monitoring statistics. You
can also search for solutions to common problems on the Lotus Support
Services Web site at www.lotus.com/support.

Platform statistics are not fully initialized

Setting up platform statistics on Windows NT and Windows 2000


systems

System configuration issue for platform statistics on Windows NT


and Windows 2000 systems

Platform statistics are not fully initialized


Platform statistics take a few minutes to initialize upon Domino server
startup. If you issue a Show Stat Platform command before initialization,
you get the following message:
PLATFORM not in statistics table

Wait a few minutes and then issue the Show Stat Platform command
again.

Setting up platform statistics on Windows NT and Windows 2000


systems
On Windows NT and Windows 2000 systems, your server must be
configured properly to collect network or Logical Disk statistics. Using
software RAID is not recommended. To set up your system for platform
statistic collection:
1. Enable Logical Disk counters using the diskperf command:
Windows NT command

Description

diskperf -y

Enables the performance counters.

diskperf

Provides status or help information.

Windows 2000 command

Description

diskperf -y

Enables the performance counters.

diskperf /?

Provides help information.

diskperf

Provides status or verifies that it has already


been enabled.

63-52 Administering the Domino System, Volume 2

2. On Windows NT, enable network counters using the following steps:


a. Enable the SNMP service
b. During installation of the SNMP service, enable the physical
layer property for SNMP. The SNMP server enables the Network
Interface Object and begins collecting network statistics for
platform statistics.
3. Restart the system so that the settings will take effect.

Troubleshooting system setup


During system setup, you may receive one or more of the following
system messages.
SNMP is not enabled
Platform Stats Informational: Please see online help to
enable SNMP service in order to monitor network performance.

The probable cause for this message is that platform statistics detected
that the Network Interface Object was not enabled. Enable the SNMP
service.
Logical disk counters are not enabled
Platform Stats Informational: Please execute diskperf.exe -y
to enable Logical Disk performance counters.

The probable cause is that platform statistics detected that the logical
disk counters were not enabled. Enable logical disk counters.
Platform statistics do not appear to be enabled
Platform not in Statistics Table

Type the following command:


sh perf

The system now displays this message:


Server Performance Monitoring is now enabled.

n Transactions/Minute, n Users

You can now reissue the sh stat platform command.

Troubleshooting 63-53

Troubleshooting

When the statistics are ready to be displayed, the system displays the
following message, where n is the number of current transactions or
users.

nnotes.dll is set to the wrong path


Platform: Notes DLL directory is different from executable
directory. Edit the following Registry setting to conform to
the server being run
HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\not
estat\\Performance\\Library.

Upon Domino startup, the path to the nnotes.dll is not set or is set
incorrectly. Multiple installations of Domino may exist on the system and
an earlier installation of Domino is being invoked. Make sure that
nnotes.dll is set to this path:
HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\not
estat\\Performance\\Library

Perfmon was incorrectly installed


Platform Stats Informational: MMC incorrectly installed.
Please reinstall Win2K server to enable performance data
collection.

Perfmon, the performance monitoring package was incorrectly installed


when the system was upgraded. Reinstall the Win2K server.
Note If you need additional information regarding enabling the SNMP
server, refer to your Windows NT or Windows 2000 System
Administration Reference Guide.

System configuration issue for platform statistics on Windows NT


and Windows 2000 systems
On Windows NT and Windows 2000, an error may occur when loading
certain performance dlls. If they do not function properly or take too long
to pass data, the operating system automatically adds a value to the
following Performance registry subkey where TypeOfPerfService may be
PerfProc, PerfOS, or NoteStat:
HKEY_LOCAL_MACHINE\SYSTEM\Services\CurrentControlSet\<TypeOf
PerfService>\Performance.

When the error occurs, the value for the variable Disable Performance
Counters is set to 1, which disables performance counters for statistics
such as CPU utilization (Platform.System.PctCombinedCpuUtil) or
Memory (Platform.Memory.PagesPerSec). These counters are found
under the services PerfOS, PerfDisk, PerfProc and PerfNet.

63-54 Administering the Domino System, Volume 2

If these statistic counters cannot be located, you may get the following
error message, printed to both the event log and the console:
Platform Stats: _PSHandleDefaultCmd() Unable to set up
default counters error =..."

Although the system may have set the Disable Performance Counters
variable under a period of extreme stress on the system, once it has been
set, this variable continues to disable all performance counters relating to
its.dll, until it is manually set back to zero or deleted.
To reset the default counters, search the registry for the phrase Disable
Performance Counters. If it occurs under PerfOS, PerfDisk, PerfProc or
PerfNet, manually set it back to zero or delete the entire variable.

Network connections over NRPC Troubleshooting


If you are unable to connect to a server, do the following before you refer
to any of the port-specific troubleshooting procedures in this section:
1. Trace the attempt to connect to the server by doing one of the
following:
a. From a Notes workstation:
Choose File - Preferences - User Preferences - Ports.
Click Trace.
Specify the server you want to connect to.
In the Trace options and Notes Log options fields, select
Full trace information.
Click Trace.
b. On a server console, enter:
Trace servername

2. If the requesting system didnt try to connect on a specific Notes


network port that you want to use, check that the port is enabled.
3. If the port is enabled, make sure that the server is not down.
4. If the server is running, check whether you have a local Connection
document for it, and if so, check that the port you want to use is
selected in that document.

Troubleshooting 63-55

Troubleshooting

where servername is the hierarchical name of the server you want


to connect to, for example, Mail01/Cleveland/Acme.

5. If you still cannot connect, it is probably because no address can be


found for the server in the given protocol. Create or modify a local
Connection document to include the servers protocol-specific
network address.
For more information on ports and Connection documents on Notes
workstations, see Lotus Notes 6 Help.
For more information on server ports and server name-to-address
resolution, see the chapter Setting Up the Domino Network.
6. If you still cannot connect, see the procedures that apply to the ports
you have enabled:
Troubleshooting TCP/IP for NRPC
Troubleshooting IPX/SPX
For information on preparing to call Lotus Support Services for a
network problem, see the topic Contacting Lotus Support Services
earlier in this chapter.

Troubleshooting TCP/IP problems for NRPC


These topics describe how to troubleshoot problems with TCP/IP:

Tools for troubleshooting TCP/IP

Common TCP/IP error messages on Domino servers

Common TCP/IP error messages on Notes clients or Domino servers

How to troubleshoot a TCP/IP problem

TCP/IP frame types

If you cant solve your problem, record all of the following information
(gathered as you performed the steps in the preceding topics) before
contacting Lotus Support Services (www.lotus.com/support):
1. Exact quoted error messages
2. TCP stack name and version number (or operating system and
version if the TCP/IP stack is included in the operating system)
3. IP configuration information
4. IP address and host name of Domino server
5. Server document
6. Host file
7. Tracert information (with number of hops)
8. Ping packet size
Note It is recommended that customers prepare a network diagram for
escalation.
63-56 Administering the Domino System, Volume 2

Tools for troubleshooting TCP/IP


Connection logging
When connection logging is enabled on a server, the server console
displays the name of the Notes network port for TCP/IP, the IP address
of the requesting system, and the IP address of the destination server for
each connection.
To enable connection logging, add the following setting in the servers
NOTES.INI file:
Log_Connections=1

TCP/IP error messages -- Server only


These sections describe common error messages on a Domino server
offering NRPC services over TCP/IP.
Error on Listen function: The requested TCP/IP port is in use on this
system.
This message could indicate one of the following problems:

UNIX systems. You have failed to assign different IP addresses to


each partition on a Domino partitioned server, or you have failed to
follow the port mapping setup instructions properly, and you
attempt to start the additional partition. You may need to stop the
server currently running, so that the new server you are setting up
can finish accessing the setup server for its copy of the Domino
Directory.
For more information about setting up IP addresses or port-mapping
properly, see the chapter Setting Up the Domino Network.
Note Failing to configure partitions properly on Windows systems
does not generate an error on startup, but will generate operational
problems.

Windows 2000 and XP systems. It is possible for an application or


system service to be assigned an ephemeral port number as its local
port number that conflicts with the Domino listening port. Restart the
system so that the process using TCP port number 1352 can release it.

Troubleshooting 63-57

Troubleshooting

When a system running TCP/IP makes each outbound connection,


the TCP software automatically selects a local port number and
assigns it to the connection. This is required in the TCP architecture
so that the server can return packets to the client. This same port
number cannot be used by any other outbound or listening socket
until it is freed. Port numbers in the range 1 - 1024 are called
reserved ports because they are reserved for well-known system
services. The TCP software never uses reserved ports when it must
select a client-side port number at random. Rather, it selects at

random a number from a range above 1024 called the ephemeral port
range. The Internet authority uses the low-end range above 1024 to
assign port numbers to registered applications such as Lotus
Notes/Dominos NRPC services, which use 1352. Microsoft uses the
ephemeral port range of 1024 - 5000. Therefore, when a server on a
Windows system makes an outbound connection, the ephemeral port
number chosen might be 1352. When this happens and Domino is
started, the NRPC port fails to bind. Often, on startup, servers on
Windows systems make outbound connections to the NetBIOS
session service well-known port and keep these connections active
until the system is restarted. This is the cause of the problem.
Note Most UNIX systems use an ephemeral port range that is at the
top-end of the range of ports, such as 45000 - 65000, so that there is
not likely to be a conflict between the ephemeral port number chosen
and registered port numbers.
To determine if this is the cause of the problem, run Netstat -n -a. If
what you see is similar to one of the following examples, the system
is using port number 1352 and the Domino server cannot start. To
solve this problem, restart the system.
Example 1: Netstat -n -a output of the Domino server active on the
local system using port 1352 as a server
Proto
State

Local Address

TCP
10.20.4.137:1352
LISTENING

Foreign Address
0.0.0.0:0

Example 2: Netstat -n -a output of the local system accessing an


external system using port 1352 ephemerally
Proto
State

Local Address

TCP
10.20.4.137:1352
ESTABLISHED

Foreign Address
10.30.10.1:139

To prevent future ephemeral bind conflicts on Windows systems, use


the following instructions to add a registry value that forces TCP to
skip port 1352 when it selects an ephemeral port number:
Run Regedt32 (not Regedit Regedit does not support the data type
required for the value) and enter the following:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcp
ip\Parameters
Value Name: ReservedPorts
Data Type: REG_MULTI_SZ
Value: 1352-1352
63-58 Administering the Domino System, Volume 2

Tip To protect additional ports, you can enter a range (such as 1025
- 1050) or multiple ranges separated by spaces.
Note In Windows 2000 and XP, Netstat might report an additional
line showing the local and remote ports and addresses in the
established state, or a second line showing the client-side port in the
listening state. Thus when you run Netstat on Windows 2000 and XP
systems and compare the results with those on NT systems, the
output can look different. This is only a different method of reporting
listening ports not a network bug.
Insufficient TCP sockets are available. Consult your vendors TCP/IP
documentation to increase the maximum number of sockets.
You have reached a TCP/IP socket limitation. To see how many active
TCP/IP sessions the server system has open, use Netatat with the -n
switch (to disable reverse DNS lookups) and output the listing to a file.
Import the listing to a spreadsheet and count the total number of
connections. Then break the connections down by their state
(Established, Time_Wait, Close_Wait, Fin_Waitn). You should be able to
support more than 2,000 concurrent connections. If not, review your
operating system and TCP/IP stack settings with the operating system
and TCP/IP stack vendor. If you have a large number of Close_Wait
sessions, you may have network-level problems. If you have a buildup of
Time_Wait sessions with HTTP services, review your TCP/IP stacks
settings to see if the stack offers a setting to time out Time_Wait sessions
sooner.
As a temporary solution or if you cant make any alterations to the
system or TCP/IP stack, you can limit the number of NRPC sessions the
server will support concurrently, but there will be a performance cost for
doing so. To limit the number of concurrent NRPC sessions, do one of the
following:
Edit the portname_MaxSessions setting in the NOTES.INI file to limit
the number of sessions that can run on this port.

Edit the Server_MaxSessions setting in the NOTES.INI file to limit


the total number of active sessions the server can have.

Listener task for port <portname> is suspending for 20 seconds due to


listen errors.
See the message Error on Listen function earlier in this topic.

Troubleshooting 63-59

Troubleshooting

The remote TCP/IP host is not running the Domino server, or the
server is busy.
The server is currently not running, or the server cant accept another
TCP/IP connection or Domain session. Start the server, or verify that it is
running. Check the server to determine if its workload is unacceptably
heavy.
The TCP/IP protocol stack reported that it ran out of memory. Consult
your network documentation to increase configured memory, or
reduce Notes connections by limiting clients (see
SERVER_MAXSESSIONS parameter in Notes Admin Guide).
This error can occur when your server systems resources are not
correctly sized for the number of inbound and outbound connections or
when events push the server into resource starvation.

If system memory appears to be low, increase it.

If you are using Windows NT, you may be encountering a page file
limit. Both Domino and the TCP/IP stack use shared memory. If the
page file is not large enough or the number of pages exceeds what
the operating system can provide, this error appears. Upgrade the
operating system to Windows 2000 with Service Pack 2.

If inbound client and server connections or the servers own


outbound connections seem to be experiencing network stability
problems, verify the health of the network by using Netstat with the
-n switch (to disable reverse DNS lookups) and output the listing to a
file. Import the listing to a spreadsheet and count the total number of
connections. Then break the connections down by their state
(Established, Time_Wait, Close_Wait, Fin_Waitn). You should be
able to support more than 2,000 concurrent connections. If not,
review your operating system and TCP/IP stack settings with the
operating system and TCP/IP stack vendor. If you have a large
number of Close_Wait sessions, you may have network-level
problems. If you have a buildup of Time_Wait sessions with HTTP
services, review your TCP/IP stacks settings to see if the stack offers
a setting to time out Time_Wait sessions sooner.

As a temporary solution or if you cant make any alterations to the


system or TCP/IP stack, you can limit the number of NRPC sessions the
server will support concurrently, but there will be a performance cost for
doing so. To limit the number of concurrent NRPC sessions, do one of the
following:

Edit the Port_MaxSessions setting in the NOTES.INI file to limit the


number of sessions that can run on this port.

Edit the Server_MaxSessions setting in the NOTES.INI file to limit


the total number of active sessions the server can have.

63-60 Administering the Domino System, Volume 2

Unable to locate the Domain servers TCP/IP host. The TCP/IP domain
name server may be down.
Use the ping command to verify that DNS is running.
Unexpected TCP error. See the Notes log file on this system for error
code.
Look in the log file to see the reported error code or codes.
KnowledgeBase lists many of the error codes. If you find an error code
that isnt in KnowledgeBase, report it to Lotus Support Services.
TCP/IP error messages Client or server
These sections describe common error messages on a Notes client or
Domino server using NRPC services over TCP/IP.
Network operation did not complete in the specified amount of time.
The connection pathway between the client or server system and the
target server was unable to sustain the session. This happens when a
system is accessing a remote server over a slow or very congested WAN.
Possible solutions to this problem are:

Instead of users accessing server-based mail or application files on


the remote server, have them replicate the database files to their local
systems.

Review your server-to-server replication and mail routing


architecture across the WAN. It is best to use a hub-and-spoke
design, and use Connection documents in Domino to connect the
servers, mirroring the hub-and-spoke architecture. Use Notes name
networks (NNNs) only at each isolated local site and then use
Connection documents to interconnect the sites from the hub
location.

If this error occurs over a LAN, you may be experiencing frame and/or
packet sizing problems because you have a mixed-topology network or
because your network routers routing tables are converging. In these
cases, the network pathway to or from the target Domino server cannot
forward the TCP/IP packet stream.

The connection has timed out.


The establishment of the connection took longer than the expected
default of 5 seconds. This can happen when the connection is over a
dial-on-demand ISDN modem connection, remote bridge, or router.
From the Port Setup dialog box, increase the TCP/IP connection-time-out
interval. On a normal LAN, it is best to enter a value of no greater than
Troubleshooting 63-61

Troubleshooting

If you are using a remote VPN connection across the Internet, with some
VPN client software you can encounter packet sizing issues on the Notes
client or Domino server and/or with the firewall systems VPN services.

10 seconds, as the client or server wont retry the connection until the
timer has expired.
To access the Port Setup dialog on a Notes client, use File - Preferences User Preferences and click Ports. To access this dialog box for a Domino
server, use the Domino Administrators Configuration tab and select
Server - Setup Ports from the Tools pane.
Once in the Port Setup dialog box, select the TCP/IP port and click the
port name Options button.
The server is not responding. Possible explanation.
Variations of this error can occur when name-to-address resolution has
completed on the local system, but the server would not respond to that
address. The causes of this error include:

The Notes Name Service cache in the current Location document


contains a numeric IP address that it originally obtained from the
Server document (Net Address field) of the target Domino server,
and the Server document has since been updated with a new IP
address. Using only host names in the Net Address field makes this
error less likely to occur, as host names usually dont change.

The contents of the Net Address field returned by the Notes Name
Service is not the active address, either because of a typographical
error, or because there is more than one enabled Notes network port
for TCP/IP and the port listed first in the Server document is offering
a different FQDN than the second. In this case, if you are trying to
connect through the port listed second, the connection fails.

The address returned by DNS or hosts files is not the correct address
or is not correct for this location.

To resolve problems associated with this error, follow all the steps in the
topic How to troubleshoot TCP/IP problems in NRPC later in this
chapter. To resolve problems involving advanced TCP/IP configurations
(more than one enabled port), see the chapter Setting Up the Domino
Network.

63-62 Administering the Domino System, Volume 2

The Remote server is not a known TCP/IP host.


This message appears if the translation from server name to TCP/IP
address fails. Follow these steps to troubleshoot the problem:
1. Verify that the server name is correct.
2. If you use a local hosts file for name resolution, enter the servers IP
address and host name in the hosts file. If the server name does not
match the TCP/IP host name, which is also known as the fully
qualified domain name, enter the server name as an alias for the host
name. For example, for the Domino server Red/Sales/Acme, enter:
130.103.40.1 red.acme.com
red

Note Insert a tab between com and red.


For TCP/IP for the Macintosh, the host name and alias definitions
should look like this:
red.acme.com A 130.103.40.1
red CN red.acme.com

Note Verify that the ordering of the name lookup services is Host
first and DNS second; otherwise, the hosts file entries may not be
used when you expect them to be (excluding the NetBIOS Name
Service).
3. If you use the Network Information Service (NIS) for name
resolution, ask the UNIX system administrator responsible for the
NIS domain to register the servers IP address and host name. If the
server name does not match the TCP/IP host name, request that the
server name be registered as an alias for the host name.

For more information on DNS resolves, see the topic Checking TCP/IP
name resolution in NRPC later in this chapter, as well as the chapter
Setting Up the Domino Network.
Troubleshooting 63-63

Troubleshooting

4. If youre using DNS for name resolution, ask the administrator


responsible for the DNS domain to register the servers IP address
and host name. If the server name does not match the TCP/IP host
name, request that the server name be registered as an alias
(CNAME) for the host name and place the host name in the TCP/IP
ports Net Address field in the Server document. For example, for a
Domino server named Sales/Boston/Acme with a host name of
app01 for the A record, the CNAME record would be sales. The Net
Address field contains either the simple host name, app01, or the
FQDN, app01.acme.com. In the case of port mapping, each
port-mapped servers common name is added as a CNAME to the A
record for the base port-mapping server.

How to troubleshoot TCP/IP problems in NRPC


To troubleshoot a network problem when using NRPC services over
TCP/IP, do the following in the order shown:
1. Check connectivity.
2. Check name resolution.
3. Check network layout (large LAN or WAN issues).
Checking NRPC connectivity in TCP/IP
Notes connectivity relies on TCP/IP communication. The first step in
troubleshooting TCP/IP is to verify basic TCP/IP configuration and
connectivity.
For Notes and Domino to work properly with TCP/IP, the protocol stack
on each computer must already be configured properly. Ensure that the
brand and version of the protocol stack is certified for use with this
version of Lotus Notes/Domino. For more information, see the protocol
service providers documentation.
Use the PING executable to verify IP-level connectivity. The PING
command is available in all Windows and UNIX environments.
1. From the server, ping the server itself by numeric IP address.
For example, at a DOS prompt, type:
PING 131.103.50.159

and press ENTER.


This step confirms the following:
TCP/IP is installed and configured with a correct address.
If any other computer has the same IP address. A computers IP
address must be unique on a network segment; that is, only one
computer on a network segment can have a particular IP address.
If this fails, TCP/IP is not set up properly on the local machine.
Contact the sites network administrators for technical assistance.
2. From the server, ping the destination computer (the Notes
workstation) by numeric IP address. This indicates if the path to the
remote host is clear and whether you can communicate with IP
through network routers. If this fails, continue to Step 3.
Tip To obtain the IP address of a Notes workstation, from the
workstation use the commands shown in the table in Step 6.
3. From the workstation, ping the workstation by its own numeric IP
address. If this fails, continue to Step 4.

63-64 Administering the Domino System, Volume 2

4. Ping the server from the server itself by its DNS fully qualified
domain name (FQDN) to verify that it was added to the network
correctly; then ping the server from the workstation by FQDN.
For example, type:
PING iodine.lotus.com

5. Ping the server by DNS alias name from the server itself to verify it
was added to the network correctly. Then ping the server from the
workstation. Ideally the server host alias names all should be the
same as the Domino server names. Sometimes the servers FQDN
may differ from the Domino servers. That is when the alias name is
used, being the same as the Domino servers name.
For example, type:
PING Iodine

If you reach this point and the connection is failing between


workstation and server, try creating a Connection document in the
Personal Address Book of the workstation. This document contains
the numeric IP address of the destination server. It is best to resolve
IP addresses by DNS or hosts files and not by Connection
documents.
Note WINSOCK.DLL is the Windows Sockets interface provided
with TCP/IP network software for Microsoft Windows. If youre
using an incorrect (or incorrectly placed) version of WINSOCK.DLL,
Notes may exhibit problems related to WINSOCK.
6. If pinging by numeric address succeeds, but pinging by the alias
name fails, the problems source is in name resolution and not in
physical network connectivity. The following table list the
commands you use (depending on the operating environment the
server or workstation uses) to gather the following information about
the systems IP configuration:
IP address
Host name

After youve gathered this information, perform the procedure


TCP/IP name resolution in NRPC.

Troubleshooting 63-65

Troubleshooting

If present, the default gateway


If new information appears when the computer is restarted, record
the information and call Lotus Support Services.

Operating system Command/location to use Explanation


Macintosh

Control Panel, TCP/IP, Not applicable


Load Ping, TCPIP
Config window

UNIX/Linux

ipconfig <interface
name> or
ifconfig <interface
name>

Different switches or
commands may be required for
each UNIX platform; consult a
UNIX expert if necessary.

Windows
NT/2000/XP

ipconfig (or see the


Network settings in
Control Panel)

Issue this command at a


prompt, or see the Network
settings in Control Panel.

Windows 95/98 winipcfg (or see the


Network settings in
Control Panel)

Issue this command at a


prompt, or see the Network
settings in Control Panel.

Checking TCP/IP name resolution in NRPC


If checking connectivity using an IP address appears to work, you need
to check name-to-IP-address resolution. Name-to-IP address resolution
within an organizations private network space usually takes one of two
forms: locally stored hosts files or the Domain Name System (DNS).
WINS Name Resolution or LMHOSTS resolution are not supported by
Lotus Notes/Domino.
1. Check for illegal characters in the hosts file.
Make sure there are no illegal characters (such as a space or a
letter) in the numeric IP address; only numbers should appear.
Each section of a dotted decimal numeric IP address should be no
longer than three numbers, and there should be four sections to an
address (for example, 19.99.21.217).
Make sure there are no illegal characters in the Names fields; only
alphabetic characters, numbers and dashes (-) should appear.
Spaces are not allowed. Underscores (_) are mapped as spaces
within Notes, and should be avoided.
Some IP stacks will not accept underscore characters.
Make sure there is only one correctly named hosts file being used.
Rename any other hosts files on the computer (except the current
one).

63-66 Administering the Domino System, Volume 2

Note any recent changes made to the hosts file. Confirm that the
information in the hosts file is correct. The target machines that a
computer may contact must be defined in the local hosts file.
Operating System Location

Explanation

Macintosh

Macintosh System Folder

Not applicable

UNIX/Linux

/etc/

Not applicable

Windows 2000

system32 directory

Root directory might


vary

Windows XP

windows\system32\drivers
\etc\

The OS directory
might be renamed

Windows NT

wnnt40\system32\drivers
\etc\

The OS directory
might be renamed

Windows 95/98 windows\

The OS directory
might be renamed

2. Look at the Server document and determine if the first part of the
servers fully qualified domain name (FQDN) in the TCP/IP ports
Net Address field is the same as the servers common name. For
example:
FQDN = mailhub1.lotus.com
Server common name = Mailhub1
If this is not the case, a name resolution alias is required in the hosts
file or DNS table.
Note If the first part of the FQDN is the same as the server common
name, the problem may be within DNS. For more information, see
the vendors documentation for the DNS server.
3. If the Server document has changed recently, restart the server in
order for the changes to take effect.
After you finish checking name resolution, see the topic Checking a
TCP/IP network pathway later in this section.

Using the Trace Route utility


Use the TRACERT command to determine what network pathway lies
between the source and destination systems. This command determines
the route from one host to another through the network, and displays an
ordered list of the routers in the path with the IP addresses of the
near-side interface of the routers.

Troubleshooting 63-67

Troubleshooting

Checking a TCP/IP network pathway


If checking name resolution did not solve the problem, check each
network pathway. Be sure to record the information you gather.

Note A dedicated Trace Route utility may not be available on all


platforms, and your firewalls are most likely blocking the ICMP
sub-protocol of IP. Consult the site administrator to see if there is an
equivalent for your platform.
To use TRACERT, type the following at the prompt:
TRACERT servername -d

Where -d tells the command not to resolve addresses to host names.


For example, the results of the TRACERT command might look like this:
C:\>tracert paran -d
Tracing route to santa.north.com [118.111.90.204]
1
10 ms
10 ms
[118.111.200.211]

10 ms

elves.north.com

10 ms

<10 ms

rdeer.north.com

3
<10 ms
10 ms
[118.111.90.204]

10 ms

santa.north.com

2
<10 ms
[118.111.29.2]

Trace complete.

In this example, there are two IP routers between the workstation and the
server (three, minus the first one which reported itself, leaving two).
Checking the Maximum Transmission Unit (MTU)
Each end-node system and router port on the network has the ability to
control the size of the TCP/IP packet. Each NIC (port) can have its MTU
set to a different value, and each topology has a different default value.
The network administrator can increase or decrease this setting to meet
the requirements of the network. MTU traffic issues are handled at the
TCP/IP level and not within Notes workstations or Domino servers.
If any of the following situations exist, suspect an MTU problem, and
contact your network administrator:

There is a mixture of Ethernet and Token-Ring or FDDI network


topologies on the LAN/WAN.

There are routers between the source and destination of traffic that
could be set up with an incorrect MTU size.

You are using VPN services across the Internet.

ATM is being used with emulation [LANE].

TCP/IP frame types


Most UNIX, AS/400, or S/390 systems offer both frame types for 802.3
(Ethernet) to Ethernet V2 (DIX) and SNAP by default. You can remove
63-68 Administering the Domino System, Volume 2

the SNAP frame support if you have a routed network with Token-Ring
or FDDI topologies where the router will translate the frame types (free
up non-needed resources).
With Windows-based TCP/IP protocol services, the default frame type
for 802.3 (Ethernet) network topology is v2 DIX and for Token-Ring and
FDDI it is SNAP over LLC.
With Novell ODI-based TCP/IP protocol services, all systems using the
TCP/IP protocol on 802.3 Ethernet should be using the same frame type.
The table below lists the frame types compatible across the different LAN
topologies.
LAN topology and
frame services

Novell frame types

Novell compatible
frame types *

Comments

Ethernet v2 (DIX)

Ethernet_II

Not applicable

Recommended for
TCP/IP

IEEE 802.3 (Ethernet) Not applicable

Not applicable

Not applicable

SNAP

Ethernet_SNAP

Token-Ring_SN
AP and
FDDI_SNAP

Not applicable

IEEE 802.5
(Token-Ring) and
FDDI

Not applicable

Not applicable

Not applicable

SNAP

Token-Ring_SNA Ethernet_SNAP
P & FDDI_SNAP

Required for
TCP/IP for
Token-Ring and
FDDI networks

* If the bridge or router offers frame translation, other combinations may be


possible.

Note If using a NetWare server as a TCP/IP router, make sure that the
NetWare and Domino server systems are using the same common frame
type for TCP/IP and that only one frame type is being used to support
the TCP/IP protocol in a flat or bridged network.

Troubleshooting
Troubleshooting 63-69

Troubleshooting IPX/SPX network problems


All Domino server access is through the sub-protocol SPX or SPXII. Both
Notes clients and Domino servers use IPXs NetWare Core Protocol
(NCP) service for name-to-address resolution.
Protocol limitations in the following areas may affect your ability to use
the Domino NRPC protocol over SPX:

Frame types in the IPX/SPX network

Source-routing bridges in Token-Ring networks

IPX name resolution services (Bindery and NDS)

For common error messages in IPX/SPX, see the topic IPX/SPX error
messages later in this chapter.
Frame types in the IPX/SPX network
All Domino server and Notes client systems using the IPX protocol need
to use the same IPX frame type across all network segments and
topologies.
Note Make sure that the NetWare and Domino server systems are
manually locked to the same frame type and that only one frame type is
used to support the IPX protocol in the network. Otherwise, you may
have connectivity problems or IPX wrapper errors because of the
different IPX packet sizes the frame types impose.
Note On Notes client systems running Windows, it is best to use the
Control Panel to select a specific frame type for the IPX/SPX network
rather than to detect which type is being used with Auto Detect (the
default).

63-70 Administering the Domino System, Volume 2

The following table lists the possible frame types across different LAN
topologies:
LAN topology and
frame services

Novell frame types

Novell compatible
frame types*

Comments

Ethernet V2
(DIX)

Ethernet_II

Not applicable

Recommended for
TCP/IP(Used in
very old IPX
networks, not
recommended)

IEEE 802.3
(Ethernet)
RAW

Ethernet_802.3

Not applicable

Not applicable

LLC

Ethernet_802.2

Token-Ring and
FDDI

Recommended for
the IPX protocol
suite
(Recommended
by Novell)

SNAP

Ethernet_SNAP

Token-Ring_SNAP For TCP/IP use


and FDDI_SNAP
only

LLC

Token-Ring

Ethernet_802.2 and Recommended for


the IPX protocol
FDDI
suite
(Recommended
by Novell)

SNAP

Token-Ring_SNAP Ethernet_SNAP
andFDDI_SNAP

IEEE 802.5
(Token-Ring)

For TCP/IP use


only

* If the bridge or router offers frame translation, other combinations may


be possible, but are not recommended.

Note You must assign the Token-Ring bridge a unique number. If the
bridge connecting two token rings does not have a unique number, the
IPX/SPX connection fails. The NetWare servers, Domino servers, and
other switches or bridges on the given Token-Ring network all share a
common IPX network number within the bridged domain.
Troubleshooting 63-71

Troubleshooting

Source-routing bridges in Token-Ring networks


In addition to the frame type problem, a Token-Ring network has the
problem that Domino servers on another Token-Ring network connected
by a source-routing bridge cant be seen. You may need to apply
source-routing services to the IPX/SPX protocol to pass across a
source-routing bridge network.

1. Make sure that the IPX/SPX network frame types are correctly
configured.
2. Make sure that you have the latest versions of the IPX/SPX protocol
services installed on the all of the Notes clients, Domino servers, and
NetWare servers.
3. Make sure that the Domino server located on the Token-Ring
network that is using source routing can access a local NetWare
server that has source routing enabled, so that either the Bindery or
NDS name resolver service can be established. You must implement
Novells source-routing NetWare Loadable Module (NLM) in an
IPX/SPX network.
4. Check that the switch or bridge configuration can support the frame
sizes that the IPX/SPX protocol is using. Many units limit the buffers
to 4096 or 4500 octets (bytes). The IPX/SPX protocol stack settings on
Notes clients or Domino servers may also need to be altered so that
they dont exceed the switchs or bridges frame size limit.
IPX name resolution services (Bindery and NDS)
Domino servers can use either Bindery, NDS, or both for IPX system
name-to-IPX net/node address resolution (IPXs NCP protocol services).
Bindery services are dynamic in nature. As such, any loss of
communication between the Domino server and the NetWare server or
other NetWare server can cause loss of access. NDS objects once
initialized are static in nature, so as long as the system can access the
NDS tree, it can locate the Domino server.
Note An IPX node address is often the same as the MAC address of the
network adapter card. When crossing bridges between Token-Ring and
Ethernet or between Token-Ring and FDDI there may be issues where
the MAC address and the IPX node numbers are not consistent with the
NDS tree objects of the Domino servers. When Notes clients or Domino
servers are accessing a Domino server on the other side of the bridge via
NDS, they must have consistent MAC and node addresses from their
network segment ({Least/Most Significant Bit order} LSB/LSB or
MSB/MSB, not MSB/LSB or LSB/MSB).

63-72 Administering the Domino System, Volume 2

The following table offers some basic guidelines in using Bindery and
NDS services:
Novell server network

Bindery NDS Best protocol usage

NetWare 3.12
(Bindery only)

Local IPX LANs.


IPX WAN links not reliable with
Bindery services (not recommended).

NetWare 3.12
(Bindery only)

Local IPX LANs, use TCP/IP for WAN


link access. WAN routers dont
forward IPX over WAN links or filter
all IPX SAP services over the WAN
links.

NetWare 4.1,4.11 or 5.0 X


(Bindery emulation) *

Local IPX LANs.


IPX WAN links not reliable with
Bindery services (not recommended).

NetWare 4.1, 4.11 or 5.0 X


(Bindery emulation) *

Local IPX LANs, use TCP/IP for WAN


link access. WAN Routers dont
forward IPX over WAN links or filter
all IPX SAP services over the WAN
links.

NetWare 4.1, 4.11 or 5.0


(NDS only)

NetWare 4.1, 4.11 or 5.0 X


(Bindery and NDS)*

IPX for both LANs and WAN links.**

*Domino servers can support only one Bindery context entry that the Notes
client and/or Domino server systems can access.
** Recommend filtering Bindery service advertising protocol (SAP) services over
WAN links if there are any Bindery-only devices present on the network.

IPX/SPX error messages


This section describes common error messages for the IPX/SPX protocol.

If an attempt to log into a Novell server from the Domino server fails or
an SLIST shows no Novell servers are available, the network
administrator must analyze the network to find out why the Domino
server cant access a Novell file server so that either the Bindery or NDS
name resolve service can be invoked.

Troubleshooting 63-73

Troubleshooting

Error getting connection ID.


This message may appear when you start the Domino server after
installing the SPX port driver. This error occurs when a Novell file server,
to which you need to register the Domino servers name, is unavailable
or the Domino server cant reach it over the frame type it is using.

NetWare IPX/SPX could not be initialized: Packet size is too large.


This message appears when you have a mix of frame types in use for the
IPX/SPX protocol. Review the frame type the NetWare server and
Domino server are using to make sure that only one common IPX/SPX
frame type is enabled across all of the server systems and network
routers.
NetWare service advertising (SAP) failed to start. Internal error in
Notes NetWare port driver.
Depending on which IPX/SPX stack you are using, you might need to
start the SAP service so the Domino server can register its name with
either the Bindery or NDS name resolve service.
Unable to get default NetWare file server connection.
The server or workstation is unable to read the Domino server network
address from NetWare bindery. The default NetWare file server isnt
responding to requests. Check that a NetWare file server is available on
the network and that all required NetWare client software is installed
and running.
Unexpected NetWare error. See the log file on this system for error
code.
Contact Lotus Support Services.
Unexpected NetWare IPX or SPX error. See log file for error code.
Contact Lotus Support Services.

Network dialup connections Troubleshooting


This topic describes how to troubleshoot a network dialup connection
problem. You can also search for solutions to common problems on the
Lotus Support Services Web site at www.lotus.com/support.
If a user installed, set up, and created Connection documents for a
network dialup connection, but the user cant connect to it, check for
these conditions and correct them, if necessary.
1. Make sure the workstation and/or server has been set up with the
remote access client software Dial up Networking for Windows 95
and NT or Apple Remote Access for the MacIntosh. If the software
hasnt been set up, users will get the message Error initializing
remote LAN service. Install the network dialup client software on
the server and/or workstation, and then try connecting.
2. Make sure the remote server is accessible. If the modem is busy or
the server is unavailable, the server cant answer calls.

63-74 Administering the Domino System, Volume 2

3. Make sure that the user has the necessary privilege to use a network
dialup connection to dial into the server. If necessary, modify the
users privileges. Also, make sure that the user is using the correct
user ID password.
4. Trace the connection to the server. Check the resulting information
for indications that the Connection document isnt properly
configured. For example, common mistakes in the Connection
document include not listing the current location or failing to enable
the specified port(s).
Note Information from a trace is recorded in the Miscellaneous
Events view of the log. In the Trace Connections Log Options field,
you can set the level of detail to record. For maximum information,
choose Full Trace Information.
5. Use the dialing method provided by the network dialup client to
make the network dialup connection. If the connection fails, check
for the correct configuration and check the modem for problems.
6. If the connection is successful, while the connection is still active,
switch to the Notes workstation or Domino server and attempt to
connect to the destination server. At this point, the workstation or
server should be connected to the LAN. You can temporarily set the
Usage priority field of the network dialup Connection document to
Low to force the connection over the LAN before using the
Connection document.
7. If the previous step succeeds, drop the connection, switch to the
Notes workstation, and choose File - Mobile - Call Server to call the
remote access server. If you previously set the Usage priority field of
the network dialup Connection document to Low, reset the priority
to Normal.
8. Make sure youre using the correct Connection document. Then,
make sure the information in the Connection document is correct.

The port is not configured on the Domino server.


The modem file on the server does not contain the correct connect string.
RAS is currently using the port that the Notes Direct Dialup connection is
attempting to call on the destination server.

Troubleshooting 63-75

Troubleshooting

After a successful modem connection, cannot establish session


with server
The server is down.

Modem does not respond


The modem is not turned on or is not connected.
The modem software is not configured properly.
COM device is in use
You try to access a server using Notes Direct Dialup and your server has
RAS running and only one COM port.
You cannot create a RAS connection
RAS is not configured and/or started on the destination server.
Dial Up Networking is not configured properly on the client.
The modem software is not configured properly.

Error messages
This section lists common error messages displayed on the server console
or at the Notes client, and provides information on what caused the error
and how to recover from it.
Modem command files contains illegal character
You selected the wrong modem.
Select the correct modem file from the COM options - Modem type drop
down box.
The selected modem command file only allows speeds as high as
XXX
The configured modem speed exceeds the supported speed.
Check the maximum modem speed for your modem and configure it in
the COM options - Maximum Port Speed.
Excessive Port or CRC errors on the last connection. Try enabling
hardware flow control on the port or reducing the maximum speed
settings
The configured modem speed exceeds the supported speed.
Enable flow control on the Notes client and Domino Server.
Reduce modem speed on the machine with Port and/or CRC errors.
Communications port unit number is not within valid range.
You have too many ports configured.
Set the valid number of ports on your system. Notes and Domino accept
up to 64 ports.

63-76 Administering the Domino System, Volume 2

No dialtone
The modem is not receiving a dial tone.
Check the phone line. Make sure that line is active and plugged into the
modem properly.
If you are in Europe, make sure that you have disabled wait for dial
tone before dialing in the COM options box.

Testing network connections using the ping utility


After you establish an Internet connection, you should ensure that the
connection works properly. Run this test before you actually connect the
Domino server to the Internet.
If you have a direct connection to the Internet, the easiest way to test the
connection is to use the ping utility, which asks another computer if it is
running and confirms that the protocol software can respond.
Even if you can use the ping utility successfully, the Domino server
might not be running. When you use the ping utility to contact another
computer, make sure you attempt to contact a computer that is not in
your immediate domain. If you can use the ping command to
successfully contact a computer in another domain, you verify that your
router is working properly.
If you connect to the Internet through a proxy server, try to use the ping
utility on your proxy to test the network connection.
To use the ping utility, type ping at the CONSOLE prompt, followed by
the domain name. For example, type:
ping xyz.com

If successful, the ping utility returns a message in a format similar to the


following:
64 bytes from 130.000.00.00: 1cmp_seq=4, time=0, ms

Tracing a network connection

When you attempt to connect to a server, network trace information


automatically appears on the status bar of a Notes workstation or on the
server console, depending on where you initiated the connection attempt.
You can use the NOTES.INI Console_LogLevel setting to control the
level of detail that messages on the status bar contain.
Troubleshooting 63-77

Troubleshooting

To test a connection to a server, use the Trace command, which provides


detailed information about each step in a server connection. Using the
results of a trace command, you can troubleshoot network connection
problems.

To trace a connection, you can enter this command at the console:


Trace servername

To test whether you can connect to a server through a specific port:


Trace port!!! servername

For more information about the Trace command, see the appendix
Server Commands.

Partitioned servers Troubleshooting


These topics describe solutions to common problems and errors that may
occur with partitioned servers.

Server exiting: partition number xx is already in use

Server not responding

You can also search for solutions to common problems on the Lotus
Support Services Web site at www.lotus.com/support.
Server exiting: partition number xx is already in use
This message appears when you try to start more than one server in a
partition. To correct this, stop all processes associated with the partition.
If that fails, restart the system.
Server not responding connecting to a partitioned server
This message may appear if a partitioned server uses TCP/IP port
mapping.
1. If the destination server is sharing a network interface card with a
port-mapping server, check that the port-mapping server is running.
Domino cant establish a connection to a server sharing the
port-mapping servers IP address unless the port-mapping server
can redirect the traffic to the port the destination server is listening
on.
2. Make sure that the port-mapping information in the NOTES.INI file
is in the correct order. In the port-mapping servers NOTES.INI file,
there are entries that reference the other partitioned servers on the
computer. If the lines containing the port-mapping information are
out-of-order, Domino displays the message Server not responding
or Servers name changed. Edit the port-mapping servers

63-78 Administering the Domino System, Volume 2

NOTES.INI file, and make sure that the partitioned servers are listed
in numerical order, as in this example:
TCPIP_PortMapping00=
TCPIP_PortMapping01=
TCPIP_PortMapping02=
TCPIP_PortMapping03=

After modifying the NOTES.INI, stop and restart the server so that
the changes take effect.
3. Make sure that the port number appended to the destination servers
IP address matches the port number in the NOTES.INI file on the
destination server. Also, verify that the server name and
organization are correct.
For example, this setting in the port-mapping servers NOTES.INI
file assigns the destination servers IP address and port number:
TCPIP_PortMapping00=CN=Server1/O=Org1,198.114.89.123:135
20

The destination servers NOTES.INI file contains:


TCPIP_TcpIpAddress=0,198.114.89.123:13520

Passthru connections Troubleshooting


If passthru isnt working as expected, check these conditions and correct
them, if necessary. You can also search for solutions to common
problems on the Lotus Support Services Web site at
www.lotus.com/support.
Tip To record connection problems in the log, set the Log Options field
(in the Trace Connections dialog from the Domino Administrator) to Full
Trace Information.

2. Check the Server document to ensure that the server is enabled for
passthru. The Route through field on the Security tab in the Server
document restricts who may use a server as a passthru server. By
default, this field is blank, which prevents use of the server as a
passthru server. You can also create a new passthru Connection
document that names a different server that allows passthru to the
destination server.

Troubleshooting 63-79

Troubleshooting

1. Verify that the passthru server is running Domino 4.x or higher. The
destination server can run Notes 3 or Domino 4.x or higher.

You can also use the Access this server field in the Server
document to restrict who can use passthru to access a server. If this
field is blank on the destination server, the server does not allow
passthru access. Only the users, groups, and servers explicitly named
in this field have passthru access. Note that this field does not restrict
general access to the server, which is controlled by fields on the
Security tab of the Server document.
3. Make sure that the Connection document is properly configured.
Check the log for the message Unable to find any path to
ServerName, which indicates that there may not be enough
information in the Domino Directory to determine how to reach the
destination server or that the information in the Domino Directory is
incorrect for example, server names might be misspelled.
For more information on setting up and tracing connections, see the topic
Tracing a network connection earlier in this chapter, as well as the
chapter Setting Up Server-to-Server Connections.

Replication Troubleshooting
These topics describe how to troubleshoot replication.

Tools for troubleshooting replication describes tools you can use for
troubleshooting replication problems.

Replication - Problems and error messages describes problems and


errors that users or Domino servers may experience during
replication.

You can also search for solutions to common problems on the Lotus
Support Services Web site at www.lotus.com/support.

Tools for troubleshooting replication


Database access control list problems, server crashes, protocol problems,
and incorrectly configured Connection documents are common causes of
replication errors. Use these tools to troubleshoot replication.
Cluster replication
The log file (LOG.NSF) provides helpful information for troubleshooting
replication problems within a cluster.

63-80 Administering the Domino System, Volume 2

Log file
To access the log, from the Domino Administrator, click the Servers Analysis tab and select the log file for the server you want to check. Then
check for replication problems in these views:

Miscellaneous events

Phone calls

Replication events

Tip You can also check replication events from the Replication tab in
the Domino Administrator.
Edit the NOTES.INI file to include the Log_Replication setting, which
allows you to display detailed replication information in the log.
Monitoring Configuration
The Monitoring Results database (STATREP.NSF) is a repository for
pre-configured and custom statistics. It is created when you load the
Collect task, if it doesnt already exist. You can set alarms for some of
these statistics. For example, you might set an alarm to generate a Failure
report when more than three attempted replications generate an error.
You can also report statistics to any database designed for this purpose,
although typically the database is the Monitoring Results database
(STATREP.NSF).
Note that you can edit the NOTES.INI file to include the
Repl_Error_Tolerance setting, which increases the number of identical
replication errors between two databases that a server tolerates before it
terminates replication. The default tolerance is 2 errors. The higher the
value, the more often messages such as Out of disk space appear.
If you run the Event task on a server, you can set up an Event Monitor
document to report replication problems. You can also create a
Replication Monitor document that notifies you if a specific database fails
to replicate within a certain time. To view events from the Domino
Administrator, click the Server - Analysis tab, click Statistics - Events,
and then view the desired report.

Troubleshooting 63-81

Troubleshooting

Replication history
The replication history for a database describes each successful
replication of a database. To view the replication history of a database,
select a database icon and choose File - Database - Properties (or File Database - Replication - History).

Replication schedules
You can see a graphical representation of the replication schedules of the
servers in your Domino system. To view replication schedules, from the
Domino Administrator, click the Replication tab.
For more information on viewing replication schedules, see the chapter
Creating Replicas and Scheduling Replication.
Replication topology maps
Create a replication topology map to display the replication topology and
identify connections between servers. To view replication topology
maps, from the Domino Administrator, click the Replication tab. You
must load the Topology maps task before you can view a replication
topology map.
For more information on viewing replication topology maps, see the
chapter Creating Replicas and Scheduling Replication.

Replication Problems and error messages


These topics describe how to troubleshoot replication problems.

Replication isnt occurring between two servers

Scheduled replication isnt occurring between two servers

One database isnt replicating between two servers

Database replica does not contain all the documents it should

Database replica is not receiving design changes

Changes to the database title do not replicate

Database replicas are different sizes

The database stops replicating and the option Enforce a consistent


ACL is selected

The database replica has not received ACL changes

The new replica contains the ACL of the source server but you did
not copy the ACL

You see the message Database is not fully initialized yet

Deletions are not replicating

Unexpected deletions occur in a replica

Deleted documents reappear

63-82 Administering the Domino System, Volume 2

Replication isnt occurring between two servers


When two servers cant replicate any of the databases between them,
these messages may appear in the log:

Unable to replicate with server x: Server Not Responding

Unable to replicate with server x: The Notes server is not a known


TCP/IP Host

Unable to replicate with server x: Your address book does not


contain any cross certificates capable of authenticating the server

Unable to replicate with server x: The servers address book does


not contain any cross certificates capable of authenticating you

Unable to replicate with server x: You are not authorized to use the
server or remote server

Check for the following conditions and correct them, if necessary:


1. Create Connection documents that list Replication in the Tasks field.
Unless you enable multiple replicators on the server, make sure that
replication schedules dont overlap.
2. Verify that the servers have a certificate in common. To verify
certificates, check the server ID files.
a. From the Domino Administrator, click the People and Groups
tab.
b. From the tool bar, click Certification - ID file.
c. Choose the appropriate server ID file and click Open.
d. Click Certificates to display the certificates held by the server.
e. Repeat Steps a through d for the second server.
f. Recertify one or both server IDs, as necessary. If the servers dont
have a certificate in common, you can also cross-certify them.

4. Check the Miscellaneous Events view of the log to see if a network


error message occurred when the server attempted to connect to the
other server.
5. Check the Phone Calls view of the log to see if two servers are unable
to use dialup connections.

Troubleshooting 63-83

Troubleshooting

3. Make sure the server is available. Check the log for the message
Unable to replicate with server x : Server not responding, which
indicates that one server cant connect to another server for
replication or that server x is unavailable.

Scheduled replication isnt occurring between two servers


1. Check that the server names are spelled correctly in the Connection
documents.
2. Make sure that multiple Connection documents dont have
overlapping schedules for the same task in the same direction. If
multiple Connection documents have overlapping schedules, correct
the schedules or enable multiple replicators on the server.
3. If many users access a server or if a server performs many tasks, it
takes longer for Domino to build a list of the databases that two
servers have in common, a task that occurs just prior to replication. If
building the list takes a long time, a scheduled replication may be
delayed. Check server load statistics and, if necessary, replicate only
specific databases, remove obsolete databases from the servers,
and/or move some databases to another server. You can also reduce
the number of users who access the server or reduce the number of
tasks the server performs.
4. Make sure that the server has adequate disk space. If it doesnt,
remove obsolete databases and/or move some databases to another
server.
One database isnt replicating between two servers
When replication occurs correctly between two servers but one database
doesnt replicate correctly, these symptoms might occur:

The message Unable to replicate xxx.nsf appears in the log file.

Users report that documents are different on each replica.

To correct this problem, try these tips.


1. Check if the database ACL is set up incorrectly. The message Access
control is set to not allow replication in the log file indicates that the
servers do not have the correct access to perform replication. Give
the servers enough access in the database ACL to replicate changes.
A server must have:
Editor access to replicate changes to documents
Designer access to replicate changes to views and forms
Manager access to replicate ACL changes
If replication occurs through a passthru server, the passthru server
must also have the necessary access to pass along changes.

63-84 Administering the Domino System, Volume 2

2. Check the log file for an Unable to copy document or similar


message. This message indicates a corrupted database. To correct the
problem, do one of the following:
Run the Fixup task. Use this task if the database is in Domino 5 or
higher format and if youre not using transaction logging, or if the
database is in Domino 4 format.
Run the Fixup task with the -J option. Use this task if the database
is in Domino 5 or higher format and you are using transaction
logging. If you use a backup utility certified for Domino 5 and you
run Fixup -J, perform a full backup of the database as soon as
Fixup finishes.
3. Check the log file for a Replication is disabled message, which
indicates that the database is not enabled for replication. To enable
replication of the source database, choose File - Replication - Settings
- Other and deselect Temporarily disable replication.
4. Check if the Enforce a consistent Access Control List option has
been set on a replica. Sometimes replication cannot occur because
this option has been set, but the server storing the replica lacks the
appropriate access to replicate the ACL. If this is the case, give the
server Manager access in the database ACL.
5. Make sure there have been recent changes to the database.
Replication occurs only when there are changes to replicate.

Database replica does not contain all the documents it should


If none of the following explanations apply, try clearing the replication
history. Clear replication history using the File - Replication - History
dialog box in the Notes client.
For more information on replication history, see the chapter
Maintaining Databases.

The source server has insufficient access


The source server access in a destination replica ACL determines what
the destination replica can receive from the source server. Give the
source server higher access in the destination replica ACL if necessary.
The following message in the server log file (LOG.NSF) indicates
insufficient server access:
Access control is set to not allow replication

For more information on the log file, see the chapter Using Log Files.
Troubleshooting 63-85

Troubleshooting

Replicas are different sizes


If changes made to one replica have not yet replicated, the content of
replicas may be different until replication occurs.

There is no destination server in an access list


Access lists allow only a subset of people and servers in the ACL to
access documents. If such access lists exist, add the destination server to
them in the source server replica. If the access list uses a role to define
access, add the destination server to the role on the source server replica.
For more information on server access, see the chapter Creating
Replicas and Scheduling Replication.
An intermediate server has insufficient access
If replication between a source and destination server occurs through an
intermediate server, make sure the source and destination server replica
ACLs give the intermediate server high enough access to replicate all
changes.
For more information on server access, see the chapter Creating
Replicas and Scheduling Replication.
Replication settings are filtering documents
Some replication settings act as filters that screen out documents and
features. Check the replication settings.
For more information on replication settings, see the chapter Creating
Replicas and Scheduling Replication.
The server is out of disk space
Check to see if the database is a Domino 4 database and has exceeded the
maximum database size. Ask your Domino administrator to resolve disk
space problems and if necessary, consider moving a replica to another
server or deleting databases on the server.
Older documents werent replicated to a new replica
When the replica was created, the date specified for the replication
setting option Only replicate incoming documents saved or modified
after is later than it should have been. This option is on the Other panel
of the File - Replication - Settings dialog box in the Notes client. Create a
new replica with an earlier date specified.

Database replica is not receiving design changes


To receive design changes from a source server, the database replica on
the destination server must give the source server at least Designer
access and the source server replica must give the destination server at
least Reader access.

63-86 Administering the Domino System, Volume 2

Changes to the database title do not replicate


If the replication setting Do not send changes in database title & catalog
info to other replicas is set on the source server replica, the title wont
replicate. Deselect this setting to replicate a database title. This setting is
on the Send panel in the File - Replication - Settings dialog box in the
Notes client.
For more information on this replication setting, see the chapter
Creating Replicas and Scheduling Replication.

Database replicas are different sizes


Database replicas may be different sizes for the following reasons:
Replication settings
Some replication settings cause one replica to receive only a subset of
documents and features from another replica.
Access control list
The ACL prevents a replica from receiving all documents or design
elements from a source replica.
Read ACLs or reader names fields
A destination server isnt included in a Read ACL or Reader Names field
and therefore doesnt receive all documents from a source server replica.
View indexes
A view is used in one replica but not in another, and the replica
containing the unused view is smaller because no index is built for the
unused view.
Personal agents, views, or folders
These features used on one replica, but not another, can cause a size
disparity between the replicas.

On the Advanced panel, the Deletions option under Replicate


incoming is not selected.

On the Send panel, the Do not send deletions made in this replica to
other replicas option is selected.

Unused space
One replica has been compacted while another has not been compacted.
Troubleshooting 63-87

Troubleshooting

Deletions are not replicated


Check these replication settings in File - Replication - Settings in the
Notes client:

The database stops replicating and the option Enforce a consistent


ACL is selected
If a user changes a local or remote server database replicas ACL when
the Enforce a consistent access control list across all replicas of this
database option is selected, the database stops replicating. This option is
found on the Advanced panel of the Access Control List dialog box. The
message in the log file is:
Replication cannot proceed because cannot maintain uniform
access control list on replicas

The database replica has not received ACL changes


To receive ACL changes from a source server, the database replica on the
destination server must give the source server Manager access and the
source server must give the destination server at least Reader access.
For more information on server access, see the chapter Creating
Replicas and Scheduling Replication.

The new replica contains the ACL of the source server but you did
not copy the ACL
A replica stub is an empty replica that has not yet been populated with
documents. When you select File - Replication - New Replica, Notes
creates a replica stub and populates it with documents, either
immediately or at the next scheduled replication, depending on the
option you select.
For more information on server access, see the chapter Creating
Replicas and Scheduling Replication.
Somebody modified the access control list on the source server
before initial replication occurred
If you create a replica stub and somebody modifies the ACL on the
source server before initial replication occurs, the ACL on the source
server becomes the most recent one and replicates to the replica stub.
Simply opening the Access Control List dialog box on the source server
replica and then closing it can cause this problem.
The server times are not synchronized
If you create a complete replica immediately (rather than creating a
replica stub) and the time on the source server is later than the time on
the destination server, the new replica contains the ACL from the source
server.

63-88 Administering the Domino System, Volume 2

You see the message Database is not fully initialized yet


A replica stub on a workstation hasnt been manually replicated
If users create replica stubs on their workstations and dont populate
them with documents according to a schedule, they must manually
replicate to populate the database replica with documents.
The server storing the replica stub doesnt have adequate access to
pull information
If you rely on scheduled replication to populate a replica stub, the server
storing the replica stub must have at least Reader access in the source
server replica ACL to pull the documents from the source server.
For more information on server access, see the chapter Creating
Replicas and Scheduling Replication.
An appropriate Connection document between two servers isnt in
place
If you rely on scheduled replication to populate a replica stub on a server
with documents from a replica on another server, a correctly-configured
Connection document must exist between the two servers storing the
replica and the replica stub. Confirm with your Domino administrator
that an appropriate Connection document exists.
Replication is disabled
Notes cannot populate a replica stub if replication is disabled on the
source or destination server replica. To check if replication is disabled for
the database, see if the Temporarily disable replication option is
deselected. This option is found on the Other panel of File - Replication Settings in the Notes client.

Deletions are not replicating

Troubleshooting 63-89

Troubleshooting

Servers dont have adequate access to the database


To receive document deletions, the ACL on a destination server replica
must give the source server Editor access or higher and have the access
level privilege Delete documents selected.

A replication setting is preventing deletions from replicating


Check these replication settings in File - Replication - Settings in the
Notes client:

On the Send panel, the option Do not send deletions made in this
replica to other replicas. A source server doesnt send deletions to
another replica if this setting is selected.

On the Advanced panel, the Deletions option under Replicate


incoming. A replica doesnt receive deletions if this setting is not
selected.

Unexpected deletions occur in a replica


Check these replication settings in File - Replication - Settings in the
Notes client:

On the Advanced panel, deselect Replicate incoming: Deletions to


prevent a database from receiving deletions made in other replicas.

On the Other panel, select Do not send deletions made in this


replica to other replicas to prevent a database from sending
deletions

Unexpected deletions may also occur for any of the following reasons:
There is a new replication formula in place
A new replication formula overrides previous formulas and removes
documents that dont match the formula.
A replication setting is automatically removing older, unmodified
documents
The replication setting Remove documents not modified in the last [ ]
days removes older, unmodified documents. If the specified number of
days is low, consider increasing the value. This option is on the Space
Saver panel of the File - Replication - Settings dialog box in the Notes
client.

Deleted documents reappear


A purge interval prevents replication of deletions
When a document is deleted, it leaves behind a deletion stub. When the
database replicates, Notes uses the deletion stub to identify and delete
the same document in the replica.
To save disk space, Notes purges deletion stubs that remain from
document deletions according to the replication setting Remove
documents not modified in the last [ ] days. If Notes purges the deletion
stubs before they have a chance to replicate, deleted documents can
63-90 Administering the Domino System, Volume 2

reappear after the next replication. This option is on the Space Saver
panel of the File - Replication - Settings dialog box in the Notes client.
A document edit writes over a document deletion
When the same document is modified on different servers between
replication sessions, the document that was modified most
frequently takes precedence, or if both documents are modified only
once, the one modified most recently takes precedence.

If a document is edited multiple times on one server and deleted on


another server between replication sessions, the edited document
takes precedence because it underwent the greatest number of
changes, even if the deletion was the most recent change.

If somebody deletes a document on one server and then someone


else updates the document on another server once between
replication sessions, the edit overrides the deletion because both
documents were updated once and the edit occurred after the
deletion.

Server access Troubleshooting


These topics describe how to troubleshoot server access problems and
errors:

The administrator cant enter commands at the server

Users cant see a new server in the list of servers

Server not responding

You are not authorized to access the server or similar problems

You can also search for solutions to common problems on the Lotus
Support Services Web site at www.lotus.com/support.

Use the Set Secure command at the console or use the Domino
Administrator to clear the password.
For information on using the Set Secure command, see the appendix
Server Commands.

Troubleshooting 63-91

Troubleshooting

The administrator cant enter commands at the server


If an administrator cant run the workstation program on the server, run
stand-alone server programs, or use the Load, Tell, or Set Configuration
commands, the console has been password-protected.

Users cant see a new server in the list of servers


If users cant see a new server when they try to add, create, copy, or
replicate a database, make sure that the Domino Directory contains a
Server document for the new server and that the information in the
document is accurate and correctly spelled. If no Server document exists,
create one and then make sure that the new Server document replicates
to all servers in the domain. If a Server document exists and contains
accurate information for the new server, check the log file on both the
users home server and the inaccessible server to see if there are network
problems.
Server not responding
The message Server not responding may appear when you install a
client or try to open any database on a particular server.
1. Check that the Domino server and the network are running.
2. Check if the server has been renamed or recertified. When a user
tries to open a database on a server that has been recertified or
renamed, the message Server not responding may appear. Users
should use the new server name to open the database.
3. Check the Server document for an invalid or nonexistent host name
as the Notes RPC proxy. From the Domino Administrator, click the
Configuration tab and open the appropriate Server document. Click
the Ports - Proxies tab. A Domino server that is configured to use
TCP/IP cant transfer mail or initiate replication with another server
in the local domain if the host name is invalid or nonexistent. In
addition to Server not responding, No Path Found to Server and
Proxy Reports that the Connection Request Failed messages may
appear.
A Domino server configured to use a Notes RPC proxy attempts to
route all outbound connection requests through the listed proxy,
whether or not the proxy exists. Because most Domino systems dont
use an RPC proxy, this field should generally be left empty.
Note If full trace logging is enabled in the NOTES.INI file, the log
file records detailed information about failed attempts to connect to a
remote server. The PassThru_LogLevel is typically set 0 to minimize
unnecessary logging.
4. If youre using NetBIOS, make sure its configured properly and that
its running on the workstation or server. The workstation and the
server must use the same version of NetBIOS, and the server must be
enabled for sufficient NetBIOS sessions.

63-92 Administering the Domino System, Volume 2

Also, filters might prevent broadcast traffic from Notes from crossing
a bridge or router. Bridges and routers are often configured to
suppress broadcast traffic by default, and NetBIOS uses broadcasts
to communicate on networks.
You are not authorized to access the server or similar problems
When users or servers get a not authorized to access the server
message, try these tips to identify and then fix the problem.
1. Check the Domino Directory.
2. Check the server ID.
3. Check that the user has the proper certification to access the server.
4. Check for network or hardware problems.

Checking the Domino Directory for errors that affect server access
Many conditions that prevent proper access to servers can be traced to
the Domino Directory.
1. Verify that these fields in the Server document contain the correct
information and spelling. For each change you make, be sure to save
the Server document before attempting to access the server again.
Check this

Server name

Make sure that the full hierarchical server name is


spelled correctly.

Domain name

Make sure that the name is spelled correctly.

Port

If a COM port is listed, remove it. X.PC COM ports are


only handled in the ports configuration section.

Notes Network

Make sure that at least one Notes Network is enabled.


Each port requires a unique Notes network name.

Field on the
Restrictions tab

Check this

Access server

Delete the contents of this field if it contains any


information. Only those names or groups listed in the
field are allowed to access the server.

Not access server

Delete the contents of this field if it contains any


information. The users or groups listed in the field are
not allowed to access the server.

Troubleshooting 63-93

Troubleshooting

Field on the
Network
Configuration tab

2. Make sure the Server document isnt corrupted. To determine if it is


corrupted, create a new Server document and use it instead of the
old one. If the new Server document resolves the problem, its likely
that the original Server document is corrupted. Be sure to create a
backup of the original Server document by either copying and
pasting the original into another Server document or by backing up
the database.
After you create the new Server document, copy the public key into it.
3. Verify that the Certified public key in the server ID file is the same as
the Public key. To do this, copy the certified key and paste it into a
text file, and then compare the two key values, which should be the
same. If the values differ, the server ID was probably created with
the same name based on a different Certifier key. Before altering the
key, create a backup of the Domino Directory.
4. Check Group documents in the Domino Directory for correct user
and server names. In particular, check the Group documents for
groups listed in the Access server and Not access server fields in
the Server document. In addition, be sure to check the Group Type
setting of these Group documents. The Group type assigned to a
group can affect server access.
5. Resolve any replication or save conflicts in the Groups and People
views.
6. Make sure that all views in the Domino Directory are updated and
not damaged. To rebuild all of the views in that database, enter this
command at the console:
Load updall names.nsf -r

If you suspect that the Domino Directory is corrupted, do one of the


following:
Run the Fixup task. Use this task if the database is in Domino 5 or
higher format and if youre not using transaction logging, or if the
database is in Domino 4 format.
Run the Fixup task with the -J option. Use this task if the database
is in Domino 5 or higher format and you are using transaction
logging. If you use a backup utility certified for Domino 5 and you
run Fixup -J, perform a full backup of the database as soon as
Fixup finishes.
In addition, if you suspect a corrupted Domino Directory, try using a
backup of the Domino Directory (if one is available), or create a new
replica of the Domino Directory.

63-94 Administering the Domino System, Volume 2

7. Replace the design of the Domino Directory. Select File - Database Replace Design. This ensures that the Domino Directory is using the
correct template file (PUBNAMES.NTF).
8. Check Server document form in the Domino Directory for
customizations that are not supported.
For information about supported customizations, see the appendix
Customizing the Domino Directory.
9. Make sure that passthru is properly enabled on the Server document.
For information about enabling passthru, see the topic Passthru
Troubleshooting earlier in this chapter.

Checking the server ID for a problem that affects server access


When the message You are not authorized to access that server
appears, the problem can sometimes be the server ID.
1. Check for a damaged server ID. If a server ID is damaged, the
Domino server may start, but users wont be able to access it. Also,
the message Server Error: Damaged ID appears when you start the
Domino server.
If the server ID was recently recertified, the ID may have been
damaged if the Domino server wasnt shut down before the server
ID was recertified or merged.
If you suspect that the server ID is damaged, you can replace the
server ID with a new ID.
2. Verify that the server has all of the required certificates.
a. From the Domino Administrator, click the People and Groups
tab.
b. From the tool bar, click Certification - ID file.
c. Choose the appropriate server ID file and click Open.
d. Click Certificates to display the certificates held by the server.
e. Recertify the server ID, if necessary.

Troubleshooting 63-95

Troubleshooting

3. Check for a Public Key... message that appears when the server
starts. Verify that the public key stored in the Server document
matches the public key stored in the server ID. To do this, copy the
IDs public key to the clipboard, and then paste it to another
application for example, into Windows Notepad so that you
can compare it with the public key in the Server document. Be sure
to perform a full backup of the Domino Directory before altering the
key.

Replacing the server ID


If you suspect that the server ID is damaged, replace it with a backup of
the ID. If you dont have a backup of the server ID available, create a new
server ID. Be sure to use the same name on the new ID as you used on
the old ID.
1. Shut down the Domino server.
2. Rename the old server ID for example, Server.OLD. You must
rename the ID to force the ID file to a new location on the hard disk.
3. Copy the backup (or new) server ID to the correct location on hard
drive. ID files are typically located in the Notes\Data directory.
4. Restart the server.

Copying the public key


1. From the Domino Administrator, click the People and Groups tab.
2. From the tool bar, click Certification - ID File.
3. Select the ID file you want and click Open.
4. Click More Options.
5. Click Copy Public Key to copy the entire public key to the clipboard.
6. Paste the public key into the associated document for example,
into a new Server document.

Server crashes Troubleshooting


When a server crashes, the simplest solution is to restart it; however, you
might want to find out why it crashed so that you can avoid future
crashes. These topics describe how to troubleshoot a server crash.

How to troubleshoot server crashes provides steps for collecting


information about and troubleshooting server crashes.

Server crashes Problems and error messages describes problems


and errors that relate to server crashes.

You can also search for solutions to common problems on the Lotus
Support Services Web site at www.lotus.com/support.

How to troubleshoot server crashes


The most common causes of server crashes are the following:

Low or depleted system resources

High server workload

63-96 Administering the Domino System, Volume 2

Software problems

Network problems

Changes to network or operating system environments

Changes in hardware configuration for example, upgraded NICs


or software configuration

Use these steps to troubleshoot a server crash. If, after completing these
steps, you havent resolved the problem, consult your technical support
representative.
1. Collect system information:
Domino server version
Operating system version (SYSLEVEL information if the operating
system is OS/2, by typing SYSLEVEL at an OS/2 prompt).
Network type and version; network protocol(s) and version(s)
(including file dates)
System level patches
Server hardware
Names of API programs and tasks, gateways, backup programs,
executable scripts, third-party programs, and so on.
2. Note any changes to these elements of the Domino environment. If
possible, revert to the previous configuration to determine if the
problem still occurs.
Operating system changes for example, did you upgrade the
operating system or apply a new patch?
Network changes for example, did you add a new router or
upgrade the network software or firmware?
Network interface card (NIC) changes for example, is the NIC
new, or is the NIC software driver old and the operating system
new?

Other hardware or software changes.


3. For an OS/2 server crash, check for a crash screen. Collect all codes
that are displayed and check them against the table of OS/2 server
error codes.
For information on these codes, see the topic Domino OS/2 server
crashes later in this chapter.
4. If the last message on the console starts with the word Panic,
record the entire message.
Troubleshooting 63-97

Troubleshooting

Domino changes for example, did you upgrade to a new release


of Domino or migrate new users?

5. If possible, capture the last screen displayed on the console or save


the Console Log file.
6. Stop all tasks running on the Domino server, and then stop the
Domino server.
7. If an NSD log file was created, verify the time and date of the file,
which should coincide with the time and date of the crash. If
necessary, Lotus Support Services will use this file to identify where
the crash occurred.
Note If a crash doesnt produce an NSD log file, the server may be
out of disk space or memory.
8. Restart the server.
9. Check the Miscellaneous Events view in the log. Record all entries
that occurred immediately before and after the crash. To do this,
double-click the appropriate entry to open it. In particular, look for
an NSF file in the entry, which may indicate where the crash
occurred. If a particular database appears to have caused the crash,
check the replication history of that database for additional
information.
10. Collect these configuration files:
CONFIG.SYS For OS/2
NOTES.INI All platforms
STARTUP.CMD For OS/2
PROTOCOL.INI For OS/2
NET.CFG For OS/2 and NetWare
AUTOEXEC.NCF For NetWare
STARTUP.NCF For NetWare
Windows diagnostics file Windows NT

Server crashes Problems and error messages


These topics describe problems and errors that may cause a server crash:

Corrupt database causes a server to crash

Corrupt view causes a server to crash

Server crashes while updating a database index

The Router task causes the server to crash

Domino OS/2 server crashes

63-98 Administering the Domino System, Volume 2

Corrupt database causes a server to crash


If an Unable to copy database, Unable to copy document, or similar
message appears in the Miscellaneous Events view of the log, a database
is corrupted. Do one of the following to correct the problem:

Run the Fixup task. Use this task if the database is in Domino 5 or
higher format and if youre not using transaction logging, or if the
database is in Domino 4 format.

Run the Fixup task with the -J option. Use this task if the database is
in Domino 5 or higher format and you are using transaction logging.
If you use a backup utility certified for Domino 5 and you run Fixup
-J, perform a full backup of the database as soon as Fixup finishes.

Note The Fixup task can take a significant amount of time to run on a
large database or on the entire server.
For more information on using Fixup to repair corrupted databases, see
the chapter Maintaining Databases.
Corrupt view causes a server to crash
If a server crash seems related to a corrupt database view, run the Updall
task on the database with the -r option:
Load updall databasename -r

Note The Updall task can take a significant amount of time to run on a
large database. It will also take a significant amount of time if you run
Updall without specifying the database name, which forces the task to
run on all databases on the server.
Server crashes while updating a database index
If a server crashes while updating a database index, do the following:
1. Run the Updall task on the database with the -r option to fix a
damaged database index:
Load updall databasename -r

2. If Updall does not fix the problem, use this procedure:


a. Make a replica of the corrupted database. Be sure to give the
replica a new file name.
b. Delete the original corrupted database.
c. Use the original database file name to rename the new replica.
d. Restart the server.
Troubleshooting 63-99

Troubleshooting

Note The Updall task can take a significant amount of time to run
on a large database. It will also take a significant amount of time if
you run Updall without specifying the database name, which forces
the task to run on all databases on the server.

The Router task causes the server to crash


In many cases, a crash occurs while a particular task is running. You can
often determine the task from the crash screen or from the NSD log file. If
the crash is related to the Router task, there could be a problem with
MAIL.BOX.
1. Rename MAIL.BOX.
2. Restart the server. The server will automatically create a new
MAIL.BOX.
3. Copy and paste the messages from the old MAIL.BOX to the new
MAIL.BOX.
Domino OS/2 server crashes
If an OS/2 server crashes, a message resembling the following appears:
Trap 000C Internal Processing error at Location #nnn:nnn
Trap 000D CS=nnnn IP=nn xxxxx
CSLIM = nnnn

where nnnn represents error locations and addresses.


Crashed network drivers or an OS/2 problem may cause this error.
Record the addresses and report them to your network administrator.
Then restart the server.
Codes that display when an OS/2 server crashes
When an OS/2 server crashes, the console displays an error code. Record
the code.
Code Meaning

Cause

The software is bad.

Divide error

1.00 Debug exceptions

The software is bad. Record all addresses.

2.00 NMI interrupt

Stands for non-maskable interrupt. The software is


bad. Record all addresses.

3.00 Breakpoint

There is a software problem. Record all addresses.

4.00 Overflow

The software is bad. Record all addresses.

5.00 Bound range


exceeded

There is a software problem. Record all addresses.

6.00 Invalid opcode

There is a software problem. Record all addresses.

7.00 Coprocessor not


available

The software is expecting a math coprocessor, and


one isnt installed.

8.00 Double fault

Two traps occurred at the same time. Record all


addresses.
continued

63-100 Administering the Domino System, Volume 2

Code Meaning

Cause

9.00 Coprocessor
segment overrun

There is a software problem. Record all addresses.

A/10 Invalid task state


segment

There is a software problem. Record all addresses.

B/11 Segment not


present

There is a software problem. Record all addresses.

C/12 Stack exception

There is a software problem. Ignore this code if it


follows a code D/13.

D/13 General protection There is a software problem or a corrupted database.


F/15 Coprocessor error

There is a bad coprocessor chip.

NSD log files


NSD log files can help determine the cause of a server or workstation
crash. A program called NSD (nsd.exe for W32 platforms, nsd.sh for
Unix platforms) creates these files in the Domino data directory (for a
server) or in the Notes data directory (for a workstation). The files
contain information about the tasks which were running when it crashed
as well as general system information.

Server-based certification authority Troubleshooting


These topics describe common problems with the server-based
certification authority and the CA process. You can also search for
solutions to common problems on the Lotus Support Services Web site at
www.lotus.com/support.
Problems when you create or modify a certifier
If you have problems creating or modifying a server-based CA for
example, the CA process doesnt load when you issue the Tell Load CA
command, or returns an error check the following:
The administrators location document must point to the server on
which the CA process is running.

The mail file location on the Mail tab of the administrators location
document must point to the server on which the CA process is
running.

The administrators public key must be in the Domino Directory for


the server specified in the location document.

CA administrators must have at least Editor access to the master


Domino Directory for the domain.

Troubleshooting 63-101

Troubleshooting

CA process takes a long time to make changes to a certifier


When you create a new certifier, make changes to an existing one, or
revoke a certificate, the changes usually take place by the time the CA
process refreshes itself. Sometimes the process takes longer, because:

The CA process has to create or update the CA configuration


documents, and, in the case of Internet certifiers, post a CRL.

The CA process may be running on a server other than the one that
hosts the master Domino Directory, adding replication delays to the
process.

Replication of the Administration Requests database can add delays.


A request or change may be approved on one replica, but the change
has to be replicated to other servers in the domain.

To see the results of any CA process operation immediately, at the server


console type:
tell adminp process all

Then
tell ca refresh

Then
tell ca stat

to see if the changes have been processed. You may need to repeat the
process more than once.
For more information about configuring and using a server-based CA,
see the chapter Setting Up a Domino Server-Based Certification
Authority.

Transaction logging Troubleshooting


These topics describe common problems with transaction logging. You
can also search for solutions to common problems on the Lotus Support
Services Web site at www.lotus.com/support.

Invalid transaction log path


If Domino cannot access the transaction log path, the server console
displays error messages indicating: the invalid log path, databases
requiring media recovery or Fixup, and a panic.
1. Check the log path to make sure it exists.
2. Check that the server has write access to the log path.
63-102 Administering the Domino System, Volume 2

3. If the log path is correct and the device is good, restart the server. The
problem should be fixed and you do not need to continue to step 4.
4. If log path is correct but the device is bad, replace the device on the
log path, or edit the TRANSLOG_Path setting in NOTES.INI to point
to a different log path.
Note If you edit the TRANSLOG_Path setting when you restart the
server, be sure to make the same edit to the Log path field in the
Server document. Otherwise, Domino reverts to the old path upon
the next server restart.
5. Restart the server. Domino creates new log files and a control file,
and assigns new DBIIDs to all Domino 5 or higher databases.
6. If Automatic fixup of corrupt databases is set to Yes in the Server
document, the Fixup task runs on the databases that require media
recovery or Fixup. Otherwise, you must run the Fixup task manually.
7. Perform full database backups.

Transaction log damaged or corrupted


If the transaction log appears to be damaged or corrupted, the server
console displays error messages indicating: the log is damaged,
databases requiring media recovery or Fixup, and a panic.
The error may occur because of a failed read from or write to the
transaction log.
1. Restart the server to correct the error. If the damaged log error does
not appear again, the log is not damaged.
2. Stop the server again so it shuts down cleanly.
3. Perform full database backups.
4. Restart the server.
If you continue to received the damaged log error, the active
transaction log is damaged or corrupted.
5. Delete the transaction log files and the control file.

7. If Automatic fixup of corrupt databases is set to Yes in the Server


document, the Fixup task runs on the databases that require media
recovery or Fixup. Otherwise, you must run the Fixup task manually.
8. Perform full database backups.
If the error occurred during media recovery, an archived log file may
be corrupted.
Troubleshooting 63-103

Troubleshooting

6. Restart the server. Domino creates new log files and a control file and
assigns new DBIIDs to all Domino 5 or higher databases.

9. Restart the server to correct the problem, and then stop the server so
it shuts down cleanly.
10. While the server is down, use the third-party backup utility to
perform media recovery. If the archived log still cannot be used,
allow database backups to be restored without the transactions in the
corrupted log.
11. Perform full database backups.
12. Restart the server.

Web server, Web Navigator, and the Web Administrator


Troubleshooting
There are a variety of Web server, Web Navigator, and Web
Administrator problems you may encounter.

Web server Problems and error messages describes problems and


errors that may occur with the Web server.

Web Navigator Problems and error messages describes problems


and errors that may occur with the Web Navigator.

Web Administrator Problems and error messages describes


problems and errors that may occur with the Web Administrator.

You can also search for solutions to common problems on the Lotus
Support Services Web site at www.lotus.com/support.

Web server Problems and error messages


These topics describe how to troubleshoot some common Web server
problems and errors:

Users cant see a list of files on a Web server or access a database

Users cant access a Domino Web server via the Internet

Users are prompted multiple times for their name and password

The browser displays Error 403 - Directory Browsing error - Access


forbidden

Users are prompted multiple times for their name and password
You can configure Domino Web sites so that Domino authenticates and
asks Web users for their credentials only once when they access different
locations. Like other Web servers, Domino adheres to the HTTP
authentication model. When a user accesses a page on a Domino Web
site, the browser keeps track of user credentials, based on the realm that

63-104 Administering the Domino System, Volume 2

the Domino server sends to the browser. A realm is a string, which is


typically a URL path, that the server sends to indicate the location, or
path, for which the user has been authenticated.
For example, if your server name is www.acme.com, then
www.acme.com is the top-level realm and www.acme.com/doc,
www.acme.com/hr, and www.acme.com/marketing are the lower-level
realms. If a user authenticates with the server when accessing the home
page for www.acme.com, then the user is authenticated for
www.acme.com and all lower-level realms.
However, if the user accesses www.acme.com/doc first, enters a name
and password and is authenticated, and then accesses
www.acme.com/hr, Domino prompts the user for credentials again. This
second prompt occurs because the browser examines the list of realms
for which Domino has successfully authenticated the user and finds
www.acme.com/doc in the browser realm list. Since www.acme.com/hr
is not a subdirectory of www.acme.com/doc, Domino requires the user
to enter credentials again.
To prevent users from being prompted multiple times for their names
and passwords, direct them to access and authenticate with the highest
level realm that they need to access. This way, Domino asks users for
their credentials only once during the browser session.
If a Web site includes a link to a site on another server and that site
requires authentication, users will be prompted again for their
credentials.
Users cant access a Domino Web server via the Internet
A firewall server often prevents users from accessing a Domino Web
server via the Internet. If you have a direct Internet connection, you can
ping the Domino server to see if you can access it. If you can ping the
server but still cant access it, telnet to the server on port 1352 (see your
telnet documentation for details on how to do this). If connecting with
telnet fails, the firewall server may be blocking the TCP port.

If users try to access a database and the message Unauthorized


exception appears, make sure they have the appropriate access in the
database ACL.

Troubleshooting 63-105

Troubleshooting

Users cant see a list of files on a Web server or access a database


When users try to use the OpenServer command to display a list of files
on a Web server and the message Database browsing not allowed
appears, make sure the option Allow HTTP clients to browser
databases is enabled in Server document for that server.

Browser receives error message Single Sign-on not Configured


when accessing an SSO enabled server
Verify that a Web SSO Configuration document exists for either a Web
Site or for the Server document and is enabled in the Session
Authentication field. If using Web Site documents, the Web SSO
Configuration documents appear in the Internet Sites view for the
specified web site. Otherwise, the Web SSO Configuration documents
appear in the Web Configurations view. You should also verify that the
Web SSO Configuration document is encrypted for the server to which
the browser is connecting, by checking the document to see that the
server is listed in the participating server field.
If the Server documents public key does not match the public key in the
server ID file, then the decryption of the Web SSO document will fail.
This could happen if the ID file was created multiple times and didnt
update the Server document correctly. Usually there is an error on the
server console indicating that the public key does not match the server
ID. If this happens, then SSO fails because the document could be
encrypted with a public key for which the server does not possess the
corresponding private key necessary for decryption. The way to correct
this is to copy the public key out of the server ID, paste it into the Server
document, and then recreate the Web SSO document.
Debugging session-based authentication problems
In session-based authentication, a cookie is created on the Web server.
Sometimes when the browser returns the cookie it doesnt work and
authentication fails. Administrators need to be able to see the calls that
the Web server is making to deny the cookie, or to see whether the server
even received it.
The NOTES.INI variable WebSess_Verbose_Trace should be used for
troubleshooting both single server and multi-server (as in single sign-on)
session-based authentication problems. Setting
WebSess_Verbose_Trace=1 enables a Domino Web server to record, at
the server console, detailed information about specific Web session-based
authentication sessions, such as unauthorized, unauthenticated, or
session expiration information.
After you correct the problem, make sure to disable this setting
remove it or set it to 0 because using it slows Web server performance.
Error 403 - Directory Browsing error Access forbidden
Check the Server document for an entry in the Home URL or Default
Home page fields. To display a home page on the Web server, one or
both of these fields must contain an entry.

63-106 Administering the Domino System, Volume 2

Web Navigator Problems and error messages


These topics describe how to troubleshoot some common Web Navigator
problems and errors:

Users cant send mail to the Internet from a mailto URL

TCP/IP host unknown and Remote system not responding.

URL Access Denied message trying to open certain Web pages.

The Web Navigator Retrieval process is not running trying to open


a Web page.

Users cant send mail to the Internet from a mailto URL


For users to send e-mail to the Internet, you must set up mail routing to
the Internet.
TCP/IP host unknown and Remote system not responding
Messages such as TCP/IP host unknown and Remote system not
responding usually indicate problems with the TCP/IP setup. If you
have a direct Internet connection and are able to use the IP address to
ping the remote host successfully, the Web Navigator may not be
running. If you use host names instead of actual IP addresses in
Connection documents, there may be a problem with name resolution.
To fix this problem, check the hosts file to verify that your domain name
system (DNS) can resolve the name to the IP address. If you do not have
a DNS, add the entry to the servers local hosts file, which maps host
names to IP addresses. The hosts file is usually located in the same
directory as the protocol software. It has a format similar to:
Domino server name

IP Host
name

IP Fully Qualified IP Address


Domain Name

Comment

Salt/Sales/Acme

salt

salt.usa.com

123.3.12.24.5

#Salt server

pepper.usa.com

123.3.12.678

#Pepper
server

Pepper/Support/Acme pepper

Troubleshooting
Troubleshooting 63-107

If the host name is the Domino servers common name, then the hosts file
or DNS will require an alias link as shown here:
Domino server
name

IP Host IP Fully
name Qualified
Domain Name

IP Alias name
entry

IP Address

Comment

Red/Marketing/ ruby
Acme

ruby.usa.com

red within the 123.3.12.212 #Red


host file or red
server
CNAME ruby
for the DNS

Purple/IS/Acme violet

pepper.usa.com purple within 123.3.12.83 #Purple


the host file or
server
purple
CNAME violet
for the DNS

URL Access Denied message trying to open certain Web pages


If users try to open a Web page and a URL Access Denied message
appears, check the Internet Site Access Control section under Server
Tasks - Web Retriever in the Server document for the Web Navigator
server to see if you prevented access to that Internet server.
The Web Navigator Retrieval process is not running
When users try to open a Web page within the database, they will get
this message if:

The Web task stopped running or hasnt been started on that server.
To resolve this problem, start the Web task on the server the runs the
Web Navigator.

The server specified in the InterNotes field in either their current


Location document or the Server document for their mail server is
not a server running the Web task. To resolve this problem, specify
the correct server name.

Web Administrator Problems and error messages


These topics describe how to troubleshoot some common Web
Administrator problems and errors:

Web Administrator initializes itself when resizing the window

Unable to log in to the Web Administrator

New policies do not appear as an option when registering users

63-108 Administering the Domino System, Volume 2

Web Administrator initializes itself when resizing the window


If youre using the Web Administrator with a Netscape 4.x browser and
you resize the browser window, the Web Administrator will reinitialize.
To avoid this problem, resize windows before using the Web
Administrator.
Unable to log in to the Web Administrator
Make sure you have the proper access level and roles in the ACL for the
Web Administrator database.
For information on access to the Web Administrator, see the chapter
Setting Up and Using Domino Administration Tools.
When you start the Web Administrator, Domino asks you for your name
and Internet password, which are stored in your Person document. You
must enter that name and password to access the database. If the Internet
Access security setting in the Server document is set to less name
variations, more security.
You may need to re-create the database. The Web Administrator must be
created and configured by the HTTP server to work properly. Do not
attempt to use File - Database - Replace Design or Refresh Design.
To re-create the database
Domino creates the Web Administrator database the first time that the
HTTP task runs on a server. Keep in mind that deleting the database
deletes existing administrator preferences.
1. Enter this command at the console:
tell http quit

2. Delete WEBADMIN.NSF.
3. Enter this command at the console:
load http

Note Do not try to refresh the database from the File menu using File Database - Replace Design or Refresh Design.

Troubleshooting 63-109

Troubleshooting

New policies do not appear as an option when registering users


If a policy that has been recently created does not appear as an option
during user registration, reload the Web Administrator so that the new
policy is available.

Server.Load Troubleshooting
The dynamic link library NNOTES.DLL could not be found in the
specified path
Check to see if SLOAD.EXE was copied to the Notes program directory.
Copying SLOAD.EXE to the Notes program directory should resolve the
issue.
Error detected on changeto: No such port known (0x0A25)
This message appears when you use a custom script. Enable the port by
choosing File - Preferences - User Preferences and selecting Ports.
Error in NIFFindView messages
Adding documents to a folder that does not exist returns the following:
Error in NIFFindView
add 10 -f $ABC
Error in NIFFindView: 0x0404--Entry not found in index
'add' summary: Added 10 notes

Although it states that 10 notes (documents) were added, no documents


were actually added. Create a folder before adding documents.
Error in NSFItemAppend: 0x013B Memory allocation request
exceeded 65,000 bytes
This message appears when you attempt to add a document containing a
non-summary text item that is larger than 65KB. Do not create
non-summary items that exceed 64KB.
Cannot create greater than 512 sessions, sessions count reduced
to 512.
The value supplied for Server_MaxSessions was greater than the limit of
512 for the NT platform. The session count will be reduced to 512, and
the built-in Idle Workload will continue to open 512 sessions to the
Domino server.

63-110 Administering the Domino System, Volume 2

Reference

Appendix A
Server Commands
You can use server commands to perform all administration tasks. This
appendix describes how to enter server commands and provides
complete information on using each server command.

Using a console to send commands to a server


Use a server console to see server events as they happen and to send
commands to a server. Server events are also logged to a servers log file
(LOG.NSF). You can view the log file from the Server - Analysis tab in
the Domino Administrator.
For more information on the log file, see the chapter Using Log Files.
There is a server console available directly at a server. There are also
remote consoles available through the Domino Administrator and the
Web Administrator. The types of commands you can send to a server
using a remote console depends on the level of administrator access you
have in the Server document.
For more information on restricting administrator access to a server, see
the chapter Controlling Access to Domino Servers. For information on
setting console attributes for a remote console, see the chapter
Monitoring the Domino Server.
Some tabs in the Domino Administrator and Web Administrator
automatically display information you would normally see as the result
of entering a server command at a console. For example, when you click
the Server - Status tab, and click Server Tasks you see the equivalent of
the Show Tasks command. In addition, several tabs have tool bars that let
you enter a command via a dialog box. For example, you can enter Tell
commands from the tool bar on the Server - Status tab.

A-1

Capturing server command output in a file


Certain server commands display information that you might want to
capture in a file. Type the server command and on the same line, type a
space and then the following:
> filename.ext

where filename.ext is the name of the file to which you want to save
output. Enter a space after the server command but not after the
redirection symbol (>). For example, this command writes the output of
the Show Tasks command to the file TASKS.OUT in the Notes directory:
Show Tasks > TASKS.OUT

To store output in a file outside the data directory, specify the complete
path to the file.

Entering commands at the console at the server


You can enter commands directly at the console at a server. If a server is
running under a Controller, you must use a remote console instead.
Note Most server commands support the arguments -? and /? to
display online help. For example, you could enter one of these to obtain
help for the server command Tell Amgr:
Tell Amgr -?
Tell Amgr /?

1. Double-click the Domino server icon if the server isnt running, or


switch to the console.
Note On a UNIX server, log into the server account, change to the
servers Notes directory, and enter server.
2. Press ENTER to display the console prompt (>).
3. Enter a server command.
If a command parameter contains a space, enclose it in quotation
marks for example:
Pull "Acme Server"

Tip To save time and space at the command line, enter the
abbreviation for the server command. You can also press the Up
arrow to display a command that you previously entered.
4. (Optional) Use these key combinations, as necessary:
Press CTRL+Q or PAUSE to stop the screen display and suspend
access to the server and events in process.
Press CTRL+R to resume display and access to the server.
A-2 Administering the Domino System, Volume 2

Sending Controller and shell commands from a remote console


A server can run under a Java-based Controller you start the server by
starting the Controller. You can use remote consoles in the Domino
Administrator or Web Administrator to send commands to a server that
runs under a Controller. You can send Controller commands and shell
(operating system) commands, as well as Domino server commands.
There is also a Java-based remote console available called the Domino
Console that you can use to connect to a Controller.
For information on the Server Controller and Domino Console, see the
chapter Setting Up and Using Domino Administration Tools.
To send a shell command to a Controller from a remote console, use the
prefix $, for example:
$Dir c:\tmp

To send a Controller command, use the prefix #, for example:


#Start Domino

If you are sending several shell or Controller commands, you can change
to Shell or Controller command mode in a remote console by entering the
appropriate prefix in the Command box and pressing enter. Then you do
not have to specify the prefix each time you send a command. To exit the
specified command mode, enter the prefix again.
For example, to enter the Controller command mode, enter # in the
Command box. When you are done sending Controller commands, enter
# again to exit Controller command mode.
The following table describes the available Controller commands.
Controller command

Description

Broadcast message

Broadcasts a specified message to all administrators


connected to the Controller

Disable username(s)

Disables a specified administrators connection to the


Controller. Connection remains disabled until you use the
Enable User command or until you quit and restart the
Controller. To disable more than one administrators
connection, specify multiple names, separated by
commas, for example:
#Disable user1,user2

continued
Server Commands A-3

Reference

Press CTRL+R (or ENTER) to restore a command line. For


example, you might restore a command line if an on-screen event
splits it or if it disappears while youre typing.

Controller command

Description

Enable username(s)

Enables an administrators connection that you


previously disabled using the Disable User command. To
enable more than one administrators connection, specify
multiple names, separated by commas, for example:
#Enable user1,user2

Kill Domino

Stops the processes on a server that is not responding

Quit

Stops the Domino server and the Server Controller

Refresh Admins

Refreshes the Controllers information about


administrators from the Domino Directory

Restart Domino

Stops the processes on a server that is not responding and


then restarts the server

Set ControllerLog
Expiration=days

Specifies the number of days worth of log files to keep on


the server. Default is 7 days. Change takes effect at
midnight or when you restart the Server Controller.

Specifies the name and path of log files created on a


Set
server. By default, log files are stored in the servers data
ControllerLogFile
Name=path filename directory with filenames that begin with the text dcntrlr,
followed by the creation date, a sequence number and the
file extension .log or .meta. You can specify a different
path, and can specify text to replace the dcntrlr portion of
the log file names.
Change takes effect at midnight or when you restart the
Server Controller.
Set

Specifies which type(s) of log file(s) to create on a server


or prevents the creation of log files.

ControllerLogType= 0 Do not create log files


value
1 Create .log files that log only data normally seen
at a console
2 Create .meta files that log data normally seen at a
console as well as additional details, such as color,
font, and event filter settings
3 Create both .log files and .meta files
simultaneously
Setting takes effect immediately.
Show Users

Shows the administrators currently connected to the


Controller

Show Processes

Shows the tasks running on the Domino server

Start Domino

Starts the Domino server if it is down

A-4 Administering the Domino System, Volume 2

A Domino command can contain up to 255 characters. If an argument for


a command contains a space, enclose it in quotation marks. For example:
PULL Acme Server.
Note Most server commands support the arguments -? and /? to
display online help. For example, you could enter one of these to obtain
help for the server command Tell Amgr:
Tell Amgr -?
Tell Amgr /?

To send a command from the Domino Administrator console:


1. Make sure you have the administrator access to the server required
for the command you are sending.
For more information, see the chapter Controlling Access to
Domino Servers.
2. From the Domino Administrator, connect to the server.
3. Click Server - Status.
4. Click Server Console.
5. Do one of the following to add the command to the Command box:
Enter the command with any arguments directly in the Command
box.
Click Commands, select the command from the list, and click OK.
Enter any necessary arguments.
If youve added the command to the Commands menu, select the
Commands menu and select the command from the list.
If you are sending a Tell command to the Certificate Authority
(CA) process that requires a password as an argument, click the
Commands menu, and select Password Commands to display a
box in which to enter the password. The password box masks the
characters in the password with asterisks.
6. (Optional) To prevent the console from displaying the server output,
click the Send menu and select Quiet Commands.
7. To send the command only to the connected server, click Send. To
send the command to more than one server:
a. Click the Send menu and select Select Servers.
b. In the Domain box, select the Domino Domain of a server to
which you want to send the command.
c. In the Server box, select a server from the selected domain.
Server Commands A-5

Reference

Sending commands from the Domino Administrator console

d. Click Add.
e. Repeat Steps b - d for each server to which you want to send the
command.
f. (Optional) Select or deselect Quiet Commands to optionally
change the option specified in Step 6.
g. (Optional) Click Create Group, enter a name for the group, and
click OK to save the group of selected servers.
h. Click Send.
Tip You can also select a group youve added to the Send menu.
8. If you entered a Controller command or shell command, enter the
following in the Login dialog box that opens:
In the Servers Internet Address box, specify the TCP/IP host
name of the server.
In the User ID box, specify a name in your Person document in the
Domino Directory on the server to which you are connecting.
In the Password box, specify the password in the Internet
password field of your Person document.
Click OK.
9. (Optional) Do any of the following, as necessary:
Click Live to display events as they happen on the remote server.
Click Pause to pause output from the remote server.
Click Stop to stop events as they happen on the screen.
Adding commands to the Commands menu
If you frequently use the Domino Administrator console to send a
specific command, add it to the Commands menu so its easy to select.
For example, if you frequently send a command with a particular
argument, add it to the Commands menu so you dont have to type the
argument each time you send the command.
1. From the Domino Administrator, click Server - Status.
2. Click Server Console.
3. Click the Commands menu and select Custom Commands.
4. Add the command and any arguments.
5. Click Add.
6. Click Save. The Commands menu lists the command.

A-6 Administering the Domino System, Volume 2

1. From the Domino Administrator, click Server - Status.


2. Click Server Console.
3. Click the Send menu and select Server Groups.
4. To add a group you created previously during the process of sending
a command, click Add Private, select the group, and click Add.
5. To add a group from the Domino Directory, click Add Public, select
the group, and click Add. You can add only groups in the Domino
Directory that are defined as the group type Servers only.
6. Click Save. The group now shows in the Send menu.

Sending commands from a Web Administrator console


There are two remote consoles available from the Web Administrator: the
Quick Console and the Live Console. Use the Live Console to send
commands to a Web server running under a Controller. Using the Live
Console you can send Controller and operating system (shell) commands
as well as Domino server commands. To use the Live Console, you must
install Java Plug-in 1.4 or higher and enable it in your Web browser.
Use the Quick Console to send commands to a Web server that does not
run under a Controller. Or use it if you are unable to install or use the
Java Plug-in in your browser.
A Domino command can contain up to 255 characters. If an argument for
a command contains a space, enclose it in quotation marks. For example:
PULL Acme Server.
To send a command from a Web Administrator remote console:
1. Make sure you have the administrator access to the server required
for the command you are sending.
For more information, see the chapter Controlling Access to
Domino Servers.
2. From the Web Administrator, connect to the server.
3. Click Server - Status.
4. Select Quick Console or Live Console.

Server Commands A-7

Reference

Adding a group of servers to the Send menu


If you frequently use the Domino Administrator console to send a
command to a particular group of servers, add the group to the Send
menu:

5. Do one of the following to add the command to the Command box:


Enter the command with any arguments directly in the Command
box.
(Live Console only) Click Commands, select the command from
the list, and click OK. Add any arguments as necessary.
6. Click Send.

Using the Domino Character Console to access the server console


The Domino Character Console (the cconsole program) provides a way
to access the server console from the command line. This feature is
supported only for UNIX platforms.
You can invoke the cconsole program multiple times. You can also run
the cconsole program when there is already an operational Domino
server console; however, the cconsole input and output may also reflect
commands launched from other console processes.
Note The cconsole program is installed into your Notes bin directory.
To start the cconsole program
1. To use cconsole, you must be listed as an Administrator in the name
and address book server document.
2. Change the active directory to your data directory. For example,
enter:
cd ~/notes/data

3. Enter the cconsole command. For example, enter:


/opt/lotus/bin/cconsole

4. Enter the path and file name of your Notes user ID.
5. Enter the password for your Notes user ID.
6. To exit cconsole, type:
done

Remote cconsole
The cconsole program doesnt start if the Domino server isnt running on
the same machine as the cconsole program. If the server fails while
cconsole is running, cconsole may not automatically shut down. In this
case, enter the done command to exit the cconsole program.
To run cconsole from a remote machine, first telnet to the machine
running the Domino server.

A-8 Administering the Domino System, Volume 2

Additional console commands


In addition to the current set of Domino server console commands,
cconsole also supports these commands:
Command

Result

done

Exits cconsole while the Domino server continues to run

live on

Enables cconsole as a live console so that you see messages sent to


the server console from other sources

live off

Disables the live console so that you see only the commands
entered and the responses to these commands

Command line switches


There are several command line switches that streamline using cconsole.
You type the switches when you start cconsole.
Switch Result
-f

Lets you enter the path and file name for the Notes user ID when you
start cconsole so that you arent required to respond to the prompts

-i

Lets you ignore warnings; warnings continue to appear on the console,


but you wont be required to respond to them

-l

Lets you automatically start that console live when you start cconsole

For example, if you dont want to wait for the prompt to enter the path
and file name for the Notes user ID, enter this command:
/opt/lotus/bin/cconsole -f notes/data/rrutherford.id

Server Commands A-9

Reference

Note There is a security risk when running the cconsole program from a
remote machine or from a remote X display. The cconsole program
warns you of this security risk before proceeding. Deploy a secure
remote protocol such as encrypted telnet. To address this security risk,
if you dont deploy a secure remote protocol, run the cconsole program
only from the local Domino server machine.

Domino server commands


This list briefly describes the Domino server commands that are
available.
Command

Description

Broadcast

Sends a message to specified users or to all users of this server.

Dbcache Flush Closes all databases that are currently open in the database
cache.
Drop

Closes one or more server sessions.

Exit

Stops the server. This command is identical to Quit.

Help

Displays a list of server commands with a brief description,


arguments (if any), and the proper syntax for each.

Load

Loads and runs a specified server task or program on the


server.

Platform

Controls the platform statistics data at the console.

Pull

Forces a one-way replication from the specified server to your


server.

Push

Forces a one-way replication from your server to specified


server.

Quit

Stops the server. This command is identical to the Exit server


command.

Replicate

Forces replication between two servers (the server where you


enter this command and the server you specify).

Restart Port

Disables transactions (or messages) on the specified port and


then re-enables the port after a brief delay.

Restart Server

Stops the server and then restarts the server after a brief delay.

Restart Task

Shuts down and then restarts a specified server task.

Route

Initiates mail routing with a specific server.

Set
Configuration

Adds or changes a setting in the NOTES.INI file.

Set Rules

Reloads the servers mail rules.

Set SCOS

Activates or deactivates a shared mail database.

Set Secure

Password-protects the console.

Set Statistics

Resets a statistic that is cumulative.

Show Agents

Displays the name of agents in the database you specify.

Show Allports

Displays the configuration for all enabled and disabled ports


on the server.
continued

A-10 Administering the Domino System, Volume 2

Description

Show Cluster

Displays the local servers cluster name cache.

Show
Configuration

Displays the current value for a NOTES.INI setting.

Reference

Command

Show Directory Lists all database files in the data directory and identifies
multiple replicas of a database.
Show
Diskspace

Displays the amount of space, in bytes, available on the disk


drive (Windows NT or OS/2) or file system (UNIX).

Show
Heartbeat

Indicates whether the server is responding.

Show Memory Used for OS/2.


Show
Displays a list of open databases on the server and detail
Opendatabases information for the databases.
Show
Performance

Displays the per minute user/transaction values when the


Domino Server is running.

Show Port

Displays traffic and error statistics, and resources used on the


network adapter card or communications port.

Show Schedule Shows the next time that a server task will run.
Show SCOS

Displays information about shared mail databases and reloads


the shared mail configuration.

Show Server

Shows server status information.

Show Stat

Displays Domino server statistics for one or more of the


following: disk space, memory, mail, replication, and network
activity.

Show Stat
Platform

Displays individual and cumulative platform statistics for all


servers including one or more of the following: logical disk,
paging file, memory, individual network, process, and system.

Show Tasks

Displays the server name, the Domino program directory


path, and the status of the active server tasks.

Show
Transactions

For each type of transaction, displays the total number of


NRPC transactions, the minimum and maximum duration of
the transaction, the total time to perform all transactions, and
the average time to perform the transaction.

Show Users

Displays a list of all users who have established sessions with


the server.

Show Xdir

Provides information about each directory a server uses for


name resolution.

Start
Consolelog

Enables console logging.


continued
Server Commands A-11

Command

Description

Start Port

Enables transactions (or messages) on the specified port.

Stop
Consolelog

Disables console logging.

Stop Port

Disables transactions (or messages) on the specified port.

Tell

Issues a command to a server program or task.

Trace

Tests a connection to a server.

Broadcast
Syntax: Broadcast message [usernames or database]
Broadcast (!) message [usernames or database]
Description: Sends a message to specified users, users of the specified
database or to all users of this server. Use this command to warn users
when a server is brought down for maintenance. By default, the message
you enter appears in the users status bar. To display the message in the
middle of the users screen, precede the message with (!).
Examples:
Broadcast Server ACME will be down in 10 minutes Sends a
warning message about impending maintenance on server ACME to all
users on this server.
Broadcast (!) Server ACME will be down in 10 minutes Sends the
same warning message as shown in the example above, but this message
displays in the center of the users screen. Note that parentheses () are
entered as part of the command string.

To broadcast a message from the Domino Administrator


You can send messages directly from the Server - Status tab in the
Domino Administrator.
1. From the Domino Administrator, click the Server - Status tab.
2. In the left pane, select Server Users to display the list of current
users in the middle pane.
3. (Optional) In the middle pane, select the users to whom you want to
send the message.
4. If necessary, click Tools to display the tool bar, and then click User Broadcast Message.
5. Complete these fields, and then click Send:
A-12 Administering the Domino System, Volume 2

Action

Broadcast a
message to

Choose one:
Selected user to send the message to the users you
selected in the middle pane of the Server - Status tab.
All connected users to send the message to all
users with active sessions on the Domino server.
All users of a database to send the message to all
users of a particular database. Enter the directory
string for the database in the field.

Broadcast this
Message

Enter the text of the message you want to send.

Show as dialog
box on users
workstation

Click this check box to display the broadcast message in


a dialog box on the users workstation.

Dbcache Flush
Syntax: Dbcache flush
Description: Closes all databases that are currently open in the database
cache. Use this command before maintaining databases to flush
databases from the cache.
For more information on the database cache, see the chapter Improving
Database Performance.

Drop
Syntax: Drop username
Description: Closes one or more server sessions. To visually confirm
which sessions are dropped, you must enter the Log_Sessions=1 setting
in the servers NOTES.INI file.
For information on Log_Sessions, see the appendix NOTES.INI File.

Server Commands A-13

Reference

Field

Examples:
Drop Sandy Closes the current session running under the user name
Sandy.
Drop Lee Fran Closes the sessions running under the user names
Lee and Fran.
Drop All Closes all server sessions.

To drop sessions from the Domino Administrator


You can drop sessions directly from the Server - Status tab in the Domino
Administrator.
1. From the Domino Administrator, click the Server - Status tab.
2. In the left pane, select Notes Users to display the list of current
users in the middle pane.
3. (Optional) In the middle pane, select the user sessions you want to
drop.
4. If necessary, click Tools to display the tool bar, and then click User Drop.
5. When prompted as to whether you want to drop the user, click OK.

Exit
Syntax: Exit
Description: Stops the server. This command is identical to Server Shutdown.
Before you use Exit to stop the server, use the Broadcast server command
to warn users so they can finish their current tasks before you stop the
server.
If you stop a server while its replicating databases or routing mail, these
tasks resume at the next scheduled interval after you restart the server.
Replication or mail routing continues until the databases are fully
replicated and until the complete mail message is transferred or returned
to sender.
Tip You can also stop the server from the Domino Administrator. From
the Domino Administrator, click the Server - Status tab, and then click
Server - Shutdown.

A-14 Administering the Domino System, Volume 2

Reference

Help
Syntax: Help
Description: Displays a list of server commands with a brief description,
arguments (if any), and the proper syntax for each.

Load
Syntax: Load programname
Description: Loads and starts a specified server task or program on the
server. You can start a server add-in program or one that takes a
command line for additional data, such as a backup program. The
program you run must be on the servers search path.
Use the Load command to run a program until it completes or, if the
program runs continually, until you stop the server. Where applicable,
you can include arguments that determine how the program runs.
Note Most server commands support the arguments -? and /? to
display online help. For example, you could enter one of these to obtain
help for the server command Load Compact:
Load Compact -?
Load Compact /?

Examples:
Load Fixup Loads and runs the Fixup server task.
Load Object Info OBJECT.NSF Loads and runs the Shared Mail
Manager and passes along arguments that execute the Info task.
For more information, see the appendix Server Tasks.

To load a task from the Domino Administrator


You can load a task directly from the Server - Status tab in the Domino
Administrator.
1. From the Domino Administrator, click the Server - Status tab.
2. If necessary, click Tools to display the tool bar, and then click Task Start.
3. Under Start new server tasks, select the task you want to load.
4. (Optional) Uncheck Show advanced options if you do not want to
specify advanced options. The box is checked by default for tasks
which do have additional options.
5. Click OK.
Server Commands A-15

Platform
Syntax: Platform <main argument> [<optional arguments>]
Description: Controls the platform statistic feature at the console.
Platform statistics that are affected by the reset command are:

Fixed These statistic values do not change. They include


information such as number of disks, or an assigned name. For
example, in the statistic Platform.LogicalDisk.<identifying
number>.PctUtil, the identifying number is a variable that identifies
the disk. This information does not change when a platform reset
command is issued.

Primary These are the individual statistic metrics on which


secondary statistics are derived. For example, a total paging file
utilization statistic (Platform.PagingFile.TotalPctUtil) forms the basis
for the secondary average and peak statistics values
(Platform.PagingFile.TotalPctUtil.Avg and
Platform.PagingFile.TotalPctUtil.Peak).

Secondary Statistic values that are a combination of, or are


derived from primary statistics.

Arguments:
Arguments

Description

Time [<sampling period>] Used with an optional argument, changes the


sampling period to the specified value in minutes. If
not used, displays the current sampling rate. Default
is 1 minute.
Reset

Resets the value of primary statistics to zero, and


gathers new set of metrics.

Reset Interval Enable

Resets all values each time a new sampling period


begins. Uses the sampling period defined using the
Time argument.

Reset Interval Disable

Disables the Reset Interval Enable command.

Pause

Pauses the collection and update of performance data.

Resume

Resumes the collection and update of performance


data.

For more information on monitoring platform statistics, see the chapter


Monitoring the Domino Server.

A-16 Administering the Domino System, Volume 2

platform time 5

Use the Platform Reset command so that prior existing values are not
used in calculating minimum, average, or maximum values. You may
want to use this command when platform statistics have been
accumulating overnight and you want to clear out the accumulation. For
example:
platform reset

Use the Platform Reset Interval Enable command to reset all values each
time you begin a new sampling period. For example:
Platform Reset Interval Enable

Pull
Syntax: Pull servername [databasename]
Description: Forces a one-way replication from the specified server to
your server. You can also replicate a single database from the specified
server to your server by including the database name on the command
line. The initiating server receives data from the named server, but
doesnt request that the other server pull data from it. This forces a server
to replicate immediately with the initiating server, overriding any
replication scheduled in the Domino Directory. Enter the servers full
hierarchical name, if applicable.
You can pull changes immediately if an important database, such as the
Domino Directory, has changed or if a database on your server is
corrupted or has been deleted.
For replication to succeed, make sure that:

The Domino Directory contains a Server document for each server in


the domain.

The Domino Directory contains a Connection document to connect to


a remote server.

Each servers ID file contains a certificate that the other server


recognizes and trusts.

Server Commands A-17

Reference

Examples:
Use Platform Time <n> to start a new performance data monitoring
session with a sampling period of n minutes. This means that the statistic
value can change every n minutes. For example:

Database ACLs allow replication, and the source server has sufficient
access in the ACLs to replicate changes. If youre using server access
lists, servers must have proper access in the Server document.

If the server is currently replicating, Domino queues the Pull server


command until the current task completes.
To check the status of the Replicator before using Pull, enter this
command at the console:
Show Tasks

The server displays one of the following messages:

If the server isnt replicating, the word Idle appears next to the
Replicator task.

If the server is replicating, a message such as Replicating


CONTRACT.NSF from MARKETING\CONTRACT.NSF appears.

Examples:
Pull Marketing\Acme Forces one-way replication with the server
Marketing.
Pull Marketing\Acme NAMES.NSF Forces one-way replication of the
NAMES.NSF file from the server Marketing.

To replicate from the Domino Administrator


You can replicate directly from the Server - Status tab in the Domino
Administrator.
1. From the Domino Administrator, click the Server - Status tab.
2. If necessary, click Tools to display the tool bar, and then click Server
- Replicate.
3. Under Which server do you want to replicate with, enter the name
of the server to replicate with, or select the server name from the list.
4. For Replication style, choose Pull.
5. Choose one:
Selected database to select a specific database to replicate. Click
the database button and select a database from the list.
All databases in common to replicate all databases that both
servers have in common. This is the default setting.
6. Click Replicate.

A-18 Administering the Domino System, Volume 2

Reference

Push
Syntax: Push servername [databasename]
Description: Forces a one-way replication from your server to the
specified server. You can also replicate a single database from your
server to the specified server by including the database name on the
command line. The initiating server sends data to the named server, but
doesnt request data in return. This forces a server to replicate
immediately with the initiating server, overriding any replication
scheduled in the Domino Directory. Specify the servers full hierarchical
name, if applicable.
In effect, the Push server command is the functional opposite of the Pull
server command.
Examples:
Push Marketing\Acme Forces one-way replication with the server
Marketing.
Push Marketing\Acme NAMES.NSF Forces one-way replication of
the NAMES.NSF file to the server Marketing.

To replicate from the Domino Administrator


You can replicate directly from the Server - Status tab in the Domino
Administrator.
1. From the Domino Administrator, click the Server - Status tab.
2. If necessary, click Tools to display the tool bar, and then click Server
- Replicate.
3. Under Which server do you want to replicate with?, enter the
name of the server to replicate with, or select the server name from
the list.
4. For Replication style, choose Push.
5. Choose one:
Selected database to select a specific database to replicate. Click
the database button and select a database from the list.
All databases in common to replicate all databases that both
servers have in common. This is the default setting.
6. Click Replicate.

Server Commands A-19

Quit
Syntax: Quit
Description: Stops the server. This command is identical to the Server Shutdown command. However, the Quit server command differs from
the Tell server command, which you use to stop a particular server task
without stopping the server.
If you stop a server while its replicating databases or routing mail, these
tasks resume at the next scheduled interval after you restart the server.
Replication or mail routing continues until the databases are fully
replicated and until the complete mail message is transferred or returned
to the sender.
Before you use the Quit server command to stop the server, use the
Broadcast server command to warn users to finish their current tasks
before you stop the server.
Tip You can also stop the server from the Domino Administrator. From
the Domino Administrator, click the Server - Status tab. From the tool
bar, click Servers - Shutdown.

Replicate
Syntax: Replicate servername [databasename]
Description: Forces replication between two servers (the server where
you enter this command and the server you specify). Use the servers full
hierarchical name. If the server name is more than one word, enclose the
entire name in quotes. To force replication of a particular database that
the servers have in common, specify the database name after the server
name. The initiating server (where youre currently working) first pulls
changes from the other server, and then gives the other server the
opportunity to pull changes from it. You can use this command to
distribute changes quickly or to troubleshoot a replication or
communication problem.
Note The existing replication schedule between the servers determines
how the second server responds to this command. If this replication falls
within the timeframe that the second server replicates with the initiating
server (based on calling schedules and the repeat interval), the second
server pulls changes. Otherwise, it waits for the next scheduled
replication time.

A-20 Administering the Domino System, Volume 2

Show Tasks

The server displays one of the following messages:

If the server isnt replicating, the word Idle appears next to the
Replicator program.

If the server is replicating, a status line, such as Replicating


CONTRACT.NSF from MARKETING\CONTRACT.NSF, appears.

To optimize resources Domino only replicates what is necessary. For


example, if the servers recently replicated and no changes have since
been made to any databases on either server, the servers dont replicate
when you enter a Replicate command. Also, the replication is two-way
only if databases on both servers changed since the last replication. If
databases on only one of the servers changed, the replication is one-way.
To force replication in only one direction, use the Pull or Push server
commands.
Examples:
Replicate Marketing\Acme Initiates replication between your server
and the Marketing/Acme server. The server console displays messages
indicating when replication begins.
Replicate Marketing\Acme NAMES.NSF Initiates replication of
NAMES.NSF between your server and the Marketing\Acme.

To replicate from the Domino Administrator


You can replicate directly from the Server - Status tab in the Domino
Administrator.
1. From the Domino Administrator, click the Server - Status tab.
2. If necessary, click Tools to display the tool bar, and then click Servers
- Replicate.
3. Under Which server do you want to replicate with?, enter the
server you want to replicate with, or select the server you want from
the drop-down list.
4. For Replication style, choose Push Pull.

Server Commands A-21

Reference

If the server is already replicating when you issue the command, Domino
queues the command until the current replication ends. To check the
status of the Replicator, enter this command at the console:

5. Choose one:
Selected database to select a specific database to replicate. Click
the database button and select a database from the list.
All databases in common to replicate all databases that both
servers have in common. This is the default setting.
6. Click Replicate.

Restart Port
Syntax: Restart Port portname
Description: Disables transactions (or messages) on the specified port
and then re-enables the port after a brief delay. The command lets you
stop and start a port without stopping the Domino server.
When you are supporting Internet servers that rely on TCP/IP, you can
restart the TCP/IP port and the Internet ports enter a waiting state. The
Internet ports suspend and keep checking for the TCP/IP port. You will
see the following when using restart port TCPIP:
>restart port tcpip
06/28/2002 12:34:08 PM LDAP Server: Listener failure:
Request failed because the requested port is inactive
06/28/2002 12:34:08 PM LDAP Server: Suspended, waiting 20
seconds for Notes Port Driver [TCPIP] to be restarted
06/28/2002 12:34:11 PM POP3 Server: Listener failure:
Request failed because the requested port is inactive
06/28/2002 12:34:11 PM POP3 Server: Suspended, waiting 20
seconds for Notes Port Driver [TCPIP] to be restarted
06/28/2002 12:34:11 PM SMTP Server: Listener failure:
Request failed because the requested port is inactive
06/28/2002 12:34:11 PM IMAP Server: Listener failure:
Request failed because the requested port is inactive
06/28/2002 12:34:11 PM SMTP Server: Suspended, waiting 20
seconds for Notes Port Driver [TCPIP] to be restarted
06/28/2002 12:34:11 PM IMAP Server: Suspended, waiting 20
seconds for Notes Port Driver [TCPIP] to be restarted
06/28/2002 12:34:28 PM LDAP Server: Suspended, waiting 20
seconds for Notes Port Driver [TCPIP] to be restarted
06/28/2002 12:34:29 PM

A-22 Administering the Domino System, Volume 2

Port TCPIP was successfully disabled

06/28/2002 12:34:31 PM SMTP Server: Suspended, waiting 20


seconds for Notes Port Driver [TCPIP] to be restarted
06/28/2002 12:34:31 PM IMAP Server: Suspended, waiting 20
seconds for Notes Port Driver [TCPIP] to be restarted

To see a list of ports you can restart, issue the console command Show
Configuration.
Example:
Restart Port TCP Disables and re-enables the port named TCP.

Restart Server
Syntax: Restart Server
Description: Stops the server and then restarts the server after a brief
delay.
If you stop a server while its replicating databases or routing mail, these
tasks resume at the next scheduled interval after you restart the server.
Replication or mail routing continues until the databases are fully
replicated and until the complete mail message is transferred or returned
to the sender.
Before you use Restart Server to stop the server, use the Broadcast server
command to warn users to finish their current tasks before you stop the
server.
Tip You can also use the Domino Administrator to restart the server.
From the Domino Administrator, click the Server - Status tab and use the
tool Server - Restart.

Restart Task
Syntax: Restart Task taskname
Description: Shuts down and restarts a specified server task.
Example: The following command shuts down and restarts the LDAP task:
Restart Task LDAP

Tip You can also use the Domino Administrator to restart a task. From
the Domino Administrator, click the Server - Status tab and use the tool
Task - Restart.
Server Commands A-23

Reference

06/28/2002 12:34:31 PM POP3 Server: Suspended, waiting 20


seconds for Notes Port Driver [TCPIP] to be restarted

Route
Syntax: Route servername
Description: Initiates mail routing with a specific server. The Route
command overrides any mail routing schedules that you create in the
Connection documents in the Domino Directory. Use the Route
command for servers that are configured for Pull, Pull Push, Push, or
Push Wait routing in the Connection document. Use the servers full
hierarchical name, if applicable. If the server name is more than one
word, enclose the entire name in quotes. To route to all pending
destinations, use Route *.
Use the Route command to troubleshoot mail problems and to send mail
to or request mail from a server immediately.
If no mail is queued for routing, Domino ignores the Route command.
Use the Tell Router Show command to check for messages pending for
local delivery or to check for messages held because a mail file is over
quota. To check which servers have mail queued, use this command at
the console:
Tell Router show

Examples:
Route Marketing\Acme Sends mail to the Marketing server in the
Acme domain. The server console displays messages indicating when
routing begins.
Route * Sends mail to all pending destinations.
Route [$LocalDelivery] Overrides the next scheduled retry time and
attempts local delivery immediately.

To route mail from the Domino Administrator


You can route mail directly from the Server - Status tab in the Domino
Administrator.
1. From the Domino Administrator, click the Server - Status tab.
2. If necessary, click Tools to display the tool bar, and then click Server
- Route Mail.
3. Under Route mail with server, enter the name of the server you
want to route mail to, or select the name of the server from the list.
4. Click Route.

A-24 Administering the Domino System, Volume 2

Reference

Set Configuration
Syntax: Set Configuration setting
Description: Adds or changes a setting in the NOTES.INI file.
Tip You can also use the Domino Administrator to add or change many
settings in the NOTES.INI file using the Configuration Settings
document.
Example:
Set Configuration Names = Names,Westnames Sets the NOTES.INI
Names setting to specify that Domino search both the Names and the
Westnames Domino Directories.
For more information about using the Configuration Settings document
to set NOTES.INI settings, see the appendix NOTES.INI File.

Set Rules
Syntax: Set Rules
Description: Reloads the servers mail rules, enabling new rules to take
effect immediately.
Server mail rules enable administrators to filter messages based on
content in the message headers or body. At startup, the server retrieves
these rules from the Configuration document and registers them as
monitors on each MAIL.BOX database in use. The Server task checks to
see if the servers mail rules need to be reloaded every 5 minutes. New
rules take effect only after the server reloads the mail rules.

Set SCOS
Syntax: Set SCOS Databasename [Active | Inactive]
where Databasename is the full pathname to a shared mail database.
Description: Activates or deactivates a shared mail database. The Shared
Mail tab of the Server document lets you specify the delivery status and
availability for all shared mail databases in the directory. Using the Set
SCOS command, you can change the availability of an individual shared
mail database.

Server Commands A-25

Example:
Set SCOS C:\LOTUS\DOMINO\DATA\SCOS1\SM000004.NSF
INACTIVE
Prevents new messages from being deposited in the shared mail
database SM000004.NSF. Users still have access to previously-delivered
messages in the database.

Set Secure
Syntax: Set Secure currentpassword
Description: Password-protects the console.
After you password-protect the console, you cant use the Load, Tell,
Exit, Quit, and Set Configuration server commands or other programs
that arent run automatically through Program documents in the Domino
Directory or through the NOTES.INI file until you enter the password.
Console security remains in effect until you clear the password by
entering a second Set Secure command with the same password.
Even if the console is password-protected, keep the server physically
secure to prevent breaches of security at the operating system level.
Examples:
Set Secure abracadabra Password-protects the console if no password
is currently in effect. In this case, the new password is abracadabra.
Set Secure abracadabra sesame Changes the existing password
abracadabra to sesame.
Set Secure abracadabra If the console is already protected by a
password in this case abracadabra entering a second Set Secure
command with the same password clears the password.

To secure the console from the Domino Administrator


You can secure the console directly from the Server - Status tab in the
Domino Administrator.
1. From the Domino Administrator, click the Server - Status tab.
2. If necessary, click Tools to display the tool bar, and click Server Secure console.

A-26 Administering the Domino System, Volume 2

To set a password, select Set at the bottom of the box, then


complete these fields, and click OK:
Field

Enter

Console Password

The password you want to set

Verify

The same password, again

To clear a password, select Clear at the bottom of the box, then


under Password, enter the password and click OK.
To change a password, select Change at the bottom of the box,
then under Password, enter the old password and click OK.
Then complete these fields, and click OK:
Field

Enter

Password

The new password you want to set

Verify

The same, new password, again

Set Statistics
Syntax: Set Statistics statisticname
Description: Resets a statistic that is cumulative. Statisticname is a
required parameter that names the statistic to be reset. You cant use
wildcards (*) with this argument.
For more information on monitoring statistics, see the chapter
Monitoring the Domino Server.
Example:
Set Stat Server.Trans.Total Resets the Server.Trans.Total statistic to 0

Show Agents
Syntax: Show Agents database name [-v]
Description: The Show Agents server command shows all agents
available in the database. The verbose mode ([-v]) shows all agents and
script libraries in the database as well as detail information on both.
Examples:
Show Agents DatabaseName.nsf
Show Agents -v DatabaseName.nsf

Server Commands A-27

Reference

3. Do one of the following:

Show Allports
Syntax: Show Allports
Description: Displays the configuration for all enabled and disabled
ports on the server.
Example:
The following example shows the output that appears on the server
console when you issue the Show Allports command.
Show Allports
Enabled Ports:
TCPIP=TCP,0,15,0,,12320,
SPX=NWSPX,0,15,0,,12320,
LAN0tcpip=NETBIOS,0,15,0,,12322,
LAN1nb=NETBIOS,3,15,0,,12322,
LAN2ipx=NETBIOS,7,15,0,,12322,
Disabled Ports:
LAN6=NETBIOS,6,15,0,,12320,
LAN8=NETBIOS,8,15,0,,12320,
COM1=XPC,1,15,0,,12326,38400,,hyaccv34.mdm,60,15
LAN1=NETBIOS, 1, 15, 0
LAN2=NETBIOS, 2, 15, 0
LAN4=NETBIOS, 4, 15, 0
LAN5=NETBIOS, 5, 15, 0
COM2=XPC,2,15,0,
COM3=XPC,3,15,0,
COM4=XPC,4,15,0,
COM5=XPC,5,15,0,

A-28 Administering the Domino System, Volume 2

Reference

Show Cluster
Syntax: Show Cluster
Description: Displays the local servers cluster name cache, which
includes a list of all cluster members and their status, based on
information received during the servers cluster probes.
For more information on server clusters, see Administering Domino
Clusters.
Example:
This example displays the cluster name cache of the Mars server, which
is in the Planets cluster, which is in the Solarsys domain.
Show Cluster
Cluster Information
Cluster name: planets/solarsys, Server name: mars/solarsys
Server cluster probe timeout: 1 minute(s)
Server cluster probe count: 2604
Server cluster probe port: NetBEUI
Server availability threshold: 10
Server availability index: 98 (state: AVAILABLE)

Server availability default minimum transaction time:


3000
Cluster members (2)...
server: mars/solarsys, availability index: 98
server: saturn/solarsys, availability index: BUSY

Show Configuration
Syntax: Show Configuration setting
Description: Displays the current value for a NOTES.INI setting. Use the
Show Configuration and Set Configuration server commands together to
ensure that you correctly set the NOTES.INI settings.
Wildcards are allowed.

Server Commands A-29

Examples:
Show Configuration Domain Displays the servers domain
Show Configuration * Displays all the configuration information for
the server
Show Configuration ???? Displays any variable that is exactly 4
characters long

Show Directory
Syntax: Show Directory
Description: Lists all database files (for example, NSF and NTF) in the
data directory and specifies whether the data directory contains multiple
replicas of a database. This command works only for the data directory;
you cant specify another directory.
Tip From the Domino Administrator, click the Files tab to view a list of
all database files in the data directory.
You can also use the Show Directory command to check which databases
have transactional logging enabled.
To see only logged databases, enter this command at the console:
show dir *log

To see only unlogged databases, enter this command at the console:


show dir *nolog

For more information, see the chapter Transaction Logging.

Show Diskspace
Syntax: Show Diskspace location
Description: Displays the amount of space, in bytes, available on the disk
drive (Windows NT), or file system (UNIX). If you do not specify a
location, Domino displays the space available on the disk or file system
containing the Domino program directory. If available disk space is low
for example, under 10MB free up disk space by deleting
documents, databases, and other files that you dont need.

A-30 Administering the Domino System, Volume 2

Run the Domino server as an application

Run the Domino server as an NT server task

Note The Domino server starts before drives are mapped. Therefore,
when you use the command, the drives arent visible. To see the mapped
drivers, stop and restart the Domino server or put the Domino server in
the Startup group.
Domino makes calls to the network redirector on the system its on. In
this environment, NT will provide this service (there is no Netware
redirector). In a NetWare environment, a Domino server can see the disk
space on a network mounted drive if it is logged onto a NetWare file
server.
Tip You can also display the amount of available space by using the
Domino Administrator. From the Domino Administrator, click the Files
tab. If necessary, click Tools, and then from the tool bar, click Disk
Information.
Examples:
How you enter the Show Diskspace command depends on the servers
operating system.
On a Windows 2000 or Windows NT server, enter this command to
display available space on Drive C:
Show Diskspace C

On a UNIX server, enter this command to display available space in the


/USR directory of a file system:
Show Diskspace /USR

On a UNIX server, enter this command to display available space in the


current directory:
Show Diskspace

Server Commands A-31

Reference

Domino servers installed on Windows NT 3.51 servers and using TCP/IP


and Netbios cant see mapped drives on another NT server using the
Show Diskspace command at the Domino server prompt. In order for the
Show Diskspace command to work, one of the following conditions must
be met:

Show Heartbeat
Syntax: Show Heartbeat
Description:
The Show Heartbeat server command indicates whether the server is
responding.
Example:
Show Heartbeat
The server responds with a message such as:
elapsed time: #### seconds

Show Memory
Syntax: Show Memory
Description: The Show Memory server command displays the amount of
RAM available on a server, plus the amount of swap memory available
on the boot drive of the Domino server. If the number shown here and
the number shown when you enter a Show Diskspace command are
almost equal, the server may need more RAM.
Examples:
Show Memory The server responds with a message such as:
Memory Available (including virtual): 5776K bytes

Show Opendatabases
Syntax: Show Opendatabases
Description: The Show Opendatabases server command displays a list of
the open databases on the server as well as the statistics shown in the
example below.
Example: Show Opendatabases
Returns a list of databases in the format shown below:
Database Name
Wait|Wait-| Max

Opens|Modi-| File

| Sem |Avg

|fied |Handles|Waits|
(ms)

| ers |Waiters

A-32 Administering the Domino System, Volume 2

C:\Lotus\Domino\Data\events4.nsf
0
0
1

10

Reference

C:\Lotus\Domino\Data\statrep.nsf
0
0
0

C:\Lotus\Domino\Data\mail.box
0
0
0

C:\Lotus\Domino\Data\busytime.nsf
0
0
0

C:\Lotus\Domino\Data\log.nsf
0
0
0

C:\Lotus\Domino\Data\names.nsf
0
0
8

91

N
Y

1
1

16

0
0
0

Show Performance
Syntax: Show Performance
Description: Displays the per minute user/transaction values when the
Domino Server is running. To stop showing performance, enter Show
Performance a second time.

Show Port
Syntax: Show Port portname
Description: Displays traffic and error statistics and the resources used
on the network adapter card or communications port. portname can be
any configured port for example, LAN0tcpip, SPX, LAN1nb,
LAN2ipx, TCPIP, COM1, or COM2..
Tip To check port status from the Notes workstation program, choose
File - Preferences - Notes Preferences - Ports. Highlight the port and
select Show Status. To check the port status from the Domino
Administrator, click the Server - Status tab, and then click Servers - Port
Information. Highlight the port, and select Show Status.
Example:
Show Port LAN0tcpip Displays the status of LAN0tcpip. As
information appears, press PAUSE to stop the scrolling, and press ENTER
to resume scrolling. Note that using PAUSE at the console stops server
operation. Users cant access the server until you resume the display.

Server Commands A-33

Show Schedule
Syntax:
Show Schedule servername/taskname/destination
Show Schedule -argument
Description: Shows the next time that a server task runs. Output
includes the type of task and the time it next runs. If you enter a location
as an argument, the workstation replication schedule for that destination
appears.
Arguments:
-Agents Show which agents are scheduled to run next
-Replication Shows the next scheduled replication time and the
replication type
-Mailrouting Shows the next scheduled mail routing time
-Programs Show which programs are scheduled to run
Examples:
Show Schedule Displays a list of all scheduled tasks
Show Schedule Fixup Shows when the Fixup task is scheduled to run
next
Show Schedule -Mailrouting
> sh sched -mail
Scheduled
schedule

Type

CN=Masterlock/OU=Server/O=Web Mail Routing


CN=MServer0/OU=Server/O=Webadmi Mail Routing
xTest1
08/02/2002 02:00:00 PM

A-34 Administering the Domino System, Volume 2

Mail Routing

Next

Reference

Show SCOS
Syntax: Show SCOS [All]
Description: Shows single copy object store (shared mail) information
and reloads the shared mail configuration.
Examples:
SHOW SCOS displays summary information about the configured
shared mail directories.
Sample output:
Shared mail:
Directory

Enabled for delivery and transfer


Availability

Requested

Actual

Max Size

c:\lotus\domino\data\scos1
open for delivery

2048

9000

11

11048

c:\lotus\domino\data\shared
open for delivery
Totals

SHOW SCOS ALL Displays information about each shared mail


database within a configured directory, as well as summary information
about each shared mail directory.
Sample output:
Directory: c:\lotus\domino\data\scos1 - open for delivery
Number of delivery databases requested: 5.
Number of databases: 5
Maximum Directory Size: 2048 MB
Database

Availability

State

Size

sm000001.nsf

Active

Enabled

14.68 MB

sm000002.nsf

Active

Enabled

0.37 MB

sm000003.nsf

Active

Enabled

0.37 MB

sm000004.nsf

Active

Enabled

0.37 MB

sm000005.nsf

Active

Enabled

14.68 MB

Total Database Disk Size in Directory: 30.50 MB


Total Database Disk Available in Directory: 2017.50 MB
Total Database Internal Free Space for Directory: 0.33 MB

Server Commands A-35

Show Server
Syntax: Show Server
Description: Shows server status information including the server name,
data directory on the server, time elapsed since server startup,
transaction statistics, and the status of shared, pending, and dead mail.
Tip To view server information from the Domino Administrator, open
the Domain bookmark in the bookmark bar on the left, right click on a
server, and then choose Server Properties.
Output

Description

Server name

Name you gave to the server during the setup


procedure.

Server directory

Directory where the Domino data files are stored.

Elapsed time

Days, hours, minutes, and seconds since the server was


started.

Transactions

Total number of times the server was used since the


server started. Transactions include: opening a database,
closing a database, writing to a database, routing mail to
a database, and reading from a database.

Transactions/minute Total number of transactions on this server in the past


minute and the past hour. Peak is the highest number
of transactions per minute since the server started.
Peak # of sessions

Maximum number of sessions (users and servers


connected at one time) since the server started.

Pending mail

Number of mail documents waiting to be routed to other


servers and users.

Dead mail

Number of undeliverable mail documents that have been


returned to the server. If there are any dead mail
documents, check MAIL.BOX to release them.
continued

A-36 Administering the Domino System, Volume 2

Description

Database server

The database server performs remote database


operations and all client transactions, such as opening,
closing, reading, and writing to Notes databases;
performing console commands; and listening on serial
and network ports for user requests to connect to a
specific database.

Replicator

The Replicator performs database replication between


this server and other servers and workstations. The
Replica task runs the Replicator.

Router

The Router routes mail between users on this server and


on other servers. The Router task runs the Router.

Indexer

The Indexer builds indexes, or views, of all databases


and keeps track of changes to databases. The Update
task runs the Indexer.

Show Stat
Syntax: Show Stat statisticname
Description: Used without the optional statisticname argument, displays
a list of server statistics for disk space, memory, mail, replication, and
network activity. To display a single statistic, enter the name of the
statistic as the optional argument. To display only a subset of statistics,
add a group of statistics as an optional argument by using an asterisk (*)
as a wildcard.
You can enter this command at the server console to display statistics for
the local server or at the remote server console to display statistics for a
remote server.
For more information on statistics, see the chapter Monitoring the
Domino Server.
Tip To view server statistics from the Domino Administrator, click the
Server - Statistics tab.
Examples:
Show Stat Displays a complete list of statistics
Show Stat Database Displays statistics for all statistics of the type
Database.x.x
Show Stat Disk.C.* Displays all disk statistics for drive C
For a list of statistics, see the Advanced - Names & Messages - Statistic
Names view of the Monitoring Configuration database (EVENTS4.NSF).
Server Commands A-37

Reference

Output

Show Stat Platform


Syntax: Show Stat Platform statisticgroup
Description: Used without the optional statisticgroup argument, displays
a list of platform statistics for logical disk, paging file, memory, network
activity, processes running, and system activity. To display only a subset
of statistics, add a group of statistics as an optional argument by using
one of the qualifiers. You can enter this command at the server console to
display statistics for the local server or at the remote server console to
display statistics for a remote server.
Statistic

Group Qualifier

Network

network

Logical disk

logicaldisk

Memory

memory

Paging file

pagingfile

Platform

platform

Process

process

System

system

For more information on platform statistics, see the chapter Monitoring


the Domino Server.
Examples:
Show Stat Platform Displays a complete list of platform statistics
Show Stat platform.logicaldisk.* Displays all the platform statistics in
the logical disk group
To display a single statistic, enter the name of the statistic as the optional
argument instead of the wildcard (*).
For a list of all platform statistics, see the Advanced - Names & Messages
- Platform Statistic Names view of the Monitoring Configuration
database (EVENTS4.NSF).

A-38 Administering the Domino System, Volume 2

Reference

Show Tasks
Syntax: Show Tasks
Description: Displays the tasks on the server, and describes the activity
of the task. Idle tasks are indicated.
Example: Show Tasks displays the task activity or idle, such as the
following sample output.
Agent Manager

Executive '1': Idle

HTTP Server

Listen for connect requests on TCP Port:80

SMTP Server

Control task

Schedule Manager

Idle

LDAP Server

Control task

Directory Indexer Idle

Tip You can also use the Domino Administrator to view a list of active
tasks. From the Domino Administrator, click the Server - Status tab.

Show Transactions
Syntax: Show Transactions
Description: When the Domino Server is running, displays the following
for each type of transaction: the total number of NRPC transactions
(Count), the minimal duration of the transaction (Min), the maximum
duration of the transaction (Max), the total time to perform all
transactions (Total), and the average time to perform the transaction
(Avg). All times are reported in milliseconds. This command identifies
transactions that require excessive amounts of time.
Note For Internet Protocol Servers for example, SMTP, POP3, IMAP,
HTTP use the Show Stat command to monitor statistics. For example,
enter these commands at the server console:
SH STAT SMTP
SH STAT POP3
SH STAT IMAP
SH STAT LDAP
SH STAT Domino (for HTTP Server stats)
SH STAT DIIOP

Server Commands A-39

Example: Show Transactions displays transaction information


Show Trans
Function

Count

Min

Max

Total

ILLEGAL

600

313

2029

OPEN_DB

997

1410

212142

212

CREATE_DB

200

15

516

15266

76

GET_SPECIAL_NOTE_ID

600

562

3684

OPEN_NOTE

604

781

2710

59818

9280

8501055

200

15

328

5825

DB_INFO_GET

16

32

DB_MODIFIED_TIME

DB_REPLINFO_SET

207

188

3391

16

DB_REPLINFO_GET

58352

1270

62246

ALLOC_OBJECT

200

391

7172

35

REALLOC_OBJECT

200

672

7158

35

READ_OBJECT

600

453

1436

WRITE_OBJECT

9946

1500

274834

27

ALLOC_UPDATE_OBJECT

9359

1750

529877

56

FREE_UPDATE_OBJECT

184

16

95

3211

500

4000

1620479

31

31

10

CLOSE_COLLECTION

604

500

8744

14

OPEN_COLLECTION

605

17410

2258889

READ_ENTRIES

188

1110

1892

NAME_LOOKUP

32

47

79

39

NAME_GET_AB

GET_NAMED_OBJECT_ID

31

46

15

POLL_DEL_SEQNUM

SERVER_AVAILABLE_LITE

16

16

16

16

982

15

2500

82666

84

UPDATE_NOTE
SET_SPECIAL_NOTE_ID

REMOTE_CONSOLE
CLOSE_DB

START_SERVER

A-40 Administering the Domino System, Volume 2

Average
3

142
29

0
504

3733
630

1250

143566

238

SET_DBOPTIONS

400

609

3448

FINDDESIGN_NOTES

600

531

1424

Show Users
Syntax: Show Users
Description: Displays a list of all users who have established sessions
with the server, whether the users are actively working in databases or
not, the names of databases that each user has open, and the elapsed
time, in minutes, since the databases were last used.
Tip You can also use the Domino Administrator to view the status of
active users. From the Domino Administrator, click Server - Status. Then
select Database Users. A list of users displays in the middle panel.
Example:
Show Users Displays user information for example:
User name

Databases open

Minutes since last used

Susan Salani

MAIL\SSALANI.NSF

Alan Jones

NAMES.NSF

Derek Malone

MAIL\DMALONE.NSF

11

Show Xdir
Syntax: Show Xdir
Description: Provides information about each directory a server last
used for name resolution. The output displays the following columns of
information.
DomainName The DomainName columns displays the name of the
domain in which a directory resides. If a directory is configured in the
directory assistance database, the Domain Name field in the Directory
Assistance document for the directory determines the directorys domain
name.

Server Commands A-41

Reference

GET_UNREAD_NOTE_TABLE 601

DirectoryType
The DirectoryType column shows the type of directory. A directory can
be one of these types:

Primary Primary Domino Directory stored locally

Configuration Configuration Directory stored locally

Remote Primary Primary Domino Directory stored remotely used


by a server with a Configuration Directory

Secondary Extended Directory Catalog, secondary Domino


Directory, or remote LDAP directory configured in the directory
assistance database.

The DirectoryType column also shows the type of domain a directory is


within (Notes or LDAP). If a directory is a remote LDAP directory
configured in the directory assistance database, the directory type is
LDAP. Any Domino Directory or Extended Directory Catalog is the
directory type Notes.
ClientProtocol
The ClientProtocol column displays the client protocol, Notes and/or
LDAP, for which the directory is enabled. For a directory configured in a
directory assistance database, the value of the Make this domain
available to field in the Directory Assistance document for the directory
determines what appears in this column.
This column always shows Notes for a Configuration Directory.
Usually a Primary or Remote Primary directory show Notes & LDAP
as the client protocols. An exception is if the primary directory is
configured through directory assistance and is disabled for LDAP clients;
in this case only Notes shows as the enabled client protocol.
Replica/LDAP Server
The Replica/LDAP Server column shows:

The file name of a local Domino Directory

Server path and file name of a Domino Directory accessed over the
network

The host name of a remote LDAP directory server and the port used

Note If a server uses a condensed Directory Catalog, Show Xdir also


displays the text Directory Catalog filename in use, where filename is
the file name of the local directory catalog.
Following are examples of the output that appears on the server console
when you issue the Show Xdir command.

A-42 Administering the Domino System, Volume 2

Example 2
This example shows output on a server that uses a Configuration
Directory, a remote primary Domino Directory, and an Extended
Directory Catalog accessed over the network.

Start Consolelog
Syntax: Start Consolelog
Description: Enables output to the console log file.
Example:
Start Consolelog
The Start Consolelog and the Stop Consolelog server commands enable
and disable console logging just as the NOTES.INI variable
CONSOLE_LOG_ENABLED does. The difference between the server
console commands and the NOTES.INI settings is that the console
commands are in effect for the current server session only, whereas the
NOTES.INI settings are permanent and take effect each time the server
is started.
For more information on CONSOLE_LOG_ENABLED, see the appendix
NOTES.INI File.

Server Commands A-43

Reference

Example 1
This example shows output on a server that uses a local primary Domino
Directory, two secondary Domino Directories (one of which is a local
Extended Directory Catalog), and one remote LDAP directory.

Start Port
Syntax: Start Port portname
Description: Enables transactions (or messages) on the specified port.
Use this command after you disable the port with the Stop Port
command.
Example:
Start Port TCP Enables the port named TCP.

Stop Consolelog
Syntax: Stop Consolelog
Description: Disables output to the console log file.
Example:
Stop Consolelog
The Start Consolelog and the Stop Consolelog server commands enable
and disable console logging just as the NOTES.INI variable
CONSOLE_LOG_ENABLED does. The difference between the server
console commands and the NOTES.INI settings is that the console
commands are in effect for the current server session only, whereas the
NOTES.INI settings are permanent and take effect each time the server
is started.
For more information on CONSOLE_LOG_ENABLED, see the appendix
NOTES.INI File.

Stop Port
Syntax: Stop Port portname
Description: Disables transactions (or messages) on the specified port.
This command allows you to make changes to the port that take effect
immediately without stopping the Domino server. When youre finished
making changes to the port, use the Start Port command to re-enable it.
To see a list of ports you can disable, issue the console command Show
Configuration.
Example:
Stop Port TCP Disables the port named TCP.

A-44 Administering the Domino System, Volume 2

Reference

Tell
Syntax: Tell serverprogram
Description: Issues a command to a server program or task. The
command is especially useful for stopping a server task without stopping
the server.
Note Most server commands support the arguments -? and /? to
display online help. For example, you could enter one of these to obtain
help for the server command Tell Amgr:
Tell Amgr -?
Tell Amgr /?

Example:
Tell Router Quit Stops only the Router task. All other tasks on the
server continue to run.

Specialized Tell commands


Some Tell commands are common to all server tasks for example, Tell
task Quit. Other Tell commands are unique to a particular task. These
tasks have unique Tell commands:

Administration Process

Agent Manager

Certificate Authority Process

Change Manager

Cluster Replicator

DIIOP

Directory Cataloger

LDAP

Router

Schedule Manager

SMTP Server

Statistic Collector

Web Navigator

Web Server

For more information on these Tell commands, see the appropriate


sections below.

Server Commands A-45

To enter a Tell command from the Domino Administrator


You can enter a Tell command directly from the Server - Status tab in the
Domino Administrator.
1. From the Domino Administrator, click the Server - Status tab.
2. Select a task in the top pane.
3. If necessary, click Tools to display the tool bar, and then click Task Tell.
4. Select the options you want and click OK.
5. (Optional) Click Console to see the response to the Tell command.

To stop a task from the Domino Administrator


You can stop a server task from the Domino Administrator. This is the
same as using the Tell command to quit a task.
1. From the Domino Administrator, click the Server - Status tab.
2. Select the task(s) you want to stop from the top pane of the Server Status tab.
3. If necessary, click Tools to display the tool bar, and then click Task Quit.

Administration Process Tell Commands


This table describes additional Tell commands you can use with the
Administration Process.
Command

Result

Tell Adminp Process All

Processes all new and modified immediate,


interval, daily, and delayed requests.
This command doesnt override timed requests
execution time.

Tell Adminp Process Daily Processes these requests:


All new and modified daily requests to update
Person documents in the Domino Directory.
Any outstanding Rename Person in Unread
List requests.
Tell Adminp Process
Delayed

Processes all new and modified delayed requests.


These are requests that are usually carried out
according to the Start executing on and Start
executing at settings in the Server document.
continued

A-46 Administering the Domino System, Volume 2

Result

Tell Adminp Process


Interval

Processes all immediate requests and all requests


that are usually processed according to the Interval
setting in the Server document.

Tell Adminp Process New

Processes all new requests.

Tell Adminp Process


People

Processes all new and modified requests to update


Person documents in the Domino Directory.

Tell Adminp Process Time Processes all new and modified requests to delete
unlinked mail files.
Displays (and records in the servers log file) this
information:

Tell Adminp Show


Databases

The databases that a particular administration


server updates
The locations in the database where it updates
Reader and Author fields in the databases it
updates
The databases that dont have an administration
server assigned to them
Tell Adminp Quit

Stops the Administration Process on a server.

Agent Manager Tell commands


This table describes additional Tell commands you can use with Agent
Manager.
Command

Result

Tell Amgr Cancel

Cancels the scheduled agent that is currently running.


Specify the agent to be cancelled by entering these
arguments:
db name agent name
Example: Tell Amgr Cancel DatabaseName.nsf
AgentName
Note You can use the Tell Amgr Schedule command to
determine which agents can be cancelled.

Tell Amgr Debug

Displays either the current debug settings for the Agent


Manager or lets you set new ones. When using this
command to set debug values, you can use the same flags
used by the Debug_AMgr command in the NOTES.INI file.
These settings take effect immediately; you do not need to
restart the Agent Manager or the server.
continued

Server Commands A-47

Reference

Command

Command

Result

Tell Amgr Run

Runs the agents that you designate with these arguments:


db name agent name
Example: Tell Amgr Run DatabaseName.nsf
AgentName

Tell Amgr Pause

Pauses scheduling of agents

Tell Amgr Quit

Stops the Agent Manager on a server.

Tell Amgr Resume Resumes scheduling of agents.


Tell Amgr
Schedule

Shows the schedule for all agents scheduled to run for the
current day. In addition, the command shows the agent
trigger type, the time the agent is scheduled to run, the
name of the agent, and the name of the database on which
the database runs. Checking the Agent Manager schedule
lets you see if an agent is waiting in one of the Agent
Manager queues.
Agent Manager queues:
E - Agents eligible to run
S - Agents scheduled to run
V - Event-triggered agents waiting for their events to occur
Trigger types:
S - Agent is scheduled to run
M - Agent is a new mail-triggered agent
U - Agent is a new/updated document-triggered agent

Tell Amgr Status

This command shows a snapshot of the Agent Manager


queues and displays the Agent Manager settings in the
Server document.

Certificate Authority process tell commands


This table describes additional Tell commands you can use with the
Domino CA process.
Command

Result

tell ca quit

Stops CA process.

tell ca stat

Displays summary information for the certifiers using the


CA process; this includes the certifiers number, its
hierarchical name, certifier type (Notes or Internet), whether
it is active, and name of the ICL database.
continued

A-48 Administering the Domino System, Volume 2

Result

tell ca show
queue certifier
number

Display a list of pending certificate requests, revocation


requests, and configuration modification requests for a
specific certifier, using its number from the results of the tell
ca status command. You can also use * to show this
information for all certifiers that are using the CA process.

Activate a certifier if the certifier is created with Require


tell ca activate
certifier number password to activate certifier, or use this for any certifier
that has been deactivated. Activation is enabled during CA
password
setup and creation. Activate a specific certifier by entering its
number from the results of the tell ca status command. Or
you can actually unlock all server ID/password-protected
certifiers at one time with this command, if you specify *
for the certifier number. The CA process then prompts you
for the password for each certifier.
tell ca deactivate Deactivate a certifier. You will need to activate it again in
certifier number order for it to process any request. Use * to deactivate
everything, or deactivate a specific certifier by entering its
number from the results of the tell ca status command.
tell ca lock idfile Lock all certifiers that were set up with a lock ID, as specified
during CA setup.
tell ca unlock
idfile password

Unlock all certifiers using the ID and password that


comprise the lock ID. The lock ID is specified during CA
setup.

tell ca CRL issue Issue a non-regular CRL for a specific certifier, where
certifier number certifier number is the number of the certifier specified in the
results of the tell ca status command.
tell ca CRL push Push a certifiers latest regularly scheduled CRL to the
certifier number Domino Directory, where certifier number is the number of
the certifier specified in the results of the tell ca status
command.
tell ca CRL info Display CRL information for a specified certifier, where
certifier number certifier number is the number of the certifier specified by the
[s/S/n/N]
tell ca status command. Use s or S for regularly scheduled
CRLs, and n or N for non-regularly scheduled CRLs.
tell ca refresh

Force the CA process to refresh its list of certifiers. As a result:


newly configured certifiers will be added to the CA process
previously unlocked certifiers will need to be unlocked again
previously activated certifiers may need to be activated
again, if the activation password has changed
the Notes certifier ID file in idstorage will be updated
with the latest certificate information

tell ca help

List tell ca options


Server Commands A-49

Reference

Command

Change Manager tell commands


You can use the Tell Change Man command at the console to control the
Domino Change Manager. The following options are available.
Option

Action

quit

Stops the Change Manager and all plug-ins.

stop

Stops the Change Manager and all plug-ins. Same as Quit.

exit

Stops the Change Manager and all plug-ins. Same as Quit.

help

Refers you to documentation.

Refers you to documentation. Same as Help.

restart

Stops and then restarts the Change Manager and all plug-in
subsystems.

start plug-in

Starts the plug-in. Currently, Control and Monitor are the


defined plug-ins.

stop plug-in

Stops the plug-in. Currently, Control and Monitor are the


defined plug-ins.
Note Alternatively, you can also use the forms plug-in stop,
plug-in quit and plug-in kill.

restart plug-in

Stops and then starts the plug-in. Currently, Control and


Monitor are the defined plug-ins.
Note Alternatively, you can also use the form plug-in
restart.

plug-in command Attempts to issue the command to the named plug-in, if it


exists and is running.
reset

Resets the internal lookup caches.

control process

Requests the PlanControl (control) plug-in to process and


check all plans.

A-50 Administering the Domino System, Volume 2

This table describes additional Tell commands you can use with the
Cluster Replicator.
Command

Result

Tell Clrepl Log

Records information in the server log (LOG.NSF)


immediately, instead of waiting for the next log interval.
The log includes information about all cluster replications
waiting for retry. Use this command when the
Replica.Cluster.Retry.Waiting statistic is non-zero, indicating
that some replications could not be completed and are
awaiting a retry.
After you correct the errors for example, by restarting the
server that was unavailable the Cluster Replicator will
succeed on its next retry and the
Replica.Cluster.Retry.Waiting statistic will return to zero.

Tell Clrepl Quit Stops all instances of the Cluster Replicator on a server.
To prevent the Clrepl task from running in future sessions,
remove all instances of the Clrepl task from the ServerTasks
setting in the NOTES.INI file. Disabling the Clrepl task on
one server only prevents replication from that server to other
servers; it doesnt prevent replication to the server from other
cluster servers.

DIIOP Tell commands


This table describes additional Tell commands you can use with Domino
IIOP.
Command

Result

Tell DIIOP Dump


Config

Provide a list of the configuration data that DIIOP is


using from the Domino Directory. Using dump the
configuration is written to the file diiopcfg.txt in the
servers data directory.

Tell DIIOP Show


Config

Provide a list of the configuration data that DIIOP is


using from the Domino Directory. Using show the
configuration is displayed on the server console.
continued

Server Commands A-51

Reference

Cluster Replicator Tell commands

Command

Result

Tell DIIOP Log=n

This command determines the amount of information the


DIIOP will log about its operation. Valid values for n are
as follows:
0 Show Errors & Warnings only
1 Also show informational messages
2 Also show session init/term messages
3 Also show session statistics
4 Also show transaction messages
The setting of this command is saved in the NOTES.INI
variable DIIOPLogLevel. Any change that is made to the
DIIOP log level will be used the next time the server is
restarted.

Tell DIIOP Refresh

Use this command to reload the configuration data that


DIIOP is using from the Domino Directory and from
notes.ini. By default DIIOP incorporates changes from the
Domino Directory every 3 minutes or as often as specified
in the NOTES.INI parameter:
DIIOPConfigUpdateInterval

The Refresh command will force DIIOP to look for


changes in the configuration and apply them
immediately.
Tell DIIOP Show
Users
Or
Tell DIIOP Show
Users D

Show all the current active users known to the DIIOP


task. This list is similar to the server console command
show tasks but it includes more information.
Appending D to this tell command the list of current
users will also include the databases the user has open
and along with a count of objects that are in use.
Example:
tell diiop show users d
UserName
IdleTime
ConnectTime
Anonymous
0:00

0:00

ClientHost
SessionId

9.95.74.178
SN00048DE22

perf/user1.nsf
Objects in use: Databases: 1
Documents:0 Items: 0 Others: 0
Users: 1, Network Connections: 1

A-52 Administering the Domino System, Volume 2

Views: 0

This table describes additional Tell commands you can use with the
Directory Cataloger (Dircat task).
Command

Result

Tell Dircat Pause

The Dircat task finishes aggregating the directory catalog it


is currently processing, and then goes idle. Use this
command before shutting down a server that is in the
middle of Dircat processing.

Tell Dircat Resume Resumes a Dircat task that is paused.

LDAP Tell commands


This table describes additional Tell commands you can use with the
LDAP server task.
Command

Result

Tell LDAP Quit

Stops the LDAP task on a server.

Tell LDAP
ReloadSchema

When run on the Domino Directory administration


server, the schema daemon updates the LDAP
service in-memory schema with any new schema
changes defined with Domino Directory forms or
with the Domino LDAP Schema database. The
schema daemon then publishes the updated schema
into the Schema database, and then replicates the
Schema database to others servers in the domain
that run the LDAP service.
When run on a subordinate server in the domain
that runs the LDAP service, the schema daemon
replicates the Schema database from the
administration server, if it detects changes on the
administration server replica. The schema daemon
then loads the updated schema now published in its
local Schema database into memory.

Tell LDAP Showconfig

Shows:
LDAP service settings from the LDAP tab of the
Configuration Settings document.
LDAP service port settings
Status of LDAP Activity Logging (enabled or
disabled.)

Tell LDAP Showconfig


Debug

Shows current NOTES.INI settings related to the


LDAP service, as well as the information shown by
Tell LDAP Showconfig.
continued
Server Commands A-53

Reference

Directory Cataloger Tell commands

Command

Result

Tell LDAP VerifyDIT

Verifies that each component of a distinguished


name in a directory that is visible through Notes has
an entry in the directory that represents the
component as an object class. If the LDAP service
finds a component of a distinguished name without
a corresponding object class entry, it creates an
appropriate entry for the object class in the hidden
view ($LDAPRDNHIER). Creating such entries
ensures that LDAP clients can successfully use an
object class in a search filter to search for any entry
in the directory.
Also purges duplicate entries in the directory.
Runs on any primary, central, or secondary Domino
Directory or Extended Server Directory Catalog for
which the server running the LDAP service is the
administration server.

Router Tell commands


The table below describes other Tell commands you can use with the
Router task.
Command

Result

Tell Router Delivery Stats Shows Router delivery statistics.


Tell Router Compact

Compacts MAIL.BOX and cleans up open Router


queues. You can use this command to compact
MAIL.BOX at any time. If more than one
MAIL.BOX is configured for the server, each
MAIL.BOX database will be compacted in sequence.
By default, MAIL.BOX is automatically compacted
at 4 AM.

Tell Router Show Queues Shows mail held in transfer queues to specific
servers and mail held in the local delivery queue.
Tell Router Exit

Stops the Router task on a server.


continued

A-54 Administering the Domino System, Volume 2

Result

Tell Router Update


Config

Updates the servers routing tables to immediately


modify how messages are routed. This removes the
5 minute delay before a Router configuration
change takes effect.
To determine the best route for delivering a
message to its destination, the Router creates
routing tables, which map a path to the destination.
The routing table derives information from
variables in the NOTES.INI file and from the
Configuration Settings, Domain, Connection, and
Server documents in the Domino Directory. The
command does not update the routing tables with
changes made to the Global Domain document.
By default, mail the router automatically refreshes
its configuration every 5 minutes to absorb changes
made in its sources. In previous versions of
Domino, you had to restart the router task to update
the routing tables after making changes in the
sources documents.
The command is case insensitive.

Tell Router Quit

Stops the Router task on a server.

Schedule Manager Tell commands


This table describes additional Tell commands you can use with
Schedule Manager.
Command

Result

Tell Sched Stats

Displays totals of reservations and appointments in


the free time database.

Tell Sched Show username

Displays the specified users schedule on the server


console. Use this command to investigate problems
in the free time database.
continued

Server Commands A-55

Reference

Command

Command

Result

Tell Sched Validate

Immediately validates a free time database on a


server.
Validation occurs by default at 2 AM; however,
you can use this command to force it to occur
sooner. Another way to force validation is to stop
and restart the Schedule Manager.
Validation can take some time. You must issue this
command at all servers where mail files have been
removed and/or added to ensure that old free time
information is removed and new free time
information is added to the free time database on
the server.
Dont use this command when you add a new user.
The Administration process creates Person
documents for users in the Domino Directory
before creating their mail file on their mail server.
Schedule Manager watches for database creations
and automatically picks up new users mail files.

Tell Sched Validate


username

Validates the information for the specified user.


This command is faster than using the Tell Sched
Validate command because it allows you to
validate individual users, rather than validating all
of the data on a server.

Tell Sched Quit

Stops the Schedule Manager task on a server.

SMTP Server Tell commands


This table describes additional Tell commands you can use with SMTP
Server.
Command

Result

Tell SMTP Update Config

By default, whenever you restart the SMTP


service, and at two-minute intervals thereafter,
the SMTP service automatically checks the
NOTES.INI file, Configuration Settings
document, and Server document to see if any
settings have changes. If the service detects that
settings have changed, it rebuilds its internal
configuration to incorporate the changes.
The Tell SMTP Update Config server console
command will manually trigger such a service
update. Using the console command allows
Administrators to immediately put into effect
changes to the SMTP configuration without
disrupting normal service operation.

A-56 Administering the Domino System, Volume 2

This table describes additional Tell commands you can use with the
Statistic Collector.
Command

Result

Tell Collector Collect

Runs a statistic collection on all the servers specified


and generates statistic reports.

Tell Collector Quit

Stops the Collect task on a server.

Web Navigator Tell commands


This table describes additional Tell commands you can use with the Web
Navigator.
Command

Result

Tell Web Help

Lists all the Web Navigator server console commands.

Tell Web Refresh

Refreshes all the Web Navigator global settings. Use this


command if you edit the Administration document while
the Web server task is running.

Tell Web Quit

Stops all running copies of the Web Navigator.

Web Server Tell commands


This table describes additional Tell commands you can use with the Web
server.
Command

Result

Tell HTTP Dump


Config

Dumps the HTTP configuration to a text file so that you can


see how the server is configured.

Tell HTTP Refresh Refreshes the Web Server before the normal refresh. You
can specify the refresh cycle interval in the Server
document.
During a Web Server refresh cycle, all of the configuration
information contained in the Web Site documents, and
documents attached to Web Site documents (file protection,
authentication realms, and rules) is updated on the server.
continued

Server Commands A-57

Reference

Statistic Collector Tell Commands

Command

Result

Tell HTTP Restart Refreshes the Web server with changes made to settings in
the:
Server document for the Web Server
File Protection, Virtual Server, and URL Mapping
documents in the Domino Directory.
NOTES.INI file that affects the HTTP server task
HTTPD.CNF and BROWSER.CNF files
Changes to Java servlets or the servlets.properties file
This command produces the same results as stopping and
restarting the Web Server. However, this Tell command is
faster than stopping and restarting because when you use
the Tell command, the HTTP server task remains in
memory. All outstanding HTTP requests are processed
before the HTTP task restarts, however no HTTP requests
are processed during restart.
This command deletes the in-memory page and
user-authentication caches.
Tell HTTP Show
File Access

Displays information about file system protection on the


machine, and on virtual servers, if you set up virtual
servers on the machine.

Tell HTTP Show


Security

Displays information about SSL and the server key ring file,
including information about whether the server started SSL
on the machine. Displays information about SSL for virtual
servers if you set up virtual servers on the machine.

Tell HTTP Show


Users

Displays the names of users, their IP addresses, and the


session expiration time for users authenticated with
session-based authentication.
Servers participating in single sign-on, configured for
multi-server session-based authentication may not report
sessions accurately using this command.
If the authentication cookie originates from the current
server, displays the user name, IP address, and session
expiration time for that web server. If the authentication
cookie does not originate on the current server, does not
display session information for users.
After a user logs out, this command continues to display
the cookie as valid on the server. The session is still valid
even though the user has ended the session.

Tell HTTP Show


Virtual Servers

Displays a list of virtual servers running on the machine.

Tell HTTP Quit

Stops the Web Server task.

A-58 Administering the Domino System, Volume 2

Reference

Trace
Syntax: Trace servername
Description: Use the Trace command to test a connection to a server.
This command shows detailed information about each server hop and is
useful in troubleshooting network connection problems. This command
works the same way as Trace connections, when you choose File Preferences - Notes Preferences in the Notes client.
To trace a path to a server, enter:
Trace servername

To trace a specific port, enter:


Trace portname !!! servername

When you attempt to connect to a server, network trace information


automatically appears on the status bar of a Notes workstation or on the
server console, depending on where you initiated the connection attempt.
You can use the NOTES.INI Console_LogLevel setting to control the
level of detail that messages on the status bar contain. Trace information
is recorded in the log file (LOG.NSF).
For more information on tracing connections, see the chapter Setting up
Server-to-Server Connections. For more information on the
Console_LogLevel setting, see the appendix NOTES.INI File.

Server Commands A-59

Reference

Appendix B
Server Tasks
This chapter explains how to run server tasks that perform complex
administration procedures.

Running server tasks


Server tasks perform complex administration procedures for example,
compacting databases and updating indexes. You can run a server task
manually, by loading the task at the server console or by using the
Domino Administrator Task - Start tool, Server menu, or the
Administrator console. Or you can run the task automatically when the
server starts by adding the name of the task to the ServerTasks or
ServerTasksAt settings in the NOTES.INI file. In addition, you can create
a Program document in the Domino Directory to run a task at scheduled
intervals.
In addition to the server tasks that Domino supplies, you can write and
run custom tasks that are stored as OS/2 command files, Windows batch
files, UNIX shell scripts or programs, and API programs.

From the local server console


Open the server console and enter the server task at the command
prompt.

From the Domino Administrator server console


1. From the Domino Administrator, open the console for the server on
which the program runs by clicking Console on the Server - Status
tab.
2. In the Server console command field, type:
Load taskname

where taskname is the name of the server task that you want to run.

B-1

From the Domino Administrator Start - Task tool


1. From the Domino Administrator click the Server - Status tab.
2. Click Server Tasks.
3. Open the set of Task tools.
4. Click Start.
5. In the Start New Task box, select a server task from the list. Select
advanced options to specify additional parameters.
6. Click Start Task.

In the NOTES.INI file


Many tasks run, by default, at specific times. You can schedule additional
tasks to run by editing one of these settings in the NOTES.INI file:

ServerTasks starts tasks automatically every time the server starts up

ServerTasksAt starts tasks at a specified time

For more information, see the appendix NOTES.INI File.

In a Program document
To run a task on a server at a regularly scheduled time or at server
startup, create a Program document in the Domino Directory. You can
also use a Program document to run a UNIX shell script or program, or
an API program.
If you create a UNIX shell script or API program, you can use any of these
characters for the name: A - Z, 0 - 9, & - . _ / (ampersand, dash, period,
space, underscore, apostrophe, forward slash). Do not use \ (backslash) or
any other characters because this can cause unexpected results.
1. From the Domino Administrator, open the Domino Directory. Go to
the Servers view, and open the Server document.
2. Choose Create - Server - Program.
3. On the Basics tab, complete these fields:
Field

Enter

Program name

The name of the server task you want to run.

Command line

The command that starts the task, including any


arguments to the command.

Server to run on The full hierarchical name of the server on which to run
the task.
Comments

A program description or additional information.

B-2 Administering the Domino System, Volume 2

Reference

4. Click the Schedule tab, and then complete these fields:


Field

Enter

Enabled/disabled Choose one:


Startup to run the program only when the server starts.
Enabled to schedule the task to run at specific times.
Run at times

The first time of day you want the task to run.

Repeat interval of The number of minutes before the task should run
again.
Days of week

The days of the week when the task will run.

5. (Optional) Click Administration, and then enter the names of


additional owners/administrators.
6. Close and save the document.
Tip To view all tasks scheduled to run on a server, use the Show
Schedule command.
For more information, see the appendix Server Commands.

Domino server tasks


Task

Command to Description
run task

Default in
NOTES.INI file

Activity Trends trends


Collector

Runs the Activity Trends


Collector which performs
historical and trended analysis
on Domino Activity data.

None

Administration AdminP
Process

Automates a variety of
administrative tasks.

ServerTasks

Agent manager AMgr

Runs agents on one or more


databases.

ServerTasks

Billing

Billing

Collects all generated billing


information.

ServerTasks

Calendar
Connector

Calconn

Processes requests for free-time ServerTasks


information from another
server.

CA process

ca

Automates a variety of
server-based certificate
authority tasks.

ServerTasks

Cataloger

Catalog

Updates the database catalog.

ServerTasksAt1
continued
Server Tasks B-3

Task

Command to Description
run task

Default in
NOTES.INI file

Change
Manager

runjava
Runs the Change Manager
ChangeMan addin task which manages
large-scale changes within the
domain.

None

Chronos

Chronos

Updates full-text indexes that


are marked to be updated
hourly, daily, or weekly.

None

Cluster
Cladmin
Administration
Process (R4/R5
only)

Oversees the correct operation


of all components of a cluster.

None

Cluster
Database
Directory
Manager

Cldbdir

Updates the cluster database


directory and manages
databases with cluster-specific
attributes.

None

Cluster
Replicator

Clrepl

Performs database replication


in a cluster.

None

Database
compactor

Compact

Compacts all databases on the


server to free up disk space.

None

Database fixup Fixup

Locates and fixes corrupted


databases.

None

Designer

Design

Updates all databases to reflect ServerTasksAt1


changes to templates.

DIIOP

DIIOP

Allows Java applets/


applications to access Domino
data remotely using CORBA.

ServerTasks

Directory
Cataloger

Dircat

Populates directory catalogs


and keeps the catalogs
up-to-date.

None

Domain
Indexer

Domidx

Creates a central, full-text index None


for all specified databases and
file systems in a domain. Runs
only on Domain Catalog
servers.

Event Monitor

Event

Monitors events on a server.

HTTP Server

HTTP

Enables a Domino server to act None


as a Web server so browser
clients can access databases on
the server.

None

continued
B-4 Administering the Domino System, Volume 2

Command to Description
run task

Default in
NOTES.INI file

IMAP Server

IMAP

Enables a Domino server to act None


as a maildrop for IMAP clients.

Indexer

Updall

Updates all changed views


and/or full-text indexes for all
databases.

ServerTasksAt2

Internet Cluster ICM


Manager (ICM)

Provides failover and workload None


balancing for HTTP clients
(Internet browsers) that access
Domino Web servers.

ISpy

RunJava
ISpy

Sends server and mail probes


and stores the statistics.

ServerTasks

LDAP Server

LDAP

Enables a Domino server to


provide LDAP directory
services to LDAP clients.

ServerTasks on
administration
server for the
Domino
Directory; None
on other servers

MTC

MTC

Reads log files produced by the ServerTasks


router and writes summary
data about message traffic to a
database for message tracking
purposes.

Object store
manager

Object

Performs maintenance activities ServerTasksAt3


on databases and mail files that =Object Info
use shared mail.
-Full

POP3 Server

POP3

Enables a Domino server to act None


as a maildrop for POP3 clients.

Replicator

Replica

Replicates databases with other ServerTasks


servers.

Reporter

Report

Reports statistics for a server.

None

Router

Router

Routes mail to other servers.

ServerTasks

Runjava

Runjava

Runs Java server add-in tasks


such as the Change Manager
and ISpy.

None; used
only with the
name of another
add-in task,
never appears
by itself

Schedule
manager

Sched

Returns meeting times and


dates and available invitees.

ServerTasks
continued
Server Tasks B-5

Reference

Task

Task

Command to Description
run task

Default in
NOTES.INI file

SMTP listener

SMTP

Listens for incoming SMTP


connections, enabling Domino
to receive mail from other
SMTP hosts.

None

QuerySet

QurySet

Interceptor

Intrcpt

Allows Domino to respond to None


Simple Network Management
Protocol (SNMP) requests.
Prerequisite: Domino SNMP
Agent (LNSNMP).
Allows Domino to issue SNMP None
traps for Domino events.
Prerequisite: Domino SNMP
Agent (LNSNMP).

Statistic
Collector

Collect

Collects statistics for multiple


servers.

Statistics

Statlog

Records database activity in the ServerTasksAt5


log file.

Stats

Stats

Generates statistics for a remote ServerTasks


server on demand.

Web Retriever

Web

Implements the HTTP protocol None


to retrieve Web pages and
convert them into Notes
documents.

SNMP

B-6 Administering the Domino System, Volume 2

None

Reference

Appendix C
NOTES.INI File
This appendix contains NOTES.INI settings that you can modify. The
settings are listed in alphabetical order. For information on using
NOTES.INI settings to improve server performance, see the chapter
Improving Server Performance.

Editing the NOTES.INI file


You should rarely, if ever, need to modify a servers or clients
NOTES.INI file. The NOTES.INI file contains many settings that Domino
and Notes rely on to work properly. An accidental or incorrect change
may cause Domino or Notes to run unpredictably. Therefore, you should
edit the NOTES.INI file only if special circumstances occur or if Lotus
Support Services recommends that you do so.
There are three ways to edit NOTES.INI settings:

Open the NOTES.INI file and edit it. The procedure for doing this
depends on your clients or servers operating system and the text
editor you use.

Create a Configuration Settings document and edit its settings. Using


a Configuration Settings document, you can add and modify many
NOTES.INI settings at a time. However, there are a number of
settings that you cannot set in the Configuration Settings document.
Also, because a Configuration Settings document applies only to
Domino servers, you cannot use it to modify a Notes clients
NOTES.INI file.

Use the Set Configuration server command.


For information on Set Configuration, see the appendix Server
Commands.

Because directly editing the NOTES.INI file is unsafe, its best to use a
Configuration Settings document to modify server settings.

C-1

To edit the NOTES.INI file using a Configuration Settings document


1. From the Domino Administrator, open the Domino Directory and
click the Configuration tab.
2. To edit an existing Configuration Settings document, highlight it and
then click Edit Configuration. To create a new configuration
document, highlight the server for which the Configuration Settings
document will apply, then click Add Configuration.
3. To modify NOTES.INI settings on the server, click the NOTES.INI
Settings tab. This tab lists a number of current settings in the servers
NOTES.INI file.
4. To add or change a setting, click Set/Modify Parameters to display
all settings that you can set in the Configuration Settings document.
Select the setting(s) you want to add/modify.
5. Save and close the document.

Admin
Syntax: Admin=username
Description: Specifies the user name of the server administrator. Enter
each part of the name in canonical format, separated by a slash (/),
where:
CN is the common name
OU is the organization unit
O is the organization
C is the country code
For example:
Admin=CN=John Smith/OU=Marketing/O=Acme
Applies to: Servers
Default: None
UI equivalent: The Administrators field in the Server document in the
Domino Directory

C-2 Administering the Domino System, Volume 2

Reference

Allow_Access
Syntax: Allow_Access=names
Description: Specifies servers, users, and groups that can access a server.
You must specify a hierarchical name in hierarchical format, for example,
Alice Jones/Acme. An asterisk represents everyone listed in the Domino
Directory. An asterisk followed by a view name represents everyone
listed in that view of the Domino Directory. An asterisk followed by a
slash (/) and a hierarchical certifiers name represents everyone certified
by that certifier. The Deny_Access setting overrides the Allow_Access
setting.
For more information on the Deny_Access setting, see the topic
Deny_Access later in this chapter.
Applies to: Servers
Default: None
UI equivalent: The Access Server field in the Security tab of the Server
document in the Domino Directory. The Server document takes
precedence over the NOTES.INI setting. Domino uses the Allow_Access
setting only if the Access Server field is empty.

Allow_Access_portname
Syntax: Allow_Access_portname=names
Description: Specifies servers, users, and groups that can access a server
port. The portname parameter indicates the name of the port you enabled
in the Port Setup dialog box and in the Server document. An asterisk
represents everyone listed in the Domino Directory. An asterisk followed
by a view name represents everyone listed in that view of the Domino
Directory. An asterisk followed by a slash (/) and a hierarchical
certifiers name represents everyone certified by that certifier. For
example:
Allow_Access_lan3=*
All users listed in the Domino Directory can use the LAN3 port on
this server.
Applies to: Servers
Default: None
UI equivalent: None

NOTES.INI File C-3

Allow_Passthru_Access
Syntax: Allow_Passthru_Access=names
Description: Specifies servers, users, and groups that can access this
server using passthru. If you do not specify a name, no one can access
this server using passthru. An asterisk represents everyone listed in the
Domino Directory. An asterisk followed by a view name represents
everyone listed in that view of the Domino Directory. An asterisk
followed by a slash (/) and a hierarchical certifiers name represents
everyone certified by that certifier. For example:
Allow_Passthru_Access=*
All users listed in the Domino Directory can access this server using
passthru.
Applies to: Servers
Default: None
UI equivalent: The Access this server field in the Passthru Use section of
the Security tab of the Server document in the Domino Directory. If a
conflict exists between the NOTES.INI setting and the server document,
the Server document takes precedence.

Allow_Passthru_Callers
Syntax: Allow_Passthru_Callers=names
Description: Specifies servers, users, and groups that can instruct this
server to establish a connection to call a destination server. If you do not
enter a name, no calling is allowed. An asterisk represents everyone
listed in the Domino Directory. An asterisk followed by a view name
represents everyone listed in that view of the Domino Directory. An
asterisk followed by a slash (/) and a hierarchical certifiers name
represents everyone certified by that certifier.
Applies to: Servers
Default: None
UI equivalent: The Cause calling field in the Passthru Use section of the
Security tab of the Server document. If a conflict exists between the
NOTES.INI setting and the Server document, the Server document takes
precedence.

C-4 Administering the Domino System, Volume 2

Reference

Allow_Passthru_Clients
Syntax: Allow_Passthru_Clients=names
Description: Specifies servers, users, and groups that can use a passthru
server to connect to this server. If you do not specify a name, passthru is
not allowed. An asterisk represents everyone listed in the Domino
Directory. An asterisk followed by a view name represents everyone
listed in that view of the Domino Directory. An asterisk followed by a
slash and a hierarchical certifiers name represents everyone certified by
that certifier.
Applies to: Servers
Default: None
UI equivalent: The Route through field in the Passthru Use section of the
Security tab of the Server document. If a conflict exists between the
NOTES.INI setting and the Server document, the Server document takes
precedence.

Allow_Passthru_Targets
Syntax: Allow_Passthru_Targets=names
Description: Specifies the destination servers that this server can connect
to using passthru. If you do not specify a name, this server can route to
all servers.
Applies to: Servers
Default: None
UI equivalent: The Destinations allowed field in the Passthru Use section
of the Security tab of the Server document. If a conflict exists between the
NOTES.INI setting and the Server document, the Server document takes
precedence.

AMgr_DisableMailLookup
Syntax: AMgr_DisableMailLookup=value
Description: By default, a mail-triggered agent performs a mail lookup
of the user who last modified it. It only runs if the server running the
agent is also the users mail server. When users create or modify a
mail-triggered agent on a server other than their own mail server, you
can use this setting on the server to disable mail lookup so that the agent
NOTES.INI File C-5

can run. Notes displays the message for the user Unable to determine
the execution access privileges if the mail server cannot be reached.
0 - Perform mail lookups when running mail-triggered agents
1 - Do not perform mail lookups when running mail-triggered agents
Applies to: Servers and workstations
Default: None. Without this setting, mail-triggered agents perform mail
lookups.
UI equivalent: None

AMgr_DocUpdateAgentMinInterval
Syntax: AMgr_DocUpdateAgentMinInterval=number of minutes
Description: Specifies the minimum elapsed time, in minutes, between
the execution of the same document update-triggered agent.
Applies to: Servers and workstations
Default: 30
UI equivalent: None, although you can specify this setting in the
NOTES.INI Settings tab of the Configuration Settings document in the
Domino Directory.

AMgr_DocUpdateEventDelay
Syntax: AMgr_DocUpdateEventDelay=number of minutes
Description: Specifies the delay time, in minutes, that the agent manager
schedules a document update-triggered agent after a document update
event.
Applies to: Servers and workstations
Default: 5
UI equivalent: None, although you can specify this setting in the
NOTES.INI Settings tab of the Configuration Settings document in the
Domino Directory.

C-6 Administering the Domino System, Volume 2

Syntax: AMgr_NewMailAgentMinInterval=number of minutes


Description: Specifies the minimum elapsed time, in minutes, between
execution of the same new mail-triggered agent.
Applies to: Servers and workstations
Default: 0
UI equivalent: None, although you can specify this setting in the
NOTES.INI Settings tab of the Configuration Settings document in the
Domino Directory.

AMgr_NewMailEventDelay
Syntax: AMgr_NewMailEventDelay=number of minutes
Description: Specifies the time (in minutes) that the Agent Manager
delays before scheduling a new mail-triggered agent after new mail is
delivered.
Applies to: Servers and workstations
Default: 1
UI equivalent: None, although you can specify this setting in the
NOTES.INI Settings tab of the Configuration Settings document in the
Domino Directory.

AMgr_SchedulingInterval
Syntax: AMgr_SchedulingInterval=number of minutes
Description: Specifies a delay (in minutes) between running of the Agent
Managers scheduler. Valid values are 1 minute to 60 minutes.
Applies to: Servers and workstations
Default: 1
UI equivalent: None

NOTES.INI File C-7

Reference

AMgr_NewMailAgentMinInterval

AMgr_UntriggeredMailInterval
Syntax: AMgr_UntriggeredMailInterval=number of minutes
Description: Specifies a delay (in minutes) between running of the Agent
Managers check for untriggered mail. Valid values are 1 minute to 1440
minutes (the number of minutes in a day).
Applies to: Servers and workstations
Default: 60
UI equivalent: None

AMgr_WeekendDays
Syntax: AMgr_WeekendDays=day1, day2, ...
Description: When agents use the On Schedule trigger, the Run on
Schedule options box is available and includes the Dont run on weekends
check box option. When you select this option, the agent does not run on
weekend days. The default value for weekend days is Saturday (7) and
Sunday (1). You can specify any number of days, up to 7. For example:
AMgr_WeekendDays= 1,6,7
Causes agents that have the Dont run on weekends option checked
not to run on Sundays, Fridays, and Saturdays.
Applies to: Servers and workstations
Default: 7 (Saturday) and 1 (Sunday)
UI equivalent: None, although you can specify this setting in the
NOTES.INI Settings tab of the Configuration Settings document in the
Domino Directory.

AppleTalkNameServer
Syntax: AppleTalkNameServer=servername
Description: Applies to AppleTalk users only. Identifies the name of the
users secondary AppleTalk server. For more information, see your
AppleTalk network documentation.
Applies to: Servers and workstations
Default: None
UI equivalent: File - Preferences - User Preferences - Ports. Select the
AppleTalk port, and click Options to select or modify the server.
C-8 Administering the Domino System, Volume 2

Reference

AutoLogoffMinutes
Syntax: AutoLogoffMinutes=minutes
Description: Specifies the number of inactive minutes before a user is
automatically logged off.
Applies to: Workstations
Default: None
UI equivalent: File - Preferences - User Preferences - Basics - Lock ID
after x minutes of inactivity.

BatchRegFile
Syntax: BatchRegFile =filename
Description: Specifies the name of a batch registration file. If you add
this variable, Domino does not prompt you for the filename when you
import users from a text file.
Applies to: Servers
Default: None
UI equivalent: None

BillingAddinOutput
Syntax: BillingAddinOutput=value
Description: Specifies where Domino logs billing events. Use the
following values to set this variable:
1 - Billing database (BILLING.NSF)
8 - Binary file (BILLING.NBF)
9 - Both the billing database and binary file
Domino creates the BILLING.NSF database and/or the BILLING.NBF
file the first time the billing add-in task is started with this option set.
Applies to: Servers
Default: 1
UI equivalent: None

NOTES.INI File C-9

BillingAddinRuntime
Syntax: BillingAddinRuntime=number of seconds
Description: Specifies how long the billing add-in task runs. For
example, BillingAddinRuntime=30 specifies that the billing add-in will
process billing records for 30 seconds. After 30 seconds the billing add-in
stops processing records, even if there are additional records to be
processed. The BillingAddinRuntime value must be less than the value
you specify for the BillingAddinWakeup variable.
Applies to: Servers
Default: 10
UI equivalent: None, although you can specify this setting in the
NOTES.INI Settings tab of the Configuration Settings document in the
Domino Directory.

BillingAddinWakeup
Syntax: BillingAddinWakeup=number of seconds
Description: Specifies how often the billing add-in task runs. For
example, BillingAddinWakeup=300 specifies that the billing add-in task
wakes up every five minutes (300 seconds) to process the billing records
in the billing message queue. The BillingAddinWakeup value must be
greater than the value you specify for BillingAddinRuntime.
Applies to: Servers
Default: 60
UI equivalent: None, although you can specify this setting in the
NOTES.INI Settings tab of the Configuration Settings document in the
Domino Directory.

BillingClass
Syntax: BillingClass=class(es)
Description: Specifies one or more of six classes of billing activity:

Agent

Database

Document

C-10 Administering the Domino System, Volume 2

HttpRequest

Mail

Replication

Session

Reference

The billing process tracks only the activities that you specify in the
BillingClass variable.
Applies to: Servers
Default: None
UI equivalent: None, although you can specify this setting in the
NOTES.INI Settings tab of the Configuration Settings document in the
Domino Directory.

BillingSuppressTime
Syntax: BillingSuppressTime=number of minutes
Description: Specifies the frequency of record stamping during session
and database activities if session and database activities are specified for
the BillingClass variable. If you want billing data collected more
frequently, decrease the default value (15 minutes). To minimize the
billing workload on your system, increase the value.
Applies to: Servers
Default: 15
UI equivalent: None, although you can specify this setting in the
NOTES.INI Settings tab of the Configuration Settings document in the
Domino Directory.

CDP_Command
Syntax: CDP_Command=value
Description: The set of CDP settings control the opening, handling, and
closing of applications using OLE. All OLE applications use these
variables:
CDP_NEW
CDP_OPEN
CDP_EDIT

NOTES.INI File C-11

CDP_SAVE
CDP_CLOSE
CDP_SHOWITEM
CDP_SHOWACTIVEITEM
CDP_EXIT
All other applications use DIP and need to be hard-coded with separate
lines. For normal usage, you should never need to modify CDP settings.
Applies to: Servers and workstations
Default: None
UI equivalent: None

CertificateExpChecked
Syntax: CertificateExpChecked=path and date
Description: Specifies the path to the local ID file and the last time the ID
was checked for certificates that have expired or are about to expire.
Applies to: Servers and workstations
Default: The ID file and last date checked for expiration.
UI equivalent: None

CertifierIDFile
Syntax: CertifierIDFile=path
Description: Specifies the path to the certifier ID. The path must contain
the drive letter or network drive, directories, and file name. For example:
CertifierIDFile=C:\LOTUS\DOMINO\IDS\CERT.ID
CertifierIDFile=M:\LOTUS\NOTES\IDS\ACME.ID

Applies to: Servers


Default: The path and file name that you specify when you set up the
server.
UI equivalent: None

C-12 Administering the Domino System, Volume 2

Reference

ClockType
Syntax: ClockType=value
Description: (UNIX only) Specifies whether the Domino server clock
displays time in 12-hour format (AM and PM) or 24-hour format
(sometimes called military time). A value of 12_HOUR sets the clock type
as 12-hour. A value of 24_HOUR sets the clock type as 24-hour. This
setting overrides the system clock setting defined in the servers
operating system.
Applies to: Servers
Default: None, although without this setting the Domino server displays
12-hour time.
UI equivalent: None

Clrepl_Obeys_Quotas
Syntax: Clrepl_Obeys_Quotas=value
Description: Specifies whether the Cluster Replicator obeys quotas.
0 - Disables the Cluster Replicator from obeying quotas.
1 - Enables the Cluster Replicator to obey quotas.
Applies to: Servers
Default: The Cluster Replicator does not obey quotas.
UI equivalent: None

Cluster_Replicators
Syntax: Cluster_Replicators=value
Description: Use this setting to start multiple cluster replicators, where
value is the number of cluster replicators required.
Applies to: Servers
Default: None, but Domino starts one cluster replicator by default.
UI equivalent: You can also specify this setting in the NOTES.INI
Settings tab of the Configuration Settings document in the Domino
Directory.

NOTES.INI File C-13

COMnumber
Syntax: COMnumber=parameter1, parameter2, ...
Description: Specifies information for modems connected to the ports
you set in the Ports dialog box. You can define up to five ports (COM1
through COM5). These parameters are valid:
Parameter

Specifies

Required?

driver

Driver name

Yes

unit_ID

Unit ID

Yes

max_sessions

Maximum number of concurrent sessions

Yes

buffer_size

Size of buffer in kilobytes

Yes

flags

Flags, such as secured channel, log modem I/O,


enable RTS/CTS, and so on

No

modem_speed

Modem speed

No

modem_volume

Modem volume and dialing mode

No

modem_filename Name of the modem command file

No

dial_ timer

Connection time-out in seconds

hangup_timeout Idle hang-up time in minutes

No
No

Unless you are experienced with modems and ports, use the
user-interface to configure ports.
Applies to: Servers and workstations
Default: Depends on the modem type selected
UI equivalent: File - Preferences - User Preferences - Ports dialog box.

Compact_Retry_Rename_Wait
Syntax: Compact_Retry_Rename_Wait=number of seconds
Description: If you have specified a value for the
Num_Compact_Rename_Retries setting, Domino waits 30 seconds before
trying to rename a database that was copy-style compacted. You can
request a different amount of time to wait by specifying the value of the
Compact_Retry_Rename_Wait setting in the NOTES.INI file. For
example, to request that Domino wait 2 minutes before trying rename a
database that was copy-style compacted, specify
Compact_Retry_Rename_Wait=120.

C-14 Administering the Domino System, Volume 2

Num_Compact_Rename_Retries x Compact_Retry_Rename_Wait <= 60


minutes.

For more information on the Num_Compact_Rename_Retries setting, see


the topic Num_Compact_Rename_Retries later in this chapter.
Applies to: Servers
Default: No default entry, but in the absence of the setting, Domino
waits 30 seconds before trying to rename a database that was copy-style
compacted.
UI equivalent: None

Console_Log_Enabled
Syntax: Console_Log_Enabled=value
Description: Specifies whether to enable logging to the Console Log file
(CONSOLE.LOG, by default).
0 - Disable Console Log file logging
1 - Enable Console Log file logging
Tip To toggle logging to the Console Log file from the server console,
use the start consolelog and stop consolelog commands.
Applies to: Servers
Default: 0
UI equivalent: None

Console_Loglevel
Syntax: Console_Loglevel=value
Description: Controls the level of information displayed on the status
bar when you trace a connection. The following values are possible:
0 - No information displayed
1 - Only errors are displayed
2 - Summary progress information is displayed
3 - Detailed progress information is displayed
4 - Full trace information is displayed
NOTES.INI File C-15

Reference

Domino enforces the following upper limit when trying to rename a


copy-style compacted database:

For more information on tracing a connection, see the chapter


Troubleshooting.
Applies to: Workstations
Default: 2
UI equivalent: None

Console_Log_Max_Kbytes
Syntax: Console_Log_Max_Kbytes=value
Description: Specifies the maximum size for the Console Log file
(CONSOLE.LOG, by default). If the Console_Log_Max_Kbytes setting is
not present or is set to 0, then the file size is unlimited. When the
maximum file size is reached, new logging output starts to overwrite
existing logging output at the beginning of the file.
This setting can be changed at any time during a server session and when
a new maximum file size is specified, it takes effect upon the next write.
If the new maximum file size is less than or equal to the current
maximum file size, then the maximum size will be set to the current size
to prevent growth and the new size will take effect upon the next server
session.
Applies to: Servers
Default: None
UI equivalent: None

Country_Language
Syntax: Country_Language=value
Description: Specifies the language used for the Domino/Notes
interface.
Applies to: Servers and workstations
Default: en-US (US English)
UI equivalent: File - Preferences - User Preferences - International Content Language dialog box. You can also specify this setting in the
NOTES.INI Settings tab of the Configuration Settings document in the
Domino Directory.

C-16 Administering the Domino System, Volume 2

Reference

Create_File_Access
Syntax: Create_File_Access=names
Description: Specifies users, servers, and groups that can create new
databases on the server. You must specify a hierarchical name in
hierarchical format, for example, Alice Jones/Acme. If you dont specify
a name, all certified users can create files. An asterisk (*) represents
everyone listed in the Domino Directory. An asterisk followed by a view
name represents everyone listed in that view of the Domino Directory.
An asterisk followed by a slash ( / ) and a hierarchical certifiers name
represents everyone certified by that certifier.
Default: None
Applies to: Servers
UI equivalent: The Create New Databases field in the Security tab of the
Server document. The Server document takes precedence over the
NOTES.INI setting. Domino uses the Create_File_Access setting only if
the Create New Databases field is empty.

Create_Replica_Access
Syntax: Create_Replica_Access=names
Description: Specifies the groups that can create replicas on the server.
You must specify a hierarchical name in hierarchical format, for example,
Alice Jones/Acme. If you dont specify a group, all certified users can
create replicas. An asterisk (*) represents everyone listed in the Domino
Directory. An asterisk followed by a view name represents everyone
listed in that view of the Domino Directory. An asterisk followed by a
slash (/) and a hierarchical certifiers name represents everyone certified
by that certifier.
Default: None
Applies to: Servers
UI equivalent: The Create Replica Databases field in the Security tab of
the Server document. Note that the Server document takes precedence
over the NOTES.INI setting. Domino uses the Create_Replica_Access
setting only if the Create Replica Databases field is empty.

NOTES.INI File C-17

CTF
Syntax: CTF=filename
Description: Specifies the international import/export character set
Applies to: Workstations
Default: L_CPWIN.CLS
UI equivalent: File - Preferences - User Preferences - International Import/Export Character Set dialog box.

DDE_Timeout
Syntax: DDE_Timeout=seconds
Description: The amount of time (in seconds) Notes waits for another
DDE application to respond to a DDE message
Applies to: Workstations
Default: 10 seconds
UI equivalent: None

Debug_Outfile
Syntax: Debug_Outfile=filename
Description: Specifies the file name for the Console Log file. If both this
setting and the LogFile_Dir setting exist and Debug_Outfile contains a
fully qualified path name, then LogFile_Dir is not used.
If only the Debug_Outfile setting exists and it contains only a file name,
then the default path
\DATADIRECTORY\IBM_TECHNICAL_SUPPORT is used. If neither
Debug_Outfile or LogFile_Dir exist, then the default path is
\DATADIRECTORY\IBM_TECHNICAL_SUPPORT and the default
path is CONSOLE.LOG.
Applies to: Servers
Default: None
UI equivalent: None

C-18 Administering the Domino System, Volume 2

Reference

Debug_SSL_Cert
Syntax: Debug_SSL_Cert=value
Description: Enables viewing of certificate information at the server
console. To enable viewing, set Debug_SSL_Cert to a value of 2.
Applies to: Servers
Default: None
UI equivalent: None

Default_Index_Lifetime_Days
Syntax: Default_Index_Lifetime_Days=number of days
Description: Specifies a default lifetime for view indexes if none was
selected by the database designer in the view properties box. If the index
is inactive for the specified number of days, the Indexer task purges the
index. For example:
Default_Index_Lifetime_Days=60
sets the lifetime of indexes to 60 days.
Default: 45 days
Applies to: Servers
UI equivalent: None, although you can specify this setting in the
NOTES.INI Settings tab of the Configuration Settings document in the
Domino Directory.

Deny_Access
Syntax: Deny_Access=names
Description: Specifies servers, users, and groups that are denied access
to the server. You must specify a hierarchical name in hierarchical
format, for example, Alice Jones/Acme. An asterisk (*) represents
everyone listed in the Domino Directory. An asterisk followed by a view
name represents everyone listed in that view of the Domino Directory.
An asterisk followed by a slash (/) and a hierarchical certifiers name
represents everyone certified by that certifier. The Deny_Access setting
overrides the Allow_Access setting.

NOTES.INI File C-19

For more information on the Allow_Access setting, see the topic


Allow_Access earlier in this chapter.
Applies to: Servers
Default: None
UI equivalent: The Not Access Server field in the Security tab of the
Server document. The Server document takes precedence over the
NOTES.INI setting. Domino uses the Deny_Access setting only if the Not
Access Server field is empty.

Deny_Access_portname
Syntax: Deny_Access_portname=names
Description: Specifies servers, users, and groups that are denied access
to a specific server port. The portname parameter indicates the name of
the port you enabled in the Port Setup dialog box and in the Server
document. An asterisk (*) represents everyone listed in the Domino
Directory. An asterisk followed by a view name represents everyone
listed in that view of the Domino Directory. An asterisk followed by a
slash and a hierarchical certifiers name represents everyone certified by
that certifier. For example:
Deny_Access_SPX=Terminations
The users in the Terminations group cannot access the SPX port.
Applies to: Servers
Default: None
UI equivalent: None

Desktop
Syntax: Desktop=path
Description: Use this setting to specify the location of the
DESKTOP5.DSK file used to customize the Notes workspace.
For example, on the Macintosh:
Desktop=Notes:Desktop
For example, in Windows:
DESKTOP=C:LOTUS\NOTES\DESKTOP5.DSK

C-20 Administering the Domino System, Volume 2

Default: None, although if this setting is omitted, Notes looks for the file
DESKTOP5.DSK in the Notes Data directory.
UI equivalent: None

DIIOPConfigUpdateInterval
Syntax: DIIOPConfigUpdateInterval=number of minutes
Description: Specifies the time interval, in minutes, at which DIIOP
should refresh its configuration data from the Domino Directory.
Applies to: Servers
Default: The default value is 3 minutes.
UI equivalent: None

DIIOPCookieCheckAddress
Syntax: DIIOPCookieCheckAddress=value
Description: Modifies the behavior of server-based cookies used with
applets that are downloaded by the domino HTTP server. Set the value
to 1 to enable the checking of client IP addresses for these cookies.
Applies to: Servers
Default: The default value is 0 (disabled), which means that DIIOP will
not require the clients IP address using one of these cookies to match the
IP address of the client to whom the cookie was issued.
Client IP addresses will not match in most cases because the cookie is
issued to the browser using the HTTP protocol, which is typically routed
through proxy servers and therefore the client appears to be the proxy
server. While the user of the cookie is the applet running in the browser,
its network traffic does not go through a proxy server.
UI equivalent: None

NOTES.INI File C-21

Reference

Applies to: Workstations

DIIOPCookieTimeout
Syntax: DIIOPCookieTimeout=number of minutes
Description: Modifies the behavior of server-based cookies used with
applets that are downloaded by the domino HTTP server. It specifies the
time period (number of minutes) for which each cookie is valid. When a
cookie expires it cannot be used to obtain a session with the DIIOP task.
The minimum setting is 1 minute.
Applies to: Servers
Default: The default value is 10 minutes.
UI equivalent: None

DIIOP_Debug_Invoke
Syntax: DIIOP_Debug_Invoke=value
Description: Use for debugging only. It provides a level of logging
beyond that of DIIOPLogLevel. Each transaction that the DIIOP task
receives is logged along with the object ID that was the target, as well as
the session ID. Valid values are:
1 - Show transaction details when a transaction finishes
2 - Show transaction details when a transaction starts
Applies to: Servers
Default: None.
UI equivalent: None

DIIOPDNSLookup
Syntax: DIIOPDNSLookup=value
Description: Specifies that DIIOP should do a DNS name lookup for
every client that connects and uses DIIOP services. This information is
visible when using the server console command show tasks. Set the
value to 1 to enable DNS lookups for clients.
Applies to: Servers
Default: The default value is 0 (disabled).
UI equivalent: None
C-22 Administering the Domino System, Volume 2

Reference

DIIOPIgnorePortLimits
Syntax: DIIOPIgnorePortLimits=value
Description: This parameter is only valid on a Linux platform. It
indicates that DIIOP may use the default ports of 63148 and 63149. On
some Linux installations, the default ports are not available for use and
DIIOP will automatically select ports 60148 and 60149. Set this value to 1
to use the higher numbered ports.
Applies to: Servers
Default: The default value is 0 (use default ports).
UI equivalent: None
Note Prior to Domino 6, this variable was known as
DIIOP_IGNORE_PORT_LIMITS. It is still valid for backwards
compatibility.

DIIOPIORHost
Syntax: DIIOPIORHost=hostname
Description: To have DIIOP advertise its existence using an alternate
hostname or IP address, you can set DIIOPIORHost to an alternate host
name or address other than the server default. The server default is
based on the value specified in the Server document setting Fully
qualified Internet host name.
Applies to: Servers
Default: The default value is to use the setting in the Server document.
UI equivalent: The preferred method of setting this value is through the
Server document, on the DIIOP section of the Internet Protocols tab.
Note Prior to Domino 6, this variable was known as DIIOP_IOR_HOST.
It is still valid for backwards compatibility.

NOTES.INI File C-23

DIIOPLogLevel
Syntax: DIIOPLogLevel=value
Description: This parameter increases the level of information that
DIIOP reports to the server console and to the log. This value can be set
manually by modifying the NOTES.INI directly or it can be set using the
tell diiop log=n command. Possible values are:
0 - Show Errors & Warnings only
1 - Also show informational messages
2 - Also show session init/term messages
3 - Also show session statistics
4 - Also show transaction messages
Applies to: Servers
Default: None.
UI equivalent: None

Dircat_Include_Readerslist_Notes
Syntax: Dircat_Include_Readerslist_Notes=value
Description: When set to 1 the Dircat task aggregates documents that
contain Readers lists. Users that are not in the Readers lists can
nevertheless read these documents in the directory catalog.
Applies to: Servers
Default: None. Without this setting the Dircat task does not aggregate
documents that contain Readers lists. Note that even users who are
included in the Readers list cannot access the documents through the
directory catalog.
UI equivalent: None

C-24 Administering the Domino System, Volume 2

Reference

Directory
Syntax: Directory=path
Description: Specifies the location of the Data directory for Domino or
Notes. This path is originally set during the Install program.
Applies to: Servers and workstations
Default: C:\LOTUS\NOTES\DATA, or the directory specified during
the Install program.
UI equivalent: File - Preferences - User Preferences - Basics - Local
database folder.

Disable_Cluster_Replicator
Syntax: Disable_Cluster_Replicator=value
Description: Use this setting to disable/enable cluster replication.
0 - Cluster replication enabled
1 - Cluster replication disabled
Applies to: Servers
Default: None, but cluster replication is on by default.
UI equivalent: None

Disable_View_Rebuild_Opt
Syntax: Disable_View_Rebuild_Opt=value
Description: Use this setting to enable/disable the view rebuild
optimization feature, which presorts the view entries in temporary files
before inserting them into the view index.
Use the following values for this setting:
0 - Enables
1 - Disables
Applies to: Servers
Default: None, although the view rebuild optimization feature is enabled
in Domino by default.
UI equivalent: None
NOTES.INI File C-25

DisabledPorts
Syntax: DisabledPorts=portname(s)
Description: This setting indicates which ports are disabled for the
server or workstation. Ports are enabled/disabled in Server documents
(servers) and in the User Preferences dialog box (workstations).
Applies to: Servers and workstations
Default: None
UI equivalent: On a workstation, see the Ports tab in the User
Preferences dialog box (choose File - Preferences - User Preferences). On
a server, see the Port tab in the Server document.

DisableLDAPOnAdmin
Syntax: DisableLDAPOnAdmin=value
Description: If set to DisableLDAPOnAdmin=1 prevents the LDAP task
from running on the administration server of the Domino Directory for a
domain. Since this administration server manages the schema and
verifies the directory tree for all servers in the domain that run the LDAP
service, use this setting only if you do not run the LDAP task on any
server in a domain. To disable the LDAP service on the Domino
Directory administration server, you must also remove the LDAP task
from the servers ServerTasks NOTES.INI setting.
To prevent the LDAP task on the Domino Directory administration
server from processing LDAP requests but still allow it to manage the
schema and verify the directory tree for other servers in the domain that
run the LDAP service, disable the ports for the LDAP service on the
administration server.
Applies to: Servers
Default: None
UI equivalent: None

C-26 Administering the Domino System, Volume 2

Reference

Domain
Syntax: Domain=name
Description: On a server, specifies the servers domain. On a
workstation, specifies the domain of the users mail server. This setting
must contain at least one default name.
Applies to: Servers and workstations
Default: The domain specified during the Setup program.
UI equivalent: On a server, the Domain Name field in the Basics tab of
the Server document; on a workstation, the Domain field in the Mail tab
in the users Person document.

DominoNoBanner
Syntax: DominoNoBanner=value
Description: Web pages created with Domino display a Domino banner
in source headers, as follows:
<HTML>
<! Lotus-Domino Release [release number] - [date of release] on
[platform] >
<HEAD>
Use the DominoNoBanner setting to hide/display the banner.
0 - Displays the banner
1 - Hides the banner
Applies to: Servers
Default: 1. Hiding the banner provides greater default security.
UI equivalent: None

NOTES.INI File C-27

DominoNoDirLinks
Syntax: DominoNoDirLinks=value
Description: On a Web server, specifies whether browser users can use
directory links. Options are:
0 - Allow browser users to access directory links.
1 - Prevent browser users from accessing directory links
Applies to: Servers
Default: 0
UI equivalent: None

DominoR5IntlURLDecoding
Syntax: DominoR5IntlURLDecoding=value
Description: Use DominoR5IntlURLDecoding to enable decoding of
international URL strings using a proprietary encoding scheme.
0 - Disables Domino 5 international URL decoding
1 - Enables Domino 5 international URL decoding
Applies to: Servers
Default: 0. By default, Domino 6 encodes URLs according to the IRI
(International Resource Identifiers) standard and does not decode URL
strings encoded by Domino 5.
UI equivalent: None

DominoXURLProcess
Syntax: DominoXURLProcess=value
Description: Use DominoXURLProcess to enable a Domino Web servers
URL command parser to accept ! as an alternative query component
separator.
0 - Disables ! as an alternative query component separator
1 - Enables ! as an alternative query component separator
Applies to: Servers
Default: 0. By default, Domino does not recognize ! as an alternative
query component separator.
UI equivalent: None
C-28 Administering the Domino System, Volume 2

Reference

DST
Syntax: DST=value
Description: Specifies that a server or workstation observe daylight
saving time:
0 - Do not observe daylight saving time
1 - Observe daylight saving time
When you select this option, the created/modified time for documents
created or modified from the first Sunday in April through the last
Sunday in October are time-stamped one hour later than the servers
system time. This option lets you adjust for daylight saving time without
changing the actual system time.
Applies to: Servers and workstations
Default: 1 (observe daylight saving time)
UI equivalent: On a workstation, Daylight saving time field in the Basics
tab in the Advanced tab in the Location document; on a server, Daylight
saving time field in the Server document.
For information on additional ways to adjust the time stamp for daylight
saving, see the topics DST_Begin_Date, DST_End_Date, and
DSTlaw in this chapter.

DSTlaw
Syntax: DSTlaw=begin_month, begin_week, begin_day, end_month,
end_week, end_day
Description: Specifies when daylight saving time (DST) is observed. By
default, the DST period is defined as the first Sunday in April to the last
Sunday in October. (This is the period during which DST is observed in
the United States.) The variables begin_month, begin_week, and begin_day
define the month, week, and day, respectively, when DST begins. The
variables end_month, end_week, and end_day define when DST ends.
Months are 1 (January) through 12 (December); weeks are 1 through 4;
days are 1 (Sunday) through 7 (Saturday). You can use negative numbers
to specify the weeks, where -1 is the last week of the month, -2 is the
second to last week, and so on. For example:
DSTlaw=4 1 1 10 -1 1
Defines DST as beginning in April (4), on the first week (1), on
Sunday (1); and ending in October (10), on the last week (-1), on
Sunday (1).
NOTES.INI File C-29

Applies to: Servers and workstations


Default: DSTlaw=4,1,1,10, -1,1 (The first Sunday in April to the last
Sunday in October)
UI equivalent: None
For information on additional ways to adjust the time stamp for daylight
saving, see the topics DST, DST_Begin_Date, and DST_End_Date
in this chapter.

DST_Begin_Date
Syntax: DST_Begin_Date=date
Description: date is the date when daylight saving time will begin,
specified in dd/mm/year format.
In most cases, this parameter is not necessary. Some regions of the world
do not recognize the beginning of daylight saving time on the first
Sunday in April. If your server is in a region where this is true, use this
parameter to specify the exact date when DST begins. Use this setting
along with DST_End_Date, which specifies when daylight saving time
ends.
Applies to: Servers
Default: None, although if this setting is omitted, daylight saving time
begins the first Sunday in April.
UI equivalent: None
For information on additional ways to adjust the time stamp for daylight
saving, see the topics DST, DST_End_Date, and DSTlaw in this
chapter.

DST_End_Date
Syntax: DST_End_Date=date
Description: date is the date when daylight saving time will end,
specified in dd/mm/year format.
In most cases, this parameter is not necessary. Some regions of the world
do not recognize the ending of daylight saving time as the last Sunday in
October. If your server is in a region where this is true, use this
parameter to specify the exact date when DST will end. Use this setting

C-30 Administering the Domino System, Volume 2

Applies to: Servers


Default: None, although if this setting is omitted, daylight saving time
ends the last Sunday in October.
UI equivalent: None
For information on additional ways to adjust the time stamp for daylight
saving, see the topics DST, DST_Begin_Date, and DSTlaw in this
chapter.

EditExpnumber
Syntax: EditExpnumber=value1, value2, value3, value4, value5...
Description: Settings used for file exports done at the document level.
These are valid values:
Parameter

Enter

value1

Program name and file type

value2

The following append options:


0 - No append option offered
1 - Append option offered through a dialog box
2 - Automatically write to a temporary file to avoid the 64K limit

value3

Name of the export routine called

value4

Not currently used

value5 - x

File extensions to automatically select a file type in the File Export


dialog box

Applies to: Workstations


Default: None
UI equivalent: None

NOTES.INI File C-31

Reference

along with DST_Begin_Date, which specifies when daylight saving time


begins.

EditImpnumber
Syntax: EditImpnumber=value1, value2, value3, value4, value5
Description: Settings used for file imports done at the document level.
The following are valid values:
Parameter

Enter

value1

Program name and version

value2

Not used; always 0

value3

Name of the import routine called

value4

Not currently used

value5 - x

File extensions to automatically select a file type in the File Import


dialog box

Applies to: Workstations


Default: None
UI equivalent: None

EmptyTrash
Syntax: EmptyTrash=value
Description: Specifies when and how the Trash folder will be purged of
documents marked for deletion. Options are:
0 - Prompt the user before closing the database
1 - Always empty the Trash folder before closing the database
2 - Empty the Trash folder manually
Applies to: Workstations
Default: 0
UI equivalent: File - Preferences - User Preferences - Basics - Empty
Trash folder.

C-32 Administering the Domino System, Volume 2

Reference

Enable_ACL_Files
Syntax: Enable_ACL_Files=value
Description: Specifies whether to enable ACL file checking on a server.
ACL files are an option for protecting server directories, and contain the
names of users authorized to access those directories. Servers in xSP
configurations enable this feature by default. In an xSP configuration, an
individual ACL file is automatically created for each individual hosted
organization, to prevent users in one hosted organization from traversing
a directory that belongs to another hosted organization.
0 - Disable ACL file checking
1 - Enable ACL file checking
Applies to: Servers
Default: For non-xSP configurations, this variable is set to 0 (disabled).
For xSP configurations, it is set to 1 (enabled).
UI equivalent: None

EnableBiDiNotes
Syntax: EnableBiDiNotes=value
Description: Turns On/Off the support for BiDirectional Languages
(Arabic, Hebrew).
0 - Turns BiDirectional support off
1 - Turns BiDirectional support on
Applies to: Workstations
Default: 0 (off)
UI equivalent: None

NOTES.INI File C-33

ExtMgr_AddIns
Syntax: ExtMgr_AddIns=value1, value2, value3...
Description: Defines the list of add-in files for the Extension Manager.
Domino or Notes reads this variable on initialization and then attempts
to load the specified library or libraries. For example:
ExtMgr_AddIns=logdll,amgrdll
In addition, you can use ExtMgr_AddIns to add one or more custom
Extension Manager applications. The name of the add-in file may begin
with the platform specifier character N under Windows. This character
may be omitted when using the ExtMgr_AddIns setting.
Applies to: Servers and workstations
Default: None
UI equivalent: None

FileDlgDirectory
Syntax: FileDlgDirectory=path
Description: Specifies the default directory for all file searches. If you
specify this setting, Domino looks only in the specified location.
Applies to: Servers
Default: None, although if this setting is omitted, Domino searches the
Domino Data directory.
UI equivalent: None

Fixup_Tasks
Syntax: Fixup_Tasks=number of tasks
Description: Specifies the maximum number of Fixup tasks that are
created at server startup. A Fixup task performs a consistency check on
any database that requires it. Server initialization continues while Fixup
tasks run.
Applies to: Servers
Default: Twice the number of CPUs on the system.
UI equivalent: None
C-34 Administering the Domino System, Volume 2

Syntax: FT_DOMAIN_DIRECTORY_NAME=directory
Description: Allows users and administrators to select the location and
name of the domain index. By default, the domain index is located in the
Domino data directory and is named FTDOMAIN.DI. If an alternate
location is specified using this setting, Domino will support directory
links and index relocation.
Applies to: Servers
Default: None. If this setting is omitted, the domain index is located in
the Domino data directory.
UI equivalent: None

FT_Domain_Idxthds
Syntax: FT_DOMAIN_IDXTHDS=number of threads
Description: Specifies the number of indexing threads to use for Domain
Search. Using more threads lets the Domain Catalog server index more
files simultaneously, but requires more CPU utilization, and response to
search queries may be slow. With fewer indexing threads, search speeds
up because of greater CPU availability, but changes are not reflected in
the index as quickly.
Applies to: Servers
Default: None, although if this setting is omitted, the default number of
threads used is two per CPU. For example, a server with two CPUs uses
four indexing threads by default when indexing. Do not exceed eight
threads per server or you may degrade the performance of the server,
even on servers with more than four CPUs.
UI equivalent: None

NOTES.INI File C-35

Reference

FT_Domain_Directory_Name

FT_Index_Attachments
Syntax: FT_Index_Attachments=value
Description: Specifies whether to exclude types of document
attachments in the Domain Index that are not already excluded by
default. A value of 1 includes these document attachments in the index,
and a value of 2 excludes them. The following types of attachments are
excluded from the Domain Index by default: .au, .cca, .dbd, .dll, .exe, .gif,
.img, .jpg, .mp3, .mpg, .mov, .nsf, .ntf, .p7m, .p7s, .pag, .sys, .tar, .tif,
.wav, .wpl, .zip.
Applies to: Servers
Default: 1
UI equivalent: None

FT_Intl_Setting
Syntax: FT_Intl_Setting=language
Description: Imposes several limitations on full text functionality to let
Notes work properly with the Japanese language. When enabled (set to
1), this setting turns off stemming, makes all full text indexes
case-sensitive, and ignores the setting for the stop word file.
Applies to: Workstations
Default: None
UI equivalent: None

FT_Max_Search_Results
Syntax: FT_Max_Search_Results=number of entries
Description: Specifies the maximum number of results (up to
2147483647) that can be retrieved at one time on a database without any
index. For example:
FT_Max_Search_Results=10000
allows a single NotesDatabase or NotesDocumentCollection
FTSearch to return up to 10000 entries.
Applies to: Servers and workstations
Default: 5000
UI equivalent: None
C-36 Administering the Domino System, Volume 2

Reference

FT_No_Compwintitle
Syntax: FT_No_Compwintitle=value
Description: Specifies whether the Domain Catalog server computes the
window titles for documents that are returned by a search.
XXX - Computes document window titles
1 - Omits the computation of document window titles, thus
conserving CPU.
Applies to: Servers
Default: XXX
UI equivalent: None

FTG_No_Summary
Syntax: FTG_No_Summary=value
Description: Specifies whether document summaries can be displayed in
search results. If you use server access lists within a domain to limit
access to information, you might need to check the ACLs of databases on
those servers to ensure that results are filtered. Otherwise, a search might
return a result to a user who cannot access the result document. If the
Domain Catalog server is on a Windows system, search results can
include document summaries whereby users might be able to discern
confidential information. If you are running Domino on Windows and
are not sure that you can properly maintain database ACLs to prevent
this, you might want to disable document summaries by using this
setting in the Domain Catalog servers NOTES.INI file.
XXX - Allows the display of document summaries in search results.
1 - Prevents the display of document summaries in search results.
Applies to: Servers
Default: XXX
UI equivalent: None
For information on Domain Search security, see the chapter Setting Up
Domain Search.

NOTES.INI File C-37

FT_Summ_Default_Language
Syntax: FT_Summ_Default_Language=value
Description: Specifies the language for a document summary in search
results whenever the language in the document is not supported. Valid
values (supported languages) are as follows. If a locales native language
is not supported, use a value of NULL or english.

bokmal

danish

default (You can use this value for the locales native language, if
supported.)

dutch

english

finnish

french

german

italian

NULL (English will be the language used.)

nynorsk

portugue (Use this value for the Portuguese language.)

spanish

swedish
Applies to: Workstations
Default: None
UI equivalent: None

Health_Report_Purge_After_N_Days
Syntax: Health_Report_Purge_After_N_Days=N
Description: Used for server health monitoring. N is the number of days
that historical documents remain in the database. By default, historical
reports are purged from the database after seven days. To override the
default, add this variable to the NOTES.INI file, and specify the number
of days for which historical documents remain in the database.
Applies to: Servers
Default: 7 (days)
UI equivalent: None
C-38 Administering the Domino System, Volume 2

Reference

HTTPEnableConnectorHeaders
Syntax: HTTPEnableConnectorHeaders=value
Description: Enables the Domino HTTP task to process special headers
that are added to requests by a WebSphere 4.0.3 plug-in installed on a
foreign Web server. When the plug-in relays an HTTP request to the
Domino back-end server, the plug-in adds headers that include
information about the front-end servers configuration and user
authentication status. As a security measure, the HTTP task ignores these
headers if the setting is not enabled. This prevents an attack via plug-in
mimicking.
0 - The Domino HTTP task does not process the special headers.
1 - The Domino HTTP task does process the special headers.
Applies to: Servers
Default: 0
UI equivalent: None

HTTPLogUnauthorized
Syntax: HTTPLogUnauthorized=value
Description: When set to 1, the Web Server logs Error 401 instances to
the server console. These instances are generated in two cases:

A user attempts to access a resource but is not authorized for it

A user has failed to authenticate

Applies to: Servers


Default: None. Without this setting, Error 401 instances are not logged to
the server console. With or without this setting, Error 401 instances are
logged to the Web Server logs.
UI equivalent: None

NOTES.INI File C-39

ICMNotesPort
Syntax: ICMNotesPort=port name
Description: Specifies the name of the Notes network port for TCP/IP
that you are linking the Internet Cluster Manager (ICM) service with.
This setting is required for a partitioned server hosting the ICM service,
and for a single server hosting that service if the server has more than
one Notes port for TCP/IP.
Applies to: Servers
Default: None
UI equivalent: None

IMAILExactSize
Syntax: IMAILExactSize=value
Description: Specifies that the IMAP service report the exact size of a
MIME message when requested by a client.
0 - The IMAP service estimates the message size
1 - The IMAP service reports the exact message size
By default, the IMAP service estimates the message size. This helps
improve server performance. Set this to 1 only if clients require the exact
size.
Applies to: Servers
Default: 0
UI equivalent: None

IMAP_Config_Update_Interval
Syntax: IMAP_Config_Update_Interval=number of minutes
Description: Specifies in minutes how frequently the IMAP server checks
for configuration changes made to the Domino Directory.
Applies to: Servers
Default: None, although the update interval is 2 minutes if this setting is
not included in NOTES.INI file.
UI equivalent: None
C-40 Administering the Domino System, Volume 2

IMAP_Convert_Nodisable_Folder_Refs
Syntax: IMAP_Convert_Nodisable_Folder_Refs=value
Description: Specifies whether the mail conversion utility (CONVERT)
preserves folder references when updating mail files for use with the
Domino 6 IMAP service.
0 (or variable not set) - The conversion process disables folder
references.
1 - The conversion process preserves folder references
Applies to: Servers
Default: None, although without this setting, Domino removes folder
references during conversion.
UI equivalent: None.
In earlier releases of Domino, the IMAP service used folder references in
the mail template to retrieve IMAP folder and message data. Because the
Domino 6 IMAP service does not use folder references, and preserving
folder references retards IMAP performance, by default, when you run
the mail conversion utility (CONVERT) to prepare mail files for IMAP
use, it removes folder references from the converted mail files.
Set this variable only in environments where Domino applications other
than the IMAP service use folder references in mail files to track
information. When this variable is set, folder references are preserved
during all mail file conversions, whether performed manually from the
server console, or automatically as the result of an IMAP user logging in
to the IMAP service for the first time. Following conversion, the IMAP
folder and message data maintained by folder references is initially
synchronized with the Domino 6 IMAP information. However, as the
Router delivers new messages to the mail file, folder references are not
updated.

NOTES.INI File C-41

Reference

Certain IMAP properties are not dynamically configured and require


you to shut down and restart the service before they go into effect. Also,
a given IMAP session uses whatever properties were in effect at the time
the session began for the duration of that session; configuration changes
apply only to IMAP sessions started after the update occurs.

IMAPDisableFTIImmedUpdate
Syntax: IMAPDisableFTIImmedUpdate=value
Description: Specifies whether or how the IMAP server will do an
immediate FTI update after a new message is appended. This is required
for searching for new messages immediately.
1 - Suppress the update request (by default, the update suppression
time is 15 minutes)
2 - Disable FTI update
Applies to: Servers
Default: The IMAP server does an immediate FTI update after a new
message is appended.
UI equivalent: None

IMAPDisableMsgCache
Syntax: IMAPDisableMsgCache=value
Description: Specifies whether the IMAP server will cache the last
fetched message.
1 - Disable the cache
Applies to: Servers
Default: The IMAP server caches the last fetched message.
UI equivalent: None

IMAPGreeting
Syntax: IMAPGreeting=greeting
Description: Customizes the greeting the IMAP server sends to clients
connecting over TCP/IP.
Applies to: Servers
Default: None, although without the setting the following greeting is
used:
* OK Domino IMAP4 Server V5.0 ready Mon, 10 May 1999
17:57:13 -0500

UI equivalent: None
C-42 Administering the Domino System, Volume 2

Reference

IMAPNotesPort
Syntax: IMAPNotesPort=port name
Description: Specifies the name of the Notes network port for TCP/IP that
you are linking the IMAP service with. This setting is required for a
partitioned server hosting IMAP, and for a single server hosting it if the
server more than one Notes port for TCP/IP.
Applies to: Servers
Default: None
UI equivalent: None
For information on binding an Internet service to an IP address, see the
chapter Setting Up the Domino Network.

IMAPRedirectSSLGreeting
Syntax: IMAPRedirectSSLGreeting=greeting
Description: Customizes the message the IMAP server sends to clients
attempting to connect over TCP/IP when the TCP/IP port is configured
to Redirect to SSL.
Applies to: Servers
Default: None, although without the setting the following greeting is
used:
IMAP Server configured for SSL Connections only. Please
reconnect using the SSL Port portnumber.

UI equivalent: None

IMAP_Session_Timeout
Syntax: IMAP_Session_Timeout=number of minutes
Description: Specifies when the IMAP server drops idle IMAP client
sessions. We recommend specifying a setting greater than ten minutes;
many IMAP clients poll for new mail every ten minutes and the
overhead of supporting idle session is less than the overhead required to
support clients logging on and opening mailboxes.

NOTES.INI File C-43

Applies to: Servers


Default: None, although without this setting, the server drops idle
sessions after 30 minutes.
UI equivalent: None

IMAPShowIdleStatus
Syntax: IMAPShowIdleStatus=value
Description: If enabled, the command sh task at the server console will
show idle IMAP threads.
1 - Enable the display of idle IMAP threads
Applies to: Servers
Default: Off
UI equivalent: None

IMAPSSLGreeting
Syntax: IMAPSSLGreeting=greeting
Description: Customizes the greeting the IMAP server sends to clients
connecting over SSL.
Applies to: Servers
Default: None, although without the setting the following greeting is
used:
* OK Domino IMAP4 Server V4.6 ready Mon, 12 May 1997
17:57:13 -0500

UI equivalent: None

Incoming Mail Sound


Syntax: Incoming Mail Sound=path\file
Description: Specifies the tune that plays when mail arrives. The file is a
sound file, usually a WAV file.
Note In Domino 5 the name of this setting is NewMailTune.

C-44 Administering the Domino System, Volume 2

Default: None
UI equivalent: The Play a Sound field on the Mail tab in the User
Preferences dialog box (choose File - Preferences - User Preferences.)

INET_Authenticate_with_Secondary
Syntax: INET_Authenticate_with_Secondary=value
Description: Allows a Domino POP3 server to use passwords stored in
directories other than the primary for services other than HTTP, such as
LDAP, IMAP, and POP3.
0 - Disables this setting.
1 - Enables this setting
Applies to: Servers
Default: 1
UI equivalent: None

InstallType
Syntax: InstallType=value
Description: Identifies the type of Notes client installed, as follows:
0 - Designer License Type
1 - Administration License Type
2 - Designer and Administration License Type
This line is updated when you perform an incremental setup after
installing Notes 5.
Applies to: Workstations
Default: None
UI equivalent: None

NOTES.INI File C-45

Reference

Applies to: Workstations

JavaEnableJIT
Syntax: JavaEnableJIT=value
Description: Enables the default JIT if one is provided. Specify 1 as the
JavaEnableJIT value to allow normal loading of the default JIT.
Caution JITs can be unstable and lead to unexpected crashes.
Applies to: Servers
Default: 0
UI equivalent: None

JavaJITName
Syntax: JavaJITName=name
Description: Enables the specified JIT. You must provide the named JIT
or an error is reported by the Java Virtual Machine (JVM), although
execution continues without the named JIT. Use the JavaJITName setting
to load a JIT other than the default JIT (if one is provided).
Caution JITs can be unstable and lead to unexpected crashes.
Applies to: Servers
Default: None
UI equivalent: None

JavaMaxHeapSize
Syntax: JavaMaxHeapSize=number of bytes
Description: Specifies the maximumnot initialsize the Java heap can
reach. The Java Virtual Machine (JVM) starts out at 16MB of heap space
and most of it is uncommitted. If the JVM needs more heap than it
currently has, it will expand the heap in increments but will not exceed
the maximum. Exceptions such as java.lang.OutOfMemoryError
indicate that a heap has reached its maximum size. You can specify the
number of bytes directly or use the suffix MB to indicate megabytes,
for example, specifying 64MB is the same as specifying 67108864.
Applies to: Servers
Default: 64MB
UI equivalent: None
C-46 Administering the Domino System, Volume 2

Reference

JavaMinHeapSize
Syntax: JavaMinHeapSize=number of bytes
Description: Specifies the initial size of the Java heap at Java Virtual
Machine (JVM) startup. If the JVM needs more heap than it currently has,
it will expand the heap in increments but will not exceed the maximum.
You can specify the number of bytes directly or use the suffix MB to
indicate megabytes, for example, specifying 16MB is the same as
specifying 16777216.
Applies to: Servers
Default: 16MB
UI equivalent: None

JavaNoAsyncGC
Syntax: JavaNoAsyncGC=value
Description: Prevents the Java Virtual Machine (JVM) from running the
garbage collection (GC) mechanism in a separate background thread.
Specify 1 as the JavaNoAsyncGC value to debug internal JVM problems.
Applies to: Servers
Default: 0
UI equivalent: None

JavaNoClassGC
Syntax: JavaNoClassGC=value
Description: Prevents the garbage collection (GC) mechanism of classes,
which protects static fields. Specify 1 as the value to enable the
JavaNoClassGC setting.
Applies to: Servers
Default: 0
UI equivalent: None

NOTES.INI File C-47

JavaStackSize
Syntax: JavaStackSize=number of bytes
Description: Specifies the size of each Java threads execution stack. You
may need to increase the default number of bytes if you need
deeply-nested call stacks, but otherwise you should not need to change
the default.
Applies to: Servers
Default: 409600
UI equivalent: None

JavaUserClasses
Syntax: JavaUserClasses=list
Description: Allows code-sharing across agents and applets. The value
list is a list of directories, JAR files, or ZIP files that are added to the Java
Virtual Machines internal classpath so that classes can be found via the
system loader (rather than via attachment to the agent or applet). Note
that this doesnt replicate and requires access to the file system on the
server.
Use a semicolon (;) to separate list items for Win32 and OS/2 systems
and use a colon (:) to separate list items for UNIX systems; for example, a
valid list for Win32 is:
c:\classes;d:\appxyz\stuff.jar

Applies to: Servers


Default: None
UI equivalent: None

JavaVerbose
Syntax: JavaVerbose=value
Description: Enables the verbose setting of the Java Virtual Machine
(JVM), which causes the JVM to issue many messages while it runs.
Specify 1 as the JavaVerbose value to troubleshoot runtime problems.
Applies to: Servers
Default: 0
UI equivalent: None
C-48 Administering the Domino System, Volume 2

Reference

JavaVerboseGC
Syntax: JavaVerboseGC=value
Description: Enables the verbose setting of the garbage collection (GC)
mechanism in Java Virtual Machine (JVM), which causes the JVM to
issue many messages about memory usage as GC runs. Specify 1 as the
JavaVerboseGC value to enable this setting.
Applies to: Servers
Default: 0
UI equivalent: None

KeyFileName
Syntax: KeyFileName=path
Description: Specifies the location of the server ID or the user ID file.
This setting lets an administrator use one ID to run the server. For
example:
On Macintosh, KeyFileName=Notes:JForgo.ID
On UNIX, KeyFileName=/home/server1/notes/kbowker.id
On Windows, KeyFileName=C:\Lotus\Notes\DMccarrick.ID
For information on specifying a server ID file for a machine that runs
both the Notes workstation and Domino server programs, see the topic
ServerKeyFileName later in this chapter.
Applies to: Servers and workstations
Default: The ID for the administrator that you specify when you set up
the server.
UI equivalent: None

NOTES.INI File C-49

KitType
Syntax: KitType=value
Description: Specifies which program you are running:
1 - Workstation
2 - Server
Applies to: Servers and workstations
Default: Specified during the Install program. You can install the
workstation, the server, or both the workstation and server. The value
when you install the server and workstation on the same machine is 2.
UI equivalent: None

LANnumber
Syntax: LANnumber=port_driver, unit_ID, not_used, buffer_size
Description: Specifies information about network ports on servers and
workstations. For example:
LAN0=spx, 1, , 2000
LAN1=netbios, 0, 15, 2000, , 12288
The LAN0 port is configured for an SPX network connection. The LAN1
port is configured for a NetBIOS connection and contains additional port
setup information. Exclude the _ or i prefix and the .DLL extension from
the port driver name.
Applies to: Servers and workstations
Default: Specified during the Install program.
UI equivalent: On a workstation, File - Preferences - User Preferences Ports; on a server, the Ports tab in the Server document.

C-50 Administering the Domino System, Volume 2

Reference

LDAPBatchAdds
Syntax: LDAPBatchAdds=value
Description: Specifies which views in the Domino Directory the LDAP
service updates after processing an LDAP write operation:
0 - After a write operation the LDAP service updates all the Domino
Directory views it uses
1 - After a write operation the LDAP service updates only the
($LDAPRDNHier) view and waits for the Update task to update the
other views it uses
Use LDAPBatchAdds=1 before doing batch LDAP adds of 100 entries or
more so that so that the additions are processed more quickly. When the
LDAP adds are complete, immediately remove the setting or change it
back to LDAPBatchAdds=0. Failure to immediately remove or change
this setting back to 0 after completing the batch processing will cause
subsequent LDAP operations to be unreliable.
Applies to: Servers
Default: None, although without this setting, after processing an LDAP
write operation the LDAP service updates all the views it uses.
UI equivalent: None

LDAPConfigUpdateInterval
Syntax: LDAPConfigUpdateInterval=number of minutes
Description: Specifies the interval at which the LDAP service detects and
puts into effect changes to these configuration settings:

Settings in the domain Configuration Settings document except


Choose fields that anonymous users can query via LDAP and
Allow LDAP users write access

NOTES.INI settings related to the LDAP service set through the Set
Configuration command

LDAP activity logging settings on the Activity Logging tab of a


Configuration Settings document

NOTES.INI File C-51

You must always restart the LDAP task to put into effect changes to these
settings:

Choose fields that anonymous users can query via LDAP

Allow LDAP users write access

Port and port security settings on the Ports - Internet Ports Directory tab.

Applies to: Servers


Default: Without this setting the interval is three minutes.
UI equivalent: None

LDAPGroupMembership
Syntax: LDAPGroupMembership=value
Description: The LDAP service always searches Domino groups
specified as Multi-purpose, Access Control List only, Servers only,
or Deny List only groups because it can do so quickly. However
because searches of Domino groups specified as Mail only groups or of
groups that do not have a value for the GroupType attribute can be slow,
by default the LDAP service does not always search these types of
groups. The LDAP service does not search these types of groups if a
search query meets all of the following criteria, indicating a query that is
typically used for authentication:

A search query uses the equality filter objectclass=value, where value


is one of these object classes: groupOfNames, groupOfUniqueNames,
dominoGroup, or group.

A search query uses an equality filter with one of these attributes:


member, uniqueMember, or members.

The two filters above are concatenated using the AND operator.

For example, by default the LDAP service does not search Domino Mail
only groups and groups that do not have values for the GroupType
attribute if search queries such as these are specified:

(&(objectclass=dominoGroup)(member=cn=jack
brown,o=acme))

(|(&(objectclass=groupOfUniqueNames)(uniqueMember=cn=
jackbrown,o=acme))(&(objectclass=groupOfNames)(member=
cn=jack brown,o=acme)))

C-52 Administering the Domino System, Volume 2

(&(objectclass=dominoGroup)(member=*br*))

(member=cn=jack brown,o=acme)

(|(&(objectclass=dominoGroup)(member=cn=jack
brown,o=acme))(cn=*groupname*))

To change the LDAP service default behavior for group searches, specify
one of these values for this setting:
1 - Always search all groups that meet specified search criteria. If
you choose this setting, full-text indexing the directory is
recommended to improve the speed of searches of Domino Mail
only groups and groups that do not use the GroupType attribute.
2 - Never search Domino Mail only groups or groups that do not
use the GroupType attribute.
Note In Domino 5 the name of this setting is
LDAP_MailOnlyGroupOption. The name has been changed
in Domino 6 for clarity. However, you can use either setting name.
Applies to: Servers
Default: None
UI equivalent: None

LDAPNotesPort
Syntax: LDAPNotesPort=port name
Description: Specifies the name of the Notes network port for TCP/IP that
you are linking the LDAP service with. This setting is required for a
partitioned server hosting LDAP, and for a single server hosting it if the
server more than one Notes port for TCP/IP.
Applies to: Servers
Default: None
UI equivalent: None
For information on binding an Internet service to an IP address, see the
chapter Setting Up the Domino Network.

NOTES.INI File C-53

Reference

However, by default the LDAP service does search these groups if search
queries such as these are specified:

LDAPPre55Outlook
Syntax: LDAPPre55Outlook=value
Description: If set to LDAPPre55Outlook=1, if the LDAP service receives
a search query that specifies country (c=xx) as a search base, it converts
the search base to root (). This setting is designed for use with pre-5.5
Microsoft Outlook Express clients which, when users dont specify a
search, automatically use the country associated with the software
version as a search base. Since its likely that pre-5.5 users who dont
specify a search base intend a root search rather than one using the
client-supplied country search base, use this setting if the clients that use
the LDAP service are primarily pre-5.5 Microsoft Outlook Express
clients.
Applies to: Servers
Default: None
UI equivalent: None

Location
Syntax: Location=location_name
Description: Identifies the users current location.
Applies to: Workstations
Default: None
UI equivalent: File - Mobile - Choose Current Location.

C-54 Administering the Domino System, Volume 2

Syntax: Log=logfilename, log_option, not_used, days, size


Description: Specifies the contents of the log file and controls other
logging actions:
Parameter

Value

logfilename

The log database file name, usually LOG.NSF

log_option

Log options:
1 - Log to the console
2 - Force database fixup when opening the log file
4 - Full document scan

not_used

Always set to zero; this parameter is not currently used

days

The number of days to retain log documents

size

The size of log text in event documents

For example:
Log=LOG.NSF,1,0,7,20000

The log file (LOG.NSF) is deleted in seven days and can contain up
to 20,000 bytes. All log information is also sent to the console.
Applies to: Servers
Default: Log=LOG.NSF,1,0,7,40000
UI equivalent: None

Log_AgentManager
Syntax: Log_AgentManager=value
Description: Specifies whether or not the start of agent execution is
recorded in the log file and shown on the server console:
0 - Do not log agent execution events
1 - Log agent execution events (partially and completely successful)
2 - Log agent execution events (completely successful only)
Applies to: Servers
Default: None
UI equivalent: None, although you can specify this setting in the
NOTES.INI Settings tab of the Configuration Settings document in the
Domino Directory.
NOTES.INI File C-55

Reference

Log

Log_Authentication
Syntax: Log_Authentication=value
Description: Specifies whether or not authentication logging is enabled
on the server. To enable authentication logging, set Log_Authentication
to a value of 1.
For example, if you specify the following NOTES.INI settings:
Log_Authentication=1 (to enable logging)
Debug_Console=1 (to write output to the console window)
Debug_Outfile=c:\debug\debug.txt (to write output to the specified
text file)
this is sample output from client NOTES.INI:
Authenticate: CN=CLEVES01/OU=Cleveland/OU=A/O=Acme
T:64 E:1: S:64:22 A:4:1 L:N:N:N
Authenticate: CN=ACCOUNT/OU=Memphis/OU=A/O=Acme
T:64 E:1: S:64:22 A:4:1 L:N:I:N
Authenticate: CN=CLEVES02/OU=Cleveland/OU=A/O=Acme
T:128 E:1: S:128:22 A:4:1 L:N:N:N
and this is sample output from server NOTES.INI:
Authenticate: CN=Jane Ochoa/O=Acme
T:128 E:1: S:128:22 A:4:1 L:N:N:N
You can use the following table to interpret the output.
Field

Description

Ticket Width
Examples of values are 64 and 128.

Encryption Bit
Examples of values are 1 (Encrypted), 0 (Not encrypted), and 1:e
(Escrow for International).

Encryption Strength
The first value is the key length; for example, 128, 64, and 40.
The second value is the algorithm; for example, 22 (RC4) and 2F (RC2).
continued

C-56 Administering the Domino System, Volume 2

Reference

Field

Description

Algorithm
Examples of values are 4:1 (RC4) and 2:0 (RC2).

License Info
The first value applies to the local ID (that is, local client or server); the
second value applies to the remote ID (that is, the server); and the third
value applies to the version of local software. Examples of values are N
(North American/Global) and I (International).

Applies to: Servers and workstations


Default: None
UI equivalent: None

Log_Connections
Syntax: Log_Connections=value
Description: Specifies whether or not connection logging is enabled on
the server. When connection logging is enabled, the server console
displays the Notes network port, the network address of the requesting
system, and the network address of the destination server.
0 - Do not log connections
1 - Log connections
Applies to: Servers
Default: None
UI equivalent: None, although you can specify this setting in the
NOTES.INI Settings tab of the Configuration Settings document in the
Domino Directory.

Log_Console
Syntax: Log_Console=value
Description: Security administrators can use this setting to enforce the
logging of server console command output, which can otherwise be
prevented if the command is prefixed with an exclamation point (!).
0 - Console command logging turned off
1 - Console command output logged, unless its prefixed with an
exclamation point
NOTES.INI File C-57

2 - Console command output logged, whether prefixed with the !


or not
Applies to: Servers
Default: None, but in the absence of this setting console command
output is logged unless its prefixed with an exclamation point.
UI equivalent: None

Log_DirCat
Syntax: Log_DirCat=value
Description: Controls which information related to the Directory
Cataloger task is logged to the console and to the Miscellaneous Events
view of the log file (LOG.NSF):
1 - Logs when the Directory Cataloger starts and finishes, the name
and domain of each source Domino Directory as it is aggregated, the
number of entries processed.
3 - Logs same information as 1, except in addition, logs the names of
all entries processed. Using 3 is not recommended because it slows
performance and fills the log file. If you do use 3, use it only
temporarily.
Applies to: Servers
Default: None, although without this setting the log file only shows
when the Directory Cataloger starts.
UI equivalent: None

LogFile_Dir
Syntax: LogFile_Dir=directoryname
Description: Specifies the directory for the Console Log file
(CONSOLE.LOG, by default). If both this setting and the
Debug_Outfile setting exist and Debug_Outfile contains a fully
qualified path name, then LogFile_Dir is not used. If neither
Debug_Outfile or LogFile_Dir exist, then the default path
\DATADIRECTORY\IBM_TECHNICAL_SUPPORT is used.

C-58 Administering the Domino System, Volume 2

Reference

Applies to: Servers


Default: None
UI equivalent: None

Log_Replication
Syntax: Log_Replication=value
Description: Specifies the level of logging of replication events
performed by the current server:
0 - Do not log replication events
1 - Log that a database is replicating
2 - Log summary information about each database
3 - Log information about each replicated document (both design
and data documents)
4 - Log information about each replicated field
Applies to: Servers
Default: None
UI equivalent: None, although you can specify this setting in the
NOTES.INI Settings tab of the Configuration Settings document in the
Domino Directory.

Log_Sessions
Syntax: Log_Sessions=value
Description: Specifies whether individual sessions are recorded in the
log file and displayed on the console:
0 - Do not log individual sessions
1 - Log individual sessions
Applies to: Servers
Default: None
UI equivalent: The Log All Client Events setting that is an Advanced
server Setup option. You can also specify this setting in the NOTES.INI
Settings tab of the Configuration Settings document in the Domino
Directory.

NOTES.INI File C-59

Log_Tasks
Syntax: Log_Tasks=value
Description: Specifies whether the current status of server tasks is
recorded in the log file and displayed on the console:
0 - Do not send status information
1 - Send the status of server tasks to the log file and to the console
Applies to: Servers
Default: None
UI equivalent: None, although you can specify this setting in the
NOTES.INI Settings tab of the Configuration Settings document in the
Domino Directory.

Log_Update
Syntax: Log_Update=value
Description: Specifies the level of detail of Indexer events displayed at
the server console and in the log file:
0 - Records when the Indexer starts and shuts down.
1 - Records when the Indexer starts and shuts down and when the
Indexer updates views and full text indexes for specific databases.
2 - Records when the Indexer starts and shuts down and when the
Indexer updates views and full text indexes for specific databases.
Also records the names of views the Indexer is updating.
Applies to: Servers
Default: None
UI equivalent: None

C-60 Administering the Domino System, Volume 2

Reference

Log_View_Events
Syntax: Log_View_Events=value
Description: Specifies whether messages generated when views are
rebuilt are recorded in the log file:
0 - Do not log messages when views are rebuilt
1 - Log messages when views are rebuilt
Removing this setting from the NOTES.INI file also disables logging of
these messages.
Applies to: Servers
Default: None
UI equivalent: None

MailCharSet
Syntax: MailCharSet=value
Description: Specifies the character set a POP3 server uses when
downloading mail messages to a POP3 client. value corresponds to a
character set as follows:
Character set group

Language: Encoding
character set

MIME name

MailCharSet
value

Western

Codepage 1252

usascii

82

Western

Codepage 1252

us-ascii

82

Western

ISO Latin-1 (8859)

iso-8859-1

32

Western

Mac Script Roman

x-mac-roman 96

Central European

Codepage 1250

cp1250 *

80

Central European

ISO Latin-2 (8859-2)

iso-8859-2

33

Turkish

ISO Latin-3 (8859-3)

iso-8859-3

34

Turkish

ISO Latin-5 (8859-9)

iso-8859-9

40

Turkish

Codepage 1254

cp1254 *

84

Taiwanese

Big5, Codepage 950

big5

26

Taiwanese

EUC-TW

x-euc-tw

3,302

Thai

Codepage 874

cp874 *

144

Simplified Chinese

PRC Chinese: GB,GBK

gb2312

27
continued

NOTES.INI File C-61

Character set group

Language: Encoding
character set

MIME name

MailCharSet
value

Korean

EUC-KR

euc-kr

24

Japanese

EUC-J

x-euc-jp

3,301

Japanese

ISO-2022-JP

iso-2022-jp

3,277

Japanese

ShiftJIS

x-sjis

18

Greek

ISO 8859-7

iso-8859-7

38

Greek

Codepage 1253

cp1253 *

83

Cyrillic

Codepage 1251

cp1251 *

81

Cyrillic

ISO 8859-5

iso-8859-5

36

Cyrillic

KOI8

koi8-r

3,308

Baltic Rim

ISO Latin-4 (8859-4)

iso-8859-4

35

Baltic Rim

Codepage 1257

cp1257 *

87

Arabic

ISO 8859-6

iso-8859-6

37

Arabic

Codepage 1256

cp1256 *

86

Hebrew

ISO 8859-8

iso-8859-8

39

Hebrew

Codepage 1255

cp1255 *

85

* On Windows-based servers, the MIME prefix is windows- rather than cp,


for example, windows-1254.

If you do not use this setting, the POP3 server looks for a
WWWDSP_Codepage value, if this setting is added.
(WWWDSP_Codepage controls the character set used by the Web
Navigator and accepts the same values as MailCharSet.)
Applies to: Servers
Default: None, although if this setting is omitted and there is no
WWWDSP_Codepage setting, the POP3 server uses the us-ascii
character set.
UI equivalent: None

C-62 Administering the Domino System, Volume 2

Reference

MailCompactDisabled
Syntax: MailCompactDisabled=value
Description: Enables or disables the routine compacting of the servers
MAIL.BOX. Without this setting in the NOTES.INI file, MAIL.BOX is
compacted routinely when the Compact server task runs:
0 - Enables compacting of MAIL.BOX
1 - Disables compacting of MAIL.BOX
Applies to: Servers
Default: None
UI equivalent: None

MailCompactHour
Syntax: MailCompactHour=value
Description: Use this setting to specify the time at which the router
should perform mailbox compaction.
Value is based on a 24-hour clock. For example, MailCompactHour=22
will cause compaction to initiate around 10pm.
Applies to: Servers
Default: In the absence of the setting, the router will perform mailbox
compaction at 4 AM.
UI equivalent: None

MailConvertMIMEonTransfer
Syntax: MailConvertMIMEonTransfer=value
Description: Enables or disables MIME message conversion on the
router. This can help minimize conversion overhead on the server
running the SMTP listener task.
0 - Router does not perform conversions for MIME messages
1 - Router performs conversions for MIME messages
Applies to: Servers
Default: 0

NOTES.INI File C-63

UI equivalent: None

Mail_Disable_Implicit_Sender_Key
Syntax: Mail_Disable_Implicit_Sender_Key=value
Description: Determines whether to encrypt an encrypted message with
the senders public key:
0 - Does not encrypt the encrypted message with the senders public
key
1 - Encrypt the encrypted message with the senders public key
Applies to: Workstations
Default: 0
UI equivalent: None

Mail_Log_To_MiscEvents
Syntax: Mail_Log_To_MiscEvents=value
Description: Determines whether all mail event messages are displayed
in the Miscellaneous Events view of the log file:
0 - Does not display mail events in the Miscellaneous Events view
1 - Displays mail events in the Miscellaneous Events view
Applies to: Servers and workstations
Default: None, although if this setting is omitted, mail events are not
displayed in the Miscellaneous Events view.
UI equivalent: None

MailServer
Syntax: MailServer=server
Description: Specifies the server where the users mail file resides.
Applies to: Servers and workstations
Default: None
UI equivalent: The Mail Server field in the Mail tab of the Person
document in the Domino Directory.
C-64 Administering the Domino System, Volume 2

Reference

Mail_Skip_NoKey_Dialog
Syntax: Mail_Skip_NoKey_Dialog=value
Description: Specifies whether to display the Encryption Failure dialog
when Notes cannot locate the public key to sign or encrypt a message:
0 - The Dont show signature or encryption failures again and
continue sending dialog appears when Notes cannot find the public
key.
1 - The Dont show signature or encryption failures again and
continue sending dialog does not appear when Notes cannot find
the public key. Notes then sends the message unsigned and/or
unencrypted.
Applies to: Workstations
Default: None
UI equivalent: The Dont show signature or encryption failures again
and continue sending checkbox in the Encryption Failure dialog box.

MailSystem
Syntax: MailSystem=value
Description: Specifies the mail system that the user selected during the
workstation setup procedure:
0 - Notes mail
1 - cc:Mail or a non-Lotus mail system
Applies to: Servers and workstations
Default: None
UI equivalent: The mail system selection made during workstation
setup.

NOTES.INI File C-65

MailTimeout
Syntax: MailTimeout=number of days
Description: Specifies the number of days after which the server returns
undelivered mail to the sender. Increase this setting when you have a lot
of mail returned in one day or when you are sending mail to foreign
domains.
Note To specify a period of less than one day, use the NOTES.INI
setting MailTimeoutMinutes.
Applies to: Servers
Default: None, although if this setting is omitted, undelivered mail is
returned after one day.
UI equivalent: None, but you can specify this setting in the NOTES.INI
Settings tab of the Configuration Settings document in the Domino
Directory.

MailTimeoutMinutes
Syntax: MailTimeoutMinutes=number of minutes
Description: Specifies the number of minutes after which the server
returns undelivered mail to the sender. The maximum number of
minutes is 1440 (24 hours).
Note To specify a time greater than one day, use the NOTES.INI setting
MailTimeout.
Applies to: Servers
Default: None
UI equivalent: None

Map_Retry_Delay
Syntax: Map_Retry_Delay=number of minutes
Description: Specifies the number of minutes that a server waits after an
unsuccessful attempt to call another server before it tries again.
Applies to: Servers
Default: None
UI equivalent: None
C-66 Administering the Domino System, Volume 2

Reference

Memory_Quota
Syntax: Memory_Quota=number of megabytes
Description: This setting is for OS/2 only. Specifies the maximum
number of megabytes of virtual memory that the server can allocate. This
gives administrators more control over the growth of the swap file. The
minimum value is 4MB. Without this setting in the NOTES.INI file, the
server uses all available memory.
Applies to: Servers
Default: None
UI equivalent: None, although you can specify this setting in the
NOTES.INI Settings tab of the Configuration Settings document in the
Domino Directory.

MinNewMailPoll
Syntax: MinNewMailPoll=number of minutes
Description: Determines how often workstations can contact the server
to see if new mail has arrived for the user. This setting overrides the
users selection in the Mail Setup dialog box. You can increase the mail
polling interval if there are a large number of mail users on your server,
and you want to prevent frequent polling from affecting server
performance.
Applies to: Servers
Default: None
UI equivalent: None

Move_Mail_File_Expiration_Days
Syntax: Move_Mail_File_Expiration_Days=number of days
Description: Specifies the number of days that the Notes client updates
mail file related Change Requests. After this time period, these become
obsolete Change Requests. For example:
Move_Mail_File_Expiration_Days=30
Applies to: Servers
Default: None
UI equivalent: None
NOTES.INI File C-67

MTCDailyTasksHour
Syntax: MTCDailyTasksHour=time
Description: Specifies the time, in 24-hour format, when the Mail
Tracking Collector (MTC) task performs the daily compaction of the
Domino MailTracker Store database (MTSTORE.NSF). For example:
MTCDailyTasksHour=25:00
Applies to: Servers
Default: None, although in the absence of this setting, compaction occurs
nightly at 2 AM.
UI equivalent: None

MTMaxResponses
Syntax: MTMaxResponses=number of responses
Description: Specifies the maximum number of message tracking
responses returned from a query. The number of responses returned will
be less than or equal to the MTMaxResponses value. Whenever a query
returns more than the MTMaxResponses limit, a message indicating this
appears on the Admininstration panel status line.
Applies to: Servers
Default: None, although if this setting is omitted, the maximum number
of message tracking responses returned from a query is 100.
UI equivalent: None

Names
Syntax: Names=name(s)
Description: Specifies the names of the secondary Domino Directories
that Domino searches to verify recipient names in mail messages. By
default, Domino searches only the primary Domino Directory, which is
typically named NAMES.NSF.
Note It is strongly recommended that you use directory assistance
rather than this setting to do lookups in secondary Domino Directories.
This NOTES.INI setting allows additional directories to be searched in
the order in which they appear and stops searching when it finds a
C-68 Administering the Domino System, Volume 2

The server does not use this feature to look up additional Connection,
Domain, or Server documents specified in additional directories. Ensure
you create all of the necessary Connection, Domain, and Server
documents in the primary Domino Directory.
Local secondary Domino Directories
To specify secondary Domino Directories that are replicated locally on
the server, type the names of the directories without the NSF extension
following the name of the primary Domino Directory; for example
NAMES=NAMES, EASTNAME, WESTNAME
Remote secondary Domino Directories
If secondary Domino Directories are not replicated locally, access them
over the network by specifying server names in canonical format and
their Domino Directories as follows:
CN=servername/OU=organizational unit/O=organization/!!filename
Specify as many organizational units as necessary.
For example, specify:
NAMES=NAMES, CN=serverwest/OU=west/O=acme!!NAMES,
CN=servereast/OU=east/O=acme!!NAMES
If the name of the remote server is flat, omit the canonical format, for
example
NAMES=NAMES, serverwest!!NAMES
If a remote server contains multiple Domino Directories, for example a
hub server, you can point to each directory on the server. To do this, you
must repeat the server name for each directory, for example:
NAMES=NAMES, CN=serverhub/O=acme!!NAMES1,
CN=serverhub/O=acme!!NAMES2
Note Do not add the name of a condensed Directory Catalog as a value
for this setting. Use the Basics tab of the Server document in the Domino
Directory to set up a server to use a condensed Directory Catalog.
Applies to: Servers
Default: NAMES
UI equivalent: None

NOTES.INI File C-69

Reference

match in one of the databases. The file names can be up to 256 characters.
Separate the list of directories with commas. Do not specify the NSF file
extension.

NetWareSocket
Syntax: NetWareSocket=socketnumber
Description: Specifies the IPX socket number used by the Domino server.
Applies to: Servers
Default: None. Domino lets the IPX/SPX protocol stack assign a socket
number dynamically.
UI equivalent: None
For information on assigning the IPX socket number for a Domino server,
see the chapter Setting Up the Domino Network.

NetWareSpxSettings
Syntax: NetWareSpxSettings=value
Description: Specifies the decimal value of the Domino servers IPX
socket.
Applies to: Servers
Default: None
UI equivalent: None

NewMailInterval
Syntax: NewMailInterval=number of minutes
Description: Defines how often (in minutes) Notes checks the users
Inbox for new mail.
Applies to: Workstations
Default: 1
UI equivalent: File - Preferences - User Preferences - Mail - Check for
new mail every x minutes.

C-70 Administering the Domino System, Volume 2

Reference

NewUserServer
Syntax: NewUserServer=server
Description: Specifies the registration server for a Domino domain, if
this has not been specified in Administration Preferences.
Applies to: Servers
Default: None
UI equivalent: None

NoDesignMenu
Syntax: NoDesignMenu=value
Description: Hides the Design menu on workstations.
0 - Shows the Design menu
1 - Hides the Design menu
Applies to: Workstations
Default: None, although if this setting is omitted, the Design menu
appears
UI equivalent: None

NoExternalApps
Syntax: NoExternalApps=value
Description: Protects against mail bomb viruses by disabling the
following workstation features:

OLE, DDE, DIP, @Command

@DBLookup, @DB Column (when using non-Notes drivers)

@MailSend, @DDExxx

Launching file attachments

Subscribe on a Macintosh workstation

Use the following values to set this variable:


0 - Enables the workstation features listed above
1 - Disables the workstation features listed above

NOTES.INI File C-71

Applies to: Workstations


Default: None, although if this setting is omitted, these workstation
features are enabled.
UI equivalent: None

No_Force_Activity_Logging
Syntax: No_Force_Activity_Logging=value
Description: Controls whether the Statlog task automatically enables
activity logging on all databases:
0 - Allows automatic activity logging on all databases
1 - Prevents automatic activity logging on all databases
Even when activity is not being recorded for the database, the
information is still recorded in the Activity entry of the Database Usage
view in the servers log file.
Applies to: Servers
Default: None, although if this setting is omitted, the Statlog server task
enables the Record Activity option for every database on the server and
adds 64Kb to each database.
UI equivalent: None, although you can specify this setting in the
NOTES.INI Settings tab of the Configuration Settings document in the
Domino Directory.

NoMailMenu
Syntax: NoMailMenu=value
Description: Hides the Mail menu. When set to 1, the Mail menu doesnt
appear on workstations. This setting also sets the users mail system to
None.
Applies to: Workstations
Default: None, although if this setting is omitted, the Notes Mail menu
appears.
UI equivalent: None

C-72 Administering the Domino System, Volume 2

Reference

NoMsgCache
Syntax: NoMsgCache=value
Description: Disables per-user message caching by the IMAP task. This
can improve capacity (number of users) on a server by reducing memory
consumption.
Applies to: Servers
Default: None, although if this setting is omitted, IMAP per-user
message caching will be enabled.
UI equivalent: None

NSF_Buffer_Pool_Size
Syntax: NSF_Buffer_Pool_Size=number of bytes
Description: Specifies the maximum size (in bytes) of the NSF buffer
pool, a section of memory dedicated to buffering I/O transfers between
Domino and disk storage. The maximum size depends on any limitations
of the operating system, and the amount of system memory available.
The minimum size is 4MB.
Note You can also use NSF_Buffer_Pool_Size_MB to set the maximum
size of the NSF buffer pool. This is the same as NSF_Buffer_Pool_Size,
except it specifies the size in megabytes instead of bytes. Use
NSF_Buffer_Pool_Size_MB to avoid the 2GB limitation that exists for
NSF_Buffer_Pool_Size due to NOTES.INI variable limits. (NOTES.INI
variables are signed variables, and cannot be larger than 2GB.)
Applies to: Servers and workstations
Default: Determined automatically by the server or workstation. (This is
strongly recommended, except on partitioned servers.) The more
memory is available, the larger the server sets the default
NSF_Buffer_Pool_Size. On workstations, the maximum setting of the
NSF_Buffer_Pool_Size is 8MB (4MB for MAC). On the server, the default
maximum is determined to be between 1/8 and 3/8 of available physical
memory, depending on the overall size of physical memory. The defaults
are not automatically adjusted on partitioned servers, so it will usually be
necessary to adjust the maximum values in each partition to a fraction of
memory such that the memory used by all partitions adds up to
approximately 1/4 to 3/8 of memory.
UI equivalent: None

NOTES.INI File C-73

NSF_DbCache_Disable
Syntax: NSF_DbCache_Disable=value
Description: Controls whether the database cache is enabled on a server.
The database cache is enabled by default.
0 - Enables the database cache
1 - Disables the database cache
Applies to: Servers
Default: None
UI equivalent: None

NSF_DbCache_Maxentries
Syntax: NSF_DbCache_Maxentries=number of databases
Description: Determines the number of databases that a server can hold
in its database cache at one time, where n is the number of databases.
Increasing the database cache size can improve system performance but
requires additional memory. The minimum number of databases allowed
in the cache at one time is 25; the maximum is approximately 2000,
depending on the server platform.
Applies to: Servers
Default: None, although if this setting is omitted, the number of
databases that the server can hold in its cache at one time is either 25, or
the NSF_Buffer_Pool_Size value divided by 300K (whichever is greater).
UI equivalent: None

Num_Compact_Rename_Retries
Syntax: Num_Compact_Rename_Retries=number of times to retry
Description: Domino attempts only once to rename a database that was
copy-style compacted. You can request additional attempts by specifying
a value in the Num_Compact_Rename_Retries setting in the NOTES.INI
file. Domino tries to rename until it succeeds or the number of retries is
exhausted. For example, to request that Domino try once again to rename,
specify Num_Compact_Rename_Retries=1; to request that Domino try 5
more times to rename, specify Num_Compact_Rename_Retries=5.
C-74 Administering the Domino System, Volume 2

Default: No default entry, but in the absence of the setting, Domino


attempts just once to rename a database that was copy-style compacted.
UI equivalent: None

NWNDSPassword
Syntax: NWNDSPassword=NDS password
Description: Specifies the password for Domino to log in to the Novell
Directory Service (NDS) tree on system start-up. Until this setting is
added to the NOTES.INI file, an administrator must log in to the NDS
tree before starting the Domino server.
Applies to: Servers
Default: None
UI equivalent: None
For information on setting up NDS for a Domino server, see the
appendix Novell Directory Service for the IPX/SPX Network.

NWNDSUserID
Syntax: NWNDSUserID=NDS user ID
Description: Specifies the user ID for Domino to log into the Novell
Directory Service (NDS) tree on system start-up. Until this setting is
added to the NOTES.INI file, an administrator must log into the NDS
tree before starting the Domino server.
Applies to: Servers
Default: None
UI equivalent: None
For information on setting up NDS for a Domino server, see the
appendix Novell Directory Service for the IPX/SPX Network.

NOTES.INI File C-75

Reference

Applies to: Servers

Passthru_Hangup_Delay
Syntax: Passthru_Hangup_Delay=number of seconds
Description: Specifies how long in seconds a passthru server maintains a
dialup connection after its last dialup session ends.
Applies to: Servers
Default: 120
UI equivalent: None

Passthru_LogLevel
Syntax: Passthru_LogLevel=value
Description: Specifies the level of trace information recorded for all
network connections (including passthru) in the Miscellaneous Events
view of the log file.
0 - No information is recorded
1 - Only errors are recorded
2 - Summary progress information is recorded
3 - Detailed progress information is recorded
4 - Full trace information is recorded
5 - Full trace information plus driver messages are recorded
Applies to: Servers and workstations
Default: 0
UI equivalent: File - Preferences - User Preferences - Ports - Trace Notes Log options

PhoneLog
Syntax: PhoneLog=value
Description: Specifies whether phone calls are recorded in the log file:
0 - Does not record phone calls to the log file
1 - Records all calls, except those that fail because of a busy signal
2 - Records all phone calls

C-76 Administering the Domino System, Volume 2

Default: 2
UI equivalent: None, although you can specify this setting in the
NOTES.INI Settings tab of the Configuration Settings document in the
Domino Directory.

PKCS11_Library
Syntax: PKCS11_Library=path
Description: Specifies the location of the servers locally installed
PKCS#11 file for enabling Smartcards. For example:
PKCS11_Library=C:\Program Files\Schlumberger\Smart Cards and
Terminals\Common Files\slbck.dll
Applies to: Servers
Default: None
UI equivalent: The Smartcard installation wizard will prompt the user to
install the appropriate DLL for the Smartcard.

Platform_Statistics_Disabled
Syntax: Platform_Statistics_Disabled=value
Description: By default, Domino tracks performance metrics of the
operating system and captures the results in the Domino server. Use the
following setting to disable statistic reporting:
Platform_Statistics_Disabled=1
Note You must remove the setting from the NOTES.INI file altogether
to re-enable platform statistic reporting.
Applies to: Servers
Default: None
UI equivalent: None

NOTES.INI File C-77

Reference

Applies to: Servers and workstations

POP3ConfigUpdateInterval
Syntax: POP3ConfigUpdateInterval=number of minutes
Description: Determines how often (per minute) the POP3 server will
update its configuration information.
Applies to: Servers
Default: 2 minutes
UI equivalent: None

POP3_Disable_Cache
Syntax: POP3_Disable_Cache=value
Description: Enables/disables message caching for users.
0 - Enables message caching
1 - Disables message caching
Applies to: Servers
Default: 0
UI equivalent: None

POP3DNSLookup
Syntax: POP3DNSLookup=value
Description: Enables/disables reverse DNS lookups of client host names.
0 - Disables reverse DNS lookups of client host names
1 - Enables reverse DNS lookups of client host names
Applies to: Servers
Default: 0
UI equivalent: None

C-78 Administering the Domino System, Volume 2

Reference

POP3Domain
Syntax: POP3Domain=domain name
Description: Specifies the name of the Internet domain to use as the
gateway to send mail to the Internet for local addresses. (All local
addresses are converted to Internet addresses.) If this setting is included
in the NOTES.INI file, it overrides the DNS value.
Applies to: Servers
Default: None
UI equivalent: None

POP3_Enable_Cache_Stats
Syntax: POP3_Enable_Cache_Stats=value
Description: Enables/disables message caching statistics.
0 - Disables message caching statistics
1 - Enables message caching statistics
Applies to: Servers
Default: 0
UI equivalent: None

POP3MarkRead
Syntax: POP3MarkRead=value
Description: Specifies whether POP3 messages should be marked as
read after downloading. A value of 1 instructs the server to mark the
messages as read. Default is 0 (messages are marked as unread).
0 - Do not mark POP3 messages as read
1 - Mark POP3 messages as read
Applies to: Servers
Default: 0
UI equivalent: None

NOTES.INI File C-79

POP3_Message_Stat_Cache_NumPerUser
Syntax: POP3_Message_Stat_Cache_NumPerUser=number of message
statistics
Description: Limits the number of message statistics that can be cached
for a single user. Message statistics caches contain UNIDs and saved
message sizes. Each cache entry consumes CPU time and server memory.
Reducing this number can improve server performance.
Applies to: Servers
Default: 50
UI equivalent: None

POP3NotesPort
Syntax: POP3NotesPort=port name
Description: Specifies the name of the Notes network port for TCP/IP that
you are linking the POP3 service with. This setting is required for a
partitioned server hosting POP3, and for a single server hosting it if the
server has more than one Notes port for TCP/IP.
Applies to: Servers
Default: None
UI equivalent: None
For information on binding an Internet service to an IP address, see the
chapter Setting Up the Domino Network.

portname_MaxSessions
Syntax: portname_MaxSessions=number of sessions
Description: Restricts the number of sessions on a specified port.
Applies to: Servers
Default: None
UI equivalent: None

C-80 Administering the Domino System, Volume 2

Reference

Ports
Syntax: Ports=portname(s)
Description: This setting indicates which ports are enabled for the server
or workstation. Ports are enabled/disabled by a two step process s using
the Setup Ports dialog box and then using Server documents (for servers)
or the User Preferences dialog box (for workstations). The order in which
ports are listed in this setting can affect how Notes workstations and
Domino servers connect to a system.
Applies to: Servers and workstations
Default: None
UI equivalent: On a workstation, see the Ports tab in the User
Preferences dialog box (choose File - Preferences - User Preferences). On
a server, the Configuration tabs Tools pane, Server - Setup Ports option,
and then see the Ports - Notes Network Ports tab in the Server document.
For information on reordering network ports on a server, see the chapter
Setting Up the Domino Network.

ProgramMode
Syntax: ProgramMode=value
Description: If the user sets up Notes with a Notes Mail ID or switches to
a Notes Mail ID (not a Lotus Notes Desktop ID), a value is written to the
NOTES.INI ProgramMode setting:
0 - Full Notes
1 - Notes Mail
8 - Desktop
Applies to: Workstations
Default: 1 (Full Notes)
UI equivalent: None

NOTES.INI File C-81

Repl_Error_Tolerance
Syntax: Repl_Error_Tolerance=number of replication errors
Description: Specifies the number of replication errors of the same type
that can occur between two databases before the server terminates
replication.
Applies to: Servers
Default: 2
UI equivalent: None, although you can specify this setting in the
NOTES.INI Settings tab of the Configuration Settings document in the
Domino Directory.

ReplicationTimeLimit
Syntax: ReplicationTimeLimit=number of minutes
Description: Specifies a time limit (in minutes) for replication between
one server and another. If this setting is not included in the NOTES.INI
file, there is no time limit.
Applies to: Servers
Default: None
UI equivalent: The Replication Time Limit field in the
Routing/Replication tab in the Connection document in the Domino
Directory.

Replicators
Syntax: Replicators=number of tasks
Description: Specifies the number of Replicator tasks that can run
concurrently on the server.
Note You must shut down and restart the server for this setting to take
effect.
Applies to: Servers
Default: 1
UI equivalent: None, although you can specify this setting in the
NOTES.INI Settings tab of the Configuration Settings document in the
Domino Directory.
C-82 Administering the Domino System, Volume 2

Reference

Repl_Obeys_Quotas
Syntax: Repl_Obeys_Quotas=value
Description: Specifies whether the Replicator obeys quotas.
0 - Disables the Replicator from obeying quotas
1 - Enables the Replicator to obey quotas
Applies to: Servers
Default: The Replicator does not obey quotas.
UI equivalent: None.

Report_DB
Syntax: Report_DB=path
Description: When the Monitoring Configuration database
(EVENTS4.NSF) is created, it is placed in the Domino Data directory. Use
this setting to specify the location of the database if it is located
somewhere other than in the Domino Data directory.
Applies to: Servers
Default: None, but in the absence of any Report_DB setting in the
NOTES.INI file, the default path is Lotus\Domino\Data\events4.nsf.
UI equivalent: None

ReportUseMail
Syntax: ReportUseMail=value
Description: Allows the Reporter task to use the Router to send statistics
to another server in the same domain:
1 - Use the Router
0 - Use the network
Using the Router can be useful for reporting statistics over dial-up
connections to a central collection server.
Applies to: Servers

NOTES.INI File C-83

Default: None, although without the setting, the Reporter task uses the
network to report statistics.
UI equivalent: None, although you can specify this setting in the
NOTES.INI Settings tab of the Configuration Settings document in the
Domino Directory.

RouterAllowConcurrentXferToAll
Syntax: RouterAllowConcurrentXFERToALL=value
Description: Use this setting to enable/disable multiple concurrent
transfer threads for inter-domain Notes routing.
1 - Enables
0 - Disables
Applies to: Servers
Default: None, but if the setting does not appear in the NOTES.INI file,
Dominos default behavior is to disable multiple concurrent transfer
threads for inter-domain Notes routing.
UI equivalent: None
For information on enabling multiple concurrent transfer threads
between Domino domains, see the chapter Customizing the Domino
Mail System.

RouterDisableMailToGroups
Syntax: RouterDisableMailToGroups=value
Description: Specifies whether the router should allow or deny mail
addressed to a group.
0 - Allow the Router to expand groups and forward a message to the
group members.
1 - Router will not expand any groups. It will return the message as a
failure report to the sender - rejected for policy reasons.
Applies to: Servers
Default: 0
UI equivalent: None

C-84 Administering the Domino System, Volume 2

Reference

RouterDSNForNullReversePath
Syntax: RouterDSNForNullReversePath=value
Description: Specifies whether the router should return delivery status
notifications (DSNs) for messages received over SMTP with null RFC 821
reverse paths.
0 - Dont return a failed DSN. Create the non delivery report, but
mark it as DEAD. The Administrator can then delete these messages
or release them.
1 - Create and send the delivery status notification.
2 - Do not create a delivery status notification.
Applies to: Servers
Default: 0
UI equivalent: None

RouterEnableMailByDest
Syntax: RouterEnableMailByDest=value
Description: Use this setting to generate verbose mail routing statistics
per destination. These statistics may be useful when attempting to
troubleshoot routing related problems.
0 - No destination based statistics are generated by the router.
1 - Router maintains statistics for each mail routing destination,
which include the last successful/unsuccessful transfer time, total
number of messages routed, and the total number of failures.
Applies to: Servers
Default: None
UI equivalent: None

NOTES.INI File C-85

RTR_Logging
Syntax: RTR_Logging=value
Description: Enables or disables monitoring of Cluster Replicator
activity.
0 - Disables monitoring of the Cluster Replicator
1 - Enables monitoring of the Cluster Replicator
Applies to: Servers
Default: None
UI equivalent: None

Sched_Dialing_Enabled
Syntax: Sched_Dialing_Enabled=value
Description: Enables or disables dialing out to check Busy Time.
Use the following values:
0 - Disables dialing out to check Busy Time
1 - Enables dialing out to check Busy Time
Applies to: Workstations
Default: Dialing out to check Busy Time is disabled.
UI equivalent: None

Sched_Purge_Interval
Syntax: Sched_Purge_Interval=number of days
Description: Specifies how many days prior to the current day to keep
busytime data. A value of 0 means data is never purged.
Applies to: Servers
Default: 7
UI equivalent: None

C-86 Administering the Domino System, Volume 2

Syntax: Schedule_Check_Entries_When_Validating=value
Description: Enables or disables whether SchedMgr validates its
busytime database entry on a user by user basis, as follows:
0 - Disables validation
1 - Enables validation
Validation should not be required under normal conditions.
Applies to: Servers
Default: 0
UI equivalent: None

Schedule_No_CalcStats
Syntax: Schedule_No_CalcStats=value
Description: Enables or disables whether SchedMgr updates/calculates
statistics on an hourly daily basis, as follows:
0 - Enables update/calculation
1 - Disables update/calculation
Applies to: Servers
Default: 0
UI equivalent: None

Schedule_No_Validate
Syntax: Schedule_No_Validate=value
Description: Enables or disables whether SchedMgr validates its
busytime database entry on a daily basis, as follows:
0 - Enables validation
1 - Disables validation
Validation should be enabled under normal conditions.
Applies to: Servers
Default: 0
UI equivalent: None
NOTES.INI File C-87

Reference

Schedule_Check_Entries_When_Validating

Schema_Daemon_Breaktime
Syntax: Schema_Daemon_Breaktime=number of seconds
Description: Specifies how often (in seconds) the schema daemon
spawned by the LDAP service checks if it should shut down because its
parent LDAP task is shutting down. In most situations there is no need to
change the breaktime interval. In rare situations, you might increase this
value as a way to free up CPU resources on a heavily used server.
Increasing the breaktime value also increases the time it takes the LDAP
service to shut down.
Applies to: Servers
Default: None, although without this setting, the schema daemon checks
the status of its parent LDAP task every 15 seconds.
UI equivalent: None

Schema_Daemon_Idletime
Syntax: Schema_Daemon_Idletime=number of minutes
Description: Specifies how long (in minutes) the schema daemon
spawned by the LDAP service remains idle after it has completed its
tasks. After the schema daemon has been idle for the specified interval, it
begins its tasks again.
Applies to: Servers
Default: None, although without this setting, the schema daemon
remains idle for 15 minutes.
UI equivalent: None

Schema_Daemon_Reloadtime
Syntax: Schema_Daemon_Reloadtime=number of hours
Description: Specifies how often (in hours) the schema daemon spawned
by the LDAP service adds schema elements for new or changed Domino
Directory forms and fields to its in-memory schema. This operation
occurs only on the administration server for the Domino Directory and
not on other servers in the domain that run the LDAP service.

C-88 Administering the Domino System, Volume 2

Schema_Daemon_Idletime, rather than Schema_Daemon_Reloadtime,


controls how often the schema daemon loads new schema elements
defined in the Domino LDAP Schema database into memory.
Applies to: Servers
Default: None, although without this setting the schema daemon reload
interval is 24 hours.
UI equivalent: None

Schema_Daemon_Resynctime
Syntax: Schema_Daemon_Resynctime=number of hours
Description: Specifies how often (in hours) the schema daemon spawned
by the LDAP service updates the schema published in the Domino LDAP
Schema database with a newer in-memory schema. This operation occurs
only on the Domino Directory administration server, and not other
servers in the domain that run the LDAP service.
Synchronizing the Schema database with in-memory schema is a
CPU-intensive operation. You might set different intervals for
Schema_Daemon_Reloadtime and Schema_Daemon_Resynctime so the
two operations occur at different times. Or you might increase the
interval during periods when there are no schema changes.
Applies to: Servers
Default: None, although without this setting the schema daemon resync
interval is 24 hours.
UI equivalent: None

NOTES.INI File C-89

Reference

Reloading in-memory schema to reflect new or changed Domino


Directory forms and fields is a CPU-intensive operation. You might set
different intervals for Schema_Daemon_Reloadtime and
Schema_Daemon_Resynctime so the two operations occur at different
times. Or you might increase the interval during periods when there are
no schema changes.

Secure_Disable_FullAdmin
Syntax: Secure_Disable_FullAdmin=value
Description: Entering 1 disables the Full Access Administrators field in
the Server document, causing the server to ignore any entries in that
field.
1 - Disables the Full Access Administrators field in the Server
document
0 - Does not disable Full Access Administrators field in the Server
document
Applies to: Servers
Default: 0
UI equivalent: None

SecureMail
Syntax: SecureMail=value
Description: Entering 1 as the value forces the mail program to sign and
encrypt all mail sent from the workstation:
1 - Removes the Sign and Encrypt options from all dialog boxes
0 - Restores the Sign and Encrypt options
Applies to: Workstations
Default: None, although if this setting is omitted, the Sign and Encrypt
options appear
UI equivalent: File - Preferences - User Preferences - Mail - Encrypt sent
mail

C-90 Administering the Domino System, Volume 2

Reference

Server_Availability_Threshold
Syntax: Server_Availability_Threshold=value
Description: Specifies the acceptable level of system resources available
to a server. By setting this value for each server in a cluster, you
determine how the workload is distributed among cluster members.
Valid values are 0 to 100. Domino compares this value against a servers
availability index; when the availability index falls below the
Server_Availability_Threshold value, the server becomes BUSY.
A Server_Availability_Threshold value of zero (0) indicates a fully
available state and workload balancing is disabled; a value of 100
indicates the server is BUSY (since the availability index can never be
greater than 100) and the Cluster Manager then tries to redirect user
requests to more available cluster members.
Applies to: Servers
Default: 0
UI equivalent: None, although you can specify this setting in the
NOTES.INI Settings tab of the Configuration Settings document in the
Domino Directory.

Server_Cluster_Default_Port
Syntax: Server_Cluster_Default_Port=portname
Description: Specifies the port used for intracluster network traffic. The
value should be a port name for example, TCP as specified in the
Ports tab of the Server document.
Applies to: Servers
Default: None
UI equivalent: None, although you can specify this setting in the
NOTES.INI Settings tab of the Configuration Settings document in the
Domino Directory.

NOTES.INI File C-91

Server_Console_Password
Syntax: Server_Console_Password=encrypted_password
Description: For the encrypted_password to be written to this setting in the
NOTES.INI file, you must use the Set Configuration server command to
specify the password.
The password can be a combination of letters and numbers. When this
setting is added to the NOTES.INI file, Domino activates the Set Secure
command to secure the server console. The password provided should
be different from the administrators user password. If you forget the
console password, delete this setting from the NOTES.INI file, and then
re-specify a password.
Applies to: Servers
Default: None
UI equivalent: None

ServerKeyFileName
Syntax: ServerKeyFileName=ID_file
Description: Specifies the server ID file to use on a machine that runs
both the Notes workstation program and the Domino server program.
Then, you edit the NOTES.INI KeyFileName setting to specify your user
ID as the ID to use when you run the Notes workstation or API programs
on the server machine.
For more information, see the topic KeyFileName earlier in this
chapter.
Applies to: Servers
Default: None
UI equivalent: None

C-92 Administering the Domino System, Volume 2

Syntax: Server_Max_Concurrent_Trans=number of transactions


Description: Sets the limit for the number of concurrently scheduled
transactions on a server. If you use this setting to set the maximum
number of concurrent transactions on partitioned servers, Lotus
recommends that the sum of the limits be 20 transactions or less. For
example, if you are running four partitioned servers on a computer, you
would set the limit for each partitioned server at five transactions.
Applies to: Servers
Default: None
UI equivalent: None

Server_MaxSessions
Syntax: Server_MaxSessions=number of sessions
Description: Specifies the maximum number of sessions that can run
concurrently on the server. To prevent server overload, decrease this
number if you set up multiple Replicators or Routers.
Applies to: Servers
Default: None
UI equivalent: None, although you can specify this setting in the
NOTES.INI Settings tab of the Configuration Settings document in the
Domino Directory.

Server_MaxUsers
Syntax: Server_MaxUsers=number
Description: Sets the maximum number of users that are allowed to
access a server. When this number is reached, the server state becomes
MAXUSERS, and the server stops accepting new Database Open requests.
Use the following values to set this variable:
0 - Unlimited access to server by users
number - Restricts number of active users to the number you specify

NOTES.INI File C-93

Reference

Server_Max_Concurrent_Trans

Applies to: Servers


Default: None
UI equivalent: None, although you can specify this setting in the
NOTES.INI Settings tab of the Configuration Settings document in the
Domino Directory.

ServerName
Syntax: ServerName=name
Description: Specifies the full hierarchical name of the server
Applies to: Servers
Default: None
UI equivalent: The Server Name field in the Server document.

ServerNoReplRequests
Syntax: ServerNoReplRequests=value
Description: Forces the server to refuse all replication requests from
other servers. When this feature is enabled, to replicate with this server,
the requesting server must perform pull-push replication:
0 - Accepts replication requests from other servers
1 - Refuses replication requests from other servers
Applies to: Servers
Default: None, although omitting this setting allows the server to accept
replication requests.
UI equivalent: None

C-94 Administering the Domino System, Volume 2

Reference

ServerPullReplication
Syntax: ServerPullReplication=value
Description: Specifies that all scheduled replication initiated from this
server must be pull-push replication. This server will not replicate back
to the other server:
0 - Scheduled replication occurs normally (push-pull replication is
not forced)
1 - This server pulls changes from other servers, but other servers
cannot pull changes from this server
This setting affects only scheduled replication.
For example, to reduce the workload on a hub server, specify 1 for the
ServerPullReplication setting on all spoke servers in a hub-and-spoke
system.
Applies to: Servers
Default: None, although omitting this setting allows for normally
scheduled replication.
UI equivalent: None, although you can specify this setting in the
NOTES.INI Settings tab of the Configuration Settings document in the
Domino Directory.

ServerPushReplication
Syntax: ServerPushReplication=value
Description: Specifies that all scheduled replication initiated from this
server must be push-pull replication. This server does not request that
the other server replicate back.
0 - Scheduled replication occurs normally (push-pull replication is
not forced)
1- Other servers pull changes from this server, but this server cannot
pull changes from other servers
Applies to: Servers
Default: None, although omitting this setting allows for normally
scheduled replication.
UI equivalent: None

NOTES.INI File C-95

Server_Restart_Delay
Syntax: Server_Restart_Delay=number of seconds
Description: Specifies the amount of time (in seconds) the server waits
before restarting with the restart server console command.
Applies to: Servers
Default: None, although by default, Domino waits 10 seconds.
UI equivalent: None

Server_Restricted
Syntax: Server_Restricted=value
Description: Enables or disables server access to a server. If access is
disabled, the server does not accept new Open Database requests.
Use the following values to set this variable:
0 - Server access is unrestricted
1 - Server access is restricted for the current server session. Restarting
the server clears the setting.
2 - Server access is restricted persistently, even after server restarts
Applies to: Servers
Default: None
UI equivalent: None, although you can specify this setting in the
NOTES.INI Settings tab of the Configuration Settings document in the
Domino Directory.

Server_Session_Timeout
Syntax: Server_Session_Timeout=number of minutes
Description: Specifies the number of minutes of inactivity after which
the server automatically terminates network and mobile connections. The
minimum recommended setting is 30-45 minutes. A lower setting may
negatively impact server performance. The ideal setting depends on
factors such as server load and the number of concurrent users on the
server.

C-96 Administering the Domino System, Volume 2

Applies to: Servers


Default: No default entry, but in the absence of the setting, Domino
terminates a session connection after 240 minutes of inactivity (four
hours).
UI equivalent: None, although you can specify this setting in the
NOTES.INI Settings tab of the Configuration Settings document in the
Domino Directory.

Server_Show_Performance
Syntax: Server_Show_Performance=value
Description: Specifies whether or not server performance events are
displayed on the console.
1 - Displays server performance events on console
Applies to: Servers
Default: None
UI equivalent: None, although you can specify this setting in the
NOTES.INI Settings tab of the Configuration Settings document in the
Domino Directory.

ServerTasks
Syntax: ServerTasks=name(s)
Description: Specifies the tasks that begin automatically at server startup
and continue until the server is shut down. For example:
ServerTasks=Replica, Router, Update, Stats, AMgr, Adminp, Sched,
CalConn, Event, Collect, MTC, RunJava ISpy
The server runs the Replicator, Router, Indexer, Stats, Agent Manager,
Administration Process, Schedule Manager, Calendar Connector, Event,
Collector, Mail Tracker Collector, and Mail Probe server tasks. Each task
increases the servers load and may adversely affect server performance.
Note that RunJava ISpy is case sensitive and must be specified exactly as
shown.

NOTES.INI File C-97

Reference

For mobile connections, XPC has its own internal time-out. If the XPC
time-out value is shorter than the Server_Session_Timeout value, the
XPC time-out takes precedence.

Applies to: Servers


Default: Replica, Router, Update, Stats, AMgr, Adminp, Sched, CalConn,
Billing
UI equivalent: None

ServerTasksAthour
Syntax: ServerTasksAthour=name(s)
Description: Schedules automatic server and database maintenance
functions. Enter the time in 24-hour format, where 0 is 12 AM (midnight)
and 23 is 11 PM. For example:
ServerTasksAt3=Catalog
ServerTasksAt7=Updall
ServerTasksAt16=Catalog, Updall, Statlog
At 3 AM, the server runs the Catalog task. At 7 AM, the server runs the
Updall task. At 4 PM, the server runs the Catalog, Updall, and Statistics
tasks.
Applies to: Servers
Default:
ServerTasksAt1=Catalog, Design
ServerTasksAt2=Updall, Object Collect mailobj.nsf
ServerTasksAt3=Object Info -Full
ServerTasksAt5=Statlog
UI equivalent: None

Setup
Syntax: Setup=revision number
Description: Identifies the version number of the software. The setting is
used by the Install program to determine whether or not to run the Setup
program. This variable also provides an upgrade audit.
Applies to: Servers and workstations
Default: None
UI equivalent: None
C-98 Administering the Domino System, Volume 2

Reference

SetupDB
Syntax: SetupDB=setupweb.nsf
Description: Identifies the setup database for HTTP server setup mode.
This must always be setupweb.nsf. When this is included in NOTES.INI,
the administrator can start the server in HTTP server setup mode by
including the argument HTTPSetup when starting the server. If this
variable is missing, the server will not enter HTTP server setup mode.
Applies to: Servers
Default: None
UI equivalent: None

SetupServerAddress
Syntax: SetupServerAddress=address
Description: Identifies the address of the setup server. This can be either
a DNS name, or a telephone number (XPC or DUN) to connect to the
server. SetupServerAddress, together with SetupServerName, instruct
the Notes setup program to obtain setup information from the specified
server. If either variable is missing from NOTES.INI, the setup program
prompts the user for setup information.
Applies to: Workstations
Default: None
UI equivalent: None

SetupServerName
Syntax: SetupServerName=name
Description: Identifies the name of the setup server. SetupServerName,
together with SetupServerAddress, instructs the Notes setup program to
obtain setup information from the specified server. If either variable is
missing from NOTES.INI, the setup program prompts the user for setup
information.
Applies to: Workstations
Default: None
UI equivalent: None
NOTES.INI File C-99

Shared_Mail
Syntax: Shared_Mail=value
Description: Specifies whether the shared mail feature is used for new
mail delivered to this server:
0 - The shared mail feature is not used for new mail
1 - The shared mail feature is used for new mail delivered to this
server
2 - The shared mail feature is used for new mail delivered to this
server and for new mail transferred through this server
Applies to: Servers
Default: 0 (shared mail not used)
UI equivalent: None, although you can specify this setting in the
NOTES.INI Settings tab of the Configuration Settings document in the
Domino Directory.

SMIME_Strong_Algorithm
Syntax: SMIME_Strong_Algorithm=value
Description: Specifies the encryption method for encrypting MIME
messages to recipients whose public keys are longer than 512 bits, but do
not have the special strong encryption flag in their certificates. Possible
values are:
RC2_40
RC2_56
RC2_64
RC2_80
RC2_128
RC5_5
RC5_7
RC5_10
RC5_16
DES
3DES

C-100 Administering the Domino System, Volume 2

Reference

Applies to: Workstations


Default: None
UI equivalent: None

SMIME_Weak_Algorithm
Syntax: SMIME_Weak_Algorithm=value
Description: Specifies the encryption method for encrypting MIME
messages to recipients whose public keys are shorter than 512 bits.
Possible values are:
RC2_40
RC2_56
RC2_64
RC2_80
RC2_128
RC5_5
RC5_7
RC5_10
RC5_16
DES
3DES
Applies to: Workstations
Default: None
UI equivalent: None

SMTPAllHostsExternal
Syntax: SMTPAllHostsExternal=value
Description: Use this setting to determine whether all hosts should be
subject to the anti-spam controls specified for the server.
0 - Exempts internal hosts from anti-spam controls.
1 - Internal hosts included for anti-spam controls.

NOTES.INI File C-101

Applies to: Servers


Default: In the absence of the setting, any internal hosts would be
exempt from the controls.
UI equivalent: In the servers Configuration Settings document, first
click the Router/SMTP tab, then the Restrictions and Controls tab, and
finally the SMTP Inbound Controls tab. In the Inbound Relay
Enforcement sections Perform Anti-Relay enforcement for these
connecting hosts field, select All connecting hosts or External hosts.

SMTP_Config_Update_Interval
Syntax: SMTP_Config_Update_Interval=number of minutes
Description: Determines how often (in minutes) Domino checks to
determine whether the user has updated SMTP configuration
information. You can change Configuration documents while servers are
running. For the change to take effect, the server must periodically check
the Configuration document for changes. If the server discovers a
change, it rereads all settings. This setting lets you change the servers
checking interval. A shorter time results in slightly higher overhead for
checking, but changes are noticed more quickly.
Applies to: Servers
Default: 2
UI equivalent: None

SMTPDebug
Syntax: SMTPDebug=value
Description: Controls the level of console logging performed by the
SMTP task.
0 - No logging
1 - Log errors
2 - Log Protocol commands
Applies to: Servers
Default: 0
UI equivalent: None

C-102 Administering the Domino System, Volume 2

Reference

SMTPDebugIO
Syntax: SMTPDebugIO=value
Description: Enables the logging of all data received by the SMTP task:
0 - No logging
3 - Logs all data received by the SMTP task
Caution Use SMTPDebugIO only when necessary and disable it again
as soon as possible. It can cause the log file to grow very large, and logs
the contents of received messages.
Applies to: Servers
Default: 0
UI equivalent: None

SMTPExpandDNSBLStats
Syntax: SMTPExpandDNSBLStats=value
Description: Use this setting to generate DNS blacklist filter statistics for
each connecting host found in a DNS blacklist site.
0 - Host specific DNS blacklist filter statistics are not generated by
the SMTP server.
1 - SMTP server generates host specific DNS blacklist filter statistics
which indicate the total number of hits per DNSBL site, per
connecting hosts IP address.
Applies to: Servers
Default: In the absence of this setting, the SMTP task maintains statistics
that track the total number of connecting hosts that were found on the
combined DNSBL of all sites combined, as well as how many were found
on the DNSBL of each configured site.
UI equivalent: None

NOTES.INI File C-103

SMTPGreeting
Syntax: SMTPGreeting=string
Description: Specifies a text message sent to SMTP clients when they
connect to the SMTP server. The message must contain the string %s
which is replaced by the current date/time when the connection is made.
Applies to: Servers
Default: host-name ESMTP Service (Lotus Domino build-name) ready
at %s
UI equivalent: None

SMTPNotesPort
Syntax: SMTPNotesPort=port name
Description: Specifies the port for the SMTP service, where port name is the
name of the Domino port for TCP/IP. This is required for partitioned
servers, and single servers that have more than one TCP/IP port.
Applies to: Servers
Default: None
UI equivalent: None
For information on binding an Internet service to an IP address, see the
chapter Setting Up the Domino Network.

SMTPNoVersionInRcvdHdr
Syntax: SMTPNoVersionInRcvdHdr=port name
Description: Use this setting to prevent Domino server product
information from being disclosed in SMTP Received headers.
0 - Domino-generated SMTP Received header will contain Domino
server product information, which includes the server version.
1 - Domino-generated SMTP Received header will not contain
Domino server product information.
Applies to: Servers
Default: In the absence of this setting, Received headers added by the
Domino server will include product information such as the server version.
UI equivalent: None
C-104 Administering the Domino System, Volume 2

Syntax: SMTPMaxForRecipients=number of addresses


Description: Determines how many addresses can be added when the
SMTP task adds received headers to messages received.
Applies to: Servers
Default: 0
UI equivalent: None

SMTPMTA_Space_Repl_Char
Syntax: SMTPMTA_Space_Repl_Char=character
Description: Specifies the character the SMTP MTA uses to replace
spaces in names. Choices are underline (_) or period (.). The following
restrictions apply to using periods as replacement characters:

User names in the Domino Directory cannot contain periods. For


example, John R. Doe is not valid.

You cannot use periods as the domain name separator if you


configure Domino domains to appear to the left of the @ sign in mail
addresses. If you do, a user name with periods replacing spaces can
be confused with domain names separated by periods.

Applies to: Workstations


Default: Underline
UI equivalent: None

NOTES.INI File C-105

Reference

SMTPMaxForRecipients

SMTPRelayAllowHostsandDomains
Syntax: SMTPRelayAllowHostsandDomains=value
Description: Forces servers to abide by Domino 5 rules to resolve
conflicts between Allow and Deny list entries in the SMTP inbound relay
controls.
0 - Entries in the Allow field of the SMTP inbound relay controls take
precedence over entries in the Deny fields when there is a conflict
between them. For example, given the following entries:
Field

Entry

Deny messages to be sent to the following external


Internet domains

xyz.com

Allow messages only from the following Internet


hosts to be sent to external Internet domains

relay.abc.com

the host relay.abc.com can always relay to any destination, including


destinations in the domain xyz.com.
1 - Entries in the Deny fields of the SMTP inbound relay controls take
precedence over entries in the Allow fields in the event of a conflict.
Using the preceding example, if you deny relays to xyz.com, the host
relay.abc.com cannot relay to the denied domain.
Applies to: Servers
Default: 0
UI equivalent: None

SMTPSaveImportErrors
Syntax: SMTPSaveImportErrors=value
Description: Specifies whether mail message import errors are recorded,
as follows:
0 - No messages are recorded.
1 - When an arriving message fails to be written as a note in
MAIL.BOX, Domino writes the data stream to a temporary directory,
and logs the name of the file.
2 - All arriving messages have their data streams written to the
temporary directory.

C-106 Administering the Domino System, Volume 2

Applies to: Servers


Default: 0
UI equivalent: None

SMTPStrict821AddressSyntax
Syntax: SMTPStrict821AddressSyntax=value
Description: Specifies whether the SMTP task requires addresses that
appear in MAIL FROM commands or RCPT TO commands be properly
formed according to the 821 standard (must contain <>):
0 - Does not enforce 821 standard
1 - Enforces 821 standard
Applies to: Servers
Default: 0
UI equivalent: None

SMTPStrict821LineSyntax
Syntax: SMTPStrict821LineSyntax=value
Description: Specifies whether the SMTP task requires all protocol text
be terminated by CRLF:
0 - 821 standard is not enforced (LF is accepted as a line terminator)
1 - 821 standard is enforced
Applies to: Servers
Default: 0
UI equivalent: None

NOTES.INI File C-107

Reference

Note This feature can use a great deal of disk space because the saved
messages continue to accumulate until you delete them. Also, the content
of the messages is accessible to anyone with the privileges to read files in
the temporary directory.

SMTPTimeoutMultiplier
Syntax: SMTPTimeoutMultiplier=value
Description: Multiplies the SMTP time-out wait value by the specified
number. Each SMTP protocol exchange has a time-out wait value. If the
client does not respond within the time-out period, the connection is
broken. You can increase the time-out period by specifying a multiplier
value. For example, a value of 2 doubles all time-out periods.
Applies to: Servers
Default: 1
UI equivalent: None

SSLCipherSpec
Syntax: SSLCipherSpec=value1value2value3...
Description: (SSL users only) Determines which SSL-compliant cipher to
use to encrypt files on the server. Specification numbers correspond to
the following ciphers:
Cipher specification value

Cipher

01

SSL_RSA_WITH_NULL_MD5

02

SSL_RSA_WITH_NULL_SHA

03

SSL_RSA_EXPORT_WITH_RC4_40_MD5

04

SSL_RSA_WITH_RC4_128_MD5

SSL_RSA_WITH_RC4_128_SHA

06

SSL_RSA_EXPORT_WITH_RC2_CBC_40_MD5

09

SSL_RSA_WITH_DES_CBC_SHA

0A

SSL_RSA_WITH_3DES_EDE_CBC_SHA

0B

SSL_DH_anon_WITH_3DES_EDE_CBC_SHA

0C

SSL_DH_anon_WITH_RC4_128_MD5

0D

SSL_DH_anon_WITH_DES_CBC_SHA

To enter multiple ciphers, enter each cipher specification value, including


leading zeros. Do not include spaces between values. For example:
SSLCipherSpec=01020A
Note Specifying a 128-bit cipher for a server with an international
license has no effect.
C-108 Administering the Domino System, Volume 2

Default: None
UI equivalent: SSL ciphers field for each Internet protocol in the Ports Internet Ports of the Server document. The settings in this field are
overridden by the SSLCipherSpec NOTES.INI setting.

SSL_Resumable_Sessions
Syntax: SSL_Resumable_Sessions=number of sessions cached
Description: Specifies the number of resumable SSL sessions that will be
cached on the server. Setting this variable to 1 disables SSL session
resumption on the server.
Applies to: Servers
Default: 50
UI equivalent: None

SSL_Trace_KeyFileRead
Syntax: SSL_Trace_KeyFileRead=value
Description: Enables viewing of information on the current keyring in
use on a Domino server. To enable viewing, set SSL_Trace_KeyFileRead
to a value of 1. This enables viewing of protocols other than HTTP to see
if there is a valid keyring file present in the servers Server document or
Internet site documents from the server console.
Applies to: Servers
Default: None
UI equivalent: None

SwapPath
Syntax: SwapPath=location
Description: Specifies the location of the servers swap file. If this setting
exists in the NOTES.INI file, the Reporter or Collector server task uses
this location for the Server.Path.Swap statistic.
Applies to: Servers
NOTES.INI File C-109

Reference

Applies to: Servers

Default: None
UI equivalent: None, although you can specify this setting in the
NOTES.INI Settings tab of the Configuration Settings document in the
Domino Directory.

TCP_EnableIPV6
Syntax: TCP_EnableIPV6=value
Description: Use this setting to enable Domino for IPv6.
0 - disables the feature
1 - enables the feature
Applies to: Servers
Default: None, but in the absence of the setting, IPV6 is disabled.
UI equivalent: None

TCP/IPportname_PortMappingNN
Syntax: TCP/IPportname_PortMappingNN=CN=servername/
O=organization,IPaddress:TCP/IP portnumber
Description: Specifies the TCP/IP port number of each partitioned
server sharing the IP address of the port mapping server. TCP/IPportname
is the name of the TCP/IP port which is specified in the NOTES.INI file
by the settings Ports=TCPIP. This entry is only valid in the NOTES.INI
file of the port mapper server. NN is any number from 00, 01, 02, and so
on to 99; only 00 to 04 are currently supported. Numbers must be
assigned in ascending order as an invalid break in the number sequence
causes subsequent entries in the NOTES.INI file to be ignored.
For example:
TCP/IPportname
_PortMapping00=CN=Server1/O=ACME,192.94.222.169:13520
TCP/IPportname
_PortMapping01=CN=Server2/O=ACME,192.94.222.169:13521
TCP/IPportname
_PortMapping02=CN=Server3/O=ACME,192.94.222.169:13522
The last number is the port number assigned to each partitioned server.
This number must be an available number as specified in Assigned
Numbers RFC 1340.
C-110 Administering the Domino System, Volume 2

Reference

Applies to: Servers


Default: None

UI equivalent: None

TCP/IPportname_TCPIPAddress
Syntax: TCP/IPportname_TCPIPAddress=0,IPaddress:TCP/IP portnumber
Description: Defines the IP address and port number for a Domino
server. TCP/IPportname is the name of the TCP/IP port which is specified
in the NOTES.INI file by the setting Ports=TCPIP. For example:
TCP/IPportname_TCPIPAddress=0,192.94.222.169:1352
Applies to: Servers
Default: None
UI equivalent: None

Temp_Index_Max_Doc
Syntax: Temp_Index_Max_Doc=number of entries
Description: Specifies the maximum number of results (up to
2147483647) that can be retrieved at one timeby an agent running on a
serveron a database without any index. For example, specifying
Temp_Index_Max_Doc=10000
allows a single NotesDatabase or NotesDocumentCollection FTSearch
running on a server to return up to 10000 entries.
To use the Temp_Index_Max_Doc setting for an agent running on a
server, you must also use the FT_Max_Search_Results setting and specify
the same value, for example
FT_Max_Search_Results=10000
For information on the FT_Max_Search_Results setting, see the topic
FT_Max_Search_Results earlier in this chapter.
Applies to: Servers
Default: 5000
UI equivalent: None

NOTES.INI File C-111

TimeZone
Syntax: TimeZone=value
Description: Specifies the time zone for a server or workstation. Time
zones begin at Greenwich, England (0 = Greenwich Mean Time) and
move westward around the world. The time zones can be 15, 30, 45, or 60
minutes apart (not all zones are an hour apart). For example:
TimeZone=8
TimeZone=0
Specifies Pacific Standard Time (8) and Greenwich Mean Time (0).
Applies to: Servers and workstations
Default: Defined during the workstation or server Setup procedure.
UI equivalent: On a workstation, the Local time zone field in the
Location document; on a server, the Local time zone field in the Server
document.

Topology_WorkInterval
Syntax: Topology_WorkInterval=number of hours
Description: Use this setting to specify how often the Maps server add-in
task updates the topology map data in the Domino Directory. Once set, it
will refresh n hours after the maps add-in program is started, and every
n hours after that.
Note You should not use the setting to refresh too frequently, because
the map data is stored in your Domino Directory and updates are
replicated throughout the domain.
Applies to: Servers
Default: None, however the Topology maps task normally refreshes
topology information once a day, every night at 2 AM.
UI equivalent: None

C-112 Administering the Domino System, Volume 2

Reference

TransLog_MaxSize
Syntax: TransLog_MaxSize=number of megabytes
Description: The maximum size, in MB, for the transaction log. A value
of at least 192 MB is recommended. If you dont specify a value, the
system determines a log size approximately three times the size of the
servers RAM.
Applies to: Servers
Default: None
UI equivalent: Maximum log space field in the Transactional Logging
tab of the Server document.

TransLog_Path
Syntax: TransLog_Path=path
Description: Specifies the path to the transaction log. The default
location is \logdir in the servers data directory. However, it is strongly
recommended to store the transaction log on a separate mirrored device,
such as a RAID level 0 or 1 device with a dedicated controller. If you
change this field and have an existing transaction log, you must use the
operating system to move all the log files to the new log path.
Applies to: Servers
Default: logdir in the servers data directory, for example c:\data\logdir
UI equivalent: Log path field in the Transactional Logging tab of the
Server document.

TransLog_Performance
Syntax: TransLog_Performance=value
Description: Specifies the trade-off between transactional log runtime
and restart recovery time, as follows:
1 - Favor runtime. The system stores more database changes in
memory writes fewer changes to the transaction log. Fewer writes to
disk improves server runtime.
2 - Standard (default)

NOTES.INI File C-113

3 - Favor restart recovery time. The system stores fewer database


changes in memory and writes more changes to the transaction log.
More writes to the transaction log improves restart recovery time.
Applies to: Servers
Default: 2
UI equivalent: Runtime/Restart performance field in the
Transactional Logging tab of the Server document.

TransLog_Status
Syntax: TransLog_Status=value
Description: Enables transaction logging for all Domino 5 databases on
the server, as follows:
0 - Transactional logging disabled
1 - Transactional logging enabled
You must upgrade databases to Domino 5 format before they can use
transaction logging.
Applies to: Servers
Default: 0
UI equivalent: Transactional logging field in the Transactional
Logging tab of the Server document.

TransLog_Style
Syntax: TransLog_Style=value
Description: Specifies the type of transaction logging. Options are as
follows:
0 - Circular (default). The system continuously reuses the extent log
files, overwriting old transactions.
1 - Archive. The system does not reuse extent log files and allows
you to use a backup utility to archive log files. This is recommended.
Applies to: Servers
Default: 0
UI equivalent: Logging style field in the Transactional Logging tab of
the Server document.
C-114 Administering the Domino System, Volume 2

Reference

TransLog_UseAll
Syntax: TransLog_UseAll=value
Description: Specifies whether or not to use all available disk space on
the log device, as follows:
0 - The system uses the default or specified value in
TransLog_MaxSize
1 - Use all available space on the disk for the transaction log extent.
This is recommended if you use a separate device dedicated to
storing the extent.
Applies to: Servers
Default: 0
UI equivalent: Use all available space on log device field in the
Transactional Logging tab of the Server document.

Update_No_BRP_Files
Syntax: Update_No_BRP_Files=value
Description: Determines whether or not the Fixup task creates BRP files.
When set to 1, the Fixup task will not create a BRP file when it encounters
an error in a view index.
Applies to: Servers
Default: None
UI equivalent: None

Update_No_Fulltext
Syntax: Update_No_Fulltext=value
Description: Turns off full-text indexing on a server.
0 - Turns full-text indexing on
1 - Turns full-text indexing off
Applies to: Servers
Default: None, although if this setting is omitted, full-text indexing is on.
UI equivalent: None, although you can specify this setting in the
NOTES.INI Settings tab of the Configuration Settings document in the
Domino Directory.
NOTES.INI File C-115

Updaters
Syntax: Updaters=number of tasks
Description: Specifies the number of Update server tasks that can run
concurrently on the server. You must shut down and restart the server
for this setting to take effect.
Applies to: Servers
Default: None, although if this setting is omitted, only a single Update
task can run at a time.
UI equivalent: None, although you can specify this setting in the
NOTES.INI Settings tab of the Configuration Settings document in the
Domino Directory.

Update_Suppression_Limit
Syntax: Update_Suppression_Limit=value
Description: Overrides the NOTES.INI Update_Suppression_Time
setting if a certain number of duplicate requests to update indexes and
views are received.
Applies to: Servers
Default: None
UI equivalent: None, although you can specify this setting in the
NOTES.INI Settings tab of the Configuration Settings document in the
Domino Directory.

Update_Suppression_Time
Syntax: Update_Suppression_Time=number of minutes
Description: Specifies the delay time between full-text index and view
updates, even if immediate indexing is scheduled as a server task.
Applies to: Servers
Default: 5
UI equivalent: None, although you can specify this setting in the
NOTES.INI Settings tab of the Configuration Settings document in the
Domino Directory.

C-116 Administering the Domino System, Volume 2

Syntax: UpgradeApps=filename1, filename2, filename3...


Description: Specifies custom upgrade applications for migrating users
to Notes. Domino 5 includes four upgrade applications for migrating
users to Notes, one each for cc:Mail, Windows NT, Exchange, and LDIF.
In addition, you can use UpgradeApps to add one or more custom
upgrade applications (DLL files) to the Registration dialog. Use commas
to separate multiple names. Specified files must reside in the Notes
program directory. UpgradeApps does not affect the upgrade
applications that ship with Domino.
Applies to: Servers
Default: None
UI equivalent: None

UseFontMapper
Syntax: UseFontMapper=value
Description: Determines whether the font mapper is used to guess the
closest mappings between the font face name in a CGM metafile and the
currently installed fonts on a Notes workstation.
1 - Enables the font mapper
0 - Disables the font mapper
Applies to: Servers and workstations
Default: 1
UI equivalent: None

NOTES.INI File C-117

Reference

UpgradeApps

ViewExpnumber
Syntax: ViewExpnumber=value1, value2...
Description: Specifies parameters to be used by file exports done at the
view level.
Parameter

Enter

value1

Program name and file type

value2

The following append options:


0 - No append option offered
1 - Append option offered through a dialog box
2 - Automatically write to a temporary file to avoid the 64K limit

value3

Name of the export routine called

value4

Not currently used

value5 - x

File extensions to automatically select a file type in the File Export


dialog box

Applies to: Servers and workstations


Default: None
UI equivalent: None

ViewImpnumber
Syntax: ViewImpnumber=value1, value2...
Description: Specifies parameters to be used by file imports done at the
view level.
Parameter Enter
value1

Program name and version

value2

Not used, always 0

value3

Name of the import routine called

value4

Not currently used

value5 - x

File extensions to automatically select a file type in the File Import


dialog box

Applies to: Servers and workstations


Default: None
UI equivalent: None

C-118 Administering the Domino System, Volume 2

Reference

View_Rebuild_Dir
Syntax: View_Rebuild_Dir=path
Description: Specifies the directory where temporary files will be created
for optimized view rebuilds.
For example, to set the directory to my_view_rebuild_directory, enter the
following line in the NOTES.INI file:
View_Rebuild_Dir=c:\my_view_rebuild_directory

Applies to: Servers


Default: None, but in the absence of this setting, the systems temporary
storage directory (specified by the TEMP or TMP environment variables)
is used.
UI equivalent: None

WebAuth_Verbose_Trace
Syntax: WebAuth_Verbose_Trace=value
Description: Use this setting to troubleshoot problems with Web server
user authentication and Web server group searches for database access
verification. With the setting enabled, a Domino Web server records
detailed information about specific Web user authentication sessions at
the server console. Information includes authentication success or failure,
group cache information used to verify Web users membership in
groups for database access control, and the search filters used to find
user and group entries in an LDAP directory.
0 - Disabled
1 - Enabled
Note After you correct the problem, be sure to disable this feature (or
remove the setting altogether), because it slows Web server performance.
Applies to: Servers
Default: None
UI equivalent: None

NOTES.INI File C-119

WebSess_Verbose_Trace
Syntax: WebSess_Verbose_Trace=value
Description: This setting should be used to troubleshoot both single
server and multi-server (as in single sign-on) session-based
authentication problems. When enabled, the setting allows a Domino
Web server to record, at the server console, detailed information about
specific Web session-based authentication sessions, such as
unauthorized, unauthenticated, or session expiration information.
0 - Disabled
1 - Enabled
Note After you correct the problem, be sure to disable this feature (or
remove the setting altogether), because it slows Web server performance.
Applies to: Servers
Default: None
UI equivalent: None

Window_Title
Syntax: Window_Title=text
Description: Uses the specified text on the title bar.
Applies to: Servers and workstations
Default: None
UI equivalent: None

WinInfoboxPos
Syntax: WinInfoboxPos=value1, value2
Description: Determines the position of the InfoBox.
Applies to: Workstations
Default: 85, 193
UI equivalent: None

C-120 Administering the Domino System, Volume 2

Reference

WinSysFontnumber
Syntax: WinSysFontnumber=value1, value2, value3
Description: All CGM metafiles contain numeric font identifiers 1
through x, where x is the maximum number of fonts in an optional CGM
font face name table. When the font mapper is disabled, these lines list
the installed Windows system fonts to which the CGM font numbers are
mapped.
Applies to: Workstations
Default: None
UI equivalent: None

XPC_Console
Syntax: XPC_Console=value
Description: Displays the XPC console, which shows modem
input/output (if logged).
1 - Displays the console
0 - Hides the console
Applies to: Servers and workstations
Default: 0
UI equivalent: None

NOTES.INI File C-121

Reference

Appendix D
System and Application Templates
This appendix describes all system and application templates.

System and application templates


These are templates that the setup program, servers, and administrators
use to create system and application databases. When you create a new
database, some of these templates do not appear in the template list
unless you choose Show advanced templates. Most templates have a
file extension of .NTF.
For more information on creating databases from templates, see
Application Development with Domino Designer.
Template title and file
name

Template name

Purpose

Activity Trends (6)


ACTIVITY.NTF

StdActivityTrends Records and reports statistics that


Database
portray the activity of users (clients)
against the databases on the Domino
server where this database resides.

Administration
Requests (6)
ADMIN4.NTF

StdR4Admin
Requests

Tracks and records Administration


Process requests and processes.

Agent Log
ALOG4.NTF

StdR4AgentLog

Lists actions and errors that occur


when a LotusScript program that
uses the NotesLog class runs.

Archive Log (6)


ARCHLG50.NTF

StdR50ArchiveLog Logs information about all archived


databases and contains information
about the number of documents
archived, the source database, and
the archive database.

Billing
BILLING.NTF

StdR4Billing

Records and stores billing


information about activity on a
Domino server.

Bookmarks (6)
BOOKMARK.NTF

Bookmarks

Opens a users databases and links.


continued
D-1

Template title and file


name

Template name

Purpose

Catalog (6)
CATALOG6.NTF

StdNotesCatalog

Records and stores information


about the databases on a Domino
server.

Certificate
Requests (6)
CERTREQ.NTF

StdCertificate
Requests

Acts as a front-end to a single


CA-process Internet certifier,
implementing a Web-based UI for
browser users to request client
certificates for their browser or
other internet client, and a Notes UI
for creating server key rings for
SSL-enabled Domino servers.

Certification Log
CERTLOG.NTF

StdNotes
CertificationLog

Maintains records of certified Notes


IDs in a Notes community.

Cluster Analysis (6)


CLUSTA4.NTF

StdR4Cluster
Analysis

Generates reports about the cluster


configuration to verify if the cluster
was configured correctly; locates
problems with the configuration.

Cluster Directory (6)


CLDBDIR4.NTF

STDR4Cluster
Directory

Records and stores information


about databases in a server cluster.

Database Analysis
DBA4.NTF

StdR4DBAnalysis

Stores the results of a single


database analysis.

Database Library
DBLIB4.NTF

StdR4DatabaseLib Contains a list of public databases to


which users can request access.

Decommission Server StdNotes


Decommission
Reports
Server
DECOMSRV.NTF

Produces reports to help


decommission one server and
replace it with a server that is
already set up.

DECS Administrator
Template
DECSADM.NTF

DECS
Administrator
Template

Configures real-time back-end


connectivity between Domino and
external systems when using the
DECS (Domino Enterprise
Connection Services) add-in task.

Design Synopsis
DSGNSYN.NTF

DesignSynopsis

Stores the results from a design


synopsis of a database.

Directory
Assistance (6)
DA50.NTF

StdMasterAddress Provides directory assistance to


Book4.5
multiple directories.
continued

D-2 Administering the Domino System, Volume 2

Template name

Purpose

Directory Catalog
DIRCAT5.NTF

Lightweight
Directory

Helps to configure and build a


directory catalog, which compresses
user and group entries from one or
more Domino Directories into a
single database.

Discussion - Notes &


Web (6)
DISCSW6.NTF

StdR50Disc

Provides an electronic conference


room for threaded discussions;
includes built-in user profiles that
allow automatic mailing of links to
items of interest; allows for
anonymous responses, archiving,
and public/private threads.

Doc Library - Notes & StdR50WebDocLib Provides document storage and


Web (R6)
allows for review workflow (serial
and parallel) and archiving.
DOCLBW6.NTF
DOLS Administration DOLS Admin 1.0
Template
DOLADMIN.NTF

Lets you configure any Domino


application so that users can
download the application for offline
use.

DOLS Resource
Template
DOLRES.NTF

DOLS Resource
Template 1.0

Lets you configure any Domino


application so that users can
download the application for offline
use.

Domino
Administrator (6)
DOMADMIN.NTF

StdAdminDatabase Contains some necessary


user-interface elements for the
Domino Administrator; do not
change this system template.

Domino Certificate
Authority (6)
CCA50.NTF

StdNotes50SSL
Auth

Sets up an internal certification


authority for use with SSL.

Domino Certificate
Publication
Requests (6)
CERTPUB.NTF

StdCertPub
Requests

Lets you request publication of an


SSL client certificate under an entry
in the address book.

Domino Change
Control (6)
DOMCHANGE.NTF

DominoChange
Control

Used by the Domino Change


Manager process to manage and
execute change control plans. It
includes an approval cycle
workflow and tight integration with
the Administration Process.
continued

System and Application Templates D-3

Reference

Template title and file


name

Template title and file


name

Template name

Purpose

Domino Directory
PUBNAMES.NTF

StdR4Public
AddressBook

Provides a repository that stores


user, server, connection, and access
control information.

Domino Directory
Cache (6)
DBDIRMAN.NTF

StdDbDirMan

Contains cache times for each


database in the servers data
directory.

Domino LDAP
Schema (6)
SCHEMA.NTF

StdDominoLDAP
Schema

Provides information about the


attributes, object classes, and
syntaxes supported by the Domino
LDAP schema in an user-friendly
format.

Domino MailTracker MailTrackerStore


Store (6)
MTSTORE.NTF

Contains information (originators,


recipients, arrival times, and status)
about messages the server
processes.

Domino Web
Administrator (6)
WEBADMIN.NTF

StdWebAdmin
Database

Creates a database that allows


administrators to use a browser to
administer databases.

Domino Web Server


Configuration (6)
DOMCFG.NTF

StdR5Domino
WebServer
Configuration

Holds custom error pages for use


with the Web server.

Domino Web Server


Log (6)
DOMLOG.NTF

Domino Web
Server Log
Template

Logs information about activities on


a Domino Web server.

Extended Mail (R6)


MAIL6EX.NTF

ExtR6Mail

Can be used to create a mail


database either on a local computer
or on a server. Mail databases
created from this template are best
used by Notes, Intranet, or Internet
clients.
continued

D-4 Administering the Domino System, Volume 2

Template name

Purpose

Health Monitoring
DOMMON.NTF

StdDominoHealth Contains the Health Reports


Monitor
generated by Server Health
Monitoring. Domino configuration
and performance is periodically
evaluated and recorded as health
reports and health statistics.
Recommendations on how to
correct poor server behavior are
issued when appropriate. The
configuration documents in this
database can be used to customize
the health evaluation.

Issued Certificates
List (6)
ICL.NTF

Issued Certificates A record of the certificates issued by


List
a single certifier. Can be used by a
CA Administrator to revoke
certificates.

Local Document
Cache
CACHE.NTF

NotesDocCache

Creates a users local document


cache database, which stores
documents that the user opens and
provides fast retrieval of documents
previously opened.

Local free time info


BUSYTIME.NTF

BusyTime

Manages time allotment for the


calendar and scheduling features.

Lotus SmartSuite
Library (6)
DOCLBS6.NTF

StdSmartSuiteR6
DocLib

Gives Notes users the ability to


create and save documents using
Lotus SmartSuite Word Pro, 1-2-3,
Freelance, or Paintbrush, without
leaving Notes.

Mail Journaling (6)


MAILJRN.NTF

StdMailJournaling Stores copies of messages that pass


through the router. This is a system
database; therefore, the messages
are saved per server, not per user.

Mail Router
Mailbox (6)
MAILBOX.NTF

StdNotesMailbox

Stores mail from a user that is in


route from one user to another user.

Mail (IMAP)
IMAPCL5.NTF

StdR50IMail

Creates a proxy database that


allows clients to interact using
IMAP mail.

Mail (R6)
MAIL6.NTF

StdR56Mail

Creates the standard mail databases


used by Notes mail users.
continued

System and Application Templates D-5

Reference

Template title and file


name

Template title and file


name

Template name

Purpose

Message Tracking
Reports (6)
REPORTS.NTF

StdReports
Database

Creates reports that measure mail


message statistics or usage patterns.

Microsoft Office
Library (6)
DOCLBM6.NTF

StdR46DocLibMS

Automatically loads and sizes the


OLE object to the window; stores
and supports review cycles of
documents created with Microsoft
Office products.

Monitoring
Configuration (6)
EVENTS4.NTF

StdR5Events

Stores configuration records for


statistics reporting and monitoring
tools and stores a listing of server
messages.

Monitoring Results (6) StdR5StatReport


STATREP5.NTF

Records information about the


activity on one or more Domino
servers.

News Articles (6)


NNTPCL5.NTF

StdR60NNTP
Client

Creates databases on clients to


interact with NNTP news sites.

NNTP Cross-Post
NNTPPOST.NTF

StdR46NNTP
PostBox

Stores and posts articles to multiple


newsgroups at a scheduled interval.

NNTP Discussion (6) StdR5.0NNTPDisc Creates newsgroup discussion


databases that the NNTP server
NNTPDI50.NTF
uses.
Notes Log
LOG.NTF

StdNotesLog

Stores information about activities


on a Domino server or a Notes
workstation.

Notes Log
Analysis (6)
LOGA4.NTF

StdR4LogAnalysis Creates a results database that


contains one view, Log Events, that
is categorized by server. Shows the
date and time of events, the source
(event or console message), and the
text of messages. Does not display
times for server console messages.

NT/Migrating Users StdNotesNewUser Stores randomly generated


Passwords
Passwords
passwords created when
administrators register Notes users
NTSYNC45.NTF
from Windows NT.
continued

D-6 Administering the Domino System, Volume 2

Template name

Purpose

Personal Address
Book
PERNAMES.NTF

StdR4Personal
AddressBook

Creates a client database that stores


information about connecting to
servers on a network or from a
remote site. The database also
maintains personal mailing lists.

Personal Journal (R6) StdR4Journal


JOURNAL6.NTF

Creates a personal journal database


where users keep private
documents.

Personal Web
Navigator (6)
PERWEB50.NTF

StdR50Personal
WebNavigator

Creates a Personal Web Navigator


database to access the Internet
directly from a client.

Phonebook (6)
PHONEBOOK.NTF

StdPhonebook

Provides information about the best


local phone number to use to
connect to a server from anywhere
in the world.

Policy Synopsis (6)


POLCYSYN.NTF

StdPolicySynopsis Creates a result database for policy


information generated by the Policy
Synopsis tool.

Resource
Reservations (6)
RESRC60.NTF

StdR60Resource
Reservation

Search Site (6)


SRCHSITE.NTF

StdNotesSearchSite Creates a database used when


performing text searches on a
specified set of databases.

Server Certificate
Admin
CSRV50.NTF

StdNotes50SSL
Admin

Contains inventory and schedule


information on meeting resources,
such as conference rooms and
equipment.

Requests server certificates from


either a Domino or a third-party
certificate authority (CA). Also
stores CA certificates and manages
server certificates.

Server Web Navigator StdR50Web


(R5.0)
Navigator
PUBWEB50.NTF

The server add-in program


WEB.EXE uses this template to
create the server navigator database
that gives Notes users access to the
Web. The database stores Internet
documents before workstations
retrieve them.

Server.Planner:
Analyst
DSPA.NTF

Stores completed Server.Planner


queries and stores results associated
with those queries.

Server.Planner:
Analyst

continued
System and Application Templates D-7

Reference

Template title and file


name

Template title and file


name

Template name

Purpose

Server.Planner:
Decision Maker
DSPD.NTF

Server.Planner:
Decision Maker

Stores information resulting from


the Server.Planner Analyst Query,
including recommended
configuration(s).

Server.Planner:
Vendor
DSPV.NTF

Server.Planner:
Vendor

Stores machine configuration


information and stores performance
results from NotesBench workloads.

Smart Upgrade
Kits (6)
smupgrade.ntf

StdNotesKits

Repository for Smart Upgrade kits


within a Domino domain. The
system administrator places Smart
Upgrade kits into this database in
order to make them available to
clients. Lotus Notes 6 detects new
Update kits and automatically
upgrades itself.

Subscriptions (6)
HEADLINE.NTF

StdNotesHeadlines Allows users to subscribe to various


databases or Web sites and receive
5.0
updates on them.

TeamRoom (6)
TEAMRM6.NTF

StdR6TeamRoom

User Registration
Queue (6)
USERREG.NTF

Creates the User Registration Queue


StdUser
RegistrationQueue database that stores information on
Notes users pending registration.

D-8 Administering the Domino System, Volume 2

Creates structured, limited


timeframe discussion databases;
useful for short-term projects or
team-oriented activity that requires
a special format.

Reference

Appendix E
Customizing the Domino Directory
This appendix describes how to customize the Domino Directory
template, which controls the appearance and functionality of the Domino
Directory. Because the Domino Directory controls the operation of the
Domino system, follow the instructions in this appendix exactly to ensure
that the system continues to operate successfully.

The Domino Directory template


The default Domino Directory template (PUBNAMES.NTF) controls the
appearance and functionality of the Domino Directory database
(NAMES.NSF). Domino uses the forms and settings in the default
Domino Directory template to control features for example, mail,
server tasks, and access control and to store critical information that
manages server connections, mail routing, and system configuration.
Using the default Domino Directory template ensures that all Domino
features work properly. However, you may want to customize the
Domino Directory to suit the needs of your organization. If you
customize the Domino Directory template, you must follow specific rules
and procedures to get exactly the look you want without jeopardizing the
performance of the system and/or losing the customizations when you
upgrade to a new version of the default Domino Directory template.
To ensure that your customizations do not disable your system,
customize a copy of the default Domino Directory template. Then, if you
make a mistake, you can easily revert to the default Domino Directory
template.
You must use the Domino Designer or write a Notes API program to
customize the Domino Directory. For more information on writing Notes
API programs, see the Domino database Lotus C API Toolkit for
Notes/Domino 6 which is available at www.lotus.com/ldd.
Customizing the Domino Directory requires Designer or Manager access
in the ACL of the Domino Directory.

E-1

Rules for customizing the Domino Directory


To avoid rendering Domino inoperable, follow these rules when you
customize the Domino Directory.
For more information on designing views, fields, and forms, see
Application Development with Domino Designer.
Default hidden views
Do not change the hidden views that come with the Domino Directory.
Do not change view names, selection formulas, column formulas, or
column positions of these hidden views. Do not insert or delete columns
in the hidden views. A view name enclosed in parentheses ( ) indicates a
hidden view.
Default visible views
You can change any visible view that comes with the Domino Directory.
However, when you upgrade to a new version of the default Domino
Directory template, you must recreate or reapply your customizations.
New views
You can add new hidden views and new visible views. However, new
views might have an impact on the performance of both the Domino
Directory and the server.
Default fields
Do not change formulas, data types, multi-value settings, and keyword
choices for default directory fields. You can change the format of the
fields, including changing font, size, and color. You can relocate fields, as
long as fields that, by default, have a constraint for example, a field
that contains a formula that depends on a value in the field above it
maintain their relative placement. If you reformat or relocate default
directory fields, you must re-create your customizations when you
upgrade to a new version of the default Domino Directory template.
New fields
To add fields to a default form that comes with the Domino Directory,
create a subform that contains the new fields. If the default form has a
corresponding $xxxExtensibleSchema subform, insert the subform you
create into the $xxxExtensibleSchema subform. For example, to add
fields to the Person form, insert a new subform into the
$PersonExtensibleSchema subform. If you use an $xxxExtensibleSchema
subform and you later upgrade to a new version of the default Domino
Directory template, Domino preserves your customizations
automatically.

E-2 Administering the Domino System, Volume 2

You can also use an $xxxExtensibleSchema subform as part of defining a


new LDAP auxiliary object class in the LDAP schema.
Default forms
Do not change the names of the forms that come with the Domino
Directory. You can add aliases, which are duplicate names. An alias
appears in the Form Properties box to the right of the form name and is
preceded by a vertical bar. Its best to add a new alias rather than edit an
existing one. By doing so, programs that use the existing alias continue to
work properly. If you add or edit an alias, when you upgrade to a new
version of the default Domino Directory template, you must re-create
your customizations.
To hide a section of an existing form, select the section in the form,
choose Text - Text Properties, click the Hide tab (the fifth tab from the
left) and select appropriate hide options. If you later upgrade your
companys Domino Directory with a new version of the default Domino
Directory template, you must repeat this step. If you hide a section of an
existing form, select the form, choose Design - Design Properties, click
the Design tab, and make sure Prohibit design refresh or replace to
modify is selected.
New forms
You can create new forms. If you want documents created from the
forms to be LDAP-accessible, you must follow a specific procedure to
create the forms.
For more information, see the topic Using the Domino Directory to
extend the LDAP schema later in the chapter.
Database icon
You can change the icon.
New LDAP schema elements
To add schema elements to the Domino LDAP schema, you can create
forms and subforms in the Domino Directory. However, the
recommended way to extend the schema is to use the Domino LDAP
Schema database (SCHEMA.NSF). The Schema database provides an
easy-to-use interface for extending the schema, has built-in
Customizing the Domino Directory E-3

Reference

If a default form to which you want to add fields does not have a
corresponding $xxxExtensibleSchema subform, insert the subform you
create directly into the form. In this case, you must insert the subform
into the form again after you upgrade to a new version of the default
Domino Directory template. When you insert a new subform directly
into a default form, choose the Design property Prohibit design refresh
or replace to modify.

error-checking that ensures valid schema elements, simplifies the


creation of complex object class structures, and offers other advantages
as well.
The only reason to use the Domino Directory to extend the schema is if
Notes or Web users require access to entries associated with the new
schema elements through documents in the directory. If only LDAP
access to entries created from the new schema elements is required, use
the Domino LDAP Schema database to extend the schema.
For information on using the Domino Directory to extend the schema, see
the topic Using the Domino Directory to extend the schema later in this
chapter. For more information on the LDAP schema and on using the
Schema database to extend the schema, see the chapter Managing the
LDAP Schema.
To extend the LDAP schema using the Domino Directory, you can add a
new LDAP structural object class by creating a form and related
subforms, create a new LDAP auxiliary object class by creating a subform,
and define LDAP attributes for a new object class by creating fields.

Customizing the Domino Directory template


To customize the Domino Directory template, perform these procedures:
1. Create a copy of the Domino Directory template (PUBNAMES.NTF).
2. Review the rules for customizing the Domino Directory.
3. Customize a visible view.
4. Use the Domino Directory to extend the schema.
Note Using the Domino LDAP Schema database, rather than the
Domino Directory, is the recommended method for extending the
schema.
5. Apply customizations to the Domino Directory (NAMES.NSF).

Creating a copy of the Domino Directory template


Never customize the default Domino Directory template
(PUBNAMES.NTF). Instead, create a copy of the default Domino
Directory template and then customize the copy.
In the following steps, Acmes Domino Directory, ACMENAMES.NTF,
and StdAcmeDominoDirectory are used as the title, file name, and
template name, respectively, for the copy of the Domino Directory
E-4 Administering the Domino System, Volume 2

1. Choose File - Database - New.


2. Select a server to store the new template.
3. In the Title field, enter:
Acme's Domino Directory

4. In the File Name field, enter:


ACMENAMES.NTF

5. Click Template Server and select a server that stores the default
Domino Directory template (PUBNAMES.NTF).
6. Click Show advanced templates.
7. Choose Domino Directory (PUBNAMES.NTF) from the list of
templates.
8. Ensure that the Inherit future design changes field is checked.
Then when a new version of the default Domino Directory template
becomes available, ACMENAMES.NTF will inherit the design
changes.
9. Click OK. Acmes Domino Directory template is now open.
10. Choose File - Database - Properties, and then click the Design tab
(fourth tab from the left).
11. Choose Database file is a master template, and then in the
Template name field, enter the template name:
StdAcmeDominoDirectory

12. Close the Properties box.

Customizing a visible view in the Domino Directory


Depending on how extensive your changes to the view will be, you can
customize the view or a copy of the view. If your changes will be
minimal, customize the view. Then when you upgrade to a new version
of the default Domino Directory template, you must re-create the
customizations. If your changes will be extensive, customize a copy of
the view. Then when you upgrade to a new version of the Domino
Directory template, you need only to reapply the customizations.
These steps use ACMENAMES.NTF as the file name for the copy of the
Domino Directory template. Where ACMENAMES.NTF appears,
substitute the file name of the copy of the Domino Directory template
you created.
Customizing the Domino Directory E-5

Reference

template. Where Acme appears, substitute a name that relates to your


company.

For more information on designing views, see the book Application


Development with Domino Designer.
To make minimal changes directly to the view
1. Make sure that you are working in a copy of the default Domino
Directory template (ACMENAMES.NTF) and that you have
Designer or Manager access in the Domino Directory ACL.
2. From the Domino Designer, customize a visible view in
ACMENAMES.NTF.
3. Select the view, choose File - Document Properties, click the Design
tab (third tab from the left), then select Prohibit design refresh or
replace to modify.
4. Make any other directory customizations, and then complete the
procedure Applying template customizations to the Domino
Directory database.
To make extensive changes to a copy of the view
1. Make sure that you are working in a copy of the default Domino
Directory template (ACMENAMES.NTF) and that you have
Designer or Manager access in the Domino Directory ACL.
2. From the Domino Designer, make a copy of a view in
ACMENAMES.NTF.
3. Select the copy, choose File - Document Properties, click the Design
tab (third tab from the left), and then select Prohibit design refresh
or replace to modify.
4. Customize the copy of the view, and then give the copy of the view a
new title.
5. Open the original view, choose Design - View Properties, click the i
tab, and then deselect Show in View menu.
6. Save the view.
7. Select the original view, choose File - Document Properties, click the
Design tab, and then choose Prohibit design refresh or replace to
modify.
8. Make any other directory customizations, and then complete the
procedure Applying template customizations to the Domino
Directory database.

E-6 Administering the Domino System, Volume 2

To add schema elements to the Domino LDAP schema, you can create
forms and subforms in the Domino Directory, or you can use the Domino
LDAP Schema database (SCHEMA.NSF). Using the Schema database is
the preferred method for extending the schema. Use the Domino
Directory to extend the schema only if Notes or Web users require access
to the entries created from the new schema elements through documents
in the directory. If only LDAP access to entries defined by the new
schema elements is required, instead use the Domino LDAP Schema
database to extend the schema.
Note You must use a Lotus Domino Designer 6 client when using the
Domino Directory to extend the schema.
For more information on the LDAP schema as well as guidelines and
methods for extending the schema, see the chapter Managing the LDAP
Schema.
You can use the Domino Directory to:

Create a new LDAP structural object class

Configure a new LDAP structural object class to inherit

Create a new LDAP auxiliary object class

Define LDAP attributes for a new object class

To add attributes to an object class defined in the default schema, do not


add the attributes to the object class directly. Instead, do one of the
following:

Create an auxiliary object class to define the new attributes, and then
add the auxiliary object class to the default object class

Create a new structural object class with the new attributes, and then
configure the new object class to inherit from the default object class

Using the Domino Directory to enable LDAP-standard entries to be


visible as documents
The LDAP-standard schema elements defined in the default LDAP
schema through the LSCHEMA.LDIF file do not correlate to forms and
fields in the Domino Directory. For example, the object class
residentialPerson does not correlate to a form in the Domino Directory.
By default, you can use only LDAP operations to create and access
directory entries defined by these LDAP-standard schema elements.
If you want to display LDAP-standard entries such as these in
documents that are visible to Notes and Web users, you can follow the
same steps that describe how to use the Domino Directory to extend the
Customizing the Domino Directory E-7

Reference

Using the Domino Directory to extend the LDAP schema

schema. For example, to create a form to hold values for entries defined
by the residentialPerson object class, follow the steps described in the
procedure Using the Domino Directory to create a new LDAP structural
object class. In this case you are not using the form to define an object
class the object class is already defined in the LSCHEMA.LDIF file.
Instead youre using the form so that entries defined by the object class
are visible in documents. If you do this, make sure to define the schema
elements exactly as the Domino LDAP Schema database (SCHEMA.NSF)
shows them to be defined. Defining them differently can cause you to
define new schema elements, rather than simply allowing the default
schema elements to be visible in documents.

Using the Domino Directory to create a new LDAP structural object


class
You can add a form and associated subforms to the Domino Directory to
define a new LDAP structural object class in the LDAP schema and to
enable documents created from the form to be LDAP-accessible. The
preferred method for extending the schema is to use the Domino LDAP
Schema database, however. Use the Domino Directory to extend the
schema only if Notes or Web users require access to the new entries
defined by the schema elements through documents in the directory.
If you do not need documents created from a form to be LDAP-accessible
for example, you dont run the LDAP service in the domain and are
sure you wont in the future you can create a new form without
following these steps.
To add a new form to the Domino Directory to define an LDAP
structural object class:
1. Create a form for the structural object class.
2. Create and insert an associated $xxxInheritableSchema subform into
the form to define the attributes for the object class.
3. (Optional) Create and insert an associated $xxxExtensibleSchema
subform into the $xxxInheritableSchema subform to support adding
an auxiliary object class to the structural object class.
Note You must also create a view for displaying the object class entries
to Notes and Web users.

E-8 Administering the Domino System, Volume 2

Form:
acmePrinter
Subform:
$acmePrinterInheritableSchema
(Attributes a, b, c)

Subform:
$acmePrinterExtensibleSchema

Note Inserting a subform into an ExtensibleSchema subform or


inserting an ExtensibleSchema subform into an InheritableSchema
subform are the only instances in which nesting subforms that is,
inserting a subform within another subform is acceptable.
Creating a form to define a new LDAP structural object class
The procedures that describe how to using the Domino Directory to
create a new structural object class use the following:

ACMENAMES.NTF as the file name for the copy of the Domino


Directory template. Where ACMENAMES.NTF appears, substitute
the file name of the copy of the Domino Directory template you
created.

acmePrinter as the name of the new structural object class. Substitute


the name of the object class you are adding.

(LDAP country) form and the $countryInheritableSchema and


$countryExtensibleSchema subforms, which come with the Domino
Directory, as templates to use as a basis for creating the new form
and subforms.

The first step in using the Domino Directory to create a new LDAP
structural object class is creating a form as follows:
1. Make sure that you are working in a copy of the Domino Directory
template (ACMENAMES.NTF) and that you have at least Designer
or Manager access in the ACL.
2. From the Domino Designer, open ACMENAMES.NTF.
3. Do the following to copy the contents of the (LDAP country) form
into a new form:
Note Do not select the (LDAP country) form and use copy and paste
to copy it.
a. In the left pane, select Forms.
b. Open the (LDAP country) form, choose Edit - Select All, then
Edit - Copy.
c. Close the (LDAP country) form.
d. Click New Form, and choose choose Edit - Paste.
Customizing the Domino Directory E-9

Reference

For example, to create a new structural object class called acmePrinter:

4. With the new form open, delete the words LDAP Country at the top
of the new form, and replace them with a label describing the new
type of entry for example, Acme Printer:

5. Choose Design - Form Properties, and do the following:


Note Next to the Name property, enter xxx, where xxx is the name
of the new object class for example:
acmePrinter
Note You can use a backslash (\) in the name of the new form so
that the form name cascades from an item in the Notes Create menu.
If you use the backslash, add the right-most portion of the name as
an alias to the form name so that the object is correctly named in the
LDAP schema. For example, to cascade the acmePrinter form from
LDAP, name the form LDAP\acmePrinter | acmePrinter.
a. (Optional) Deselect the Display property Include in menu to
prevent Notes and Web users from creating documents from the
form. When a Notes or Web user creates a document, LDAP
users cant search the new documents until after the Indexer runs
to update the views.
b. Deselect the Options property Render pass through HTML in
Notes.
c. Leave the other properties the same, and close the Form
properties box.
6. On the Mandatory tab of the new form, select the Type field and in
the field formula in the pane below, change country to the name of
the new object class enclosed in quotation marks for example:
acmePrinter

E-10 Administering the Domino System, Volume 2

a. On the Mandatory tab, click the phrase Mandatory Attributes


to set focus on the $countryInheritableSchema subform.

b. Verify that the $countryInheritableSchema subform is selected in


the bottom pane.
c. Choose Edit - Delete to remove the $countryInheritableSchema
subform.
8. Close and save the new form.
9. Do the following:
a. In the left pane, select Forms.
b. Select the new form, and choose Design - Design Properties.
c. Click the third tab from the left, and select Prohibit design
refresh or replace to modify.
10. Complete the procedure Creating and inserting an
$xxxInheritableSchema subform.
Creating and inserting a $xxxInheritableSchema subform
After you create a form to define a new structural object class, create an
associated $xxxInheritableSchema subform and insert it into the form.
The $xxxInheritableSchema subform defines the attributes for the
structural object class.
1. Make sure that you are working in a copy of the Domino Directory
template (ACMENAMES.NTF) and that you have Designer or
Manager access in the ACL.
2. From the Domino Designer, open ACMENAMES.NTF.

Customizing the Domino Directory E-11

Reference

7. Do the following to remove the $countryInheritableSchema subform


from the new form:

3. Do the following to copy the contents of the


$countryInheritableSchema subform into a new subform:
Note Do not select the $countryInheritableSchema subform and use
copy and paste to copy it.
a. In the left pane, select Shared Code and then Subforms.
b. Open the $countryInheritableSchema subform, choose Edit Select All, then Edit - Copy.
c. Close the $countryInheritableSchema subform.
d. With Subforms still selected, click New Subform, and choose Edit
- Paste.
4. Do the following to specify the properties for the new subform:
a. With the new subform open, choose Design - Subform Properties.
b. Next to the Name property, enter the following:
$xxxInheritableSchema
Where xxx is the name of the new structural object class created
previously for example:
$acmePrinterInheritableSchema
Deselect the Options property Render pass through HTML in
Notes.
c. Leave the other properties the same, and close the Subform
Properties box.

5. On the Mandatory tab, do the following:


a. Delete the field OfficeCountry and its label. Do not delete the
$dspType field and label.
b. Choose Create - Field.

E-12 Administering the Domino System, Volume 2

d. Next to the Type property, select Names.

e. Close the Field box.


f. Select Input Validation in the Object pane, and enter the
following formula:
@V2If(FullName = ; @Failure(FullName is required);
@Success)
6. On the Optional tab, delete the searchGuide field and its label, and
optionally delete the comment field and its label.
7. Leave the Operational tab as is.
8. Define the mandatory and optional attributes for the new structural
object class in the new InheritableSchema subform.
For more information, see the topic Using the Domino Directory to
define an LDAP attribute for a new object class later in this chapter.
9. Do the following to remove the $countryExtensibleSchema subform
from the new InheritableSchema subform:
a. On the Extensible tab of the new InheritableSchema subform,
place the cursor the equivalent of one line down to select the
$countryExtensibleSchema subform.

b. Verify that the $countryExtensibleSchema subform is selected in


the bottom pane.
c. Choose Edit - Delete to remove the $countryExtensibleSchema
subform from the new InheritableSchema subform.
10. Save and close the new InheritableSchema subform.

Customizing the Domino Directory E-13

Reference

c. Next to the Name property, specify FullName.

11. Do the following to insert the new InheritableSchema subform into


the form created to define the structural object class:
a. From the Domino Designer, open ACMENAMES.NTF.
b. In the left pane, select Forms and open the form you created
previously for example, acmePrinter.
c. Position the cursor between the form name and the Type, Owner,
LocalAdmin, and DocumentAccess fields.

d. Choose Create - Resource - Insert Subform, select the


InheritableSchema subform you created for example
$acmePrinterInheritableSchema and click OK.
12. Save and close the form.
13. (Optional) Complete the procedure Creating and inserting an
$xxxExtensibleSchema subform.
Creating and inserting an $xxxExtensibleSchema subform
After you create and insert a $xxxInheritableSchema subform for
structural object class, create and insert a $xxxExtensibleSchema subform
into the $xxxInheritableSchema subform so that you can add an auxiliary
object class to the structural object class. If you do not want to add an
auxiliary object class to the new structural object class, do not complete
this procedure.
1. Make sure that you are working in a copy of the Domino Directory
template (ACMENAMES.NTF) and that you have Designer or
Manager access in the ACL.
2. From the Domino Designer, open ACMENAMES.NTF.
3. In the left pane, select Shared Code and then Subforms.
4. Click New Subform.

E-14 Administering the Domino System, Volume 2

a. With the new subform open, choose Design - Subform Properties.


b. Next to the Name property, enter the following:
$xxxExtensibleSchema
Where xxx is the name of the new structural object class created
previously for example:
$acmePrinterExtensibleSchema
c. Deselect the Options property Render pass through HTML in
Notes.

d. Leave the other properties the same, and close the Subform
Properties box.
e. Save and close the new ExtensibleSchema subform.
6. Do the following to insert the new ExtensibleSchema subform into
the InheritableSchema subform:
a. With Subforms still selected, open the InheritableSchema
subform you created previously, for example
$acmePrinterInheritableSchema.
b. On the Extensible tab choose Create - Resource - Insert Subform.
c. Select the ExtensibleSchema subform you created for example
$acmePrinterExtensibleSchema
d. Click OK.
7. Save and close the InheritableSchema subform.
8. Complete the procedure Using the Domino Directory to create an
LDAP auxiliary object class.

Customizing the Domino Directory E-15

Reference

5. Do the following to specify the properties for the new subform:

Configuring a new LDAP structural object class to inherit


To specify that a new structural object class defined using the Domino
Directory inherit from another structural object class defined in the
directory, insert the $xxxInheritableSchema subform for the superior
object class into the $xxxInheritableSchema subform of the subordinate
object class. For example, you can create the structural object class
acmeLaserPrinter that inherits attributes from the structural object class
acmePrinter:
Form:
acmeLaserPrinter
Subform:
$acmeLaserPrinterInheritableSchema
(Attributes a, b, c)

Subform:
$acmePrinterInheritableSchema
(Attributes d, e, f)

You can also configure a new structural object class to inherit from a
default object class in the schema that is defined by a form.
1. Make sure that you are working in a copy of the Domino Directory
template (ACMENAMES.NTF) and that you have Designer or
Manager access in the ACL.
2. From the Domino Designer, open ACMENAMES.NTF.
3. In the left pane, select Shared Code and then Subforms.
4. Open the $xxxInheritableSchema subform for the subordinate object
class. For example, if you want the acmeLaserPrinter object class to
inherit from the acmePrinter object class, open the
$acmeLaserPrinterInheritableSchema subform.
5. Click the Inheritable tab, and do the following:
a. Choose Create - Resource - Insert Subform.
b. Select the InheritableSchema subform for the superior object
class. For example, select the $acmePrinterInheritableSchema
subform if you want the acmeLaserPrinter object class to inherit
from the acmePrinter object class.
c. Click OK.
6. Save and close the InheritableSchema subform for the subordinate
object class.

E-16 Administering the Domino System, Volume 2

Use an auxiliary object class to add one set of attributes to multiple


structural object classes. To use the Domino Directory to create an LDAP
auxiliary object class, create a subform to define the auxiliary object class,
and then insert the subform into the $xxxExtensibleSchema subform of
each structural object class to which you want to add the auxiliary object
class.The superior object class for an auxiliary object class you add is
Top.
For example, to create the auxiliary object class building and add it to the
structural object class acmePrinter do the following:
Form:
acmePrinter
Subform:
$acmePrinterInheritableSchema
(Attributes a, b, c)
Subform:
$acmePrinterExtensibleSchema
Subform:
building
(Attributes x, y, z)

The preferred method for extending the LDAP schema is to use the
Domino LDAP Schema database. Use the Domino Directory to extend
the schema only if Notes or Web users require access to the new schema
elements through documents in the directory.
Creating a subform to define an auxiliary object class
1. Make sure that you are working in a copy of the Domino Directory
template (ACMENAMES.NTF) and that you have Designer or
Manager access in the ACL.
2. From the Domino Designer, open ACMENAMES.NTF.
3. In the left pane, select Shared Code and then Subforms.
4. Click New Subform.
5. Do the following to specify the properties for the new subform:
a. With the new subform open, choose Design - Subform Properties.
b. Next to the Name property, enter a name for the auxiliary object
class for example, building.
c. Keep the Options property Include in Insert Subform... dialog
selected.
d. Deselect the Options property Render pass through HTML in
Notes.

Customizing the Domino Directory E-17

Reference

Using the Domino Directory to create an LDAP auxiliary object class

e. Leave the other properties the same, and close the Subform
Properties box.
f. Save and close the new subform.
6. Do the following to add a field to define the auxiliary object class:
a. Choose Create - Field.
b. Next to Name on the Basics tab of the Field dialog box, specify
any name, but precede the name with a dollar sign ($) to indicate
that the field is an operational field for example: $building.
c. Next to Text on the Basics tab of the Field dialog box, select
Computed when composed.

d. Specify the formula for the field in the pane below as follows:
FIELD $objectclass := $objectclass : subform;1
Where subform is the name of the subform you specified in step 5
for example:
FIELD $objectclass := $objectclass : building;1

E-18 Administering the Domino System, Volume 2

7. Complete the procedure Using the Domino Directory to define an


LDAP attribute for a new object class to add the attributes to the
new auxiliary object class.
8. Save the new subform.
9. Do the following:
a. In the left pane, select Shared Code and then Subforms.
b. Select the new subform, and choose Design - Design Properties.
c. Click the third tab from the left, and select Prohibit design
refresh or replace to modify.
Adding the new auxiliary object class to a structural object class
After you create subform to define a new auxiliary object class, complete
this procedure to add the auxiliary object class to a structural object class.
You can add the auxiliary object class to a new structural object class you
have created, or a default structural object class.
1. From ACMENAMES.NTF, open a $xxxExtensibleSchema subform or
a form, as described in the following table:
To add the auxiliary object class to

Open this subform or form

dominoPerson

$PersonExtensibleSchema

dominoGroup

$GroupExtensibleSchema

dominoOrganization,
dominoOrganizationalUnit, and
dominoInternetCertifier

$CertifierExtensibleSchema

dominoServerResource

$ResourceExtensibleSchema

locality

$LocalityExtensibleSchema

organization

$organizationExtensibleSchema

organizationalUnit

$organizationUnitExtensibleSchema

a structural object class defined in the The form used to define the object
default schema that doesnt have a
class
corresponding $xxxExtensibleSchema
subform
a structural object class you defined
in the Domino Directory

$xxxExtensibleSchema
Where xxx is the name of the new
structural object class

Customizing the Domino Directory E-19

Reference

You must enclose the subforn name in quotations marks ( ).

2. Choose Create - Resource - Insert Subform.


3. Select the subform you created for the auxiliary object class for
example, building.
4. Click OK.
5. Close and save the subform or form you opened in step 1.
6. Complete the procedure Applying template customizations to the
Domino Directory database.

Using the Domino Directory to define an LDAP attribute for a new


object class
The preferred method for extending the LDAP schema is to use the
Domino LDAP Schema database. Use the Domino Directory to extend
the schema only if Notes or Web users require access to the new schema
elements through documents in the directory.
To define an attribute for a new object class you have added to the
Domino Directory, add a field to the appropriate subform.
Note Do not add the fields ListName or ServerName.
1. From the Domino Adminstrator or Notes client, choose the name for
the attribute, then do the following to determine whether the
attribute is already being used:
a. Open the Domino LDAP Schema database (SCHEMA.NSF) on a
server that runs the LDAP service.
b. Select the All Schema Documents - LDAP Attribute Types view.
c. Do a full-text search for the name of the attribute you plan to
define for the object class.
d. Do one of the following:
If the search returns a document whose LDAP name field
contains the name of the attribute for which you searched, use
the corresponding value in the Notes mapping field in the
Attribute document as the name of the new field.
If the search does not return a document whose LDAP name
field contains the name of the attribute for which you
searched, use the name of the attribute for which you
searched.
2. Make sure that you are working in a copy of the Domino Directory
template (ACMENAMES.NTF) and that you have Designer or
Manager access in the ACL.
3. From the Domino Designer, open ACMENAMES.NTF.

E-20 Administering the Domino System, Volume 2

To define an attribute for a new auxiliary object class, open the


subform for the auxiliary object class for example, the subform
named building.
To define an attribute for a new structural object class, open the
$xxxInheritableSchema subform for the object class for
example, the subform $acmePrinterInheritableSchema and then
select the Mandatory tab if the attribute will be required, or select
the Optional tab if the attribute will not be required.
5. Choose Create - Field, and do the following:
a. Next to the Name property, give the field a name as described in
Step 1.
b. Next to the Type property, choose one of the following data
types, and keep Editable selected:
Choose this Domino data type

For this LDAP attribute syntax

Text

Directory string

Date/Time

Generalized time

Number

Integer

Names

Distinguished name

6. (Optional) Do the following to require that all entries include a value


for this attribute:
a. Select the field.
b. Select Input Validation in the Objects pane at the bottom of the
subform.
c. Enter the following input validation formula:
@V2If(fieldname = ; @Failure(fieldname is required); @Success)
Where fieldname is the name you gave the new field.
For example, if you add the field shoesize and you want to
require that all entries include values for the field, enter this
formula:
@V2If(shoesize = ; @Failure(shoesize is required); @Success)

7. Close and save the subform.


Customizing the Domino Directory E-21

Reference

4. Do one of the following:

Applying template customizations to the Domino Directory database


After you customize a copy of the Domino Directory template, you must
complete this procedure to apply the design changes to the Domino
Directory database, which is usually (NAMES.NSF).
These steps use Acmes Domino Directory and ACMENAMES.NTF as
the title and file name for the copy of the Domino Directory template
used to customize the directory. Where Acme appears, substitute the
names associated with the copy of the Domino Directory template you
created.
1. Make sure you have Designer or Manager access to the Domino
Directory database, which usually has the file name NAMES.NSF.
2. Open the Domino Directory database (NAMES.NSF).
3. Choose File - Database - Replace Design.
4. Click Template Server, and select the server that stores Acmes
Domino Directory (ACMENAMES.NTF) template.
5. Click Show advanced templates to display Acmes Domino
Directory template in the templates box.
6. Select Acmes Domino Directory in the templates box.
7. Verify that the Inherit future design changes field is selected, and
then click Replace.

Upgrading to a new Domino Directory template


When a new version of the Domino Directory template
(PUBNAMES.NTF) becomes available, youll want to use it so that you
can take advantage of new Domino features. Complete this procedure to
preserve your customizations when you upgrade your customized copy
of the Domino Directory template to a new version of the template.
These steps use ACMENAMES.NTF as the file name for the copy of the
Domino Directory template. Where ACMENAMES.NTF appears,
substitute the file name of the copy of the Domino Directory template
you created.
1. For each visible view in ACMENAMES.NTF that came with the
Domino Directory and that you customized, from the Domino
Designer choose File - Document Properties, click the Design tab
(third tab from the left) and deselect Prohibit design refresh or
replace to modify. Deselecting the option ensures that the views

E-22 Administering the Domino System, Volume 2

Repeat Step 1 for each form that came with the Domino Directory
and in which you hid sections.
2. Open ACMENAMES.NTF, choose File - Database - Refresh design,
select a server that has a new version of the default Domino
Directory template (PUBNAMES.NTF), and click OK.
3. If you created subforms to customize forms, re-insert the subforms
into the appropriate forms in ACMENAMES.NTF. If you customized
built-in subforms for Person, Group, or Server\Certifier forms, you
do not need to complete this step.
4. To hide a section of one of the forms that comes with the Domino
Directory, do the following in ACMENAMES.NTF:
a. Select the section in the form, choose Text - Text Properties, click
the Hide tab (the fifth tab from the left), select hide options, and
then save the form. LDAP ignores any hide selections.
b. Choose File - Document Properties, click the Design tab, and then
select Prohibit design refresh or replace to modify.
5. For each view in ACMENAMES.NTF that came with the Domino
Directory and that you customized, choose File - Document
Properties, click the Design tab, and then select Prohibit design
refresh or replace to modify.
6. If you previously customized a visible view that came with the
Domino Directory, in ACMENAMES.NTF do one of the following to
restore the customizations:
If you made changes directly to the view, re-create the changes.
If you made changes to a copy of the view, open the original view,
choose Design - View Properties, click the i tab, deselect Show in
View menu, then save the original view. Then, select the original
view, choose File - Document Properties, click the Design tab, and
choose Prohibit design refresh or replace to modify.

Customizing the Domino Directory E-23

Reference

receive all design changes from the new version of the Domino
Directory template.

Reference

Appendix F
Administration Process Requests
This appendix contains administration requests with the detailed
processes that occur for each request, flowcharts for several
administration requests, as well as timing and scheduling information for
administration requests.

Administration process requests


An administration request is created by the administrator performing an
action; it represents an administration task and is run by the server task
AdminP (Administration Process). When an administration request is
generated, it appears in the Administration Requests database.
Note The Administration Process carries out Immediate requests
within a minute after they appear in the Administration Requests
database rather than according to a scheduling field.
For more information on the Administration Process, see the chapter
Setting Up the Administration Process.

Administration Process Requests - One Domain


Add Internet Certificate
Add resource
Add servers to a cluster
Approve persons name change request
Change HTTP password in Domino Directory
Change user password in Domino Directory
Copy server public key
Create hosted organization storage
Create IMAP delegation requests
Create mail files during setup
Create Mail-in database
F-1

Create replica
Create a Roaming User
Delegate mail file
Delegate mail file on administration server
Delegate Web mail file
Delete database
Delete group in Domino Directory
Delete hosted organization
Delete person in Domino Directory
Delete Policy in Domino Directory
Delete resource
Delete roaming user
Delete server name in Domino Directory
Downgrade user from Roaming to Non-Roaming user
Find name in domain
Maintain Trends database record
Modify CA Configuration in the Domino Directory
Modify ID recovery information in Domino Directory
Modify resource
Modify user information stored in the Domino Directory
Move database from a cluster server
Move database from a non-cluster server
Move a mail file from one server to another
Move roaming user to another server
Place servers Notes build number into Server record
Recertify Certificate Authority in Domino Directory
Recertify servers
Recertify users
Register hosted organization
Remove servers from cluster
F-2 Administering the Domino System, Volume 2

Reference

Rename group
Rename person
Rename person - name change refused
Request to create ISpy database
Retract database
Set Directory Assistance field
Set directory filename
Set password fields
Set user name and enable schedule agent
Set Web admin fields
Set Web user name and enable scheduled agent
Sign database with servers ID file
Store CA Policy Information in the Domino Directory
Store certificate in Domino or LDAP Directory
Store Certificate Revocation List in Domino or LDAP Directory
Store directory type in Server record
Store servers CPU count
Store servers DNS host name
Update client information in Person Record
Update external domain information
Update domain catalog configuration
Update license tracking information in Domino Directory
Update roaming user information in Person record
Update non-roaming user to roaming user
Update server protocol information
Upgrade server to hierarchical
Web set Soft Deletion Expire Time

Administration Process Requests F-3

Administration Process Requests - Time-based execution


The following requests are generated when moving databases or creating
database replicas as part of a recommended resource balancing plan as
determined by IBM Tivoli Analyzer for Lotus Domino.
Check access for new replica creation
Check access for move replica creation
Check mail servers access
Check access for non-cluster move replica

Administration Process Requests - Multiple Domains


Create Replica
Delete Server
Delete person
Rename person from flat to hierarchical
Rename server from flat to hierarchical

Add Internet Certificate to Person Record


The Add Internet Certificate to Person Record administration request is
generated when you add an Internet certificate to a users Person
document. From the Domino Administrator, open the Domino Directory
and select the user(s) whose Person documents you want to add Internet
Certificates to. Choose Action - Add Internet Certificate. The request is
generated after you select the certifier or keyring file during the
procedure. This request is not generated if you choose to use CA Process.
Triggered by: Initiating the process to add an Internet Certificate to
the Person document for one or more users.
Carried out on: The administration server of the Domino Directory
copies the Certificate into the User Certification field of the Person
document.
Carried out: According to the Interval setting for the
Administration Process in the Server document.
Result: Places the persons Internet certificate in the Domino
Directory so that encrypted mail may be sent to that user. Places the
persons Internet certificate in the User ID file so that the user can
send signed mail.

F-4 Administering the Domino System, Volume 2

You can add a resource, that is a room or reservation, to the Resource


Reservations database via the Domino Administrator.
Triggered by: The Resource administrator performing a New
Resource action in the Resource Reservations database.
Carried out on: The administration server for the Domino Directory.
Carried out: Immediately
Result: Creates a mail-in database record for the resource.

Adding servers to a cluster


Triggered by: From the servers view, click Add to Cluster or select
that option from the Actions menu.
Carried out on: The administration server for the Domino Directory.
Carried out: According to the Interval setting in the
Administration Process section of the Server document. If you choose
to initiate this command immediately, the Administration Process is
not used to perform the action.
Result: If the cluster did not already exist, the new cluster is created
and the server is added to it. If the cluster already exists, the server is
added to the cluster.

Approve persons name change request


Triggered by: A Notes client user requesting a name change in the
User Security panel on the Notes client. The Notes user enters
information pertinent to the name change, and clicks a Send button
to send the request to the administrator. This approval request is
posted.
Carried out on: The administration server for the Domino Directory.
Carried out: When you approve or reject this request in the
Administration Request database.
Result: If the administrator approves the request, an e-mail with the
users new name is sent to the user. The Person document is
updated. If the administrator rejects the request, a message is sent to
user and the Person document is not updated.
Note If the user has selected the Ask your approval before accepting
name change on the Notes name changes dialog box in the Notes client
interface, the user is notified of this name change and can approve or
reject it. Name changes are typically rejected by users only if the user
name is misspelled. If the user does reject the proposed name change, an

Administration Process Requests F-5

Reference

Add Resource

Approve refused name change is posted in the Administration


Requests database.
For more information on processing name change refusals, see the topic
Rename person - name change refused later in this appendix.

Change HTTP password in Domino Directory


Lotus Notes users can change their HTTP password if the administrator
has set the Allow users to change HTTP passwords via the Internet
field to Yes on the Basics tab of the Security Settings document. If the
value in that field is No, the user is not able to change the HTTP
password. The user has the ability to change the HTTP Internet password
during authentication when attempting to access a Notes database via a
Web browser. The Change HTTP password in Domino Directory is
also generated when an Internet password is synchronized with a Notes
password.
Triggered by: A user initiating an action to change their Internet
password via the Internet or a Notes password is synchronized with
the Internet password.
Carried out on: Administration server for the Domino Directory.
Carried out: Immediately
Result: The password is updated in the users Person document.

Change user password in Domino Directory


Triggered by: Person changing their password when prompted
during authentication.
Carried out on: The administration server for the Domino Directory.
Carried out: Immediately
Result: Creates a password digest. Populates the Last change date
field and updates the Password digest with the encrypted
password digest for the password in the users Person document.

Copying server public key


Triggered by: The server recognizing that the Public Key field in the
Server document is empty or out of date.
Carried out on: The administration server for the Domino Directory.
Carried out: According to the Interval setting in the
Administration Process section of the Server document.
Result: The public key of the server ID is copied to the Public Key
field of the Server document.

F-6 Administering the Domino System, Volume 2

The Create IMAP delegation requests administration request is


generated from an IMAP client when a user sets delegation preferences
for their mail file. This is done from the users desktop by clicking Tools Preferences and then selecting mail delegation settings on the Delegation
- Mail Delegation tab.
Triggered by: A user setting mail delegation preferences on their
IMAP client.
Carried out on: Server on which the users mail file resides.
Carried out: Immediately
Result: Modifies the ACL for the mail file on the server for that
database.

Create mail files during setup


Triggered by: Choosing to create a mail file via the Administration
Process during registration.
Carried out on: Home mail server.
Carried out: Immediately
Result: Creates the mail file on the home mail server.

Create Mail-in database


Triggered by: Entering the load runjava ISpy command for the
first time.
Carried out on: The administration server for the Domino Directory.
Carried out: Immediately
Result: Creates a mail-in database record in the Domino Directory
for the ISpy database.
Note In previous releases, this request was named Request to create
ISPY database.

Administration Process Requests F-7

Reference

Create IMAP delegation requests

Create replica
You can create a database replica using the Administration Process by
selecting a database and then choosing Database - Create Replica from
the tools pane in the Domino Administrator.
Check access
Triggered by: Initiating the command from the Domino
Administrator.
Carried out on: The server that contains the database being
replicated.
Carried out: Immediately
Result: The Administration Process on the source server checks that
the user submitting the request and the destination server have at
least Reader access in the ACL of the database. If the user and
destination server have the necessary access and if a Connection
document between the source and destination server exists, the
Administration Process generates a Create replica request in the
Administration Requests database of the source server.
Create replica
To populate the replica, the user submitting the request and the source
server must have Create Replica access to the destination server.
Triggered by: Successful completion of the Check Access
administration request.
Carried out on: The destination server for the database.
Carried out: Immediately
Result: A new replica of the database is placed on the destination
server. The database is populated during the next replication.

F-8 Administering the Domino System, Volume 2

You create a roaming user during the user registration process. During
the user registration process for a roaming user, the administration
process generates the administration request Create a Roaming Users
Roaming Files three times in order to create the following three files:

journal.nsf

bookmark.nsf

names.nsf

Create a Roaming Users Roaming Files


Triggered by: Clicking the Advanced check box on the Basics panel
of the registration user interface, and then selecting the Roaming
User check box on the same panel. (The Roaming User check box is
not displayed until you select the Advanced check box on the Basics
panel of the registration user interface.)
Carried out on: Either the users mail server or the server you
designate as a roaming server in the User Registration user interface.
If you selected Put roaming user files on mal server, the files are
placed on the mail server. If that option is not selected, the files are
placed on the designated registration server. The default location is a
subdirectory beneath the directory path Domino/Data/Mail. The
subdirectory is named with up to the first eight characters of the
users last name. For example, Domino/Data/Mail/<username.nsf>.
Carried out: Immediately
Result: Creates the roaming users files for the user that you are
registering.
Create Mail file
Triggered by: Choosing to create a mail file during the
Administration Process during registration.
Carried out on: Users home mail server.
Carried out: Immediately.
Result: Creates the mail file on the users home mail server.

Delegate mail file


Triggered by: A mail file owner, with Editor access to another mail
files Access Control List, setting new mail preferences.
Carried out on: The administration server of the users mail file.
Carried out: Immediately

Administration Process Requests F-9

Reference

Create a Roaming User

Result: Modifies the ACL for the mail file on the server for that
database. New mail preferences are set by the user on the users mail
file.

Delegate mail file on administration server


Triggered by: A user initiating the action to delegate mail file access
from the Notes client, the Delegate mail file request is then sent to
the users home server, which is not the administration server for the
mail database.
Carried out on: The administration server for the mail database.
Carried out: Immediately
Result: The Delegate mail file on administration server request is
generated to redirect the Delegate mail file request to the correct
administration server for the users mail database.

Delegate Web mail file


Triggered by: The user delegating access to their mail file to one or
more other users. Web mail delegation is defined via the users Web
browser, by choosing Tools- Preferences - Delegation and then
delegating mail file access.
Carried out on: The users home mail server.
Carried out: Immediately
Result: Updates the users mail file ACL to include the updated
delegation information.

Delete Database
You can delete (retract) a database and, optionally, delete all replicas of
the database. From the Domino Administrator, choose Files and select
the database you are deleting, and then choose Files - Delete. You are
prompted to verify that you do want to delete the selected file(s) and
presented with a check box in which to indicate whether you want to
delete all replicas. Click the check box to delete all replicas of those
databases.

Get Replica Information for Deletion


Purpose: The application supported by the database is now obsolete
and all replicas of the database can be removed.
Triggered by: From the Domino Administrator, choosing the File
tab, selecting the database you are deleting, and then choose Files Delete. Or, choose the database on the bookmarks or workspace and
choose Database - Delete.
F-10 Administering the Domino System, Volume 2

Carried out: Immediately


Result: AdminP reads the database ACL to verify that the request
signer is the database Manager. If so, generates an Approve Replica
Deletion request for the server administrator to accept or reject. If
the signer is not a database administrator, an Event is logged.

Approve Replica Deletion


Triggered by: Successful completion of the Get Replica Information
for Deletion request.
Carried out on: Any server.
Carried out: According to the administrators discretion.
Result: Posts the Request Replica Deletion request.

Request Replica Deletion


Triggered by: The administrators approval of the Approve Replica
Deletion request.
Carried out on: The administration server for the Domino Directory.
Carried out: According to the Interval setting in the
Administration Process section of the Server document.
Result: Posts the Delete Replica request.

Delete Replica
Triggered by: Completion of the Request Replica Deletion request.
Carried out on: Server on which the database exists.
Carried out: According to the Interval setting in the
Administration Process section of the Server document.
Result: The replica is deleted.

Delete group in Domino Directory


You can delete a group name using the Administration Process by
initiating a Delete Group action from the Domino Directory or the
Domino Administrator. The following flowchart shows the sequence of
Administration Process requests that occur when you do this. (Boxes
indicate requests.) The timing shown for each request is the default,
which you can customize through the Server Tasks - Administration
Process tab on the Server document.

Administration Process Requests F-11

Reference

Carried out on: All servers in the domain.

Choose "Actions: Delete Group"


in the Domino Directory

Yes

Delete
from Domino Directory
immediately?

Delete in
Address Book

Delete in
Access Control List

1 Hour

1 Hour

Delete in
Reader/Author
Fields
Weekly

No

Delete in
Access Control
List
1 Hour

Delete in
Person
Documents
Daily
Delete in
Reader/Author
Fields
Weekly

Delete group in Domino Directory


Triggered by: Choosing Actions - Delete Group in the Domino
Directory (or clicking Delete Group) and selecting to delay the
deletion of the group name from the Domino Directory.
Carried out on: The administration server for the Domino Directory.
Carried out: According to the Interval setting for the
Administration Process in the Server document.
Result: The Administration Process removes the name from the
Domino Directory except from Person documents.
Delete in Person documents
Triggered by: Completion of a Delete Group in Domino Directory
request.
Carried out on: The administration server for the Domino Directory.
Carried out: According to the Execute once a day requests at
setting for the Administration Process in the Server document.
Result: The Administration Process removes the group name from
Person documents in the Domino Directory.

F-12 Administering the Domino System, Volume 2

Carried out on: Each server in the domain.


Carried out: According to the Interval setting for the
Administration Process in the Server document.
Result: Each server in the domain deletes the name from the ACLs of
databases for which it is an administration server.
Delete in Reader / Author Fields
Triggered by: Completion of a Delete in Access Control List
request on the administration server for the Domino Directory (if you
chose to immediately delete occurrences of the name from the
Domino Directory) or completion of the Delete in Person
Documents request (if you chose to delay deletion of the name from
the Domino Directory).
Carried out on: Each server in the domain.
Carried out: According to the Delayed Request settings for the
Administration Process in the Server document.
Result: Each server in the domain deletes the name from
Reader/Author fields of databases for which it is an administration
server and that have the advanced ACL option Modify all
Reader/Author fields selected.
Timing for deleting a group
Request

Timing

Delete group in Domino Directory

Interval

Delete in Person Documents

Execute once a day requests at

Delete in Access Control List

Interval

Delete in Reader/Author Fields

Start executing on
Start executing at

Administration Process Requests F-13

Reference

Delete in Access Control List


Triggered by: Choosing to immediately delete all occurrences of the
group name from the Domino Directory when initiating the Delete
action or the completion of a Delete Group in Domino Directory
request (if you chose to delay deletion of the name from the Domino
Directory).

Delete hosted organization


You can delete a hosted organization with the Administration Process by
choosing Hosted Organization - Delete from the Configuration tab in the
Domino Administrator.
Delete hosted organization
Note The Delete hosted organization request is generated only if you
select Administration Process as your Processing Type in step 4 of the
procedure to delete a hosted organization.
Triggered by: From the Configuration tab, choosing Hosted
Organization - Delete, and selecting a hosted organization.
Carried out on: Administration server for the Domino Directory.
Carried out: According to the Interval setting for the
Administration Process in the Server document.
Result: Deletes all references to the hosted organization in the
Domino Directory and posts the Get hosted organization storage
information for deletion request.
Get hosted organization storage information for deletion
Note The Get hosted organization storage information for deletion is
the first administration request generated when you select a Processing
Type of Immediate in step 4 of the delete hosted organization procedure.
Prior to the request being generated, the Domino Administrator (client)
deletes all references to the hosted organization in the Domino Directory.
Triggered by: When AdminP is the Processing Type, this request is
triggered by successful processing of the Delete hosted
organization request. If Immediate is the Processing Type, this
request is triggered by performing the action to delete a hosted
organization.
Carried out on: All servers in the domain.
Carried out: According to the Interval setting for the
Administration Process in the Server document.
Result: Each server checks to see if the hosted organization has
storage on the server. Creates the Approve Deletion of Hosted
Organization Storage for itself.

F-14 Administering the Domino System, Volume 2

Carried out on: Administration server for the Domino Directory.


Carried out: When you open the request and choose Approve
hosted organization storage deletion.
Result: Posts the Delete hosted organization storage request.
Delete hosted organization storage
Triggered by: Successful processing of the Approve deletion of
hosted organization storage request.
Carried out on: The xSP server.
Carried out: According to the Interval setting in the
Administration Process section of the Server document.
Result: Deletes all file systems belonging to the hosted organization.

Delete person in Domino Directory


You can delete a persons name with the Administration Process by
initiating a Delete Person action in Notes from the Domino Directory,
Domino Administrator, Web Administrator, or by using the Windows
NT User Manager. The following flowchart shows the sequence of
Administration Process requests that occur when you do this. (Boxes
indicate requests.) The time chart shown at the end of this section
contains the default timing information for each request. You can
customize timing through the Server Tasks - Administration Process tab
on the Server document.

Administration Process Requests F-15

Reference

Approve deletion of hosted organization storage


Triggered by: Successful completion of the Get hosted organization
storage information for deletion request.

Choose "Actions: Delete Person"


(or click "Delete Person") in the
Domino Directory

Delete
from Domino Directory
immediately?

Yes

No

Delete in
Address Book

Delete in
Access Control List

1 Hour

1 Hour

No

Delete in
Reader/Author
Fields

Delete
mail file?

Weekly

Yes

Delete in
Person
Documents

Delete in
Access Control
List
1 Hour

Daily

End

Delete
mail file?
Yes

Get Information
for Replica
Deletion?

Yes

Delete
replicas

Delete
mailfile, person
record, and all
replicas?

No

Yes
End

Delete in
Reader/Author
Fields
Get Information for
Deletion
Immediately

No

End

Weekly, Daily,
or Combination
Approve Deletion
of Private Design
Elements

Approve File
Deletion
Upon Administrator Approval

Request to Delete
Private Design
Elements

Request File
Deletion
Immediately
Delete Mail File

Delete Private
Design Elements

1 Hour

Yes

Does mail
file use
shared mail?

No

Delete Unlinked
Mail File
2 Weeks

No

Delete
replicas of
mail file?

Yes

End

Delete person in Domino Directory


Triggered by: Choosing Actions - Delete Person in the Domino
Directory (or clicking Delete Person) and choosing to delay deletion
of the name from the Domino Directory. You can also trigger this
action by choosing Delete Person when viewing a Person document
with the Web Administrator.
Carried out on: The administration server for the Domino Directory.
Carried out: According to the Interval setting for the
Administration Process in the Server document.

F-16 Administering the Domino System, Volume 2

Delete in Person documents


Triggered by: Completion of a Delete in Domino Directory
request.
Carried out on: The administration server for the Domino Directory.
Carried out: According to the Execute once a day requests at
setting for the Administration Process in the Server document.
Result: The Administration Process removes the name from other
peoples Person documents in the Domino Directory.
Delete in Access Control List
Triggered by: Choosing to immediately delete all occurrences of the
name from the Domino Directory when initiating the Delete action or
the completion of a Delete in Domino Directory request (if you
chose to delay deletion of the name from the Domino Directory).
Carried out on: Each server in the domain.
Carried out: According to the Interval setting for the
Administration Process in the Server document.
Result: Each server in the domain deletes the name from the ACLs of
databases for which it is an administration server.
Delete in Reader / Author Fields
Triggered by: Completion of a Delete in Access Control List
request on the administration server for the Domino Directory (if you
chose to immediately delete occurrences of the name from the
Domino Directory) or completion of a Delete in Person documents
request (if you chose to delay deletion of the name from the Domino
Directory).
Carried out on: Each server in the domain.
Carried out: According to the Delayed Request settings for the
Administration Process in the Server document.
Result: Each server in the domain deletes the name from
Reader/Author fields of databases for which it is an administration
server and that have the advanced ACL option Modify all
Reader/Author fields selected. The server scans the databases for
shared agents signed by the deleted person and for Private Design
Elements (folders, views, agents) signed by the deleted person.
Administration Process Requests F-17

Reference

Result: The Administration Process removes the name from the


Domino Directory, except from other peoples Person documents,
and posts the Delete in Person documents request. If you have
created a termination group and set up the administration process
to add deleted users to that group, the name is added to the
Terminations group.

Shared agents found are reported in the requests Response


document. If Private Design Elements are found an Approve
deletion of Private Design Elements administration request is
posted.
Get file information for deletion
Triggered by: Completion of the Delete in Access Control List
request on the administration server for the Domino Directory (if you
chose to immediately delete all occurrences of the name) or
completion of the Delete in Domino Directory request (if you chose
to delay deleting the name from the Domino Directory). You must
also have specified to delete the mail file in which you chose to delete
the person.
Carried out on: The deleted persons home server.
Carried out: Immediately
Result: The persons home server creates an Approve file deletion
request which provides information about the mail file. This appears
in the Pending Administrator Approval view of the Administration
Requests database.
Approve file deletion
Triggered by: Completion of the Get file information for deletion
request.
Carried out on: The server on which you approve the request.
Carried out: When you manually approve or reject the request.
Result: If you approve the request, the Administration Process
creates a Request file deletion request.
Request file deletion
Triggered by: Approving the Approve file deletion request.
Carried out on: The administration server for the Domino Directory.
Carried out: Immediately
Result: Posts a Delete mail file request.
Delete mail file
Triggered by: Completion of a Request file deletion request.
Carried out on: The deleted persons home server.
Carried out: According to the Interval setting for the
Administration Process in the Server document.
Result: The Administration Process verifies that the administrator
who approved the deletion has at least Author with Delete
documents access to the Domino Directory. Then, if the mail file
F-18 Administering the Domino System, Volume 2

Delete unlinked mail file


Triggered by: Completion of a Delete mail file request for a mail
file that uses shared mail.
Carried out on: The deleted persons home server.
Carried out: According to the Interval between purging mail file
and deleting when using object store setting for the Administration
Process in the Server document.
Result: The Administration Process deletes the mail file after waiting
a period of time. This delay provides time for the Object Collect task
to purge any obsolete messages.
Approve deletion of Private Design Elements
Triggered by: Completion of a Delete in Readers/Authors field
request and locating Private Design Elements signed by the deleted
person in databases on that server.
Carried out on: Any server in the domain.
Carried out: According to the administrators discretion.
Result: The deletion is approved and the Request to delete Private
Design Elements administration request is posted.
Request to delete Private Design Elements
Triggered by: The administrators approval of the Approve
deletion of Private Design Elements administration request.
Carried out on: The administration server for the Domino Directory.
Carried out: Immediately
Result: Posts the Delete Private Design Elements administration
request.
Delete Private Design Elements
Triggered by: Completion of the Request to delete Private Design
Elements administration request.
Carried out on: The server containing the database with the Private
Design Elements.
Carried out: According to the Interval setting in the
Administration Process section of the Server document.
Result: Private Design Elements signed by the deleted person are
removed from the databases.
Administration Process Requests F-19

Reference

doesnt use shared mail, the Administration Process deletes the file.
If the file does use shared mail, then the Administration Process
purges the links to the shared mail database, disables replication,
and creates a Delete unlinked mail file request.

Note If the person requesting the delete action chose to delete all
replicas of a mail file, then a Get File Information for Deletion request
is created and processed by all servers in the domain. This request is
posted after completion of the Delete mail file request or the Delete
unlinked mail file request. For each replica of the mail file found on
servers in the domain, the Approve file deletion, Request file
deletion, and Delete mail file request sequence occurs again.
Timing for deleting user names
Request

Timing

Delete person in Domino


Directory

Interval

Delete in Person Documents

Execute once a day requests at

Delete in Access Control List

Interval

Delete in Reader/Author Fields

Start executing on
Start executing at

Get File Information for Deletion Immediate


Approve File Deletion

Requires administrator approval in


Administration Requests database

Request File Deletion

Immediate

Delete Mail File

Interval

Delete Unlinked Mail File

Interval between purging and deleting mail


file when using shared mail

Approve deletion of Private


Design Elements

Required administrators approval.

Request to delete Private Design Immediate


Elements
Delete Private Design Elements

Interval

Delete policy record in Domino Directory


You can delete an explicit policy using the Administration Process by
performing a Delete Policy action from the Domino Administrator. From
the People & Groups tab, click Policies, select the explicit policy you are
deleting and click Delete Policy.
Triggered by: Initiating an action to delete an explicit policy from the
Domino Administrator.
Carried out on: The administration server for the Domino Directory.

F-20 Administering the Domino System, Volume 2

Result: Removes all references to the explicit policy form all users
Person documents.

Delete resource
Approve resource delete
Triggered by: Performing a Delete Resource action in the Resource
Reservations database.
Carried out on: Any server.
Carried out: According to administrators approval.
Result: If you approve the request, the administration process
creates a Remove Resource administration request.
Delete resource
Triggered by: Approval of the Approve resource delete request.
Carried out on: The administration server of the Domino Directory.
Carried out: Immediately
Result: Removes the mail-in database resource for the Resource from
the Domino Directory.

Delete Roaming User


You can delete a roaming user in the Domino Administrator just as you
would delete any user name. When you delete a roaming user, the
following administration requests are generated:
Delete Person in Domino Directory
Triggered by: Choosing actions - Delete Person in the Domino
Directory (or clicking Delete Person) and choosing to delay deletion
of the name from the Domino Directory. You can also trigger this
action by choosing Delete Person when viewing a Person document
with the Web Administrator.
Carried out on: The administration server for the Domino Directory.
Carried out: According to the Interval setting for the
administration Process in the Server document.
Result: The Administration Process removes the name from the
Domino Directory, except from other peoples Person documents,
and posts the Delete in Person documents request. If you have
created a termination group and set up the administration process
to add deleted users to that group, the name is added to the
Terminations group.
Administration Process Requests F-21

Reference

Carried out: According to the Execute once a day requests at


setting for the Administration Process in the Server document.

Delete in Person Documents


Triggered by: Completion of a Delete Person in Domino Directory
request.
Carried out on: The administration server for the Domino Directory.
Carried out: According to the Execute once a day requests at
setting for the Administration Process in the Domino Directory.
Result: The Administration Process removes the name from other
peoples Person documents in the Domino Directory.
Delete in Access Control Lists
Triggered by: Choosing to immediately delete all occurrences of the
name from the Domino Directory when initiating the Delete action or
the completion of a Delete in Address Book request (if you chose to
delay deletion of the name from the Domino Directory).
Carried out on: Each server in the domain.
Carried out: According to the Interval setting for the
administration process in the Server document.
Result: Each server in the domain deletes the name from the ACLs of
databases for which it is an administration server.
Delete in Reader/Author fields
Triggered by: Completion of a Delete in Access Control Lists
request on the administration server for the Domino Directory (if you
chose to immediately delete occurrences of the name from the
Domino Directory) or completion of a Delete in Person documents
request (if you chose to delay deletion of the name from the Domino
Directory.
Carried out on: All servers in the domain.
Carried out: According to the Delayed Request settings for the
Administration Process in the Server document. (Hourglass icon
displays.)
Result: Each server in the domain deletes the name from
Reader/Author fields of databases for which it is an administration
server and that have the advanced ACL option Modify all
Reader/Author fields selected. The server scans the databases for
shared agents signed by the deleted person and for Private Design
Elements (folders, views, agents) signed by the deleted person.
Shared agents found are reported in the requests Response
document. If Private Design Elements are found an Approve
deletion of Private Design Elements administration request is
posted.

F-22 Administering the Domino System, Volume 2

Triggered by: Completion of the Delete in Access Control List


request on the administration server for the Domino Directory (if you
chose to immediately delete all occurrences of the name) or
completion of the Delete in Domino Directory request (if you chose
to delay deleting the name from the Domino Directory). You must
also have specified to delete the mail file in which you chose to delete
the person. You must have selected the option to delete the persons
mail file.
Carried out on: The users mail server.
Carried out: According to the Interval setting in the
Administration Process section of the Server document.
Result: An Approve Mail File Deletion request is generated and
appears on the Pending Administrator Approval view of the
Administration Requests database.
Get Replica Information for Deletion
This is generated three times, once for each of these files: Journal.nsf,
bookmark.nsf, and names.nsf.
Triggered by: This request is generated upon completion of the
Delete in Access Control List administration request (if you chose
to immediately delete all occurrences of the name) or completion of
the Delete in Domino Directory request (if you chose to delay
deleting the name from the Domino Directory).
Carried out on: Server specified as the roaming server, that is, the
server on which the roaming files are stored.
Carried out: Immediately
Result: An Approve File Deletion request is generated and
appears on the Pending Administrator Approval view of the
Administration Requests database.
Approve Mail File Deletion
This is generated once.
Triggered by: Completion of the Get Mail File for Deletion request.
Carried out on: The users home server.
Carried out: When you manually approve or reject this request.
Result: If you approve the request, the Administration Process
creates a Request Mail File Deletion request.

Administration Process Requests F-23

Reference

Get Mail File Information for Deletion


This is generated once, to begin the deletion of the users mail file.

Approve Replica Deletion


This is generated three times.
Triggered by: Completion of the Get Replica Information for
Deletion request.
Carried out on: Server specified as the roaming server, that is, the
server on which the roaming files are stored.
Carried out: When you manually approve or reject this request.
Result: If you approve the request, the Administration Process
creates a Request Replica Deletion request.
Request Mail File Deletion
Triggered by: Approving the Approve Mail File Deletion request.
Carried out on: The users home server.
Carried out: Immediately
Result: Posts a Delete Mail File request.
Request Replica Deletion
This request is generated three times, once for each of these files:
names.nsf, journal.nsf, and bookmark.nsf.
Triggered by: Approving the Approve Replica Deletion request.
Carried out on: The administration server for the Domino Directory.
Carried out: Immediately
Result: Posts a Delete Replica request.
Delete Mail File
Triggered by: Completion of the Request Mail File Deletion
request.
Carried out on: The users home mail server.
Carried out: According to the Interval setting for the
Administration Process in the Server document.
Result: The Administration Process verifies that the administrator
who approved the deletion has at least Author with Delete
documents access to the Domino Directory. Then, if the mail file
doesnt use shared mail, the Administration Process deletes the file.
If the file does use shared mail, then the Administration Process
purges the links to the shared mail database, disables replication,
and creates a Delete unlinked mail file request.

F-24 Administering the Domino System, Volume 2

Triggered by: Completion of the Request Replica Deletion request.


Carried out on: Server specified as the roaming server, that is, the
server on which the roaming files are stored.
Carried out: According to the Interval setting for the
Administration Process in the Server document.
Result: The Administration Process verifies that the administrator
who approved the deletion has at least Author with Delete
documents access to the Domino Directory. The Administration
Process deletes the file.
If the user has created Private Design Elements, the Approve Deletion
of Private Design Elements, Request to Delete Private Design
Elements, and Delete Private Design Elements requests are generated
and processed.
For more information on how the Private Design Elements requests are
processed, see the topic Delete person in Domino Directory in this
chapter.
The administration requests that locate and delete replicas are repeated
until all replicas of roaming user files are deleted. These requests are the
Get Replica Information for Deletion, Approve Replica for Deletion,
Request Replica Deletion and Delete Replica requests.

Delete server name in Domino Directory


You can delete a server name using the Administration Process by
performing a Delete Server action in the Domino Directory or from the
Domino Administrator. The following flowchart shows the sequence of
Administration Process requests that occur when you do this. (Boxes
indicate requests.) The timing shown for each request is the default,
which you can customize through the Server Tasks - Administration
Process tab on the Server document.
Note The Administration Process automatically deletes mail-in
database documents and Cross-certificate documents during the Delete
Server process.

Administration Process Requests F-25

Reference

Delete Replica
This request is generated three times, once for each of these files:
names.nsf, journal.nsf, and bookmark.nsf.

Choose "Actions: Delete Server"


in the Domino Directory

Yes

Delete
from Domino Directory
immediately?

Delete in
Address Book

Delete in
Access Control List

1 Hour

1 Hour

Delete in
Reader/Author
Fields
Weekly

No

Delete in
Access Control
List
1 Hour

Delete in
Person
Documents
Daily
Delete in
Reader/Author
Fields
Weekly

Delete server in Address Books


Triggered by: Choosing Actions - Delete Server or clicking Delete
Server in the Domino Administrator and choosing to delay the
deletion of the name from the Domino Directory.
Carried out on: The administration server for the Domino Directory.
Carried out: According to the Interval setting for the
Administration Process in the Server document.
Result: The Administration Process removes the name from the
Domino Directory except from Person documents.
Delete in Person documents
Triggered by: Completion of a Delete in Domino Directory
request.
Carried out on: The administration server for the Domino Directory.
Carried out: According to the Execute once a day requests at
setting for the Administration Process in the Server document.
Result: The Administration Process removes the name from Person
documents in the Domino Directory.

F-26 Administering the Domino System, Volume 2

Carried out on: Each server in the domain.


Carried out: According to the Interval setting for the
Administration Process in the Server document.
Result: Each server in the domain deletes the name from the ACLs of
databases for which it is an administration server. Checks to
determine whether a catalog file exists for the enterprise. If so, it
generates a Delete server from Domino catalog administration
request.
Delete server from Domino catalog
The Delete server from Domino catalog request is generated only
when a catalog file exists for the enterprise.
Triggered by: The existence of a catalog file for the enterprise.
Carried out on: The server that contains the catalog database.
Carried out: According to the Interval setting for the
Administration Process in the Server document.
Result: Removes server information from the domain catalog on the
catalog server. The domain catalog is used for domain searching. The
catalog server is the first server in the Local Domain Catalog Servers
group.
Delete in Reader / Author Fields
Triggered by: Completion of a Delete in Access Control List
request on the administration server for the Domino Directory (if you
chose to immediately delete occurrences of the name from the
Domino Directory) or completion of the Delete in Person
Documents request (if you chose to delay deletion of the name from
the Domino Directory).
Carried out on: Each server in the domain.
Carried out: According to the Delayed Request settings for the
Administration Process in the Server document.
Result: Each server in the domain deletes the name from the
Reader/Author fields of databases for which it is an administration
server and that have the advanced ACL option Modify all
Reader/Author fields selected.

Administration Process Requests F-27

Reference

Delete in Access Control List


Triggered by: Choosing to immediately delete all occurrences of the
name from the Domino Directory when initiating the Delete action,
or the completion of a Delete in Domino Directory request (if you
chose to delay deletion of the name from the Domino Directory).

Timing for deleting server names


Request

Timing

Delete server in Domino Directory

Interval

Delete in Person Documents

Execute once a day requests at

Delete in Access Control List

Interval

Delete in Reader/Author Fields

Start executing on
Start executing at

Downgrade user from roaming to non-roaming user


You can use the Domino Administrator to downgrade a user from
roaming to nonroaming. The User can roam field displays No, and the
roaming files are removed from the roaming server. From the Domino
Administrator choose People & Groups - People. Select the name of the
user you are downgrading and click Tools - People - Roaming.
Remove Roaming Users Roaming Files
Triggered by: Selecting a roaming user and then choosing Tools People - Roaming to downgrade the user to nonroaming via the
Domino Administrator.
Carried out on: The server on which the roaming user files are
stored, that is, the roaming server.
Carried out: Immediately.
Result: Initiates the Get Replica Information for deletion request.
Get Replica Information for deletion
This request is generated a total of three times, one time each for
journal.nsf, bookmark.nsf, and names.nsf.
Triggered by: Successful completion of the administration request
Remove roaming users roaming files.
Carried out on: All servers in the domain.
Carried out: Immediately.
Result: Searches the domain and locates any existing replica(s) of the
users roaming file(s). Posts an Approve replica deletion request
for each roaming file, journal.nsf, names.nsf, and bookmark.nsf.

F-28 Administering the Domino System, Volume 2

Triggered by: Successful completion of the Get replica information


for deletion administration request.
Carried out on: Administration server for the Domino Directory.
Carried out: When you manually approve the replica deletion
request.
Result: The roaming file replicas are deleted. The User can roam in
the Person document is set to No.
Delete replica
Triggered by: Successful processing of the Approve Replica
Deletion request.
Carried out on: The server on which the roaming files are stored.
Carried out: According to the Interval setting in the
Administration Process section of the Server document.
Result: Deletes all replicas of the users roaming files.

Find name in domain


You can locate user names and group names in a domain.
To locate user names or group names, from the Domino Administrator,
choose People & Groups and select the user name(s) or group name(s)
you want to locate. To locate user names, choose - Tools - People - Find
User(s). To locate group name(s) choose Tools - Groups - Find Group(s).
Triggered by: Initiating a Find User(s) or Find Group(s) action from
the Domino Administrator.
Carried out on: All servers in the domain.
Carried out: Immediately.
Result: The administration log document contains fields identifying
the following:
Occurrences of the user name(s) or group name(s) in Domino
Directory documents
Occurrences of the user name(s) or group name(s) in Policy
documents
Occurrences of the user name(s) or group name(s) in database
ACLs

Administration Process Requests F-29

Reference

Approve Replica Deletion


This request is generated a total of three times, one time each for
journal.nsf, bookmark.nsf, and names.nsf.

Maintain Trends Database Record


The Maintain trends database record request is executed as part of a
mail file or database move action initiated due to resource balancing
initiated by IBM Tivoli Analyzer for Lotus Domino.
This request is generated only when the database move is initiated while
the Tivoli Analyzer is enabled.
If you use the Tivoli Analyzer to generate a resource balancing plan,
Domino Change Control completely manages the migration of databases
from one server to another, once the plan is executed.
For more information on this request, see these topics:

Move database from a non-cluster server

Move database from a cluster server

Move a mail file from one server to another

For more information on the Tivoli Analyzer, see the chapter Using IBM
Tivolio Analyzer for Lotus Domino.

Modify CA Configuration in Domino Directory


Triggered by: Creating a new Domino server-based CA from the
Domino Administrator, creating an Internet Certificate, or by
modifying an existing CA Configuration.
Carried out on: All servers in the domain.
Carried out: Immediately
Result: Adds a Certifier Configuration document for the new CA or
updates the existing Certifier Configuration document in the Domino
Directory.

Modify ID recovery information in Domino Directory


Triggered by: Updating the ID recovery information in the certifier
ID file in the Domino Directory by adding recovery information or
by deleting it. To add, modify, or delete recovery information from
the Domino Directory, click the Configuration tab, click Certification
- Edit Recovery Information.
Carried out on: Administration server for the Domino Directory
Carried out: Immediately
Result: The recovery information in the certifier ID file in the
Domino Directory is updated.

F-30 Administering the Domino System, Volume 2

Modify room/resource in directory


Triggered by: The resource manager performing an Edit Resource
action in the Resource Reservation database.
Carried out on: The administration server for the Domino Directory.
Carried out: According to the Interval setting in the
Administration Process section of the Server document.
Result: Modifies descriptive information about the resource in its
mail-in database record in the Domino Directory.

Modify User information stored in the Domino Directory


Triggered by: User making a change to mail encryption preferences
on the User Security panel - Mail tab.
Carried out on: Administration server for the Domino Directory.
Carried out: Immediately
Result: The When receiving unencrypted mail, encrypt before
storing in your mail file field on the Basic tab of the Person
document is updated.

Move a mail file from one server to another


You can use the Administration Process to move a persons mail file from
one server in your domain to another by performing a Move Mail File
action in the Domino Directory or the Domino Administrator.
Note For service providers: An additional administration request is
generated in a hosted environment. The Verify hosted organization
storage request is generated after either the Check mail servers
access request or the Promote new mail servers access request.
The Maintain trends database record request is executed as part of a
mail file move initiated due to resource balancing initiated by IBM Tivoli
Analyzer for Lotus Domino. This request is generated only when the
database move is initiated while the Tivoli Analyzer is enabled. If you
are not using the Tivoli Analyzer, you will not see this request.
Check mail servers access
Triggered by: The administrator performing a Move Mail File action
from the Domino Administrator or the Domino Directory.
Carried out on: Home server for the mail file as designated in the
Person document.
Carried out: Immediately

Administration Process Requests F-31

Reference

Modify resource

Result: Checks for a Connection document between the old and new
mail file servers, and sets up the ACLs so that the old and new
servers have Manager access. If it is the administration server of the
mail file, posts the Create new mail replica request. If it is not the
administration server for the mail file, posts a Promote new mail
servers access administration request.
Verify hosted organization storage
Triggered by: Successful completion of the Check mail servers
access request or the Promote new mail servers access request.
Carried out on: Destination server.
Carried out: Immediately
Result: Verifies whether the destination server hosts the hosted
organization to which the user belongs. Generated the Create new
mail replica request.
Promote new mail servers access
Triggered by: Execution of a Check mail servers access
administration request. The home server is not the administration
server of the mail file.
Carried out on: The administration server of the mail file.
Carried out: Immediately
Result: Set up the ACLs so that the old and new mail servers are
listed as having Manager access. Posts a Create new mail file
replica administration request.
Create new mail file replica
Triggered by: Successful processing of the Check mail servers
access administration request.
Carried out on: Home server for the mail file as designated in the
Person document.
Carried out: Immediately
Result: Creates a replica copy of the old mail file on the new mail
server. If Tivoli Analyzer is not running on the source server, posts
the Add new mail file fields request. If Tivoli Analyzer is running
on the source servers, posts the Maintain Trends database record
request on the source server.

F-32 Administering the Domino System, Volume 2

Triggered by: The presence of an agent on the source server that


must be signed by the destination server after the database is moved
and can run on the destination server.
Carried out on: The destination server.
Carried out: Immediately
Result: If all access checks succeed, the agent is signed by the
destination server and can be run according to normal processing.
Maintain Trends database record
Triggered by: Initiating the mail file move action as a result of
resource balancing recommendations generated by the Tivoli
Analyzer and successful completion of the Create new mail file
replica administration request.
Carried out on: The source server for the mail file being moved.
Carried out: Immediately
Result: Copies the database record from the source server to the
destination server. If appropriate, it retires the database record on
the source server.
Add new mail file fields
Triggered by: Completion of the Create new mail replica
administration request.
Carried out on: The administration server for the Domino Directory.
Carried out: Immediately
Result: Posts the Monitor new mail file fields administration
request. Creates two fields, New mail file and New mail server
in the Person document.
Monitor new mail file fields
Triggered by: Completion of the Add new mail file fields
administration request.
Carried out on: The new mail file server.
Carried out: When the router recognizes the new mail server for the
mail file.
Result: Verifies that New fields are added to the Person document
on the new mail server and that the router can route the mail to the
server. Posts the Replace mail file fields administration request.
Administration Process Requests F-33

Reference

Change the server on which the agent runs


This request is generated only when there is an agent of the source server
that needs to be signed by the destination server prior to running the
agent.

Replace mail file fields


Triggered by: Completion of the Monitor new mail file fields
request.
Carried out on: The administration server for the Domino Directory.
Carried out: Immediately
Result: New mail server information is added to fields. Removes
New fields from the Person document. Places Old Mail File and
Old Mail Server fields in the Person document. The server sets a
flag in the Person document to update the client.
Note The user must now access their home server through the desktop
so that the Notes Dialup Connection and Location documents in the
Personal Domino Directory are updated with the new mail file and new
mail server information. After the Personal Domino Directory is updated,
Notes creates a Push changes to new mail server request, which
initiates the mail file delete sequence on the old mail server. If the user
accesses the home server exclusively through the Replicator, the Personal
Domino Directory is not updated and the Push changes to new mail
server request is not created.
Push changes to new mail server
Triggered by: Client authenticating with the home server after a
Replace mail file fields request is completed.
Carried out on: The home mail server.
Carried out: Immediately
Result: Pushes the last set of changes and mail to the new mail file.
Posts the Get file Information for Deletion request.
Get file information for deletion
Triggered by: Completion of the Push changes to new mail server
administration request.
Carried out on: The old mail server.
Carried out: According to the Interval setting in the
Administration Process section of the Server document.
Result: Gathers the replica ID of the mail file and posts the Approve
file deletion administration request.
Approve file deletion
Triggered by: Successful completion of the Get file information for
deletion administration request.
Carried out on: Any server.
Carried out: According to the administrators discretion.
Result: Posts the Request file deletion administration request.
F-34 Administering the Domino System, Volume 2

Carried out on: The administration server for the Domino Directory.
Carried out: According to the Interval setting in the
Administration Process section of the Server document.
Result: Posts the Delete mail file administration request.
Delete mail file
Triggered by: Completion of the Request file deletion
administration request.
Carried out on: The original home mail server.
Carried out: According to the Interval setting in the
Administration Process section of the Server document.
Result: The old mail file is deleted from the original home mail
server.
Delete unlinked mail file
Triggered by: Completion of the Delete mail file request for a mail
file that uses shared mail.
Carried out on: The home mail server.
Carried out: According to the Interval between purging mail file
and deleting when using object store setting for the Administration
Process in the Server document.
Result: The Administration Process deletes the mail file after waiting
a period of time. This delay provides time for the Object Collect task
to purge any obsolete messages.
Delete obsolete change request
Triggered by: Expiration of the period in which the clients personal
Domino Directory will be modified with the new mail servers
information. You can use the Mail file Names expired after field in
the Administration Process section of the home servers Server
document to change the expiration period.
Carried out on: The administration server for the Domino Directory.
Carried out: According to the Execute once a day requests at
setting for the Administration Process in the Server document.
Result: New mail client update flag field is removed from the Person
document.

Administration Process Requests F-35

Reference

Request file deletion


Triggered by: The administrators approval of the Approve file
deletion request.

Timing for moving a mail file from one server to another


Request

Timing

Check mail servers access

Immediate

Promote new mail servers access Immediate


Create new mail replica

Immediate

Add new mail file fields

Immediate

Monitor new mail file fields

When the router recognizes the new mail


server for the mail file

Replace mail file fields

Immediate

Push changes to new mail server

Immediate

Get file information for deletion

Interval

Approve file deletion

Administrators discretion

Request file deletion

Interval

Delete mail file

Interval

Delete unlinked mail file

Interval

Delete obsolete change request

Daily

Move database from a cluster server


You can use the Administration Process to move a database from a
cluster server to another server by choosing Database - Move from the
tools pane. This request creates a replica of the original database on
another server.
Move a Database Inside a
Cluster Using Move Tools
from the Tools Pane

Check Access for


Move Replica Creation
Immediately
Move Replica
Immediately
Monitor Replica Stub
1 Hour
Delete Original Replica
After Move
1 Hour

F-36 Administering the Domino System, Volume 2

Check access for move replica creation


Triggered by: Choosing Database - Move from the tools pane.
Carried out on: The source server.
Carried out: Immediately
Result: The Administration Process checks that the administrator
initiating the request has Manager with Delete documents access
to the database being moved and that the destination server has
Reader access to the database being moved.
Move replica
Triggered by: Completion of the Check Access for move replica
creation request.
Carried out on: The destination server (the server to which the
database is being moved).
Carried out: Immediately
Result: The Administration Process checks that the administrator
and the source server have Create Replica access to the destination
server. If so, the Administration Process creates a replica. The replica
is populated with documents the first time any server with the
complete replica replicates with the destination server. If Tivoli
Analyzer is running on the source server, posts the administration
request Maintain Trends database record. If Tivoli Analyzer is not
running on the source server, posts the administration request
Monitor replica stub.
Change the server on which the agent runs
This request is generated only when there is an agent on the source
server that needs to be signed by the destination server prior to running
the agent.
Triggered by: The presence of an agent on the source server that
must be signed by the destination server after the database is moved
and can run on the destination server.
Carried out on: The destination server.
Carried out: Immediately
Result: If all access checks succeed, the agent is signed by the
destination server and can be run according to normal processing.
Administration Process Requests F-37

Reference

Note The Maintain Trends database record request is executed as


part of a database move initiated due to resource balancing initiated by
IBM Tivoli Analyzer for Lotus Domino. This request is generated only
when the database move is initiated while the Tivoli Analyzer is enabled.
If you are not using the Tivoli Analyzer, you will not see this request.

Maintain Trends database record


Triggered by: Initiating the database move action as a result of
resource balancing recommendations generated by the Tivoli
Analyzer and successful completion of the Move replica
administration request.
Carried out on: The source server for the database being moved.
Carried out: Immediately
Result: Copies the database record from the source server to the
destination server. If appropriate, it retires the database record on
the source server.
Monitor replica stub
Triggered by: Creation of the replica on the destination server.
Carried out on: The destination server.
Carried out: According to the Interval setting for the
Administration Process in the Server document.
Result: The Administration Process monitors the replica. When it
detects that the replica is initialized (another server has begun
replicating to it), it posts a Delete original replica after move
request.
Delete original replica after move
Triggered by: Completion of the Monitor replica stub request.
Carried out on: The source server.
Carried out: According to the Interval setting for the
Administration Process in the Server document.
Result: The Administration Process marks the original database for
deletion. The Cluster Database Directory Manager on the source
server then monitors the database for usage. When all user
connections to the database have closed, the Cluster Database
Directory Manager pushes changes to another replica in the cluster
and deletes the database.
Timing for move database from a cluster server
Request

Timing

Check access for move replica creation

Immediate

Move replica

Immediate

Monitor replica stub

Interval

Delete original replica after move

Interval

F-38 Administering the Domino System, Volume 2

You can use the Administration Process to move a database from a


non-cluster server to another server by choosing Database - Move from
the tools pane. This request creates a replica of the original database on
another server, then creates a request requiring administrators approval
to delete the database from the source server.
Note The Maintain Trends database record request is executed as
part of a database move initiated due to resource balancing initiated by
IBM Tivoli Analyzer for Lotus Domino. This request is generated only
when the database move is initiated while the Tivoli Analyzer is enabled.
If you are not using the Tivoli Analyzer, you will not see this request.
Move a Database from a
Non-Cluster Server Using
Database-Move from the Tools
Pane
Check Access for
Non-Cluster Move
Replica Creation
Immediately

Non-Cluster
Move Replica
Immediately

Approve Deletion
of Moved Replica

Request to Delete
Non-Cluster
Move Replica

Delete Non-Cluster
Move Replica

Check access for non-cluster move replica


Triggered by: Executing the non-cluster move command.
Carried out on: The source server for the database.
Carried out: Immediately
Result: The Administration Process on the source server checks that
the user submitting the request is the Manager of the Domino
Directory and that the destination server has Reader access in the
ACL of the database. Posts a Non-cluster Move Replica request.
Administration Process Requests F-39

Reference

Move database from a non-cluster server

Non-cluster move replica


Triggered by: Completion of the Check access for non-cluster move
replica request.
Carried out on: Source server for the database.
Carried out: Immediately
Result: Creates a replica of the original database on the destination
server. If Tivoli Analyzer is not running on this source server, posts
the Approve deletion of moved replica request. If Tivoli Analyzer
is running on this source server, posts the administration request
Maintain Trends database record.
Update replica settings
Triggered by: The administrator creating a new replica by
replicating the source database to the destination database, where
the database quota is not replicated to the destination database.
Carried out on: Destination server.
Carried out: Immediately
Result: Establishes updated replica settings on the new replica, the
database quota field is reset to the same database quota as the source.
Change the server on which the agent runs
This request is generated only when there is an agent on the source server
that needs to be signed by the destination server prior to running the agent.
Triggered by: The presence of an agent on the source server that
must be signed by the destination server after the database is moved
and can run on the destination server.
Carried out on: The destination server.
Carried out: Immediately
Result: If all access checks succeed, the agent is signed by the
destination server and can be run according to normal processing.
Maintain Trends database record
Triggered by: Initiating the database move action as a result of
resource balancing recommendations generated by the Tivoli
Analyzer and successful completion of the Non-cluster move
replica administration request.
Carried out on: The source server for the database being moved.
Carried out: Immediately
Result: Copies the database record from the source server to the
destination server. If appropriate, it retires the database record on
the source server.
F-40 Administering the Domino System, Volume 2

Carried out on: The Pending Administrator Approval View of the


Administration Requests database, on any server. The deletion
occurs on the source server.
Carried out: According to the administrators discretion.
Result: Posts a Request to delete non-cluster move replica request.
Request to delete non-cluster move replica
Triggered by: Completion of the Approve deletion of moved
replica request by the administrators approval.
Carried out on: The administration server for the Domino Database.
Carried out: According to the Interval setting in the
Administration Process section of the Server document.
Result: Posts a Delete non-cluster move replica request.
Delete non-cluster move replica
Triggered by: Completion of the Request to delete non-cluster
move replica request.
Carried out on: Source server for the original database.
Carried out: According to the Interval setting in the
Administration Process section of the Server document.
Result: Makes one last push replication of the source database to the
destination server and deletes the original database from the source
server.
Timing for move database from a non-cluster server
Request

Timing

Check access for non-cluster move


replica

Immediate

Non-cluster move replica

Immediate

Approve deletion of moved replica

According to administrators discretion

Request to delete non-cluster move


replica

Interval

Delete non-cluster move replica

Interval

Administration Process Requests F-41

Reference

Approve deletion of moved replica


Triggered by: Completion of the Non-cluster move replica request.

Move roaming user


You can use the Domino Administrator to move a roaming users files
from one server to another server. While performing the procedure to
move a roaming users roaming files (journal.nsf, bookmark.nsf,
names.nsf), you have the option to move the users mail file as well.
Moving the users mail files, in addition to their roaming files, creates
additional administration requests. The administration requests for
moving roaming files are listed here under the heading Move roaming
files administration requests, and the administration requests for
moving mails files are listed here under Move mail files administration
requests.
To move a roaming users files, from the Domino Administrator choose
People & Groups, People - Tools - Move.
If the destination server to which you are moving the roaming user files
is not in the Local domain, the Promote new roaming servers access
request is generated as the second request in the series. Otherwise, the
Promote New Roaming Servers Access is not generated.

Move roaming files administration requests


Check Roaming Servers Access
Triggered by: Initiating a Move user action from the Domino
Administrator.
Carried out on: The server on which the users roaming files reside.
Carried out: Immediately
Result: Checks for a Connection document between the old and new
roaming servers and sets up the ACLs so that the old and new
roaming servers have Manager access.
Promote New Roaming Servers Access
This administration request is generated if the server to which you are
moving the users files does not have access to the roaming files.
Triggered by: Execution of a Check Roaming Servers Access
administration request, and a lack of access to the roaming files by
the destination server.
Carried out on: The administration server of the Domino Directory.
Carried out: Immediately.
Result: Sets up the ACLs to give the old and new roaming servers
Manager access. Posts a Create Roaming Users replica
administration request. Changes the administration server of the
roaming files to the destination roaming server.
F-42 Administering the Domino System, Volume 2

Triggered by: Successful processing of the Check Roaming Servers


Access administration request.
Carried out on: Users roaming server.
Carried out: Immediately
Result: Pushes the three databases to the new replicas on the
destination server. Posts the Monitor roaming servers field in
Person record request.
Monitor Roaming Servers Field in Person Record
Triggered by: Successful completion of the Create roaming users
replicas request.
Carried out on: Destination server to which the roaming user files
are being moved.
Carried out: Immediately
Result: Recognizes the update to the Person record and posts the
Replace roaming servers field in Person record request.
Replace Roaming Servers Field in Person Record
Triggered by: Successful completion of the Monitor roaming
servers field in Person record request.
Carried out on: Administration server for the Domino Directory
only.
Carried out: Immediately
Result: New roaming server information is added to the Roaming
Server field on the Basics tab of the Person document.
Push Changes to New Roaming Server
This request is generated three times, once each for journal.nsf,
bookmark.nsf, and names.nsf.
Triggered by: The client recognizes that a new roaming server is in
place and the Replicator page has been updated with the new
roaming server.
Carried out on: The original roaming server.
Carried out: Immediately
Result: Pushes the last set of changes to the new Roaming Server.
Initiates the Get Replica Information for Deletion administration
request.
Administration Process Requests F-43

Reference

Create Roaming Users Replicas


This request is generated one time. It creates three replicas, one for
journal.nsf, one for bookmark.nsf, and one for names.nsf.

Get Replica Information for Deletion


Triggered by: Completion of the Push changes to new roaming
server request.
Carried out on: The original roaming server.
Carried out: According to the Interval setting in the
Administration Process section of the Server document.
Result: Gathers the replica ID of each of the roaming files and posts
the Approve replica deletion administration request.
Approve Replica Deletion
This request is generated three times, once each for journal.nsf,
bookmark.nsf, and names.nsf.
Triggered by: Successful completion of the Get replica for deletion
administration request.
Carried out on: Any server.
Carried out: According to the administrators discretion, that is,
when the administrator approves the deletion.
Result: Posts the Request replica deletion administration request.
Request Replica Deletion
This request is generated three times, once each for journal.nsf,
bookmark.nsf, and names.nsf.
Triggered by: Administrators approval of the Approve replica
deletion administration request.
Carried out on: The administration server of the Domino Directory.
Carried out: According to the Interval setting in the
Administration Process section of the Server document.
Result: Posts the Delete replica administration request.
Delete Replica
This request is generated three times, once each for journal.nsf,
bookmark.nsf, and names.nsf.
Triggered by: Successful completion of the Request replica
deletion administration request.
Carried out on: Deletes the replicas on the old roaming server.
Carried out: According to the Interval setting in the
Administration Process section of the Server document.
Result: The replicas are deleted from the old roaming server.

F-44 Administering the Domino System, Volume 2

Check mail servers access


Triggered by: Initiating an action to move roaming files and mail file.
Carried out on: Home server for the mail file as designated in the
Person document.
Carried out: Immediately
Result: Checks for a Connection document between the old and new
mail file servers, and sets up the ACL to provide the old and new
mail servers with Manager access. Posts the Create new mail file
replica request.
Create new mail file replica
Triggered by: Successful processing of the Check mail servers
access administration request.
Carried out on: The administration server for the mail file.
Carried out: Immediately
Result: Creates a replica copy of the old mail file on the new mail
server. Posts the Add new mail file fields administration request.
Add new mail file fields
Triggered by: Completion of the Create new mail file replica
administration request.
Carried out on: The administration server for the Domino Directory.
Carried out: Immediately
Result: Creates a New mail file field and an Old mail file field in
the Person document. Posts the Monitor new mail file fields request.
Monitor new mail file fields
Triggered by: Successful completion of the Add new mail file
fields request.
Carried out on: The new mail server.
Carried out: When the router recognizes the new mail server for the
mail file.
Result: Verifies that new fields are added to the Person document on
the new mail server and that the router can route mail to the new
server. Posts the Replace mail file fields administration request.

Administration Process Requests F-45

Reference

Move mail files administration requests

Replace mail file fields


Triggered by: Completion of the Add new mail file fields
administration request.
Carried out on: The administration server for the Domino Directory.
Carried out: Immediately
Result: New mail server information is added to the fields. Removes
New fields from the Person document. Places Old Mail File and
Old Mail Server fields in the Person document. The server sets a
flag in the Person document to update the client.
Push Changes to new mail server
Triggered by: Client authentication with the home server after the
Replace mail file fields administration request is completed.
Carried out on: The home mail server.
Carried out: Immediately
Result: Pushes the last set of changes and mail to the new mail file.
Posts the Get mail file information for deletion administration
request.
Get mail file information for deletion
Triggered by: Completion of the Push changes to new mail server
administration request.
Carried out on: The old mail server.
Carried out: Immediately
Result: Locates the replica ID of the mail file and posts the Approve
mail file deletion administration request.
Approve mail file deletion
Triggered by: Successful completion of the Get mail file information
for deletion administration request.
Carried out on: Any server.
Carried out: When you manually approve or reject the request in the
administration requests database.
Result: Posts the Request file deletion administration request.
Request mail file deletion
Triggered by: The administrators approval of the Approve mail
file deletion request.
Carried out on: The administration server for the Domino Directory.
Carried out: According to the Interval setting in the
Administration Process section of the Server document.
Result: Posts the Delete mail file administration request.
F-46 Administering the Domino System, Volume 2

Carried out on: The original mail server.


Carried out: According to the Interval setting in the
Administration Process section of the Server document.
Result: The old mail file is deleted from the original mail server.

Place servers Notes build number into Server record


Triggered by: A server starting up and recognizing that its running
a Lotus Domino Server build that differs from the build running at
the last server startup.
Carried out on: The administration server for the Domino Database.
Carried out: According to the Interval setting for the
Administration Process in the Server document.
Result: Populates the Server build field on the Server document.

Recertify Certificate Authority in Domino Directory


You can recertify a certificate authority with the Administration Process
by selecting the CA in the Domino Directory and then choosing Tools Certification - Certify from the Configuration tab in the Domino
Administrator.
Triggered by: Initiating a recertify CA action from the Domino
Administrator.
Carried out on: Administration server for the Domino Directory.
Carried out: According to the Interval setting in the
Administration Process section of the Server document.
Result: Recertifier the certificate authority (CA) in the Domino
Directory. You also have the option of assigning alternate names
during this procedure.

Recertify servers
Triggered by: Initiating the Recertify Server command from the
Actions menu.
Carried out on: The administration server for the Domino Directory.
Carried out: According to the Interval setting in the
Administration Process section of the Server document.
Result: The servers public key is updated, and the Server document
is updated with the new public key.
Administration Process Requests F-47

Reference

Delete mail file


Triggered by: Completion of the Request file deletion
administration request.

Recertifying users
Triggered by: Initiating a Recertify Person action from the tools pane
in the Domino Administrator.
Carried out on: The administration server for the Domino Directory.
Carried out: According to the Interval setting in the
Administration Process section of the Server document.
Result: Updates the users certified public key, and updates the
users ID file during the authentication process.

Register hosted organization


Hosted organization registration applies only to hosted environments,
that is, those who have installed and using the Lotus Domino service
provider software.
To register a hosted organization, from the Domino Administrator,
choose Configuration - Registration - Hosted Organization. Hosted
organization registration creates the two administration requests shown
below.
Create hosted organization storage
Triggered by: Initiating hosted organization registration in the
Domino Administrator.
Carried out on: The xSP server.
Carried out: Immediately.
Result: A data directory is created for the hosted organization. This
directory is assigned the name that is specified in the Directory field
on the Storage panel of the Register Hosted Organization interface.
By default, for Win32 systems, the hosted organizations data
directory is placed directly beneath Domino/data. On UNIX
systems, the default is /local/notesdata. You can specify another
location in the Physical Storage Location field on the Register Hosted
Organization interface. This request also creates the necessary .ACL
file to prevent users in other hosted organizations from accessing the
directory, and it creates the domino subdirectory that is beneath
the hosted organizations directory and populates it with the
necessary Web hosting directories and files.
A mail subdirectory is created beneath the hosted organizations data
directory.

F-48 Administering the Domino System, Volume 2

Carried out on: The xSP server.


Carried out: Immediately.
Result: A mail file for the hosted organization administrator is
created in the mail subdirectory for the hosted organization. The
mail subdirectory resides beneath the hosted organizations data
directory.
For more information on registering a hosted organization, see the
chapter Setting Up the Service Provider Environment.

Remove Certificate from Domino or LDAP Directory


The Remove Certificate from Domino or LDAP directory request is
generated when an administrator revokes a certificate and it is removed
from the Domino Directory or LDAP directory. Certificates are revoked if
they can no longer be trusted, for example, if the subject of the certificate
leaves the organization or if the key has been compromised.
Triggered by: Administrator revoking a certificate .
Carried out on: Administration server for the Domino Directory.
Carried out: Immediately
Result: The certificate is removed from the Domino or LDAP
directory.
For more information on to revoking certificates, see the chapter Setting
Up a Domino Server-based Certification Authority.

Remove servers from a cluster


Triggered by: Clicking Remove from cluster in the Domino
Administrator or by choosing the Remove from Cluster action.
Carried out on: The administration server for the Domino Directory.
Carried out: According to the Interval setting for the
Administration Process in the Server document. (If you choose to
execute the command immediately, the Administration Process is not
used.)
Result: Removes the server from the cluster.

Administration Process Requests F-49

Reference

Create Mail file


Triggered by: Successful completion of the Create hosted
organization storage request and by selecting Create mail file in
background on the Mail tab of the Registration Settings document
selected for this hosted organization.

Rename group
You can rename a group using the Administration Process by performing
a Rename Group action from the Domino Administrator or by choosing
Groups - Edit from the tools pane. The following flowchart shows the
sequence of Administration Process requests that occur when you do
this. (Boxes indicate requests). The timing shown for each request is the
default, which you can customize through the Server Tasks Administration Process tab on the Server document.
Choose "Actions: Rename
Group"

Rename Group in
Address Book
1 Hour

Rename Group
in Access
Control List
1 Hour

Rename Group
in Person
Documents
Daily
Rename Group
in Reader/
Author Fields
Weekly

Rename group in Domino Directory


Triggered by: Choosing Actions - Rename group from the Domino
Administrator or by choosing Groups - Edit from the tools pane.
Carried out on: The administration server for the Domino Directory.
Carried out: According to the Interval setting for the
Administration Process in the Server document.
Result: Updates the groups name in the Domino Directory except in
Person documents.
Rename group in Person documents
Triggered by: Completion of the Rename group in Domino
Directory request.
Carried out on: The administration server for the Domino Directory.
Carried out: According to the Execute once a day requests at
setting for the Administration Process in the Server document.
Result: Updates the name in Domino Directory Person documents.

F-50 Administering the Domino System, Volume 2

Carried out on: Each server in the domain.


Carried out: According to the Interval setting for the
Administration Process in the Server document.
Result: Each server in the domain updates the groups name in ACLs
of databases for which it is an administration server.
Rename group in Reader / Author Fields
Triggered by: Completion of the Rename in Person documents
request on the administration server for the Domino Directory.
Carried out on: Each server in the domain.
Carried out: According to the Delayed Request settings for the
Administration Process in the Server document.
Result: Each server in the domain updates the groups name in the
Reader/Author fields of databases for which it is an administration
server and that have the advanced ACL option Modify all
Reader/Author fields selected.
Timing for renaming groups
Request

Timing

Rename Group in Domino Directory

Interval

Rename Group in Person Documents

Execute once a day requests at

Rename Group in Access Control List

Interval

Rename Group in Reader/Author Fields

Start executing on
Start executing at

Rename person
You can rename a user with the Administration Process by choosing
People - Rename from the tools pane of the Domino Administrator. The
following flowchart shows the sequence of Administration Process
requests that occur when you rename a person in the Domino Directory.
(Boxes represent requests.) The timing shown for each request is the
default, which you can customize through the Server Tasks Administration Process section of the Server document.

Administration Process Requests F-51

Reference

Rename group in Access Control List


Triggered by: Completion of the Rename group in Domino
Directory request.

Choose "Actions: Rename Person"


in the Domino Directory

Choose "Change Common Name"


or "Upgrade to Hierarchical"

Choose "Request Move


to New Certifier"
Move Person's
Name in Hierarchy

Upon Administrator Completion

Initiate Rename in
Address Book
1 Hour

Change Request
Expires
No

Person accepts
new name before
change request
expires?

End

Yes

Delete Obsolete
Change
Requests
Daily

Rename Person
in Address Book
1 Hour

Rename in Access
Control List

Rename in Person
Documents

1 Hour

Daily
Rename in
Reader/Author
Fields
Weekly

Rename Person in
Free Time
Database
Immediately
Rename Person in
Calendar Entries and
Profiles in Mail File
Immediately

For information on renaming a Web user, see the topic Rename Web
user in this appendix.
For information on the administration requests that are generated when a
user refuses a proposed name change, see the topic Rename person Name change refused.

F-52 Administering the Domino System, Volume 2

Carried out on: The server from which you choose Actions Complete Move.
Carried out: When you choose Actions - Complete Move, in the
Name Move Requests view of the Administration Requests database,
to move a persons name to another hierarchy.
Result: Approves the move and triggers the Initiate rename in
Domino Directory request.
Initiate rename in Domino Directory
Triggered by: Choosing a rename action.
Carried out on: The administration server for the Domino Directory.
Carried out: According to the Interval setting for the
Administration Process in the Server document.
Result: Adds the new name, certificate, and change request to the
Person document. Prompts the person to accept the new name upon
next server authentication.
Rename person in Domino Directory
Triggered by: Person accessing a server and accepting the new name.
Carried out on: The administration server for the Domino Directory.
Carried out: According to the Interval setting for the
Administration Process in the Server document.
Result: Updates the persons name in the Domino Directory
except for Person documents. Posts the Rename in Person
documents and the Rename person in Unread Lists
administration requests.
Rename in Person documents
Triggered by: Completion of the Rename person in Domino
Directory request.
Carried out on: The administration server for the Domino Directory.
Carried out: According to the Execute once a day requests at
setting for the Administration Process in the Server document.
Result: Updates the name in Domino Directory Person documents.

Administration Process Requests F-53

Reference

Move persons name in hierarchy


Triggered by: Choosing Actions - Rename Person then Request
Move to New Certifier in the Domino Directory or by choosing
People - Rename from the tools pane of the Domino Administrator.

Rename person in unread list


Triggered by: Completion of the Rename person in Domino
Directory request.
Carried out on: Each server in the domain.
Carried out: According to the Execute once a day requests at
setting for the Administration Process in the Server document.
Result: Each server in the domain examines every database on the
server and updates the persons name in any unread lists.
Rename in Access Control List
Triggered by: Completion of the Rename person in Domino
Directory request.
Carried out on: Each server in the domain.
Carried out: According to the Interval setting for the
Administration Process in the Server document.
Result: Each server in the domain updates the persons name in
ACLs of databases for which it is an administration server.
Rename person in Free Time Database
Triggered by: Completion of the Rename person in Domino
Directory request.
Carried out on: The persons home server.
Carried out: Immediately
Result: The persons name is changed in the Calendaring and
Scheduling Free Time Database.
Rename person in calendar entries and profiles in mail file
Triggered by: Completion of the Rename person in Free Time
Database request.
Carried out on: The persons home server.
Carried out: Immediately
Result: The persons name is changed in their mail files Calendar
Profile and appointment documents. If the persons common name
was changed and the common name is in the title of the mail file, the
mail file title changes to reflect the new name. If the person is the
chair person of any future meetings, the name is changed in those
appointment documents.

F-54 Administering the Domino System, Volume 2

Carried out on: Each server in the domain.


Carried out: According to the Delayed Request setting for the
Administration Process in the Server document.
Result: Each server in the domain updates the persons name in
Reader/Author fields of databases for which it is an administration
server and that have the advanced ACL option Modify all
Reader/Author fields selected.
Delete Obsolete Change Requests
Triggered by: Expiration of the period in which a person can accept
a new name, by default 21 days. When you rename the person, you
can change the expiration period.
Carried out on: The administration server for the Domino Directory.
Carried out: According to the Execute once a day requests at
setting for the Administration Process in the Server document.
Result: The Administration Process deletes the word Pending
from the Change Request field from the Person document.
Timing for Rename a user request
Request

Timing

Move Persons Name in Hierarchy Requires administrator approval in


Administration Requests database
Initiate Rename in Domino
Directory

Interval

Rename Person in Domino


Directory

Interval

Rename in Person Documents

Execute once a day requests at

Rename Person in Unread List

Execute once a day requests at

Rename in Access Control List

Interval

Rename Person in Free Time


Database

Immediate

Rename Person in Calendar


Entries and Profiles in Mail File

Immediate
continued

Administration Process Requests F-55

Reference

Rename in Reader/Author Fields


Triggered by: Completion of the Rename in Person documents
request on the administration server for the Domino Directory.

Request

Timing

Rename in Reader/Author Fields

Start Executing On
Start Executing At

Delete Obsolete Change Requests* Execute once a day requests at


* Before the Administration Process carries out a rename person request, the
user whose name is being changed is prompted to accept the name change. If
the user does not accept the name change within a specified period of time, or
grace period, the name change request becomes an Obsolete Name Change and
is entered in the Administration Requests database as a Delete Obsolete Name
Change request.

Rename person - name change refused


If a user refuses to accept a proposed name change, a series of
administration requests are generated. These requests require the
administrators attention and one requires the administrators approval.
The sequence of requests is generated only when the name change is
refused by the user.
Initiate Rename in Domino Directory
Triggered by: Initiating a name change request for a user that
generates a notice of name change for the user. The user must either
accept or refuse the name change. A user receives notice of a
proposed name changes only if the user has selected the Ask your
approval before accepting name change on the Notes name changes
dialog box in the Notes client interface.
Carried out on: The administration server for the Domino Directory.
Carried out: According to the Interval setting for the
Administration Process in the Server document.
Result: Generates an e-mail notice to the user advising of the
proposed name change and asking that user accept or refuse the
request.
Approve refused name change
Triggered by: The users refusing to accept the proposed name
change.
Carried out on: The administration server for the Domino Directory.
Carried out: When you approve or reject this approval request in the
Administration Requests database.
Result: If you approve this request, a Retract persons name
change request is generated. If you reject the name change refusal,
posts a Reinitiate rename in Domino Directory request.
F-56 Administering the Domino System, Volume 2

Carried out on: The administration server for the Domino Directory.
Carried out: Immediately
Result: Removes the new information from the Person document
and recovers the users information and updates the Person
document.
Reinitiate rename in Domino Directory
Triggered by: The administrator rejecting the name change refusal.
Carried out on: The administration server for the Domino Directory.
Carried out: Immediately
Result: Posts an Initiate rename in Domino Directory request. The
user is again notified of the proposed name change.

Rename Web user


You can rename a Web user with the Administration Process by selecting
the Web user you are renaming, and choosing People - Rename from the
tools pane of the Domino Administrator. The timing shown for each
request is the default, which you can customize through the Server Tasks
- Administration Process section of the Server document.
Initiate Web user rename in Domino Directory
Triggered by: Choosing a rename action for a Web user.
Carried out on: The administration server for the Domino Directory.
Carried out: According to the Interval setting for the
Administration Process in the Server document.
Result: Adds the new name, certificate, and change request to the
Person document.
Rename Web user in Domino Directory
Triggered by: Web user accessing a server and accepting the new
name.
Carried out on: The administration server for the Domino Directory.
Carried out: According to the Interval setting for the
Administration Process in the Server document.
Result: Updates the Web users name in the Domino Directory
except for Person documents. Posts the Rename Web user in Person
documents and the Rename Web user in Unread Lists
administration requests.
Administration Process Requests F-57

Reference

Retract persons name change


Triggered by: The administrator approving the Approve refused
name change request.

Rename Web user in Person document


Triggered by: Completion of the Rename Web user in Domino
Directory request.
Carried out on: The administration server for the Domino Directory.
Carried out: According to the Execute once a day requests at
setting for the Administration Process in the Server document.
Result: Updates the Web user name in Domino Directory Person
documents.
Rename Web user in unread list
Triggered by: Completion of the Rename Web user in Domino
Directory request.
Carried out on: Each server in the domain.
Carried out: According to the Execute once a day requests at
setting for the Administration Process in the Server document.
Result: Each server in the domain examines every database on the
server and updates the Web users name in any unread lists.
Rename Web user in Access Control List
Triggered by: Completion of the Rename Web user in Domino
Directory request.
Carried out on: Each server in the domain.
Carried out: According to the Interval setting for the
Administration Process in the Server document.
Result: Each server in the domain updates the Web users name in
ACLs of databases for which it is an administration server.
Rename Web user in Free Time Database
Triggered by: Completion of the Rename Web user in Domino
Directory request.
Carried out on: The Web users home server.
Carried out: Immediately
Result: The Web users name is changed in the Calendaring and
Scheduling Free Time Database.
Rename Web user in calendar entries and profiles in mail file
Triggered by: Completion of the Rename Web user in Free Time
Database request.
Carried out on: The Web users home server.
Carried out: Immediately

F-58 Administering the Domino System, Volume 2

Rename Web user in Reader / Author Fields


Triggered by: Completion of the Rename Web user in Person
documents request on the administration server for the Domino
Directory.
Carried out on: Each server in the domain.
Carried out: According to the Delayed Request setting for the
Administration Process in the Server document.
Result: Each server in the domain updates the Web users name in
Reader/Author fields of databases for which it is an administration
server and that have the advanced ACL option Modify all
Reader/Author fields selected.

Server registration requests


Create SSL Certificate and Keyring file
Triggered by: During server registration, the administrator chooses
to Enable SSL ports.
Carried out on: The new server being registered after the server is
setup, running, and the request has replicated to this server.
Carried out: According to the Interval setting in the
Administration Process section of the Server document.
Result: Creates the server keyring file and generates an Enable
servers SSL ports in Domino Directory request.
Enable servers SSL ports in Domino Directory
Triggered by: Successful processing of the Create SSL Certificate
and keyring file request.
Carried out on: Administration server for the Domino Directory.
Carried out: Immediately
Result: Enables all SSL ports on the new server. Posts the Monitor
servers SSL status in Domino Directory request.

Administration Process Requests F-59

Reference

Result: The Web users name is changed in their mail files Calendar
Profile and appointment documents. If the Web users common
name was changed and the common name is in the title of the mail
file, the mail file title changes to reflect the new name. If the Web
user is the chair person of any future meetings, the name is
changed in those appointment documents.

Monitor servers SSL status in Domino Directory


Triggered by: Successful completion of the Enable servers SSL
ports in Domino Directory request.
Carried out on: Server being registered.
Carried out: Immediately
Result: Monitors for the change in port status being added to the
Domino Directory and then restarts the ports.

Set Directory Assistance Field


Triggered by: Choosing Actions - Set Directory Assistance
Information from the Domino Administrator.
Carried out on: The administration server for the Domino Directory.
Carried out: According to the Interval setting for the
Administration Process in the Server document.
Result: Updates the Directory Assistance database name field in
the Basics section of the Server document.

Set directory filename


The Set Directory Filename request adds the file name of a servers
primary Domino Directory to the hidden view ($Directories). Places the
directory name in the Server document.
Triggered by: A server triggers this request the first time it starts up
in this release and during subsequent startups if it detects a change
to the file name.
Carried out on: The administration server for the Domino Directory.
Carried out: According to the Interval setting in the
Administration Process section of the Server document.
Result: Stores the directory name in the Server document.

Set password fields


Triggered by: Initiating the command from the People & Groups tab,
selecting the Person document, choosing Actions - Set Password
Fields.
Carried out on: Administration server for the Domino Directory.
Carried out: According to the Interval setting for the
Administration Process in the Server document.
Result: Updates the Check Password, Request Change, and Grace
Period fields in the Administration section of the Person document.

F-60 Administering the Domino System, Volume 2

The Set user name and enable schedule agent request is generated
when a user with Editor access to their mail file sets the Out of Office
agent.
Triggered by: From Notes client mail file, choose Tools - Out of Office.
Carried out on: The server that the mail client is running on when
the user performs the action to enable the agent.
Carried out: Immediately
Result: Activates the Out of Office agent for the user whose mail file
was active when the agent was set.

Set Web Admin fields


The Set Web Admin fields request applies only to pre-Rnext servers.
Triggered by: Initial startup of the HTTP server task. When the Web
server is brought up, HTTP creates the Web administration requests
database and generates administration requests to populate the
Administer the server from a browser field on the Server
document. The names that populate the field are taken from the
Administrators field on the Administration tab on the Server
document. The Server name is also added to the Administrators field
on the Administration tab of the Server document.
Carried out on: The administration server for the Domino Directory.
Carried out: Immediately
Results: The Administer the server from a browser field is
populated with the administrators names as well as the server name.
The server name is also added to the Administrators field on the
Administration tab of the Server document. Web administration can
then be done by the administrators listed in that field.

Set Web user name and enable scheduled agent


The Set Web user name and enable schedule agent request is generated
when a Web user with Editor access to their mail file sets the Out of
Office agent.
Triggered by: Action performed by the user in their mail file from
the Notes client.
Carried out on: The server that the mail client is running on when
the Web user performs the action to enable the agent.
Carried out: Immediately
Result: Activates the Out of Office agent for the Web user whose
mail file was active when the agent was set.
Administration Process Requests F-61

Reference

Set user name and enable schedule agent

Sign database with servers ID file


Triggered by: Choosing Files tab - Database - Sign to initiate a sign
database action. Signing a database vouches for the integrity of
that database.
Carried out on: The server containing the database to be signed.
Carried out: Immediately
Result: Signs the selected database with the servers ID when the
Active Servers ID is chosen in the What do you want to use
field on the Sign Database dialog box.
For more information on signing a database, see the chapter Rolling Out
Databases.

Store CA Policy Information in the Domino Directory


The Store CA policy information in the Domino Directory is issued
during CA recovery, when you modify the list of registration authorities
or certificate authorities in the Domino Directory, when you update the
CAs ICL attachment or the information that surrounds it in the Domino
Directory.
Triggered by: Modifying the list of Certificate Authorities or
Registration Authorities in the Domino Directory. This request is also
generated when a Certificate Authoritys ICL attachment is modified.
Carried out on: Administration server for the Domino Directory.
Carried out: Immediately
Result: Updates the Certifier document or creates a new one if one
does not exist.

Store certificate in Domino or LDAP Directory


The Store certificate in Domino or LDAP Directory request is generated
when a request for a new Internet certificate is approved by the CA.
Triggered by: The Domino CA Processs approving an Internet
certificate request which will be published to a Domino Directory or
an LDAP Directory.
Carried out on: Administration server for the Domino Directory.
Carried out: Immediately
Result: The Internet certificate is published in the Person document
in the Domino Directory or in the LDAP directory.

F-62 Administering the Domino System, Volume 2

A CRL is a time-stamped list identifying revoked Internet certificates


for example, certificates belonging to terminated employees. The CA
process issues and maintains CRLs for each Internet certifier. You
configure the CRL when you create a new Internet certifier.
The Domino CA process issues and maintains certificate revocation lists
(CRLs). A certificate revocation list is a list of revoked certificates and the
time of their revocation. CRLs are configured when you create a new CA.
Triggered by: Once a CRL is configured, the CA issues them on a
regular basis and they operate unattended. The CA process
determines that it is time to publish a CRL and generates this request
according to a predetermined schedule. For example, this request is
generated when an Internet Certificate is created.
Carried out on: Administration server for the Domino Directory.
Carried out: Immediately
Result: Certificate revocation list is created in the Domino Directory
or in the LDAP directory.
For more information on CRLs, see the chapter Setting Up a Domino
Server-based Certification Authority.

Store directory type in Server record


The Store Directory Type in Server Record request adds a value to a new
field in the Server document called Configuration Directory Only to
indicate whether or not the directory is a Configuration directory. The
Server record is updated with a 0 (zero) if it is a standard Domino
Directory, or with a 1 if it is a Configuration Only Directory. A special
replication formula is created to remove the names and groups from the
Domino Directory replica during the next replication.
Triggered by: A server triggers this request the first time it starts up
in this release and during subsequent startups if it detects a change
involving the Configuration Documents only replication setting.
Carried out on: Administration server for the Domino Directory.
Carried out: According to the Interval setting in the
Administration Process section of the Server document.
Result: Updates the Server document with a 0 or 1 according to the
type of directory it is.

Administration Process Requests F-63

Reference

Store Certificate Revocation List in Domino or LDAP directory

Store servers CPU count


Triggered by: The CPU count value in the Server document is 0 or
does not match the number of processes on the hardware. The
discrepancy is determined when the server is powered up; it
monitors the Server document, if it locates a discrepancy it posts a
Store Server CPU Count request.
Carried out on: The administration server for the Domino Directory.
Carried out: According to the Interval setting in the
Administration Process section of the Server document.
Result: Updates the CPU Count field in the Basics section of the
Server document.

Store servers DNS host name in Server record


Triggered by: The SMTPFullHostName field in the Server document
not containing the servers DNS host name at server startup.
Carried out on: The administration server for the Domino Directory.
Carried out: According to the interval setting in the
Administration Process section of the Server document.
Result: The servers DNS host name is placed in the
SMTPFullHostName field in the Server document.

Update client information in Person record


Updates the Notes client license information as well as the Notes client
platform, Notes client build, and the Notes client machine.
Triggered by: An incremental update in the client code. It is also
kept up to date by dynamic configuration.
Carried out on: Administration server for the Domino Directory.
Carried out: Immediately
Result: Updates the Notes client license information as well as the
Notes client platform field, Notes client build field, and the Notes
client machine field.

F-64 Administering the Domino System, Volume 2

Triggered by: The CATALOG.EXE server task determines that a


catalog is designated as the Domain Catalog and then the task checks
to see if the Domain-wide indexer setting is enabled in the Server
document. If so, the server task then determines whether the server
is in the LocalDomainCatalogServer group and triggers the request if
the server is not in the group.
Carried out on: The administration server for the Domino Directory.
Carried out: Immediately
Result: The server is added to the LocalDomainCatalogServer group
and a verification is made to ensure that the Domain-wide indexer
setting is enabled in the Server document.
For more information on the domain catalog, see the chapter Setting Up
Domain Search.

Update external domain information


Triggered by: Choosing Add External Domain Network
Information or Delete External Domain Information from the
Configuration tab in the Domino Administrator.
Carried out on: The administration server for the Domino Directory.
Carried out: According to the Interval setting in the
Administration Process section of the Server document.
Result: If you selected Add External Domain Network Information
an External Domain Network Information document is created to
allow connection with a server in another domain. The document is
stored in the Domino Directory. If you selected Delete External
Network Information the External Domain Network Information
document and associated information are deleted.

Update license tracking information in Domino Directory


Once each day, an administration request sends to the administration
process, information regarding new users and information regarding
users who have not accessed the server within the last 30 days.
License Tracking must be enabled on the Basics tab of the Server
document.
Triggered by: A user authenticating with a server using the Notes
client, HTTP, IMAP, POP3, SMTP or the LDAP. The users full
canonical name, protocol, and time and date of access are collected.
Carried out on: The administration server for the Domino Directory.

Administration Process Requests F-65

Reference

Update domain catalog configuration

Carried out: According to the Interval setting in the


Administration Process section of the Server document.
Result: Creates a new User License document in the UserLicenses
database (USERLICENSES.NSF) for each unique (new) user reported
in the administration request. Documents are updated with the new
time and date for those users who already have a document in the
User Licenses database.

Update servers protocol information


Triggered by: The server recognizing that the Protocol field does not
contain correct information.
Carried out on: The administration server for the Domino Directory.
Carried out: According to the Interval setting in the
Administration Process section of the Server document.
Result: Updates the Protocol field in the Notes Network Ports
section of the Ports tab on the Server document.

Update user from non-roaming to roaming user


You can use the Domino Administrator to update a user from a
nonroaming state to a roaming state by selecting the user and choosing
People - Roaming from the tools pane.
Update client information in the Person record
Triggered by: From the Domino Administrator, initiating the action
to upgrade a user from nonroaming status to roaming status.
Carried out on: The administration server for the Domino Directory.
Carried out: Immediately
Result: Updates the User Can Roam field to In Process on the
Roaming tab of the users Person document in the Domino Directory.
Create roaming users replica stubs
Triggered by: The selected user logging into Notes after the
administrator has initiated the action to update the users status to
Roaming and the User can roam field on the Roaming tab of the
users Person document has been changed from No to In
Process.
Carried out on: The server that will house the roaming files.
Carried out: Immediately
Result: Creates replica stubs of the roaming files on the users
roaming server.

F-66 Administering the Domino System, Volume 2

Carried out on: The administration server for the Domino Directory.
Carried out: Immediately
Result: Updates the Personal Address Book field, Bookmarks
filename, and Journal filename fields on the users Person document
in the Domino Directory. Generates the Monitor roaming users
replica stubs request.
Monitor roaming users replica stubs
Triggered by: Successful completion of the Update roaming user
information in Person record request.
Carried out on: The users roaming server.
Carried out: Immediately
Result: Recognizes when replication occurs, and then generates the
Update roaming user state in Person document request.
Update roaming user state in Person document
Triggered by: Successful completion of the Monitor roaming users
replica stub request. Successful replication of the roaming files to
the roaming server.
Carried out on: On the administration server of the Domino
Directory.
Carried out: Immediately
Result: The User can roam field on the Roaming tab of the users
Person document is updated from In Progress to Yes.

Administration Process Requests F-67

Reference

Update Roaming User information in Person record


Triggered by: The selected user logging into Notes after the
administrator has initiated the action to update the users status to
Roaming and the User can roam field on the Roaming tab of the
users Person document has been changed from No to In
Process.

Upgrade server to hierarchical


Use the Rename server command from the Domino Administrator to
upgrade a server from a flat server name to a hierarchical server name.
Choose "Actions: Upgrade Server to
Hierarchical" in the Domino Directory

Initiate Rename in
Address Book
1 Hour

Change Request
Expires

Server updates
its ID before
change request
expires?

No

Delete Obsolete
Change Requests

Yes

End

Daily

Rename Server in
Address Book
1 Hour

Rename in Access
Control List
1 Hour

Rename in Person
Documents
Daily
Rename in
Reader/Author
Fields
Weekly

Initiate rename in Domino Directory


Triggered by: Performing an upgrade server to hierarchical in the
Domino Directory.
Carried out on: The administration server for the Domino
Administrator.
Carried out: According to the Interval setting for the
Administration Process in the Server document.
Result: A new certified public key is assigned to the server and the
Certified Public Key field in the Server document is updated.
Rename server in Domino Directory
Triggered by: The server polls its server document data looking for
its new public key. The Rename server in Domino Directory
administration request is triggered by the server recognizing that its
name has changed.
Carried out on: The administration server for the Domino Directory.
F-68 Administering the Domino System, Volume 2

Result: Update the servers name in the Domino Directory. Posts a


Rename in Access Control List request and a Rename in Person
documents request.
Rename in Access Control List
Triggered by: Completion of the Rename server in Domino
Directory request.
Carried out on: All servers with databases that have been assigned
administration servers.
Carried out: According to the Interval setting for the
Administration Process in the Server document.
Result: Updates the ACLs with the new server name.
Rename in Person documents
Triggered by: Completion of the Rename server in Domino
Directory request.
Carried out on: The administration server for the Domino Directory.
Carried out: According to the Execute once a day request at setting
for the Administration Process in the Server document.
Result: Updates the Person documents and posts a Rename in
Reader/Author fields request.
Rename in Reader / Author fields
Triggered by: Completion of the Rename in Person documents
request.
Carried out on: All servers.
Carried out: According to the Start executing on and Start
executing at settings for the Administration Process in the Server
document.
Result: The Reader/Author fields are updated.
Delete obsolete change requests
Requests are carried out only if change requests have expired according
to the Name_Change_Expiration_Days setting in the NOTES.INI file.
Triggered by: Expiration of the period in which other servers in the
domain can recognize both the old name and the new name of the
server. The default is 21 days, but the administrator can set the
Name_Change_Expiration_Days variable in the NOTES.INI file to a
value between 7 and 60.
Carried out on: The administration server for the Domino Directory.
Administration Process Requests F-69

Reference

Carried out: According to the Interval setting for the


Administration Process in the Server document.

Carried out: According to the Execute once a day request at setting


for the Administration Process in the Server document.
Result: The Change Request is deleted.
Timing for upgrading server to hierarchical
Request

Timing

Initiate Rename in Domino Directory

Interval

Rename Server in Domino Directory

Interval

Rename in Access Control List

Interval

Rename in Person Documents

Execute once a day requests at

Rename in Reader/Author Fields

Start executing on
Start executing at

Delete Obsolete Change Requests

Execute once a day requests at

Web set Soft Deletion Expire Time


Triggered by: A mail file user with a minimum access of Editor,
changes the Soft Delete Expire Time on the mail database.
Carried out on: The server on which the mail database resides.
Carried out: Immediately
Result: The user can change the number of days between each
deletion session during which the documents marked for deletion
are deleted. The soft Delete Expire Time is the number of days
between each delete documents session.

Cross Domain Administration Requests


With Lotus Domino, you can use the Administration Process to initiate
and run an administration request on one domain and then send that
request to another specified domain for processing on that domain also.
The administration requests detailed in this section are cross domain
administration requests, that is, requests that can be processed across
domains.

Delete Person - cross domain administration request


You can use the Administration Process to delete a persons name from
the Domino Directory and then send that request to another domain to
remove it from the Domino Directory in that domain.

F-70 Administering the Domino System, Volume 2

Delete person in Domino Directory


Triggered by: Choosing Actions - Delete Person in the Domino
Directory (or clicking Delete Person) and choosing to delay deletion
of the name from the Domino Directory. You can also trigger this
action by choosing Delete Person when viewing a Person document
with the Web Administrator.
Carried out on: The administration server for the Domino Directory.
Carried out: According to the Interval setting for the
Administration Process in the Server document.
Result: The Administration Process removes the name from the
Domino Directory, except from other peoples Person documents,
and posts the Delete in Person documents request. If you have
created a termination group and set up the administration process
to add deleted users to that group, the name is added to the
Terminations group. Mails the Delete person in Domino
Directory administration request to the inbound domain.
Delete in Person documents
Triggered by: Completion of a Delete in person Domino Directory
request.
Carried out on: The administration server for the Domino Directory.
Carried out: According to the Execute once a day requests at
setting for the Administration Process in the Server document.
Result: The Administration Process removes the name from other
peoples Person documents in the Domino Directory.
Delete in Access Control Lists
Triggered by: Choosing to immediately delete all occurrences of the
name from the Domino Directory when initiating the Delete action or
the completion of a Delete in Domino Directory request (if you
chose to delay deletion of the name from the Domino Directory).
Carried out on: Each server in the domain.
Carried out: According to the Interval setting for the
Administration Process in the Server document.
Result: Each server in the domain deletes the name from the ACLs of
databases for which it is an administration server.

Administration Process Requests F-71

Reference

Delete person - outbound (source) domain


These requests are generated on the outbound domain when the user
name on the outbound domain is a flat name and you have specified a
non-immediate deletion.

Get file information for delete (only if deleting the mail file)
Triggered by: Completion of the Delete in Access Control List
request on the administration server for the Domino Directory (if you
chose to immediately delete all occurrences of the name) or
completion of the Delete in Domino Directory request (if you chose
to delay deleting the name from the Domino Directory). You must
also have specified to delete the mail file in which you chose to delete
the person.
Carried out on: The deleted persons home server.
Carried out: Immediately
Result: The persons home server creates an Approve file deletion
request which provides information about the mail file. This appears
in the Pending Administrator Approval view of the Administration
Requests database.
Approve file deletion (only if deleting the mail file)
Triggered by: Completion of the Get file information for delete
request.
Carried out on: The server on which you approve the request.
Carried out: When you manually approve or reject the request.
Result: If you approve the request, the Administration Process
creates a Request file deletion request.
Request file deletion (only if deleting the mail file)
Triggered by: Approving the Approve file deletion request.
Carried out on: The administration server for the Domino Directory.
Carried out: Immediately
Result: Posts a Delete mail file request.
Delete in Reader / Author fields
Triggered by: Completion of a Delete in Access Control List
request on the administration server for the Domino Directory (if you
chose to immediately delete occurrences of the name from the
Domino Directory) or completion of a Delete in Person documents
request (if you chose to delay deletion of the name from the Domino
Directory).
Carried out on: Each server in the domain.
Carried out: According to the Delayed Request settings for the
Administration Process in the Server document.
Result: Each server in the domain deletes the name from
Reader/Author fields of databases for which it is an administration
server and that have the advanced ACL option Modify all
F-72 Administering the Domino System, Volume 2

Delete mail file (only if deleting the mail file)


Triggered by: Completion of a Request file deletion request.
Carried out on: The deleted persons home server.
Carried out: According to the Interval setting for the
Administration Process in the Server document.
Result: The Administration Process verifies that the administrator
who approved the deletion has at least Author with Delete
documents access to the Domino Directory. Then, if the mail file
doesnt use shared mail, the Administration Process deletes the file.
If the file does use shared mail, then the Administration Process
purges the links to the shared mail database, disables replication,
and creates a Delete unlinked mail file request.
Delete unlinked mail file
Triggered by: Completion of a Delete mail file request for a mail
file that uses shared mail.
Carried out on: The deleted persons home server.
Carried out: According to the Interval between purging mail file
and deleting when using object store setting for the Administration
Process in the Server document.
Result: The Administration Process deletes the mail file after waiting
a period of time. This delay provides time for the Object Collect task
to purge any obsolete messages.
Approve deletion of Private Design Elements
Triggered by: Completion of a Delete in Readers/Authors field
request and locating Private Design Elements signed by the deleted
person in databases on that server.
Carried out on: Any server in the domain.
Carried out: According to the administrators discretion.
Result: The deletion is approved and the Request to delete Private
Design Elements administration request is posted.

Administration Process Requests F-73

Reference

Reader/Author fields selected. The server scans the databases for


shared agents signed by the deleted person and for Private Design
Elements (folders, views, agents) signed by the deleted person.
Shared agents found are reported in the requests Response
document. If Private Design Elements are found an Approve
deletion of Private Design Elements administration request is posted.

Request to delete Private Design Elements


Triggered by: The administrators approval of the Approve
deletion of Private Design Elements administration request.
Carried out on: The administration server for the Domino Directory.
Carried out: Immediately
Result: Posts the Delete Private Design Elements administration
request.
Delete Private Design Elements
Triggered by: Completion of the Request to delete Private Design
Elements administration request.
Carried out on: The server containing the database with the Private
Design Elements.
Carried out: According to the Interval setting in the
Administration Process section of the Server document.
Result: Private Design Elements signed by the deleted person are
removed from the databases.
Note If the person requesting the delete action chose to delete all
replicas of a mail file, then a Get File Information for deletion request is
created and processed by all servers in the domain. This request is posted
after completion of the Delete mail file request or the Delete unlinked
mail file request. For each replica of the mail file found on servers in the
domain, the Approve file deletion, Request file deletion, and Delete
mail file request sequence occurs again.
Delete person - inbound (destination) domain
These requests are generated on the inbound domain.
Delete person in Domino Directory
Triggered by: Receipt of a Delete person in Domino Directory
administration request from the outbound domain.
Carried out on: The administration server for the Domino Directory.
Carried out: According to the Interval setting for the
Administration Process in the Server document.
Result: Checks for the flat user name in the Domino Directory. If
found, posts the Approve delete person in Domino Directory
administration request. If not found, posts the Delete in Access
Control Lists and the Delete person in Person documents
administration requests.

F-74 Administering the Domino System, Volume 2

Carried out on: Any server on which you approve the request.
Carried out: According to the administrators discretion.
Result: Post a Delete person in Domino Directory administration
request.
Delete person in Domino Directory (only if a matching flat user
name is found)
Triggered by: Administrator approving the Approve delete person
in Domino Directory administration request.
Carried out on: The administration server for the Domino Directory.
Carried out: According to the Interval setting in the
Administration Process section of the Server document.
Result: The Administration Process removes the name from the
Domino Directory, except from other peoples Person documents,
and posts the Delete in Person documents request. If you have
created a termination group and set up the administration process
to add deleted users to that group, the name is added to the
Terminations group.
Delete person in Person documents
Triggered by: Completion of a Delete person in Domino Directory
request.
Carried out on: The administration server for the Domino Directory.
Carried out: According to the Execute once a day requests at
setting for the Administration Process in the Server document.
Result: The Administration Process removes the name from other
peoples Person documents in the Domino Directory.
Delete in Access Control Lists
Triggered by: Completion of the Delete person in Domino
Directory request.
Carried out on: Each server in the domain.
Carried out: According to the Interval setting for the
Administration Process in the Server document.
Result: Each server in the domain deletes the name from the ACLs of
databases for which it is an administration server.

Administration Process Requests F-75

Reference

Approve delete person in Domino Directory (only if a matching flat


user name is found)
Triggered by: Completion of an inbound Delete person in Domino
Directory request on a sent name.

Delete in Reader / Author fields


Triggered by: Completion of a Delete in Access Control List
request on the administration server for the Domino Directory.
Carried out on: Each server in the domain.
Carried out: According to the Delayed Request settings for the
Administration Process in the Server document.
Result: Each server in the domain deletes the name from
Reader/Author fields of databases for which it is an administration
server and that have the advanced ACL option Modify all
Reader/Author fields selected. The server scans the databases for
shared agents signed by the deleted person and for Private Design
Elements (folders, views, agents) signed by the deleted person.
Shared agents found are reported in the requests Response
document. If Private Design Elements are found an Approve
deletion of Private Design Elements administration request is
posted.
Approve Deletion of Private Design Elements
Triggered by: Completion of a Delete in Readers/Authors field
request and locating Private Design Elements signed by the deleted
person in databases on that server.
Carried out on: Any server in the domain.
Carried out: According to the administrators discretion.
Result: The deletion is approved and the Request to delete Private
Design Elements administration request is posted.
Request to Delete Private Design Elements
Triggered by: The administrators approval of the Approve
deletion of Private Design Elements administration request.
Carried out on: The administration server for the Domino Directory.
Carried out: Immediately
Result: Posts the Delete Private Design Elements administration
request.
Delete Private Design Elements
Triggered by: Completion of the Request to delete Private Design
Elements administration request.
Carried out on: The server containing the database with the Private
Design Elements.

F-76 Administering the Domino System, Volume 2

Result: Private Design Elements signed by the deleted person are


removed from the databases.

Create Replica - Cross domain administration request


You can create a database replica across domains using the
Administration Process by selecting a database and then choosing
Database - Create Replica from the tools pane in the Domino
Administrator.
Create Replica - Cross Domain
Destination domain

Source domain
No
End

Check
access for
new replica
creation

Yes
request is
mailed

Create
Replica

Create replica - outbound (source) domain


The following request is generated on the outbound domain.
Check access for new replica creation
Triggered by: Initiating the Create Replica command from the
Domino Administrator.
Carried out on: The server on which you initiate the action.
Carried out: Immediately
Result: Checks for the appropriate Cross-domain Request
Configuration documents and Connection documents. Sends the
Create Replica administration request to the destination domain.
Create replica - inbound (destination) domain
The following request is generated on the inbound domain.
Triggered by: Receipt of the Create replica administration request
from the source domain.
Carried out on: The server designated as the destination server in the
Cross-domain Request Configuration document.
Carried out: Immediately
Result: Creates the replica on the designated server.

Administration Process Requests F-77

Reference

Carried out: According to the Interval setting in the


Administration Process section of the Server document.

Delete person - cross domain administration request


If you select Immediate processing, the outbound domain has the
following subset of requests:

Delete in Access Control List

Get File Information for deletion

Approve file deletion

Delete in Reader/Author fields

Request File deletion

Delete mail file

Approve deletion of Private Design Elements

Request to delete Private Design Elements

Delete Private Design Elements

If you select Immediate processing, the inbound domain has the


following subset of requests.

The same as non-immediate requests

Delete server - Flat server on the outbound (source) domain


When a Delete Server administration request is initiated for a flat server
name on the outbound (source) domain, Approval requests are
generated on the inbound (destination) domain. For example, the
Approve delete server in Domino Directory is an administration
request that requires the administrators approval, and would be
generated on the inbound (destination) domain when a flat server is
selected for deletion on the outbound (source) domain.
The flow of administration requests documented here results when you
are deleting a flat server from the outbound (source) domain, and you do
not select Immediate processing.
Delete server - outbound (source) domain
These administration requests are generated on the outbound (source)
domain.
Delete server in Domino Directory
Triggered by: Initiating the Delete Server command from the
Domino Administrator.
Carried out on: The administration server for the Domino Directory.
Carried out: According to the Interval setting in the
Administration Process section of the Server document.

F-78 Administering the Domino System, Volume 2

Delete in Person documents


Triggered by: Completion of the Delete server in Domino
Directory administration request.
Carried out on: The administration server for the Domino Directory.
Carried out: According to the Execute once a day requests at
setting for the Administration Process in the Server document.
Result: Posts a Delete in Readers/Authors Fields request.
Removes references to the server from the Person document(s).
Delete in Reader / Author Fields
Triggered by: Completion of the Delete in Person documents
request.
Carried out on: All servers in the domain.
Carried out: According to the Delayed Request setting in the
Administration Process section of the Server document.
Result: The server name is deleted from database documents where
the Delete in Reader/Author fields check box is selected for the
database.
Delete in Access Control List
Triggered by: Completion of the Delete server in Domino
Directory administration request.
Carried out on: All servers.
Carried out: According to the Interval setting in the
Administration Process section of the Server document.
Result: The server name is removed from the ACLs in any database
that has an administration server assigned to it.
Delete server - inbound (destination) domain
These administration requests are generated on the inbound domain.
Delete server in Domino Directory
Triggered by: Successful completion of the Delete server in Domino
Directory request on the outbound (source) domain.
Carried out on: The administration server on the inbound domain.

Administration Process Requests F-79

Reference

Result: Posts a Delete in Person document request and a Delete in


Access Control List request on the outbound server. It recognizes
the cross domain configuration documents, checks for the approved
signers, and then finding them, mails the request to the inbound
domain.

Carried out: According to the Interval setting in the


Administration Process section of the Server document.
Result: Determines whether the server name is flat. If so, posts the
Approve delete server in Domino Directory request.
Approve delete server in Domino Directory (if flat server name is
found)
Triggered by: Processing of the Delete server in Domino Directory
command and recognition of a flat server.
Carried out on: Any server on which the administrator approves the
request.
Carried out: According to the administrators approval.
Result: Posts a Delete server in Domino Directory request on the
destination server.
Delete server in Domino Directory (if flat server name is found)
Triggered by: Approval of the Approve delete server in Domino
Directory administration request.
Carried out on: The administration server for the Domino Directory.
Carried out: According to the Interval setting in the
Administration Process section of the Server document.
Result: Posts Delete in Access Control List and Delete in Person
documents administration requests on the destination server.
Delete server in Person documents
Triggered by: Successful completion the Delete server in Domino
Directory administration request.
Carried out on: The administration server for the Domino Directory.
Carried out: According to the Execute once a day requests at
setting for the Administration Process in the Server document.
Result: Posts a Delete in Reader/Author Fields administration
request. Deletes all references to the server name in Person
documents.
Delete in Access Control Lists
Triggered by: Successful completion of the Delete server in Domino
Directory administration request.
Carried out on: All servers.
Carried out: According to the Interval setting in the
Administration Process section of the Server document.
Result: The server name is removed from the ACLs in any database
that has an administration server assigned to it.
F-80 Administering the Domino System, Volume 2

Carried out on: All servers in the domain.


Carried out: According to the Delayed Request setting in the
Administration Process section of the Server document.
Result: Deletes the server name from database documents where the
delete in Reader/Author fields check box is selected for the
database.

Delete server - cross domain administration request


If you select Immediate processing, the outbound domain has the
following subset of requests:

Delete in Access Control List

Delete in Reader/Author Fields

If you select Immediate processing, the inbound domain has the


following subset of requests:

Delete server in Domino Directory

Approve delete server in Domino Directory (if a flat server name is


found)

Delete server in Domino Directory

Delete in Access Control List

Delete in Reader/Author Fields

For details on the above processes, see the processes documented above.

Delete Server - Hierarchical server name on the inbound


(destination) domain
This process flow occurs when you do not select the Immediate
processes.

Delete server - outbound (source) domain


These requests are generated on the outbound (source) domain.
Delete server in Domino Directory
Triggered by: Initiating the Delete Server command from the
Domino Administrator.
Carried out on: The administration server for the Domino Directory.

Administration Process Requests F-81

Reference

Delete in Reader and Author Fields


Triggered by: Successful completion of the Delete in Person
documents administration request.

Carried out: According to the Interval setting in the


Administration Process section of the Server document.
Result: Posts a Delete in Person document request and a Delete in
Access Control List request on the outbound server.
Delete in Person documents
Triggered by: Completion of the Delete server in Domino
Directory administration request.
Carried out on: The administration server for the Domino Directory.
Carried out: According to the Execute once a day requests at
setting for the Administration Process in the Server document.
Result: Posts a Delete in Readers and Authors Fields request.
Removes references to the server from the Person document(s).
Delete in Access Control List
Triggered by: Completion of the Delete server in Domino
Directory administration request.
Carried out on: All servers in the domain.
Carried out: According to the Interval setting in the
Administration Process section of the Server document.
Result: The server name is removed from the ACLs in any database
that has an administration server assigned to it.
Delete in Reader / Author fields
Triggered by: Successful completion of the Delete server in Domino
Directory administration request.
Carried out on: All servers in the domain.
Carried out: The time each server is set up to run that request.
Result: Deletes the server name from database documents where the
delete in Reader/Author fields check box is selected for the
database.
Delete server - inbound (destination) domain
These requests are generated on the inbound domain.
Delete server in Domino Directory
Triggered by: Receipt of the Delete server in Domino Directory
request from the outbound domain.
Carried out on: The administration server for the Domino Directory.

F-82 Administering the Domino System, Volume 2

Result: Posts Delete in Access Control List and Delete in Person


documents administration requests on the destination server.
Delete in Access Control List
Triggered by: Completion of the Delete server in Domino
Directory administration request.
Carried out on: All servers in the domain.
Carried out: According to the Interval setting in the
Administration Process section of the Server document.
Result: The server name is removed from the ACLs in any database
that has an administration server assigned to it.
Delete in Person documents
Triggered by: Completion of the Delete server in Domino
Directory administration request.
Carried out on: The administration server for the Domino Directory.
Carried out: According to the Execute once a day requests at
setting for the Administration Process in the Server document.
Result: Posts a Delete in Readers/Authors Fields request.
Removes references to the server from the Person document(s).
Delete in Reader / Author fields
Triggered by: Successful completion of the Delete server in Domino
Directory administration request.
Carried out on: All servers in the domain.
Carried out: The time each server is set up to run that request.
Result: Deletes the server name from database documents where the
delete in Reader/Author fields check box is selected for the
database.

Administration Process Requests F-83

Reference

Carried out: According to the Interval setting in the


Administration Process section of the Server document.

Rename person - Cross domain administration request


You can use the Administration Process to rename (upgrade) a flat user
name to a hierarchical user name, change the persons common name, or
move a user to new organizational hierarchy.
Rename person - outbound (source) domain
The following requests are generated on the outbound (source) domain.
Initiate rename in Domino Directory
Triggered by: Selecting the person, and choosing People - Rename
on the tools pane in the Domino Administrator, and then choosing
Upgrade to Hierarchical.
Carried out on: The administration server for the Domino Directory.
Carried out: According to the Interval setting for the
Administration Process in the Server document.
Result: Writes the Change Request and new public key to the
Domino Directory.
Rename person in Domino Directory
Triggered by: Person accessing a server and accepting the new
name.
Carried out on: The administration server for the Domino Directory.
Carried out: According to the Interval setting for the
Administration Process in the Server document.
Result: Updates the persons name in the Domino Directory except
in Person documents. Recognizes the Cross Domain Configuration
Document and checks for appropriate signatures and access. Mails
the request to the inbound domain. Posts the Rename in Access
Control List, Rename in unread list, and the Rename in Free
Time database requests.

Rename in Person document


Triggered by: Completion of the Rename person in Domino
Directory request.
Carried out on: The administration server for the Domino Directory.
Carried out: According to the Execute once a day requests at
setting for the Administration Process in the Server document.
Result: Updates the name in Domino Directory Person documents.
Posts the Rename in Reader/Author Fields administration request.

F-84 Administering the Domino System, Volume 2

Carried out on: Each server in the domain.


Carried out: According to the Interval setting for the
Administration Process in the Server document.
Result: Each server in the domain updates the persons name in
ACLs of databases for which it is an administration server.
Rename in Free Time database
Triggered by: Completion of the Rename person in Domino
Directory request.
Carried out on: The persons home server.
Carried out: Immediately
Result: The persons name is changed in the Calendaring and
Scheduling Free Time Database. Posts the Rename in Calendar
entries and Profile administration request.
Rename in unread list
Triggered by: Completion of the Initiate rename in Domino
Directory request.
Carried out on: Every server in the domain.
Carried out: According to the Execute once a day requests at
setting for the Administration Process in the Domino Directory.
Result: If an Unread List is located for the old name, the Unread List
is then stored with the persons new name.
Rename person in calendar entries and profiles in mail file
Triggered by: Completion of the Rename person in Free Time
Database request.
Carried out on: The persons home server.
Carried out: Immediately
Result: The persons name is changed in their mail files Calendar
Profile and appointment documents. If the persons common name
was changed and the common name is in the title of the mail file, the
mail file title changes to reflect the new name. If the person is the
chairperson of any future meetings, the name is changed in those
appointment documents.

Administration Process Requests F-85

Reference

Rename in Access Control List


Triggered by: Completion of the Rename person in Domino
Directory request.

Rename in Reader / Author fields


Triggered by: Completion of the Rename in Person documents
request on the administration server for the Domino Directory.
Carried out on: Each server in the domain.
Carried out: According to the Delayed Request setting for the
Administration Process in the Server document.
Result: Each server in the domain updates the persons name in
Reader/Author fields of databases for which it is an administration
server and that have the advanced ACL option modify all
Reader/Author fields selected.
Rename person - Inbound (destination) domain
The following requests are generated on the inbound domain.
Rename person in Domino Directory
Triggered by: Receipt of the request from the outbound domain.
Carried out on: The administration server for the Domino Directory.
Carried out: According to the Interval setting for the
Administration Process in the Server document.
Result: Updates the persons name in the Domino Directory except
in Person documents. Posts a Rename in Person document request.
Rename in Person documents
Triggered by: Completion of the Rename person in Domino
Directory request.
Carried out on: The administration server for the Domino Directory.
Carried out: According to the Execute once a day requests at
setting for the Administration Process in the Server document.
Result: Updates the name in Domino Directory Person documents.
Rename in Access Control List
Triggered by: Completion of the Rename person in Domino
Directory request.
Carried out on: Each server in the domain.
Carried out: According to the Interval setting for the
Administration Process in the Server document.
Result: Each server in the domain updates the persons name in
ACLs of databases for which it is an administration server.

F-86 Administering the Domino System, Volume 2

Carried out on: Every server in the domain.


Carried out: According to the Execute once a day requests at
setting in the Administration Process section of the Server document.
Result: If an Unread List for the old name is found in the database, a
copy of the Unread List is stored with the new name. Each server in
the domain examines every database on the server and updates the
persons name in any unread lists.
Rename in Reader/Author fields
Triggered by: Completion of the Rename in Person documents
request on the administration server for the Domino Directory.
Carried out on: Each server in the domain.
Carried out: According to the Delayed Request setting for the
Administration Process in the Server document.
Result: Each server in the domain updates the persons name in
Reader/Author fields of databases for which it is an administration
server and that have the advanced ACL option Modify all
Reader/Author fields selected.

Rename server - Cross domain administration request


You can use the Administration Process to rename (upgrade) a flat server
name to a hierarchical server name.
Rename server - outbound (source) domain
The following requests are generated on the outbound domain.
Initiate rename in Domino Directory
Triggered by: Performing an upgrade server to hierarchical in the
Domino Directory.
Carried out on: The administration server for the Domino
Administrator.
Carried out: According to the Interval setting for the
Administration Process in the Server document.
Result: A new certified public key is assigned to the server and the
Certified Public Key field in the Server document is updated.

Administration Process Requests F-87

Reference

Rename in unread lists


Triggered by: Completion of the Rename person in Domino
Directory request.

Rename server in Domino Directory


Triggered by: The server polls its server document data looking for
its new public key. The Rename server in Domino Directory
administration request is triggered by the server recognizing that its
name has changed.
Carried out on: The administration server for the Domino Directory.
Carried out: According to the Interval setting for the
Administration Process in the Server document.
Result: Update the servers name in the Domino Directory. Posts a
Rename in Access Control List request and a Rename in Person
documents request. Mails the request to the inbound domain.
Rename in Access Control List
Triggered by: Completion of the Rename server in Domino
Directory request.
Carried out on: All servers with databases that have been assigned
administration servers.
Carried out: According to the Interval setting for the
Administration Process in the Server document.
Result: Each server in the domain updates the persons name in
ACLs of databases for which it is an administration server.
Rename in Person documents
Triggered by: Completion of the Rename server in Domino
Directory request.
Carried out on: The administration server for the Domino Directory.
Carried out: According to the Execute once a day request at setting
for the Administration Process in the Server document.
Result: Updates the Person documents and posts a Rename in
Reader/Author fields request.
Rename in Reader / Author fields
Triggered by: Completion of the Rename in Person documents
request.
Carried out on: All servers.
Carried out: According to the Start executing on and Start
executing at settings for the Administration Process in the Server
document.
Result: The Reader/Author fields are updated.

F-88 Administering the Domino System, Volume 2

Rename server in Domino Directory


Triggered by: Receipt of the request from the outbound domain.
Carried out on: The administration server for the Domino Directory.
Carried out: According to the interval setting in the
Administration Process section of the Server document.
Result: If a matching flat server name is located, posts the Approve
Rename in Domino Directory administration request.
Approve Rename in Domino Directory (if flat server name is found)
Triggered by: Processing of the Rename server in Domino
Directory request and recognition of a flat server.
Carried out on: Any server on which you approve or reject the
request.
Carried out: According to the administrators discretion.
Result: Posts the Rename in Domino Directory administration
request.
Rename server in Domino Directory (If flat server name is found)
Triggered by: Administrators approval of the Approve Rename in
Domino Directory administration request.
Carried out on: The administration server for the Domino Directory.
Carried out: According to the Interval setting for the
Administration Process in the Server document.
Result: Update the servers name in the Domino Directory. Posts a
Rename in Access Control List request and a Rename in Person
documents request.
Rename in Access Control List
Triggered by: Completion of the Rename server in Domino
Directory request.
Carried out on: All servers with databases that have been assigned
administration servers.
Carried out: According to the Interval setting for the
Administration Process in the Server document.
Result: Each server in the domain updates the persons name in
ACLs of databases for which it is an administration server.

Administration Process Requests F-89

Reference

Rename server - inbound (destination) domain


The following requests are generated on the inbound domain.

Rename in Person documents


Triggered by: Completion of the Rename server in Domino
Directory request.
Carried out on: The administration server for the Domino Directory.
Carried out: According to the Execute once a day request at setting
for the Administration Process in the Server document.
Result: Updates the Person documents and posts a Rename in
Reader/Author fields request.
Rename in Reader / Author fields
Triggered by: Completion of the Rename in Person documents
request.
Carried out on: All servers.
Carried out: According to the Start executing on and Start
executing at settings for the Administration Process in the Server
document.
Result: The Reader/Author fields are updated.

Time-based execution requests


Time-based requests apply to move database or create replica actions
that are part of a recommended resource balancing plan as determined
by the Tivoli Analyzer. These time-based execution requests enable you
to enter the exact time that the administration request executes, as
opposed to waiting for the standard scheduled processing time.
Each of these requests runs within the set of requests generated for a
specific database move command as indicated in the Triggered by
information for each request.

Check access for new replica creation


Triggered by: Initiating an action to create a database replica in
another domain.
Carried out on: The server that contains the database being
replicated.
Carried out: Timed
Result: The Administration Process on the source server checks that
the user submitting the request and the destination server have at
least Reader access in the ACL of the database. If the user and
destination server have the necessary access and if a Connection
document between the source and destination server exists, the
F-90 Administering the Domino System, Volume 2

For more information on the Check access for new replica creation
request, see Create Replica - Cross domain administration request in
this appendix.

Check access for move replica creation


Triggered by: Executing the move database from a clustered server
command.
Carried out on: The source server.
Carried out: Timed
Result: The Administration Process checks that the administrator
initiating the request has Manager with Delete documents access
to the database being moved and that the destination server has
Reader access to the database being moved.
For more information on the processing of the Check access for move
replica creation request, see Move database from a cluster server in
this appendix.

Check mail servers access


Triggered by: Executing a move mail file command.
Carried out on: Home server for the mail file as designated in the
Person document.
Carried out: Timed
Result: Checks for a Connection document between the old and new
mail file servers, and sets up the ACLs so that the old and new
servers have Manager access. If it is the administration server of the
mail file, posts the Create new mail replica request. If it is not the
administration server for the mail file, posts a Promote new mail
servers access administration request.
For more information on the processing of the Check mail servers
access request, see Move a mail file from one server to another in this
appendix.

Check access for non-cluster move replica


Triggered by: Executing the move database from a non-clustered
server command.
Carried out on: The source server for the database.
Carried out: Timed

Administration Process Requests F-91

Reference

Administration Process generates a Create replica request in the


Administration Requests database of the source server.

Result: The Administration Process on the source server checks that


the user submitting the request is the Manager of the Domino
Directory and that the destination server has Reader access in the
ACL of the database. Posts a Non-cluster Move Replica request.
For more information on the Check access for non-cluster move replica
request, see Move database from a non-cluster server in this appendix.

F-92 Administering the Domino System, Volume 2

Reference

Appendix G
Novell Directory Service for the IPX/SPX Network
Domino servers and Notes workstations support Novell Directory
Service (NDS) with IPX/SPX.

Novell Directory Service for the IPX/SPX network


To create a Domino server NDS object, you add the Domino server
object class to the NDS schema. Then you use either the Novell
NetWare Administrator with the NetWare Administrator Snap-in
(NDSNOTES.DLL) or the Lotus NDS Manager (NDSMgr) to allow Notes
workstations and Domino servers to use the NDS object to access the
Domino server. The first time you start the Domino server, the SPX port
driver verifies that the Domino server NDS object is present, and then the
Domino server initializes, or updates, the object with the Domino server
IPX/SPX address. After the server object has been initialized,
workstations and other servers can use the object to access the server.
A Domino NDS object is persistent. Therefore, when a Domino server is
down, its corresponding NDS object is still present in the NDS tree.
Notes workstations and Domino servers that use NDS and attempt to
connect to an unavailable Domino server receive a message indicating
that the server is not responding. In addition, because a Domino NDS
object is persistent, it is updated only when one of its attributes changes.
For example, installing a new NIC changes the objects network
address attribute. In some cases, you may need to delete the Domino
NDS object and recreate it so it will reinitialize when the Domino server
restarts.
To view Domino server NDS object names in NDS, use the NetWare
Administrator with the Domino NetWare Administrator Snap-in
(NDSNOTES.DLL), which uses the Domino icon to identify the Domino
server. Other NDS viewers may use a smiley face to identify the
Domino server.

G-1

Domino NDS object attributes


To examine the attributes of Domino NDS objects, use either NetWare
Administrator with Domino NetWare Administrator Snap-in
(NDSNOTES.DLL) or the Lotus NDS Manager. The following table
contains attributes for a Domino NDS object.
Attribute

Description

Server Name

NDS name of Domino server for example,


CN=Chicago.OU=Sales.O=Acme

Network Address IPX address: network address: node address: socket number
for example, IPX: 030000508: 00805F685BDA: 506f
Status

UNINITIALIZED or INITIALIZED. If UNINITIALIZED, the


Domino server has not updated this object with its network
address. If INITIALIZED, the Domino server has updated
the object. However, if you are using Windows, the status
attribute shows UNINITIALIZED.

Version

Domino build number for example, 143

Description

Optional comments about the object for example, the


administrators name and location

Administering Domino server NDS objects


To administer a Domino server NDS object from a workstation, you can
use Novell NetWare Administrator with the Domino NetWare
Administrator Snap-in (NDSNOTES.DLL) or Lotus NDS Manager.
NetWare Administrator
NetWare Administrator is Novells standard tool for administering NDS
and all objects in the tree. To access NetWare Administrator, run one of
the following:

NWADMINNT.EXE if you are using a Windows NT or 2000 client

NWADMIN95.EXE if you are using a Windows 95, 98, or XT client

Domino supplies a snap-in (NDSNOTES.DLL) to the NetWare


Administrator that allows Domino servers to be administered using one
standard tool. You must configure NetWare Administrator before you
can use the snap-in.
Using NetWare Administrator, you can access menus to determine the
actions that can be performed on the Domino server NDS object. Using
the snap-in, the Domino server becomes an object class. The Domino
server NDS object class and servers are represented by the Domino icon.

G-2 Administering the Domino System, Volume 2

The following table describes the commands to use with Lotus NDS
Manager.
Task

Command

Create the Domino server


NDS class

-c

Remove the Domino server


NDS class

-r

Add a Domino server to the


tree

-a
For example, this command adds the Domino
server Burke to the tree:
-a cn=Burke.o=Acme

Delete a Domino server from -d


the tree
For example, this command deletes the Domino
server Burke from the tree:
-d cn=Burke.o=Acme
Read a Domino servers
object attributes

-s

Configuring the Domino snap-in registry values


Note Before modifying the registry, make sure you can start the
NetWare Administrator on the Notes workstation.
On a Windows NT or 2000 workstation
1. Copy the NDSNOTES.DLL to the directory where NetWare
Administrator resides on the Novell server.
2. From the Start menu on the workstation, choose Run and enter
REGEDT32.EXE (WINNT\SYSTEM32\REGEDT32.EXE).
3. Click HKEY_CURRENT_USERS - Software - Network - NetWare
Administrator - SNAPIN OBJECTs DLL WINNT.
4. From the Edit menu, select Edit, and then select Value and enter
NDSNOTES.DLL in the Value box (leave DATA TYPE: REG_SZ as
is), and click OK.
5. Enter NDSNOTES.DLL in the String box and click OK.
6. Verify NDSNOTES.DLL:REG_SZ:NDSNOTES.DLL is added to the
list of objects and exit the registry.
7. Reload NWADMNT.EXE.
Novell Directory Service for the IPX/SPX Network G-3

Reference

Lotus NDS Manager


For administration on Windows clients, Domino provides Lotus NDS
Manager (NDSMGR.EXE) which is located in the Domino program
directory and uses DLLs also found in the Domino program directory.

On a Windows 95, 98, or XP workstation


1. Copy the NDSNOTES.DLL to the directory where NetWare
Administrator resides on the Novell server.
2. From the Start menu on the workstation, choose Run and enter
REGEDIT.EXE.
3. Click HKEY_CURRENT_USERS - Software - NetWare - Parameters NetWare Administrator - SNAPIN OBJECTs DLL WIN95 or
SNAPIN OBJECTs DLL WIN98.
4. From the Edit menu, choose Edit, and then select Value.
5. Type NDSNOTES.DLL in the New Value #1 box (renaming this to
NDSNOTES.DLL).
6. Click the new entry NDSNOTES.DLL and enter NDSNOTES.DLL in
the Value Data box.
7. Verify NDSNOTES.DLL. NDSNOTES.DLL is added the list of
objects.
8. Reload NWADMN95.EXE.
9. To check that the NDSNOTES.DLL has been properly installed, in
NetWare Administrator, choose Object - Create. The Domino server
class object should be included in the list.

Using NetWare Administrator to manage a Domino NDS object


The following table describes how to use NetWare Administrator to
manage a Domino server NDS object.
Task

Action

Create a Domino server NDS object


class

Choose Tools - Define Notes Class.

Delete Domino server NDS object class Choose Tools - Define Notes Class.
Add a Domino server NDS object class Choose Object - Create.
Select Domino server object.
Enter the Domino server name.
Delete a Domino server NDS object

Select the Domino server.


Choose Object - Delete.

Read a Domino server NDS objects


attributes

Select the Domino server.

View a Domino server NDS objects


attributes

Double-click the Domino server NDS


object.

G-4 Administering the Domino System, Volume 2

To set up NDS for a Notes workstation, you must configure NDS within
the NetWare client and then configure the Notes workstation to use NDS.
Configuring NDS for a Notes workstation
1. Install a NetWare-compatible client that supports NDS and IPX/SPX.
2. Make sure the user log-in object has at least browse access to the
NDS tree.
3. Specify a Preferred Tree and Default Context. If you are using
Windows, specify these settings in the Control Panel.
4. Log into the NDS tree.
Configuring a Notes workstation to use NDS
1. Start the Notes workstation.
2. If you have not enabled the SPX port, do the following:
a. Choose File - Preferences - User Preferences - Ports.
b. Select SPX and select Port Enabled. The Notes workstation
automatically enables NDS and Bindery Services.
3. If you use only NDS on all Domino servers in your organization, do
the following:
a. Click SPX Options, select Advanced configuration, and then
select NetWare Directory Services to disable Bindery Services
lookup within Domino.
b. Create a Connection document for the home server in each users
Personal Address Book. In the Destination server field, enter the
NDS distinguished name for the home server. For example, if a
Domino server name is Chicago/Midwest/Acme, its NDS
distinguished name is CN=Chicago.OU=Marketing.O=Acme.
4. If you use only NDS and want to specify a backup Domino Directory
to use if the users home server is unavailable, edit the Location
document in each users Personal Address Book and specify a
For more information on naming Domino servers on an NDS network,
see the chapter Setting Up the Domino Network.

Setting up NDS for a Domino server


To set up NDS for a Domino server, you must first configure NDS for the
NetWare client or server and then configure the Domino server to use
NDS. To add a class to an NDS schema or add a Domino server NDS
object, you need NDS Administrator privileges.

Novell Directory Service for the IPX/SPX Network G-5

Reference

Setting up NDS for a Notes workstation

Configuring NDS for a Domino server


1. Install a NetWare-compatible client that supports NDS and IPX/SPX.
2. Make sure the user log-in object has trustee rights to the directory
tree that include browse, create, compare, read, and write.
3. Log into the NDS tree.
4. For each NDS tree, do one of the following to create a Domino server
NDS object class and add the class to the NDS schema:
If you are using NetWare Administrator, choose Tools - Define
Notes Class.
If you are using NDSMgr, enter this command:
ndsmgr -c Notes

5. To add each Domino server NDS object to the NDS tree, do the
following:
If you are using NetWare Administrator, choose Object - Create Notes Server Object and enter the Domino server name. You can
add information to the description if necessary.
If you are using NDSMgr, enter this command:
ndsmgr -a cn=server_name.o=preferred_tree,

Where server_name is the NDS name of the Domino server and


preferred_tree is the Preferred Tree name.
6. If you want the Domino server to log into NDS automatically when
the server starts, create user log-in objects for the Domino server and
make sure each user log-in object has trustee rights that include
browse, create, compare, read, and write access to the NDS directory
tree.
Configuring a Domino server to use NDS
1. Specify a preferred tree and default context. If you are using OS/2
Advanced Warp Server, specify these settings in the NET.CFG file. If
you are using Windows NT, specify these settings in the control
panel.
2. If you want the Domino server to log in to NDS automatically, edit
the NOTES.INI file to include these settings:
NWNDSUSERID=cn=server_name.o=tree_name

Where server_name is the NDS name of the Domino server and


tree_name is the name of the tree.
NWNDSPASSWORD=NDS_Service_Password

Where NDS_Service_Password is the password the Domino server


uses to log into NDS.
G-6 Administering the Domino System, Volume 2

4. If you use only NDS on all Domino servers in your organization,


click SPX Options, select Advanced configuration, and then select
NetWare Directory Services (NDS) to disable Bindery Services
lookup within Domino.
5. Open the Server document for this server in the Domino Directory
and add the NDS server name to the Network Address field on the
Ports tab. Include the Domino servers NDS distinguished name.
6. Exit the Notes workstation.

NOTES.INI settings for Novell Directory Service (NDS)


The following table contains the NOTES.INI settings that pertain
specifically to NDS.
For more information on these settings, see the appendix NOTES.INI
File.
Setting

Description

NWNDSUserID

Specifies the NDS Service/UserID, which Domino uses


to log into the NDS tree.

NWNDSPassword

Specifies the NDS Service Password, which Domino uses


to log into the NDS tree.

Example of setting up NDS for a Domino server


This example is from a NOTES.INI file that specifies a Domino server
NDS object name. The server name and password are configured so the
Domino server automatically logs into NDS when the server starts.
[NOTES]
KitType=2
Directory=F:\NOTES\data
FileDlgDirectory=F:\NOTES\
NWNDSUSERID=CN=SPXPYTHON.O=ZOO
NWNDSPASSWORD=NOTES

Novell Directory Service for the IPX/SPX Network G-7

Reference

3. If you have not enabled the SPX port, start the Notes workstation
and choose File - Preferences - User Preferences - Ports. Select SPX
and select Port Enable. Domino automatically enables NDS and
Bindery Services.

Reference

Appendix H
Accessibility and Keyboard Shortcuts in Domino
Administrator
This appendix contains an extensive list of keyboard shortcuts that are
available in the Domino Administrator as well as other
accessibility-related information and instructions on where to find
additional information.

Accessibility and keyboard shortcuts


The Domino Administrator is accessible to people with physical
challenges. Those with restricted mobility or limited vision can use the
following assistive aids:

Extended accelerator keys let you navigate through the Bookmark


bar and window tabs using your keyboard. Note that you must
enable extended accelerator keys before you can use them.

Keyboard shortcuts let you navigate through and perform a variety


of tasks in Domino Administrator.

For more information on accessibility, see:

The topic, Customizing Notes for Accessibility in Lotus Notes 6


Help. If you do not have Help installed, go to the Documentation
Library of the Lotus Developer Domain at
http://www.lotus.com/ldd/doc to download or view Lotus Notes 6
Help.

The IBM Accessibility Center Web site at


http://www-3.ibm.com/able/

The W3 Web Accessibility Initiative (WAI) site at


http://www.w3.org/WAI/

H-1

Enabling and using extended accelerator keys


Before you can use extended accelerator keys to navigate through the
Bookmark bar or the window tabs, you must enable the keys.
To enable extended accelerators for the Bookmark bar:
1. Choose File - Preferences - User Preferences.
2. Select Basics.
3. In the Additional Options box, select Show extended accelerators
and then click OK.

To use extended accelerator keys in the Bookmark bar


After you enable extended accelerator keys, press ALT+B to display
them in the Bookmark bar. You can use the accelerator keys as follows:

To navigate, use the UP and DOWN ARROWS, and HOME, END,


PAGE UP, and PAGE DOWN.

To select a Bookmark icon, press ENTER.

To remove focus from a Bookmark icon, press ESC.

To enable keyboard navigation of window tabs


1. Choose File - Preferences - User Preferences.
2. Select Basics.
3. In the Additional Options box, select Show extended accelerators
and then click OK.

To use extended accelerator keys in window tabs


To use an accelerator key, press ALT+W, followed by the number that
appears next to the window tab.

Keyboard shortcuts
The keyboard shortcuts in this section are based on U.S. standard
keyboards. If you are using a screen reader, you may want to maximize
your window so the tables of shortcuts are completely expanded and
accessible.

H-2 Administering the Domino System, Volume 2

You can use the following keyboard shortcuts to navigate through the
Domino Administrator user interface.
Press

To do this

ALT+B, then number (extended


accelerators in User Preferences
must be enabled)

Open bookmark on Bookmark bar

ALT+F5

Restore Domino Administrator to default


minimized size

ALT+F7, then ARROW keys, then Move position of active window


ENTER
ALT+F8, then ARROW keys, then Change size of active window
ENTER
ALT+F9

Minimize active window

ALT+F10

Maximize active windows

ALT+underlined letter for menu


item

Access menu item

ALT+underlined letter for menu


item, or ARROW keys

Move to next menu item

ALT+W, then number (extended


accelerators in User Preferences
must be enabled)

Open window tab on task bar

CTRL+BREAK

Stop operation in progress

CTRL+L, type URL, then ENTER

Go to a Web page

CTRL+Q or ALT+F4

Exit Domino Administrator

CTRL+TAB

Move to next window tab

ESC or CTRL+W

Close active window

F1

Get Help on current feature

F5

Lock User ID

F6

Move to next pane or frame

F10 or ALT

Access menu bar

SHIFT+ALT+S

Open search menu

SHIFT+CTRL+TAB

Move to previous window tab


continued

Accessibility and Keyboard Shortcuts in Domino Administrator H-3

Reference

Keyboard shortcuts for the Domino Administrator user interface

Press

To do this

SHIFT+CTRL, then UP ARROW or Select multiple bookmarks or bookmark


DOWN ARROW
folders
SHIFT+DOWN ARROW

Select additional items below an already


selected item

SHIFT+F6

Move to previous pane or frame

SHIFT+F10

Access Windows context menus

SHIFT+UP ARROW

Select additional items above an already


selected item

Keyboard shortcuts for databases


You can use the following keyboard shortcuts for opening and closing a
database, and for using database features including navigating within
views, folders, and panes.
Press

To do this

ARROW keys

Move through embedded element

CTRL+N

Create new database

CTRL+O

Open database

ENTER

Select item in embedded outline

ESC

Exit embedded element

ESC or CTRL+W

Close current database

F9

Refresh current document (in Edit mode),


view or workspace

MINUS (-) key

Collapse folder in embedded outline

PAGE DOWN

Move to bottom of active page

PAGE UP

Move to top of active page

PLUS (+) key

Expand folder in embedded outline

SHIFT+CTRL+F9

Update all views in current database

SHIFT+F9

Rebuild current document, view, workspace


(must have Manager access)

SPACEBAR

Give focus to embedded element

UP and DOWN ARROW

Move through embedded outline

H-4 Administering the Domino System, Volume 2

Standard dialog boxes appear when you perform many tasks in the
Domino Administrator. For example, when you choose File - Database Open, the Open Database dialog box appears.
Press

To do this

DOWN ARROW or RIGHT


ARROW

Select next item in a list or set of options in


dialog box

ESC

Cancel changes and close dialog box

F1

Get Help on current dialog box

SHIFT+TAB

Move to previous option or set of options in


dialog box

SPACEBAR

Access default or selected item(s) in dialog


box

TAB

Move to next option or set of options in


dialog box

UP ARROW or LEFT ARROW

Select previous item in a list or set of


options in dialog box

Keyboard shortcuts for properties boxes


In the Domino Administrator, you can learn about and change the
characteristics of a document, object, or database by opening a properties
box. For example, when you edit a document, choose Text - Text
Properties from the menu to open the Text Properties box.
Press

To do this

ALT+DOWN ARROW

Open Color box in Font tab

ALT+UP ARROW

Close Color box in Font tab

ALT+ENTER

Open or close properties box

CTRL+ALT+ENTER

Open or close express tools in properties


box

CTRL+END

Move to last properties box tab

CTRL+HOME

Move to first properties box tab

CTRL+PAGE DOWN

Move to next properties box tab

CTRL+PAGE UP

Move to previous properties box tab

DOWN ARROW or RIGHT


ARROW

Select next item in a list or set of options in


properties box
continued

Accessibility and Keyboard Shortcuts in Domino Administrator H-5

Reference

Keyboard shortcuts for dialog boxes

Press

To do this

ENTER

Activate default or selected item(s) in


properties box

ENTER

Close Color box in Font tab and activate


selection

ESC

Close Color box in Font tab without


activating selection

F1

Get Help on current properties box

SHIFT+CTRL+END

Move to first properties box in list

SHIFT+CTRL+HOME

Move to last properties box in list

SHIFT+CTRL+PAGE DOWN

Move to next properties box in list

SHIFT+CTRL+PAGE UP

Move to previous properties box in list

SHIFT+TAB

Move to previous option or set of options in


properties box

TAB

Move to next option or set of options in


properties box

UP ARROW or LEFT ARROW

Select previous item in a list or set of


options in properties box

Keyboard shortcuts for documents


You can use the following keyboard shortcuts when you work with a
document.
Press

To do this

CTRL+DOWN ARROW

Move to next highlighted search word in


document appearing in preview pane

CTRL+E

Edit document

CTRL+END

Move to bottom of document

CTRL+F

Find text and replace

CTRL+G

Find next occurrence of text

CTRL+HOME

Move to top of document

CTRL+P

Print selected document

CTRL+PAGE DOWN

Move to next tab in tabbed table

CTRL+PAGE UP

Move to previous tab in tabbed table

CTRL+UP ARROW

Move to previous highlighted search word


in document appearing in preview pane
continued

H-6 Administering the Domino System, Volume 2

To do this

ESC

Move to previous linked document

F4 or TAB

Move to next unread document

LEFT ARROW

Move to previous link or object

RIGHT ARROW

Move to next link or object

SPACEBAR

Activate selected object

SPACEBAR

Expand or collapse selected section

SPACEBAR

Open selected link to document, view, or


database

Keyboard shortcuts to select and move text in a document


You can use the following keyboard shortcuts when you create or edit a
Mail memo or a document. You must use Edit mode to use these
shortcuts. Press CTRL+E to put your document in Edit mode.
Press

To do this

CTRL+A

Select all contents of document

CTRL+C

Copy selected text or object

CTRL+DOWN ARROW

Move item in list or table one row down

CTRL+UP ARROW

Move item in list or table one row up

CTRL+V

Paste text or object

CTRL+X

Cut selected text or object

DELETE

Delete selected graphic

DELETE

Delete selected text or object

SHIFT+CTRL+DOWN ARROW

Select text up to same point of next line

SHIFT+CTRL+LEFT ARROW

Select previous word

SHIFT+CTRL+RIGHT ARROW

Select next word

SHIFT+CTRL+UP ARROW

Select text up to same point of previous line

SHIFT+DOWN ARROW

Select text to end of current line, move focus


to next

SHIFT+END

Select text to end of current line

SHIFT+HOME

Select text to beginning of current line

SHIFT+LEFT ARROW

Select previous character

SHIFT+RIGHT ARROW

Select next character

SHIFT+UP ARROW

Select text to beginning of current line,


move focus to previous

Accessibility and Keyboard Shortcuts in Domino Administrator H-7

Reference

Press

Keyboard shortcuts to move the cursor in a document


You can use the following keyboard shortcuts when you create or edit a
Mail memo, a document, or a form. You must use Edit mode to use these
shortcuts. Press CTRL+E to put your document in Edit mode.
Press

To move to

CTRL+LEFT ARROW

Beginning of current word

CTRL+RIGHT ARROW

Beginning of next word

END

End of line

HOME

Beginning of line

SHIFT+TAB

Previous field in a form

SHIFT+TAB

Previous row in table

TAB

Next field in a form

TAB

Next row in table

Keyboard shortcuts to change text and paragraph properties in a


document
You can use the following keyboard shortcuts when you create or edit a
Mail memo, a document, or a form. You must use Edit mode to use these
shortcuts. Press CTRL+E to put your document in Edit mode.
Press

To do this

CTRL+B

Bold selected text

CTRL+E

Put document in Edit mode (toggle)

CTRL+F

Find text and replace

CTRL+G

Find next

CTRL+I

Italicize selected text

CTRL+J

Format paragraphs (alignment, spacing, and


so on)

CTRL+K

Format text (font, size, color, and so on)

CTRL+R

Show/Hide ruler

CTRL+T

Change text style to default (color changes only


if the text style is from a Paragraph Style)

CTRL+U

Underline selected text

CTRL+Z

Undo last action

F2

Enlarge selected text to next available point


size
continued

H-8 Administering the Domino System, Volume 2

To do this

F7

Indent first line in paragraph

F8

Indent entire paragraph

F9

Refresh current document (in Edit mode),


view, or workspace

F11

Cycle through paragraph styles from


Paragraph Styles tab in Text Properties box

SHIFT+CTRL+L

Insert page break

SHIFT+F2

Reduce selected text to next available point


size

SHIFT+F7

Outdent first line in a paragraph

SHIFT+F8

Outdent entire paragraph

Keyboard shortcuts when working in views


You can use the following keyboard shortcuts in a view.
Press

To do this

CTRL+A

Select all documents in view

CTRL+C

Copy selected document

CTRL+F

Find text in view

CTRL+P

Print selected document or view

CTRL+V

Paste selected document

CTRL+X

Cut selected document

DELETE

Delete selected document (place document in


Trash folder)

ENTER

Select item in embedded view

F3

Move to next selected document

F4 or TAB

Move to next unread document

F9

Refresh current document (in Edit mode),


view, or workspace

SHIFT+CTRL+F9

Update all views in current database

SHIFT+DELETE

Delete selected document permanently

SHIFT+F3

Move to previous selected document

SHIFT+F9

Rebuild current document, view, or


workspace (must have Manager access)

SPACEBAR

Select or deselect document

Accessibility and Keyboard Shortcuts in Domino Administrator H-9

Reference

Press

Reference

Appendix I
Server.Load Command Language
This appendix describes the commands that you use to create a custom
Server.Load script.

Server.Load commands
Server.Load scripts consist of statements in a simple command language,
the Server.Load specification language. Each command simulates an
aspect of the Notes client functionality. You can build a script containing
a series of these commands to perform a complex task, such as reading
and deleting mail.

Server.Load script conventions


Review the following sample script and the breakdown of its elements to
understand the conventions of the Server.Load command language. This
sample script example creates and initializes mail file(s). Text enclosed
in asterisks (**) indicates comments. Commands are case-insensitive;
therefore, you can enter them in all lowercase, all uppercase, or in mixed
case.
**Changeto specifies the database to use for the test. [MailServer] is the
NOTES.INI setting for the changeto command. NOTES.INI settings are
enclosed in square brackets [ ]. The value of the setting can be in the
NOTES.INI file or you can hard-code it into the script. for example,
changeto [WFS], where WFS is the name of the mail server. [#] is the
number of the thread, or simulated user.**
changeto [MailServer]!!mail\mail[#].nsf mail60.ntf

*Ensure that the current database contains a defined number of


documents (NumMailNotesPerUser) to use in the test.
populate [NumMailNotesPerUser] $Inbox

*Open the current view


open

I-1

*Close the view


close
drop

@Else command
Use with the @If command in a Server.Load script.
Example
@If[DeleteEntry]
delete 1
@Else
add 1
@EndIf

@EndIf command
Use with the @If command in a Server.Load script.
Example
@If[DeleteEntry]
delete 1
@Else
add 1
@EndIf

@If command
Used in a Server.Load script to execute [Commands] if [Value] is
non-zero. @If is used to execute multiple commands or to use an @Else
condition.

Syntax
@If [Value] [Commands] [@Else [Commands]] @EndIf

Where:
[Value] Typically a NOTES.INI setting
I-2 Administering the Domino System, Volume 2

@If [DeleteDoc]
Delete 1
@Else
Add 1
@EndIf

Add command
Use in a Server.Load script to create new documents in a database
according to the value of a. Each new document consists of: an author
field with the current users name; a recipients field with the current
users name; the ordinal number of the document as a summary item; the
subject (summary) text item; the optional attachment item; and the body
(non-summary) text item.
If no number is specified, one note is created. If b is not specified, the
length of the summary data is a uniform random number between 1 and
100 bytes. If c is not specified, the length of the non-summary data is a
uniform random number between 100 and 300 bytes.

Syntax
Add(a, b, c)

Where:
a Number of documents to be added
b Length of summary item\Subject\ (optional; default is \)
c Length of non-summary item \Subject\ (optional; default
value is \)
Note The body (non-summary) value cannot exceed 65000 bytes.
Example 1
This example adds documents to the default view All Document $all.
changeto [mailserver]!!mail\mail[#].nsf mail60.ntf
-keepopen
add [a]
drop
Server.Load Command Language I-3

Reference

Example
This example executes the Delete command, only if [DeleteDoc] is
defined in the NOTES.INI file and is non-zero; otherwise, the Add
command is executed:

Note You need to add a value for the environment variable a in the
NOTES.INI file, or you can code it into the script, as below:
changeto [mailserver]!!mail\mail[#].nsf mail60.ntf -keepopen

* Hard coded with value of 10 documents


add 10
drop

Example 2
This example adds documents to the Inbox folder using -f (foldername).
changeto [mailserver]!!mail\mail[#].nsf mail46.ntf -keepopen
add [a] -f $Inbox
drop

Example 3
This example adds 1 document to the Inbox view with the subject
(Length of summary item) set to 30 bytes and the Body (Length of
non-summary item) is set to 10000 bytes.
changeto [mailserver]!!mail\mail[#].nsf mail46.ntf -keepopen
add 1 30 10000 -f $inbox
drop

BeginCrit command
Use in a Server.Load script to mark the beginning of a scripts critical
region. A critical region is a series of lines in a script that can only be
executed by one Server.Load simulated user (thread). The critical region
is marked by the BeginCrit and EndCrit pair. There can be a maximum of
6 critical regions per script.

BeginLoop command
Use in a Server.Load script to mark the start of the loop and the point to
which the Rewind statement returns control. A script can have one loop.

I-4 Administering the Domino System, Volume 2

Use in a Server.Load script to mark the start of the loop and the point to
which the Rewind2 statement returns control.

Break command
Use in a Server.Load script to allow the user to set program control after
an error.

Syntax
Break [x]

Where x is:
1 To terminate program upon error
0 To move on to next line upon error
The default is Break 1.

Cal command
Use in a Server.Load script to schedule an appointment or invitation.

Syntax
Appointment:
cal -a <db> <msgsz> <dur> <startrng> <endrng> <nthiter>

Invitation:
cal -i <db> <msgsz> <dur> <startrng> <endrng> <numrecip>
<nthiter>

Where:
<dur> Duration, in minutes
<startrng> Lower bound for the number of days ahead to
schedule
<endrng> Upper bound for the number of days ahead to
schedule
<numrecip> Number of recipients
<nthiter> Nth iteration of the script

Server.Load Command Language I-5

Reference

BeginLoop2 command

ChangeTo command
Use in a Server.Load script to set the current database for the test.
Provide the full file name of the database (use server!!file if a remote
database), or specify the keyword MAIL to open the mail database.
The following statements operate on the specified database. If the
database doesnt exist, a new database is created using template
[database template name]. If the keepopen option is specified (which is
the string -keepopen), the database is not closed and reopened if it is
already open.

Syntax
ChangeTo [database name] [database template name]
[-keepopen]

Where:
[database name] Full file name of the database
[database template name] File name of the template database
[-keepopen] Keeps the database open
Example 1
Using changeto to create a local database.
* Create local file using the journal template (journal.ntf)
* NOTES.INI contains setting templateversion=4
changeto journal.nsf journal[templateversion].ntf -KeepOpen
pause 5000

* Populate the view with 10 notes


populate 10
pause 5000

* Open the view collection


open

* Update the view index


index
pause 5000

* Close the view collection


close

I-6 Administering the Domino System, Volume 2

* Create one or more databases on Mailserver using (journal.ntf)


* NOTES.INI contains setting templateversion=4
* Creation of multiple databases, based on the number of threads
* All test databases will be placed in the journal directory
changeto [MailServer]!!journals\journal[#].nsf
journal[templateversion].ntf -KeepOpen
pause 5000

* Populate the view with 10 documents


populate 10
pause 5000
open

* Update the view index


index
pause 5000

* Close the view collection


close

Example 3
Create and initialize mail file(s)
Note Uses Script Variable [NumMailNotesPerUser]
* Script to create and initialize mail file(s)
changeto [MailServer]!!mail\mail[#].nsf mail60.ntf

* Make sure there are enough notes in mail database


populate [NumMailNotesPerUser] $Inbox

* Open the current view


open

* Close the view


close
drop

Server.Load Command Language I-7

Reference

Example 2
Using changeto to create multiple databases on a server. In this example
the thread number is substituted in for the [#] symbol.

Close command
Use in a Server.Load script to close the current view. The view is opened
with the Open command.

Console command
Use in a Server.Load script to allow you to issue remote server console
commands, similar to the Domino server console in the Domino
Administrator console. You must have administration rights on the sever
you are attempting to issue commands to.

Syntax
Console [server] [command]

Where:
[server] The server at which to execute the console command
[command] The command executed to the server
Example
This example uses the console command to issue a Show Stat command.

The console command is analogous to remote console capability

In this example sh stat is issued. Any server command can be


substituted.

Console [MailServer] sh stat

DbDelete command
Use in a Server.Load script to delete a database (locally or on a server). If
the database is on a server, you must have delete database access.

Syntax
DbDelete [dbname]

Where:
[dbname] Full database name. (Use server!!file if remote
database.)

I-8 Administering the Domino System, Volume 2

Use in a Server.Load script to delete randomly selected notes from the


current database. Using Delete without any arguments deletes only one
document from the database. To determine how to set the current
database, use the ChangeTo command.

Syntax
Delete [#]

Where:
[#] Number of documents to delete

Drop command
Use in a Server.Load script to drop all network connections on the
specified port.

Syntax
Drop [hangup] [port]

Where:
[hangup] Causes the connection to be disconnected.
[port] The port to be disconnected.
Example 1
Disconnects the connection on the port specified.
changeto [MailServer]!!mail\mail[#].nsf mail46.ntf
pause 1min
drop hangup tcpip

Example 2
Disconnects all user sessions on specified port
changeto [MailServer]!!mail\mail[#].nsf
pause 1min

*Add additional statements here


drop tcpip

Server.Load Command Language I-9

Reference

Delete command

EndCrit command
Use in a Server.Load script to indicate a critical region that can be
executed by only one simulated user (thread). The critical region is
marked by the BeginCrit and EndCrit pair. There can be a maximum of
six critical regions per script.

Entries command
Used in a Server.Load script to simulate a user pressing PgUp and PgDn
or pressing Up and Down arrows to traverse a view.

Syntax
Entries [start] [end] <navigation option>

Where:
[start] Starting index ordinal position (optional; default is 1)
[end] Number of index entries to be read (optional; default is
All)
<navigation option> One of the navigation options, described
in the Navigate command.

ErrorDelay command
Used in a Server.Load script to set a time delay after a nonfatal error
occurs.

Syntax
ErrorDelay [delay]

Where:
[delay] Time to delay, in milliseconds. (Default is 150000 20000ms, or 15 to 20 seconds)

I-10 Administering the Domino System, Volume 2

Used in a Server.Load script to enable you to search index entries by key.

Syntax
FindByKey "[KeyField]#searchstring"

Where:
key list List of keys separated by semicolons. Each key is in the
<item>#<value> format, where <item> is the item, name, and
<value> is the value. The FindByKey key list argument is the
Field Name of the column searched, and the value of the data as it
appears in the column.
option list One or more of the following, each separated with a
space:
NO_ACCENT Accent insensitive
NO_CASE Case insensitive
PARTIAL Partial compare
FIRST_EQUAL First equal entry
LAST_EQUAL Last equal entry
GREATER_THAN All entries greater than
LESS_THAN All entries less than
UPDATE_IF_NOT_FOUND Update if not found
Example
Search a view containing a column referencing the field Status and
search for those complete.
FindByKey "[Keyfield]#complete"

The NOTES.INI setting is is Keyfield=Status. This also appears, and is


set, on the Test Parameters tab.

Server.Load Command Language I-11

Reference

FindByKey command

FindByName command
Used in a Server.Load script to enable you to search index entries by name.

Syntax
FindByName [searchstring] <optionlist>

Where:
[searchstring] The search collection whose primary sort key
matches the given null-terminated string
<optionlist> See the FindByKey command for <optionlist>
choices.

GetAll command
Used in a Server.Load script to fetch the ID table of all Note IDs from the
database. This command must be used before other commands for
example, Stamp that operate on random documents in the database
because those commands pick random notes out of this table. If this
command is not used, the master ID table will start from scratch.

Help command
Used in a Server.Load script to display help text. If [command] is
specified, help text for the command is displayed.

Syntax
Help [command]

@If command
Used in a Server.Load script to execute [Commands] if [Value] is
non-zero. @If is used to execute multiple commands or to use an @Else
condition.

Syntax
@If [Value] [Commands] [@Else [Commands]] @EndIf

Where:
[Value] Typically a NOTES.INI setting
I-12 Administering the Domino System, Volume 2

@If [DeleteDoc]
Delete 1
@Else
add 1
@EndIf

ImailCheckForNewMail command
Used in a Server.Load script to purge deleted IMAP messages and check
for new messages.

ImailCloseMailbox command
Used in a Server.Load script to close the currently selected IMAP
mailbox.

ImailFetchEntry command
Used in a Server.Load script to get (UID Fetch) body for specified entry.

Syntax
ImailFetchEntry [navigator]

Where:
[navigator] CURRENT, NEXT, NEXT_UNSEEN, or FIRST. If
not specified, default is CURRENT.

Server.Load Command Language I-13

Reference

Example
This example executes the Delete command, only if [DeleteDoc] is
defined in the NOTES.INI file and is non-zero; otherwise, the Add
command is executed:

ImailFetchOld command
Used in a Server.Load script to get (UID Fetch) Body for specified entry.

Syntax
ImailFetchOld [navigator]

Where:
[navigator] CURRENT, NEXT, NEXT_UNSEEN, or FIRST. If
not specified, default is CURRENT.

ImailGetLastEntries command
Used in a Server.Load script to get (Fetch) last page of entries (UID, flags,
envelope) for use with ImailFetchEntry.

ImailGetNewMail command
Used in a Server.Load script to check for new IMAP messages.

ImailHelp command
Used in a Server.Load script to displays all available IMAP (IMail*)
commands with Help text.

ImailListMailboxes command
Used in a Server.Load script to list IMAP mailboxes.

Syntax
ImailListMailboxes [refmbox] [mailbox] [sub]

Where:
[refmbox] Root mailbox to list from. If not specified, default is
.
[mailbox] Root mailbox to list from. If not specified, default is
.
[sub] If TRUE, lists subscribed mailboxes; if FALSE, lists
non-subscribed mailboxes.
I-14 Administering the Domino System, Volume 2

Used in a Server.Load script to log in to a server running IMAP.

Syntax
ImailLogin [host] [user] [password]

Where:
[host] The Internet host name of the IMAP server for
example, company.com
[user] The IMAP user name to log in as
[password] The password of the user

ImailLogout command
Used in a Server.Load script to log out of a server running IMAP.

ImailOpenMailbox command
Used in a Server.Load script to open (select) an IMAP mailbox (the Inbox
folder of the mail file).

Syntax
ImailOpenMailbox [mailbox]

Where:
[mailbox] The name of the mailbox to open

ImailPostMessage command
Used in a Server.Load script to add a message to the specified mailbox.

Syntax
ImailPostMessage [bodysize] [linesize] [mailbox]

Where:
[bodysize] Total size of the message
[linesize] Length of each line in the message, typically 80

Server.Load Command Language I-15

Reference

ImailLogin command

[mailbox] Name of the folder in which to locate the message,


typically Inbox
Example
This example dreates a 2000-byte message in the Inbox. Each line in the
message contains 80 characters.
ImailPostMessage 2000 80 Inbox

ImailSetSeen command
Used in a Server.Load script to set current message as seen.

Index command
Used in a Server.Load script to update the currently open collection.

Syntax
Index

Example
Updating a view collection with the Index command. In this example, the
thread number is substituted for the pound symbol [#].
* Create one or more databases on mail server using (journal.ntf)
* NOTES.INI file contains setting templateversion=4
* Creation of multiple databases, based on the number of threads
* All test databases will be placed in the journal directory.
changeto [MailServer]!!journals\journal[#].nsf
journal[templateversion].ntf -KeepOpen
pause 5000

* Populate the view with 10 documents


populate 10
pause 5000
open

I-16 Administering the Domino System, Volume 2

Reference

* Update the view index


index
pause 5000

* Close the view collection


close

LDAPLookup command
Used in a Server.Load script to perform LDAP lookup for specified user
name.

Syntax
LDAPLookup <username>

Where:
<username> Performs cn=username search on host LDAPHost.
Note The NOTES.INI file must contain the setting
LDAPHost=system.domainname for example, LDAPHost =
Server.acme.com

Lookup command
Used in a Server.Load script to search the Domino Directory
(NAMES.NSF) for names you specify.

Syntax
Lookup (a, b, c)

Where:
a Mail server name
b Namespace, specified as $users, $servers, $groups,$domain,
$people, $People, $ServerAccess, $CrossCertByRoot,
$CrossCertByName,$Users,$Servers, $Certifiers,
$CrossCertByRoot,$Certifiers, $Connections, $Profiles
c Names list; each entry separated by ASCII \0
Example
Lookup performed
Lookup fssaixw/ess $Users John Doe/WAS/Acme
Server.Load Command Language I-17

NABRetrievePOP3Mail command
Used in a Server.Load script to retrieve POP3 mail messages for a fixed
user in the Domino Directory (NAMES.NSF).

Syntax
NABRetrievePOP3Mail <msg_num> <hostname> <options>

Where:
<mst_num> Message to retrieve. Use the value -1 to retrieve all.
<hostname> Host name of the server running SMTP MTA.
<options> POP3 retrieval options: USE_SSL uses SSL protocol,
LEAVE_ON_SERVER leaves messages on the server.

NABUpdate command
Used in a Server.Load script to update a number of random documents
of a particular type in the Domino Directory (NAMES.NSF) database.

Syntax
NABUpdate(a,b)

Where:
a Type of document to update (Person, Group, or Connection)
b Number of documents to update. If b is not specified, one
document is updated.

Navigate command
Used in a Server.Load script to read number of documents as listed in
index.

Syntax
Navigate [<a>[<option>[ASYNC]]]

Where:
<a> Number of documents to be read (optional; default is 1)
<option> One or more of the following navigation options. You
can string multiple options together as OR options, separated by
the split vertical bar () character.
I-18 Administering the Domino System, Volume 2

ASYNC Flag for opening documents asynchronously

NewMail command
Used in a Server.Load script to poll for new mail.

Syntax
NewMail(a,b,c)

Where:
a Name of mail file (default is your mail file)
b Number of times to poll (default is 1)
c Millisecond delay between polls (default is 1000 ms)

NewReplicateDB command
Used in a Server.Load script to create empty database <target> as replica
of <source>.

Syntax
NewReplicateDB <source> <target>

Server.Load Command Language I-19

Reference

NEXT, PREV, CURRENT, PARENT, CHILD, NEXT_PEER,


PREV_PEER, FIRST_PEER, LAST_PEER, CURRENT_MAIN,
NEXT_MAIN, PREV_MAIN, ALL_DESCENDANTS,
NEXT_UNREAD, NEXT_UNREAD_MAIN, PREV_UNREAD,
PREV_SELECTED, PREV_SELECTED_MAIN,
PREV_EXPANDED_UNREAD, PREV_EXPANDED,
PREV_EXPANDED_SELECTED,
PREV_EXPANDED_CATEGORY, PREV_EXP_NONCATEGORY,
PREV_HIT, PREV_SELECTED_HIT, PREV_CATEGORY,
PREV_UNREAD_HIT, PREV_NONCATEGORY, CIRCULAR,
MAXLEVEL, MINLEVEL, WITHIN_MAIN, CONTINUE,
PREV_MAIN_ALWAYS, NEXT_SELECTED,
NEXT_SELECTED_MAIN, NEXT_EXPANDED_UNREAD,
NEXT_EXPANDED, NEXT_EXPANDED_SELECTED,
NEXT_EXPANDED_CATEGORY, NEXT_EXP_NONCATEGORY,
NEXT_HIT, NEXT_SELECTED_HIT, NEXT_CATEGORY,
NEXT_UNREAD_HIT, NEXT_NONCATEGORY

Where:
<source> Full file name of source database. Use the format
server!!file for a remote database.
<target> Full file name of new target database; if a database
with the same name exists with a different replica ID, it will be
overwritten.

NoteAdd command
Used in a Server.Load script to add a document with the specified
[Subject], [Body], [Attachment], [MsgCount], [NamedField], and
[FolderID].

Syntax
NoteAdd [-sSubject] [-bBody] [-aFileAttachment] [-cMsgCount]
[-nNamedField] [-fFolderID]

Where:
Subject Summary item Subject
Body Non-summary item Body
Attachment File name of attachment
MsgCount Number of messages to add
NamedField Named field
FolderID Add document to folder with this ID

Open command
Used in a Server.Load script to open a view collection.

Syntax
Open (a) <option>

Where:
a View document ID (optional; default is the default view) or
DESIGN to open the design collection. To open a view other than
the default view, enter the decimal value of last 3 digits in the
View Note ID converted from hex to decimal. To view this
property, open the list of views and select a view, then bring up
the Properties for the item.)
I-20 Administering the Domino System, Volume 2

noupdate, rebuild, invalidate, verify, do_not_create,


verify_shared_view_note, reopen_collection, associate_unread,
getname_list, noupdateunread, namespace
Can also specify UPDATE, which will open using a separate
update. Values are separated by spaces; default value is NONE.

Pause command
Used in a Server.Load script to wait for a specified number of
milliseconds before performing the next command in the script.

Syntax
Pause (a)

Where:
a Number of milliseconds to wait, or any of the forms: (Xsec,
X-Ysec, Xmin, X-Ymin, Xhours, X-Yhours)

Populate command
Used in a Server.Load script to ensure that there are
(NumMailNotesPerUser) documents in the current database. This
command locks the database to prevent other users from simultaneously
performing another Populate command, gets the number of documents
currently in the database, and adds documents as necessary.

Syntax
Populate (NumMailNotesPerUser) [folder]

Where:
NumMailNotesPerUser Total number of documents you want
the database to have
folder Folder or view to which documents will be added
Example
This example creates and initializes a mail file(s); documents are added
to folder $Inbox.
changeto [MailServer]!!mail\mail[#].nsf mail46.ntf

Server.Load Command Language I-21

Reference

<option> One or more of these options:

* Make sure there are enough documents in mail database


populate [NumMailNotesPerUser] $Inbox

* Open the current view


open

* Close the view


close
drop

Quit command
Used in a Server.Load script to terminate the open program.

Syntax
Quit

Read command
Used in a Server.Load script to open and close a specified number of
documents.

Syntax
Read (a)

Where:
a Number of notes to be opened and closed

Replicate command
Used in a Server.Load script to replicate with server.

Syntax
Replicate <server> <direction> <files> <options>

Where:
<server> Server with which to replicate
<direction> One of the following: PUSH, PULL, or BOTH
(optional; default is BOTH)
I-22 Administering the Domino System, Volume 2

<options> One or more of these options. Use the split vertical


bar (|) to separate options.
UPDATE_COLL Update collections
CLOSE_SESSION End session with server when done
SUMMARY_ONLY Only replicate summary fields
TRUNCATE Truncate long documents
PRI_LOW Replicate low-priority databases
PRI_MED Replicate medium-priority databases
PRI_HI Replicate high-priority databases

RetrievePOP3Mail command
Used in a Server.Load script to retrieve POP3 mail messages for a user.

Syntax
RetrievePOP3Mail <user> <password> <msg_num> <hostname>
<options>

Where:
<user> Users POP3 account name
<password> Users POP3 password
<msg_num> Message to retrieve; -1 to retrieve all
<hostname> Host name of the server running SMTP MTA
<options> POP3 retrieval options (USE_SSL for SSL protocol,
LEAVE_ON_SERVER to leave messages on the server)

Rewind command
Used in a Server.Load script to restart the script file, if one is given, up to
a maximum of n iterations, if n is specified. If the script contains a
BeginLoop statement, the next command executed is the one
immediately following the BeginLoop. Otherwise, the next command
executed is the first command in the script. If n is not specified, the
Rewind command is executed indefinitely.

Server.Load Command Language I-23

Reference

<files> List of files to replicate for example,


TESTREP1.NSF|TESTREP2.NSF (optional; default is ALL)

Syntax
Rewind <n>

Where:
<n> Number of times to restart the script

Rewind2 command
Used in a Server.Load script to restart the loop, up to a maximum of n
iterations, if n is specified. If the script contains a BeginLoop2 statement,
the next command executed is the one immediately following the
BeginLoop2 statement. If n is not specified, the Rewind2 command
executes indefinitely.

Syntax
Rewind2 <n>

Where:
<n> Number of times to restart the script

RSVPInvitation command
Used in a Server.Load script to send a response (acceptance) to an
invitation (if one exists). RSVP is subject to nthIteration.

SendMessage command
Used in a Server.Load script to create and send a mail message. The
random body text in the message is created by the same method as in
CREATEFILE. Message recipients are selected with a uniform
distribution from the people in the Domino Directory (NAMES.NSF) on
the source driver system. All replicas of the Domino Directory on the
source driver systems and SUT have the same content.

Syntax
SendMessage <message_size> <num_recipients> <nth_iteration>
<attachment>

I-24 Administering the Domino System, Volume 2

<message_size> Size of the body text, in bytes


<num_recipients> Number of random users that will receive
the message
<nth_iteration> Sends a message every n script iterations
<attachment> Name of file to be attached to message
(optional). File is assumed to be in Notes data directory unless a
drive/path specification is provided (e.g., c:\mypath\myfile.txt).

SendSMTPMessage command
Used in a Server.Load script to create and send an SMTP mail message.

Syntax
SendSMTPMessage <message_size> <line_size>
<num_recipients/recipient> <hostname> <domain> <client_host>
<nth_iteration>

Where:
<message_size> Size of body text in bytes
<line_size> Size in bytes of each line in a multi-line message
<num_recipients> Number of random users in the Domino
Directory to receive the message
<recipient> A recipients e-mail address
<hostname> Host name of server running SMTP Listener
<domain> Domain of user for recipient addresses
<client_host> Client host name
<nth_iteration> Send a message every n script iterations

SessionsClose command
Used in a Server.Load script to close all open sessions. This statement
only closes sessions opened with SessionsOpen.

Syntax
SessionsClose

Server.Load Command Language I-25

Reference

Where:

SessionsOpen command
Used in a Server.Load script to create sessions on the specified server,
monitor the time it takes to open num_sessions, and return that value. To
close all of the sessions that you open, include the SessionsClose
command in the script.

Syntax
SessionsOpen <server> <num_sessions>

Where:
<server> Server where the sessions will be created
<num_sessions> Number of sessions to create

SetContextStatus command
Used in a Server.Load script to set the context iteration status.

SetCalProfilecommand
Used in a Server.Load script to set the Owner and BusyName fields for
the current database.

Stamp command
Used in a Server.Load script to select a random documents from the list
of Note IDs returned from GetAll. Stamp modifies a summary data field
of length b in each document with the same random value.

Syntax
Stamp (a, b)

Where:
a Number of documents to be stamped
b New size of the summary item Subject (optional; default
is )

I-26 Administering the Domino System, Volume 2

Used in a Server.Load script to set the database unread list for the
current collection to contain (a) random documents. This command may
be used before a Navigate with one of the unread navigation options to
simulate reading a specific number of new documents.

Syntax
Unread (a)
Where:

a Number of documents to select randomly as unread

Update command
Used in a Server.Load script to update random documents in a database,
based on the value of a.

Syntax
Update (a, b, c)

Where:
a Number of documents to be updated. If a is not specified,
one document is updated.
b New size of the summary item Subject (optional; default is
). If b is not specified, the length of the summary data is a
uniform random number between 1 and 100 bytes.
c Length of non-summary item Body (optional; defaults to
). If c is not specified, the length of the non-summary data is a
uniform random number between 100 and 300 bytes.

Server.Load Command Language I-27

Reference

Unread command

WebGet command
Used in a Server.Load script to retrieve information from a specified URL.

Syntax
WebGet -[sumonly | alldata] [{-url <urlname> [-walk <depth>
<span>] [-proxy <urlname>] } | { [-file <filename>] | <#
entries to fetch> [-concurrent | -sequential ] } ]
-[holdtime <ct> <st>]

- [sumonly | alldata} Retrieves either summary information


(sumonly) or actual data for example, a graphic image (alldata)
for a specified URL. The summary information is retrieved with
the HTTP HEAD command; the actual data is retrieved with the
HTTP GET command. Summary mode is useful for placing a light
load on the HTTP server, as summary information is typically less
than 300 bytes, versus an HTML document or image which can be
any size.
[{-url <urlname> [-walk <depth> <span>] [-proxy <urlname>] } |
{ [-file <filename>] | <# entries to fetch> [-concurrent |
-sequential ] } ] -[holdtime <ct> <st>]
After Web content has been retrieved from a URL (for example,
-url www.ibm.com), the -walk switch can be used to traverse
hyperlinks found on each page. The <depth> parameter indicates
the number of hyperlinks to traverse for a given page; for each
HTML document traversed, and is recursively applied to that
page as well. The <span> parameter indicates the maximum
number of pages for a given link that can be traversed before
coming back to the initial request page.
The -walk switch does not traverse links that have previously been
traversed (that is, a back to home link will not be selected); this
prevents an endless recursive loop. The -walk command also does
not explore links that lead to other HTTP servers (that is, a link on
www.lotus.com that leads to www.ibm.com will not be selected),
avoiding the endless exploration of HTTP servers. The -proxy
switch should be used when the specified URL is an external site
that is, one that must be accessed via the specified proxy server.
The -holdtime switch specifies the amount of time WebGet will
wait before completing an HTTP transaction. The sequence of
events required to complete an HTTP transaction is: establish a
connection to an HTTP server, send the command to the HTTP
server, receive back data from the HTTP server.

I-28 Administering the Domino System, Volume 2

Example 1
The command [-url www.lotus.com -walk 2 1] is interpreted from a Web
browsers point of view as, starting at web page www.lotus.com, select
two links on the page to click (if the page has at least two links). Click the
first selected link, return back to the initial page, then click the second
link, and return back to the initial page.
Example 2
The command [-url www.lotus.com -walk 1 2] is interpreted from a Web
browsers point of view as, starting at web page www.lotus.com, select
one link on the page to click. Click the link, then apply the same rule
recursively to each new page. Assuming that the first link clicked is
www.lotus.com/notes.htm, the rule then requires WebGet to find one
link on that page and traverse it. The span parameter indicates a
stopping point for the recursive process.
Additionally, -walk 0 0 indicates that WebGet should only request the
page indicated by <urlname> and no more. Equivalent to leaving out the
-walk switch.
Or, something like -walk 10000 10000 (or another large number) indicates
that you want WebGet to traverse every conceivable link on that page,
much like a Web robot.

Server.Load Command Language I-29

Reference

The <ct> parameter indicates the amount of time, in milliseconds,


to wait after issuing a command to the HTTP server. This
effectively holds the HTTP server thread/process that has been
dispatched to service the request in an idle state. <ct> should be
less than the HTTP servers connect time timeout parameter
(typically 2 minutes). The <st> parameter specifies the amount of
time to wait after sending the command to the HTTP server. This
effectively holds the servicing HTTP server thread/process idle,
even though it may be ready to send data.

Reference

Appendix J
Server.Load Scripts
This appendix presents annotated code of Server.Load scripts, as well as
a set of sample scripts that you can modify for use in your own custom
scripts.

Server.Load scripts
You can use any of these scripts with Server.Load:

Sample scripts

Idle Workload

R5 IMAP Workload

R5 Simple Mail Routing

R5 Shared Database

SMTP and POP3 Workload

Web Idle Workload

Web Mail Workload

Sample Server.Load scripts


Many of these scripts were created using a specific template that may
change from release to release, so take this into consideration when using
or customizing any of these scripts.
For more information on each command, see the appendix Server.Load
Commands.

To add documents to a view


This script adds documents to the default view All Document $all.
changeto [mailserver]!!mail\mail[#].nsf mail6.ntf
-keepopen
add [NumMailNotesPerUser]
drop

J-1

To documents to the Inbox folder


This script adds documents to the Inbox folder using the format -f
foldername.
changeto [mailserver]!!mail\mail[#].nsf mail6.ntf
-keepopen
add [NumMailNotesPerUser] -f $Inbox
drop

To add one document to the Inbox view


This script adds a single document to the Inbox view. In this example, the
document Subject (length of summary item) is set to 30 bytes and the
Body (length of non-summary item) is set to 10000 bytes.
changeto [mailserver]!!mail\mail[#].nsf mail6.ntf
-keepopen
add 1 30 10000 -f $Inbox
drop

To create a local database


This script creates a local database in this example, a Journal database.
The NOTES.INI file contains the setting TemplateVersion=6. Text
enclosed in asterisks (**) indicates comments.
Changeto journal.nsf journal[templateversion].ntf
-KeepOpen
pause 5000

**Populate the view with 10 documents**


populate 10
pause 5000

**Open the view collection**


open

**Update the view index**


index
pause 5000

**Close the view collection**


close

J-2 Administering the Domino System, Volume 2

This script creates multiple databases on a specified server. In this


example, a Journal database is created; the actual thread number is
substituted for the # symbol; and the NOTES.INI file contains the
setting TemplateVersion=6. Text enclosed in asterisks (**) indicates
comments.
**Creation of multiple databases, based on the number of threads; all test
databases will be placed in the journal directory**
Changeto [MailServer]!!journals\journal[#].nsf
journal[templateversion].ntf -KeepOpen
pause 5000

To update a view collection


This script updates a view collection. In this example, Journal databases
are created; the actual thread number is substituted for the # symbol;
and the NOTES.INI file contains the setting TemplateVersion=6. Text
enclosed in asterisks (**) indicates comments.
Changeto [MailServer]!!journals\journal[#].nsf
journal[templateversion].ntf -KeepOpen
pause 5000

**Populate the $All view with 10 documents**


populate 10 $All
pause 5000
open $All

**Update the view index**


index
pause 5000

**Close the view collection**


close

Server.Load Scripts J-3

Reference

To create multiple databases on a server

To create and initialize mail files


This script creates and initializes one or more mail files The variable
NumMailNotesPerUser is used to determine the number of documents in
each mail file.
changeto [MailServer]!!mail\mail[#].nsf mail6.ntf
populate [NumMailNotesPerUser] $Inbox
open
close
drop

To issue remote console commands


This example uses the Console command to issue the Show Stat
command remotely. You can substitute any server command for Show
Stat.
Console [MailServer] sh stat

Idle Workload script


Text enclosed in asterisks (**) indicates comments.
For more information on the Idle Workload script, see the chapter Using
Server.Load.
**Wait for other scripts to finish initialization; pause 0 - 3 minutes (3 min.
= 180,000 ms.)**
pause 0-180000

**Open the desired number of sessions**


sessionsopen "[MailServer]" [MaxSessions]

**Wait for other systems (if any) to open additional sessions**


pause 2h

**Close all opened sessions**


Sessionsclose

J-4 Administering the Domino System, Volume 2

Reference

R5 IMAP Workload script


IMAP Initialization Workload script
Text enclosed in asterisks (**) indicates comments.
For more information on the IMAPInitialization Workload script, see the
chapter Using Server.Load.
**Script to initialize databases for NotesBench IMAP mail script; pause 0
- 5 minutes (5 min. = 300,000 ms.)**
pause 0-300000

**If an error occurs, wait 1 to 5 minutes before retrying**


errordelay 60000-300000

**Create the mail file**


changeto "[MailServer]!!mail[#].nsf" [MailTemplate]

**Set Owner**
Setcalprofile

**IMAP-enable the mail file**


console [MailServer] load convert -m mail[#].nsf
pause 60000

**Ensure there are enough documents in mail database (one time only)**
beginloop
sendssmtpmessage [NormalMessageSize] [MessageLineSize]
mail[#]@[RecipientDomain]
[SMTPHost] [RecipientDomain] [ClientHost]
rewind [NumMailNotesPerUser]
pause 60000

**Open views**
open $FolderInfo
close
open $FolderRefInfo
close
open $Inbox
close
drop
Server.Load Scripts J-5

R5 IMAP Workload script


Text enclosed in asterisks (**) indicates comments.
For more information on the R5 IMAP Workload script, see the chapter
Using Server.Load.
**Pause a random interval so multiple processes are well-staggered;
pause 0-3 minutes (3 min. = 180000 ms)**
Pause 0-180000

**Make sure the script doesnt quit if errors are found.**


if [R5IMAPBreak]
break 0

**If an error occurs, wait 1 to 2 minutes before retrying.**


ErrorDelay 60000-120000

**Begin Outer loop**


BeginLoop

**Establish IMAP connection / Open mail database**


ImailLogin [IMAPHost] Mail[#] NotesBench

**Pause 8 to 12 minutes to let ramp-ups occur**


Pause 480000-720000

**List all mailboxes**


ImailListMailboxes

**Open the INBOX folder**


ImailOpenMailbox INBOX

**Begin Inner loop**


BeginLoop2

**Get the last page of entries in the mailbox**


ImailGetLastEntries

**Wait 5 to 10 seconds to peruse the view**


Pause 5000-10000

**Read 5 messages in the mailbox, delete 2, post 1. Read each for 10 to 20


seconds**
ImailFetchOld CURRENT

J-6 Administering the Domino System, Volume 2

Reference

**Pause 10 to 20 seconds**
Pause 10000-20000
ImailFetchOld NEXT

** Pause 10 to 20 seconds**
Pause 10000-20000
ImailFetchOld NEXT

**Pause 10 to 20 seconds**
Pause 10000-20000

**Delete current message**


ImailDeleteEntry

**Pause 10 to 20 seconds**
Pause 10000-20000
ImailFetchOld NEXT

**Pause 10 to 20 seconds**
Pause 10000-20000
ImailFetchOld NEXT_UNSEEN
ImailSetSeen

**Pause 10 to 20 seconds**
Pause 10000-20000

**Post (add) message to INBOX**


Imailpostmessage [NormalMessageSize] [MessageLineSize]
INBOX

**Pause 10 to 20 seconds**
Pause 10000-20000

**Delete another message**


ImailDeleteEntry

**Pause 10- to 20 seconds**


Pause 10000-20000

**Compose 1 new mail message (taking 1 to 2 minutes to write it)**


Pause 60000-120000

Server.Load Scripts J-7

**SEND SMTP Message, perform LDAP lookups for specified # of


recipients**
SendSmtpMessage [NormalMessageSize] [MessageLineSize]
[NumMessageRecipients] [SMTPHost] [RecipientDomain]
[ClientHost] [NthIteration]

**Pause at the desktop for 8+ to 12+ minutes while having a meeting in


office**
Pause 515000-755000

**Check for new mail**


ImailCheckForNewMail

**Repeat Inner loop sequence over again (go back to BeginLoop2


statement)**
rewind2 [R5IMAP_LOOP_N]

**Logout and do something else for 3 to 6 minutes**


IMAILCloseMailbox
ImailLogout
Pause 180000-360000

**Go back to Outer loop (go back again to BeginLoop statement)**


rewind [ScriptIterationLimit]

R5 Simple Mail Routing script


NRPC Mail Initialization Workload script
Text enclosed in asterisks (**) indicates comments.
For more information on the NRPC Mail Initialization Workload script,
see the chapter Using Server.Load.
**Pause 0 to 15 minutes**
pause 0-900000

**If an error occurs, wait 1 to 5 minutes before retrying**


errordelay 60000-300000
changeto "[MailServer]!![nb_dbdir]mail[#].nsf"
[MailTemplate]

J-8 Administering the Domino System, Volume 2

populate [NumMailNotesPerUser] $Inbox 100


[NormalMessageSize]
setcalprofile

**Open the current view**


open $Inbox

**Close the view**


close

R5 Simple Mail Routing script


Text enclosed in asterisks (**) indicates comments.
For more information on the R5 Simple Mail Routing script, see the
chapter Using Server.Load.
**Pause a random interval so multiple processes are well-staggered;
pause 0 to 3 minutes (3 min. = 180000 ms)**
Pause 0-180000

**If an error occurs, wait 1 to 2 minutes before retrying**


ErrorDelay 60000-120000
changeto "MailServer]!![nb_dbdir]mail[#].nsf"
[MailTemplate]

**Pause 8 to 12 minutes to let ramp-ups occur**


Pause 480000-720000

**Set the Owner of the database = mail#**


setcalprofile
open $Inbox
getall

**Reset initial document count by deleting a large value of existing


documents**
@If [NBTestReset]
delete [MaxDocToDelete]
@EndIf

Server.Load Scripts J-9

Reference

**Make sure there are enough notes in mail database (one time only)**

**Make sure there are enough documents in mail database (one time
only)**
populate [NumMailNotesPerUser] $Inbox
close

**Open the current view**


Open $Inbox

**Close the view**


close

**Start the part of the script which loops**


BeginLoop

**Open mail database**


changeto "[Mailserver]!![nb_dbdir]mail[#].nsf"
[MailTemplate] -KeepOpen

**Open the current view**


open $Inbox
getall

**Read 20 documents from current view**


entries 0 20

**Wait 5 to 10 seconds to peruse the view**


Pause 5000-10000

**Open 5 documents in the mail file and read each for 10 to 20 seconds**
navigate 5
pause 50000 - 100000

**Categorize 2 of the documents**


stamp 2

**Send a memo, taking 1 to 2 minutes to write it**


pause 60000 - 120000
sendmessage [NormalMessageSize] [NumMessageRecipients]
[NthIteration]

**Add 2 items to the Inbox**


add 2 25 [NormalMessageSize] -f $Inbox
pause 60000 - 120000
J-10 Administering the Domino System, Volume 2

Reference

**Pause 1 to 2 minutes**
Pause 60000 - 120000

**Schedule an appointment**
cal -appt "[MailServer]!![nb_dbdir]mail[#].nsf" 1000 30
7 14 [NthIteration]
pause 30000 - 50000

**Schedule an invitation**
cal -i "[MailServer]!![nb_dbdir]mail[#].nsf" 1000 60 2 3
[NumMessageRecipients] [NthIteration]
pause 30000 - 50000

**Delete 2 documents**
delete 2

**Pause about 1 minute**


pause 45000 - 75000

**Send a response to an invitation**


rsvpinvitation

**Close the view**


close

**Pause at the desktop for 4 to 12 minutes while having a meeting in


office**
pause 240000 - 720000

**Repeat entire sequence all over again (go back to BeginLoop


statement)**
rewind [ScriptIterationLimit]

Server.Load Scripts J-11

R5 Shared Database script


R5 Shared Database script
Text enclosed in asterisks (**) indicates comments.
For more information on the R5 Shared Database script, see the chapter
Using Server.Load.
**Pause a random interval so multiple processes are staggered well.
Pause 0-5 minutes (5 min. = 300000 ms)**
Pause 0-300000

**If an error occurs, wait 1-2 minutes before retrying.**


ErrorDelay 60000-120000
BeginCrit

**Create a discussion database**


changeto "[MailServer]!![DiscussionDB]" [DiscTemplate]
-KeepOpen
open

**Reset initial document count by deleting a large value of existing


documents**
getall
@If [NBTestReset]
delete [MaxDocToDelete]
@EndIf

**Make sure there are enough documents in mail database (one time
only)**
populate [NumMailNotesPerUser]
close

**Open the current view**


Open

**Close the view**


close
EndCrit

**Start the part of the script which loops**


BeginLoop

J-12 Administering the Domino System, Volume 2

changeto "[Mailserver]!![DiscussionDB]" [DiscTemplate]


-KeepOpen

**Open the current view**


open
getall

**Read 20 documents from current view**


entries 1 20

**Wait 5-10 seconds to peruse the view**


Pause 5000-10000

**Page down the view 2 times, spending 3-10 seconds to read each
window**
entries 21 20
pause 3000 - 10000
entries 41 20
pause 3000 - 10000

**Set the unread list to 30 randomly selected documents**


unread 30

**Open next 3 unread documents and read each for 10-30 seconds**
navigate 1 next_unread
pause 10000 - 30000
navigate 1 next
pause 10000 - 30000
navigate 1 next
pause 10000 - 30000
add [DiscDbAddDocRate] 100

**Delete 2 old documents when closing database**


close

**Pause at desktop 4 - 8 minutes while having meeting in office**


pause 240000 - 480000

**Repeat entire sequence over again (go back to BeginLoop statement)**


rewind
Server.Load Scripts J-13

Reference

**Open a discussion database**

SMTP and POP3 Workload script


SMTP and POP3 Initialization Workload script
Text enclosed in asterisks (**) indicates comments.
For more information on the SMTP and POP3 Initialization Workload
script, see the chapter Using Server.Load.
**Script to initialize databases for NotesBench SMTP/POP3 mail scripts.
Pause 0 - 15 minutes (15 min. = 900,000 ms.)**
pause 0 - 900000

**If an error occurs, wait 1 - 5 minutes before re-trying**


errordelay 60000 - 300000

**Create the mail file**


changeto "[MailServer]!![nb_dbdir]mail[#].nsf"
[MailTemplate] -KeepOpen

**Open views**
open $Inbox
close

SMTP and POP3 Workload script


Text enclosed in asterisks (**) indicates comments.
For more information on the SMTP and POP3 Workload script, see the
chapter Using Server.Load.
**Pause a random interval so multiple processes are staggered well**
pause 0 - 180000

**If an error occurs, wait 1 - 2 minutes before re-trying**


errordelay 60000 - 120000

**Start the part of the script that loops**


**Send an SMTP message**
sendsmtpmessage [NormalMessageSize] [MessageLineSize]
[NumMessageRecipients] [SMTPHost] [RecipientDomain]
[ClientHost] [NthIteration]
pause 240000 - 360000

J-14 Administering the Domino System, Volume 2

retrievepop3mail mail[#] NotesBench 0 [POP3Host]


pause 240000 - 360000

**Repeat entire sequence (go back to BeginLoop Statement)**


rewind

Web Idle Workload script


Text enclosed in asterisks (**) indicates comments.
For more information on the Idle Workload script, see the chapter Using
Server.Load.
**Pause a random interval so multiple processes are staggered well**
pause 0 - 180000

**Start the part of the script that loops**


BeginLoop

**Access an icon on the server**


webget -url [httphost]/
pause 360000

**Repeat entire sequence (go back to BeginLoop Statement)**


rewind

Web Mail Workload script


Web Mail Initialization Workload script
Text enclosed in asterisks (**) indicates comments.
For more information on the Web Mail Initialization Workload script, see
the chapter Using Server.Load.
**Pause a random interval so multiple processes are well staggered**
pause 0-180000
errordelay 60000-120000
@If [NBTestReset]
dbdelete "[MailServer]!![nb_dbdir]mail[#].nsf"

Server.Load Scripts J-15

Reference

**Retrieve all POP3 messages**

@ENDIF
pause 0-60000
changeto "[MailServer]!![nb_dbdir]mail[#].nsf"
[MailTemplate] -KeepOpen
pause 0-5000
beginloop

**Populate the mail database by having the thread send Web mail to
itself**
webget -url [httphost]/[nb_dbdir]mail[#].nsf -h 10 10
1000-2000 -mis
[NormalMessageSize] mail[#]/[Domain] 1
rewind [NumMailNotesPerUser]
setcalprofile

** Open the current view**


open $Inbox

**Close the view**


close
drop

Web Mail Workload script


Sentences that are enclosed in asterisks (**) indicate a comment in the
script.
For more information on the Web Mail Workload script, see the chapter
Using Server.Load.
** Pause a random interval so multiple processes are well staggered
pause 0-180000

**Make sure the user preferences are set to have the mail owner =
mail[#]**
@If NOT [WebPreferencesOff]
webget -url [httphost]/[nb_dbdir]mail[#].nsf -mp
@EndIf

**Wait about 30 seconds**


pause 20000-40000

J-16 Administering the Domino System, Volume 2

webget -url [httphost]/[nb_dbdir]mail[#].nsf -mi


drop

**Wait about 60 seconds**


**Start the part of the script which loops**
beginloop

**SEND a Message from the Web, taking about 60 seconds to compose


the message**
webget -url [httphost]/[nb_dbdir]mail[#].nsf -h 10 10
40000-80000 -mis

**Wait 1 - 3 minutes**
pause 60000-180000

**Read the first 5 Inbox Messages, spending about 1 minute on each


message, deleting first**
webget -url [httphost]/[nb_dbdir]mail[#].nsf -h 10 10
40000-80000 -mir 5 1

**Wait 4 - 6 minutes**
pause 240000-360000

**Repeat entire sequence all over again (go back to beginloop


statement)**
rewind

Server.Load Scripts J-17

Reference

**Open the Web Mail database, to get Domino Directory info to be used
by all threads**

Index
Symbols
$AdminP View
creating, 15-30
$Revisions fields
size, 61-7
$UpdatedBy fields
size, 61-7
$Users view
in Domino Directory, 27-47
@Certificate
recertification and, 5-80
@Else command
described, I-2
@EndIf command
described, I-2
@If command
described, I-2, I-12
<ECLOwner>
Administration Execution
Control List, 41-14
8-bit MIME
default character set for, 28-131
ESMTP extension, 28-96,
28-103 to 28-104

A
Abstract object classes
described, 21-2
Accelerator keys. See Shortcut keys
Access
anonymous, 38-13, 40-8,
42-25 to 42-26
denying, 28-90, 38-7, 40-6
Access control list. See ACL
Access level privileges
ACL, 40-16
database, 7-7
Access levels
ACL, 40-1, 40-15
assigning, 40-11
database, 7-5
servers, 7-6
troubleshooting, 63-19 to 63-20

Access protocols
mail, 26-5
Accessed (in this file) property
performance and, 61-5
Accessibility
Domino Off-Line Services
and, 11-23
information about, H-1
shortcut keys, H-1
Accounts
LDAP, 18-5
ACL, 40-1
access for Web users, 40-30
access level privileges, 40-1, 40-16
access levels, 40-13, 40-15
adding names to, 40-23
aliases in, 40-7
brackets in, 40-20
concurrent changes to, 40-25, 58-9
configuring, 40-11
creating, 49-4
database libraries, 51-1
database security, 40-23
default entries, 40-2
deletions, 7-7
directory, 18-7, 19-10
Domino Change Control
database, 54-51 to 54-52
enforcing on replicas, 40-28
extended, 25-1
for mail database moves, 54-53
format for entries, 40-4
group names, 40-5
in a hosted
environment, 13-5, 14-4
in mail files, 26-13
LDAP users and, 40-7
managing, 40-22
modifying for Administration
Process, 15-13
modifying multiple
ACLs, 40-11, 40-25
monitoring, 40-27
order of evaluation for
entries, 40-10
precedence of, 38-4

replica IDs, 40-10


replication and, 7-6, 63-88
Resource Reservations
database, 8-8, 8-16
roles in, 40-20
server groups in, 7-6
server names, 40-5
setting up, 40-11
setting up Administration Process
for, 40-24
terminations group, 40-6
updating with Administration
Process, 40-23
user types, 40-1, 40-19
viewing all database ACLs on a
server, 40-27
Web administrator
and, 16-20, 40-24
wildcard entries, 40-4
Acquire scripts
editing, 4-51
making a call with, 4-50
Active Content Filtering
disabling, 32-8
Activity Logging
accessing logged
information, 57-1
agents and, 57-3
analyzing logged
data, 57-1, 57-13, 57-15
Checkpoint records, 57-2
configuring, 57-12
configuring for billing in a hosted
environment, 13-23
described, 57-1
enabling, 54-18
example of records
generated, 57-11
for service providers, 12-14
HTTP and, 57-4
IMAP and, 57-4
LDAP and, 57-4, 57-13
mail and, 57-6
Notes databases and, 57-8
Notes sessions and, 57-7
passthru and, 57-9

Index-1

POP3 and, 57-10


replication and, 57-10
SMTP and, 57-10
the log file and, 57-1
types of information logged, 57-2
viewing logged
data, 13-24, 57-13, 57-15
Web servers and, 57-4
Activity Trends
data collection, 54-21
interpreting profile charts, 54-41
overview, 54-17
profiles, 54-22 to 54-25
resource balancing, 54-26 to
54-28, 54-30 to 54-43
resource balancing,
overview, 54-34
resource balancing,
setting up, 54-27
setting up, 54-18
viewing, 54-47
viewing charts, 54-25
AD DUS (Active Directory Domino
Upgrade Service), 17-25
Add command
described, I-3
Address Book
deleting groups from, F-11
deleting servers from, F-25
deleting users from, F-15
Address format
Domino domain, 26-21
Internet, 27-54
outbound mail, 27-54
Address lookup
for inbound SMTP
messages, 27-47
Addresses
Domino domain, 26-21
Internet, 27-50, 27-52, 27-57
mail routing, 26-21, 26-25, 27-42
SMTP, 27-52
using group names in, 28-32
using phrases in, 28-134
Addressing, type-ahead
disabling, 28-6
troubleshooting, 63-27
Adjacent domain document
creating, 27-23
Admin setting
described, C-2
Administration document
Web Navigator database, 36-10

Index-2

Administration Execution Control


List, 41-6, 41-14
creating, 41-11
default security and, 41-7
Administration preferences
setting, 16-5, 16-7 to 16-9, 16-11,
16-24
Administration Process
ACL requirements, 15-13
and Domino Change
Manager, 54-48
creating replicas with, 7-9
customizing, 15-29
described, 15-1
error messages, 15-36
Extension Manager and, 15-30
number of threads, 15-29
password checking with, 39-9
setting up, 15-5
setting up directory assistance
with, 23-30
setting up for databases, 40-24
suspending, 15-28
Tell commands, A-46
troubleshooting, 63-8
updating the ACL with, 40-23
verifying setup of, 15-7
Administration Process requests
described, F-1
Administration Process
statistics, 15-35
Administration requests
across domains, 15-8
approving, 15-21
cross-domain, F-70
error messages, 15-36
managing, 15-25
scheduling, 15-31
suspending, 15-28
time-based, F-90
Administration Requests
database, 15-2
described, 15-19
icons, 15-23
replicating, 19-17
size, 15-26
troubleshooting with, 63-2
user access, 15-28
views in, 15-19
Administration roles
Domino Directory ACL, 19-10
Administration servers
Domino Directory, 15-2 to 15-3,
21-5

extended, 15-33
for databases, 15-6
options, 15-4
Administrator approval
administration requests, 15-21
Administrator ID-recovery
information
changing, 39-21
Administrators
allowing access to Web
Administrator, 16-20
full access, 38-8
restricted system, 38-8
restricting access, 38-8
server access, 59-1, 38-8
system, 38-8
Administrators field
Domino Directory, 19-12
AdminP Mail Notification
Agent, 5-57
ADSync
options, 17-29
Advanced controls
setting, 28-46
Advanced user registration, 5-13
Agent log
troubleshooting with, 63-13
Agent Manager
capacity, 60-8
performance, 60-6
Tell commands, A-47
troubleshooting, 63-12 to 63-13
viewing status of, 60-9
Agents
activity logging, 57-3
Averaging, 36-19
controlling on servers, 28-9
creating, 40-17
for deleting and archiving
documents, 61-27
Purge, 36-15
Refresh, 36-18
restricting, 40-18
scheduling, 60-8
Server.Load, 62-4
setting time-out for mail, 28-9
SNMP, 53-1
troubleshooting, 63-12
Web Navigator database, 36-11
Agents, uses for
in Domino Off-Line
Services, 11-19
offline applications and, 11-19

AIX
configuring partitioned
servers, 2-50
configuring SNMP Agent
for, 53-12
Alarms
for Server Health Monitor, 54-10
Alias dereferencing
Directory Assistance documents
and, 23-48
Aliases
in ACL, 40-7
in DNS, 2-18
Allow_Access setting
described, C-3
Allow_Access_portname setting
described, C-3
Allow_Passthru_Access setting
described, C-4
Allow_Passthru_Callers setting
described, C-4
Allow_Passthru_Clients setting
described, C-5
Allow_Passthru_Targets setting
described, C-5
Alternate Language Information
document
creating, 20-31
viewing, 20-31
Alternate languages
described, 5-38
LDAP service, 20-29
Alternate names
adding to a user ID, 5-40
certifier IDs and, 5-39
changing, 5-62, 5-57
deleting, 5-57
in ACL, 40-7
AMgr_DisableMailLookup setting
described, C-5
AMgr_DocUpdateAgentMinInterval
setting
described, C-6
AMgr_DocUpdateEventDelay
setting
described, C-6
AMgr_NewMailAgentMinInterval
setting
described, C-7
AMgr_NewMailEventDelay setting
described, C-7
AMgr_SchedulingInterval setting
described, C-7

AMgr_UntriggeredMailInterval
setting
described, C-8
AMgr_WeekendDays setting
described, C-8
Analysis report
for decommissioning a
server, 59-3
Anonymous access
in a hosted environment, 14-4
Internet/intranet users, 42-25
LDAP service and, 20-16 to 20-17,
20-20
setting up, 38-13, 38-16
SSL, 46-15
virtual servers, 3-42
Web users and, 40-8
Anti-relay controls
effect on message transfer, 28-85
setting, 28-81
Anti-spam controls
settings for, C-101
API
creating event notification, 52-16
AppleTalkNameServer setting
described, C-8
Application design element
security, 37-15
Application security, 37-14
Application templates
table of, D-1
Applications
for hosted environments, 12-15
Approve persons name change
request, F-5
Archive criteria
for policies, 9-28
Archive policy settings
creating, 9-25
Archives, database
accessing, 61-26
Archiving
agents for, 61-27 to 61-28
databases, 58-37
deleted documents, 61-25
documents, 61-20
policies for, 9-22
policy settings example, 9-24
transaction log files, 55-5
viewing document Archiving
Log, 61-27
Assign Policy tool
using, 9-40

Attachments
compressing, 61-6
Domain Index and, 10-12
format for sending from
Macintosh clients, 28-133
Attributes
adding to LDAP schema, E-20
adding to schema, 21-13
described, 21-1, 21-4
Authentication
described, 38-1
examples, 42-21
IMAP port, 31-5
Internet/intranet
clients, 42-3, 42-27
of hosted organizations, 14-4
overview, 38-1
password checking with, 39-4
POP3 port, 30-2 to 30-3
session-based, 42-6
SMTP AUTH
command, 28-62, 28-69
SMTP port, 28-59
SSL, 46-15
SSL client, 46-25, 47-18
SSL server, 47-3
troubleshooting, 63-104
user names, 40-7
Web Administrator, 63-109
Web clients and, 42-19, 42-23
IMAP service
and, 28-60, 31-2, 31-6,
Author access
actions, 40-14
privileges, 40-16
Authors
displaying for Server Web
Navigator, 36-12
Authors field
updating, 40-29
AutoDialer task
Network dialup connections
and, 4-40
Notes Direct Dialup and, 4-44
setting up, 4-42
AutoLogoffMinutes setting
described, C-9
Automated client installation, 5-45
Autoscale
scaling statistics, 52-37
Auxiliary object classes
adding to schema, E-17
described, 21-2

Index-3

Availability threshold
setting, C-91
Averaging agent
enabling, 36-19

B
Backing up
databases, 55-2
servers, 63-7
Basic password authentication
setting up, 42-3
SSL, 46-15
Basic user registration, 5-11
Batch file installation
clients, 5-46
BatchRegFile setting
described, C-9
BeginCrit command
described, I-4
BeginLoop command
described, I-4
BeginLoop2 command
described, I-5
Benchmarks
server performance, 60-2
Billing
in a hosted environment, 12-14
BillingAddinOutput setting
described, C-9
BillingAddinRuntime setting
described, C-10
BillingAddinWakeup setting
described, C-10
BillingClass setting
described, C-10
BillingSuppressTime setting
described, C-11
Binary tree topology
replication and, 4-9
Bindery Service
Domino and, 2-30
server names and, 2-31
Binding
port-to-IP address, 2-46 to 2-47
Bookmarks
search forms and, 10-18, 10-20
Break command
described, I-5
Broadcast command
described, A-12
using before restarting the
server, A-23

Index-4

using before shutting down the


server, A-14
Browsers
accessing Web server with, 34-5
using for administration, 16-17
Browsing
Web, 36-1
Build number
in Server document, F-47
BUSYTIME.NSF
purge interval, C-86
Byte-range serving
Web server and, 34-56

C
CA key ring
displaying, 45-7
exporting, 45-7
CA policy information
storing in Domino Directory, F-62
CA process
adding certifiers, 44-7
creating certifiers, 44-8
described, 44-1
Tell commands, A-48
viewing certifiers list, 44-24
Cache
setting for Server Web
Navigator, 36-18
Cal command
described, I-5
Calendar and scheduling
collecting detailed user
information, 8-20
collecting user calendar
information, 8-20
described, 8-1
example, 8-2
Holiday documents, 8-17
profile command, I-26
Server.Load script command, I-5
Call waiting
disabling, 63-49
Capacity planning
tools, 60-2
Catalog task
Domain Catalog
database, 10-2, 10-6
Catalog, Domain. See Domain
Catalog
Catalogs, database
for servers, 51-4 to 51-5
cconsole, A-8

command line switches for, A-9


commands for, A-9
CD format. See Notes rich text format
CDP_Command setting
described, C-11
CD-ROM updates
replication and, 7-17
Central Directories view
described, 19-7, 19-9
Central directory architecture
described, 19-2
Extended Directory Catalogs
and, 19-4
managing, 19-5
planning, 18-2, 19-4
primary Domino Directories
and, 19-9
Certificate
removing from Domino or LDAP
directory, F-49
Certificate Authority
CA key ring, 45-2
creating, 45-2
displaying the CA key ring
file, 45-7
exporting the CA key ring
file, 45-7
internal, 45-1
merging certificates, 46-10
recertifying, F-47
removing as trusted root, 46-21
server-based, 44-1
setting up, 45-1
setting up SSL on
server, 45-5, 44-17
third-party, 47-10, 47-21
troubleshooting, 63-101
viewing server certificates, 46-20
Certificate Authority administrator
tasks, 44-4
Certificate Authority profile
configuring, 45-4
Certificate requests
processing, 44-1
viewing, 44-24
Certificate Requests database
creating, 44-14
Certificate revocation lists
described, 44-2
CertificateExpChecked setting
described, C-12
Certificates
certifier IDs and, 1-7
defined, 39-1

deleting, 47-12
described, 39-3
displaying, 39-3
in a hosted environment, 13-5
Internet, 45-2, 47-10, F-4
managing server, 46-20
merging server, 46-12
renewing, 46-21
revoking, 44-2, 44-23
self-certified, 46-22
signing and adding to Domino
Directory, 47-7
SSL and S/MIME, 47-5
SSL server
authentication, 47-3
troubleshooting and, 63-83
trusted root, 46-9, 47-3
Certificates, SSL
adding for Server Web
Navigator, 36-8
creating a Certificate
Authority, 45-2
expired, 46-21
self-certified, 46-22
setting up, 47-3
viewing information, 46-20
viewing requests for server, 46-21
Certification
described, 39-2
Certification Log
Administration Process
requirements, 15-3
described, 3-28
Certifier documents
modifying, 44-22
Certifier IDs
migrating to CA process, 44-5
modifying, 44-21
organization, 3-34
organizational unit, 3-35
overview, 1-7
recovering, 44-25
CertifierIDFile setting
described, C-12
Change Control database
location, 54-34
Change HTTP password in Domino
Directory request, F-6
ChangeTo command
described, I-6
Channel encryption option
directory assistance, 23-43
Character encoding
LDAP service, 20-32

Character sets
aliases for, 28-131
enabling auto-detection of, 28-126
language codes and encoding
for, 28-120
specifying for MIME
messages, 28-118, 28-126
Web, 34-31, 34-33
Checkpoint records
activity logging and, 57-2
Client authentication
directory assistance
and, 23-3, 23-14
directory catalogs and, 24-9, 24-11
directory search order, 18-15
SSL, 46-1
Client information
updating in Person record, F-64
Client installation, 5-41
setting up for users, 5-41
single user, 5-43
Clients
setting up for S/MIME, 47-13
setting up for SSL client
authentication, 47-18
Clients, mail
POP3, 30-11
routing protocols and, 27-3
types of, 26-15
ClockType setting
described, C-13
Close command
described, I-8
Clrepl_Obeys_Quotas setting
described, C-13
Cluster failover
configuring for mail
routing, 28-40
directory assistance and, 23-21
Cluster Replicator
monitoring, C-86
quotas and, C-13
Tell commands, A-51
Cluster_Replicators setting
described, C-13
Clusters
Domino Off-Line Services
on, 3-12
Free Time database, 8-2
port setting, C-91
removing servers, F-49
replication topology and, 4-8
workload balancing and, 60-4

Collector task
overview, 52-1
Command line installation, 5-47
Commands
capturing output to file, A-2
Controller, A-3
custom, A-6
entering from the UNIX
command line, A-8
help for, I-12
modem command file, 63-48
shell, A-3
table of, A-10
Common Gateway Interface, 34-2
time-out setting, 34-53
Common names
Internet, 45-2
renaming, 5-57
server IP name and, 2-16, 2-22
Communication ports
options, 4-47
setting up, 4-34, 4-46
COMnumber setting
described, C-14
Compact task
archiving documents with, 61-20
IND file, 61-22
options, 61-17
renaming databases, C-74
running, 61-16
scheduling, 61-23
specifying database path, 61-22
upgrading database format, 31-28
with file reduction, 55-2
Compact_Retry_Rename_Wait
setting
described, C-14
Compacting
databases, 61-13, 61-16,
61-21 to 61-23
Companies, external
communicating with, 39-27
Compound document format. See
Notes rich text format
Compressing
attachments, 61-6
network data, 2-42
performance and, 61-6
Concurrent retrievers
Server Web Navigator, 36-6
Concurrent transfer threads
maximum, 60-11
Condensed Directory Catalogs
client authentication and, 24-10

Index-5

described, 24-2
full-text indexes, 24-25
multiple, 24-33
performance settings for, 24-30
planning, 24-29
replicating, 24-32
servers using, 24-5
setting up, 24-34 to 24-35
sorting, 24-29
Soundex and, 24-30
Configuration Directories
changing to primary, 19-6
configuring remote primary
directory, 19-7
described, 19-2
directory assistance and, 23-26
Extended Directory Catalogs
and, 19-4
managing, 19-5
planning, 18-2, 19-4
showing remote primaries
for, 19-9
Configuration document
Cross-domain, 15-9 to 15-10
Configuration Settings document
creating, 27-18
editing NOTES.INI file with, C-1
host names, 27-49
LDAP settings, 20-9, 20-17
for SMTP mail routing, 27-38
Configuring
activity logging, 57-12
mail routing, 27-37
offline applications, 11-11
Connect scripts. See Login scripts
Connection documents
described, 4-1
Internet servers, 4-22
LAN, 4-15
mail routing
and, 26-20, 28-36, 28-50
Network Dialup, 4-36, 4-46
Notes Direct Dialup, 4-35
passthru server, 4-29
port order and, 2-40
for replication, 7-20
scheduling mail routing, 28-50
troubleshooting, 63-39
Connections
mail routing, 27-2
restricting SMTP inbound, 28-71
routing cost and, 28-39, 28-53
SSL, 46-18
tracing, 63-37, 63-77, A-59

Index-6

troubleshooting in TCP/IP, 63-64


Console
accessing from UNIX
platforms, A-8
commands, 63-8, A-10, J-4
displaying performance
events, C-97
monitoring events with, 52-22
password protecting, A-26, C-92
running server tasks, B-1
setting attributes, 52-21
XPC, C-121
Console command
described, I-8
issuing remotely, J-4
Console_Log_Enabled setting
described, C-15
Console_Log_Max_Kbytes setting
described, C-16
Console_Loglevel setting
described, C-15
Content categories
Domain Catalog, 10-21
Content maps
Domain Search and, 10-21
Controller
commands, A-3
described, 16-28
starting and stopping, 16-29
Conversion
between message formats, 27-1
IMAP mail files, 31-2
MIME messages, 28-122
Convert task
enabling mail files for
IMAP, 31-2, 31-30
Corporate hierarchies
categorizing users by, 19-14
described, 19-13
Corruption
database, 58-25
Cost reset
for connections, 28-39
Country_Language setting
described, C-16
CPU count value
in Server document, F-64
Create IMAP delegation request, F-7
Create Mail-in database request, F-7
Create replica request, F-8
Create roaming user
administration request, F-9
Create_File_Access setting
described, C-17

Create_Replica_Access setting
described, C-17
CRL. See Certificate revocation lists
Cross-certificates, 39-29, 39-38
accessing servers with, 39-27
adding, 39-29, 39-33 to 39-34,
39-36, 47-15
creating, 39-29, 39-37 to 39-38
described, 39-27
displaying, 39-38
examples, 39-27, 39-31
in a hosted environment, 13-5
Internet, 39-28, 47-4
Person documents and, 39-37
S/MIME messages and, 39-27
Cross-domain administration
requests
described, F-70
Cross-domain Configuration
document
creating, 15-9 to 15-10
replicas and, 7-9
Cross-domain processing
administration requests, 15-8
benefits of, 15-10
setting up, 15-9
CSRV50.NTF
setting up, 46-3
CTF setting
described, C-18
Custom Welcome Page
creating, 5-87
Customer support
contacting, 63-4
Customized client installation, 5-47

D
Data
overwriting, 61-5
storing for a hosted
organization, 13-7
Data directory
certifier IDs and, 1-9
for a hosted organization, 13-5
restricting access, 49-4
Database access
for SSL clients, 46-19
troubleshooting, 63-17,
63-19 to 63-20
Database activity
monitoring, 58-11
reporting, 58-13
statistics, 58-12

Database Administrator, 38-8


Database analysis
described, 58-37
of replication events, 58-6
running, 58-39
troubleshooting with, 63-2
Database cache
disabling, 61-12, C-74
monitoring, 61-10
overview, 61-9
performance and, 63-19
size, C-74
Database catalogs
administering, 51-4
assigning categories in, 51-6
categories in, 10-10
creating, 51-5
excluding databases from, 51-6
uses for, 51-4
Database creator
access level, 40-3
Database design
replicating, 63-86
tasks, 48-1
Database event generator
creating, 52-5
Database fields
increasing number of, 61-29
Database files
displaying, 58-2
opening, 58-2
Database format
determining, 61-17
upgrading, 31-28
Database instance ID
overview, 55-2
Database libraries
ACL, 51-1
adding databases, 51-3
creating, 51-2
defined, 51-1
deleting databases, 51-4
local, 51-2
location, 51-1
Database links
creating, 49-3
creating on the Web, 34-27
deleting, 49-4
described, 49-2
managing, 32-7, 58-5
Database maintenance
NOTES.INI settings, 58-41
Database management
for mail journaling, 28-107

maintenance tasks, 58-1


tasks, 48-1
tools, 58-4
Database organization
NOTES.INI settings, 49-6
Database performance
improving, 60-9, 61-1, 61-3, 61-12
NOTES.INI settings, 61-29
troubleshooting, 63-16
Database quotas
obeying for message
delivery, 28-10 to 28-11
setting, 61-24
Database replicas
creating, I-19
described, 7-1
Database view indexes
purging, 58-23
Databases
access level privileges, 7-7
access levels, 7-5
access problems, 63-17
adding documents, I-3,
I-20 to I-21
administration servers and, 40-24
analyzing, 58-37
archiving, 58-37, 61-26,
Archiving Log, 61-27
backing up, 55-2
categories in, 10-10
compacting, 61-13, 61-16,
61-21 to 61-23
controlling access to, 40-1
controlling creation of, 38-14
copying to servers, 48-2, 48-4
corrupted, 58-25, 63-43
creating, J-2 to J-3
deleting, 58-36, I-8
deleting documents from, I-9
deleting inactive
documents, 61-25
excluding from Domain
Index, 10-17
file format of, 61-17
forcing replication, 7-33
forcing SSL connections, 46-18
indexing, 10-7, 50-1 to 50-2
monitoring, 40-27, 58-1
moving, 54-32, 54-53, 54-62,
58-33, 58-35, F-36, F-39
organizing, 49-1
performance problems, 58-11
pinning and
unpinning, 54-32, 54-45

replicating, 7-32, 58-6, I-19


replicating specific, 7-27
replication history, 58-6
replication log, 58-8
rolling out, 48-1
security, 40-19
server crashes and, 63-99
Server Web Navigator, 36-16
setting up to receive mail, 48-5
shortcut keys, H-4
signing, 48-7
size, 58-12
size, controlling, 28-112, 61-1,
61-13, 61-23
size, monitoring, 61-13
statistics, 58-11
synchronizing, 58-24
tools, 58-4
transaction logging, 58-25
troubleshooting, 58-26,
63-16, 63-84
updating, I-27
Databases, shared mail
using multiple, 29-2
Dates
on Web pages, 36-18
Daylight saving time settings
described, C-29 to C-30
Dbcache flush
described, A-13
DbDelete command
described, I-8
DBIID, 55-2
DDE_Timeout setting
described, C-18
Dead mail
described, 28-41, A-39
holding, 28-40
releasing, 28-44
Debug_Outfile setting
described, C-18
Debug_SSL_Cert setting
described, C-19
Decommission Server Analysis tool
running, 59-3
Default database security
Web Administrator, 16-19
Default Global Domain document
designating a, 27-55, 27-57
Default group
access level, 40-2
Default subject
extended ACL, 25-11

Index-7

Default_Index_Lifetime_Days setting
described, C-19
Delay notifications
generating for low-priority
mail, 28-30
Delegate mail file on administration
server
administration request, F-10
Delete command
described, I-9
Delete database
administration requests, F-10
Delete hosted organization
administration requests, F-14
Delete Person administration
requests
described, F-78
Delete resource
administration request, F-21
Delete Server administration
requests
described, F-25, F-78
hierarchical server names, F-81
Deletion stubs
described, 63-90
purging, 7-12
Deletions
replication and, 7-7
Deletions, soft
defined, 61-8
effect on quotas, 28-11
performance and, 61-8
Delivery
configuring for mail, 28-8
Delivery controls
setting, 28-9
Delivery Failure Reports
troubleshooting, 63-36
Delivery failures
customizing message for, 28-46
quotas and, 28-16
Delivery status notification
enabling, 28-96, 28-103 to 28-104
Delivery threads
setting maximum
number, 28-9, 60-11
Demand sets
and database moves, 54-55
Deny_Access setting
described, C-19
Deny_Access_portname setting
described, C-20
Deployment
certifier IDs, 1-7

Index-8

Domino domains, 1-5


Domino environment, 1-14
guidepost, 1-1
naming conventions, 1-12
server functions, 1-2
server names, 1-3
server services, 1-11
Depositor access
actions, 40-14
privileges, 40-16
Design menu
hiding, C-71
Designer access
actions, 40-14
privileges, 40-16
Designer task
updating databases with, 58-24
Desktop policy settings
creating, 9-14
Desktop setting
described, C-20
Destination servers
passthru, 4-28
Dialog boxes
shortcut keys, H-5
Dialup connections
described, 4-34
mail routing and, 27-59
number of modems for, 4-33
troubleshooting, 63-48
DIIOP server task
starting, 34-10
DIIOP_Debug_Invoke
described, C-22
DIIOPConfigUpdateInterval setting
described, C-21
DIIOPCookieCheckAddress setting
described, C-21
DIIOPCookieTimeout setting
described, C-22
DIIOPDNSLookup setting
described, C-22
DIIOPIgnorePortLimits setting
described, C-23
DIIOPIORHost setting
described, C-23
DIIOPLogLevel setting
described, C-24
Dircat server
described, 24-14, 24-8
Dircat task
described, 24-8, 24-45
pausing, 24-48
planning, 24-14

restricting to one server, 24-15


running, 24-47
Tell commands, A-53
troubleshooting, 63-25
Dircat_Include_Readerslist_Notes
setting
described, C-24
Directories
Domino server, 3-2
LDAP alternate languages
searches, 20-30
search order of multiple, 18-15
troubleshooting, 63-21
Directories, secondary
directory services for, 18-12
LDAP service, 18-3
Directory assistance
authenticating, 42-23
client authentication, 23-3
compared to directory
catalogs, 18-14, 24-4
concepts, 23-12
Configuration Directories
and, 23-26
described, 23-1, 23-2
directory replicas, 23-36
domain names, 23-18
examples, 23-51 to 23-53, 23-55
Extended Directory Catalogs
and, 23-22, 24-26
failover, 23-20, 23-22
group lookups for database
authorization, 23-6
LDAP directories, 23-5
LDAP service and, 20-6, 23-17
monitoring, 23-60
naming rules, 23-12
Notes mail addressing and, 23-8
planning, 18-13
preventing LDAP searches of
primary Domino
Directory, 23-27
primary Domino Directory
and, 23-26
remote primary directories
and, 19-7
replicas, 23-20
search orders, 23-16
services, 23-3
setting up, 23-29, 23-33, 23-37
setting up servers to use, 23-30
statistics, 23-60
troubleshooting, 63-21, 63-40
updating name, F-60

Directory assistance database


creating and replicating, 23-30
number of, 23-29
setting up servers to use, 23-30
Directory Assistance documents
alias dereferencing, 23-48
Channel encryption option, 23-43
creating, 23-33, 23-37
described, 23-2
local directory replicas, 23-36
Notes distinguished name
attribute in, 23-49
password in, 23-44
search filters in, 23-46
Directory Catalog Configuration
document
additional fields to
include, 24-22
creating, 24-36, 24-43
directories to include, 24-15
documents to aggregate, 24-17
groups in, 24-19
performance settings, 24-30
Remove duplicate users, 24-18
selection formula, 24-20
sort order for, 24-29
Soundex option, 24-30
viewing, 24-48
Directory Catalog Status Report
described, 24-49
Directory Cataloger. See Dircat task
Directory catalogs
client authentication
and, 24-9, 24-11
compared to directory
assistance, 18-14
controlling what
aggregates, 24-16
described, 24-1
directories to include in, 24-15
documents aggregated, 24-17
fields to include, 24-22
groups in, 24-19
improving performance
of, 24-18, 24-20, 24-27, 24-30
monitoring, 24-49
multiple, 24-33
Notes mail encryption, 24-14
offline, 11-21
offline applications and, 11-21
planning, 18-12, 24-9, 24-26, 24-29
removing duplicate users, 24-18
replicating, 24-32, 24-45
reports for, 24-49

selection formulas, 24-20


servers and, 24-4
setting up, 24-8, 24-34 to 24-35,
24-41 to 24-42
sorting, 24-29
Soundex and, 24-30
troubleshooting, 63-25, 63-40
Directory file name
setting, F-60
Directory folders
creating, 49-2
deleting, 49-2
Directory indexer
described, 58-15
Directory links
creating, 49-3
database corruption and, 2-9
deleting, 49-4
described, 49-1
network security and, 2-9
Directory Profile document
described, 19-16
directory catalogs
and, 24-35, 24-42
Directory searches
order of, 18-15, 23-16
Directory servers
described, 18-2
Notes clients and, 19-15
Directory services
directory customization, 18-19
directory search
order, 18-15 to 18-17
international, 18-18
Notes client, 18-10
overview, 18-1
secondary directories, 18-12
terminology, 18-20
Directory setting
described, C-25
Directory tree
verifying for LDAP service, 20-4
Directory type
storing in Server record, F-63
Disable_Cluster_Replicator setting
described, C-25
Disable_View_Rebuild_Opt setting
described, C-25
DisabledPorts setting
described, C-26
DisableLDAPOnAdmin setting
described, C-26
Disclaimers
adding to messages, 32-9

Disk I/O tuning


performance, 60-15
Disk space
displaying information on, 58-5
monitoring, 28-10
saving, 40-17 to 40-18
troubleshooting, 63-86
Disposition-Notification-To header
configuring for return
receipts, 28-116
Distinguished names
Domino Directory and, 18-8
Internet certificates, 45-2
LDAP service
and, 20-3, 20-25 to 20-26, 20-31
DNS
defined, 2-11
described, 26-25
domains, 2-11
examples of MX records, 26-27
mail routing and, 27-49
multiple domains, 2-16, 2-19, 2-22
name resolution in NRPC and,
2-11, 2-15 to 2-17, 2-19, 2-22
outages in a hosted
environment, 14-11
preventing problems with, 2-56
verifying connecting hosts
in, 28-71
verifying sending domain
in, 28-90
DNS Blacklist filters, 28-86
DNS lookups
use in controlling inbound SMTP
sessions, 28-71
Document tables
forms and, 61-4
Documents
adding, I-20 to I-21
archiving, 61-20
archiving from server, 61-27
archiving with
agents, 61-27 to 61-28
categorizing for Domain
Search, 10-21
concurrent editing of, 58-8
Configuration Settings, 27-18
deleting, I-9
deleting inactive, 61-25
finding by Note ID, 63-20
Foreign domain, 27-30
Foreign SMTP domain, 27-32
Global domain, 27-55
Non-adjacent domain, 27-26

Index-9

DOLS. See Domino Off-Line


Services
Domain Catalog
backing up, 10-18
categories in, 10-10, 10-21
creating, 10-6
described, 10-5
setting up, 10-2
updating, F-65
views in, 10-6
Domain Catalog server
decommissioning, 59-12
Domain documents
adjacent domains, 27-23
foreign domains, 27-30
global, 27-55
non-adjacent domains, 27-26
using multiple Internet domain
names, 27-44
Domain Index
adding databases, 10-7
adding file systems, 10-9
backing up, 10-18
creating, 10-14
deleting databases, 10-17
LDAP searches of, 20-36
location, 10-17
planning, 10-3 to 10-4
size, 10-11 to 10-12
updating, 10-14
Domain Indexer task
performance, 10-16
setting up, 10-14
Domain Search
described, 10-1
Notes users and, 10-19
NOTES.INI settings, 10-23
performance, 10-16
policy settings and, 10-19
security, 10-12
server requirements, 10-2
WANs and, 10-3
Web clients and, 10-20
Domain Search forms
adding categories to, 10-10
customizing, 10-18
Domain Search results
access to, 10-12
Domain Search server
decommissioning, 59-12
Domain servers
denying access, 38-7
Domain setting
described, C-27

Index-10

Domains
communication between, 39-27
directory assistance, 23-18
DNS, 2-11
finding user names in, 5-85
mail routing
and, 26-19, 26-21, 27-20
multiple DNS, 2-16, 2-19, 2-22
planning, 1-5
restricting mail in, 28-36, 28-55
verifying in DNS, 28-90
Domains, external
connecting to, 4-18
DOMCFG.NSF, 34-48
creating, 34-49
Domino 5 certificate authority
setting up, 45-1
setting up SSL on the CA
server, 45-5
signing server certificates, 45-7
Domino 5 IMAP Initialization
Workload script
sample, J-5
Domino 5 IMAP Workload script
sample, J-6
Domino Administrator
Broadcast command, A-12
Configuration tab, 16-15
configuring mail routing, 27-18
creating groups with, 6-2
creating replicas, 7-9
disk space information, 58-5
displaying directory
contents, 58-3
displaying files, 58-2
Domino Console, Domino
Controller and, 16-28
Drop command, A-14
entering server commands, A-1
file information, 58-3
Files tab, 16-13, 58-2
installing, 16-1
Load command, A-15
managing databases with, 58-4
managing files with, 58-2
managing folders with, 58-5
Messaging tabs, 16-15
monitoring events with, 52-22
monitoring statistics with, 52-31
overview, 16-1
password protecting the
console, A-26
People and Groups tab, 16-13
quitting a task from, A-46

remote console, A-5 to A-7


Replicate command, A-18
Replication tab, 16-15
Route command, A-24
running Server Setup program
with, 3-18
server list, 16-4
Server tabs, 16-14
setting local attributes, 52-21
setting preferences, 16-5, 16-7 to
16-9, 16-11
setting up, 16-2
shortcut keys, H-3
Show Directory command, A-30
Show Diskspace command, A-31
Show Port command, A-33
Show Server command, A-36
Show Stat command, A-37
Show Tasks command, A-39
shutting down the server
from, A-14
starting, 16-2
tabs, 16-13
Tell command, A-46
tools, 16-16
troubleshooting, 63-1
user interface, 16-3, 16-13
viewing hosted
organizations, 14-14
viewing replication
topology, 7-34
Web Administrator and, 16-23
Domino CA
configuring application profile
for, 45-4
creating, 45-2
in a hosted
environment, 12-4, 13-3
server-based certification
authority, 45-1
Domino CA server
Domino 5, 45-1
setting up, 45-1 to 45-2
Domino Change Control database
ACLs for, 54-51 to 54-52
database moves, 54-56
location, 54-34
Domino Change Manager
and database moves, 54-55
and resource
balancing, 54-47 to 54-48
maximum current tasks, 54-49
setting up, 54-48
Tell ChangeMan command, 54-50

Domino Character Console, A-8


Domino Configuration database
creating, 34-49
Domino Console
starting and stopping, 16-30
Web Administrator and, 16-28
Domino Controller
default TCP port, 2-56
Domino Data folder
displaying contents, 58-3
managing files in, 58-2
Domino Directory
ACL, 19-10
adding Internet/intranet users
to, 42-3
address lookup and, 27-47
administration server, 15-2
Administrators field, 19-12
authenticating Web clients
with, 42-23
changing passwords, F-6
changing type, 19-5
Configuration Settings
document, 27-18
creating Internet
certificates, 47-10
creating subforms in, E-17
cross-certificates, 39-27
customizing, E-1 to E-2,
E-4 to E-5
deleting groups from, F-11
deleting policy record from, F-20
deleting servers from, F-25, F-78
deleting users from, F-15
described, 19-1
distinguished names, 18-8
domain documents, 27-23, 27-26
global domain documents, 27-44
in a hosted environment, 12-2
lookup command, I-17
mail routing and, 26-9
mapping fields with Active
Directory, 17-31
offline, 11-21
offline use, 32-8
performance settings, 19-1, 60-9
replicating, 19-17
restoring, 14-11
restricting name
lookups, 27-47, 28-40
roles, 19-10
scheduled replication and, 7-20
secondary, 15-7, 23-1, 23-3, 23-8,
23-10, 23-33, C-68

server access and, 63-93


server registration and, 3-29
setting access to, 19-9, 20-16,
20-22 to 20-23
setting up primary, 19-2
synchronizing with Active
Directory, 17-38
tools for adding entries, 18-7
tools for managing entries, 18-9
troubleshooting, 63-38
updating, I-18
upgrading to new default
template, E-22
views in access control lists, 38-4
Domino Directory template
copying, E-4
customizing, 18-19, E-22
Domino domains
in Internet reply addresses, 27-54
mail routing and, 26-19
planning, 1-5
planning directory
architecture, 18-2, 19-4
restricting mail, 28-36, 28-55
Domino environment
building, 1-14
Domino LDAP Schema database. See
Schema database
Domino Management Information
Base (MIB)
overview, 53-7
using with SNMP, 53-21
Domino named network
defined, 27-20
mail routing and, 26-19, 27-39
Domino Off-Line Services
accessibility and, 11-23
administrator tasks, 11-2
agents and, 11-19
creating a security policy, 11-7
described, 11-1
in a hosted
environment, 12-4, 13-20
overview, 11-1
security, 11-10
setting up the server
for, 3-11, 32-2
troubleshooting, 11-23
Domino ORB
setting up, 34-26, 34-29, 34-31
Domino Performance Zone
Web site for, 60-1
Domino security
application, 37-14

application design element, 37-15


overview, 37-1
planning, 37-11
Domino server
access, 38-2
anonymous access for Notes
users, 38-13
configuring for NDS, G-6
controlling browser client
access, 38-22
customizing access to, 38-7
Indic language support, 3-17
installing, 3-1, 3-3
monitoring databases for, 52-1
NDS objects, G-2
planning services and tasks, 1-11
setting console attributes, 52-21
Setup program, 3-8,
3-17 to 3-18, 3-34
starting and shutting down, 3-46
Domino server event generator
creating, 52-6
Domino server monitor
adding a task, 52-43
adding servers, 52-44
described, 52-40
profiles, 52-43, 52-44
starting, 52-41
using, 52-44
views, 52-41
Domino SNMP Agent
architecture, 53-5
completing configuration
of, 53-18
configuring for AIX, 53-12
configuring for Linux, 53-13
configuring for Solaris, 53-14
configuring for Windows, 53-11
configuring for zOS, 53-17
manual start and stop, 53-20
overview, 53-1
system requirements, 53-7
troubleshooting, 53-24
Domino statistics
Windows NT Performance
Monitor and, 17-23
Domino system administration
tasks, 48-1
Domino Web Engine
configuring for Web Site
documents, 34-23
Domino Web server, 34-1
configuring, 34-12

Index-11

Internet port and protocol


settings, 34-6, 34-8 to 34-9
log file, 56-8 to 56-10
logging server requests, 56-8
logging to text files, 56-10
running, 34-5
search results, 34-26
security, 34-8, 34-9
setting to work with other Web
servers, 35-1
setting up, 34-4
Domino Web server log file
setting up, 56-12
troubleshooting with, 63-2
DominoNoBanner setting
described, C-27
DominoNoDirLinks setting
described, C-28
DominoR5IntlURLDecoding setting
described, C-28
DominoXURLProcess setting
described, C-28
DOMLOG.NSF
described, 56-8
viewing, 56-10
Downgrade user from roaming to
non-roaming user, F-28
Downloading files
improving performance for Web
clients, 34-56
Drop command
described, A-13, I-9
DSAPI
values, 11-11
DSN
enabling, 28-96, 28-103 to 28-104
DST setting
described, C-29
DST_Begin_Date setting
described, C-30
DST_End_Date setting
described, C-30
DSTlaw setting
described, C-29
Duplicate names, 24-18
during client authentication, 23-5
Duplicate Person documents
directory catalogs and, 24-18
Dynamic cost reset interval
resetting, 28-39
Dynamic lookup
of host names, 27-49

Index-12

E
ECL
administration, 41-6, 41-11
creating a workstation, 41-12
described, 41-1
guidelines for creating, 41-6
Java applets and, 41-4
JavaScript and, 41-4
security access options, 41-3
updating a workstation, 41-13
workstation security and, 41-3
EditExpnumber setting
described, C-31
EditImpnumber setting
described, C-32
Editing
concurrent, 58-8, 63-91
shortcut keys, H-6 to H-8
Editor access
actions, 40-14
privileges, 40-16
EDNI document
creating, 4-18
updating, F-65
Effective access
extended ACLs and, 25-30
Effective policies
described, 9-3
determining, 9-36
viewing, 9-37 to 9-38
EmptyTrash setting
described, C-32
Enable_ACL_Files setting
described, C-33
EnableBiDiNotes setting
described, C-33
Encrypted fields
indexing, 50-2
Encryption, 43-1
certificates, 2-41
defined, 43-4
dual Internet certificates
and, 47-17
Internet transactions and, 40-31
mail, 43-4, 43-7
mail journaling and, 28-111
network data, 46-1
outbound mail routing, 24-14,
C-90, C-100 to C-101
performance and, 43-4
SSL settings, C-108
EndCrit command
described, I-10

End-to-end topology
replication and, 4-8
End-user installations
with Transform files, 5-50
Entries command
described, I-10
Error messages
Administration
Process, 15-36, 63-8
Agent Manager and agents, 63-13
Domino Off-Line Services, 11-24
IPX/SPX network, 63-73
mail, 28-46
mail routing, 63-38
meetings and resources, 63-45
modems and remote
connections, 63-50
network dialup
connections, 63-74
OS/2, 63-100
partitioned servers, 63-78
replication, 63-82
server access, 63-91 to 63-93, 63-95
server crashes, 63-98
TCP/IP, 63-57, 63-61
Web Administrator, 63-108
Web Navigator, 63-107
Web server, 63-104
ErrorDelay command
described, I-10
Escrow agent
troubleshooting, 63-16
ESMTP
supporting inbound
extensions, 28-96
supporting outbound
extensions, 28-103
ETRN extension
enabling for inbound SMTP
connections, 27-61, 28-96
Event filters
creating, 52-19
viewing, 52-20
Event generators
creating, 52-13
database, 52-5
defined, 52-3
disabling, 52-12
Domino server, 52-6
mail routing, 33-3, 52-7
statistic, 52-9
task status, 52-10
TCP server, 52-11
viewing, 52-14

Event handlers
creating, 52-13, 52-17, 52-23
defined, 52-3, 52-14
disabling, 52-18
notification
methods, 52-15 to 52-16
viewing, 52-20
Event messages
viewing, 52-20
Event Monitor server task
overview, 52-1, 52-3
Event task
monitoring replication, 63-80
Events
filtering, 52-19
from SNMP traps, 53-4
logging, 52-21
monitoring, 52-2, 52-22
notification methods, 52-15
severity levels, 52-4
types of, 52-16
viewing, 52-20
Examples
directory assistance, 23-51 to
23-53, 23-55
extended ACL, 25-19
Extended Directory
Catalogs, 23-53, 23-55
LDAP service write
operations, 20-26
ldapsearch utility, 22-6
registering a hosted
organization, 13-8
replication, 7-19
xSP server in a hosted
environment, 12-16
Execution Control List. See ECL
Execution Security Alert dialog
box, 41-2
trusting signatures, 41-2, 41-13
Exit command
described, A-14
Expired certificates
renewing, 46-21
Explicit policies
adding, 9-40
assigning, 9-40
changing, 9-40
described, 9-2
removing, 9-40
Extended accelerator keys. See
Shortcut keys
Extended access
disabling, 25-31

enabling, 25-23
Extended ACLs
activity log for, 25-31
changing, 25-28
described, 25-1, 25-3
directory, 18-7
disabling, 25-31
effective access and, 25-30
enabling, 25-23
examples of, 25-19
Extended Directory Catalogs
and, 24-7
in a hosted environment, 13-6
LDAP and, 20-20, 25-6
other database security and, 25-2
planning, 25-22
privileges for, 25-2 to 25-3, 25-5
restoring, 14-11
schema database and, 25-7
setting up, 25-22, 25-24
subjects in, 25-9, 25-17
target scope, 25-14, 25-17
targets in, 25-12 to 25-13
troubleshooting, 25-30, 63-34
Extended administration servers
removing, 15-34
setting up, 15-33
Extended Directory Catalogs
benefits of, 24-5
central directory architecture
and, 19-4
client authentication
and, 23-3, 24-10
directory assistance and, 23-6,
23-8, 23-22, 23-33, 24-26
examples, 23-53, 23-55
full-text indexes, 24-26
groups for database
authorization, 24-27
integrated into primary
directory, 24-28
LDAP service, 23-10
multiple, 24-33
native documents, 24-7
planning, 24-26
replicating, 24-45
setting up, 24-41 to 24-42
size of, 24-26
Extended key usage
public keys, 44-13
Extension manager
Administration Process
and, 15-30

in a hosted
environment, 12-5
External companies
communicating with, 39-27
External Domain Network
Information document. See
EDNI document
External Internet mail
preventing relaying, 28-75
External servers
access levels for, 7-7
ExtMgr_AddIns setting
described, C-34

F
Failover
directory assistance, 23-20, 23-22
for mail routing, 28-40
Fault recovery, 55-10
cleanup script, 55-11
enabling, 55-11
operating systems and, 55-10
Fields
customizing in Domino
Directory, E-2
directory catalogs and, 24-22
LDAP attributes and, 21-4
Fields, database
increasing number of, 61-29
performance and, 61-6
File format
database, 61-17
mail, 31-28
File names
key ring, 45-2
File protection, 34-42
File Protection documents, 34-41
described, 34-44
example, 34-42
File systems
searching, 10-9
FileDlgDirectory setting
described, C-34
Files
compressing when uploading to
Web, 34-29
displaying, 58-2
displaying information
about, 58-3
downloading from Web
server, 34-56
managing, 58-2
preferences, 16-7

Index-13

protecting from Web


access, 34-41, 34-44
replicating specific, 7-27
Files/Directories to Replicate
field, 7-27
Filtering
message, 28-20
Find name in domain request, F-29
FindbyKey command
described, I-11
FindByName command
described, I-12
Finger Internet service
controlling access to, 36-7
Firewalls
troubleshooting, 63-105
using a relay host, 27-58
Fixup task
BRP files, C-115
options, 58-28
running, 58-26, 58-30
transaction logging and, 55-2
troubleshooting and, 63-99
use in preparing mail files for
IMAP use, 31-29
Fixup_Tasks setting
described, C-34
Flat names
converting to
hierarchical, 5-67, F-68, F-84
Folder prefixes
IMAP, 31-15, 31-17
Folders
creating, 40-17, 49-2
deleting, 49-2
managing, 58-5
Fonts
mapping, C-117
Windows system, C-121
Foreign domains
configuring, 27-30
scheduling and, 8-6
Foreign SMTP domain documents
creating, 27-32
Internet mail configuration
and, 27-58
Format preference for incoming mail
setting for IMAP
users, 31-3, 31-23, 31-35
setting for POP3 users, 30-7
Forms
and document tables, 61-4
and object classes, 21-3

Index-14

customizing in Domino
Directory, E-2
HTML, 36-5
performance and, 61-3
Forwarding address
in Person document, 27-42
Forwarding rules
enabling and disabling support
for, 28-9
FQDN
as servers common name, 2-19
specifying in Connection
document, 2-17
specifying in Server
document, 2-16, 2-22
Frame types
IPX, 63-70
TCP/IP, 63-68
Free Time database
described, 8-1
troubleshooting, 63-45
Free-time lookups, 8-5
in non-adjacent domains, 8-6
FT_DOMAIN_DIRECTORY_NAME
setting
described, C-35
FT_DOMAIN_IDXTHDS setting
described, C-35
FT_Index_Attachments setting
described, C-36
FT_Intl_Setting setting
described, C-36
FT_Max_Search_Results setting
described, C-36
FT_No_Compwintitle setting
described, C-37
FT_Summ_Default_Language setting
described, C-38
FTG_No_Summary setting
described, C-37
Full-text indexes
creating, 50-2
deleting, 50-7
described, 50-1
directory catalogs and, 24-7, 24-25
disabling, C-115
Domain Search and, 10-2
LDAP service and, 20-15
security and, 50-2
size, 50-3
updating, 50-3, 50-5 to 50-6

G
Gateways
routing mail to, 27-30
GetAll command
described, I-12
GIF files
Web server and, 34-24
Global Domain documents
default, 27-55
in a hosted organization, 13-5
LDAP service and, 20-5
Global domains
configuring, 27-44
defining multiple, 27-55
Global Web settings document, 34-40
creating, 13-21, 34-40
described, 13-19, 34-34
editing, 13-22
Gopher Internet service
controlling access to, 36-7
Graphics
Web server format, 34-24
Group documents
editing, 6-10
object classes for, 21-5
Group members
registering in Notes, 17-18
Group names
finding, 6-15, F-29
in Internet message
headers, 28-131
Groups
adding and deleting
members, 6-6
adding to Notes, 17-20
Administrator, 13-7
assigning a policy to, 6-9
creating and modifying, 6-2
creating with Domino
Administrator, 6-2
creating with Web
Administrator, 6-4
database authorization, 18-16,
23-6, 24-27
deleting, 6-14, 17-42
Deny List Only, 6-8
described, 6-1
directory catalogs and, 24-19 to
24-20, 24-35, 24-42
editing, 6-10
finding members, 6-18
mail, 28-32
managing, 6-8, 6-16

registering, 17-39
renaming, 6-10, 17-41, F-50
renaming immediately
throughout domain, 6-13
troubleshooting, 63-20
Windows NT, 17-16

H
Headers
resent, 28-131
Headline monitoring
controlling, 38-16
performance and, 61-6
Health reports
for servers, 54-11 to 54-12,
54-14 to 54-15
for servers, purging, 54-12
Health_Report_Purge_After_N_Days
setting
described, C-38
Help
customer support, 63-4
Help command
described, A-15, I-12
Hierarchical IDs
cross-certification by phone, 39-33
cross-certification through Notes
mail, 39-36
cross-certification through postal
service, 39-34
Hierarchical names
converting flat names
to, 59-10, F-84
creating scheme for, 1-3
deleting servers with, F-81
Domino Directory and, 18-8
server registration and, 3-29
Hierarchical organizations
certification and, 39-27
communication between, 39-27
Holding undeliverable mail
in MAIL.BOX, 28-40
Holiday documents
creating, 8-17
modifying, 8-20
Home pages
for virtual servers, 3-42
Web server, 63-106
Host names
DNS and, 26-25
mail routing and, 26-12, 27-49
restricting inbound connections
by, 28-71

specifying in Server
document, 2-16, 2-22
Hosted environments
Domino features in, 12-4
example, 12-16
server options, 12-2
Hosted organizations
access to Web sites, 14-12
anonymous access to
databases, 14-4
deleting, 14-3, F-14
disabling services, 14-4
distribution of data, 12-9
Internet Site documents
for, 13-18, 13-20
loopback addresses, 13-17
mail addressing to, 14-16
maintaining, 14-1
managing users, 14-14
managing users and
groups, 14-16
moving to other servers, 14-5
on multiple servers, 14-2
policies for, 9-7, 13-4
registering, 13-5, 13-8, 13-11
registration, F-48
removing from an additional
server, 14-10
security and, 12-3
server crash recovery in, 14-11
server environments for, 12-1
setting up Domino Certificate
Authority for, 13-3
setup checklist, 13-3
using the Resource Reservations
database, 14-12
using the Web
Administrator, 14-15
viewing, 14-14
viewing Web Site and Internet
Site documents, 13-20
Web Site documents for, 13-18,
13-20 to 13-21
HostedOrganizationAdmin
group, 13-7
Hosting
Java applets, 34-10
Hosts files
system settings for, 2-13
HP OpenView
and SNMP traps, 53-21
HTML
displaying source for Server Web
Navigator, 36-13

passthru, 34-2
HTML login form
customizing, 42-10
HTML preferences
in Server Web Navigator, 36-12
HTTP
activity logging, 57-4
HTTP proxy
connecting Server Web Navigator
through, 36-3
HTTP server task
running, 34-5
HTTP servers
Domino working with the IBM
HTTP Server, 35-2
setup mode setting, C-99
HTTP service
binding to an IP address, 2-49
controlling access to, 36-7
in a hosted environment, 12-13
HTTP sessions
tracking, 34-13
HTTPEnableConnectorHeaders
setting
described, C-39
HTTPLogUnauthorized setting
described, C-39
HTTPS
controlling access to, 36-7
SSL and, 46-18
Hub-and-spoke topology
example of, 4-10
limitations of, 4-8
replication and, 4-6
Hunt group connection document
creating, 4-31
Hunt groups
described, 4-23, 4-31

I
IBM HTTP Server
setting Domino to work with,
35-2
IBM Office Vision
scheduling and, 8-6
IBM Tivoli Analyzer
Activity Trends, 54-17
installing, 54-6
overview, 54-1
ICL. See Issued Certificate Lists
ICMNotesPort setting
described, C-40

Index-15

Icons
Administration Requests
database, 15-23
ID recovery
administration request, F-30
ID table
Note IDs, I-12
Idle Workload script
described, 62-14
running, 62-14
sample, J-4
IDs
defined, 39-1
displaying certificates, 39-3
IMAP users and, 31-23
multiple-password, 39-6
password protection, 39-4
passwords for, 39-13
recovering, 39-14,
39-17 to 39-18, 39-20
security and, 37-16
server, recertifying, 59-9
IDs, certifier, 1-7, 3-34 to 3-35
Ignore message priority
setting for mail routing, 28-39
IIOP
in a hosted environment, 12-13
setting up, 34-10
Image display
performance and, 61-3
Web server and, 34-24
ImailCheckForNewMail command
described, I-13
ImailCloseMailbox command
described, I-13
IMAILExactSize setting
described, C-40
ImailFetchEntry command
described, I-13
ImailFetchOld command
described, I-14
ImailGetLastEntries command
described, I-14
ImailGetNewMail command
described, I-14
ImailHelp command
described, I-14
ImailListMailboxes command
described, I-14
ImailLogin command
described, I-15
ImailLogout command
described, I-15

Index-16

ImailOpenMailbox command
described, I-15
ImailPostMessage command
described, I-15
ImailSetSeen command
described, I-16
IMAP
activity logging, 57-4
IMAP attributes
adding to IMAP-enabled mail
files, 31-3
IMAP delegation
administration request, F-7
IMAP Initialization Workload script
sample, J-5
IMAP protocol
Domino mail server
and, 26-5, 31-1
in a hosted environment, 12-13
IMAP public folders
designating, 31-15
IMAP service
and shared mail files, 31-12
authenticating options, 31-5
binding to an IP address, 2-47
changing default port
information for, 31-6
configuring internal thread
use, 31-19
customizing, 31-5
greetings, 31-21
limiting sessions, 31-9
logging in to server, I-15
logging out of server, I-15
mail commands, I-13 to I-16
NAMESPACE
command, 31-12 to 31-13
setting up, 31-4
starting, 31-5
time-out setting, 60-12
IMAP users
allowing SMTP relays from, 28-82
creating mail files for, 31-26
enabling mail files for, 31-2, 31-10,
31-27, 31-30
setting acceptable login names
for, 31-24
setting up, 31-22
setting up Person documents
for, 31-23
IMAP_Config_Update_Interval
setting
described, C-40

IMAP_Convert_Nodisable_Folder_
Refs setting
described, C-41
IMAP_Session_Timeout setting
described, C-43
IMAPDisableFTIImmedUpdate
setting
described, C-42
IMAPDisableMsgCache setting
described, C-42
IMAPGreeting setting
described, C-42
IMAPNotesPort setting
described, C-43
IMAPRedirectSSLGreeting setting
described, C-43
IMAPShowIdleStatus setting
described, C-44
IMAPSSLGreeting setting
described, C-44
Inactive documents
deleting, 61-25
Inbound connections
restricting for SMTP, 28-71, 28-86
Inbound mail routing
restricting, 28-70, 28-75, 28-90
Inbound relay controls
enforcement of, 28-81
and message transfer, 28-85
Inbox folder
adding documents to, J-2
Incoming Mail Sound setting
described, C-44
Index command
described, I-16
Index entries
searching, I-11 to I-12
Index, Domain. See Domain Index
Indexes
creating, 50-2
deleting, 50-7, 58-23
described, 50-1
Domain Search and, 10-2, 48-7
encrypted fields, 50-2
replicating, 50-1
security and, 50-2
size, 50-3
troubleshooting and, 63-99
updating, 50-3, 50-5 to 50-6, 58-14
Indic languages
support for, 3-17
INET_Authenticate_with_Secondary
setting
described, C-45

Informational logging, 28-7


iNotes Web Access
active content filtering for, 32-8
adding disclaimers, 32-9
alternate name support in, 32-10
configuring, 32-4
creating a portal for, 32-3
customizing, 32-4, 32-7 to 32-9
overview, 32-1
registering users, 32-2 to 32-3
Sametime and, 3-14
setting up a server for, 3-13
Install directories
customizing location of, 5-49
Installation
automating client, 5-45
batch file, 5-46
client, 5-41
command line, 5-47
customizing client, 5-47
End-user with Transform
files, 5-50
interactive mode, 3-5
multi-user client, 5-46
by scriptable setup, 5-52
script mode, 3-7
setting to multi-user by
default, 5-49
setting up, 5-42
shared network directory, 5-43
silent, 3-7
single user, 5-43
on UNIX systems, 3-4
on Windows systems, 3-3
Installation options
using Transform files, 5-49
InstallShield Tuner for Lotus
Notes, 5-47
InstallType setting
described, C-45
Interlaced rendering
Web images and, 34-24
International characters
LDAP service and, 20-32
International settings
specifying for Web, 34-31
Internet
anonymous
access, 42-25 to 42-26
connecting Server Web Navigator
through, 36-3
connecting to, 4-21 to 4-22, 4-40
creating a key ring and certificate
request, 45-2

cross-certification, 39-37
enforcing encrypted
transactions, 40-31
name-and-password
authentication, 42-1, 42-6
security, 38-2, 38-4
Internet address
changing, 5-73
Internet addresses
adding senders in outbound
mail, 27-50
formats for, 28-134
LDAP service and, 20-5
outbound mail, 27-54
as reply addresses, 27-52
Internet addresses, inbound
looking up in the Domino
Directory, 27-47
Internet certificates
adding, F-4
adding to Domino Directory, 47-7
creating, 47-14
creating with Domino
Directory, 47-10
deleting, 47-12
dual, 47-17
in a hosted environment, 12-4
signing, 47-7
SSL and S/MIME, 47-5
Internet clients
name variations accepted for
login, 31-24
Internet cross-certificates
creating, 47-4
described, 39-28
Internet domains
primary vs. aliases, 27-55
Internet mail, 27-38
restricting inbound, 28-90
restricting
outbound, 28-98 to 28-99
restricting relays, 28-75
restricting who can receive, 28-92
routing, 26-23, 27-6, 27-34,
27-37 to 27-38, 36-9
troubleshooting, 63-107
Internet passwords, 42-24
security and, 42-24
user registration and, 42-3
Web Administrator, 16-19
Internet protocols
setting up passwords for, 42-3
Internet services
accessing, 36-7

binding to IP addresses, 2-47


controlling access to, 36-7
default TCP ports, 2-56
proxies for, 2-7
Internet Site documents
configuring for hosted
organization, 3-40, 13-20
creating, 3-40
and DNS outages, 14-11
in a hosted environment, 13-18
IMAP configuration
and, 28-60, 31-6
overview, 3-37
POP3 configuration and, 30-3
SMTP configuration and, 28-59
Internet users
renaming, 5-66
InterNotes server
described, 36-1
saving HTML source, 36-13
setting up, 36-2
Intranets
name-and-password
authentication, 42-1
Invitations
responding to, I-24
IP address configurations
in a hosted environment, 12-5
IP addresses
binding ports to, 2-46 to 2-47
binding to xSP servers, 13-16
DNS and, 26-25
multiple, 2-19, 2-22
partitioned servers
and, 2-21, 2-50
resolving, 12-14
restricting inbound connections
by, 28-71
using in Connection
documents, 2-18
using in Server documents, 2-12
IP names
specifying in Server
document, 2-16, 2-22
IPv6 standard
described, 2-25
enabling support for, 2-45, C-110
IPX/SPX
assigning sockets, 2-62, C-70
frame types, 63-70
integrating Domino
with, 2-29, G-1
name resolution in, 2-30, 63-72

Index-17

Notes port for, 2-34 to 2-36,


2-38 to 2-42, 2-61
NOTES.INI settings, 2-64
security, 2-9
setting up servers on, 2-32, 2-61
Token-Ring and, 63-71
troubleshooting, 63-70
ISpy database
creating mail-in database record
for, F-7
ISpy task
mail routing event generator
and, 52-7
starting and stopping, 52-13
TCP server event generators
and, 52-11
troubleshooting with, 63-2
Issued Certificate Lists
described, 44-2

J
Java agents
restricting, 40-18
Java applets
hosting, 34-10
on Web server, 34-2
Java servlets
managing, 34-13
JavaEnableJIT setting
described, C-46
JavaJITName setting
described, C-46
JavaMaxHeapSize setting
described, C-46
JavaMinHeapSize setting
described, C-47
JavaNoAsyncGC setting
described, C-47
JavaNoClassGC setting
described, C-47
JavaScript
on Web server, 34-2
JavaStackSize setting
described, C-48
JavaUserClasses setting
described, C-48
JavaVerbose setting
described, C-48
JavaVerboseGC setting
described, C-49
Journaling
mail, 28-105
methods, 28-109

Index-18

retrieving journaled
messages, 28-113
setting up, 28-106
JPEG files
Web server and, 34-24

K
Keep alive headers
sending to Web server, 34-53
Key ring files
changing the password for, 46-22
creating a test version, 46-22
creating for internal CA, 45-2
displaying, 45-7
entering for server, 46-15
exporting, 45-7
merging a certificate from an
external CA, 46-9
merging server certificates
into, 46-12
naming, 45-2
viewing certificates, 46-20
Key usage extensions
public keys, 44-12
Keyboard shortcuts. See Shortcut
keys
KeyFileName setting
described, C-49
Keys
private, 43-1
public, 43-1
KitType setting
described, C-50

L
LAN Connection document
creating, 4-15
LANA numbers
NetBIOS ports and, 2-58
Language codes
specifying for a character set
group, 28-120
Language groups
configuring font options
for, 28-126
Languages
choosing default for Web, 34-31
Domain Search and, 10-1
LDAP service tags, 20-29
LANnumber setting
described, C-50

LANs
connecting servers on, 4-15
integrating Domino with, 2-2
network compression and, 2-42
setting up servers on, 2-32
troubleshooting, 63-55
LDAP accounts
compared to directory
assistance, 23-9
planning, 18-5
LDAP activity logging
information logged, 57-4
limiting information
logged, 57-13
LDAP directories
alias dereferencing and, 23-48
authenticating SSL clients, 46-25
authenticating Web clients
with, 42-23
authenticating Web users
with, 40-7
connecting using SSL, 47-23
described, 23-1
directory assistance, 23-3, 23-6,
23-9, 23-11, 23-37, 23-43
failover, 23-22
LDAP service referrals to, 20-33
lookup command, I-17
Notes distinguished names
in, 23-49
search filters and, 23-46
server passwords for
connecting, 23-44
LDAP features
overview, 18-3
LDAP migration tool, 20-2
LDAP operations
extended ACLs and, 25-6
LDAP schema
checking, 21-18 to 21-19
described, 21-1
Domino, 21-2
Domino LDAP Schema
database, 63-34
extending, 18-19, 21-10, 21-16 to
21-17, E-3, E-7 to E-9,
E-16 to E-17, E-20
retrieving, 21-20
root DSE searches, 21-20
viewing, 21-9
LDAP service
anonymous search
access, 20-16 to 20-17, 20-20
binding to an IP address, 2-47

client setup, 20-34


condensed Directory Catalogs
and, 20-6
configuration, 20-9, 20-37
described, 20-1 to 20-2
directory assistance and, 20-6,
23-10 to 23-11, 23-17 to 23-18
directory search order, 18-16
directory tree verification, 20-4
disabling, 20-8
distinguished names
and, 20-3
Domain Index searches, 20-36
Extended Directory Catalogs
and, 20-6
full-text indexes and, 20-15
in a hosted environment, 12-13
Internet address
formation, 20-5
Internet Draft supported, 20-42
language tags, 20-29
monitoring, 20-37
name and password
authentication failure, 63-31
name-and-password
security, 20-31
NOTES.INI settings, 20-41
performance settings, 20-28
planning, 18-4
ports and port security, 20-12
preventing use of primary
Domino Directory, 23-27
referrals, 20-33
RFCs supported, 20-42
schema daemon, 21-5,
C-88 to C-89
schema database, 21-7
search, 20-28
secondary directories, 18-4
setting up, 20-7
starting and stopping, 20-8
statistics, 20-38
Tell commands, A-53
time-out setting, 20-28
troubleshooting, 63-31
Unicode and, 20-3
UTF-8 encoding, 20-32
write operations, 20-22 to 20-23,
20-25 to 20-26
LDAP_MailOnlyGroupOption
setting
LDAPGroupMembership
setting, C-53

LDAPBatchAdds setting
described, C-51
LDAPConfigUpdateInterval setting
described, C-51
LDAPGroupMembership setting
described, C-52
LDAPLookup command
described, I-17
LDAPNotesPort setting
described, C-53
LDAPPre55Outlook setting
described, C-54
ldapsearch utility
described, 22-1
examples, 22-6
operational attributes and, 22-5
parameters, 22-2
planning, 18-6
search filter operators, 22-5
search filters, 22-4
ldapsearch.exe
retrieving schema with, 21-20
Leased-line connections
connecting to the Internet by, 4-21
Librarians
assigning, 51-3
database libraries, 51-2
Libraries. See Database libraries
License tracking
described, 5-85
License tracking information
updating in Domino
Directory, F-65
Linux
configuring partitioned
servers, 2-50
configuring SNMP Agent
for, 53-13
Listener task
Server document, 27-41
SMTP, 27-41
Live console
Web Administrator and, 16-26
LNSNMP service
removing, 53-11
LNSNMP.INI file
configuring, 53-9
Load command
described, A-15
Load server command
running server tasks, B-1
troubleshooting, 63-91
LocalDomainAdmins group
described, 6-2

LocalDomainServers group
access level, 7-6, 40-3
described, 6-1
directory catalogs and, 24-20
Location documents
Internet addresses in, 27-53
Location setting
described, C-54
Log file
accessing, 56-5
activity logging
information, 57-1, 57-13
Agent Manager and agents, 63-12
analyzing, 56-5
compacting, 56-1
Domino server, 56-1
Domino Web server, 56-12
extended ACL, 25-31
logging modem I/O in, 63-48
NOTES.INI settings, 56-2
NSD, 63-96, 63-101
passthru connections and, 63-79
replication events, 58-8
replication views, 63-80
Results database, 56-5
Schedule Manager errors in, 63-47
searching, 56-5
selecting level of
logging, 28-7, 56-3
troubleshooting with, 63-2
using commands to record
information, 56-3
viewing the Domino server, 56-3
Log filters
for events, 52-15
Log setting
described, C-55
for log file size, 56-1
LOG.NSF, 28-7
introduced, 56-1
monitoring servers and, 52-3
Log_AgentManager setting
described, C-55
Log_Authentication setting
described, C-56
Log_Connections setting
described, C-57
Log_Console setting
described, C-57
Log_DirCat setting
described, C-58
Log_Replication setting
described, C-59
troubleshooting and, 63-80

Index-19

Log_Sessions setting
described, C-59
Log_Tasks setting
described, C-60
Log_Update setting
described, C-60
Log_View_Events setting
described, C-61
LogFile_Dir setting
described, C-58
Logging
configuring for Domino Web
server, 56-12
to the console, 52-21
informational, 28-7
internal server errors, 56-10
phone calls, C-76
replication, 63-80
Web server requests, 56-8
Logging level
selecting, 28-7
Login names
authentication for Internet
clients, 31-24
Login scripts
editing, 4-51
making a call with, 4-50
Lookup command
described, I-17
Loopback addresses
creating, 13-17
Lotus NDS Manager
administering Windows clients
with, G-3
for IPX/SPX setup, G-1
Lotus Organizer
scheduling and, 8-6
Lotus Support Services
contacting, 63-4
Web site, 63-4
LotusScript agents
restricting, 40-18
Low-priority mail
generating delay notifications
for, 28-30
LSCHEMA.LDIF
described, 21-2, 21-5

M
Mail
blocking, 28-20
encrypting, 28-9, 43-4, 43-7, 47-13,
47-15, C-90
error messages, 28-46

Index-20

held, 28-16
limiting the size of
messages, 28-28
pending, 28-16
polling, I-19
restricting, 28-70, 28-90
routing from Web page, 36-9
security, 29-4
shortcut keys, H-7 to H-8
signing, 43-9, 43-11, C-90
tracing connections, 63-37
virus protection, C-71
Mail activity logging
information logged, 57-6
Mail addresses
formats for Internet, 28-134
Mail addressing
directory assistance and, 23-8
directory catalogs and, 24-4, 24-29
domain names and, 63-40
format for sending to another
Domino domain, 26-21
and groups, 28-32
for hosted environments, 14-16
Mobile Directory Catalogs
and, 24-3
type-ahead, 28-6
Mail agents
controlling, 28-9
Mail clients
POP3, 30-11
supported, 26-15
Mail connections
routing and, 27-2
Mail conversion utility
enabling mail files for IMAP, 31-2
Mail databases
archive criteria, 9-28
archive log, 9-24
archiving, 9-22, 9-25
IMAP service and, 31-2
moving, 54-53
overview, 26-12
sharing IMAP, 31-13
Mail delivery
configuring, 28-8
shared mail and, 29-8
Mail encryption administration
request, F-31
Mail file quotas
enforcing, 28-14, 28-28
shared mail and, 29-4
soft deletions and, 28-14

Mail file size


calculating, 28-14
Mail files
converting for IMAP, 31-2, 31-10,
31-29 to 31-30
creating, J-4, , 31-26
delegating access
to, F-9 to F-10, 31-13
deleting during Delete user, 5-73
encrypting, 31-24, 43-8
for hosted organizations, 13-5
initializing, J-4
move request, F-31
moving, 5-77, 29-21
overview, 26-12
POP3 user and, 30-10
quotas, 28-10 to 28-11, 28-15 to
28-16, 28-28
replication and shared mail, 29-19
shared, 31-13
troubleshooting, 63-36
Mail files, storage format, 26-13
setting for IMAP users, 31-3,
31-23, 31-35
setting for POP3 users, 30-7
Mail journaling
defined, 28-105
retrieving journaled
messages, 28-113
specifying messages to
journal, 28-113
Mail Journaling database
managing, 28-109
setting up, 28-106
Mail menu
hiding, C-72
Mail Notification Agent, 5-57
Mail priority level, 28-27
disregarding during
routing, 28-39
Mail protocols
in a hosted environment, 12-13
supported, 26-2
Mail recipients
looking up in the Domino
Directory, 27-47
restricting, 28-92
Mail relays
and outbound mail routing, 27-33
restricting, 28-75
Mail reports
generating, 33-12
setting up a Reports
database, 33-4

troubleshooting with, 63-2


Mail routing
configuring, 27-37
configuring delivery, 28-8
connection costs and, 28-53
controlling message
transfer, 28-26
customizing Notes routing, 28-50
described, 26-1, 26-8
DNS and, 26-25
domain documents
and, 27-23, 27-26
Domino Directory and, 26-9
examples, 27-9
forwarding addresses, 27-42
improving
performance, 28-2 to 28-3
IP addresses and, 26-10, 26-12
in local Internet
domain, 27-4, 27-39
logging and, 28-7
mail clients and, 27-3
for mail outside the local Internet
domain, 27-6, 27-38, 28-85
MAIL.BOX databases
and, 28-3 to 28-4
message priority and, 28-27
Notes protocols and, 26-17, 26-19
to 27-20, 28-36
obeying database quotas, 28-11
over dialup connections, 27-59
over SMTP, 26-23, 27-32, 27-34,
27-37, 28-57
relay hosts and, 27-33
requirements, 28-2
resolving addresses, 27-42
restricting for Notes, 27-28,
27-31, 28-55
restricting inbound Internet
mail, 28-71, 28-90
restricting inbound mail, 28-70
restricting inbound relays, 28-75
restricting message size, 28-28
restricting outbound messages,
28-98 to 28-99
restricting recipients, 28-92
Route command, A-24
routing table and, 26-10
scheduling Notes routing, 28-50
SMTP, 27-41
SMTP protocol and, 26-21
stopping, 27-5
topology, 27-2
troubleshooting, 63-36

using a firewall, 27-58


using a smart host, 27-43
using multiple Internet domain
names, 27-44
using multiple mailboxes, 28-4
workstation setup, 63-42
Mail routing event generators
creating, 52-7
Mail rules
forwarding, 28-9
journaling, 28-113
reloading, 28-21
setting server, 28-20
Mail servers
described, 26-1, 26-5
Mail storage
formats, 26-13
Mail templates
MAIL6EX.NTF, 32-11
Mail trace
troubleshooting with, 63-2
Mail tracking
configuring servers for, 33-8
from the Domino
Administrator, 33-10
overview, 33-1
troubleshooting with, 63-2
Mail Tracking Collector task
controlling, 33-5
Mail usage reports
described, 33-2
generating, 33-12
viewing, 33-16
Mail, dead
described, 28-41, A-39
Mail, undeliverable
releasing from server, A-39
returning, 28-37
MAIL.BOX databases
compacting, 63-43
corrupt, 63-43
described, 27-1
setting up multiple, 28-3 to 28-4
troubleshooting with, 63-2
undeliverable mail, 28-41
Mail/ID registration options
Windows NT and Notes, 17-11
Mail_Disable_Implicit_Sender_Key
setting
described, C-64
Mail_Log_To_MiscEvents setting
described, C-64
Mail_Skip_NoKey_Dialog setting
described, C-65

MAIL6EX.NTF
using, 32-11
Mailboxes
setting number of, 60-12
setting up multiple, 28-3 to 28-4
MailCharSet setting
described, C-61
MailCompactDisabled setting
described, C-63
MailCompactHour setting
described, C-63
MailConvertMIMEonTransfer setting
described, C-63
Mail-in Database document
creating, 48-5
statistics, 52-35
Mail-in statistics
using, 52-35
MailServer setting
described, C-64
MailSystem setting
described, C-65
MailTimeout setting, 28-37
described, C-66
MailTimeoutMinutes setting
described, C-66
Mailto
setting up, 36-9
Maintain Trends database record
request, F-30
Manage Groups tool
using, 6-16
Manager access
actions, 40-14
privileges, 40-16
Map_Retry_Delay setting
described, C-66
Maps
replication topology, 7-34
Master Address Book. See Directory
assistance
Maximum concurrent transfer
threads
setting, 28-33
Maximum delivery threads, 28-9
Maximum hops
setting, 28-33
Maximum message size
setting, 28-28
Maximum transfer threads
setting, 28-33, 60-11
Maximum Transmission Unit.
See MTU setting

Index-21

Meetings
troubleshooting, 63-45
Memory
displaying, A-32
Memory requirements
for servers, 60-3
Memory_Quota setting
described, C-67
Message caching
disabling, C-73
Message conversion
mail routing and, 27-1
Message delivery
configuring, 28-8, 60-11
Message filtering
using mail rules for, 28-20
Message headers
MIME, 28-131, 28-134
Message journaling. See Mail
journaling
Message priority level, 28-27
disregarding during
routing, 28-39
Message size
restricting, 28-28
Message tracking
configuring servers for, 33-8
controlling, 33-5
from the Domino
Administrator, 33-10
overview, 33-1
in Web Administrator, 16-27
Message transfer
controlling, 28-26, 28-33
Message validation
SSL, 46-1
Messages
disabling, A-22, A-44
encrypting for delivery, 28-9
MIB
overview, 53-7
using with SNMP, 53-21
Microsoft Active Directory
deleting users and groups, 17-42
directory assistance search
filters, 23-46
mapping containers to Notes
certifiers and policies, 17-32
mapping fields with Domino
Directory, 17-31
registering existing users, 17-35
registering new groups, 17-39
registering new users, 17-33
renaming users and groups, 17-41

Index-22

synchronizing with Domino


Directory, 17-25, 17-38
Microsoft IIS
setting Domino to work
with, 35-3
Microsoft Management Console
Notes registration and, 17-29
MIME messages
8-bit and ESMTP, 28-96,
28-103 to 28-104
converting, 28-122
converting addresses in, 27-50
converting to Notes format, 27-1
Domino mail server and, 26-3
encrypting, C-100, C-101
setting character set options
for, 28-118
setting options for
processing, 28-115
Minimal logging, 28-7
MinNewMailPoll setting
described, C-67
Miscellaneous Events view
corruption messages, 58-25
Mixed-release environments
log file analysis, 56-7
MMC
Notes registration and, 17-29
Mobile directory catalogs
described, 24-3
multiple, 24-33
setting up, 24-34 to 24-35
Modem command files
described, 4-34
modifying, 4-49
troubleshooting, 63-48
Modems
displaying input/output, C-121
logging modem I/O, 63-48
number to use, 4-33
troubleshooting, 63-48
Modify CA Configuration in Domino
Directory request, F-30
Modify ID recovery information in
Domino Directory
request, F-30
Modify room/resource in Domino
Directory request, F-31
Modify user information stored in
Domino Directory
administration request, F-31
Monitoring
checklist for, 63-6
database cache, 61-10

database size, 61-13


events, 52-22, 52-24
events and statistics, 52-2
headline, 38-16
mail, 26-17
overview, 52-1
performance, 52-36
server activity, 54-17
server connections, 52-6
server tasks for, 52-1
Server.Load metrics, 62-10
setting preferences for, 16-8, 52-25
statistics, 52-9, 52-31
threshold values, in Server Health
Monitor, 54-10
tools, 52-1 to 54-2
Monitoring Configuration database
described, 52-1
document types, 52-2
location, C-83
viewing statistics in, 52-32
wizards for, 52-13
Monitoring Results database
described, 52-1
performance statistics and, 52-36
Move mail file
administration requests, F-31
Move roaming user
administration requests, F-42
Move_Mail_File_Expiration_Days
setting
described, C-67
MT Collector task
controlling, 33-5
described, 33-1
MTA servers
and interoperability with other
mail systems, 26-14
MTC task
controlling, 33-5
described, 33-1
MTCDailyTasksHour setting
described, C-68
MTMaxResponses setting
described, C-68
MTU setting
troubleshooting, 63-68
Multilingual applications
setting up Web for, 34-32
Multiple replicators
and scheduled replication, 7-30
Multiple-password IDs
described, 39-6

Multi-user client installation, 5-46


MX records
described, 26-25
examples, 26-27

N
NABRetrievalPOP3Mail command
described, I-18
NABUpdate command
described, I-18
NAMAGENT.NSF
Server.Load agents, 62-4
Name and Address Book. See
Domino Directory
Name change
refusing, F-56
Name lookups
restricting, 27-47
restricting to primary
directory, 28-40
Name resolution in IPX
troubleshooting, 63-72
Name resolution in NRPC
described, 2-4
ensuring DNS resolves, 2-16 to
2-17, 2-19, 2-22
over IPX/SPX, 2-30
over NetBIOS, 2-28
over TCP/IP, 2-11, 2-15, 2-44
troubleshooting, 63-66
Name services
Microsoft, 2-13
NetWare, 2-30 to 2-32,
2-61 to 2-62
Notes, 2-4
Name-and-password
authentication, 42-8, 46-15
customizing, 42-3
directory assistance and, 23-3
Internet/intranet clients
and, 28-60, 31-2, 42-1
LDAP service and, 20-12, 20-31
level, 42-19
session-based, 42-6, 42-8, 42-10
setting up users, 42-3
virtual servers, 3-42
Names
changing, 5-56 to 5-57
for Policy documents, 9-32
for servers, 2-15, 2-17, 2-19,
2-22, 59-10,
Internet authentication and, 31-24
NDS, 2-62

server, deleting, 59-8


server, finding, 59-11
Names setting
described, C-68
NAMES.NSF, 19-1
customizing, E-22
NAMESPACE command
enabling support
for, 31-12 to 31-13
Naming contexts. See Naming rules
Naming conventions
ACL, 40-4
Domino system, 1-12
hierarchical, 1-3
Notes named networks, 2-33
ports, 2-38
Program documents, B-2
servers, 2-14, 2-29, 2-31 to 2-32
Naming rules
directory assistance, 23-12
LDAP service and, 23-17
trusted, 23-14
NAT
using, 2-18
Navigate command
described, I-18
NDS
Domino server and, G-1
Notes workstations and, G-5
NOTES.INI setting, G-7
passwords, C-75
server names and, 2-32
specifying distinguished
names, 2-62
user IDs, C-75
NDS objects
Domino server, G-1 to G-2
managing, G-4
Nested groups
database authorization, 23-7
NetBIOS
integrating Domino with, 2-26
name resolution in, 2-28
Notes port for, 2-34 to 2-36,
2-38 to 2-42, 2-58, 2-60
setting up servers for, 2-32, 2-58
Netscape
trusted root, 46-11
Web Administrator and, 16-23
NetWare
name services, 2-30 to 2-32,
2-61 to 2-62
NetWare Administrator
Domino and, G-2, G-4

NetWareSocket setting
described, C-70
NetWareSpxSettings setting
described, C-70
Network Address Translation.
See NAT
Network connections
dropping, I-9
testing, 63-77
tracing, 63-77, A-59, C-76
Network Dialup
encrypting Connection
documents, 4-46
setting up servers to use, 4-36
troubleshooting, 63-74
Network ports
adding, 2-36, 2-60
binding to IP
addresses, 2-46 to 2-47
compressing data on, 2-42
configuring, 2-35, 2-58
deleting, 2-40
disabling, 2-34
encrypting, 2-41
fine-tuning, 2-34
renaming, 2-38
reordering, 2-39, 2-45
Server Setup program and, 2-2
TCP/IP, 2-12, 2-22
Network protocols
compatible with Domino, 2-2
defined, 2-1
specifying, 4-16
Networks
integrating Domino
with, 2-1, 2-10, 2-26, 2-29
name resolution, 2-4, 2-11
NOTES.INI settings, 2-64
security, 2-6 to 2-7
NewMail command
described, I-19
NewMailInterval setting
described, C-70
NewMailTune setting
Incoming Mail Sound
setting, C-44
NewReplicateDB command
described, I-19
NewUserServer setting
described, C-71
NIS
preventing problems with, 2-56
NNN. See Notes named networks

Index-23

No access
assigning, 40-14
privileges, 40-16
No_Force_Activity_Logging setting
described, C-72
NoDesignMenu setting
described, C-71
NoExternalApps setting
described, C-71
NoMailMenu setting
described, C-72
NoMsgCache setting
described, C-73
Nonroaming users
change to roaming, 5-70
Normal logging, 28-7
Note ID
finding documents by, 63-20
table of, I-12
NoteAdd command
described, I-20
Notes
registering Windows NT users,
17-1, 17-8, 17-12, 17-14
synchronizing with
Windows NT, 17-2 to 17-3
Notes client
authentication with directory
assistance, 23-6
authentication with directory
catalogs, 24-11
connecting to servers, 4-55
directory servers, 19-15
directory services, 18-10
installation in a shared
directory, 5-43
LDAP service and, 20-34
Notes Direct Dialup
Connection documents, 4-35
described, 4-34
setting up, 4-44
Notes domains. See Domino domains
Notes IDs
about, 39-1 to 39-2
Notes items
sending in Internet message
headers, 28-134
Notes mail
condensed Directory Catalogs
and, 24-29
directory assistance and, 23-8
directory catalogs and, 24-1,
24-3 to 24-4, 24-14

Index-24

Notes name lookups


directory search order, 18-17
Notes Name Service
described, 2-4
Notes named networks
defined, 2-3
mail routing and, 26-18
setting up, 2-33
Notes names
LDAP directories and, 23-49
Notes network ports. See Network
ports
Notes protocols
mail routing and, 26-3, 26-19,
27-4, 27-20, 27-32, 28-50
Notes Remote Procedure Call
service. See NRPC service
Notes rich text format
in mail messages, 26-13, 27-1
Notes RPC. See NRPC service
Notes templates
table of, D-1
Notes workstations
configuring for NDS, G-5
NOTES.INI file
adding settings, A-25
editing, 16-27, C-1
NOTES.INI settings
Agent Manager, 60-6
database maintenance, 58-41
database organization, 49-6
database performance, 60-9, 61-29
Domain Search, 10-23
iNotes Web
Access, 32-8 to 32-9
LDAP service, 20-41
log files, 56-2
mail, 63-43
NDS, G-7
networks, 2-64
scheduling server tasks, B-2
schema daemon, 21-21
server performance and, 60-4
UNIX server, 60-14
NotesBench
described, 60-2
Novell Directory Service. See NDS
NRPC
mail routing and, 26-3, 26-17
troubleshooting, 63-55
NRPC Mail Initialization Workload
script
sample, J-8

NRPC service
binding to an IP address, 2-46
default TCP port, 2-55
described, 2-2
encrypting, 2-41
name resolution in, 2-4, 2-11, 2-15
to 2-17, 2-19, 2-22, 2-28, 2-30
NSD log file
troubleshooting
and, 63-96, 63-101
NSF_Buffer_Pool_Size setting
described, C-73
NSF_DbCache_Disable setting
described, C-74
NSF_DbCache_Maxentries setting
described, C-74
Null modems
troubleshooting, 63-51
Num_Compact_Rename_Retries
setting
described, C-74
NWNDSPassword setting
described, C-75
NWNDSUserID setting
described, C-75

O
Object class hierarchy
described, 21-1
Object classes
adding to schema, 21-14
described, 21-1, 21-3
extending, 21-11
for Group documents, 21-5
for Person documents, 21-4
Object collect task
use in generating shared mail
statistics, 29-13
use in resynchronizing mail
files, 29-22
Object Link command
use in managing shared mail, 29-15
Object Request Broker. See Domino
ORB
Object store
defined, 29-1
managing growth
of, 29-10 to 29-11
Offline Security Policy document
creating, 11-7
Offline Subscription Configuration
profile document
creating, 11-11

editing, 11-11
Offline subscriptions
overview, 11-1
Offline users
security, 11-7
tracking, 11-22
OID for LDAP
described, 21-12
On-demand cross-certificates, 39-32
Online Meeting Place
in the Resource Reservations
database, 8-9
Open command
described, I-20
Open relays
defined, 28-76
preventing, 28-76
OpenView for Windows
and SNMP traps, 53-21
ORB. See Domino ORB
Organization certifier IDs, 1-8
creating, 3-34
Organization hierarchy
moving user names in, 5-61
Organizational policies
described, 9-2
Organizational unit
certifier IDs, 1-8
creating, 3-35
Organizational units
Internet, 45-2
restricting mail based
on, 28-55
Organizations
restricting mail based
on, 28-55
OS/2
error codes, 63-100
troubleshooting, 63-100
OS/390. See zOS
OtherDomainServers group
access level, 7-6, 40-3
described, 6-1
directory catalogs and, 24-20
Over quota enforcement
configuring, 28-17

P
Packing density
condensed Directory
Catalogs, 24-31
Partitioned servers
described, 1-6
in a hosted environment, 12-2

IP addresses and, 2-21, 2-50, 2-53


multiple Web sites
and, 2-49, 34-20
performance, 60-5
port mapping, 2-53
removing, 59-13
SNMP and, 53-9
troubleshooting, 63-78
Passthru connections
activity logging through, 57-9
hangup delay setting, C-76
troubleshooting, 2-12, 63-79
Passthru HTML, 34-2
Passthru servers
as application proxies for
NRPC, 2-8
configuring, 4-27
Connection documents, 4-29
controlling access to, 38-17
creating a topology, 4-25
described, 4-23
destination servers and, 4-28
topology example, 4-26
using with hunt groups, 4-24
Passthru_Hangup_Delay setting
described, C-76
Passthru_LogLevel setting
described, C-76
Password quality scale
described, 39-7
levels, 39-4
Password recovery. See IDs,
recovering
Passwords
assigning, 39-4, 39-8, 42-3
change intervals for, 39-10
changing, F-6
checking during authentication,
39-8, 39-12, F-60
console, A-26
Directory Assistance
documents, 23-44
IDs and, 39-4
Internet, 42-24
for key ring file, 45-2, 46-22
multiple, 39-6, 39-13
NDS, C-75
recovering. See IDs, recovering
server console, C-92
troubleshooting, 63-104
verifying, 39-8, 39-11
Pause command
described, I-21

PC-Pine client
configuring, 31-39
PEER Agent
and SNMP Agent, 53-14
Peer-to-peer topology
example of, 4-11
replication and, 4-8
People
registering Internet/intranet, 42-3
Performance
database cache and, 61-9
directory catalogs, 24-18, 24-20,
24-27, 24-30
Domino Directory, 19-1
Domino Performance Zone Web
site, 60-1
encryption and, 43-4
improving, 60-1, 60-3, 61-12
LDAP service, 20-28
mail, 26-17 28-3, 28-6
mail routing, 28-2
monitoring, 52-36
networks, 2-42
optimizing, 61-1, 61-3
Server Health Monitor, 54-12
sources for improving, 60-15
tools, 60-2
troubleshooting, 63-16
tuning disk I/O, 60-15
UNIX server, 60-14
view indexes and, 58-23
Web server, 34-52
Windows server, 60-13
Person documents
changing during
synchronization, 17-5
IMAP users and, 31-23
Internet Address
field, 27-50, 27-53
mail routing and, 26-10
object classes for, 21-4
password checking, F-60
POP3 users and, 30-7
SSL clients, 47-20
Personal Address Book
missing views and, 63-42
PhoneLog setting
described, C-76
PHP
configuring a Web site for, 34-40
Pin lists
creating, 54-32
Ping, 27-38
troubleshooting and, 63-77

Index-25

Pipelining commands
supporting via ESMTP, 28-96,
28-103 to 28-104
PKCS11_Library setting
described, C-77
Platform command
described, A-16
using, 52-28
Platform statistics
disabling, 52-30, C-77
displaying, 52-27
evaluating, 52-28
overview, 52-26
troubleshooting, 63-52
viewing, 52-30
Platform_Statistics_Disabled setting
described, C-77
Policies
assigning, 9-6, 9-40
child policy, 9-4, 9-34
creating, 9-7
examples, 9-4
exceptions, 9-3
for hosted organizations, 9-7, 12-4
with Notes synchronization, 17-6
overview, 9-1
planning, 9-6
troubleshooting, 63-109
types of, 9-2
viewing, 9-37 to 9-38
Policy documents
child policy, 9-34
creating, 9-32
deleting, 9-35
in a hosted environment, 13-4
names in, 9-32
Policy hierarchy
effective policy, 9-36
examples, 9-4
Policy settings
deleting, 9-35
described, 9-1
desktop, 9-14
editing, 9-35
groups, 6-9
inheritance, 9-4
registration, 9-7
security, 9-19
setup, 9-12
viewing, 9-38
in Web Administrator, 16-25
Policy Synopsis tool
using, 9-36

Index-26

Policy viewer
described, 9-37
using, 9-38
Policy-based registration
with Notes synchronization, 17-6
POP3 Initialization Workload script
running, 62-27
sample, J-14
POP3 protocol
Domino mail server and, 26-5
in a hosted environment, 12-13
POP3 service
authentication and, 30-2
binding to an IP address, 2-47
changing default port
information for, 30-3
clients, 30-11
described, 30-1
DNS lookups, C-78
Internet domain names, C-79
mail commands, I-18, I-23
marking messages as read, C-79
message caching, C-78 to C-80
Notes port for TCP/IP, C-80
setting up, 30-2
starting, 30-3
updating configuration, C-78
POP3 users
activity logging, 57-10
allowing SMTP relays from, 28-82
creating mail files for, 30-10
enabling to send mail, 30-1
setting up, 30-7
POP3 Workload script
described, 62-26
running, 62-28
sample, J-14
POP3_Disable_Cache setting
described, C-78
POP3_Enable_Cache_Stats setting
described, C-79
POP3_Message_Stat_Cache_NumPer
User setting
described, C-80
POP3ConfigUpdateInterval setting
described, C-78
POP3DNSLookup setting
described, C-78
POP3Domain setting
described, C-79
POP3MarkRead setting
described, C-79
POP3NotesPort setting
described, C-80

Populate command
described, I-21
Port mapping
on partitioned servers, 2-53
Portals
creating for iNotes Web
Access, 32-3
portname_MaxSessions setting
described, C-80
troubleshooting
and, 63-59 to 63-60
Ports
adding, 2-36, 2-60
binding to IP
addresses, 2-46 to 2-47
cluster servers and, C-91
compressing data on, 2-42
configuring, 2-35, 28-66, 30-3, 31-5
controlling access to, 38-14
deleting, 2-40
disabling, 2-34
dropping connections, I-9
enabling, C-81
encrypting, 2-41
for LDAP service, 20-12
maximum sessions, C-80
names, 2-38
renaming, 2-38
reordering, 2-39, 2-45
Server Setup program
and, 2-2
SMTP, C-104
specifying, 4-16
SSL, 46-15, 2-55
starting and stopping, A-22
TCP, 2-55, C-110 to C-111
Ports setting
described, C-81
Ports, communication
options, 4-47
setting up, 4-34
POST command
restricting, 34-29
Pre-delivery agents
controlling, 28-9
Preferences
Domino Administrator, 16-5, 16-7
to 16-9, 16-11
Web Administrator, 16-24
Primary Domino Directory
changing to Configuration
Directory, 19-5
directory assistance
for, 23-26, 23-33

excluding from LDAP


searches, 23-27
Extended Directory Catalog
in, 24-28
preventing use as remote
primary, 19-8
Priority
mail routing and, 28-27
Private design elements
notifying user of change to, 5-57
Private keys
encryption and, 43-1
Notes certification, 39-2
Privileges
access level, 40-16
extended ACL, 25-3, 25-5
Probes. See Event generators
Profiles
Activity Trends, 54-22 to 54-25
Server Health Monitor, 54-13
Server monitor, 52-43, 54-13
statistic, 52-39
Program document
to compact ADMIN4.NSF, 15-27
naming conventions for, B-1
for scheduling Updall, 50-5
ProgramMode setting
described, C-81
Progressive rendering
Web images and, 34-24
Properties boxes
shortcut keys, H-5
Proxies
defined, 2-7
Domino passthru servers as, 2-8
HTTP, 2-7
Internet connections and, 4-22
specifying for Server Web
Navigator, 36-3
PTR records
in DNS, 28-71
Public access, 40-18
assigning, 40-18
Public Address Book, 19-1
passthru access, 38-17
server access, 38-4
Server documents, 39-25
Public documents, 40-18
access to, 40-18
Public folders
IMAP, 31-13, 31-15
Public keys
copying, 58-26, 63-96, F-6
creating, 39-23 to 39-24

cross-certification and, 39-33


described, 38-1, 39-2
encryption and, 43-1, 43-4
lost or stolen, 39-22
mailing, 39-25
replacing in address book, 39-23
restricting, 44-12
verifying, 39-25
Publishing
to database libraries, 51-3
LDAP schema, 21-20
PUBNAMES.NTF
copying, E-4
customizing, E-1
upgrading, E-22
Pull routing
configuring for dialup
connections, 27-60
Pull server command, 7-31
described, A-17
Pull-only replication
specifying, 7-23, C-95
Purge agent
enabling, 36-17
Server Web Navigator, 36-15
Purge interval
deletion stubs and, 7-12
setting, 28-33
Purge/Compact
method for managing size of Mail
Journaling database, 28-112
Push server command
described, A-19
Push-only replication
specifying, 7-23, C-95

Q
Quick console
Web Administrator and, 16-26
Quit command
described, A-20, I-22
Quotas
database, 61-23 to 61-24
enforcing, 28-16
mail, 28-10 to 28-11, 28-15
memory, C-67
replication and, C-13, C-83
setting Router controls for, 28-17
soft deletions and, 28-14
Quotas, mail
shared mail and, 29-4

R
R5 IMAP Initialization Workload
running, 62-17
R5 IMAP Workload script
described, 62-15
running, 62-18
sample, J-6
R5 NRPC Mail Initialization script
running, 62-21
R5 Shared Database script
described, 62-24
running, 62-25
sample, J-12
R5 Simple Mail Routing script
described, 62-20
running, 62-23
sample, J-9
RA. See Registration Authority
Ratings
Server Health Monitor, 54-5
Read command
described, I-22
Reader access
actions, 40-14
privileges, 40-16
Readers field
updating, 40-29
Realms
authentication and, 63-104
Receipts
configuring Internet, 28-116
Recertify Certificate Authority in
Domino Directory
administration request, F-47
Recommendation documents
Web Navigator
database, 36-11
Recovery. See IDs, recovering
Redirect URL command
finding links with, 34-27
Referrals
LDAP service and, 20-33, 23-11
Refresh agent
enabling, 36-18
using, 36-18
Register hosted organization
administration requests, F-48
Registration
customizing options, 17-8
existing Active Directory
users, 17-35
group member in Notes, 17-18

Index-27

hosted organizations, 13-5,


13-8, 13-11
IMAP users, 31-23
Internet/intranet users, 42-3
Microsoft Management Console
and, 17-29
new Active Directory
groups, 17-39
new Active Directory
members, 17-33
setting preferences, 16-9
from a text file, 5-22
Windows NT
users, 17-1, 17-8, 17-12, 17-14
Registration Authority
tasks, 44-4
Registration policy settings
creating, 9-7
Registration settings documents
with Notes synchronization, 17-6
Relay hosts, 28-85
configuring, 27-58
defined, 27-8
restricting, 28-75 to 28-76, 28-81
using multiple, 27-33
Remote connections
setting up, 4-36
troubleshooting, 63-48
types of, 4-34
Remote console
Web Administrator and, 16-26
Remote primary directories
described, 18-2 to 18-3
preventing as, 19-8
how servers locate, 19-7
Remote server console
entering server commands, A-1
Remote servers
number of modems for, 4-33
topology, 4-3
topology example, 4-14
Remove certificate from Domino or
LDAP Directory request, F-49
Rename person
refusing name change, F-56
Rename Web user administration
requests, F-57
Repl_Error_Tolerance setting
described, C-82
troubleshooting and, 63-80
Repl_Obeys_Quotas setting
described, C-83
Replica IDs
assigning access by, 40-10

Index-28

Replica stubs
described, 63-88
troubleshooting, 63-89
Replicas
access levels, 7-6
concurrent changes to, 58-8
controlling changes, 40-5
controlling creation of, 38-14
copying to servers, 48-2
creating, 7-9, F-8, I-19
creating for multiple
domains, F-77
deleting, 58-36
deleting documents from, 7-12
deletions, 63-89, 63-90
described, 7-1
limiting content, 7-12, 7-16
size of, 63-87
Replicas, directory
directory assistance
and, 23-20, 23-36
Replicate command
described, A-20, I-22
Replicate server command, 7-31
Replication
access levels, 7-6
activity logging, 57-10
CD-ROM updates, 7-17
customizing, 7-11, 7-22
database design and, 63-86
deleted documents, 7-7
described, 7-1, 7-3
direction, 7-23
directory catalogs, 24-32
disabling, 7-16, 7-32, 63-89
document size and, 7-14
from Domino
Administrator, A-19
Domino Directory, 19-17
editing conflicts, 63-91
enabling, 7-32
end-to-end topology, 4-8
enforcing consistent ACL, 40-28
error tolerance setting, C-82
examples, 7-19
forcing, 7-33
full-text indexes, 50-1
graphical display of
topology, 7-34
history, 58-6, 58-7
limiting time for, 7-29
log file, 58-8
manual, 7-31
monitoring, 58-6

multiple replicators, 7-30


NewReplicateDB
command, I-19
non-document elements, 7-15
one-way, A-17, A-19
preventing, 7-31, C-94
priority, 7-26, 7-28
Replicate command, A-20
scheduling, 7-24
selective, 7-12, 11-22, 15-27
server, I-22
setting up, 7-20
settings, 7-17 to 7-18
specific databases and, 7-27
specifying a group of
servers, 7-20
specifying dates, 7-13
statistics, 63-80
strategies, 4-6, 4-8
time limits, C-82
troubleshooting, 63-80
Web applications, 11-22
Replication conflicts
consolidating, 58-10
described, 58-8
Replication events
troubleshooting with, 63-2
Replication formulas
using, 7-14
Replication history
directory catalogs, 24-39, 24-45
specifying dates, 7-13
troubleshooting
with, 63-2, 63-80, 63-85
Replication priority
assigning, 7-16
Replication topology
binary tree, 4-9
clusters, 4-8
end-to-end, 4-8
hub-and-spoke, 4-6
peer-to-peer, 4-8
ring, 4-8
troubleshooting and, 63-80
viewing, 7-34
ReplicationTimeLimit setting
described, C-82
Replicator task
running concurrently, C-82
Replicators setting
described, C-82
Reply addresses
in Internet mail, 27-52

Report_DB setting
described, C-83
Reporter task
sending statistics, C-83
Reports
directory catalog, 24-49
mail usage, 33-2
REPORTS.NSF (Reports database)
creating, 33-4
ReportUseMail setting
described, C-83
Requests
managing certificate, 46-20
Web server, 34-55
Resent headers
using, 28-131
Reservations
deleting, 8-17
editing, 8-17
Resource balancing
in Activity Trends, 54-26
in Activity Trends,
setting up, 54-27
additional statistics, 54-46
analyzing distributions, 54-37
approval profile for, 54-59
charting options, 54-28
comparing, 54-39
creating plan constraints, 54-62
customizing, 54-36
database and server
locations, 54-27
database
moves, 54-32, 54-53, 54-55
and decommissioning a
server, 54-43
and Domino Change
Manager, 54-48 to 54-49
editing server properties, 54-43
evaluating server activity, 54-39
filtering servers, 54-45
goals, 54-30, 54-31
interpreting profile charts, 54-41
overview, 54-34
plan constraints explained, 54-61
plan documents for, 54-53, 54-57,
54-60 to 54-64
plan variables, 54-63
proposals for, 54-38, 54-47
viewing, 54-47
Resource document
creating, 8-9
editing and deleting, 8-13
plan notification messages, 54-64

Resource Reservations database


access rights, 8-8, 8-16
creating, 8-7
in a hosted environment, 14-12
synchronizing with Domino
Directory, F-5
troubleshooting, 63-46
using with a Web browser, 8-16
Resources
modify in directory request, F-31
troubleshooting, 63-45
types of, 8-9
Response hierarchy
performance and, 61-5
Response Log documents, 15-36
Response time
server, 60-3
Restart port command
described, A-22
Restart server command
described, A-23
Restart Task
described, A-23
Results database
database analysis, 58-38
from decommissioning a
server, 59-3
log events, 56-5, 56-7
RetrievePOP3Mail command
described, I-23
Retry interval
setting, 28-33
Return receipts
configuring, 28-116
Return-Receipt-To header
configuring for return
receipts, 28-116
Reverse DNS lookups
use in controlling inbound SMTP
sessions, 28-71
Rewind command
described, I-23
Rewind2 command
described, I-24
RFCs
LDAP service, 20-42
Ring topology
replication and, 4-8
Roaming files
moving, 5-77
Roaming users, 5-9
change from nonroaming, 5-70
change to nonroaming, 5-69
deleting, F-21

move request, F-42


registering, 5-13
updating from non-roaming, F-66
Roles, 40-20
creating, 40-21
Domino Directory, 19-10
troubleshooting, 63-20
Web Administrator
and, 16-20 to 16-21
Room resources
in the Resource Reservations
database, 8-9
modify in directory request, F-31
setting up, 8-9
Root DSE
searching, 21-20
Roots
default trusted, 46-11
Route command
unscheduled mail and, A-24
Router task
described, 26-6
reloading configuration of, 27-22
server crashes and, 63-100
stopping and starting, 27-4
RouterAllowConcurrentXFERToALL
setting
described, C-84
transfer threads and, 28-36
RouterDisableMailToGroups setting
described, C-84
RouterDSNForNULLReversePath
setting
described, C-85
RouterEnableMailByDest setting
described, C-85
Routers
configuring delivery
by, 28-8 to 28-9
connection costs and, 28-53
described, 26-8, 26-21, 27-1
mail file quotas
and, 28-16 to 28-17
MAIL.BOX databases and, 28-3
obeying database quotas, 28-10
shutting down, 27-5
SMTP, 27-37
Tell commands, A-54
TRACERT command and, 63-67
updating configuration, 27-22
Routing costs
setting, 28-39, 28-53
Routing table
described, 26-10

Index-29

recalculating, 27-22
Routing task
described, 27-1
Routing. See Mail routing
RSA
trusted root, 46-11
RSVP
command for, I-24
RSVPInvitation command
described, I-24
RTR_Logging setting
described, C-86
Rules
mail, 28-113

S
S/MIME
encrypted, 47-13 to 47-15
setting up clients for, 47-1, 47-13
Sametime
setting up for iNotes Web
Access, 3-14
Save conflicts
consolidating, 58-10
described, 58-8
Sched_Dialing_Enabled setting
described, C-86
Sched_Purge_Interval setting
described, C-86
Schedule Manager
statistics, C-87
Tell commands, A-55
troubleshooting, 63-47
validation settings, C-87
Schedule_Check_Entries_When_
Validating setting
described, C-87
Schedule_No_CalcStats setting
described, C-87
Schedule_No_Validate setting
described, C-87
Scheduled replication
troubleshooting, 63-80, 63-84
Scheduled reports
mail, 33-15
Schedules
replication, 7-24
viewing for replication, 7-34
Scheduling
example, 8-2
server programs, B-2
setting up, 8-5
troubleshooting, 63-45

Index-30

Scheduling Notes routing, 28-50


Schema
adding attributes, 21-13 to 21-14
adding syntaxes, 21-15
checking, 21-18 to 21-19
described, 21-1
Domino, 21-2
extending, 21-10, 21-17, E-3, E-7
to E-9, E-14, E-16, E-20
publishing, 21-20
root DSE searches, 21-20
viewing, 21-9
Schema daemon
described, 21-5
NOTES.INI settings, 21-21
Schema database
deleting documents, 21-17
described, 21-7
extended ACLs and, 25-7
extending schema
with, 21-13, to 21-17
views, 21-8 to 21-9
Schema entry
searching, 21-20
Schema_Daemon_Breaktime setting
described, C-88
Schema_Daemon_Idletime setting
described, C-88
Schema_Daemon_Reloadtime setting
described, C-88
Schema_Daemon_Resynctime setting
described, C-89
SCOS. See Shared mail
SCRIPT.DAT file
UNIX installation, 3-7
Scriptable setup
setting up Notes with, 5-52
Scripts
commands, 4-53
editing acquire and login, 4-51
keywords in, 4-52
making a call with, 4-50
Server.Load, I-1
Search filters
Directory Assistance
documents, 23-46
Search forms
adding categories to, 10-10
bookmarks and, 10-18, 10-20
customizing, 10-18
Web clients and, 10-20
Search order
directories, 18-15 to 18-17
directory assistance, 23-16

Search results
access to, 10-12
filtering, 10-13
titles in, 10-19
Web server, 34-26
Searching
domains, 10-1
encrypted fields, 50-2
file systems, 10-9
SearchMax
number of documents to
display, 34-26
Secondary directories
directory services for, 18-12
LDAP service, 18-4
Secondary Domino Directory
Administration Process
support, 15-7
described, 23-1
directory assistance
and, 23-3, 23-8, 23-33
LDAP service, 23-10
name lookups, C-68
Secondary name servers
adding in Notes, 2-44
Secure_Disable_FullAdmin setting
described, C-90
SecureMail setting
described, C-90
Security
adding cross-certificates on
demand, 39-32
anonymous access, 42-25
application, 37-14
application design element, 37-15
authenticating
clients, 31-24, 46-25
certificates, 39-2
certifier IDs and, 1-9
database, 10-12, 40-19
database access for SSL
clients, 46-19
databases, 38-14
directory links, 49-1
Domino Directory and, 18-7, 19-9,
20-16, 20-22 to 20-23
Domino Off-Line Services, 11-7
encryption, 2-6, 43-1
encryption defined, 43-4
full-text indexes and, 50-2
ID recovery, 39-14, 39-17
IDs and, 37-16, 39-1
for Internet/intranet clients, 31-24
in a hosted environment, 12-3

iNotes Web Access, 32-1, 32-8


Internet passwords and, 42-24
Internet transactions and, 40-31
Internet/intranet clients, 42-27
keys, 39-2, 43-1
mail, 21-5, 28-68, 29-4
mail encryption, 43-7
mail journaling and, 28-110
name-and-password access, 42-19
name-and-password
authentication for Web
clients, 42-6
network, 2-6 to 2-7, 2-9
Notes IDs and, 39-1 to 39-2, 39-25
offline users, 11-7, 11-10
overview, 37-1
passwords, 39-4
planning, 2-6, 37-11
port access, 38-14
public and private keys, 39-2
public keys, 39-22, 43-4
renewing an expired
certificate, 46-21
server, 38-23
server key ring file, 46-3
Server Web Navigator, 36-8
setting up, 37-1
setting up a Domino 5 certificate
authority, 45-1
setting up a Domino CA
server, 45-1
setting up anonymous
access, 42-26
setting up clients for
S/MIME, 47-13
setting up clients for SSL client
authentication, 47-18
setting up clients for SSL server
authentication, 47-3
setting up Person documents for
Internet clients using SSL
client authentication, 47-20
setting up SSL server
authentication using
SMTP, 47-22
signatures and, 43-11
SNMP, 53-5
SSL, 46-1
SSL server certificate, 46-5
trusted root certificates, 47-3
verifying passwords, 39-8
verifying public keys, 39-25
virtual Web servers, 3-42
Web Administrator, 16-18

workstation, 41-1
Security policy settings
creating, 9-19
Selection formulas
directory catalogs and, 24-20
Selective replication
setting up, 11-22
Selective replication formulas
preventing replication of
ADMIN4.NSF, 15-27
Self subject
extended ACL, 25-11
Self-certified certificate, 46-22
Send copy to mail rule
disabling, 28-9
SendMessage command
described, I-24
SendSMTPMessage command
described, I-25
Server access
anonymous, 38-13
customizing, 38-7
data directory, 49-4
denying, 38-4, 38-7
passthru, 38-17
troubleshooting, 63-91
Server administrators
changing name of, 59-1
Server certificates
changing expiration date, 3-32
merging into key ring file, 46-12
Server Certificate Administration
requesting certificate, 46-5
setting up, 46-3
Server commands
Agent Manager and agents, 63-12
entering from the UNIX
command line, A-8
redirecting command
output to, A-2
table of, A-10
troubleshooting with, 63-2
Server comparisons
when decommissioning a
server, 59-5
Server console
commands, I-8
described, A-1
using at server, A-2
Server Console Configuration
document
settings in, 52-21
Server crashes
database indexes and, 63-99

fault recovery, 55-10


hosted organizations and, 14-11
troubleshooting, 63-96
Server documents
access lists, 38-2
build number in, F-47
CPU count field, F-64
creating for NDS, G-7
database creation, 38-14
directory catalogs and, 24-8
DNS resolves in NRPC and, 2-12
network settings in, 2-36
protocol field, F-66
specifying international
settings, 34-31
time-out settings for Web, 34-53
troubleshooting, 63-39
verifying public keys, 39-25
Server failures
customizing message for, 28-46
Server files
controlling Web browser access
to, 38-23
Server Health Monitor
configuring, 54-6
excluding servers, 54-15
overview, 54-2
performance of, 54-12
profiles, 54-13
ratings, 54-5
reports, 54-11 to 54-12
selecting server components, 54-9
setting up, 54-7
starting, 54-8
statistics, 54-3, 54-13, 54-16
threshold values, 54-10
using, 54-8
viewing in Domino server
monitor, 54-14
Server IDs
defined, 39-1
overview, 39-1
recertifying, 59-9
replacing, 63-96
security and, 39-25
server access and, 63-95
specifying, C-92
Server key ring files
creating, 46-3
Server monitor
adding a task, 52-43
adding servers, 52-44
changing default settings, 16-8
overview, 52-40

Index-31

profiles, 41-13, 52-44, 54-13


Server Health monitor, 54-2
starting, 52-41
using, 52-44
views, 52-41
Server names
deleting, 59-8
finding in domain, 59-11
IP names and, 2-14, 2-22
upgrading to hierarchical, 59-10
Server ports
access to, 38-14
Server programs
SSL and, 46-1
Server protocol information
updating, F-66
Server registration
administration requests, F-59
Server security, 38-23
Server setup profiles
creating, 3-21
silent, 3-25
using, 3-22
Server Statistic Collection
document
creating, 52-25
Server tasks
adding, 52-43
monitoring, 52-1, 52-44
running, B-1
scheduling, B-2
settings for, C-97 to C-98
SSL and, 46-1
status level, 52-42
table of, B-3
Server topology
planning, 1-2
Server Web Navigator
about the Averaging agent, 36-19
access to Internet services, 36-7
changing appearance of
pages, 36-12
controlling access to sites, 36-6
customizing, 36-6
described, 36-1
displaying authors, 36-12
displaying HTML source, 36-13
managing size of database, 36-16
moving out of data
directory, 36-14
private page access, 36-5
proxies, 36-3
renaming database, 36-14
retrieval settings, 36-6

Index-32

setting cache options, 36-18


setting up, 36-2
starting and stopping, 36-3
Server.Load
agents, 62-4
capacity planning with, 60-2
changing script variables, 62-10
described, 62-1
metrics, 62-7, 62-10
modifying built-in scripts, 62-11
setting stop condition, 62-10
setting up, 62-12
test parameters, 62-6
testing commands, 62-11
troubleshooting, 63-110
Server.Load scripts
built-in, 62-2, 62-11, 62-14 to
62-15, 62-20, 62-24, 62-26,
62-30 to 62-31
commands, 62-11, I-1
critical region, I-4, I-10
custom, 62-3, 62-11
list of, 62-2, J-1
loops, I-4 to I-5
pausing, I-21
restarting, I-23 to I-24
running, 62-3, 62-11, 62-14, 62-17
to 62-18, 62-21, 62-23, 62-25,
62-27 to 62-28, 62-30, 62-34
samples, J-1
stop conditions, 62-10
variables, 62-10
Server_Availability_Threshold
setting
described, C-91
Server_Cluster_Default_Port setting
described, C-91
Server_Console_Password setting
described, C-92
Server_Max_Concurrent_Trans
setting
described, C-93
Server_MaxSessions setting
described, C-93
troubleshooting
and, 63-59 to 63-60
Server_Restart_Delay setting
described, C-96
Server_Restricted setting
described, C-96
Server_Session_Timeout setting
described, C-96
Server_Show_Performance setting
described, C-97

Server-based certification authority


creating an Internet CA, 44-8
ServerKeyFileName setting
described, C-92
ServerName setting
described, C-94
ServerNoReplRequests setting
described, C-94
preventing replication with, 7-31
ServerPullReplication setting
described, C-95
ServerPushReplication setting
described, C-95
Servers
access, 38-2, 38-4
access levels for, 7-6, 40-13
access to databases, 7-5
adding hosted organizations
to, 14-2
adding to clusters, F-5
administering, 16-4
backing up, 63-7
capacity, 60-3
changing administrator of, 59-1
configuring for LANs, 2-19, 2-32,
2-43, 2-58, 2-61
configuring for NDS, G-6
connecting, 4-1, 4-4
database creation, 38-14
decommissioning, 54-43, 59-3,
59-12
delete requests
for, F-25, F-78, F-81
deleting hosted organizations
from, 14-3
Domain Search requirements,
10-2
editing properties for resource
balancing, 54-43
encrypting mail files, 43-8
environment for service
providers, 12-1
evaluating for resource
balancing, 54-39
filtering for resource
balancing, 54-45
functions, 1-2
Health reports, 54-11 to 54-12
hierarchical names, C-94
installing, for hosted
environments, 13-2
limiting replication time, 7-29
limiting transactions, C-93
managing, 59-1

maximum sessions, C-93


naming, 1-3, 2-14 to 2-17, 2-19,
2-29, 2-31 to 2-32
partitioned, 1-6, 2-21, 2-53, 59-13
passthru, 2-8, 4-23, 38-17,
password checking on, 39-12
performance, 60-3
performance tools for, 54-2
proxy, 2-7
recertifying, F-47
registering, 3-29
remote connections, 4-3, 4-34
removing from cluster, F-49
renaming, F-68, F-87
replicating groups of, 7-20
restarting, A-23, C-96
secondary name, 2-44
setup address, C-99
setup name, C-99
SSL connections, 46-18
swap file, C-109
time-out setting, C-96
topology, 4-6, 4-9
tracing connections, 63-77
troubleshooting mail
routing, 63-43
UNIX performance, 60-14
verifying public keys, 39-25
viewing health of, 54-14
Windows, performance, 60-13
Servers, external
access levels for, 7-7
Servers, partitioned
SNMP and, 53-9
ServerTasks setting
described, B-2, C-97
ServerTasksAt setting, B-2
ServerTasksAt2 setting, 50-4
ServerTasksAthour setting
described, C-98
Service providers
Activity Logging
for, 13-23 to 13-24
and DNS outages, 14-11
Domino features for, 12-4
environment example, 12-16
Global Web Settings documents
for, 13-21
mail and directory protocols
for, 12-13
managing users, 14-14
security for hosted
organizations, 12-3
server environment for, 12-1

server options, 12-2


setting up environment for, 13-1
using the Resource Reservations
database, 14-12
Web Administrator and, 16-26
Servlets
managing on Web server, 34-13
Sessions
closing, I-25
IMAP, 31-9, 31-19
opening, I-26
SessionsClose command
described, I-25
SessionsOpen command
described, I-26
Set Configuration command
described, A-25
troubleshooting, 63-91
Set directory filename request, F-60
Set Rules command
described, A-25
Set SCOS command
described, A-25
Set Secure command
described, A-26
Set Statistics command
described, A-27
Set user name and enable schedule
agent request, F-61
Set Web admin fields
request, F-61
Set Web user name and enable
scheduled agent, F-61
SetCalProfilecommand
described, I-26
SetContextStatus command
described, I-26
Setup policy settings
creating, 9-12
Setup profiles
creating, 3-21
silent, 3-25
using, 3-22
Setup program. See Domino server
Setup setting
described, C-98
Setup=AT command
troubleshooting and, 63-48, 63-51
SetupDB setting
described, C-99
SetupServerAddress setting
described, C-99
SetupServerName setting
described, C-99

Shared installation, 5-43


Shared mail
clusters and, 29-20
described, 29-1, 29-5
disabling, 29-25
excluding mail files, 29-17
including mail files, 29-17
linking mail files to, 29-15
managing, 29-11, 29-21
moving mail files and, 29-21
object store, 29-1
replicated mail files and, 29-19
restoring, 29-23
security, 29-4
settings, C-100
statistics, 29-13
troubleshooting, 63-39
using for transfer and
delivery, 29-8
Shared mail databases
deleting, 29-24
inactive, 29-2
purging obsolete messages
from, 29-22
setting up, 29-5, 29-9 to 29-11
using multiple, 29-2
Shared_Mail setting
described, C-100
Shell commands
using, A-3
Shortcut keys
for accessibility, H-1
for cursor, H-8
database, H-4
dialog box, H-5
document, H-6, H-7, H-8
Domino Administrator, H-3
properties box, H-5
views, 58-21, H-10
Show Allports command
described, A-27 to A-28
Show Cluster command
described, A-29
Show Configuration command
described, A-29
Show Directory command
described, A-30
Show Diskspace command
described, A-30
Show Heartbeat command
described, A-32
Show Memory command
described, A-32

Index-33

Show Opendatabases command


described, A-32
Show Performance command
described, A-33
Show Port command
described, A-33
Show Schedule command
described, A-34
Show SCOS command
described, A-35
Show Server command
described, A-36
Show Stat command
described, A-37
using, 52-28, J-4
Show Stat Platform command
described, A-38
using, 52-27
Show Tasks command
described, A-39
Show Transactions command
described, A-39
Show Users command
described, A-41
Show Xdir command
described, A-41
directory assistance and, 23-60
Signatures
described, 43-9
sent mail and, 43-11
Signing
databases and templates, 48-7
defined, 43-9
documents and mail, 43-9
dual Internet certificates
and, 47-17
Silent install
UNIX, 3-7
Single sign-on
configuring, 42-13 to 42-14, 42-18
configuring for a Web Site, 42-17
Domino and WebSphere, 42-12
troubleshooting, 63-106
Single-copy object store. See Shared
mail
Site documents. See Internet Site
documents
Site Profile document
creating, 8-9
Size
attachments, 7-14
Console Log file, C-16
database, 61-12 to 61-13
database cache, 61-9, C-74

Index-34

Extended Directory
Catalog, 24-26
increasing database, 61-23
index, 50-3
Java heap, C-46 to C-47
Java stack, C-48
mail file, 28-11
MIME message, C-40
NSF buffer pool, C-73
replica, 7-12, 63-87
Server Web Navigator
database, 36-16
transaction log, C-113
SIZE extension
enabling, 28-96, 28-103 to 28-104
Size quotas
database, 61-23 to 61-24
mail, 29-4, 28-10, 28-15 to 28-16,
28-28, 28-55
Smart hosts
for mail routing, 27-5, 27-43
SMIME_Strong_Algorithm setting
described, C-100
SMIME_Weak_Algorithm setting
described, C-101
SMTP
activity logging, 57-10
binding to an IP address, 2-47
changing default port
information
for, 28-58, 28-60, 28-66
IMAP clients and, 31-1
in local Internet domain, 27-39
mail commands, I-25
requirements for routing, 28-2
restricting inbound connections,
28-71, 28-75
setting up SSL server
authentication, 47-22
setting up SSL server
authentication for Notes and
Domino using, 28-68
using inside the local Internet
domain, 26-23
using outside the local Internet
domain, 26-24, 27-38
SMTP addresses
inbound lookup, 27-47
SMTP configuration
updating, 27-65
SMTP connection documents
creating, 27-34
SMTP Initialization Workload script
running, 62-27

sample, J-14
SMTP Listener task
enabling or disabling, 27-41
starting and stopping, 28-57
SMTP protocol
DNS and, 26-25
Domino mail server and, 26-3
mail routing and, 26-21, 27-37
SMTP routing
configuring multiple relay
hosts, 27-58
customizing, 28-57
relay hosts and, 27-33
SMTP Workload script
described, 62-26
running, 62-28
sample, J-14
SMTP_Config_Update_Interval
setting
described, C-102
SMTPAllHostsExternal setting
described, C-101
SMTPDebug setting
described, C-102
SMTPDebugIO setting
described, C-103
SMTPExpandDNSBLStats setting
described, C-103
SMTPGreeting setting
described, C-104
SMTPMaxForRecipients setting
described, C-105
SMTPMTA_Space_Repl_Char setting
described, C-105
SMTPNotesPort setting
described, C-104
SMTPNoVersionInRcvdHdr setting
described, C-104
SMTPRelayAllowHostsandDomains
setting
described, C-106
SMTPSaveImportErrors setting
described, C-106
SMTPStrict821AddressSyntax setting
described, C-107
SMTPStrict821LineSyntax setting
described, C-107
SMTPTimeoutMultiplier setting
described, C-108
SMUX protocol
and SNMP Agent, 53-14
Snap-in registry values
configuring, G-3

SNMP
Domino events, 53-4
floating-point support, 53-7
INI file configuratrion, 53-9
MIB, 53-5
on partitioned servers, 53-9
overview, 53-1
security, 53-5
traps, 53-21 to 53-23
troubleshooting, 53-10
using Domino MIB with, 53-21
SNMP Agent
alerts, 53-2
Sockets
IPX/SPX addresses and, 2-62
SOCKS proxy
connecting Server Web Navigator
through, 36-3
Soft deletions
defined, 61-8
effect on quotas, 28-14
expiration time, 61-8, F-70
Solaris
configuring partitioned
servers, 2-51
configuring SNMP Agent
for, 53-14
Soundex
directory catalogs and, 24-30
Space Saver settings
in Administration Requests
database, 15-27
Spamming
preventing, 28-20, 28-70, 28-75,
28-90, C-101
Spoofing
preventing, 28-71
SPX. See IPX/SPX
SSL
authenticating clients, 9-37, 28-60,
31-2, 31-6, 46-25,
Certificate Authority server
and, 45-5
client authentication, 47-18
creating a self-certified key
ring, 46-22
database access for clients, 46-19
default Domino trusted
roots, 46-11
features, 46-1
forcing connections, 46-18
in a hosted
environment, 12-4 to 12-13
Internet security and, 40-31

LDAP directories and, 23-43


LDAP lookups, 47-23
LDAP service and, 20-12
merging certificates, 46-9
merging server certificates, 46-12
NOTES.INI settings, 46-19
overview, 46-1
passwords, 42-3, 42-24
Person documents for client
authentication, 47-20
resuming sessions, 46-19
server authentication and, 47-3
server authentication using
SMTP, 47-22
server certificate request, 46-5
server tasks, 46-1
setting up clients for, 47-1
setting up for Web
Navigator, 36-8
setting up test site, 46-22
virtual servers and, 3-42
SSL certificates
client, 47-3, 47-21
creating a Certificate
Authority, 45-2
marking as trusted root, 46-21
publishing in Person
records, 47-21
removing trusted roots, 46-21
renewing, 46-21
viewing information, 46-20
SSL ciphers
restricting, 46-23
SSL key rings
creating a key ring and certificate
request, 45-2
creating a self-certified key
ring, 46-22
SSL server authentication
setting up clients for, 47-3
SMTP, 28-96, 34-23, 47-22
trusted root certificate for, 47-3
SSL servers
protocol version, 46-15
setting up application, 46-3
setting up on server, 46-2
setting up test site, 46-22
SSL_Resumable_Sessions setting
described, C-109
SSL_Trace_KeyFileRead setting
described, C-109
SSLCipherSpec setting
described, C-108

Stamp command
described, I-26
Start Consolelog command
described, A-43
Start Port command
described, A-44
STARTTLS extension
enabling for SMTP, 28-68
enabling for SMTP
inbound, 28-96
Stash files
setting up for SSL, 46-5
Statistic alarms
reporting, 52-9
for Server Health Monitor, 54-10
Statistic Collector
Tell commands, A-57
Statistic Collector task
described, 52-24
Statistic documents
creating, 52-32
Statistic event generator
creating, 52-9
Statistic profiles
charting, 52-37
creating, 52-31, 52-36
modifying, 52-39
Statistic thresholds
viewing, 52-32
Statistics
Activity Trends, 54-22
Administration Process, 15-35
charting, 54-16, 54-25, 52-36
creating documents for, 52-32
database activity, 58-12
database archives and, 61-26
database cache, 61-10
default thresholds, 52-32
directory assistance, 23-60
exporting to spreadsheet, 52-34
LDAP service ports, 20-38
mail-in, 52-35
modifying, 52-32
monitoring, 52-24, 52-31
platform, 52-26, 52-28, 52-30
for resource balancing, 54-46
Server Health
Monitor, 54-3, 54-13
Server.Load, 62-7
Set Statistics command, A-27
setting preferences
for, 16-11, 52-25
shared mail, 29-13
viewing, 52-28, 52-30, 52-32

Index-35

Windows NT Performance
Monitor, 17-23
Statistics Collector
overview, 52-1
Statistics reports
viewing, 52-31
Statlog task
database activity
reporting, 58-11, C-72
statistics, 58-12
user activity reporting, 58-13
STH files
setting up for SSL, 46-5
Stop Consolelog command
described, A-44
Stop Port command
described, A-44
Stop triggers
setting, 52-22
Storage format, mail file
setting for IMAP
users, 31-3, 31-23, 31-35
setting for POP3 users, 30-7
Store CA policy information in
Domino Directory
request, F-62
Store certificate in Domino or LDAP
directory request, F-62
Store Certificate Revocation List in
Domino or LDAP directory
request, F-63
Store directory type in server record
request, F-63
Store servers DNS host name in
Server record request, F-64
Structural object classes
described, 21-2
Subjects
extended ACL, 25-9, 25-17
Subscriptions, offline
overview, 11-1
SwapPath setting
described, C-109
Synchronization
enabling, 17-27
Notes and Windows 2000
users, 17-25, 17-38
Notes and Windows NT
users, 17-1 to 17-3, 17-5
Syntaxes
adding to schema, 21-15
LDAP, 21-2, 21-4
System administrators, 38-8

Index-36

System and application templates


table of, D-1
System mail rules
setting, 28-20

T
Tables
forms and, 61-4
Targets
extended ACL, 25-12 to 25-14,
25-17, 25-30
Task status event generator
creating, 52-10
TCP server event generator
creating, 52-11
TCP/IP
Domino Internet services
and, 2-47
frame types, 63-68
importance of Notes port
order, 2-45
IPv6 standard, 2-25, 2-45
multiple IP addresses for
servers, 2-12, 2-19, 2-22
name resolution in, 2-15
name resolution in NRPC, 2-11,
2-16 to 2-17, 2-19, 2-22
Notes port for, 2-34 to 2-36, 2-38,
2-39 to 2-42, 2-46
NOTES.INI settings, 2-64
partitioned servers and, 2-21
passwords, 42-3, 42-24
planning server
configurations, 2-10
port mapping, 2-53, 63-78
port numbers, 2-55
redirect to SSL, 31-7, 46-18
Secondary name servers, 2-44
security, 2-9
setting up servers
on, 2-19, 2-32, 2-43
testing, 2-56
time-out setting, 2-45
troubleshooting, 63-56, 63-107
TCP/IPportname_PortMappingNN
setting
described, C-110
TCP/IPportname_TCPIPAddress
setting
described, C-111
TCP_EnableIPV6 setting
described, C-110

Tell commands
Administrator Process, A-46
Agent Manager, 63-12, A-47
CA process, A-48
Change Manager, A-50
Cluster Replicator, A-51
described, A-45
Directory Cataloger, A-53
LDAP service, A-53
Router, 27-5, 27-22, A-54
Schedule Manager, A-55
SMTP, 27-65, A-56
Statistic Collector, A-57
troubleshooting, 63-91
Web Navigator, A-57
Web Server, A-57
Telnet
and UNIX installation, 3-5
Temp_Index_Max_Doc setting
described, C-111
Templates
Domino Off-Line Services, 3-11
signing, 48-7
system and application, D-1
updating databases with, 58-24
Temporary directory
changing for view
rebuilding, 58-22
Terminated users
deleting from system, 40-23
Terminations group
adding names to, 40-6
creating, 6-8
Text
in Server Web Navigator, 36-12
Text files
for Domino Web server log, 56-10
redirecting command output
to, A-2
setting up for registration, 5-23
Third-party relays
defined, 28-76
Threads
DIIOP and, 34-11
IMAP service, 31-19
transfer, 28-33, 28-36
Web server, 34-55
Threads, Administration Process
changing number of, 15-29
Time zones
and replication, 7-24
Time-out settings
IMAP service, 31-9
LDAP service, 20-28

message, 28-37
server, C-96
SMTP, C-108
specifying for Web, 34-53
TCP/IP, 2-45
TimeZone setting
described, C-112
Titles
replication and, 63-87
window, C-120
TLS (Transport Layer Security)
for SSL, 28-68
Tools
Active Directory Domino
Upgrade Service, 17-25
administration, 16-16 to 16-17
Agent log, 63-13
for troubleshooting, 63-2
monitoring servers and, 52-1
server performance, 60-2
Topology
creating a passthru, 4-25
replication and, 4-8
Topology maps task
starting, 7-34
update frequency, C-112
Topology_WorkInterval setting
described, C-112
Trace command
described, A-59
TRACERT command
using for TCP/IP, 63-67
Tracing
mail, 63-2
network connections, 63-77
passthru connections, 63-79
Tracking messages
configuring the server for, 33-8
from the Domino
Administrator, 33-10
Mail Tracking Collector task, 33-5
overview, 33-1
Transaction logging
database changes, 58-25
disabling, 55-8
disk space and, C-115, 55-8
enabling, C-114
log location, C-113
log size, C-113
logging style, C-114
overview, 55-1
performance, C-113
planning for, 55-4
recovery, 14-11, 55-9

setting up, 55-5


settings, 55-7
shared mail and, 29-3
troubleshooting, 63-102
using, 55-3
Transactions
disabling, A-22, A-44
Transfer failures
non-delivery reports and, 28-37
Transfer threads
setting maximum number
between servers, 60-11,
specifying messages to
journal, 28-36
Transferring messages
controlling, 28-26
using shared mail, 29-8
Transform file
creating, 5-47
Transform files
applying, 5-50
for end-user installations, 5-50
installation options with, 5-49
TRANSLOG_MaxSize setting
described, C-113
TRANSLOG_Path setting
described, C-113
TRANSLOG_Performance setting
described, C-113
TRANSLOG_Status setting
described, C-114
TRANSLOG_Style setting
described, C-114
TRANSLOG_UseAll setting
described, C-115
Troubleshooting
Administration
Process, 63-8, 63-11
Agent Manager and agents, 63-12
Certificate Authority, 63-101
database corruption, 58-26
database performance, 63-16
Directories, 63-21
Directory assistance, 63-21
Directory catalogs, 63-25
disk space problems, 63-86
Domino, 63-1
Domino SNMP Agent, 53-24
extended ACLs, 25-30, 63-34
Fixup task, 58-26
IPX/SPX, 63-70
LDAP service, 63-31
Location documents, 63-42
Lotus Support Services and, 63-4

mail routing, 63-36


meeting and resource
scheduing, 63-45
modems, 63-48
Network dialup
connections, 63-74
NOTES.INI, 63-43
NRPC, 63-55
NSD log files and, 63-101
partitioned servers, 63-78
Passthru connections, 63-79
Personal Address Book, 63-42
platform statistics, 63-52
remote connections, 63-48
replication, 63-80
server access, 63-91
server crashes, 63-96
Server.Load, 63-110
shared mail, 63-44
SNMP, 53-10
tools, 63-2, 63-57
transaction logging, 63-102
Web Administrator, 63-104
Web client authentication, 63-21
Web Navigator, 63-104
Web servers, 63-104
workstation setup, 63-42
Trusted naming rules
directory assistance and, 23-14
Trusted root certificates
accepting server CAs
certificate, 46-9
default Domino SSL, 46-11
removing, 46-21
SSL authentication and, 47-3
viewing information, 46-20
Type-ahead addressing
condensed directory catalogs
and, 24-29
disabling, 28-6
troubleshooting, 63-27

U
Undeliverable mail
generating non-delivery reports
for, 28-37
holding in
MAIL.BOX, 28-40 to 28-41
Unicode
LDAP service and, 20-3
Unit numbers
NetBIOS ports and, 2-58

Index-37

UNIX
accessing the server console, A-8
directory for entering
commands, 3-2
installation on, 3-4
server performance, 60-14
Unread command
described, I-27
Unread marks
allowing IMAP users to change
other users, 31-17
performance and, 61-3, 63-18
setting, I-27
Unwanted commercial e-mail
preventing, 28-20, 28-70,
28-75, 28-90
Updall task
commands, 58-16
indexes, 58-15
options, 58-16
running, 58-19
scheduling, 50-4 to 50-5
Update client information in Person
record, F-64
Update command
described, I-27
Update Config command, 27-65
described, 27-22
Update task
directory indexer, 58-15
indexes, 58-14
running, 58-21
Update user from non-roaming to
roaming user
administration requests, F-66
Update_No_BRP_Files setting
described, C-115
Update_No_Fulltext setting
described, C-115
Update_Suppression_Limit setting
described, C-116
Update_Suppression_Time setting
described, C-116
Updaters setting
described, C-116
UpgradeApps setting
described, C-117
URLs, 34-3
categorizing for Domain
Search, 10-21
in Server Web Navigator, 36-12
mailed to SSL server
administrators, 45-4
redirecting, 34-27

Index-38

retrieving information from, I-28


troubleshooting, 63-108
UseFontMapper setting
described, C-117
User accounts
creating in Windows NT, 17-12
deleting, 17-22
User activity
reporting, 58-13
statistics, 58-11
User authentication
registering Internet/intranet
users, 42-3
User IDs
adding alternate name, 5-40
defined, 39-1
passwords, 39-4
recertifying, 5-82
security and, 39-25
User information
synchronizing in Notes and
Windows NT, 17-1
User Management, 5-54
User name failures
customizing message for, 28-46
User names
aliases, 40-7
categorizing by corporate
hierarchy, 19-13 to 19-14
changing, 5-56
deleting, 5-73, 17-42
deleting with Web
Administrator, 5-75
editing, 40-23
finding in domains, 5-85, F-29
moving in the organization name
hierarchy, 5-61
renaming, 5-57, 5-61
upgrading from flat to
hierarchical, 5-67
Web, 40-30
wildcards in, 40-4
User Preferences
troubleshooting, 63-42
User registration
Advanced, 5-13
Advanced from the Web
Administrator, 5-31
alternate names, 5-41
Basic, 5-11
Basic from the Web
Administrator, 5-28
customizing, 5-4
default settings, 5-9

explained, 5-2
from a text file, 5-22
Internet-only users, 5-37
non-Notes users, 5-37
roaming, 5-13
types of, 5-7
Web, 5-8, 5-27, 5-31
User rules mail forwarding
disabling, 28-9
User types
assigning to ACL, 40-19
Users
access levels, 40-1, 40-11
anonymous, 40-8
configuring for TCP/IP, 2-44
managing, 5-54
migrating from external mail
system or directory, 5-8
recertifying, F-48
registering, 5-2, 16-25,
17-33, 17-35
renaming, 17-41, F-51, F-84
restricting in clusters, 60-6
terminated, 40-6
UTF-8
LDAP service and, 20-32
UTF-8 locale
in a hosted environment, 13-8

V
Validation, 38-1
Internet/intranet
clients, 42-27
Verbose logging
mail, 28-7
Web servers, C-119 to C-120
VeriSign
trusted root, 46-11
Version numbers
identifying, C-98
View indexes
updating, 58-14
View_Rebuild_Dir setting
described, C-119
ViewExpnumber setting
described, C-118
ViewImpnumber setting
described, C-118
Views
adding documents, J-1
Administration Requests
database, 15-19
Close command, I-8

creating, 40-17
customizing in Domino
Directory, E-2, E-5
in Server Web Navigator
database, 36-12
keyboard shortcuts for, 58-21
logging, 55-9
navigating, I-10
opening, I-20
performance and, 63-18
purging database, 58-23
rebuilding, 58-22, C-119
searching in, I-11
shortcut keys, H-10
troubleshooting, 63-42, 63-99
updating, J-3, I-16
Virtual servers
Web site hosting, 34-17
Virtual Web servers
partitioned servers and, 2-49
security, 3-42
Viruses
protection against, C-71

W
WANs
integrating Domino with, 2-2
network compression
and, 2-42
Web
access levels, 40-13
anonymous users, 40-8
restricting amount of data
sent, 34-29
Web access
improving, 60-10
Web Administrator
access, 16-18, 16-20
configuring, 16-17
creating groups with, 6-4
Domino Console, Domino
Controller and, 16-28
entering server commands, A-1
in a hosted
environment, 14-15 to 14-16
managing policies, 16-25
managing the ACL with, 40-24
message tracking, 16-27
re-creating database, 63-109
registering users, 16-25, 5-27, 5-31
remote console, 16-26, A-7
resizing and, 63-109
roles, 16-20 to 16-21

service providers and, 16-26


setting preferences, 16-24
signing out, 16-27
starting, 16-22
troubleshooting, 63-108
using, 16-17, 16-23
Web applications
enabling for offline
use, 11-1 to 11-2
replicating, 11-22
Web browsers
controlling access from, 38-23
restricting access to links, 49-4
Web client authentication
restricting, 42-19
troubleshooting, 63-21
Web Idle Workload script
described, 62-30
running, 62-30
sample, J-15
Web mail files
delegating access to, F-10
Web Mail Initialization Workload
script
sample, J-15
Web Mail Workload script
described, 62-31
running, 62-34
sample, J-16
Web Navigator
changing appearance of
pages, 36-12
customizing, 36-6, 36-11
described, 36-1, 36-10
displaying authors, 36-12
managing size of, 36-16
moving out of data
directory, 36-14
renaming, 36-14
setting cache options, 36-18
starting and stopping, 36-3
Tell commands, A-57
troubleshooting, 63-107
Web Navigator SSL
setting up, 36-8
Web pages
mailto, 36-9
rated, 36-19
retrieving with Web
Navigator, 36-1
updating for Server Web
Navigator, 36-18
Web server messages, 34-48
customizing, 34-48, 34-50 to 34-51

Web servers, 34-1, 34-26


activity logging, 57-4
creating links on, 49-1
creating secure Web
applications, 34-3
features, 34-2
interactive Web applications, 34-3
listing files on, 63-105
logging, 56-8
performance, 34-52 to 34-56
processing requests, 34-55
running Web agents on, 34-54
security, 34-9
setting Domino to work
with, 35-1
setting up logging, 56-9
Tell commands, A-57
troubleshooting, 63-104
Web application
development, 34-3
Web set soft deletion expire time
request, F-70
Web Site authentication realm
creating, 34-45
described, 34-45
Web Site Authentication Realm
document
defined, 34-45
Web Site documents
configuring for hosted
organization, 13-20
creating, 34-17
DOLS and, 3-12
file protection and, 34-42
in a hosted environment, 13-18
language preferences, 34-31
setting up session authentication
for, 34-23
Web Site Rule documents
creating, 34-38
described, 13-19, 34-34
in a hosted environment, 13-21
Web sites, 34-38, 34-42
authentication
and, 34-23, 34-45
controlling access to, 36-6
hosting, 34-17
Lotus Support Services, 63-4
multiple, on a server
partition, 2-49, 34-20
Web task
Server Web Navigator
and, 36-3
troubleshooting, 63-108

Index-39

Web tours
Web Navigator
database, 36-11
Web user
registering, 5-8
Web user preferences, 34-30
cookies, 34-30
regional settings, 34-30
Web users
authenticating, 40-7
controlling access, 40-30
renaming, 5-66
WEB.NSF
renaming, 36-14
WEBADMIN.NSF
configuring, 16-17
securing, 16-18
WebAuth_Verbose_Trace setting
described, C-119
WebDAV, 34-15, 34-22
setting up, 34-15, 34-17
WebGet command
described, I-28
WebSess_Verbose_Trace setting
described, C-120
troubleshooting with, 63-106
WebSphere plug-ins
installing on IIS servers, 35-4
Welcome Page
creating, 5-87
Wide-area networks. See WANs
Wildcard searches
LDAP service, 20-28
Window_Title setting
described, C-120
Windows
configuring SNMP Agent
for, 53-11
directory for entering
commands, 3-2
installation on, 3-3
running Server Setup program
on, 3-18
system fonts, C-121
Windows 2000
configuring partitioned
servers, 2-52
ensuring name resolves on, 2-29
improving server
performance, 60-13
name resolution, 2-15, 2-22
registering existing users, 17-35
registering new users, 17-33

Index-40

synchronizing with Notes


users, 17-25
Unit/LANA numbers for
NetBIOS ports, 2-59
Windows NT
adding groups to
Notes, 17-16, 17-20
configuring partitioned
servers, 2-52
ensuring name resolves on, 2-29
improving server
performance, 60-13
name resolution, 2-15, 2-22
registering users in
Notes, 17-1, 17-8, 17-12, 17-14
renaming user accounts with
Domino, 5-57
synchronizing with
Notes, 17-2, 17-3
synchronizing with Notes
users, 5-62, 17-5
Unit/LANA numbers for
NetBIOS ports, 2-59
Windows NT Performance Monitor
viewing statistics with, 17-23
Windows NT User Manager
deleting user accounts with, 17-22
setting up, 17-1, 17-3
WinInfoboxPos setting
described, C-120
WinSysFontnumber setting
described, C-121
Workload balancing
clusters and, 60-4
servers and, 60-2
Workstations
ECL, 41-1
mail routing errors and, 63-42
troubleshooting, 63-92
www.lotus.com/support
searching, 63-4

X
X.PC network
compression and, 2-42
XACLs. See Extended ACLs
x-headers
adding to outbound Internet
mail, 28-134
XPC_Console setting
described, C-121

xSP servers
Activity Logging
for, 13-23 to 13-24
applications on, 12-15
binding IP addresses to, 13-16
configuring, 12-5, 12-9
Domino features for, 12-4
example, 12-16
for hosted environments, 12-1
installation options, 12-2
installing, 13-2
mail protocols on, 12-13
opening databases on, 13-8
securing, 12-3
setting up environment for, 13-1

Z
zOS
configuring SNMP Agent
for, 53-17

You might also like