Open mic on what's new in domino 9 social edition

© 2013 IBM Corporation

®

What's new in IBM Domino 9 Social

Edition

04/11/13 @2013 IBM Corporation

IBM Software Group | Lotus software


2

OPEN MIC NOTES/DOMINO TEAM

Shrikant Jamkhandi – Staff Software Engineer● Presenter

J Rajendran – Notes/Domino Technical advisor● Focussing on Notes/Domino & SCN

Ranjit Rai – Notes/Domino Technical advisor● Focussing on Notes/Domino & SCN

Hansraj Mali – Notes/Domino Technical advisor● Focussing on Notes/Domino & SCN

Vinayak Tavargeri – Notes/Domino support Manager● Facilitator for Open Mics




3

AgendaAgenda

Security Assertion Markup Language (SAML)

OAuth (Open standard Authorization)

Transport Layer Security (TLS)

Secure Hash Algorithm (SHA-2)

Program document support for server groups

Database Management Tool (DBMT)

Mail routing enhancement

Additional features

Serviceability

OS support

References

Q/A




4

SAMLSAML

What is SAML ?– XML-based standard for exchanging authentication and authorization data between

parties– Provides ease of use for end users – reduce the # of password to memorize– Provides complete SSO coverage across a variety of services, applications and

platforms– Reduced administration time and cost

Support for Notes, iNotes and web clients– Notes Federated Login– Web Federated Login

SAML 2.0 is recommended, but SAML 1.1 is also supported

Identity Providers supported– IBM Tivoli Federated Identity Manager(TFIM)– Microsoft ADFS (Active Directory Federation Services) integrated with Active

Directory




5

SAML Continued.SAML Continued.

1) After launching the Notes client, it connects to Notes ID vault to get the IdP information (Id Vault configured for SAML authentication) & it sends client IdP information

2) Client connects to IdP, authenticates the user via username/password or kerberos credentials. Once authenticated the client receives a SAML token.

3) Client sends SAML token to ID vault.

4) ID vault validates the token with the IdP.

5) ID Vault sends the ID to the client.

*Once Notes session is completed, no ID remains. No ID ever stored on local disk.

This works in CITRIX Environment




6

SAML Continued..SAML Continued..

True single sign On for Notes– For Windows users one password can get into:– OS, Notes, Sidebar widgets and web applications

Allow user to access external services from Notes– IBM Sametime chat and meetings– IBM Connections and file share– Feeds– Widget and Live Text– Embedded browser– Open Social components leveraging the above URLs

Managed via Domino policies




7

OAuthOAuth

Open Standard for Authorization

Domino 9.0 Social edition adds support for OAuth client

Basis for Embedded experience in Notes/iNotes Mail– Embedded Experience allow you to access business critical actions from

other application without leaving your email. This brings collaboration in context and results in tighter integration across iNotes, Connections, Notes , app dev (Xpages), and 3rd-party products and services

"Credentials store" in Domino stores OAuth tokens/keys for access to application




8

OAuth continued.OAuth continued.




9

OAuth continued...OAuth continued...




10

Transport Layer Security

Successor to Secure Socket Layer– An upgrade to SSL 3.0

Web Server activity protected by TLS– Xpages– Traveler– iNotes– ST– REST APIs– Quickr

Windows only in 9.0

IBM HTTP Server will act as "front end" for Domino HTTP server

Requirement for many Governments, Agencies and Contractors




11

SHA-2 support

Secure Has Algorithm 2 designed by the National Security Agency Covered under (FIPS) 140-2 Requirement for many Government, Agencies, and Contractors SHA-2 is used for X.509 certificate signature verification, S/MIME signed mail,

and TLS (IBM HTTP) for authentication No Configuration needed, just works out of the box provided you have a SHA-2

certificate




12

Program document support for server group

Create Groups of servers, Groups need to be "Server Only" groups Program document can be applied to servers group name Migrated/New server with version 9 can be added to the group and all the

standard program documents will be applied straight away




13

Database Management Tool (DMBT)

DMBT is used for performing multiple daily/weekly administrative tasks on user's mail database files

The DBMT tool relieves the administrator of the need to run the Updall task New DBMT task been added The dbmt tool does all of the following:

– runs copy-style compact operations– purges deletion stubs– expires soft deleted entries– updates views– reorganizes folders– merges full-text indexes– updates unread lists– ensures that critical views are created for failover

The dbmt tool does not compact system databases:– names.nsf,log.nsf,admin4.nsf,ddm.nsf,lndfr.nsf,events4.nsf,statrep.nsf,dbdirman.nsf,dircat

.nsf,clubusy.nsf,domlog.nsf,cldbdir.nsf,busytime.nsf,catalog.nsf,daoscat.nsf,mtdata/mtstore.nsf




14

Mail routing

Local Mail Delivery FailOver– Local Delivery Failover if the destination mail file is unavailable

• Copy-style compact of mail file is in progress• Fixup of mail file is in progress (Performing consistency check on...)• Mail file is missing (File does not exist)/Corrupt

– MailFileEnableDeliveryFailover=1 will make router to route mail to replica server which has replica of the mail db

– More Granular than cluster failover as this on the database level during mail delivery

Changes to policy settings for return receipts– Changes to return receipt behavior on both outgoing and incoming mail messages for

notes client users– Configure the behavior through a combination of policy settings and NOTES.INI settings

on the Domino server– The settings are configured entirely through NOTES.INI settings for iNotes client users




15

Additional features

Protected groups– Prevents accidental deletion of critical groups, configured via directory profile

Administration client– "Last compact date" column has been added to the IBM Domino Administrator 9.0

64 bit Domino support RHEL/SUSE Linux 64 bit OS




16

Serviceability

NSD monitor for Unix NSD memory summary for Unix Quality of Service Probe (QOS)

– Detects if server is not responding or hung– Optionally email an administrator and/or automatically terminate the server and

restart it– QoS, is designed to react to the general operation of a Domino server in order

to keep that server up and functioning reliably at all times




17

AIX family– AIX 7.1

IBM i family– IBM i 6.1, 7.1

Linux family– Red Hat Enterprise Linux (RHEL) Server V6 on System z– Red Hat Enterprise Linux (RHEL) Server V6 on x86-64– SUSE Linux Enterprise Server (SLES) V11 on System z

– SUSE Linux Enterprise Server (SLES) V11 on x86-64 Windows family

– Windows Server 2008 Enterprise Edition R2 x86-64– Windows Server 2008 Standard Edition R2 x86-64– Windows Server 2012 Datacenter Edition x86-64– Windows Server 2012 Standard Edition

We have removed support for Windows 2003 and Solaris from Domino 9 social edition There will be a Solaris version of the 8.5.4 server but that won't support the embedded experiences

component. Demand for Solaris has dropped to near zero and hence the support has been discontinued.

Still shipping 32 Domino primarily for API and product compatibility

Operating System support




18

References

Upgrade Central: Planning your upgrade to IBM Notes and Domino 9.0 Social Edition

http://www.ibm.com/support/docview.wss?uid=swg21623106

What's New in IBM Domino 9.0 Social Editionhttp://www-10.lotus.com/ldd/dominowiki.nsf/dx/Whatapos_New_in_IBM_Domino_9.0_Social_Edition

What's new in Notes, as well as iNotes, Traveler, and Domino:http://www-10.lotus.com/ldd/dominowiki.nsf

http://www.ibm.com/support/docview.wss?uid=swg21623106

http://www-10.lotus.com/ldd/dominowiki.nsf/dx/Whatapos_New_in_IBM_Domino_9.0_Social_Edition

http://www-10.lotus.com/ldd/dominowiki.nsf




19

Q & A

Legal Disclaimer© IBM Corporation 2013. All Rights Reserved.

The information contained in this publication is provided for informational purposes only. While efforts were made to verify the completeness and accuracy of the information contained in this publication, it is provided AS IS without warranty of any kind, express or implied. In addition, this information is based on IBM’s current product plans and strategy, which are subject to change by IBM without notice. IBM shall not be responsible for any damages arising out of the use of, or otherwise related to, this publication or any other materials. Nothing contained in this publication is intended to, nor shall have the effect of, creating any warranties or representations from IBM or its suppliers or licensors, or altering the terms and conditions of the applicable license agreement governing the use of IBM software.

References in this publication to IBM products, programs, or services do not imply that they will be available in all countries in which IBM operates. Product release dates and/or capabilities referenced in this presentation may change at any time at IBM’s sole discretion based on market opportunities or other factors, and are not intended to be a commitment to future product or feature availability in any way. Nothing contained in these materials is intended to, nor shall have the effect of, stating or implying that any activities undertaken by you will result in any specific sales, revenue growth or other results. IBM, Lotus, Lotus Notes, Notes, and Domino are trademarks of International Business Machines Corporation in the United States, other countries, or both.

Microsoft and Windows are trademarks of Microsoft Corporation in the United States, other countries, or Both.Other company, product, or service names may be trademarks or service marks of others. All references to renovations.com refer to a fictitious company and are used for illustration purposes only.

THANK YOU

Documents

Open mic on what's new in domino 9 social edition