Upload
sreejk
View
2.109
Download
5
Embed Size (px)
DESCRIPTION
Citation preview
© 2013 IBM Corporation
®
What's new in IBM Domino 9 Social
Edition
04/11/13 @2013 IBM Corporation
IBM Software Group | Lotus software
IBM Software Group | Lotus software
2
OPEN MIC NOTES/DOMINO TEAM
Shrikant Jamkhandi – Staff Software Engineer● Presenter
J Rajendran – Notes/Domino Technical advisor● Focussing on Notes/Domino & SCN
Ranjit Rai – Notes/Domino Technical advisor● Focussing on Notes/Domino & SCN
Hansraj Mali – Notes/Domino Technical advisor● Focussing on Notes/Domino & SCN
Vinayak Tavargeri – Notes/Domino support Manager● Facilitator for Open Mics
04/11/13 @2013 IBM Corporation
IBM Software Group | Lotus software
IBM Software Group | Lotus software
3
AgendaAgenda
Security Assertion Markup Language (SAML)
OAuth (Open standard Authorization)
Transport Layer Security (TLS)
Secure Hash Algorithm (SHA-2)
Program document support for server groups
Database Management Tool (DBMT)
Mail routing enhancement
Additional features
Serviceability
OS support
References
Q/A
04/11/13 @2013 IBM Corporation
IBM Software Group | Lotus software
IBM Software Group | Lotus software
4
SAMLSAML
What is SAML ?– XML-based standard for exchanging authentication and authorization data between
parties– Provides ease of use for end users – reduce the # of password to memorize– Provides complete SSO coverage across a variety of services, applications and
platforms– Reduced administration time and cost
Support for Notes, iNotes and web clients– Notes Federated Login– Web Federated Login
SAML 2.0 is recommended, but SAML 1.1 is also supported
Identity Providers supported– IBM Tivoli Federated Identity Manager(TFIM)– Microsoft ADFS (Active Directory Federation Services) integrated with Active
Directory
04/11/13 @2013 IBM Corporation
IBM Software Group | Lotus software
IBM Software Group | Lotus software
5
SAML Continued.SAML Continued.
1) After launching the Notes client, it connects to Notes ID vault to get the IdP information (Id Vault configured for SAML authentication) & it sends client IdP information
2) Client connects to IdP, authenticates the user via username/password or kerberos credentials. Once authenticated the client receives a SAML token.
3) Client sends SAML token to ID vault.
4) ID vault validates the token with the IdP.
5) ID Vault sends the ID to the client.
*Once Notes session is completed, no ID remains. No ID ever stored on local disk.
This works in CITRIX Environment
04/11/13 @2013 IBM Corporation
IBM Software Group | Lotus software
IBM Software Group | Lotus software
6
SAML Continued..SAML Continued..
True single sign On for Notes– For Windows users one password can get into:– OS, Notes, Sidebar widgets and web applications
Allow user to access external services from Notes– IBM Sametime chat and meetings– IBM Connections and file share– Feeds– Widget and Live Text– Embedded browser– Open Social components leveraging the above URLs
Managed via Domino policies
04/11/13 @2013 IBM Corporation
IBM Software Group | Lotus software
IBM Software Group | Lotus software
7
OAuthOAuth
Open Standard for Authorization
Domino 9.0 Social edition adds support for OAuth client
Basis for Embedded experience in Notes/iNotes Mail– Embedded Experience allow you to access business critical actions from
other application without leaving your email. This brings collaboration in context and results in tighter integration across iNotes, Connections, Notes , app dev (Xpages), and 3rd-party products and services
"Credentials store" in Domino stores OAuth tokens/keys for access to application
04/11/13 @2013 IBM Corporation
IBM Software Group | Lotus software
IBM Software Group | Lotus software
8
OAuth continued.OAuth continued.
04/11/13 @2013 IBM Corporation
IBM Software Group | Lotus software
IBM Software Group | Lotus software
9
OAuth continued...OAuth continued...
04/11/13 @2013 IBM Corporation
IBM Software Group | Lotus software
IBM Software Group | Lotus software
10
Transport Layer Security
Successor to Secure Socket Layer– An upgrade to SSL 3.0
Web Server activity protected by TLS– Xpages– Traveler– iNotes– ST– REST APIs– Quickr
Windows only in 9.0
IBM HTTP Server will act as "front end" for Domino HTTP server
Requirement for many Governments, Agencies and Contractors
04/11/13 @2013 IBM Corporation
IBM Software Group | Lotus software
IBM Software Group | Lotus software
11
SHA-2 support
Secure Has Algorithm 2 designed by the National Security Agency Covered under (FIPS) 140-2 Requirement for many Government, Agencies, and Contractors SHA-2 is used for X.509 certificate signature verification, S/MIME signed mail,
and TLS (IBM HTTP) for authentication No Configuration needed, just works out of the box provided you have a SHA-2
certificate
04/11/13 @2013 IBM Corporation
IBM Software Group | Lotus software
IBM Software Group | Lotus software
12
Program document support for server group
Create Groups of servers, Groups need to be "Server Only" groups Program document can be applied to servers group name Migrated/New server with version 9 can be added to the group and all the
standard program documents will be applied straight away
04/11/13 @2013 IBM Corporation
IBM Software Group | Lotus software
IBM Software Group | Lotus software
13
Database Management Tool (DMBT)
DMBT is used for performing multiple daily/weekly administrative tasks on user's mail database files
The DBMT tool relieves the administrator of the need to run the Updall task New DBMT task been added The dbmt tool does all of the following:
– runs copy-style compact operations– purges deletion stubs– expires soft deleted entries– updates views– reorganizes folders– merges full-text indexes– updates unread lists– ensures that critical views are created for failover
The dbmt tool does not compact system databases:– names.nsf,log.nsf,admin4.nsf,ddm.nsf,lndfr.nsf,events4.nsf,statrep.nsf,dbdirman.nsf,dircat
.nsf,clubusy.nsf,domlog.nsf,cldbdir.nsf,busytime.nsf,catalog.nsf,daoscat.nsf,mtdata/mtstore.nsf
04/11/13 @2013 IBM Corporation
IBM Software Group | Lotus software
IBM Software Group | Lotus software
14
Mail routing
Local Mail Delivery FailOver– Local Delivery Failover if the destination mail file is unavailable
• Copy-style compact of mail file is in progress• Fixup of mail file is in progress (Performing consistency check on...)• Mail file is missing (File does not exist)/Corrupt
– MailFileEnableDeliveryFailover=1 will make router to route mail to replica server which has replica of the mail db
– More Granular than cluster failover as this on the database level during mail delivery
Changes to policy settings for return receipts– Changes to return receipt behavior on both outgoing and incoming mail messages for
notes client users– Configure the behavior through a combination of policy settings and NOTES.INI settings
on the Domino server– The settings are configured entirely through NOTES.INI settings for iNotes client users
04/11/13 @2013 IBM Corporation
IBM Software Group | Lotus software
IBM Software Group | Lotus software
15
Additional features
Protected groups– Prevents accidental deletion of critical groups, configured via directory profile
Administration client– "Last compact date" column has been added to the IBM Domino Administrator 9.0
64 bit Domino support RHEL/SUSE Linux 64 bit OS
04/11/13 @2013 IBM Corporation
IBM Software Group | Lotus software
IBM Software Group | Lotus software
16
Serviceability
NSD monitor for Unix NSD memory summary for Unix Quality of Service Probe (QOS)
– Detects if server is not responding or hung– Optionally email an administrator and/or automatically terminate the server and
restart it– QoS, is designed to react to the general operation of a Domino server in order
to keep that server up and functioning reliably at all times
04/11/13 @2013 IBM Corporation
IBM Software Group | Lotus software
IBM Software Group | Lotus software
17
AIX family– AIX 7.1
IBM i family– IBM i 6.1, 7.1
Linux family– Red Hat Enterprise Linux (RHEL) Server V6 on System z– Red Hat Enterprise Linux (RHEL) Server V6 on x86-64– SUSE Linux Enterprise Server (SLES) V11 on System z
– SUSE Linux Enterprise Server (SLES) V11 on x86-64 Windows family
– Windows Server 2008 Enterprise Edition R2 x86-64– Windows Server 2008 Standard Edition R2 x86-64– Windows Server 2012 Datacenter Edition x86-64– Windows Server 2012 Standard Edition
We have removed support for Windows 2003 and Solaris from Domino 9 social edition There will be a Solaris version of the 8.5.4 server but that won't support the embedded experiences
component. Demand for Solaris has dropped to near zero and hence the support has been discontinued.
Still shipping 32 Domino primarily for API and product compatibility
Operating System support
04/11/13 @2013 IBM Corporation
IBM Software Group | Lotus software
IBM Software Group | Lotus software
18
References
Upgrade Central: Planning your upgrade to IBM Notes and Domino 9.0 Social Edition
http://www.ibm.com/support/docview.wss?uid=swg21623106
What's New in IBM Domino 9.0 Social Editionhttp://www-10.lotus.com/ldd/dominowiki.nsf/dx/Whatapos_New_in_IBM_Domino_9.0_Social_Edition
What's new in Notes, as well as iNotes, Traveler, and Domino:http://www-10.lotus.com/ldd/dominowiki.nsf
04/11/13 @2013 IBM Corporation
IBM Software Group | Lotus software
IBM Software Group | Lotus software
19
Q & A
Legal Disclaimer© IBM Corporation 2013. All Rights Reserved.
The information contained in this publication is provided for informational purposes only. While efforts were made to verify the completeness and accuracy of the information contained in this publication, it is provided AS IS without warranty of any kind, express or implied. In addition, this information is based on IBM’s current product plans and strategy, which are subject to change by IBM without notice. IBM shall not be responsible for any damages arising out of the use of, or otherwise related to, this publication or any other materials. Nothing contained in this publication is intended to, nor shall have the effect of, creating any warranties or representations from IBM or its suppliers or licensors, or altering the terms and conditions of the applicable license agreement governing the use of IBM software.
References in this publication to IBM products, programs, or services do not imply that they will be available in all countries in which IBM operates. Product release dates and/or capabilities referenced in this presentation may change at any time at IBM’s sole discretion based on market opportunities or other factors, and are not intended to be a commitment to future product or feature availability in any way. Nothing contained in these materials is intended to, nor shall have the effect of, stating or implying that any activities undertaken by you will result in any specific sales, revenue growth or other results. IBM, Lotus, Lotus Notes, Notes, and Domino are trademarks of International Business Machines Corporation in the United States, other countries, or both.
Microsoft and Windows are trademarks of Microsoft Corporation in the United States, other countries, or Both.Other company, product, or service names may be trademarks or service marks of others. All references to renovations.com refer to a fictitious company and are used for illustration purposes only.
THANK YOU