Sei sulla pagina 1di 27

Quick Guide to Lotus Domino-Notes

What is it, and why should I use it over open-source solutions like
Apache?
Note (no pun intended): Although Lotus' marketing literature doesn't always stick to this view
of things, Domino is now supposed to mean the server, while Notes is the client side Domino
is availa!le for N", A#$%&&, and di'erent (nices (#olaris, )*+,-, A.-, Linu/), while Notes is only
availa!le for 0indows, although it is said to run 12 on Linu/ under the 0ine emulator
.3)1, Domino$Notes is the greatest, al!eit proprietary, groupware solution currently availa!le
4esides e+mail 5 to+do, personal$group calendars, and personal$group address !ooks, it lets
you !uild shared knowledge data!ases, and generally improve team+work through work6ow
*ersonnaly, . wouldn't use it for e+mail, especially since Notes can work against a ,ni/+!ased e+
mail system pretty well, although that means losing some of the groupware features . 7ust
don't trust proprietary software for critical applications like e+mail
"he main reason you should give Domino$Notes a try if you need to o'er such features, is that
the 0e!+!ased tools are 7ust too complicated to use !y non+technical people (editing with
)"3L editors, uploading updated )"3L 8les to your we! server, synchroni9ing laptops, etc),
and do not support replications as easily as Domino$Notes
As for proprietary solutions, 3# :/change only runs on N" and doesn't support knowledge
data!ases as well as Domino, and Novell's ;roupwise re<uires an ND# server in addition to a
;roupwise server
ros ! "ons
*ro:
:/cellent support for disconnected mode, ie users with laptops can replicate
data!ases on their laptop !efore leaving on a trip, work o=ine, and synchroni9e this
work onto their Domino server when they are !ack at the o>ce ;ranularity is very
good, since it gets down to the 8eld level (as long as two users working on the same
document do not modify the same 8eld in a document, synchroni9ation is transparent)
"his support for disconnecte mode is non+e/istent in open source solutions like
php;roup0are, 3ioga, or even Apache with its 0edDA? module
;reat support for replication !etween remote Domino servers, so that users access
data!ases on a local replica instead of working through a slower 0AN link ,pdates are
replicated on all corporate Domino servers
:asy to use, rich+te/t editor (no need to learn )"3L)
,sers access all information through one application (their e+mail$to+do$calendar
data!ase, corporate data!ases)
*retty nice interface
#upport for a !unch of .nternet standards ()""*, LDA*, #3"*, .3A*, *1*, ##L, etc)
All documents sit neatly in a data!ase @ou can (should) create data!ases for each
department (eg ABD, 3arketing$#ales, CA, 3.#, etc)
Data!ases can !e read$edited through a 0e! !rowser, for users who do not have Notes
installed on their workstation
*retty secure environment, as it provides !i+directional authentication, digital
signatures, access control, and encryption
Don:
N#E are !inary 8les, with no way to !e dumped in A#D.. format, although it's possi!le
to e/port individual documents in di'erent te/t formats like A#D.., A"E, )"3L, etc N#E
can !e corrupted to the point where Domino might not !e a!le to 8/ them, so you
should de8nitely have a sound !ackup$restore procedure
Not everyone likes the Notes interface
Not open+source
Domino$Notes infrastructure can !e comple/ to understand for a new!ie administrator
Don't underestimate the amount of time it'll take them to get to the point where they
really understand how this whole thing works
Development must !e done in either Fcommands$Lotus#cript, or Gava
What are Domino#Notes data$ases?
Domino$Notes data!ases are nothing like D43#'s like 1racle .nstead, a Domino$Notes
knowledge data!ase is really a single, stand+alone !inary N#E 8le which contains all the
documents that users have created :ach data!ase has a uni<ue Aeplica .D, and each
document it contains has a uni<ue ,niversal .D (,N.D)
"o improve performance, a data!ase can !e inde/ed, which means that additional 8les are
created to contain inde/es, !ut those 8les are independent from the data!ase itself .n other
words, and notwithstanding the ADL issue (access+control lists), you can 7ust copy an N#E
data!ase and drop it on either another Domino server or a Notes clients
"he main two components of a Domino$Notes data!ase are forms (templates) and views (lists
of documents in the data!ase, sorted !y di'erent 8elds) ,sers must use availa!le forms to
create new documents in the data!ase Eorms are handled !y whoever has 3anager$Designer
rights to the data!ase "his helps maintain coherence and homogeneity ?iews are simply the
list of documents availa!le in a data!ase, sorted !y whatever 8elds the designer chose (eg
Dreator, Date, etc):
1ne of the availa!le view for this data!ase:
A form !uilt using a standard Lotus+supplied template
.n Domino$Notes, all data!ases are N#E 8lesH no distinction is made !etween user e+mail
data!ases, document data!ases, or system data!ases #ystem data!ases include
the all+important *u!lic Name B Address 4ook (*NA4), usually named NA3:#N#E .t
holds the user directory (including *erson and ;roup classes), connection documents
(pointers to remote servers), etc #ervers that !elong to the same Notes domain use
the same *NA4
the mail router mail!o/, 3A.L41-
the data!ase catalog DA"AL1;N#E
the log data!ase L1;N#E
%verview o& Domino#Notes architecture
Accessin' a Domino data$ase &rom a Notes client
Accessing a document in a data!ase 8rst re<uires that the user authenticate successfully
against the Domino server "his re<uires that !oth the server .D 8le and the user .D 8le !e
stamped !y a common certi8er (D:A".D) .f the two .Ds !elong to di'erent organi9ations, a
cross+certi8cate must have !een generated so that a client that !elongs to organi9ation 4 is
allowed to connect to server in organi9ation A
"he authentication itself consists in a !i+directional challenge which involves encrypting and
decrypting a random num!er using the other party's pu!lic and private keys:
I "he server$user re<uesting access sends a package that contains a random num!er,
their name, their pu!lic key, and their certi8cates
J "he server signs the random num!er with its pu!lic key, and sends it !ack to the
re<uester
K "he re<uester veri8es that the signature is correct and that the random num!er
matches the original
% "he server repeats this process in reverse to prove that it is not an impostor
"o gain access to data!ases on a standard (non+)""*) Notes server, a Notes user has to 8rst
authenticate with the server, then survive the server's access list, then get past a series of
access lists in each data!ase At this point, the server may still refuse the user access to the
server if the user is in a Not Access #erver 8eld or is not in an Access #erver 8eld in the
#erver's server document
Erom .43's Lotus Notes and Domino R5.0 Security Infrastructure Revealed
As shown a!ove, Domino's security is !ased on several layers of security, which is partly what
makes Domino hard to understand, and trou!leshoot when access is denied
)ere are the di'erent settings availa!le in a data!ase's ADL (from Installing and Confguring
the Lotus Notes e! "u!lishing "roducts, http:$$docsrinetru$*erfect.ntranet$chLhtm):
Access Level Activities Allowed
3anager
"he data!ase manager can do anything in a data!ase,
including change the Access Dontrol List
Designer
Data!ase designers can do anything in a data!ase,
including making changes in the data!ase design, !ut
e/cluding making changes in the Access Dontrol List
:ditor
Data!ase editors can add data documents to a
data!ase and can make changes in any data document
in the data!ase, regardless of the document's
authorship :ditors cannot change data!ase design or
the Access Dontrol List
Author
Data!ase authors can create new data documents and
they can edit documents they originally created 0ith
certain e/ceptions, they cannot edit documents not
authored !y themselves Nor can they make changes in
the data!ase design or Access Dontrol List
Aeader Data!ase readers can read data documents and views
!ut cannot make changes of any kind in the data!ase
Depositor
Data!ase depositors can create and save new data
documents !ut cannot read any document, including
their own after they close it, nor make changes of any
kind in the data!ase
No Access
,sers with no access will not !e allowed to open a
data!ase at all
What are ID (les?
@ou must generate a user .D 8le for each user in the 1rgani9ation .n the process, the .D 8le is
certi8ed, and contains the following information:
certi8cate owner's name and details
certi8cate owner's pu!lic key
certi8er's name and details
certi8er's pu!lic key
certi8cate e/piration date
certi8er's stamp, ie it is signed with the certi8er's private key
the user's pu!lic and private keys, in two versions (1ne, MIJ+!it key length pair, is
used for data encryption in non+North American countries Another, NK&+!it key length
pair, is used for data encryption within ,# and Danada, and for signature and
authentication worldwide)
the user's name and Notes license num!er
1nce the .D 8le is generated, a copy is availa!le as an independent .D 8le as well as an entry
in the *u!lic Name B Address 4ook for other users to use
two pairs of pu!lic$private keys (the user's and the certi8er'sH 1ne set of key for use in
North America, and the other for use overseas),
two certi8cates (to match the two encryption strengthsH a certi8cate is the digital
signature of the organi9ation to which he !elongs),
a certi8cate for each unit to which the user !elong (eg for Gohn Doe$3arketing$Acme,
his .D contains the cert8cate of $3arketing$Acme and $Acme),
user names (the user's and the certi8er's) and details (including license type and serial
num!er), the certi8cation e/piration date,
(optional) encryption 8elds distri!uted !y application developers to allow
encryption$decryption of 8elds in documents,
a password to protect this .D 8le
)ip: "o display the di'erent certi8ers that live in a user's .D 8le, select Eile O "ools O ,ser .D
Important: "he password only e/ists in the .D 8le, to prevent anyone else from using it .n
other words, changing the password to an .D 8le makes no change to the server .f a copy is
kept in the *NA4, which is not recommended for securite reason, the password to the original
.D 8le is not updated
1nce generated, the user's .D 8le is located in the domain's *u!lic Name B Address 4ook
(*NA4) .t can also !e e/tracted into eg GD1:.D, and kept on the user's workstation
Important: Aegenerating an .D 8le means generating a new pair of pu!lic and private keys
and losing the encryption keys As a conse<uence, this users will no longer !e a!le to access
any encrypted document or data!ase (D):D2) )e must also !e removed and re+added to
every single Access Dontrol List (ADL) of Notes data!ases
)he "erti(er, "*+),ID
"he core identi8er, the .D 8le from which all other .D 8les are created, is known as the D:A".D,
and is created when 8rst setting up the 1rgani9ation "wo other .D 8les are created when
setting up a server: #:A?:A.D (that server's .D 8leH each new server has its own .D 8le), and
,#:A.D (an .D 8le that can !e used for administrative purposes, although any user who is
registered as having 3anager rights on a given Notes data!ase can perform administrative
tasks) .t's 12 to rename those 8les, eg rename #:A?:A.D to #D#:A?I.D and ,#:A.D to
#DAD3.N.D Notes doesn't rely on the .D 8le's 8lename "heres is nothing special a!out the
,#:A.D administrative 8le, although it gets put in a few places, such as the PadministratorP
8eld on the server document
D:A".D is the most important component of a Notes network, as it is re<uired when adding
new resources to the organi9ation (users, servers, 1,s), and re+certifying .D 8les whose validity
period has e/pired 2eep several !ackups, and don't forget the password used to protect this
.D 8le Losing access to D:A".D means having to re!uild the entire organi9ation, along with
user and server .D 8les .f that happens to you, update your rQsumQ
"o avoid having all administrators use D:A".D in their daily tasks, it is recommended to create
1,s, each with its own certi8er "his is also an e>cient way to spread the administration work
on di'erent levels, and makes it easier to !uild an 1rgani9ation that re6ects the company's
actual hierarchy, eg users and servers could !e made a mem!er to 3arketing$Acme or
3arketing$,#$Acme, instead of 7ust $Acme
-,.// Notation
Domino$Notes uses an -M&& type of hierarchical organi9ation Gust like DN#, the whole point is
to make it easier to create several identical names in the organi9ation, eg it's 12 to have
several users called Gohn Doe, as long as they !elong to di'erent nodes in the organi9ation .n
case two users with the same name !elong to the same node in the organi9ation, you could
user their middle initial to tell them apart Eor instance, Gohn Doe$0ashington$Acme is the fully
distinguished hierarchical name to user Gohn Doe who !elongs to 1rgani9ational ,nit
0ashington, itself part of the over+all Acme 1rgani9ation
A common name (DN) is the user's or server's name 1rgani9ation ,nits (1,) are su!+entities,
with up to % allowed "he 1rgani9ation (1) is usually the company's name "he top level is the
Dountry code level (D, eg ,#), !ut it is rarely used 1n the other hand, the fully distinguished
canonicali9ed hierarchical name of that user would !e DNRGohn Doe$1,R0ashington$1RAcme
#ince there is no functional di'erence !etween a user .D and a server .D, the canonical path to
a server would !e DNR#erverI$1,R0ashington$1RAcme
Domino domain 01 N) domain 01 DN2 domain
A Domino$Notes domain is used to organi9e mail routing and !uild an organi9ation+wide
address !ook .t has nothing to do with either 0indows N" or .nternet Although not a
re<uirement, companies usually make the Domino$Notes domain identical to the 1rgani9ation
0hen using Domino$Notes' proprietary e+mail feature, Gohn Doe$AcmeFAcme means user Gohn
Doe in 1rgani9ation Acme ($Acme), in e+mail domain Acme (FAcme) Note that while
Domino$Notes uses the PFP sign, it has nothing to do with #3"* e+mail "he left part !efore the
F sign is the fully+<uali8ed path which locates this user in the Notes organi9ation
Although it is possi!le for a Notes domain to contain several 1rgani9ations, or one
1rgani9ation to contain several domains, the most common setup is for the domain to map to
the 1rgani9ation
Notes Named Networks
A Notes Named Network is used to simplify mail routing #ervers that use the same network
protocol and share constant connections should !e added into an NNN, so as to avoid having
to create connection documents to route mail !etween them #ervers that !elong to the same
NNN share the same *NA4
Also, users will see the list of servers that !elong to the same NNN when they use the P1pen
Data!aseP dialog to add an icon to a Notes data!ase #ervers that do not !elong to the NNN
will not appear in that list, and users are re<uired to type their distinguished name and the
8lename of the data!ase
"o avoid confusion, NNNs are usually named for !oth their location and protocol, eg AD3:S.*
What3s in the NA4?
"he *u!lic Name and Address 4ook holds not only *erson documents for each user created in
the domain, !ut also administration information like server names and parameters, or
connection documents to route mail to other domains, either Notes or .nternet "he *NA4 can
also !e used to contain the list of any contact of the company, ie outside contacts with an
.nternet e+mail or no e+mail at all can !e added to the *NA4 0hen adding a new server to a
domain, the 8rst thing Notes does is create a local replica of the *NA4 on that new server
"wo groups are automatically placed in the *NA4 when it is created: LocalDomain#ervers and
1therDomain#ervers "hey should contain the hierarchical names of the servers with which
your server communicates (!oth within and outside your domain)
Location documents can !e found in the *NA4 and also a user's local *ersonal NA4 on his
workstation "hose documents are used to tell Notes how to connect to a given server "his is
where the server's .* address is found
"he *erson document is created when a new user is registered in the domain )is document
contains information a!out his mail 8le and home server, as well as his pu!lic key, which is
used during the authentication process "he ,ser Name must contain the user's fully
distinguished name
"he Derti8er documents contain information a!out certi8ers in the organi9ation 1ne of the
8elds is that certi8er's pu!lic key
"he #erver Donnection documents de8ne the connection method and path !etween servers in
the domain and in ad7acent domains .n a user's *ersonal NA4, the connection documents
de8ne the path and connection information !etween a client and a server
Domain documents specify and de8ne the name, location, and type of access to ad7acent and
nonad7acent Notes domaines, and non+Notes domains
#erver documents de8ne and con8gure the servers in your domain
"he *ersonal NA4 is created when installing the Notes client .ts Derti8ers documents are used
to identify the certi8cates held !y a particular user, and are used heavily during cross+
certi8cation
"ross-certi(cation
"he process of sharing certi8cates to ena!le authentication among users and servers that were
not created with a common certi8cate is called cross+certi8cation Dross+certi8cation is a two+
way process that re<uires !oth organi9ations to cross+certify and store a certi8cate .f the
certi8cate does not e/ist in either company's NA4, authentication cannot occur
.f you do not use Domino$Notes for e+mail, the ne/t !est way to organi9e cross+certi8cation is
!y generating a safe .D, ie a copy of an .D 8le that can !e used only to have it cross+certi8ed
@ou should not send your full .D 8le to !e /+certi8ed (Eile O "ools O #erver Administration,
followed !y Administration O .D Eiles, input your password, then select 3ore 1ptions section,
Dreate #afe .D Eile)
A cross+certi8cate located in a user's *ersonal NA4 can !e copied$pasted into the domain's
*NA4 for others to use
.f Gohn Doe$4ar needs to connect to a data!ase sitting on a server at $Eoo, he needs a cross+
certi8cate, either in his *ersonal NA4 or his domain 4ar's *u!lic NA4
+eplication
Notes supports replicating data!ases on multiple servers A copy of a data!ase is static, ie
changes made to the original data!ase will not !e replicated to that copy
A server must have the same or higher level of access to a data!ase as the highest user on
that server 1therwise, the changes that a user with higher rights makes on that server cannot
!e replicated to to other servers
1nly one server should have 3anager access to a data!ase, so as to avoid unpredicta!le
replication pro!lems should changes !e made simultaneously on several replicas of a
data!ase
+enamin' users
Aenaming a user must not !e done manually, !ut instead through a re<uest handled !y the
Adminp process on the server After the change has occured, the user's name must !e
manually updated in any data!ase ADLs, as well as in any Aeader and Author name 8elds
Notes client5 )he si'hts
Another peeve . have a!out the Notes client is that settings are spread in di'erent locations
4elow is a list of areas of worth if you need to customi9e your workstation:
6ile menu
,seful sections are: Data!ase, Aeplication, 3o!ile, *references, and "ools
Data$ase su$-menu
"his is where you can :
create links to data!ases that live on either your workstation or on a Domino
server
create either local or remote D4s
modify a D4's properties or ADL settings
create a copy of an e/isting D4
delete D4s
and more
+eplication su$-menu
"his is where you can handle replications of remote D4s
7o$ile su$-menu
"his is actually a di'erent route to your *rivate NA4 "he 3o!ile su!+menu will direct you to
the Location section where you can set up di'erent connection pro8le (eg LAN, dial+up,
disconnected), which is a way for Notes to change its !ehavior when you try to access remote
resources depending on how you can reach said remote resources
re&erences su$-menu
)ools su$-menu
rivate Name ! Address 4ook
which happens to !e a very misleading name, as it not only contains your private address
!ook (as opposed to the *u!lic Name B Address 4ook sitting on the Domino server), !ut also
the Donnection documents which are all+important when you need to connect to servers
through dial+up "he *rivate NA4 also contains settings to connect to .nternet servers, such as
#3"*, .3A*$*1*, or LDA* Aemove this local D4, and you won't !e a!le to dial up to remote
servers, !e they Domino or .nternet #tupidly enough, the *rivate NA4 default 8lename is
namesnsf 7ust like the *u!lic NA4 sitting on a Domino server 0hen creating a local replica of
the *u!lic NA4, Notes will use the same name !y default, potentially hosing your *rivate NA4
since they !oth use namesnsf as their 8lename ?ery smart
Links to resources
:ither Domino D4s or we! sites can !e added to the !ookmarks section Area noted PIP
contains links to your mail data!ase (eg 7doensf), which is located either on the Domino
server or your local workstation depending on the Location under which you are presently
working, ie if you are running the 1>ce location, Notes will open the 7doensf that lives on the
Domino server (if any), !ut will open the local 7doensf replica if you are currently using the
.nternet or .sland location documents
"he 8rst four icons contain links to e+mail, calendar, address !ook, and to+do, respectively "he
last icon leads to the Aeplicator workspace, where you can set replication settings
Area noted PJP contains links to folders, eg links to Domino D4s or .nternet we! sites "he
second icon contains a link to the familiar 0orkspace view
Installin' Domino on a Linu8 server
I ,ninstall 3"A and we! server (eg rpm +e sendmail apache)
J Dreate a user .D that Domino will use to run (eg useradd notes), and set a password
for this account
K ,ntar the archive, and run $install
% 1nce you're through with this command+line part of the install procedure, log out, and
log in with the Notes account that you 7ust created a!ove
M ;o to the directory where you installed Domino, eg $local$notesdata, and launch the
)""* setup through $opt$lotus$!in$http httpsetup
N At this point, Domino's we! daemon is running Einish the install !y launching Domino's
we! server, and connect to it through a we! !rowser (eg
http:$$dominoe/amplecom:T&TI)
Important5 "he Pcerti8erP 8eld is actually the 1rgani9ation (eg $Acme), which must !e
longer than K characters long "he Dountry 8eld is optional (eg if 8lled, the fully+
<uali8ed organi9ation would !e $Acme$,s)
L Einally, launch Domino itself !y switching to Notes' data directory (eg
$local$notesdata), and lauching Domino's daemon through $opt$lotus$!in$server
T Dreate startup scripts so that Domino runs during !ootup ($etc$rcd$initd$ and symlinks
in $etc$rcd$rc-d$)
Note: "he certi8er's .D D:A".D and the server's .D #:A?:A.D are located in the Notes data
directory (eg $local$notesdata) "he user .D 8le that you created during the setup procedure
(ie ,#:A.D, which actually is not an administrator account, ie it has no more rights than the
other user accounts that you will create once the server is up and running) can !e found in
that user's entry in the *u!lic Name B Address 4ook: Aim your we! !rowser to the Domino
server (eg http:$$dominoe/amplecom$namesnsf), log on with the ,#:A.D's password, open
NA3:#N#E and 8nd this user's record in NA3:#N#E
D):D2: 1nce the initial setup is done, Domino should run automatically through startup
scripts, so it should not !e a pro!lem to remove password and shell for the Notes user account
for added security, ie put a ( in $etc$passwd or $etc$shadow for this account and 8nish it o'
with usermod +s $!in$false notes
2ecurity Issues
4y default, the password of an .D 8le is only stored in the 8le, !ut it can also !e checked at the
server to verify that the correct .D is !eing used .t is also a way to force users to change their
passwords regularly, and to prevent reuse of old passwords
.f the original password of an .D 8le was chosen to !e easy to remem!er and meant to !e
changed !y the user shortly after having !een created, anyone can 7ust detach the original .D
8le from the *NA4, and pass for this user "his means, for instance, accessing an encrypted
mail data!ase After registering a new user or server, detach the .D 8le from the *NA4, and
keep several copies #hould the new password !e forgotten, the user can always !e handed
the original .D 8le, with its original password Additional certi8cates a user might have received
since his .D 8le was originally created are stored in the *NA4
.n the advanced section of a D4's ADL, when PAdministration #erverP is left to None, the
default, it means that N1 server can make administrative changes Admin* will make changes
such as modifying ADL's and reader 8elds, !ut should do so only on one replica of the D4,
otherwise you would get massive num!ers of replication con6icts "hus the need to designate
a single server where those sorts of changes get made
"hree !asic elements help maintain data!ase integrity and prevent data loss:
.n the server console, run the Notes server program E.-,* to repair damaged
data!ases, eg L1AD E.-,* myd!nsf .t's !etter to run this command with the
data!ase close !ut Notes puts a lock on all data!ases when it is running "he way
out of this DatchJJ, is to stop the Notes server, and open a D1# !o/ to run NE.-,*
Aun the Notes server program ,*DALL "his task is listed in N1":#.N. to run
automatically .t updates all views, and re!uilds corrupted views and view inde/es
2eep !ackups of all .D 8les and data!ases: Eor one thing, if a user deletes a document
in a data!ase, this action will !e enacted on replicas as well Also, a corrupt master
data!ase will likely corrupt replicas as well As Notes D4s are !inary 8les, and no Ascii
is normally availa!le, once the N#E is corrupt !eyong repair, your only solution is to
reach for the latest !ackup
.f using the #:" #:D,A: Upassword hereV instruction in the Notes server console to control
access, you cannot launch the Notes client on the same host :ither turn o' this protection !y
typing the full #:" #:D,A: UpasswordV, or run Eile O "ools O #erver Administration from a
remote Notes client, provided you have the right to run the remote console
Q!A
9ow can I e8tract Domino#Notes documents as 9)7L and use them into a
We$ server?
Dheck out iNotes @ou can also e/port individual documents through Eile O :/port
9ow to handle document versionin'?
#urprisingly enough, Domino$Notes tells you that a document was edited !y another user !ut
doesn't show you what changes were made .t is the responsi!ility of the editor to make those
o!vious !y using di'erent colors (pen), strikethrough, etc
After asking this <uestion in a newsgroup, there appears to !e three solutions: *urchasing the
add+on DominoDoc, em!edding either a Lotus 0ord*ro or 3icrosoft 0ord document to take
advantage of the versioning feature o'ered !y those two word+processors, or making use of
Domino$Notes' support of PresponseP documents, not unlike threading in ,senet @uck
9ow to import addresses in the NA4 &rom an A2"II (le?
From: "W.Flamme"
Newsgroups: comp.groupware.lotus-notes.admin
Subject: Re: How to import addresses through CS !ile"
#ate: $ue% &' (pr )''& &*:*+:*, -')''
.rgani/ation: R0-.nline
1ines: 2+
3essage-4#: 56a7r+a8peo8&9news.rhein-/eitung.#:;
Re!erences: 5,aca'+b<.)+),'==,9news.imaginet.!r;
56a!,>)8e*d8&9news.rhein-/eitung.#:;
5,acb)bb'.=,&=&)=*9news.imaginet.!r;
NN$?-?osting-Host: pppin)&=.ma@-main/.r/-online.net
A-$race: news.rhein-/eitung.#: 6+<6,2,=' )<'=) )&).=.&<*.)&= B&' (pr
)''& )':*):2' C3$D
A-Complaints-$o: abuse9rhein-/eitung.de
NN$?-?osting-#ate: &' (pr )''& )':*):2' C3$
A-?rioritE: ,
A-3S3ail-?rioritE: Normal
A-Newsreader: 3icroso!t .utlooF :@press 2.2'.*&,,.)*''
A-3ime.1:: ?roduced GE 3icroso!t 3ime.1: 2.2'.*&,,.)*''
?ath: writerH!r.colt.netH!r.clara.netHheighliner.!r.clara.netH
R:N$.$H4S.S?(C:.F.R.(#:R$4S4NCHnews!eed.hanau.netHnews!eed'&.sul.t-
online.deHnews!eed''.sul.t-online.deHt-online.deHnews!eed.r-Fom.deH
stueberl.r-Fom.deHnews-!!m.transmedia.deHnews./et.netHnews.rhein-
/eitung.deHnot-!or-mail
Are!: writer comp.groupware.lotus-notes.admin:=&<=<
"Frederic Faure" schrieb im
Newsbeitrag news:,acb)bb'.=,&=&)=*9news.imaginet.!r...
; .n Wed% * (pr )''& &):',:2+ -')''% "W.Flamme"
; wrote:
; ;$EpeI"?erson" is probablE missing. ChecF the S:1:C$ statement o! the
; ;contacts 7iew...
;
; 4 donJt understand. Where should 4 put that $EpeI"?erson" statement"
; 4 cannot see anEthing related to S:1:C$ or a Contacts 7iew in the
; $abular $e@t 4mport dialog that pops up when 4 open the ?N(G and
; select File K 4mport.
SoorE !or pu//eling Eou..
What 4 meant Brather than e@plained% perhapsD: 4! Eou want Eour imported
docs to appear in a 7iew% it maFes sense to looF at this 7iewJs
selection
!ormula !irst. :g the contacts 7iewJs S:1:C$ statement demands
FormI"?erson"
L $EpeI"?erson". 4! Eou donJt set the latter !ield 7alue !or Eour
import%
all EouJll see is - nothing. Howe7er the documents ha7e been imported
properlE.
3ost liFelE there will be a lot o! garbage import in the bacFend
alreadE% it
maFes sense to get rid o! that be!ore Eour ne@t trE.
Mn!ortunatelE the import dialog will not allow Eou to declare additional
de!ault 7alues !or Eour import despite JFormJ.
$here are three waEs to address this:
&D add a column named J$EpeJ to Eour import data and add "?erson" as a
7alue
!or each record. 4tJs simple copENpaste i! EouJre worFing with a
spreadsheet. .r using a CS% simplE use F4N# % R:?1(C: W4$H
?erson or "?erson" resp.
)D Eou can use a C.1-File !or import speci!ication and ha7e a JcomputedJ
section within it% liFe:
:
F.R3M1(S$(R$
F4:1# $Epe:I"?erson"O
F.R3M1(:N#
:
$his will create the additional $EpeI"?erson" !ield !or each record%
e7en i!
there is no such !ield in Eour data.
,D Write Eour own 1S CS import routine.
Pou could also send me what Eou ha7e and 4Jll do the con7ersion !or Eou.
$o
be honest% itJs much harder to e@plain e7erE detail than to do it..
--
Wol!gang Flamme
w!lamme9main/-online.de
"4 lo7e deadlines. 4 lo7e the whooshing sound theE maFe as theE !lE bE."
#ouglas (dams
http:NNsunsite.net.edu.cnNtutorialsNsenotes*NCH&).H$3
http:NNwww.interguru.comNmsieall.htm
http:NNmlarchi7e.ima.comNnotesN&666aN)=6'.html
From: "W.Flamme"
Newsgroups: comp.groupware.lotus-notes.admin
Subject: Re: How to import addresses through CS !ile"
#ate: $ue% &' (pr )''& &*:*+:*, -')''
.rgani/ation: R0-.nline
1ines: 2+
3essage-4#: 56a7r+a8peo8&9news.rhein-/eitung.#:;
Re!erences: 5,aca'+b<.)+),'==,9news.imaginet.!r;
56a!,>)8e*d8&9news.rhein-/eitung.#:;
5,acb)bb'.=,&=&)=*9news.imaginet.!r;
NN$?-?osting-Host: pppin)&=.ma@-main/.r/-online.net
A-$race: news.rhein-/eitung.#: 6+<6,2,=' )<'=) )&).=.&<*.)&= B&' (pr
)''& )':*):2' C3$D
A-Complaints-$o: abuse9rhein-/eitung.de
NN$?-?osting-#ate: &' (pr )''& )':*):2' C3$
A-?rioritE: ,
A-3S3ail-?rioritE: Normal
A-Newsreader: 3icroso!t .utlooF :@press 2.2'.*&,,.)*''
A-3ime.1:: ?roduced GE 3icroso!t 3ime.1: 2.2'.*&,,.)*''
?ath: writerH!r.colt.netH!r.clara.netHheighliner.!r.clara.netH
R:N$.$H4S.S?(C:.F.R.(#:R$4S4NCHnews!eed.hanau.netHnews!eed'&.sul.t-
online.deHnews!eed''.sul.t-online.deHt-online.deHnews!eed.r-Fom.deH
stueberl.r-Fom.deHnews-!!m.transmedia.deHnews./et.netHnews.rhein-
/eitung.deHnot-!or-mail
Are!: writer comp.groupware.lotus-notes.admin:=&<=<
"Frederic Faure" schrieb im
Newsbeitrag news:,acb)bb'.=,&=&)=*9news.imaginet.!r...
; .n Wed% * (pr )''& &):',:2+ -')''% "W.Flamme"
; wrote:
; ;$EpeI"?erson" is probablE missing. ChecF the S:1:C$ statement o! the
; ;contacts 7iew...
;
; 4 donJt understand. Where should 4 put that $EpeI"?erson" statement"
; 4 cannot see anEthing related to S:1:C$ or a Contacts 7iew in the
; $abular $e@t 4mport dialog that pops up when 4 open the ?N(G and
; select File K 4mport.
SoorE !or pu//eling Eou..
What 4 meant Brather than e@plained% perhapsD: 4! Eou want Eour imported
docs to appear in a 7iew% it maFes sense to looF at this 7iewJs
selection
!ormula !irst. :g the contacts 7iewJs S:1:C$ statement demands
FormI"?erson"
L $EpeI"?erson". 4! Eou donJt set the latter !ield 7alue !or Eour
import%
all EouJll see is - nothing. Howe7er the documents ha7e been imported
properlE.
3ost liFelE there will be a lot o! garbage import in the bacFend
alreadE% it
maFes sense to get rid o! that be!ore Eour ne@t trE.
Mn!ortunatelE the import dialog will not allow Eou to declare additional
de!ault 7alues !or Eour import despite JFormJ.
$here are three waEs to address this:
&D add a column named J$EpeJ to Eour import data and add "?erson" as a
7alue
!or each record. 4tJs simple copENpaste i! EouJre worFing with a
spreadsheet. .r using a CS% simplE use F4N# % R:?1(C: W4$H
?erson or "?erson" resp.
)D Eou can use a C.1-File !or import speci!ication and ha7e a JcomputedJ
section within it% liFe:
:
F.R3M1(S$(R$
F4:1# $Epe:I"?erson"O
F.R3M1(:N#
:
$his will create the additional $EpeI"?erson" !ield !or each record%
e7en i!
there is no such !ield in Eour data.
,D Write Eour own 1S CS import routine.
Pou could also send me what Eou ha7e and 4Jll do the con7ersion !or Eou.
$o
be honest% itJs much harder to e@plain e7erE detail than to do it..
--
Wol!gang Flamme
w!lamme9main/-online.de
"4 lo7e deadlines. 4 lo7e the whooshing sound theE maFe as theE !lE bE."
#ouglas (dams
+e'isterin' users &rom an A2"II te8t (le
(le@isOCatherineOR.OOpassword&OOO3arFeting N (cmeOOOOOO3arFeting ?ro!ile
Dheck the online help for infos on each 8eld
:+.; 9ow to e8tract <2*+,ID?
Newsgroups: comp.groupware.lotus-notes.admin
Subject: Re: help HH domino install do not creat user.id"""
;Pou ha7e to open the "lnotes.e@e" !rom one o! the dicrectories and than
;open the address-booF.
;Now open the entrE !or Eour admin and at the bottom o! the window there
;should be an "attachment" Buser4#D% which Eou now can e@tract and use.
9ow to recover a lost password?
Although AM introduced a password recovery feature, you should keep copies of .D 8le (with
their password :+)
Access-control5 Why introduce +oles in addition to A"Ls?
4eats me . don't see the need for additional control where .'d !e perfectly happy setting acces
to a 8eld with eg Ponly such+and+such individual or mem!er of the 3.# group can edit this
8eldP
(Erom .43's Lotus Notes and Domino R5.0 Security Infrastructure Revealed)
+oles in the A"L
0hen a group you want to add to the ADL does not e/ist in the Domino Directory, you may
want to create a special group or role for users of the data!ase Aoles let you de8ne
responsi!ilities in the application and further de8ne access to data!ase elements
What Is a +ole?
A role is a su!set of the ADL that is controlled !y the data!ase manager A role can !e used
anywhere that a group or user name can !e used ,sers and groups are assigned roles to
re8ne access to particular views, forms, sections, or 8elds of a data!ase .nstead of assigning
access to a design element to users and groups, you assign access to the role
#ome advantages of using roles are that they:
*rovide a 6e/i!le method of restricting document access to a speci8c set of users
Dan !e used in formulas
*rovide group control if you do not have the authority to create groups in the Domino
Directory, or if you want to create groups 7ust for the data!ase
3ake it easier for you to modify access when users leave or new users 7oin
What3s the use o& D4 )ype in the D4 roperties section
)%-D%
Lots of administration+related infos in the ):L*AD3NN#E data!ase
Dheck Archive settings
Dheck crash recovery and soft deletions
in AM you can easily create a custom frameset that has several di'erent frames in it (one for
#ales, ABD, etc) "he content of each frame could !e a view, or even a page w$ an em!edded
view Look in the P"odayP section of http:$$wwwnotesnet and do a search for P2at9P
)ips and tricks
2ettin' up Notes as an 27)#% client
I .nstall Notes M
J ;o through the setup wi9ard (@ou D1 want to connect to a Domino server as this 8les
the server name in the 1pen D4 dialog later on)
K 1nce installed, remove all Location docs e/cept .nternet
% .nput adhoc parameters in the .nternet doc
M 1pen D4s from server: e+mail for user, and the *NA4 on the server
N Dreate local replicas of those two D4s
L ,pdate ,ser *references to also include the replica of the *NA4 for recipient name
lookups
T Dreate #3"*, *1*, and LDA* accounts in the user's address !ook
Note: 4y default, *1* R Leave msgs on the server Dhange this to No
9ow to recover the de&ault, &amiliar workspace
.f you don't like the cheesy A1L+like default welcome screen of Notes M, here's how to use the
traditionnal 0orkspace instead:
I Dlick on the Data!ases icon in the left hand+side 4ookmark section
J Aight+click on the 0orkspace item, and select P#et 4ookmar as )ome *ageP
9ow to open a view &rom a We$ $rowser
http:$$mysrv$acmensf$3y?iewW1pen?iew
Addin' a 9istory (eld
"o keep a list of the di'erent users who edited the document:
I 1pen an e/isting D4 that has this feature, go to the Design O #cript Li!raries section,
and copy$paste the )istoryLi! document
J 1pen the form to which you need to add a 8eld to hold change history
K 1pen the 3yEorm Eorm O 1ptions section, and add
% 1ption Declare
,se P)istoryLi!P
M 1pen the 3yEorm Eorm O Declarations section, and add
Dim str*rev)istory As #tring
N 1pen the 3yEorm Eorm O *ost1pen section, and add
str*rev)istory R #ourceEield;et"e/t(P)istoryP)
L 1pen the 3yEorm Eorm O Cuery#ave section, and add
+. #im strHistorE (s String
6. strHistorE I Current#ateBD L "% "
&'. strHistorE I strHistorE L :@tractNameBCurrentMserBDD L
"% "
&&. strHistorE I strHistorE L
Source.FieldCet$e@tB"H#Status"D L ChrB&,D L ChrB&'D L
str?re7HistorE
&). Call Source.FieldSet$e@tB"H#1astMpdated"% strHistorED
Another useful trick: F.f ( X,pdated4y YR nullHFName ( ZDN[H F#u!set ( X,pdated4y H
+I ) )Hnull )
Alternative: Add the following code to a )istory te/t 8eld:
h :I 9$e@tB9NowD - " " - 9NameBQCNRO 9MserNameDO
94!B94sNew#ocO hO 94s#ocGeingSa7edO h : 9SubsetB1astMpdatedO&'DO
9SubsetB1astMpdatedO&'DD
9ow to mana'er appointments &or a whole team?
Dheck out http:$$wwwalmafr$da9i!ao$
9ow to move Domino to another server
regardless of the 1# (N" U+V Linu/ 12):
I 1n the new server, install Domino as if it were the 8rst server in the organi9ation
Derti8er name R Domain name R AD3: Launch the new server once to make sure it
runs 12, and stop it
J Erom the old server, copy all the .D 8les, NE# 8les, along with any N"E template you
might have !uilt
K ,pdate your DN# to make this move transparent to users
% Launch the new server
Note: .f the old server is not disommissioned, and, hence, the new server is assigned a new .*
address, clients might !e una!le to 8nd the new Domino server (. asked in newsgroups where
Notes cached this information, to no avail) "o solve this, create a Donnections document so
that Notes can resolve N:0#A?$AD3: into its .* address: 1pen the user's *ersonal Address
4ook O ?iew O Advanced O Donnections
3ore infos:
http$$wwwsupportlotuscom$simsJnsf$T&Jee%T&!ddKJd&!TMJMNNfa&&MacfTd$J\dcLTJa&!\Mc
cL!TNJMNNIf&&NcfT%dW1penDocument
+esources
4ooks
)ere are !ooks . would recommend, either on administration or development:
Lotus Notes and Domino M Development ,nleashed De!orah Lynd, #teven 2ern
Lotus Notes B Domino :ssential Aeference Dave )atter, "im 4ankes, David )atter
Domino #ystem Administration Ao! 2irkland
Lotus Domino Administration in a Nutshell ;reg Neilson
Accelerated Lotus #tudy ;uide : Lotus Notes #ystem Administration Li!!y #chawr9
#ams "each @ourself Domino M Development in JI Days Gane Dala!ria
Lotus Domino B Notes AM Development ,nleashed
%n the We$
http:$$wwwdominoedgecom$
http:$$wwwdominoprocom$
http:$$wwwsearchdominocom$
http:$$wwwnotesnet
Lotus Notes EAC
Li!!y .ngrassia #chwar9's PLotus Notes #ystem AdministrationP .#4N &+&L+IK%MNJ+&
and #cott "homas B Amy *easley's PLotus Notes Application Development and #ystem
AdministrationP .#4N &+&L+\IKNL%+M
http:$$domino$namesnsf$TMJMMe&I&&IKMNaTTMJMM%cJ&&LMKI&NW1pen?iew
"he Architecture of Lotus Notes
http:$$wwwsupportlotuscom$simsJnsf$cLTKM!f&K\c&IdcJTMJMNNTT&&Nfae\!$!%c&&N
INfNJ%aNfeTMJMNIcd&&NNKLMeW1penDocument
"he Architecture of Lotus Notes http:$$advisorcom$Articlesnsf$aid$*@L:)&I
Lotus Notes and Domino AM& #ecurity .nfrastructure Aevealed
http:$$wwwred!ooksi!mcom$pu!s$pdfs$red!ooks$sgJ%MK%Ipdf (you must register
8rst to download this document)
A free utility called NotesDonnect is said to !e availa!le from Lotus that checks that
the .* connection is working .t 7ust needs to !e copied into the directory where Notes
lives, eg c:]lotus]notes
*ower "ools is a set of %J utilities designed to ease Notes administration
"he Lowdown on the Domino Linu/ .nstall
http:$$wwwdominoprocom$dpmainnsf$I!aI&!ad%!I&d\a&TLJMNL!%&&&!eIKN$&\NJM
ceILc\\\M\NTLJMNTKK&&MaaaTfW1penDocument
)wo to install Domino AM on Linu/
http:$$wwwnotesnet$rMlinu/forumnsf$aacLdMNcaTfdTT%!TMJMNK!e&&NI&NK\$\J\TKI
\IJ%JMMN\&TMJMNTIf&&KK%&M%W1penDocument
A <uick and easy guide to installing Domino on Linu/
http:$$wwwdominopowercom$issuesprint$issueI\\\II$linu/html
1pen source alternatives to Notes and Domino: are they realW
http:$$wwwdominopowercom$issuesprint$issueI\\\&M$futureshtml
A <uick and easy guide to installing Domino for Linu/ !y 3ark Lawson of Domino *ower
3aga9ine
"he Lowdown on the Domino for Linu/ .nstall !y Li!!y .ngrassia #chwar9 of
Domino*ro $ DD.
)ow to get started with Lotus Domino AM #erver M&Ja for Linu/ !y Nicholas *etreley
of Linu/ 0orld
.nstalling and Don8guring Domino for Linu/ !y the Lotus "echnical #upport ,N.- "eam:
"echnical Note num!er: ILLN&
An authorative guide to demonstrating that Lotus Notes sucks