These are the some important points to Remember the Lotus Administrator

1) NSF Notes Storage Facility

2) NTFNotes Template Facility
3) MIMEMulti purpose Internet Mail Extension
4) We can give multiples passwords only for the Cert.id
5) If we include the Server_Restricted =2 in the notes.ini file then only administrator can Access the server
not other users.
6) By default User.ID file Expires 2 years and Server.ID & Cert.ID Expires 100 Years
7) If we find Kit Type=2 in the notes.ini file then, that noets.ini file is for the server.
If we fine Kit Type=1, then notes.ini file for the client.
8) Limitation of the Organization Unit only 4 levels. But IBM recommended keeping only two Organization
Units.
9) If we Register one Origination Unit, then it will created one ID file for OU & a Certifier Document in
Domino Directory.
10) User ID file Contains the Personal Document also
11) When we Register User, then Domino Atomically Cerate the one ID file for the User, User Personal
Document &Mail Database is created.
12) By Default User Password is store in the User ID file.
13) If User is moving from one server to other Server in Different Domin, then AdminP not involves the
Process, Only if the User is moving form one Server to other Server with same Domin then only AdminP
Process the Request.
14) Local Domino Server Group is created by default when we installed the Additional Server.
15) Server Console Security can implement thought the command Set Secure <password>
16) If Administrator is forgot the console password, then just remove set secure line in the notes.ini file.
17) By default no body Full Access Administrator.
18) If User is include in the Server Access Group & Not Access server Group, then the particular user not
access the server.
19) In server Document “Create Database & Templates” , if this option is empty then Every body can created
the Database . This has to take care by administrator.
20) By default Administrator Has the Right to create the Template.
21) On Every Lotus Database having On Disk Structure (ODS) Versions
• R6-43
• R5-41
• R4-20
• R3-17
• R2-16
22) After Upgrading the server from R5 to R6 , give the Compact Command then ODS version will change
on every database.
23) If .NSF Database is changed to .NS5, then it will not convert to any other ODS versions .it’s remains
ODS version 41 only .that means R5 only.

24) Replication Occurs only Both Replica ID’s are same.

25) Domino R6 Enterprise Server & Utility Server Support Clustering
26) Domino Mail Server R6 version Do not Support Clustering.
27) Best Example of the Depositor is Mail. Box
28) By default all users having the Author access to the Domino Directory.
29) In the Readers filed controls that can see the Document & Authors filed promotes who author to editor to
specific Document.
30) Public Documents means even the no access users can see and edit the create the Document.
31) Lotus uses the Secrete key encryption for Filed level security.
32) NRPCNotes Remote Processor call.
33) Domino Support Native MIME. But R4, R5 not support MIME.
34) Mailer is lotus client software which deposits the mail to Mail. Box
35) Domino Administrator can create Maximum of 10 Mail. Box
36) Every User other then Administrator Depositor Access to Mail. Box
37) DNNDomino Named Network
38) NNNNotes Named Network
39) By default Mail. Box Compact the every Day 4.00AM
40) If ID file is store in the Domino Directory the ID file should contained the Password. If ID file not having
password, then it will not store in the Domino Directory.
41) SSOSingle sing On

Raj Kumar.B Mail ID : raj_macro@yahoo.com 1

42) LDTWS Lotus Domino Toolkit for WebSphere Studio
Server Console Commands:

• Show Serverit show the dead mails & pending mails.

• Tell Router Update configRouters will be reloaded the routing table.
• Tell AdminP Process Alladministor process the all pending requests.
• Load Fixup <Database name>It fix up the particular database.
• Load Compact <Database Name> It compact the that particular database
• Tell Router CompactIt Compact the Mail. Box
• Tell Router Show QueueIt will shows the mail held in transfer queues to spcfic servers.
• Show ClusterIt shows local server's cluster name cache, which includes a list of all cluster
members and their status, based on information received during the server’s cluster probes.
• Replicators=number of tasks , this setting you have to specify in the server notes.ini file.
• Restart Port portname, Using this command you can restart the TCPIP prot & other ports.
• Start Port portname, using this command you can start the port. like TCPIP
• Stop Port portname, Using this command you can stop the port.
• Show OpendatabaseIt will shows the current open databases
• Show Server It will Shows the server Information.
• Show Allports It will show the all ports Information on the Server.
• Show Users It will shows the Users will are in open sections.
• Show Memory It will show the memory Information on the server.
• Show Time It will shows the Current time on the server.
• Broadcast “Message” It will Broadcast the message to every open section user.
• Dbcache Show It will show the Cache files information on server.
• Dbcache Flush Clear the Cache on the server.
• Show Diskspace It will show the Disk Space information on the server.

Changing a TCP or SSL port number:

By default, all NRPC connections use TCP port 1352. Because the Internet Assigned Number Authority
(IANA) assigned Lotus Domino this port number, non-Domino applications do not usually compete for this
port.
Do not change the default NRPC port unless:
You can use a NAT or PAT firewall system to redirect a remote system's connection attempt.
You are using Domino port mapping.
You create a Connection document that contains the reassigned port number.

To change the default NRPC port number, use the NOTES.INI setting TCPIPportname_TCPIPAddress and
enter a value available on the system that runs the Domino server. TCP ports with numbers less than 5000
are reserved for application vendors. You may use any number from 1024 through 5000, as long as you
don't install a new application that requires that number.

Default ports for Internet services

You may occasionally need to change the number of the TCP or SSL port assigned to an Internet service.
Lotus Domino uses these default ports for Internet services:

Raj Kumar.B Mail ID : raj_macro@yahoo.com 2

 Service Default TCP port Default SSL port
POP3 110<nozeros> 995 <nozeros>
IMAP 143 <nozeros> 993 <nozeros>
LDAP 389 <nozeros> 636 <nozeros>
SMTP inbound 25 <nozeros> 465 <nozeros>
SMTP outbound 25 <nozeros> 465 <nozeros>
HTTP 80 <nozeros> 443 <nozeros>
IIOP 63148 <nozeros> 63149 <nozeros>
Server Controller N/A 2050<nozeros>

When we installed the First Domino server the following are created atomically
• Cert.id--This is Organization Certifier & save in the Domino Directory
• Server.id
• Admin.id
• A Mail Database is created for the Administrator
• A personal document is created for the Administrator in domino directory.
• A server Document is created.
• A Domino Directory is created for server.
• A configuration Document is created for Domino Directory
• Log.nsf
• Certlog.nsf
• Admin4.nsf
These above 3 databases are required to run AdminP

Partition Server:

In partition server Environment, all Partitions share the same domino program directory and each partition
has its own Domino data directory & notes.ini

Preventing users from viewing ADMIN4.NSF in a hosted environment :

By default, access to the Administration Requests database (ADMIN4.NSF) is set to "Author" for hosted
organization administrators and for -Default-. With this level of access, anyone with a Notes ID at a hosted
organization can open ADMIN4.NSF with a Notes client and view user activity in the database. This is a
security risk.
To prevent users at a hosted organization site from accessing ADMIN4.NSF, do the following:
1. As the service provider administrator, open ADMIN4.NSF and select File - Database - Properties.
2. Select the i Tab and click User Detail.
3. In the User Activity interface, select the check box "Activity is confidential."
4. Click OK. Click X to close out of Properties.

The Domino server log (LOG.NSF):

• Every Domino server has a log file (LOG.NSF) that reports all server activity and provides detailed
information about databases and users on the server. The log file is created automatically when you
start a server for the first time.

Notes ID file contains

• User Name
• Password
• Certifier Information

Raj Kumar.B Mail ID : raj_macro@yahoo.com 3

 • Certifier Duration
• Public Key
• Private Key
• Secrete Key

Procure for Enable Automatic Backup User ID files:

• Create a New Database called Escrow.nsf by using the Mail6.nsf template.

• By default the Escrow.nsf can’t receive the mails, it can only send the Mails
• In order to receive the Mail to Escrow.NSf, cerate Mail-in-Database for the Escrow.nsf
• After above setting apply the Automatic Backup user ID for Organization.

General User Registration is of 4 types

1. Basic RegistrationUser Name & Password is mandatory

2. Advanced Registration
3. Text File Registrationlast Name & Passwords are mandatory
4. MigrationMigration tool must be installed during the Domino Administrator Software.
Policies:

A policy is a document that identifies a collection of individual policy settings documents. Each
of these policy settings documents defines a set of defaults that apply to the users and groups
to which the policy is assigned.

Policy Setting Documents are 4 Types

1. Registration Policy
2. Security Policy
3. Desktop Policy
4. Setup Policy
5. Mail Archive Policy

Registration  If a policy including registration policy settings is in place before you register Notes users,
these settings set default user registration values including user password, Internet address format, roaming
user designation, and mail.
Setup  If a policy including setup policy settings is in place before you set up a new Notes client, these
settings are used during the initial Notes client setup to populate the user's Location document. Setup
settings include Internet browser and proxy settings, applet security settings, and desktop and user
preferences.
Desktop  Use desktop policy settings control and update the user's desktop environment or to reinforce
setup policy settings. For example, if a change is made to any of the policy settings, the next time users
authenticate with their home server, the desktop policy settings restore the default settings or distribute new
settings specified in the desktop policy settings document.
Mail archiving  Use archive policy settings to control mail archiving. Archive settings control where
archiving is performed and specify archive criteria.
Security  Use security settings to set up administration ECLs and define password-management options,
including the synchronization of Internet and Notes passwords.
“If user is Already register, then we can apply only Archive Policy & Security Policy & Setup Policy”
“Policy are Introduced in the Domino R6 Version”
Groups:
Groups can be used for three purposes
• Mailing
• Server Security
• Database Security
Groups are 5 Types in Lotus Domino

Raj Kumar.B Mail ID : raj_macro@yahoo.com 4

 1. Multipurpose
2. Mail Only
3. ACL only
4. Server Group
5. Deny List Group
Multi-purpose  Use for a group that has multiple purposes -- for example, mail, ACLs, and so on. This is
the default.
Access Control List only  Use for server and database access authentication only.
Mail only  Use for mailing list groups.
Servers only  Use in Connection documents and in the Domino Administration client's domain bookmarks
for grouping.
Deny List only  Use to control access to servers. Typically used to prevent terminated employees from
accessing servers, but this type of group can be used to prevent any user from accessing particular servers.
The Administration Process cannot delete any member of the group.
Administrator Types in Lotus Domino:
They are 6 types of Administrator will Available in the Domino server.
1. Full Access Administrator
2. View Only Administrator
3. System Administrator
4. Database Administrator
5. Administrator
6. Remote Administrator
Encryption:
Domino uses the two types of Encryption Techniques
1. RSA Encryption
2. Dual Key Encryption
Encryption protects data from unauthorized access. For all types of encryption except network port
encryption, Domino uses public and private keys .so that data encrypted by one of the keys can be
decrypted only by the other. The public and private keys are mathematically related and uniquely identify the
user. Both are stored in the ID file. Within the ID file, the public key is stored in a certificate, but the private
key is stored separately from the certificate. The certificate containing the public key is also stored in the
Domino Directory, where it is available to other users.
To create Notes public and private keys, Domino uses the dual-key RSA Cryptosystem and the RC2 and
RC4 algorithms for encryption. To create the Internet public key, Domino uses the x.509 certificate format,
which is an industry-standard format that many applications, including Domino, understand.
Both the Notes client and Domino server support 1024-bit RSA key and 128-bit symmetric key for S/MIME
and SSL. The Notes proprietary protocols use a 630-bit key for key exchange, and a 64-bit symmetric key.
Cluster Concept:
All the servers in a Domino cluster continually communicate with each other to keep updated on the status
of each server and to keep database replicas synchronized. Each server in the cluster contains cluster
components that are installed when lotus domino Enterprise Server or Lotus domino 6 Utility server. These
components in the Administrator process perform the Cluster Management & Monitor task to ensure that the
cluster running smoothly.
“Cluster is group of 2 to 6 servers of same Domain & same DNN”
Clustering requirements:
1. All servers in a cluster use TCP/IP Protocol.
2. All servers in the Cluster uses the same Domain and servers must use the same Domino Directory.
3. A server can be a Member of only one cluster.
4. All servers in a Cluster should be above R4.63 Enterprise Edition server.
5. Placed the Cluster servers in the Private LAN (Optional)
6. Client software is above R4.5 & Client should use the TCP/IP protocol.

There are two major reasons to create a replica for a database in a cluster -- to provide constant availability
of the data and to distribute the workload between multiple servers.

Raj Kumar.B Mail ID : raj_macro@yahoo.com 5

If you create too many Replicas’ in the cluster then it is unnecessarily to the overhead of maintaining a
system and affect performance.

Example of clustering two servers for mail and applications

If you have only two servers in your cluster, you can set them up in one of two ways: You can use one of the
servers as the primary server for user access and use the second server as a backup and failover server, or
you can equally divide the workload between the two servers and have them fail over to each other. Dividing
the workload typically ensures better performance when both servers are running. When one server is not
available, performance is the same in both scenarios because one server must process the entire workload
of both servers.
The following figure shows a cluster with two servers with the workload divided between the servers.

Adding a Cluster Server:

You will be prompted by verification prompt. Select Yes.

You will prompted to create a New Cluster the 1st time you create a cluster. Click OK.

Raj Kumar.B Mail ID : raj_macro@yahoo.com 6

Next, you'll be prompted to provide a name for your cluster. For this example we have selected to name the
cluster "MailCluster1".

Select "Yes" to the "....request immediately or via Admin Process" dialog.

You will receive the following prompt when successful.

We need to setup another Domino server on the same cluster in order for failover to function. Select another
Domino server and step through the same steps as shown above. The only exception, is when prompted for
the name of the cluster DO NOT select *Create New Cluster, select the down arrow key and select the
cluster which was created in the steps above. (MailCluster1)

The Domino server will add a couple of services to both of the domino servers.

Raj Kumar.B Mail ID : raj_macro@yahoo.com 7

How failover works:

A cluster's ability to redirect requests from one server to another is called failover. When a user tries to
access a database on a server that is unavailable or in heavy use, Domino directs the user to a replica of
the database on another server in the cluster.

Changing the mail routing failover setting

To change the default mail routing failover setting, make the following change in the Configuration Settings
document for every server in the cluster and every server in the domain that can route mail.
1. From the Domino Administrator or the Web Administrator, click the Configuration tab.
2. In the Task pane, expand Messaging.
3. Click Configurations.
4. Do one of the following:
From the Domino Administrator, select the Configuration document for the server or server group
you want, and click Edit Configuration.
From the Web Administrator, open the Configuration document for the server or server group you
want, and click Edit Server Configuration.
If you do not have a Configuration document for the server or server group you want, create one by
clicking Add Configuration.
5. Click the Router/SMTP - Advanced - Controls tab.
6. In the Cluster failover field, choose one of the following:
Disabled
Enabled for last hop only (the default)
Enabled for all transfers in this domain
7. Save and close the Configuration document.
Note This setting affects delivery to a client but does not affect sending a message from a client when the
mail server is unavailable. If a user sends a message when the mail server is unavailable, the delivery fails
over to another server in the cluster, and the router on that server sends the message.

Fault recovery in a cluster

Fault recovery is the ability of a Domino server to clean up and restart itself after a failure. Fault recovery
works well in a Domino cluster. If there is no Domino server to fail over to, fault recovery still ensures that
users will have constant access to their data. Even if users fail over to another cluster server, fault recovery
increases availability because the failed server becomes available again. In addition, depending on the
workload balancing parameters you've set, some users will fail back to the original server when they open
new databases.
If you are using an operating system cluster in conjunction with a Domino cluster, the decision about
whether or not to use fault recovery depends on how you configured the operating system cluster. If you
configured the operating system cluster to fail over on a hardware failure only, fault recovery works well.
Fault recovery restarts Domino on its current server, and no operating system fail over occurs.
If you configured your operating system cluster to fail over on both hardware and software failures, you don't
need fault recovery because the operating system cluster will restart Domino on another server in the
cluster. In fact, you should disable fault recovery so you won't have Domino restarting itself while the
operating system cluster is also restarting it. This can lead to problems.
By default, fault recovery is disabled. You enable it in the Server document.
1. From the Domino Administrator or the Web Administrator, click the Configuration tab.
2. In the Task pane, expand Server, and click All Server Documents.
3. In the Results pane, select the Server document you want, click Edit Server, and then click the Basics
tab.

Raj Kumar.B Mail ID : raj_macro@yahoo.com 8

 4. In the Fault Recovery section, choose "Enabled" in the "Automatically Restart Server After
Fault/Crash" field.

Creating mail database replicas in a cluster during user registration from the Domino Administrator
1. Click the People & Groups tab.
2. In the Tools pane, expand People, and then click Register.
3. In the "Choose a Certifier" dialog box, choose a certifier and click OK.
4. In the Register Person -- New Entry dialog box, select Advanced, and then click the Mail tab.
5. In the Mail system field, choose Lotus Notes.
6. Click Mail Server, and choose a cluster server as the Mail server.
7. Click Mail File Replicas.
8. Select "Create mail database replica(s)." A list is displayed of servers in the same cluster as the Mail
server.
9. Do one of the following:
To create a replica of the mail database on all of the cluster servers, skip this step.
To change the list of servers to receive a replica, use the Remove Server(s) button and the Add
Server(s) button.
10. (Optional) Select "Create mail replica(s) in background."
11. Click OK, and then complete any other fields you want on the Mail tab.
12. (Optional) If you want to set up the user for roaming in a cluster, follow the procedure in the topic
"Setting up roaming in a cluster."
13. Complete the rest of the user registration the way you normally would.

Server Database Security:

There are 7 types of Access levels are their in the ACL to access the Database.

• Manager
• Designer
• Editor
• Author
• Reader
• Depositor
• No Access
Managerwho can create the Database is Manager to that database.
Only manager can encrypt the Database.
Only Manger can Change the ACL setting.
Only Manager can compact the Database.
Only Manager can delete the Database
DesignerDesigner can Access the all Design Elements like Views, form...etc.
Designer can create FT Index to the database (Full text Index).
Designer can delete the Document if Manager give the permission.
Editor By Default Editor can Create, Read & Modified the Document.
Editor can delete the Document if manager give the permission.
AuthorAuthor can Read the document if manager gives the permission.
Author can delete the Document, if author is owner of that document.
Author can always read Documents.
ReadersBy default readers can read the document.
Readers can’t Create & can’t Update the Documents.
DepositorDepositor can create the Document, but they can’t read the Document.

Mail Administration:

Domino uses the two routing protocols

• NRPCNotes Remote Processor Call.
• SMTPSimple Mail Transport Protocol

Domino uses the two types of mail Framets

• RTFRich Text Filed

Raj Kumar.B Mail ID : raj_macro@yahoo.com 9

 • MIMEMulti purpose Internet Mail Extension.

Domino Uses the Following Mail Access Protocols

• POP3this is for Outlook client
• IMAPthis is for Netscape Client
• NRPCthis is for Lotus notes client
•HTTPthis is for Internet Explorer Client.
Domino uses the following Mail Templates
• Mail6.ntfthis is for the Intranet users
• Inotes (R5).ntf this is for the Internet users
• Inotes(R6).ntf this is for internet users
• Extended Mail.ntf this is for Outlook users

If the Server are said to be same DNN then

• Servers must use Same LAN Protocols
• Constant LAN connection ( not dialup connection)
• Server must be same Domain
Message Tracking:

• By Default the Message Tracking is disabling in the Configuration document. Administrator has to
enable the Message Tracking.
• Mail Tracker Collector Task (MTC) Reads Special Mail tracker Log files (MTC files) produced by the
Router and copied then in to Mail Tracker Store Database called MTSTORE.NSF

Enabling single sign-on and basic authentication:

This procedure creates single sign-on cookies for your server that can be used successfully on other
participating servers.
To enable single sign-on and basic authentication for a Web Site
Use this procedure to enable single sign-on for Domino 6 servers configured with Web Site documents.
1. In the Domino Administrator, click Configuration - Web - Internet Sites.
2. Open the Web Site document for which you want to enable single sign-on.
3. Click Domino Web Engine.
4. In Session authentication, select "Multiple Servers (SSO)."
5. In the Web SSO Configuration field, select the Web SSO Configuration for this Web Site from the
drop-down list.
6. Click Security. For both TCP and SSL authentication, enable Name & Password.
7. Save and close the Web Site document.
8. At the server console, start the HTTP process by typing:
load HTTP
If the HTTP process is already running, type:
tell HTTP restart
Note If something is wrong with the configuration, the browser will receive an Error 500 message stating
that single sign-on is not configured.
To enable single sign-on and basic authentication in the Server document
Use this procedure to enable single sign-on for Domino Release 5.0x servers, or for Domino 6 servers not
configured with Web Site documents.
1. Open the Server document.
2. Click Ports - Internet Ports - Web, and enable Name-and-password authentication for the Web
(HTTP/HTTPS) port.
3. Click Internet Protocols - Domino Web Engine, and select Multiple Servers (SSO) in the Session
authentication field.
Note The "Idle session timeout" and "Maximum active sessions" fields will be disabled.

Raj Kumar.B Mail ID : raj_macro@yahoo.com 10

 4. In the Web SSO Configuration field, select the Web SSO Configuration for this server from the drop-
down list.
5. Save and close the Server document.

New features in Lotus Domino 7.0

Lotus Domino 7.0 has been enhanced to include the following administration Tools

• Improved policy management

• Automated client installation and upgrade
• Linux/Mozilla Web Administration client
• Serviceability, including autonomic data collection
• Administration scriptability
• Rename reversion approval

Domino Domain Monitoring (DDM) provides a single location in the Domino Administrator client that you can
use to view the status of multiple servers across one or more domains. To do this, DDM uses configurable
probes to gather information across multiple servers. These probes check for issues involving the Directory,
SMTP, routing, replication, ACL, security, and agents. DDM then consolidates and reports that information
on specially-designated collection servers in a Notes output database called the Domino Domain Monitor
(DDM.NSF).

Improved policy management

Policy-based management was introduced in Lotus Domino 6. Release 7.0 extends this functionality further
by offering a new Mail policy document. With it, you can define a set of corporate information that you want
to apply to your mail users. In addition, a new client policy lockdown feature lets you specify which policy
settings your users can modify.
Automated client installation and upgrade

Lotus Domino 7.0 includes a number of enhancements to Lotus Notes Smart Upgrade. For example, Smart
Upgrade now detaches kits in the background to prevent lost time due to a non-working client. Smart
Upgrade also provides failover from a shared (network) upgrade kit to another server's attached kit. In
addition:

• Administrators are notified via a mail-in database of the Smart Upgrade status (success, failed, or
delayed) by user/machine.
• In clustered environments, Smart Upgrade can switch to another member of the cluster if the first
server is unavailable.
• Provisioning is available for the Smart Upgrade Tracking database.
• Smart Upgrade governor limits the number of downloads from a single server to avoid excessive
server load.

Linux/Mozilla Web Administration client

You can run the Domino 7.0 Web Administration client from a Mozilla Web browser on a Linux system,
enabling an end-to-end Linux deployment of Lotus Domino and Domino Web Access with no need for
Windows in the environment.

Other Domino administration enhancements

Lotus Domino 7.0 also offers the following features to make administration easier:

• The ability to write the status bar history to a log file

• The ability to suppress the Roaming User Upgrade prompt

DB2 support and other integration enhancements

A major new feature in Lotus Domino 7.0 (one that is sure to draw a great deal of attention and interest) is its
support of DB2 as a data store. In Lotus Domino 7.0, you can use both DB2 databases and Domino
databases, accessing and viewing data stored in either format. Users experience no visible difference

Raj Kumar.B Mail ID : raj_macro@yahoo.com 11

between the Domino data and the DB2 data. Nor do they need a DB2 ID or DB2 connectivity. And you can
replicate a DB2 database just as you would a Notes database.

Messaging and anti-spam protection:

Lotus Domino 7.0 now features private blacklist/whitelist filters for SMTP connections and DNS whitelist
filters for SMTP connections. Most spam filtering involves blacklists in which email from addresses on the list
is rejected or filtered.

Figure 1. BlackList option

Starting and stopping the ISpy task

Create a TCP server event generator to verify the availability of the services on Internet ports on one or
more servers. A TCP server event generator uses the ISpy task to send a probe to test whether the
server is responding on a port

By default, the ISpy task monitors all enabled Internet ports (TCP services) on the server on which it is
running.

You must start the ISpy task before you can create server and mail routing event generators. The ISpy task
does not start automatically. Use any of these methods to start and stop the ISpy task. Because the ISpy
task is case-sensitive, you must enter it exactly as shown in this table.
To do this Perform this task
Start the ISpy task automatically Edit the ServerTasks setting in the
when the server starts NOTES.INI file to include runjava ISpy.
Start the ISpy task manually Enter the command load runjava ISpy at
the console.
Stop the ISpy task Enter either the command tell runjava ISpy
unload or tell runjava quit at the console.

Mail journaling

Mail journaling enables administrators to capture a copy of specified messages that the Router processes by
the Domino system. Journaling can capture all messages handled by the Router or only messages that
meet specific defined criteria. When mail journaling is enabled, Domino examines messages as they pass

Raj Kumar.B Mail ID : raj_macro@yahoo.com 12

through MAIL.BOX and saves copies of selected messages to a Domino Mail Journaling database
(MAILJRN.NSF) for later retrieval and review. Mail journaling works in conjunction with mail rules, so that
you create a journaling rule to specify the criteria for which messages to journal. For example, you can
journal messages sent to or from specific people, groups, or domains. Before depositing messages in the
Mail Journaling database, the Router encrypts them to ensure that only authorized persons can examine
them. Journaling does not disrupt the normal routing of a message. After the Router copies a message to
the Mail Journaling database, it continues to dispatch the message to its intended recipient.

Domino mail journaling differs from message archiving. Journaling works dynamically, making a copy of
each message as it passes through MAIL.BOX to its destination and placing the copy in the Mail Journaling
database. A copy of the message is retained, even if the recipient, or an agent acting on the recipient's mail
file, deletes it immediately upon delivery. Archiving is used to reduce the size of an active mail file database
by deleting messages from one location and moving them to an offline database, usually in another location,
for long-term storage. Archiving acts on messages that have already been delivered. Journaling is
performed automatically by the server; while archiving is a manual operation, performed by end users on
their own mail files. End users can search for and retrieve messages from a mail file archive, but only an
authorized administrator can examine a Mail Journaling database.

There are two steps to configure journaling:

Setting up the Mail Journaling database
Specifying which messages to journal

By default, mail journaling is not enabled. You enable journaling from the Configuration Settings document.
To set up the Mail Journaling database, you specify where to store journaled messages and then set options
for managing the security and size of the database.
After you enable journaling, Domino automatically creates the Mail Journaling database in the specified
location.
To set up the Mail Journaling database

1. Make sure you already have a Configuration Settings document for the server(s) to be configured.
2. From the Domino Administrator, click the Configuration tab and expand the Messaging section.
3. Click Configurations.
4. Select the Configuration Settings document for the mail server or servers where you want to journal
mail, and click Edit Configuration.
5. Click the Router/SMTP - Advanced - Journaling tab.
6. Complete the following fields, and then click Save & Close:
Specifying messages to journal
After you enable journaling, set mail rules on the Configuration Settings document to specify which
messages to journal.
If you specify All documents and a message is returned as undeliverable, Domino journals the delivery
failure report as well as the original message.
When Domino journals a message, it sets a journal flag on the message before transferring it to the next
server on the route. This ensures that servers later in the routing path do not journal the message again.
When the Router on the destination mail server delivers the message to the user's mail file it removes the
journal flag so to that the user remains unaware that the message was been journaled.
On servers running the ISpy task, this task sends mail probes in the form of trace messages to test mail
connectivity approximately every five minutes. Under normal use, the ISpy task automatically deletes
these probes from the ISpy mail-in database and the only trace of them are entries in the Routing events
view of the server log file and on the server console. However, if you enable a journaling rule on these
servers and specify the condition "All documents," the Mail Journaling database will capture each trace
message that the ISpy task sends. To prevent the Mail Journaling database from filling up with these
entries, configure a rule exception for messages where the sender includes "ISpy."

Raj Kumar.B Mail ID : raj_macro@yahoo.com 13

Field Description
Journaling Specifies whether the server supports mail journaling. Choose one:
Enabled - Domino supports mail journaling on the servers governed by this document. To
journal mail, create a server mail rule with the action "Journal this message."
Disabled - (default) Mail journaling is not supported on the servers governed by this document.
Field Specifies the names of Notes message fields that Domino does not encrypt when adding
encryption messages to the Mail Journaling database. Encrypted fields cannot be displayed in a view. List any
exclusion fields you want to display in a view. By default, the following fields are not encrypted: Form, From,
list Principal, and PostedDate.
Note When using a mail-in database for journaling, Domino does not automatically encrypt
messages added to the database. To encrypt messages in a mail-in database use the Mail-in
database document to specify encryption of incoming messages.
Method Specifies the location of the Mail Journaling database. Choose one:
Copy to local database - (default) The Router copies each journaled message to a database on
the local server. If it does not already exist, Domino creates a local Mail Journaling database on
the server. If the Configuration Settings document applies to multiple servers, Domino creates a
unique Mail Journaling database on each server.
Send to mail-in database - The Router copies each journaled message and sends it to a specified
mail-in database. The specified database must already exist and must have a Mail-in database
document in the Domino Directory. The mail-in database used for journaling may be on any Domino
server, including the local server. Specify the mail file where journaled messages are to be sent in
the Mail Destination field. When using a mail-in database for journaling, be sure to encrypt
messages when adding them to the database. To encrypt messages sent to a mail-in database,
enable encryption on the Administration tab of the Mail-in database document.
Database If you specified "Copy to local database" as the journaling method, specify the file name you want
name Domino to use when it creates the Mail Journaling database. The default name is MAILJRN.NSF.
Mail If you specified "Send to mail-in database" as the journaling method, use this field to enter the
destination name of the mail-in database to which the Router forwards messages to be journaled.
Click the down-arrow to select the name of the mail-in database from the Domino Directory.
Note You must create the mail-in database beforehand; Domino does not automatically create
mail-in databases for journaling.
Encrypt on If you specified "Copy to local database" as the journaling method, enter the fully qualified Notes
behalf of Name of the user whose certified public key Domino uses to encrypt messages added to the
user database. To ensure privacy, consider creating a special user ID for reviewing journaled messages,
and protect the ID with multiple passwords.
To encrypt messages sent to a mail-in database, enable encryption on the Administration tab of the
Mail-in database document.
Database For local Mail Journaling databases, the entry in this field specifies how Domino controls the size of
Manageme the Mail Journaling database. When the database management method in effect calls for Domino to
nt - Method create a new Mail Journaling database, on the day that it creates the new database, it does so at
approximately 12:00 AM. Choose one of the following methods:
Periodic Rollover - (default) When the current Mail journaling database reaches the age
specified in the Periodicity field, Domino renames the existing Mail Journaling database and
creates a new Mail Journaling database with the original name.
None - Domino does not automatically control the size of the Mail Journaling database. If you
do not use one of the available methods for controlling database size automatically, be sure to
monitor the database size and use appropriate tools to archive the journal data.
Purge/Compact - Domino deletes documents from the database after the number of days
specified in the Data Retention field and then compacts the database.
Size Rollover - When the current database reaches the size specified in the Maximum size field,
Domino renames the database and creates a new Mail Journaling database with the original name.
Periodicity If you specified Periodic Rollover in the preceding field, Domino displays this field for specifying the
length, in days, of the rollover interval. The default value is 1 day.
Data If you specified Purge/Compact in the Database Management-Method field, Domino displays this
Retention field for specifying the time, in days, that a message remains in the Mail Journaling database before
being deleted.

Raj Kumar.B Mail ID : raj_macro@yahoo.com 14

Maximum If you specified Size Rollover in the Database Management-Method field, Domino displays this field
size for specifying a size limit, in megabytes (MB), for the Mail journaling database. After the database
reaches the specified size, Domino renames it and creates a new one.

To recover a user ID from a backup ID

The user completes these steps.
1. If you have recovery information set up for your user ID, contact your administrator to obtain the
password(s) needed to recover your ID. The recovery password is randomly generated and unique to
each recoverable ID file and administrator.
Note If you do not have access to your user ID file, contact your administrator, who can provide you
with an encrypted backup of your user ID. Once you have the backup user ID, continue with the
following steps.
2. When you first log in to Notes and the Password dialog box appears, do not enter your password. Just
click OK.
3. Click "Recover Password" in the "Wrong password" dialog box.
4. Select the user ID file to recover in the "Choose ID File to Recover" dialog box.
5. Enter the password(s) given to you by your administrator(s) in the "Enter Passwords" dialog box, and
repeat until you have entered all of the passwords, and you are prompted to enter a new password for
your user ID.
6. Enter a new password for your user ID, and confirm the password when prompted. Note that if you do
not enter a new password, you will need to recover your user ID again.
7. Replace all backups and copies of your user ID file with the newly recovered user ID file.
To obtain the ID file recovery password
For security reasons, the administrators must complete these steps from their own workstations, rather than
from the same workstation. Using separate workstations prevents an unauthorized user from using a
program to capture the keystrokes that the administrators enter on the same workstation. If an unauthorized
user obtains an administrator's ID file and password, the unauthorized user can obtain the administrator's
recovery password for all ID files. Therefore, you must protect the administrator's ID file and require that
multiple administrators work together to recover any given user ID file.
1. Detach the encrypted backup of the user's ID file from the mail or mail-in database to the local hard
drive.
2. If the user's ID file is damaged, send a copy of the ID file from the centralized mail or mail-in database
to the user.
3. From the Domino Administrator, click the Configuration tab, and choose Certification - Extract
Recovery Password.
4. Enter the password to the administrator's ID file.
5. Specify the ID file you want to recover. This is the same ID you detached in Step 1.
6. Give the user the recovery password that is displayed.

1)If any problems in the lotus notes client issues need to check , whether user ID file is working or not in the
, please open the address book in the workspace , if the address book is opening without any problem, then
problem with local lotus notes not in the sever .

2) For the Archive the mails user need minimum editor access required ,if user already having the editor
access but still it archive setting disabled, then there is a problem in the location document , need to filed
the proper details.

3) IF you want to rename the user ID file , then go to certify then you can change the rename of the ID file

Raj Kumar.B Mail ID : raj_macro@yahoo.com 15