A One-Way Street? Contact Sync for Traveler and Android

I have some Traveler users that want to sync contacts that they create on their devices back into Lotus Notes. 

The option doesn't seem to be available to create a Lotus Traveler contact on my Android device. I also don't see an option to "add Sender to Contacts" from an email.
  
Am I missing a trick here?

Traveler version info for the curious: 

Server: Lotus Notes Traveler 8.5.3.200 running on Lotus Domino server Release 8.5.3FP3 HF147 
Client: 8.5.3.200 201306211422 on Android 4.1.2.

(PS: I've hunted for feature requests and blogs about this, but couldn't find anything...)

Screengrabs to entertain you...

Here are a couple of screengrabs to brighten up your day.

I guess it's just another day in Domino Admin world...

1. Why would you set your Sametime status to "Away" then go on vacation for two weeks?

2. This one gets blogged every so often by like-minded individuals, but it never ceases to entertain...
 

Designer keep crashing? Unable to delete apps? Notes client really slow? Something to try.

As a Domino Administrator with a smidge of Design skill I am constantly using all three Notes clients during my working day. Over recent weeks, I have found my Notes 8.5.3 client getting slower and slower and some other issues which were more worrying, such as:

• Unable to delete Notes applications either from Local or from a server. (Notes just crashed).
• Opening Designer crashed Notes immediately.

I tried the following to fix it:

•  Installed FP3.
• Offline compact, fixup and updall against the entire data directory.
• Ensured that ODS was updated to version 51 on all system databases.
• Uninstall / Re-install the application (after a registry sweep to ensure all gremlins were gone).
• Disable all client add-ins (there was just one).

I found a few forum threads and blog posts which suggested that the bookmark.nsf might be "corrupted" so I thought I'd focus on that.

(Corrupted is a word which gets used far too often in Notes world in my view! If the file were really corrupted, I wouldn't be able to use the thing at all, right? I'm pretty sure I'd struggle to find a dictionary definition for "corrupted" meaning "kinda works sometimes").

So I renamed bookmark.nsf to oldbookmark.nsf. On restarting the client a new bookmark.nsf was spawned (you need a bookmark.ntf in your data directory if that doesn't happen for you) and suddenly my issues went away.

What have I lost by doing this? Actually, not much. Here's what I found:

• My client preferences were retained.
• My Domino Administrator server bookmarks and domains were retained.
• My Domino Designer bookmarks were retained.
• My workspace icons were retained.

but...

• My homepage was lost (I was only using the default anyway - no big deal).
• The links in my "Open" list (I had links to my Traveler.nsf and a couple of spreadsheets there) were lost.

So, I've lost very little, but gained a client which works at an acceptable speed, with very little data loss.

I highly recommended this to anyone else who has been suffering from the same issue!

Mail encryption using IBM Traveler in a multi-domain environment

Lots of members of the Notes blogging community share stuff all the time. I'm not one of them, I know that, but I thought I'd share this with you.

I remember from Paul Mooney's presentations at IBM Connect (I think it was the AdminBlast) strongly advocating keeping your Traveler server(s) in a separate Domino domain to your production mail environment.

This is because Traveler is constantly being updated to support latest devices and features, administrators should keep the Traveler server running the latest versions and patches for Domino and Traveler, regardless of whether you're running version 8.* or 9.*.

Similarly, best practise suggests that administrators should keep Sametime servers in their own domain too. Let's face it, Sametime is a very delicate little flower, it needs a lot of love, care and attention when patching, so you might not want a Domino 8.5.3 Domino Directory running on your Domino 8.5.2 server running Sametime 8.5.1. Actually, that combination probably works but you get the idea! :)

Anyway, here's the issue...  

By default, Traveler will tell your users that mail encryption will work, but actually it won't. 
 
I assume the following:

1. You're running ID Vault on your mail servers.
2. You're users have not uploaded their Notes ids to their mailboxes to access encrypted content via Domino Web Access.

Here's the evidence for the prosecution:

• My Traveler server is in a separate domain to my mail servers.
• The following information is displayed when dumping a user's Traveler profile to text:
  
  "Notes ID: Mail File does not contain the Notes ID."
  
  "Encrypting, decrypting and signing messages are enabled because the Notes ID is in the mail file or the ID vault."
• When the user tries to open an encrypted email, the user cannot access the email. You get different behaviours depending on the device. In my testing:
  
  - iOS: Error: "There is no Notes id for your user on Traveler"
  
  - Android: There's no error message. When the user clicks the Download button in the message, he is prompted for his Notes password. The device hourglasses for a moment and then the email is not displayed.

Explanation
Simply put, ID Vault does not authenticate users across domains. There is an IBM SPR about this (SPR #YDEN8FFERA) which you can log a feature request against.

My frustration here is that Traveler says that access to encrypted emails this way will work, but in fact it doesn't.

Workaround

The easiest way to fix this is to advise users who want to access encrypted emails through their devices to upload their Notes id to their mailboxes. This can be done from your Traveler server's website. All they need to do is:

1. Log into the Traveler server's website.
2. Click "Manage the Notes id".
3. Click "Upload the Notes id".
4. Browse to the Notes id file, and enter the password for the id as shown.

 Another workaround to this issue would be to automate the addition of Notes ids from ID Vault into the user's mail database. A third party tool is available to do this (I've not tried it, but I'd be interested to know if you have!) provided by Helpsoft*.

Another workaround might be to move your Traveler into the same mail domain as your servers. If you're happy keeping your mail servers at the latest-ish release of Domino, then you'll probably be ok. Just be careful with those Sametime or Quickr boxes though.

* I am in no way affiliated with Helpsoft, but I have been a very satisfied user of some of their products for some time.

Monday afternoon email amusement

This always makes me smile when it arrives into my mailbox! :)

Stuff I'm looking forward to at Connect 2013

I'm attending the IBM-Connect-o-Lotusphere 2013 event for my first time this year. I'm really looking forward to it.

Here are just a few of the things I'm looking forward to learning / doing / experiencing while I'm there.

• Meeting like-minded Domino and Messaging Administrators and IBM customers.
• Finding fixes for some of the more frustrating features of Lotus Notes and Domino.
• Learning more about Portal / Connections.
• Learning more about Tivoli Directory Integator, and having a play with it.
• Understanding how other administrators or infrastructure experts would re-design my server topology if they got the chance. There are so many ways to skin that cat! :)
• Learning more about automated client deployments or upgrades.
• Having a play with ND9.
• Meeting the guys from Panagenda, understanding more about the Eclipse manager plugin for Marvelclient and the product roadmap. (I'm a big fan of Marvelclient, but the last release had its limitations for ND8 users).
• Meeting third party suppliers, the vendors of the tools which I could not manage without, and those who have products I'm interested in.
• Attending the general introduction meeting. I watched it online last year and laughed at how everyone applauded the demo's when they worked! :)
• Buying Ed Brill's book.
• Meeting the many Domino bloggers that I've learnt so much from personally.
• Contributing in my small way to making Connect 2013 a social business event.

See you there if you're going!

More Webex Productivity Tools Goodness

Hello again!

Following on from my last post, I have completed a more thorough inventory of the design elements which need to be unprotected or deleted in order to fully uninstall the Webex Productivity Tools from a Lotus Notes mailbox.

Here's the list:

Forms
_Calendar Entry

Shared Elements\Subforms
Wbx_subform

Code\Script Libraries
CSCalendarEntry
CSEventClass
CSEventNotes
CSUIViewClass

Further to this list, it is important to delete the "Database Script" from the mailbox.
To do this, expand the "Code" section, then right-click the Database Script entry and click delete.

Once you have completed the above tasks, you should be able to re-install the Productivity Tools successfully into the mailbox. Alternatively, if you delete the above design elements, you can then re-apply your mailbox's design (I prefer to use the "load convert -u" console command) and restore your mailbox back to your favourite template. You might even be able to create meetings! :)

Some other points to note:

1. If it all goes horribly wrong, you might experience one of the following error messages on trying to create an email or a meeting in your mailbox. If you experience either of these errors, check that the above list of design elements are either unprotected or deleted.
   
   "Cannot find external name: SIGNENCRYPTPOLICY"
   
   "Error: Type mismatch on external name: CSEVENTNOTES"
    
2. Cisco offer a tool called the LNI Admin Tool, which can be used to apply the Webex Productivity Tools design elements to multiple mailboxes. It seems to use a modified version of the "nconvert" Domino task to do this.
   
   I have no experience with using this tool, and would love to hear form anyone who has.