Congratulations!

[Valid RSS] This is a valid RSS feed.

Recommendations

This feed is valid, but interoperability with the widest range of feed readers could be improved by implementing the following recommendations.

Source: http://blog.nashcom.de/nashcomblog.nsf/feed.rss

  1. <?xml version="1.0" encoding="utf-8"?>
  2. <rss version="2.0"
  3. xmlns:dc="http://purl.org/dc/elements/1.1/"
  4. xmlns:sy="http://purl.org/rss/1.0/modules/syndication/"
  5. xmlns:admin="http://webns.net/mvcb/"
  6. xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"
  7. xmlns:content="http://purl.org/rss/1.0/modules/content/"
  8. xmlns:wfw="http://wellformedweb.org/CommentAPI/">
  9. <channel>
  10. <title>Daniel Nashed&#8217;s Blog</title>
  11. <description>Domino on Linux/Unix, Troubleshooting, Best Practices, Tips and more ...</description>
  12. <link>http://blog.nashcom.de/nashcomblog.nsf/</link>
  13. <language>en-us</language>
  14. <lastBuildDate>Thu, 8 Dec 2016 15:59:38 +0200</lastBuildDate>
  15. <item>
  16. <title>Notes 9.0.1 FP7 IF1 released</title>
  17. <pubDate>Thu, 8 Dec 2016 15:59:38 +0200</pubDate>
  18. <description>
  19. <![CDATA[
  20. There is a new IF1 for the Notes Client. Now it begins to be more complicated. The client IF1 and the server IF1 for the Linux issue (see previous posts) have nothing to do with each other and contai ...
  21. ]]>
  22. </description>
  23. <link>http://blog.nashcom.de/nashcomblog.nsf/dx/notes-9.0.1-fp7-if1-released.htm</link>
  24. <category>Notes Client</category>
  25. <dc:creator>Daniel Nashed</dc:creator>
  26. <comments>http://blog.nashcom.de/nashcomblog.nsf/dx/notes-9.0.1-fp7-if1-released.htm?opendocument&amp;comments</comments>
  27. <guid isPermaLink="true">http://blog.nashcom.de/nashcomblog.nsf/dx/notes-9.0.1-fp7-if1-released.htm</guid>
  28. <content:encoded><![CDATA[ <font size=2 face="sans-serif">There is a new IF1 for the Notes Client. Now it begins to be more complicated. </font> <br /><font size=2 face="sans-serif">The client IF1 and the server IF1 for the Linux issue (see previous posts) have nothing to do with each other and contain different SPRs.</font> <br /> <br /><font size=2 face="sans-serif">The most important fix is the issue we had with ID vault when the new port encryption is used.</font> <br /><font size=2 face="sans-serif">Given that the SPR is fixed in the client this looks like a client issue and not a server issue.</font> <br /> <br /><font size=2 face="sans-serif">-- Daniel</font> <br /> <br /> <br /><font size=2 face="sans-serif">Notes 9.0.1 Fix Pack 7 Interim Fix 1</font> <br /> <br /><font size=2 face="sans-serif">RGAUADUM59</font> <br /><font size=2 face="sans-serif">&nbsp; &nbsp; &nbsp; &nbsp; Duplicate Attachment Icons When Using Ls Embedobject To Attach Files To A NotesRichTextItem &nbsp; &nbsp; &nbsp; &nbsp; </font> <br /> <br /><font size=2 face="sans-serif">BBSZAEEK8C</font> <br /><font size=2 face="sans-serif">&nbsp; &nbsp; &nbsp; &nbsp; Notes User Id File Upload To Vault Failed If Port_enc_adv Parameter Is Enabled </font> <br />  ]]></content:encoded>
  29. <wfw:commentRss> http://blog.nashcom.de/nashcomblog.nsf/dxcomments/notes-9.0.1-fp7-if1-released.htm</wfw:commentRss>
  30. <wfw:comment> http://blog.nashcom.de/nashcomblog.nsf/dx/notes-9.0.1-fp7-if1-released.htm?opendocument&amp;comments</wfw:comment>
  31. </item>
  32. <item>
  33. <title>Traveler 9.0.1.15 available with some important changes</title>
  34. <pubDate>Tue, 15 Nov 2016 19:14:58 +0200</pubDate>
  35. <description>
  36. <![CDATA[
  37. Traveler 9.0.1.15 has been released with some important fixes and also changes. The Release documentation has some interesting details. Here is the extract from the release documentation with some co ...
  38. ]]>
  39. </description>
  40. <link>http://blog.nashcom.de/nashcomblog.nsf/dx/traveler-9.0.1.15-available-with-some-important-fixes.htm</link>
  41. <category>Traveler</category>
  42. <dc:creator>Daniel Nashed</dc:creator>
  43. <comments>http://blog.nashcom.de/nashcomblog.nsf/dx/traveler-9.0.1.15-available-with-some-important-fixes.htm?opendocument&amp;comments</comments>
  44. <guid isPermaLink="true">http://blog.nashcom.de/nashcomblog.nsf/dx/traveler-9.0.1.15-available-with-some-important-fixes.htm</guid>
  45. <content:encoded><![CDATA[ <font size=2 face="sans-serif">Traveler 9.0.1.15 has been released with some important fixes and also changes. The Release documentation has some interesting details.</font> <br /> <br /><font size=2 face="sans-serif">Here is the extract from the release documentation with some comments.</font> <br /> <br /><font size=2 face="sans-serif"><strong>What's New</strong></font> <br /> <br /> <br /><font size=2 face="sans-serif"><strong>"Device wipe is no longer an option for iOS 10.x devices as support was dropped by Apple. You can still use the Wipe Traveler Data option."</strong></font> <br /> <br /><font size=2 face="sans-serif">For security reasons Apple disabled wipe over ActiveSync which is understandable. Before that change every server could wipe any device connected via ActiveSync.</font> <br /><font size=2 face="sans-serif">With this Apple side change Traveler could not delete the device any more and the status from the device was not interpreted correctly by the server.</font> <br /><font size=2 face="sans-serif">Traveler does now check if the device still supports the wipe (running iOS earlier than 10.x) and does only allow the Data Wipe over ActiveSync if the full wipe is not supported on the device.</font> <br /> <br /> <br /><font size=2 face="sans-serif"><strong>"Yellow status message if the IBM Traveler server is not listed as a Trusted Server for an end user's mail server. This is required for future security and feature enhancements planned for 2017. The status message will include information about how to correct."</strong></font> <br /> <br /><font size=2 face="sans-serif">Sounds like IBM is planning a bigger change in 2017 for Traveler. I am curious what this higher security requirements are needed for. Trusted Servers are a quite high requirement which allow the Traveler servers to fully authenticate as any user on the mail server. It's much higher than just granting manager access to an individual mailfile. </font> <br /> <br /><font size=2 face="sans-serif">I have removed the Trusted Servers entry on my mail-server but I did not yet see the warning.</font> <br /> <br /><font size=2 face="sans-serif"><strong>"Database schema updates to improve data integrity.</strong></font> <br /> <br /><font size=2 face="sans-serif"><strong>Tablerepair tell command to support the above schema updates. A warning message will be displayed at startup if any of the schema updates were not applied with instructions to run the tablerepair command. The server will continue to function properly if no action taken.</strong></font> <br /> <br /> <br /><font size=2 face="sans-serif"><strong>NOTE: IBM Traveler 9.0.1.15 does include a database schema update. Action may be required if you manually manage your database schema (this is not common). If you use auto schema updates (default behavior) there is no action required. See Updating the Enterprise Database for more information (</strong></font><a href=http://www.ibm.com/support/knowledgecenter/SSYRPW_9.0.1/UpdatingTheEnterpriseDatabase.dita><font size=2 color=blue face="sans-serif"><strong>http://www.ibm.com/support/knowledgecenter/SSYRPW_9.0.1/UpdatingTheEnterpriseDatabase.dita</strong></font></a><font size=2 face="sans-serif"><strong>)"</strong></font> <br /> <br /> <br /><font size=2 face="sans-serif">So this is an important information. This new version requires a schema change. If you are running stand-alone that should not cause any issues.</font> <br /><font size=2 face="sans-serif">If you have automatic schema update enabled the schema update should also happen automatically. <br /> And if you are switching from manual schema update to automatic schema update you should be careful. There is one ARPA fixed for DB2 and you should be aware of the default schema name differences for manual and automatic schema configuration.</font> <br /><font size=2 face="sans-serif">I guess with this schema change the issue has been discovered and the fix is that the NTS parameter with the schema name will be automatically set. </font> <br /><font size=2 face="sans-serif">(See -> </font><a href="http://www-01.ibm.com/support/docview.wss?uid=swg1LO90497"><font size=2 color=blue face="sans-serif">http://www.ibm.com/support/docview.wss?uid=swg1LO90497</font></a><font size=2 face="sans-serif"> for details).</font> <br /> <br /> <br /><font size=2 face="sans-serif">The fix-list contains some other important fixes! Check the fixlist link below for details.</font> <br /> <br /><font size=2 face="sans-serif">My server is already updated but I had not much time to test.</font> <br /> <br /> <br /><font size=2 face="sans-serif"><strong>IBM Traveler Fixes 9.0.1.15</strong></font> <br /> <br /><a href="http://www.ibm.com/support/docview.wss?uid=swg21700212#90115"><font size=2 color=blue face="sans-serif">http://www.ibm.com/support/docview.wss?uid=swg21700212#90115</font></a> <br /> <br /><font size=2 face="sans-serif"><strong>IBM Traveler 9.0.1.15 Server Release Documentation</strong></font> <br /> <br /><a href="http://www.ibm.com/support/docview.wss?uid=swg21994070"><font size=2 color=blue face="sans-serif">http://www.ibm.com/support/docview.wss?uid=swg21994070</font></a> <br />  ]]></content:encoded>
  46. <wfw:commentRss> http://blog.nashcom.de/nashcomblog.nsf/dxcomments/traveler-9.0.1.15-available-with-some-important-fixes.htm</wfw:commentRss>
  47. <wfw:comment> http://blog.nashcom.de/nashcomblog.nsf/dx/traveler-9.0.1.15-available-with-some-important-fixes.htm?opendocument&amp;comments</wfw:comment>
  48. </item>
  49. <item>
  50. <title>DNUG Domino Day 2016 in DUS und DNUG Comes to you in BER</title>
  51. <pubDate>Fri, 21 Oct 2016 13:13:55 +0200</pubDate>
  52. <description>
  53. <![CDATA[
  54. Auch in diesem Jahr haben wir wieder einen DNUG Event im Bereich Notes/Domino in Düssldorf. Und Anfang November hat Anett Hammerschmidt für unsere Fachgruppe einen halben Tag DNUG Comes To you mit ...
  55. ]]>
  56. </description>
  57. <link>http://blog.nashcom.de/nashcomblog.nsf/dx/DNUG-domino-day-2016.htm</link>
  58. <category>DNUG</category>
  59. <dc:creator>Daniel Nashed</dc:creator>
  60. <comments>http://blog.nashcom.de/nashcomblog.nsf/dx/DNUG-domino-day-2016.htm?opendocument&amp;comments</comments>
  61. <guid isPermaLink="true">http://blog.nashcom.de/nashcomblog.nsf/dx/DNUG-domino-day-2016.htm</guid>
  62. <content:encoded><![CDATA[ <img  alt="DNUG &amp;#34;Domino Day&amp;#34; - Fachgruppen-Tag Notes/Domino/Verse" border="0" src="http://blog.nashcom.de/nashcomblog.nsf/dx/DNUG-domino-day-2016.htm/content/M2?OpenElement" /> <br /> <br /> <br /><font size=2 face="sans-serif">Auch in diesem Jahr haben wir wieder einen DNUG Event im Bereich Notes/Domino in Düssldorf.</font> <br /><font size=2 face="sans-serif">Und Anfang November hat Anett Hammerschmidt für unsere Fachgruppe einen halben Tag DNUG Comes To you mit anschließendem DNUG Stammtisch in Berliin.</font> <br /> <br /><font size=2 face="sans-serif">Bei beiden Events geht es um atkeulle Themen und Entwicklungen im Bereich Notes und Domino.</font> <br /><font size=2 face="sans-serif">Und es werden auch Kollegen von IBM vor Ort sein, mit denen man die aktuelle Strategie von IBM im Bereich Notes/Domino diskutieren kann.</font> <br /> <br /><font size=2 face="sans-serif">Ich hoffe viele von Euch auf einem der beiden Events begrüßen zu können.</font> <br /> <br /><font size=2 face="sans-serif">Anbei die Links zu beiden Veranstaltungen.</font> <br /> <br /><font size=2 face="sans-serif">Beide Tage sind für DNUG Mitglieder kostenlos . </font> <br /><font size=2 face="sans-serif">Aber auch Nicht-Mitglieder sind herzlich eingeladen (mit einem Kostenbeitrag am Domino Day).</font> <br /> <br /> <br /><font size=2 face="sans-serif">-- Daniel</font> <br /> <br /> <br /><font size=2 face="sans-serif"><strong>DNUG "Domino Day" - Fachgruppen-Tag Notes/Domino/Verse</strong></font> <br /> <br /><font size=2 face="sans-serif">Donnerstag, 24. November in Düsseldorf</font> <br /> <br /><a href="https://www.eventbrite.de/e/dnug-domino-day-fachgruppen-tag-notesdominoverse-tickets-28526425306"><font size=2 color=blue face="sans-serif">https://www.eventbrite.de/e/dnug-domino-day-fachgruppen-tag-notesdominoverse-tickets-28526425306</font></a> <br /> <br /><font size=2 face="sans-serif"><strong>BERLIN - DNUG: Team Verse and Notes Domino Comes to You</strong></font> <br /> <br /><font size=2 face="sans-serif">Mittwoch, 2. November in Berlin</font> <br /> <br /><a href="https://www.eventbrite.de/e/berlin-dnug-team-verse-and-notes-domino-comes-to-you-tickets-28675598487"><font size=2 color=blue face="sans-serif">https://www.eventbrite.de/e/berlin-dnug-team-verse-and-notes-domino-comes-to-you-tickets-28675598487</font></a> <br /> <br /> <br />  ]]></content:encoded>
  63. <wfw:commentRss> http://blog.nashcom.de/nashcomblog.nsf/dxcomments/DNUG-domino-day-2016.htm</wfw:commentRss>
  64. <wfw:comment> http://blog.nashcom.de/nashcomblog.nsf/dx/DNUG-domino-day-2016.htm?opendocument&amp;comments</wfw:comment>
  65. </item>
  66. <item>
  67. <title>IBM Champion Nomination 2016</title>
  68. <pubDate>Tue, 18 Oct 2016 11:07:09 +0200</pubDate>
  69. <description>
  70. <![CDATA[
  71. The IBM Champion program is a great way to thank active members of the community and also to help them in some way to continue their work for the community. The nomination is still open until Novembe ...
  72. ]]>
  73. </description>
  74. <link>http://blog.nashcom.de/nashcomblog.nsf/dx/ibm-champion-nomination-2016.htm</link>
  75. <category>Champion</category>
  76. <dc:creator>Daniel Nashed</dc:creator>
  77. <comments>http://blog.nashcom.de/nashcomblog.nsf/dx/ibm-champion-nomination-2016.htm?opendocument&amp;comments</comments>
  78. <guid isPermaLink="true">http://blog.nashcom.de/nashcomblog.nsf/dx/ibm-champion-nomination-2016.htm</guid>
  79. <content:encoded><![CDATA[ <font size=2 face="sans-serif">The IBM Champion program is a great way to thank active members of the community and also to help them in some way to continue their work for the community. </font> <br /><font size=2 face="sans-serif">The nomination is still open until November 14th. So you still have time to nominate someone. Or renominate one of the current IBM Champions. </font> <br /> <br /><font size=2 face="sans-serif">See some details and official links below.</font> <br /> <br /><font size=2 face="sans-serif">-- Daniel</font> <br /> <br /><font size=2 face="sans-serif">"The IBM Champion program recognizes innovative thought leaders in the technical community — and rewards these contributors by amplifying their voice and increasing their sphere of influence. </font> <br /><font size=2 face="sans-serif">An IBM Champion is an IT professional, business leader, developer, or educator who influences and mentors others to help them make best use of IBM software, solutions, and services." </font> <br /> <br /><font size=2 face="sans-serif">So if there is someone you think how deserves it, here is the nomination form --> </font><a href="http://blog.nashcom.de/nashcomblog.nsf/dx/www.ibm.com/developerworks/community/profiles/dw/anonymous.jsp?id=2016"><font size=2 color=blue face="sans-serif">www.ibm.com/developerworks/community/profiles/dw/anonymous.jsp?id=2016</font></a> <br /> <br /><font size=2 face="sans-serif">For more details see --> </font><a href="https://www.ibm.com/developerworks/community/blogs/ibmchampion/entry/Nominate_an_IBM_Champion_Nominations_OPEN?lang=en"><font size=2 color=blue face="sans-serif">https://www.ibm.com/developerworks/community/blogs/ibmchampion/entry/Nominate_an_IBM_Champion_Nominations_OPEN?lang=en</font></a> <br /> <br />  ]]></content:encoded>
  80. <wfw:commentRss> http://blog.nashcom.de/nashcomblog.nsf/dxcomments/ibm-champion-nomination-2016.htm</wfw:commentRss>
  81. <wfw:comment> http://blog.nashcom.de/nashcomblog.nsf/dx/ibm-champion-nomination-2016.htm?opendocument&amp;comments</wfw:comment>
  82. </item>
  83. <item>
  84. <title>IBM Domino 9.0.1 Fix Pack 7 Interim Fix 1 addresses critical issues affecting Domino 9.0.1 FP7 for Linux64 &amp; zLinux64</title>
  85. <pubDate>Fri, 14 Oct 2016 12:08:35 +0200</pubDate>
  86. <description>
  87. <![CDATA[
  88. As reported before on Linux64 there is a issue with the cluster replicator which has been addressed with IF1 (SPR #KBRNAEMPX2). Because of a change in FP7 that needed a recompile of the whole core inc ...
  89. ]]>
  90. </description>
  91. <link>http://blog.nashcom.de/nashcomblog.nsf/dx/ibm-domino-9.0.1-fix-pack-7-interim-fix-1-addresses-critical-issues-affecting-domino-9.0.1-fp7-for-linux64-zlinux64.htm</link>
  92. <category></category>
  93. <dc:creator>Daniel Nashed</dc:creator>
  94. <comments>http://blog.nashcom.de/nashcomblog.nsf/dx/ibm-domino-9.0.1-fix-pack-7-interim-fix-1-addresses-critical-issues-affecting-domino-9.0.1-fp7-for-linux64-zlinux64.htm?opendocument&amp;comments</comments>
  95. <guid isPermaLink="true">http://blog.nashcom.de/nashcomblog.nsf/dx/ibm-domino-9.0.1-fix-pack-7-interim-fix-1-addresses-critical-issues-affecting-domino-9.0.1-fp7-for-linux64-zlinux64.htm</guid>
  96. <content:encoded><![CDATA[ <font size=2 face="sans-serif">As reported before on Linux64 there is a issue with the cluster replicator which has been addressed with IF1 (<strong>SPR #KBRNAEMPX2</strong>).</font> <br /><font size=2 face="sans-serif">Because of a change in FP7 that needed a recompile of the whole core including all components (<strong>SPR# KBRN9Q7EZW</strong>) but some files where missing in the installations.</font> <br /> <br /><font size=2 face="sans-serif">IBM has fixed the issue with 9.0.1 FP7 IF1 which is already available for download. I got it already yesterday for testing thru our PMR and it replaces the missing files.</font> <br /> <br /><font size=2 face="sans-serif">If you are running Domino on Linux64 with FP7 you should update your server asap to IF1.</font> <br /> <br /><font size=2 face="sans-serif">-- Daniel</font> <br /> <br /><font size=2 face="sans-serif">The this linke for additional information and download links</font> <br /> <br /><a href="http://www.ibm.com/support/docview.wss?uid=swg21992376"><font size=2 color=blue face="sans-serif">http://www.ibm.com/support/docview.wss?uid=swg21992376</font></a> <br /> <br /> <br /><font size=2 face="sans-serif">here is the list of files replaced by IF1</font> <br /> <br /><font size=2 face="sans-serif">rwxr-xr-x 1 root root &nbsp;33K Aug 18 16:42 billing</font> <br /><font size=2 face="sans-serif">-rwxr-xr-x 1 root root &nbsp;54K Aug 18 16:42 cldbdir</font> <br /><font size=2 face="sans-serif">-rwxr-xr-x 1 root root &nbsp;58K Aug 18 16:42 clrepl</font> <br /><font size=2 face="sans-serif">-r--r--r-- 1 root root 6.9K Sep 13 22:39 daosmgr.res</font> <br /><font size=2 face="sans-serif">-rwxr-xr-x 1 root root 160K Aug 18 16:42 decs</font> <br /><font size=2 face="sans-serif">-rwxr-xr-x 1 root root 408K Aug 18 16:42 libdcapi.so</font> <br /><font size=2 face="sans-serif">-rwxr-xr-x 1 root root 390K Aug 18 16:42 libdchtapi.so</font> <br /><font size=2 face="sans-serif">-rwxr-xr-x 1 root root 188K Aug 18 16:42 libdcrtapi.so</font> <br /><font size=2 face="sans-serif">-rwxr-xr-x 1 root root 300K Aug 18 16:42 libdecsext.so</font> <br /><font size=2 face="sans-serif">-rwxr-xr-x 1 root root 333K Aug 18 16:43 libdomws.so</font> <br /><font size=2 face="sans-serif">-rwxr-xr-x 1 root root 8.0K Aug 18 16:41 libhttprs.so</font> <br /><font size=2 face="sans-serif">-rwxr-xr-x 1 root root 230K Aug 18 16:42 liblsxlc.so</font> <br /><font size=2 face="sans-serif">-rwxr-xr-x 1 root root &nbsp;15K Oct 12 23:57 libndgts.so</font> <br /><font size=2 face="sans-serif">-rwxr-xr-x 1 root root 9.2K Aug 18 16:41 librshttp.so</font> <br /><font size=2 face="sans-serif">-r--r--r-- 1 root root &nbsp;11K Sep 13 22:39 smtp.res</font>  ]]></content:encoded>
  97. <wfw:commentRss> http://blog.nashcom.de/nashcomblog.nsf/dxcomments/ibm-domino-9.0.1-fix-pack-7-interim-fix-1-addresses-critical-issues-affecting-domino-9.0.1-fp7-for-linux64-zlinux64.htm</wfw:commentRss>
  98. <wfw:comment> http://blog.nashcom.de/nashcomblog.nsf/dx/ibm-domino-9.0.1-fix-pack-7-interim-fix-1-addresses-critical-issues-affecting-domino-9.0.1-fp7-for-linux64-zlinux64.htm?opendocument&amp;comments</wfw:comment>
  99. </item>
  100. <item>
  101. <title>Domino 9.0.1 FP7 issue Notes User Id File Upload To Vault Failed If Port_enc_adv Parameter Is Enabled</title>
  102. <pubDate>Wed, 12 Oct 2016 12:45:24 +0200</pubDate>
  103. <description>
  104. <![CDATA[
  105. Alex Novak mentioned another issue with FP7 which might affect you in my blog comments. We only have the public description of the SPR and I assume only the ID Vault server communication is affected ...
  106. ]]>
  107. </description>
  108. <link>http://blog.nashcom.de/nashcomblog.nsf/dx/domino-9.0.1-fp7-issue-notes-user-id-file-upload-to-vault-failed-if-port_enc_adv-parameter-is-enabled.htm</link>
  109. <category>Security</category>
  110. <dc:creator>Daniel Nashed</dc:creator>
  111. <comments>http://blog.nashcom.de/nashcomblog.nsf/dx/domino-9.0.1-fp7-issue-notes-user-id-file-upload-to-vault-failed-if-port_enc_adv-parameter-is-enabled.htm?opendocument&amp;comments</comments>
  112. <guid isPermaLink="true">http://blog.nashcom.de/nashcomblog.nsf/dx/domino-9.0.1-fp7-issue-notes-user-id-file-upload-to-vault-failed-if-port_enc_adv-parameter-is-enabled.htm</guid>
  113. <content:encoded><![CDATA[ <font size=2 face="sans-serif">Alex Novak mentioned another issue with FP7 which might affect you in my blog comments. </font> <br /> <br /><font size=2 face="sans-serif">We only have the public description of the SPR and I assume only the ID Vault server communication is affected.</font> <br /> <br /><font size=2 face="sans-serif">SPR # BBSZAEEK8C APAR #LO90429.: Notes User Id File Upload To Vault Failed If Port_enc_adv Parameter Is Enabled</font> <br /> <br /><font size=2 face="sans-serif">So for now you should not enable the new AES encryption on your ID Vault server until this issue is fixed.</font> <br /> <br /><font size=2 face="sans-serif">Given the 3 issues I reported in the last days in my blog (one is only effecting Linux64) I would wait for the next IF that hopefully addresses all those issues if you did not deploy it yet.</font> <br /> <br /><font size=2 face="sans-serif">-- Daniel</font> <br /> <br />  ]]></content:encoded>
  114. <wfw:commentRss> http://blog.nashcom.de/nashcomblog.nsf/dxcomments/domino-9.0.1-fp7-issue-notes-user-id-file-upload-to-vault-failed-if-port_enc_adv-parameter-is-enabled.htm</wfw:commentRss>
  115. <wfw:comment> http://blog.nashcom.de/nashcomblog.nsf/dx/domino-9.0.1-fp7-issue-notes-user-id-file-upload-to-vault-failed-if-port_enc_adv-parameter-is-enabled.htm?opendocument&amp;comments</wfw:comment>
  116. </item>
  117. <item>
  118. <title>Cluster replicator hang with 9.0.1 FP7 on Linux64</title>
  119. <pubDate>Wed, 12 Oct 2016 12:32:24 +0200</pubDate>
  120. <description>
  121. <![CDATA[
  122. There is another issue (SPR #RSOIAEME5L) that might affect you when running with Linux64 and 9.0.1 FP7. Due to the change in FP7 on Linux64 (SPR# KBRN9Q7EZW) all server binaries needed to be updated ...
  123. ]]>
  124. </description>
  125. <link>http://blog.nashcom.de/nashcomblog.nsf/dx/cluster-replicator-hang-with-9.0.1-fp7-on-linux64.htm</link>
  126. <category>Linux</category>
  127. <dc:creator>Daniel Nashed</dc:creator>
  128. <comments>http://blog.nashcom.de/nashcomblog.nsf/dx/cluster-replicator-hang-with-9.0.1-fp7-on-linux64.htm?opendocument&amp;comments</comments>
  129. <guid isPermaLink="true">http://blog.nashcom.de/nashcomblog.nsf/dx/cluster-replicator-hang-with-9.0.1-fp7-on-linux64.htm</guid>
  130. <content:encoded><![CDATA[ <font size=2 face="sans-serif">There is another issue <strong>(SPR #RSOIAEME5L</strong>) that might affect you when running with Linux64 and 9.0.1 FP7.</font> <br /> <br /><font size=2 face="sans-serif">Due to the change in FP7 on Linux64 (</font><font size=2 face="sans-serif"><strong>SPR# KBRN9Q7EZW</strong></font><font size=2 face="sans-serif">) all server binaries needed to be updated in FP7.</font> <br /><font size=2 face="sans-serif">It turned out that some binaries have not been replaced by the FP7 installer. In this case the cluster replicator task wasn't updated.</font> <br /><font size=2 face="sans-serif">Because of the change of internal structures this causes issues with older core servertasks in Domino (business partner applications using the public C-API are not affected).</font> <br /> <br /><font size=2 face="sans-serif">In this cases the cluster replicator servertasks are hanging.</font> <br /> <br /><font size=2 face="sans-serif">If you are planning to update Domino on Linux64 to FP7 you should wait until this issue is fixed!</font> <br /> <br /><font size=2 face="sans-serif">-- Daniel</font> <br /> <br /> <br /> <br />  ]]></content:encoded>
  131. <wfw:commentRss> http://blog.nashcom.de/nashcomblog.nsf/dxcomments/cluster-replicator-hang-with-9.0.1-fp7-on-linux64.htm</wfw:commentRss>
  132. <wfw:comment> http://blog.nashcom.de/nashcomblog.nsf/dx/cluster-replicator-hang-with-9.0.1-fp7-on-linux64.htm?opendocument&amp;comments</wfw:comment>
  133. </item>
  134. <item>
  135. <title>CD to MIME Conversion Issue in 9.0.1 FP7 generating Javascript for sections</title>
  136. <pubDate>Mon, 10 Oct 2016 09:41:42 +0200</pubDate>
  137. <description>
  138. <![CDATA[
  139. We ran into an issue at a customer on Friday. Today we got the confirmation that it is a bug and development is already looking into this. It looks like a low level issue when converting Richtext int ...
  140. ]]>
  141. </description>
  142. <link>http://blog.nashcom.de/nashcomblog.nsf/dx/cd-to-mime-conversion-issue-in-9.0.1-fp7.htm</link>
  143. <category>MIME</category>
  144. <dc:creator>Daniel Nashed</dc:creator>
  145. <comments>http://blog.nashcom.de/nashcomblog.nsf/dx/cd-to-mime-conversion-issue-in-9.0.1-fp7.htm?opendocument&amp;comments</comments>
  146. <guid isPermaLink="true">http://blog.nashcom.de/nashcomblog.nsf/dx/cd-to-mime-conversion-issue-in-9.0.1-fp7.htm</guid>
  147. <content:encoded><![CDATA[ <font size=2 face="sans-serif">We ran into an issue at a customer on Friday. Today we got the confirmation that it is a bug and development is already looking into this.</font><font size=3 face="sans-serif"> </font><font size=2 face="sans-serif"><br /> It looks like a low level issue when converting Richtext into MIME in mails on server side. <br /> <br /> In my test I have seen than probably all server based conversions are affected. Clients sending MIME message directly do not show this issue (and that should be the default in hopefully most companies so it hopefully is not an issue for your users).</font><font size=3 face="sans-serif"> </font><font size=2 face="sans-serif"><br /> When the server converts a message to MIME JavaScript is generated for collapsible sections (for example when you reply to a mail in Notes style and your client prefers richtext when sending internet mail).</font><font size=3 face="sans-serif"> </font><font size=2 face="sans-serif"><br /> <br /> There have been some changes in the conversion code in fixpack 7 which might have caused this unintended change.</font><font size=3 face="sans-serif"> </font><font size=2 face="sans-serif"><br /> We have seen this when mails are converted by the mail-router and also 3rd party applications that convert messages.</font><font size=3 face="sans-serif"> </font><font size=2 face="sans-serif"><br /> <br /> The SPR we got from support todays show it also impacts POP3 and IMAP.</font><font size=3 face="sans-serif"> <br /> </font><font size=2 face="sans-serif"><br /> <br /> The critical part of the issue is that Javascript in mail is rated as active content by many antivirus/spam software. This can lead to rejected mails and even negative score for the sending servers.</font><font size=3 face="sans-serif"> </font><font size=2 face="sans-serif"><br /> <br /> The only work-around is to ensure your clients are sending MIME directly and don't use the option to send richtext to internet recipients.</font><font size=3 face="sans-serif"> </font><font size=2 face="sans-serif"><br /> <br /> Format for messages addressed to internet addresses: Notes Rich Text Format -> MIME Format</font><font size=3 face="sans-serif">.</font> <br /><font size=3 face="sans-serif">You can ensure clients use that setting by pushing the setting via desktop policy. In our case the initial value was set correctly but the setting was not enforced and users changed it.</font> <br /><font size=3 face="sans-serif">But this can also occur with agents sending messages in richtext -- For example with newsletters etc..<br /> </font><font size=2 face="sans-serif"><br /> <br /> -- Daniel</font><font size=3 face="sans-serif"> <br /> </font><font size=2 face="sans-serif"><br /> <br /> SPR #AJASAEHJKB<br /> Reply Section Or Twistie In A Cd-mime Conversion Is Converted Incorrectly In Fixpack 7<br /> <br /> With a location doc which specifies to send to the server in<br /> Format for messages addressed to internet addresses: Notes Rich Text<br /> <br /> Send a typicall reply chain memo to 9.0.1 Domino FP6 for conversion either external or to a POP or IMAP user who has a<br /> Prefers Mime on their location doc and it will be noticed that after upgrading Domino to FP7 the arrows are missing and the<br /> format looks not quite right, the arrows are replaced by javascript links in the received note</font><font size=3 face="sans-serif"> </font>  ]]></content:encoded>
  148. <wfw:commentRss> http://blog.nashcom.de/nashcomblog.nsf/dxcomments/cd-to-mime-conversion-issue-in-9.0.1-fp7.htm</wfw:commentRss>
  149. <wfw:comment> http://blog.nashcom.de/nashcomblog.nsf/dx/cd-to-mime-conversion-issue-in-9.0.1-fp7.htm?opendocument&amp;comments</wfw:comment>
  150. </item>
  151. <item>
  152. <title>Change in Apple iOS 10.x (and later) devices prevents full device wipe via Traveler Web &amp; SmartCloud Notes Administration interfaces</title>
  153. <pubDate>Thu, 29 Sep 2016 09:11:25 +0200</pubDate>
  154. <description>
  155. <![CDATA[
  156. Surprisingly and without any notice that I am aware of Apple has removed the ability to reset iOS devices over ActiveSync. A chance in this area was expected in general because it could be risky to a ...
  157. ]]>
  158. </description>
  159. <link>http://blog.nashcom.de/nashcomblog.nsf/dx/change-in-apple-ios-10.x-and-later-devices-prevents-full-device-wipe-via-traveler-web-smartcloud-notes-administration-interfaces.htm</link>
  160. <category>Traveler</category>
  161. <dc:creator>Daniel Nashed</dc:creator>
  162. <comments>http://blog.nashcom.de/nashcomblog.nsf/dx/change-in-apple-ios-10.x-and-later-devices-prevents-full-device-wipe-via-traveler-web-smartcloud-notes-administration-interfaces.htm?opendocument&amp;comments</comments>
  163. <guid isPermaLink="true">http://blog.nashcom.de/nashcomblog.nsf/dx/change-in-apple-ios-10.x-and-later-devices-prevents-full-device-wipe-via-traveler-web-smartcloud-notes-administration-interfaces.htm</guid>
  164. <content:encoded><![CDATA[  <br /><font size=2 face="sans-serif">Surprisingly and without any notice that I am aware of Apple has removed the ability to reset iOS devices over ActiveSync.</font> <br /><font size=2 face="sans-serif">A chance in this area was expected in general because it could be risky to allow an ActiveSync account to wipe a complete device.</font> <br /> <br /><font size=2 face="sans-serif">It's still a surprise that they completely removed the wipe functionality. </font> <br /><font size=2 face="sans-serif">IMHO the better change would have been to just remove all data that this ActiveSync profile has synced -- similar to the application wipe IBM implemented with Traveler for iOS with AciveSync.</font> <br /><font size=2 face="sans-serif">But according to the technote (I have not tested it on my own yet) the Apple devices with iOS 10 and higher confirm the request and ignore it.</font> <br /> <br /><font size=2 face="sans-serif">If you have a MDM solution this doesn't really have an impact because the right way would be to use remote wipe your MDM provides.</font> <br /> <br /><font size=2 face="sans-serif">But for other devices the only option to wipe a lost device is to use the Lost Device functionality implemented with your iCloud account (which needs to be enabled and can only be used in combination with that Apple-ID).</font> <br /> <br /><font size=2 face="sans-serif">Right now with Traveler you have to be careful and check the device OS version before you invoke the wipe because Traveler does not have a check for that changed behavior implemented.</font> <br /> <br /><font size=2 face="sans-serif">See the following technote for details</font> <br /> <br /><a href="https://www.ibm.com/support/docview.wss?uid=swg21991360"><font size=2 color=blue face="sans-serif">https://www.ibm.com/support/docview.wss?uid=swg21991360</font></a> <br /> <br /><font size=2 face="sans-serif">-- Daniel</font> <br /> <br /> <br /> <br />  ]]></content:encoded>
  165. <wfw:commentRss> http://blog.nashcom.de/nashcomblog.nsf/dxcomments/change-in-apple-ios-10.x-and-later-devices-prevents-full-device-wipe-via-traveler-web-smartcloud-notes-administration-interfaces.htm</wfw:commentRss>
  166. <wfw:comment> http://blog.nashcom.de/nashcomblog.nsf/dx/change-in-apple-ios-10.x-and-later-devices-prevents-full-device-wipe-via-traveler-web-smartcloud-notes-administration-interfaces.htm?opendocument&amp;comments</wfw:comment>
  167. </item>
  168. <item>
  169. <title>Notes and Domino Future</title>
  170. <pubDate>Fri, 23 Sep 2016 11:49:52 +0200</pubDate>
  171. <description>
  172. <![CDATA[
  173. There have been a lot of rumors and IBM is not very good in communicating road-maps since a couple of years. I hope we will see a clear statement about future functionality soon. There is already a ...
  174. ]]>
  175. </description>
  176. <link>http://blog.nashcom.de/nashcomblog.nsf/dx/notes-and-domino-future.htm</link>
  177. <category></category>
  178. <dc:creator>Daniel Nashed</dc:creator>
  179. <comments>http://blog.nashcom.de/nashcomblog.nsf/dx/notes-and-domino-future.htm?opendocument&amp;comments</comments>
  180. <guid isPermaLink="true">http://blog.nashcom.de/nashcomblog.nsf/dx/notes-and-domino-future.htm</guid>
  181. <content:encoded><![CDATA[  <p><font size=2 face="sans-serif">There have been a lot of rumors and IBM is not very good in communicating road-maps since a couple of years.</font> <br /><font size=2 face="sans-serif">I hope we will see a clear statement about future functionality soon.</font> <br /> <br /><font size=2 face="sans-serif">There is already a public statement in the IBM blog that gives some answers and I have been at a couple of events where IBM explained part of the strategy.</font> <br /><a href="https://www.ibm.com/blogs/social-business/2016/09/12/ibm-notes-domino-v9-extends-support/"><font size=2 color=blue face="sans-serif">https://www.ibm.com/blogs/social-business/2016/09/12/ibm-notes-domino-v9-extends-support/</font></a> <br /> <br /><font size=2 face="sans-serif">Now that the current strategy is more clear and IBM decided to continue with Notes and Domino with incremental releases this support statement was needed.</font> <br /><font size=2 face="sans-serif">This support statement has been discussed on some customers and partners draw some maybe not completely correct conclusions from the statement.</font> <br /> <br /><font size=2 face="sans-serif">Here are some details and thoughts from my side.</font> <br /> <br /><font size=2 face="sans-serif">I hope this draws some light into the current discussion. And I am looking forward to your comments. </font> <br /> <br /><font size=2 face="sans-serif">-- Daniel</font> <br /> <br /><font size=2 face="sans-serif">In the last fixpacks and even in interims fixes IBM started to add functionality beside just shipping fixes. The security area is a good example. </font> <br /><font size=2 face="sans-serif">We now have full TLS 1.2 support and since 9.0.1 FP7 we have state of the art port encryption -- see previous blog posting for details.</font> <br /><font size=2 face="sans-serif">Also IBM shipped a Mac 64bit native client. All this shows that IBM is still investing in Notes and Domino on prem.</font> <br /> <br /><font size=2 face="sans-serif">There are still many features and requirements that are pending -- like Java 8 support which is really something that should IBM have shipped earlier.</font> <br /><font size=2 face="sans-serif">Also NIFNSF the ability to store view/folder index outside the NSF file for I/O optimization, reduced backup and larger database size is an important pending feature.</font> <br /> <br /><font size=2 face="sans-serif">I saw some draft roadmap slides that IBM is hopefully releasing in public soon with some additional details.</font> <br /> <br /><font size=2 face="sans-serif">Those features will be delivered via "<strong>Feature Packs</strong>" instead of "<strong>Fixpacks</strong>". Some details are not yet sorted out but we can expect 3 feature every year and templates changes are shipped separately in some way (there is no detailed information yet).</font> <br /><font size=2 face="sans-serif">This is a smoother way to develop and deploy new functionality. But this also means that customers have to deploy those fixes incrementally. </font> <br /><font size=2 face="sans-serif">Usually this is easier to bring into production instead of a major version -- at least on server side.</font> <br /> <br /><font size=2 face="sans-serif">Having said that IBM clearly states that the Domino server is an important asset in the IBM portfolio and you can see that from the fact that IBM Verse on prem leverages Domino 9.0.1 as the foundation.</font> <br /><font size=2 face="sans-serif">The Notes Client gets less and less attention. But it will be still supported and maintained in the Notes 9.0.1 code stream and we will also see some improvements here -- 64bit Mac client was a good example (no I don't think we need a W64 client nor that I think we would get it).</font> <br /> <br /><font size=2 face="sans-serif">IBM sets the focus on Web clients like IBM Verse and the current strategy is "mobile first" for all their current and future offerings.</font> <br /> <br /><font size=2 face="sans-serif">IMHO putting more money and energy into modern web and mobile applications is the right direction. A modern and more intuitive Web UI like IBM Verse makes a lot of sense not only for the younger work-force (Design Thinking plays an important role here).</font> <br /> <br /><font size=2 face="sans-serif">In contrast to other companies IBM still also has an "on prem strategy" in addition to their Cloud first/Cognitive strategy.</font> <br /> <br /> <br /><font size=2 face="sans-serif">The current extended support statement states that 8.5.3 will be still supported for another 2 years from now -- which gives customers another two years to migrate to 9.0.1.</font> <br /> <br /><font size=2 face="sans-serif">9.0.1 is <strong>at least</strong> supported until September 2021. "<strong>At least</strong>" is an important detail here because that does not mean that this will be the maximum time 9.0.1 will be supported with Feature Packs.</font> <br /> <br /><font size=2 face="sans-serif">(And we don't know yet if IBM does not decide to change the deployment model again and at some point ship a different Notes/Domino version like 9.0.2 or 10.0)</font> <br /> <br /><font size=2 face="sans-serif">What is clear from other IBM statements now that IBM uses Feature Packs to deliver new functionality you have to be on maintenance to be entitled to download and use those "FPs" in future.</font> <br /><font size=2 face="sans-serif">This is also not new. IBM did just not enforce for Notes/Domino and other collaboration software that you have to be on maintenance for fixpack entitlements.</font> <br /><font size=2 face="sans-serif">But this is a change for Notes/Domino customers from the current way fixpacks are handled!</font> <br />  ]]></content:encoded>
  182. <wfw:commentRss> http://blog.nashcom.de/nashcomblog.nsf/dxcomments/notes-and-domino-future.htm</wfw:commentRss>
  183. <wfw:comment> http://blog.nashcom.de/nashcomblog.nsf/dx/notes-and-domino-future.htm?opendocument&amp;comments</wfw:comment>
  184. </item>
  185. <item>
  186. <title>Traveler 9.0.1.14 -- Calendar Issue Tentative Accept</title>
  187. <pubDate>Fri, 23 Sep 2016 11:03:33 +0200</pubDate>
  188. <description>
  189. <![CDATA[
  190. One of my customer ran into this issue with 9.0.1.14. When you tentative accept a meeting on your mobile device and accept it completely afterwards that change is not updated on the senders invitat ...
  191. ]]>
  192. </description>
  193. <link>http://blog.nashcom.de/nashcomblog.nsf/dx/traveler-9.0.1.14-calendar-issue-tentative-accept.htm</link>
  194. <category></category>
  195. <dc:creator>Daniel Nashed</dc:creator>
  196. <comments>http://blog.nashcom.de/nashcomblog.nsf/dx/traveler-9.0.1.14-calendar-issue-tentative-accept.htm?opendocument&amp;comments</comments>
  197. <guid isPermaLink="true">http://blog.nashcom.de/nashcomblog.nsf/dx/traveler-9.0.1.14-calendar-issue-tentative-accept.htm</guid>
  198. <content:encoded><![CDATA[  <br /> <br /><font size=2 face="sans-serif">One of my customer ran into this issue with 9.0.1.14. </font> <br /><font size=2 face="sans-serif">When you tentative accept a meeting on your mobile device and accept it completely afterwards that change is not updated on the senders invitation.</font> <br /><font size=2 face="sans-serif">The tentative accept remains as the status.</font> <br /> <br /><font size=2 face="sans-serif">We have two PMRs and there is a APAR -> LO9030.</font> <br /> <br /><font size=2 face="sans-serif">If you did not update your Traveler Servers yet I would stay on 9.0.1.13 which is the first iOS 10 supported release and wait for the fix.</font> <br /> <br /><font size=2 face="sans-serif">If you already updated to 9.0.1.14 you also have to wait for the fix. Just to be sure, downgrading a Traveler server is not a good idea because this will lead to a resync of all devices!</font> <br /> <br /><font size=2 face="sans-serif">-- Daniel</font> <br /> <br /> <br /> <br />  ]]></content:encoded>
  199. <wfw:commentRss> http://blog.nashcom.de/nashcomblog.nsf/dxcomments/traveler-9.0.1.14-calendar-issue-tentative-accept.htm</wfw:commentRss>
  200. <wfw:comment> http://blog.nashcom.de/nashcomblog.nsf/dx/traveler-9.0.1.14-calendar-issue-tentative-accept.htm?opendocument&amp;comments</wfw:comment>
  201. </item>
  202. <item>
  203. <title>Setting up the first server and Certifier with 4096 bit keys instead of 1024 bit</title>
  204. <pubDate>Wed, 21 Sep 2016 09:33:44 +0200</pubDate>
  205. <description>
  206. <![CDATA[
  207. Today at AdminCamp I got the question how to register a first server and the organisational certifier with larger key size. By detault the setup process is still using 1024bit -- I guess for compatibi ...
  208. ]]>
  209. </description>
  210. <link>http://blog.nashcom.de/nashcomblog.nsf/dx/setting-up-the-first-server-and-certifier-with-4096-bit-keys-instead-of-1024-bit.htm</link>
  211. <category>Security</category>
  212. <dc:creator>Daniel Nashed</dc:creator>
  213. <comments>http://blog.nashcom.de/nashcomblog.nsf/dx/setting-up-the-first-server-and-certifier-with-4096-bit-keys-instead-of-1024-bit.htm?opendocument&amp;comments</comments>
  214. <guid isPermaLink="true">http://blog.nashcom.de/nashcomblog.nsf/dx/setting-up-the-first-server-and-certifier-with-4096-bit-keys-instead-of-1024-bit.htm</guid>
  215. <content:encoded><![CDATA[ <font size=2 face="sans-serif">Today at AdminCamp I got the question how to register a first server and the organisational certifier with larger key size.</font> <br /><font size=2 face="sans-serif">By detault the setup process is still using 1024bit -- I guess for compatibility.</font> <br /> <br /><font size=2 face="sans-serif">There is a notes.ini setting that increases the key length for the organisation, server and first admin.id.</font> <br /> <br /><font size=2 face="sans-serif"><strong>SETUP_FIRST_SERVER_PUBLIC_KEY_WIDTH=4096</strong></font> <br /> <br /><font size=2 face="sans-serif">You have to set this parameters in your first servers notes.ini before you start the server for the first tile to do the server setup.</font> <br /> <br /><font size=2 face="sans-serif">-- Daniel</font> <br /> <br /> <br /> <br />  ]]></content:encoded>
  216. <wfw:commentRss> http://blog.nashcom.de/nashcomblog.nsf/dxcomments/setting-up-the-first-server-and-certifier-with-4096-bit-keys-instead-of-1024-bit.htm</wfw:commentRss>
  217. <wfw:comment> http://blog.nashcom.de/nashcomblog.nsf/dx/setting-up-the-first-server-and-certifier-with-4096-bit-keys-instead-of-1024-bit.htm?opendocument&amp;comments</wfw:comment>
  218. </item>
  219. <item>
  220. <title>iNotes broken with German locale with 9.0.1 FP7</title>
  221. <pubDate>Thu, 15 Sep 2016 19:46:53 +0200</pubDate>
  222. <description>
  223. <![CDATA[
  224. Today I got a customer question about iNotes not working for him after updating to FP7. I can reproduce the issue on my Linux machine. Apparently something went wrong with the German locale. Reports ...
  225. ]]>
  226. </description>
  227. <link>http://blog.nashcom.de/nashcomblog.nsf/dx/inotes-borken-with-german-locale-with-9.0.1-fp7.htm</link>
  228. <category>iNotes</category>
  229. <dc:creator>Daniel Nashed</dc:creator>
  230. <comments>http://blog.nashcom.de/nashcomblog.nsf/dx/inotes-borken-with-german-locale-with-9.0.1-fp7.htm?opendocument&amp;comments</comments>
  231. <guid isPermaLink="true">http://blog.nashcom.de/nashcomblog.nsf/dx/inotes-borken-with-german-locale-with-9.0.1-fp7.htm</guid>
  232. <content:encoded><![CDATA[ <font size=2 face="sans-serif">Today I got a customer question about iNotes not working for him after updating to FP7.</font><font size=3> </font><font size=2 face="sans-serif"><br /> I can reproduce the issue on my Linux machine. Apparently something went wrong with the German locale. Reports show that the English locale should work fine.</font><font size=3> </font><font size=2 face="sans-serif"><br /> <br /> Also one of my customers forwarded me a IBM L1 support response for a different question which stated that if iNotes does not work with FP7 they should restore the FP6 Forms9.nsf databases.</font><font size=3> </font><font size=2 face="sans-serif"><br /> They got that info without any further information.</font><font size=3> </font><font size=2 face="sans-serif"><br /> <br /> I have shutdown my server and replaced the files with the backup copies on my server and started the server again.</font><font size=3> </font><font size=2 face="sans-serif"><br /> <br /> cd /local/notesdata/iNotes<br /> cp /opt/ibm/domino/notes/latest/linux/data1_bck/901FP6/localnotesdataiNotes/Forms9.nsf .</font><font size=3> </font><font size=2 face="sans-serif"><br /> cp /opt/ibm/domino/notes/latest/linux/data1_bck/901FP6/localnotesdataiNotes/Forms9s.nsf .</font><font size=3> <br /> </font><font size=2 face="sans-serif"><br /> <br /> The issue already occurs when you first launch iNotes. See the formula error screen below.</font><font size=3> </font><font size=2 face="sans-serif"><br /> <br /> I keep you posted what I hear. </font> <br /> <br /> <br /><font size=2 face="sans-serif">Update: There is a IF for this issue that replaces forms9.nsf</font> <br /> <br /><font size=2 face="sans-serif">Interim Fix for IBM Lotus iNotes 9.0.1FP7 Interim Fix 2 (901FP7IF2) for Windows 32-bit / Type: Forms9.nsf </font> <br /><font size=2 face="sans-serif"><br /> <br /> -- Daniel</font><font size=3> <br /> <br /> <br /> </font><img  alt="Image:iNotes borken with German locale with 9.0.1 FP7" border="0" src="http://blog.nashcom.de/nashcomblog.nsf/dx/inotes-borken-with-german-locale-with-9.0.1-fp7.htm/content/M2?OpenElement" /><font size=3><br /> <br /> </font>  ]]></content:encoded>
  233. <wfw:commentRss> http://blog.nashcom.de/nashcomblog.nsf/dxcomments/inotes-borken-with-german-locale-with-9.0.1-fp7.htm</wfw:commentRss>
  234. <wfw:comment> http://blog.nashcom.de/nashcomblog.nsf/dx/inotes-borken-with-german-locale-with-9.0.1-fp7.htm?opendocument&amp;comments</wfw:comment>
  235. </item>
  236. <item>
  237. <title>Notes &amp; Domino 9.0.1 FP7 shipped </title>
  238. <pubDate>Wed, 14 Sep 2016 12:07:02 +0200</pubDate>
  239. <description>
  240. <![CDATA[
  241. Notes and Domino 9.0.1 FP7 has shipped with quite a number of important fixes. - The JVM was updated to the current quarterly release replacing the JVM patches that came out since FP6. - There are ...
  242. ]]>
  243. </description>
  244. <link>http://blog.nashcom.de/nashcomblog.nsf/dx/notes-domino-9.0.1-fp7-shipped-.htm</link>
  245. <category>Domino</category>
  246. <dc:creator>Daniel Nashed</dc:creator>
  247. <comments>http://blog.nashcom.de/nashcomblog.nsf/dx/notes-domino-9.0.1-fp7-shipped-.htm?opendocument&amp;comments</comments>
  248. <guid isPermaLink="true">http://blog.nashcom.de/nashcomblog.nsf/dx/notes-domino-9.0.1-fp7-shipped-.htm</guid>
  249. <content:encoded><![CDATA[ <font size=2 face="sans-serif">Notes and Domino 9.0.1 FP7 has shipped with quite a number of important fixes.</font><font size=3> </font><font size=2 face="sans-serif"><br /> <br /> - The JVM was updated to the current quarterly release replacing the JVM patches that came out since FP6.</font><font size=3> </font><font size=2 face="sans-serif"><br /> - There are stability fixes which include many areas including Compact, Archiving API, iNotes, DXL and also some important security fixes.</font><font size=3> </font><font size=2 face="sans-serif"><br /> <br /> In one client SPR even ADFS 3.0 is mentioned so maybe we can hope that we get full ADFS 3.0 at some point in one of the next FPs - which is high on my priority list since most new ADFS customer installations require ADFS 3.0.</font><font size=3> </font><font size=2 face="sans-serif"><br /> <br /> Oh I almost missed an important platform update. Citrix XenApp 7.7 is now supported since FP7 which was missing for many customers!</font><font size=3> </font><font size=2 face="sans-serif"><br /> <br /> <br /> Beside all those fixes which are a good reason to deploy FP7 there are two SPRs that I want to highlight. <strong><br /> <br /> -- Important Linux 64bit Fix --</strong></font><font size=3> </font><font size=2 face="sans-serif"><br /> <br /> The first SPR deals with a really bad issue that made IBM ship a separate new build of 9.0.1 to customers who ran into the issue.</font><font size=3> </font><font size=2 face="sans-serif"><br /> The fix needed a complete rebuild all Domino binaries/core components (because a central structure was affected) and could not be shipped in a normal FP. IBM found a way to address this issue in a FP!</font><font size=3> </font><font size=2 face="sans-serif"><br /> It is listed in the Fixlist under "Sametime" but the issue occurred in most cases in high load HTTP environments.</font><font size=3> </font><font size=2 face="sans-serif"><br /> In case you are running the special downloaded new 64bit compile you can now switch back to the standard builds (see more detailed information below).</font><font size=3> </font> <p><font size=2 face="sans-serif"><strong>SPR# KBRN9Q7EZW</strong> - Fixed a Domino Linux 64-bit server crash or instability caused by duplicate thread ids. <br /> This is described in technote #1976013 and previously required a special Domino Linux 64-bit build to be provided. <br /> Now applying this Fixpack on Domino 9.0.1 will address the issue. Customers who previously received the special Domino Linux 64-bit build should uninstall it, re-install 9.0.1 Gold, followed by 9.0.1 FP7 or higher.</font><font size=3> </font><font size=2 face="sans-serif"><strong><br /> <br /> <br /> -- AES and SHA-2 Support for Network Port Encryption --</strong></font><font size=3> </font><font size=2 face="sans-serif"><br /> <br /> Dave Kern presented in Orlando already plans to update NRPC port encryption which have been planned for at that point 9.0.2.</font><font size=3> </font><font size=2 face="sans-serif"><br /> <br /> The new port encryption made it into FP7. If your client and server are both running FP7 or higher.</font><font size=3> </font> <p><font size=2 face="sans-serif">Update 14.9.2016 19:00</font><font size=3> </font> <p><font size=2 face="sans-serif">There is a new Technote describing all the details including two new settings plus one new debug setting.</font><font size=3> </font> <p><font size=2 face="sans-serif">TN -> </font><font size=2 color=blue face="sans-serif">http://www.ibm.com/support/docview.wss?uid=swg21990283</font><font size=2 face="sans-serif"><strong><br /> <br /> PORT_ENC_ADV</strong> controls the level of port encryption and enables the use of AES tickets.</font><font size=3> </font><font size=2 face="sans-serif"><strong><br /> TICKET_ALG_SHA</strong> controls which cryptographic algorithm to use when constructing tickets. HMAC-SHA 256 is enabled by default.</font><font size=3> </font> <p><font size=2 face="sans-serif">There is also one new debug setting <strong>DEBUG_PORT_ENC_ADV=1</strong> which will enable debug for the new port encryption.</font><font size=3> </font> <p><font size=2 face="sans-serif"><br /> I have upgraded my client and server and got the following with <strong>PORT_ENC_ADV </strong>on server side.<br /> In my previous test I wasn't aware that I had this parameter already in my notes.ini.<br /> But the parameter is required for the new encryption. The SH256 based signature algorithms are enabled by default.</font> <p><font size=2 face="sans-serif"><strong><br /> SPR# DKEN9N5PVK</strong> - Network port encryption now supports AES and SHA-2</font><font size=3> </font><font size=2 face="sans-serif"><strong><br /> <br /> FP 6</strong></font><font size=3> </font><font size=2 face="sans-serif"><br /> <br /> Authenticate {1B3F0009}: CN=xyz/OU=Srv/O=NashCom-Net</font><font size=3> </font><font size=2 face="sans-serif"><strong><br /> T:</strong></font><font size=2 color=red face="sans-serif"><strong>RC2</strong></font><font size=2 face="sans-serif"><strong>:128 E:1: &nbsp;P:c:e S:</strong></font><font size=2 color=red face="sans-serif"><strong>RC4:128</strong></font><font size=2 face="sans-serif"><strong> A:4:1 L:N:N:N FS: <br /> <br /> FP 7</strong></font><font size=3> </font><font size=2 face="sans-serif"><br /> <br /> Authenticate {1B3F0002}: CN=xzy/OU=Srv/O=NashCom-Net</font><font size=3> </font><font size=2 face="sans-serif"><strong><br /> T:</strong></font><font size=2 color=#008000 face="sans-serif"><strong>AES</strong></font><font size=2 face="sans-serif"><strong>:128 E:1: &nbsp;P:c:e S:</strong></font><font size=2 color=#008000 face="sans-serif"><strong>AES-GCM:256</strong></font><font size=2 face="sans-serif"><strong> A:2:1 L:N:N:N FS:</strong></font><font size=2 color=#008000 face="sans-serif"><strong>DHE-2048</strong></font><font size=3><strong> </strong></font> <p><font size=2 face="sans-serif">So it looks like the cipher implemented is: DHE-RSA-AES128-GCM-SHA256 with a DHE size of 2048.<br /> <br /> <br /> (You see the output with notes.ini <strong>log_authentication=1</strong>)<br /> <br /> <br /> -- Daniel</font><font size=3> </font>  ]]></content:encoded>
  250. <wfw:commentRss> http://blog.nashcom.de/nashcomblog.nsf/dxcomments/notes-domino-9.0.1-fp7-shipped-.htm</wfw:commentRss>
  251. <wfw:comment> http://blog.nashcom.de/nashcomblog.nsf/dx/notes-domino-9.0.1-fp7-shipped-.htm?opendocument&amp;comments</wfw:comment>
  252. </item>
  253. <item>
  254. <title>Traveler 9.0.1.14 shipped with few but important fixes preparing for upcoming  9.0.1 FP7</title>
  255. <pubDate>Thu, 8 Sep 2016 00:01:54 +0200</pubDate>
  256. <description>
  257. <![CDATA[
  258. The fixlist for 9.0.1.14 is quite short but it fixes a crash situation and issue in the upcoming Domino 9.0.1 FP7 fixpack which is scheduled for this month. APAR # Abstract LO89934 Meeting chair ...
  259. ]]>
  260. </description>
  261. <link>http://blog.nashcom.de/nashcomblog.nsf/dx/traveler-9.0.1.14-shipped-with-few-but-important-fixes-preparing-for-upcoming-9.0.1-fp7.htm</link>
  262. <category></category>
  263. <dc:creator>Daniel Nashed</dc:creator>
  264. <comments>http://blog.nashcom.de/nashcomblog.nsf/dx/traveler-9.0.1.14-shipped-with-few-but-important-fixes-preparing-for-upcoming-9.0.1-fp7.htm?opendocument&amp;comments</comments>
  265. <guid isPermaLink="true">http://blog.nashcom.de/nashcomblog.nsf/dx/traveler-9.0.1.14-shipped-with-few-but-important-fixes-preparing-for-upcoming-9.0.1-fp7.htm</guid>
  266. <content:encoded><![CDATA[ <font size=2 face="sans-serif">The fixlist for 9.0.1.14 is quite short but it fixes a crash situation and issue in the upcoming Domino 9.0.1 FP7 fixpack which is scheduled for this month.</font> <br /> <p> <table width=684 style="border-collapse:collapse;"> <tr valign=top height=8> <td width=103 style="border-style:none none none none;border-color:#000000;border-width:0px 0px 0px 0px;padding:1px 1px;"><font size=2 face="sans-serif"><strong>APAR #</strong></font> <td width=577 style="border-style:none none none none;border-color:#000000;border-width:0px 0px 0px 0px;padding:1px 1px;"><font size=2 face="sans-serif"><strong>Abstract</strong></font> <tr valign=top height=8> <td width=103 style="border-style:none none none none;border-color:#000000;border-width:0px 0px 0px 0px;padding:1px 1px;"><a href="http://www.ibm.com/support/docview.wss?uid=swg1LO89934"><font size=2 color=blue face="sans-serif"><u>LO89934</u></font></a> <td width=577 style="border-style:none none none none;border-color:#000000;border-width:0px 0px 0px 0px;padding:1px 1px;"><font size=2 face="sans-serif">Meeting chair may get multiple response notices from invitee who is using Apple native calendar application.</font> <tr valign=top height=8> <td width=103 style="border-style:none none none none;border-color:#000000;border-width:0px 0px 0px 0px;padding:1px 1px;"><a href="http://www.ibm.com/support/docview.wss?uid=swg1LO90090"><font size=2 color=blue face="sans-serif"><u>LO90090</u></font></a> <td width=577 style="border-style:none none none none;border-color:#000000;border-width:0px 0px 0px 0px;padding:1px 1px;"><font size=2 face="sans-serif">Verbose flag missing from HADR command help display.</font> <tr valign=top height=8> <td width=103 style="border-style:none none none none;border-color:#000000;border-width:0px 0px 0px 0px;padding:1px 1px;"><a href="http://www.ibm.com/support/docview.wss?uid=swg1LO90109"><font size=2 color=blue face="sans-serif"><u>LO90109</u></font></a> <td width=577 style="border-style:none none none none;border-color:#000000;border-width:0px 0px 0px 0px;padding:1px 1px;"><font size=2 face="sans-serif">Domino API change in 9.0.1 FP7 could cause a server crash on Linux x64 if running IBM Traveler server 9.0.1.13 or earlier release.</font> <tr valign=top height=8> <td width=103 style="border-style:none none none none;border-color:#000000;border-width:0px 0px 0px 0px;padding:1px 1px;"><a href="http://www.ibm.com/support/docview.wss?uid=swg1LO90110"><font size=2 color=blue face="sans-serif"><u>LO90110</u></font></a> <td width=577 style="border-style:none none none none;border-color:#000000;border-width:0px 0px 0px 0px;padding:1px 1px;"><font size=2 face="sans-serif">Timing issue could cause server crash when checking platform disk status.</font></table> <p>  ]]></content:encoded>
  267. <wfw:commentRss> http://blog.nashcom.de/nashcomblog.nsf/dxcomments/traveler-9.0.1.14-shipped-with-few-but-important-fixes-preparing-for-upcoming-9.0.1-fp7.htm</wfw:commentRss>
  268. <wfw:comment> http://blog.nashcom.de/nashcomblog.nsf/dx/traveler-9.0.1.14-shipped-with-few-but-important-fixes-preparing-for-upcoming-9.0.1-fp7.htm?opendocument&amp;comments</wfw:comment>
  269. </item>
  270. <item>
  271. <title>Traveler 9.0.1.13 released with some fixes</title>
  272. <pubDate>Fri, 19 Aug 2016 00:12:42 +0200</pubDate>
  273. <description>
  274. <![CDATA[
  275. There is a new traveler release that just shipped. Some of the issues might affect you. APAR # Abstract LO82881 Domino server may crash if $NTTrack field is corrupted. LO89471 Traveler invitee ...
  276. ]]>
  277. </description>
  278. <link>http://blog.nashcom.de/nashcomblog.nsf/dx/traveler-9.0.1.13-released-with-some-fixes.htm</link>
  279. <category>Traveler</category>
  280. <dc:creator>Daniel Nashed</dc:creator>
  281. <comments>http://blog.nashcom.de/nashcomblog.nsf/dx/traveler-9.0.1.13-released-with-some-fixes.htm?opendocument&amp;comments</comments>
  282. <guid isPermaLink="true">http://blog.nashcom.de/nashcomblog.nsf/dx/traveler-9.0.1.13-released-with-some-fixes.htm</guid>
  283. <content:encoded><![CDATA[ <font size=2 face="sans-serif">There is a new traveler release that just shipped.</font> <br /><font size=2 face="sans-serif">Some of the issues might affect you.</font> <br /> <br /> <br /> <table width=684 style="border-collapse:collapse;"> <tr valign=top height=8> <td width=103 style="border-style:none none none none;border-color:#000000;border-width:0px 0px 0px 0px;padding:1px 1px;"><font size=3 face="sans-serif"><strong>APAR #</strong></font> <td width=577 style="border-style:none none none none;border-color:#000000;border-width:0px 0px 0px 0px;padding:1px 1px;"><font size=3 face="sans-serif"><strong>Abstract</strong></font> <tr valign=top height=8> <td width=103 style="border-style:none none none none;border-color:#000000;border-width:0px 0px 0px 0px;padding:1px 1px;"><a href="http://www.ibm.com/support/docview.wss?uid=swg1LO82881"><font size=3 color=blue face="sans-serif"><u>LO82881</u></font></a> <td width=577 style="border-style:none none none none;border-color:#000000;border-width:0px 0px 0px 0px;padding:1px 1px;"><font size=3 face="sans-serif">Domino server may crash if $NTTrack field is corrupted.</font> <tr valign=top height=8> <td width=103 style="border-style:none none none none;border-color:#000000;border-width:0px 0px 0px 0px;padding:1px 1px;"><a href="http://www.ibm.com/support/docview.wss?uid=swg1LO89471"><font size=3 color=blue face="sans-serif"><u>LO89471</u></font></a> <td width=577 style="border-style:none none none none;border-color:#000000;border-width:0px 0px 0px 0px;padding:1px 1px;"><font size=3 face="sans-serif">Traveler invitee status may be incorrect if using mixed case internet addresses.</font> <tr valign=top height=8> <td width=103 style="border-style:none none none none;border-color:#000000;border-width:0px 0px 0px 0px;padding:1px 1px;"><a href="http://www.ibm.com/support/docview.wss?uid=swg1LO89606"><font size=3 color=blue face="sans-serif"><u>LO89606</u></font></a> <td width=577 style="border-style:none none none none;border-color:#000000;border-width:0px 0px 0px 0px;padding:1px 1px;"><font size=3 face="sans-serif">Number of recipients limited to 100 when sending mail from a mobile device.</font> <tr valign=top height=8> <td width=103 style="border-style:none none none none;border-color:#000000;border-width:0px 0px 0px 0px;padding:1px 1px;"><a href="http://www.ibm.com/support/docview.wss?uid=swg1LO89745"><font size=3 color=blue face="sans-serif"><u>LO89745</u></font></a> <td width=577 style="border-style:none none none none;border-color:#000000;border-width:0px 0px 0px 0px;padding:1px 1px;"><font size=3 face="sans-serif">Traveler server enters constrained state when load balancing a large number of users.</font> <tr valign=top height=8> <td width=103 style="border-style:none none none none;border-color:#000000;border-width:0px 0px 0px 0px;padding:1px 1px;"><a href="http://www.ibm.com/support/docview.wss?uid=swg1LO89772"><font size=3 color=blue face="sans-serif"><u>LO89772</u></font></a> <td width=577 style="border-style:none none none none;border-color:#000000;border-width:0px 0px 0px 0px;padding:1px 1px;"><font size=3 face="sans-serif">Meeting chair may receive multiple notices from attendee who processes notice on an Apple Native Calendar application.</font> <tr valign=top height=8> <td width=103 style="border-style:none none none none;border-color:#000000;border-width:0px 0px 0px 0px;padding:1px 1px;"><a href="http://www.ibm.com/support/docview.wss?uid=swg1LO89840"><font size=3 color=blue face="sans-serif"><u>LO89840</u></font></a> <td width=577 style="border-style:none none none none;border-color:#000000;border-width:0px 0px 0px 0px;padding:1px 1px;"><font size=3 face="sans-serif">IBM Verse mobile application fails to download entire mail for very large mail documents.</font> <tr valign=top height=8> <td width=103 style="border-style:none none none none;border-color:#000000;border-width:0px 0px 0px 0px;padding:1px 1px;"><a href="http://www.ibm.com/support/docview.wss?uid=swg1LO89952"><font size=3 color=blue face="sans-serif"><u>LO89952</u></font></a> <td width=577 style="border-style:none none none none;border-color:#000000;border-width:0px 0px 0px 0px;padding:1px 1px;"><font size=3 face="sans-serif">Deleted device still present in the Web Administration UI after the 30 day reap interval.</font> <tr valign=top height=8> <td width=103 style="border-style:none none none none;border-color:#000000;border-width:0px 0px 0px 0px;padding:1px 1px;"><a href="http://www.ibm.com/support/docview.wss?uid=swg1LO89954"><font size=3 color=blue face="sans-serif"><u>LO89954</u></font></a> <td width=577 style="border-style:none none none none;border-color:#000000;border-width:0px 0px 0px 0px;padding:1px 1px;"><font size=3 face="sans-serif">E-mail not in sent folder on mobile device when user sends and files an e-mail in Notes client.</font></table> <br /> <br /> <br /> <br /><font size=2 face="sans-serif">Release documentation:</font> <br /> <br /><a href="http://www-01.ibm.com/support/docview.wss?uid=swg21988973"><font size=2 color=blue face="sans-serif">http://www.ibm.com/support/docview.wss?uid=swg21988973</font></a> <br /> <br /> <br /><font size=2 face="sans-serif">Fixlist:</font> <br /> <br /><a href="http://www-01.ibm.com/support/docview.wss?uid=swg21700212#90113"><font size=2 color=blue face="sans-serif">http://www.ibm.com/support/docview.wss?uid=swg21700212#90113</font></a> <br />  ]]></content:encoded>
  284. <wfw:commentRss> http://blog.nashcom.de/nashcomblog.nsf/dxcomments/traveler-9.0.1.13-released-with-some-fixes.htm</wfw:commentRss>
  285. <wfw:comment> http://blog.nashcom.de/nashcomblog.nsf/dx/traveler-9.0.1.13-released-with-some-fixes.htm?opendocument&amp;comments</wfw:comment>
  286. </item>
  287. <item>
  288. <title>Extended Master Secret Extension issue affects all Internet Protocols including STARTTLS</title>
  289. <pubDate>Wed, 27 Jul 2016 10:23:28 +0200</pubDate>
  290. <description>
  291. <![CDATA[
  292. There is a an issue described in a technote which describes an issue with Win 2008 R2 and LDAP. This issue also occurs for other internet protocols!! It is specially important for servers using STAR ...
  293. ]]>
  294. </description>
  295. <link>http://blog.nashcom.de/nashcomblog.nsf/dx/extended-master-secret-extension-issue-affects-all-internet-protocols-including-starttls.htm</link>
  296. <category></category>
  297. <dc:creator>Daniel Nashed</dc:creator>
  298. <comments>http://blog.nashcom.de/nashcomblog.nsf/dx/extended-master-secret-extension-issue-affects-all-internet-protocols-including-starttls.htm?opendocument&amp;comments</comments>
  299. <guid isPermaLink="true">http://blog.nashcom.de/nashcomblog.nsf/dx/extended-master-secret-extension-issue-affects-all-internet-protocols-including-starttls.htm</guid>
  300. <content:encoded><![CDATA[ <font size=2 face="sans-serif">There is a an issue described in a technote which describes an issue with Win 2008 R2 and LDAP.</font> <br /><font size=2 face="sans-serif">This issue also occurs for other internet protocols!! </font> <br /> <br /><font size=2 face="sans-serif">It is specially important for servers using STARTTLS because you don't control which version and settings the receiving/sending host is using.</font> <br /> <br /><font size=2 face="sans-serif">So the issue I blogged about today does also affect other protocols. That's why I decided to have two blog posts to ensure it is better found on the web.</font> <br /> <br /><font size=2 face="sans-serif">Hiere is the info from the other blog post which also is relevant for your SMTP Servers.</font> <br /> <br /><font size=2 face="sans-serif"><br /> -- Daniel</font><font size=3> </font> <br /> <br /> <br /><font size=2 face="sans-serif">Domino &nbsp;9.0.1 FP5 IF1 adds support for the Extended Master Secret Extension with TLS 1.2.</font><font size=3> <br /> </font><font size=2 face="sans-serif"><br /> Windows 2008 R2 does only supports TLS 1.0 but still sends the Extended Master Secret Extension in the server helo.</font><font size=3> </font><font size=2 face="sans-serif"><br /> Domino fails to connect because once this is offered Domino wants to use it.</font><font size=3> <br /> </font><font size=2 face="sans-serif"><br /> There is a work-around to disable this new functionality globally on the server via notes.ini </font><font size=3><br /> </font><font size=2 face="sans-serif"><strong><br /> SSL_DISABLE_EXTENDED_MASTER_SECRET=1</strong></font><font size=3> <br /> </font><font size=2 face="sans-serif"><br /> This is just a work-around and the real fix would be that Microsoft provides &nbsp;a fix for Win 2008 R2 to not send the extension with the helo. <br /> Later versions do support TLS 1.2 and do not have the issue.</font><font size=3> <br /> <br /> </font><font size=2 face="sans-serif"><br /> See the following technote for details -> </font><a href="http://www-01.ibm.com/support/docview.wss?uid=swg21987608"><font size=2 color=blue face="sans-serif"><u>http://www.ibm.com/support/docview.wss?uid=swg21987608</u></font></a><font size=3> <br /> </font>  ]]></content:encoded>
  301. <wfw:commentRss> http://blog.nashcom.de/nashcomblog.nsf/dxcomments/extended-master-secret-extension-issue-affects-all-internet-protocols-including-starttls.htm</wfw:commentRss>
  302. <wfw:comment> http://blog.nashcom.de/nashcomblog.nsf/dx/extended-master-secret-extension-issue-affects-all-internet-protocols-including-starttls.htm?opendocument&amp;comments</wfw:comment>
  303. </item>
  304. <item>
  305. <title>Secure LDAP to Active Directory fails with Domino 9.0.1 FP5 IF1 and higher</title>
  306. <pubDate>Wed, 27 Jul 2016 08:21:25 +0200</pubDate>
  307. <description>
  308. <![CDATA[
  309. Domino 9.0.1 FP5 IF1 adds support for the Extended Master Secret Extension with TLS 1.2. Windows 2008 R2 does only supports TLS 1.0 but still sends the Extended Master Secret Extension in the serve ...
  310. ]]>
  311. </description>
  312. <link>http://blog.nashcom.de/nashcomblog.nsf/dx/secure-ldap-to-active-directory-fails-with-domino-9.0.1-fp5-if1-and-higher.htm</link>
  313. <category></category>
  314. <dc:creator>Daniel Nashed</dc:creator>
  315. <comments>http://blog.nashcom.de/nashcomblog.nsf/dx/secure-ldap-to-active-directory-fails-with-domino-9.0.1-fp5-if1-and-higher.htm?opendocument&amp;comments</comments>
  316. <guid isPermaLink="true">http://blog.nashcom.de/nashcomblog.nsf/dx/secure-ldap-to-active-directory-fails-with-domino-9.0.1-fp5-if1-and-higher.htm</guid>
  317. <content:encoded><![CDATA[  <br /><font size=2 face="sans-serif">Domino &nbsp;9.0.1 FP5 IF1 adds support for the Extended Master Secret Extension with TLS 1.2.</font> <br /> <br /><font size=2 face="sans-serif">Windows 2008 R2 does only supports TLS 1.0 but still sends the Extended Master Secret Extension in the server helo.</font> <br /><font size=2 face="sans-serif">Domino fails to connect because once this is offered Domino wants to use it.</font> <br /> <br /><font size=2 face="sans-serif">There is a work-around to disable this new functionality globally on the server via notes.ini </font> <br /> <br /><font size=2 face="sans-serif"><strong>SSL_DISABLE_EXTENDED_MASTER_SECRET=1</strong></font> <br /> <br /><font size=2 face="sans-serif">This is just a work-around and the real fix would be that Microsoft provides &nbsp;a fix for Win 2008 R2 to not send the extension with the helo. </font> <br /><font size=2 face="sans-serif">Later versions do support TLS 1.2 and do not have the issue.</font> <br /> <br /> <br /><font size=2 face="sans-serif">See the following technote for details -> </font><a href="http://www-01.ibm.com/support/docview.wss?uid=swg21987608"><font size=2 color=blue face="sans-serif">http://www.ibm.com/support/docview.wss?uid=swg21987608</font></a> <br /> <br /><font size=2 face="sans-serif">-- Daniel</font> <br />  ]]></content:encoded>
  318. <wfw:commentRss> http://blog.nashcom.de/nashcomblog.nsf/dxcomments/secure-ldap-to-active-directory-fails-with-domino-9.0.1-fp5-if1-and-higher.htm</wfw:commentRss>
  319. <wfw:comment> http://blog.nashcom.de/nashcomblog.nsf/dx/secure-ldap-to-active-directory-fails-with-domino-9.0.1-fp5-if1-and-higher.htm?opendocument&amp;comments</wfw:comment>
  320. </item>
  321. <item>
  322. <title>IBM Traveler 9.0.1.12 released including a security fix</title>
  323. <pubDate>Thu, 14 Jul 2016 09:45:20 +0200</pubDate>
  324. <description>
  325. <![CDATA[
  326. IBM Traveler 9.0.1.12 shipped with some important changes. The first change is a security fix which is described below. But there is another security fix in the installer on Windows as well and so ...
  327. ]]>
  328. </description>
  329. <link>http://blog.nashcom.de/nashcomblog.nsf/dx/ibm-traveler-9.0.1.12-released-including-a-security-fix.htm</link>
  330. <category>Traveler</category>
  331. <dc:creator>Daniel Nashed</dc:creator>
  332. <comments>http://blog.nashcom.de/nashcomblog.nsf/dx/ibm-traveler-9.0.1.12-released-including-a-security-fix.htm?opendocument&amp;comments</comments>
  333. <guid isPermaLink="true">http://blog.nashcom.de/nashcomblog.nsf/dx/ibm-traveler-9.0.1.12-released-including-a-security-fix.htm</guid>
  334. <content:encoded><![CDATA[ <font size=2 face="sans-serif">IBM Traveler 9.0.1.12 shipped with some important changes.</font><font size=3> </font><font size=2 face="sans-serif"><br /> <br /> The first change is a security fix which is described below.</font><font size=3> </font><font size=2 face="sans-serif"><br /> <br /> But there is another security fix in the installer on Windows as well and some other fixes that could be affecting you.</font><font size=3> </font><font size=2 face="sans-serif"><br /> <br /> Upgraded my server already. <br /> <br /> -- Daniel</font><font size=3> <br /> </font><font size=2 face="sans-serif"><br /> <br /> Security Bulletin: XML External Entities Injection Vulnerability in IBM Traveler (CVE-2016-3039) <br /> IBM Traveler is vulnerable to a denial of service caused by an XML External Entity Injection (XXE) error when processing XML data. </font><font size=3 color=blue><u><br /> <br /> </u></font><a href="http://www-01.ibm.com/support/docview.wss?uid=swg21985858&amp;myns=swglotus&amp;mynp=OCSSYRPW&amp;mync=E&amp;cm_sp=swglotus-_-OCSSYRPW-_-E"><font size=2 color=blue face="sans-serif"><u>http://www.ibm.com/support/docview.wss?uid=swg21985858&amp;myns=swglotus&amp;mynp=OCSSYRPW&amp;mync=E&amp;cm_sp=swglotus-_-OCSSYRPW-_-E</u></font></a><font size=3> <br /> </font><font size=3 color=blue><u><br /> <br /> </u></font><a href="http://www-01.ibm.com/support/docview.wss?uid=swg21700212#90112"><font size=2 color=blue face="sans-serif"><u>http://www.ibm.com/support/docview.wss?uid=swg21700212#90112</u></font></a><font size=3> </font> <table width=684 style="border-collapse:collapse;"> <tr valign=top height=8> <td width=103 style="border-style:none none none none;border-color:#000000;border-width:0px 0px 0px 0px;padding:1px 1px;"><font size=2 face="sans-serif"><strong>APAR #</strong></font><font size=3> </font> <td width=577 style="border-style:none none none none;border-color:#000000;border-width:0px 0px 0px 0px;padding:1px 1px;"><font size=2 face="sans-serif"><strong>Abstract</strong></font><font size=3> </font> <tr valign=top height=8> <td width=103 style="border-style:none none none none;border-color:#000000;border-width:0px 0px 0px 0px;padding:1px 1px;"><a href="http://www.ibm.com/support/docview.wss?uid=swg1LO87689"><font size=2 color=blue face="sans-serif"><u>LO87689</u></font></a><font size=3> </font> <td width=577 style="border-style:none none none none;border-color:#000000;border-width:0px 0px 0px 0px;padding:1px 1px;"><font size=2 face="sans-serif">Invitee status not updated on Mobile device when external invitee responds.</font><font size=3> </font> <tr valign=top height=8> <td width=103 style="border-style:none none none none;border-color:#000000;border-width:0px 0px 0px 0px;padding:1px 1px;"><a href="http://www.ibm.com/support/docview.wss?uid=swg1LO88807"><font size=2 color=blue face="sans-serif"><u>LO88807</u></font></a><font size=3> </font> <td width=577 style="border-style:none none none none;border-color:#000000;border-width:0px 0px 0px 0px;padding:1px 1px;"><font size=2 face="sans-serif">Add the immediately remove invitee from invite on mobile device may not remove the invitee.</font><font size=3> </font> <tr valign=top height=8> <td width=103 style="border-style:none none none none;border-color:#000000;border-width:0px 0px 0px 0px;padding:1px 1px;"><a href="http://www.ibm.com/support/docview.wss?uid=swg1LO88916"><font size=2 color=blue face="sans-serif"><u>LO88916</u></font></a><font size=3> </font> <td width=577 style="border-style:none none none none;border-color:#000000;border-width:0px 0px 0px 0px;padding:1px 1px;"><font size=2 face="sans-serif">Invitee status not updated on Outlook client when external invitee responds.</font><font size=3> </font> <tr valign=top height=8> <td width=103 style="border-style:none none none none;border-color:#000000;border-width:0px 0px 0px 0px;padding:1px 1px;"><a href="http://www.ibm.com/support/docview.wss?uid=swg1LO88950"><font size=2 color=blue face="sans-serif"><u>LO88950</u></font></a><font size=3> </font> <td width=577 style="border-style:none none none none;border-color:#000000;border-width:0px 0px 0px 0px;padding:1px 1px;"><font size=2 face="sans-serif">Event still appears ghosted on mobile device after process an info update from ghosted entry.</font><font size=3> </font> <tr valign=top height=8> <td width=103 style="border-style:none none none none;border-color:#000000;border-width:0px 0px 0px 0px;padding:1px 1px;"><a href="http://www.ibm.com/support/docview.wss?uid=swg1LO89057"><font size=2 color=blue face="sans-serif"><u>LO89057</u></font></a><font size=3> </font> <td width=577 style="border-style:none none none none;border-color:#000000;border-width:0px 0px 0px 0px;padding:1px 1px;"><font size=2 face="sans-serif">Upgrade install technology to prevent MS Windows DLL Loading vulnerability.</font><font size=3> </font> <tr valign=top height=8> <td width=103 style="border-style:none none none none;border-color:#000000;border-width:0px 0px 0px 0px;padding:1px 1px;"><a href="http://www.ibm.com/support/docview.wss?uid=swg1LO89097"><font size=2 color=blue face="sans-serif"><u>LO89097</u></font></a><font size=3> </font> <td width=577 style="border-style:none none none none;border-color:#000000;border-width:0px 0px 0px 0px;padding:1px 1px;"><font size=2 face="sans-serif">Traveler device may display EnterSendTo field if SendTo empty for non-draft message.</font><font size=3> </font> <tr valign=top height=8> <td width=103 style="border-style:none none none none;border-color:#000000;border-width:0px 0px 0px 0px;padding:1px 1px;"><a href="http://www.ibm.com/support/docview.wss?uid=swg1LO89287"><font size=2 color=blue face="sans-serif"><u>LO89287</u></font></a><font size=3> </font> <td width=577 style="border-style:none none none none;border-color:#000000;border-width:0px 0px 0px 0px;padding:1px 1px;"><font size=2 face="sans-serif">Warning message for NumberFormatException for empty string should be Info log message and not a warning.</font><font size=3> </font> <tr valign=top height=8> <td width=103 style="border-style:none none none none;border-color:#000000;border-width:0px 0px 0px 0px;padding:1px 1px;"><a href="http://www.ibm.com/support/docview.wss?uid=swg1LO89357"><font size=2 color=blue face="sans-serif"><u>LO89357</u></font></a><font size=3> </font> <td width=577 style="border-style:none none none none;border-color:#000000;border-width:0px 0px 0px 0px;padding:1px 1px;"><font size=2 face="sans-serif">Update to prevent XML External Entities Injection vulnerability.</font><font size=3> </font> <tr valign=top height=8> <td width=103 style="border-style:none none none none;border-color:#000000;border-width:0px 0px 0px 0px;padding:1px 1px;"><a href="http://www.ibm.com/support/docview.wss?uid=swg1LO89358"><font size=2 color=blue face="sans-serif"><u>LO89358</u></font></a><font size=3> </font> <td width=577 style="border-style:none none none none;border-color:#000000;border-width:0px 0px 0px 0px;padding:1px 1px;"><font size=2 face="sans-serif">Same full name contact could sync wrong contact photo.</font><font size=3> </font> <tr valign=top height=8> <td width=103 style="border-style:none none none none;border-color:#000000;border-width:0px 0px 0px 0px;padding:1px 1px;"><a href="http://www.ibm.com/support/docview.wss?uid=swg1LO89421"><font size=2 color=blue face="sans-serif"><u>LO89421</u></font></a><font size=3> </font> <td width=577 style="border-style:none none none none;border-color:#000000;border-width:0px 0px 0px 0px;padding:1px 1px;"><font size=2 face="sans-serif">Ghosted entry for non-repeating event Cancel notice may show additional options on mobile device. </font> <tr valign=top height=8> <td width=103 style="border-style:none none none none;border-color:#000000;border-width:0px 0px 0px 0px;padding:1px 1px;"><a href="http://www.ibm.com/support/docview.wss?uid=swg1LO89499"><font size=2 color=blue face="sans-serif"><u>LO89499</u></font></a><font size=3> </font> <td width=577 style="border-style:none none none none;border-color:#000000;border-width:0px 0px 0px 0px;padding:1px 1px;"><font size=2 face="sans-serif">APNS notifications for IBM Verse for iOS may be in English instead of device preferred language.</font><font size=3> </font> <tr valign=top height=8> <td width=103 style="border-style:none none none none;border-color:#000000;border-width:0px 0px 0px 0px;padding:1px 1px;"><a href="http://www.ibm.com/support/docview.wss?uid=swg1LO89501"><font size=2 color=blue face="sans-serif"><u>LO89501</u></font></a><font size=3> </font> <td width=577 style="border-style:none none none none;border-color:#000000;border-width:0px 0px 0px 0px;padding:1px 1px;"><font size=2 face="sans-serif">Attachments and in-line images missing content header may not sync to mobile device.</font><font size=3> </font> <tr valign=top height=8> <td width=103 style="border-style:none none none none;border-color:#000000;border-width:0px 0px 0px 0px;padding:1px 1px;"><a href="http://www.ibm.com/support/docview.wss?uid=swg1LO89540"><font size=2 color=blue face="sans-serif"><u>LO89540</u></font></a><font size=3> </font> <td width=577 style="border-style:none none none none;border-color:#000000;border-width:0px 0px 0px 0px;padding:1px 1px;"><font size=2 face="sans-serif">Traveler Utility application should warn if attempting to change the DB2 user name as this may change the schema name as well.</font><font size=3> </font> <tr valign=top height=8> <td width=103 style="border-style:none none none none;border-color:#000000;border-width:0px 0px 0px 0px;padding:1px 1px;"><a href="http://www.ibm.com/support/docview.wss?uid=swg1LO89543"><font size=2 color=blue face="sans-serif"><u>LO89543</u></font></a><font size=3> </font> <td width=577 style="border-style:none none none none;border-color:#000000;border-width:0px 0px 0px 0px;padding:1px 1px;"><font size=2 face="sans-serif">Prevent device from renaming folder to null string.</font><font size=3> </font> <tr valign=top height=8> <td width=103 style="border-style:none none none none;border-color:#000000;border-width:0px 0px 0px 0px;padding:1px 1px;"><a href="http://www.ibm.com/support/docview.wss?uid=swg1LO89544"><font size=2 color=blue face="sans-serif"><u>LO89544</u></font></a><font size=3> </font> <td width=577 style="border-style:none none none none;border-color:#000000;border-width:0px 0px 0px 0px;padding:1px 1px;"><font size=2 face="sans-serif">Accept reschedule of non-repeating event from ghosted entry on Apple iOS Calendar application may not take effect on server.</font></table> <br /> <br /><font size=3><br /> </font>  ]]></content:encoded>
  335. <wfw:commentRss> http://blog.nashcom.de/nashcomblog.nsf/dxcomments/ibm-traveler-9.0.1.12-released-including-a-security-fix.htm</wfw:commentRss>
  336. <wfw:comment> http://blog.nashcom.de/nashcomblog.nsf/dx/ibm-traveler-9.0.1.12-released-including-a-security-fix.htm?opendocument&amp;comments</wfw:comment>
  337. </item>
  338. <item>
  339. <title>IBM Mail Support for Microsoft Outlook officially released</title>
  340. <pubDate>Wed, 29 Jun 2016 15:49:35 +0200</pubDate>
  341. <description>
  342. <![CDATA[
  343. Finally IBM has released IMSMO 2.0. It has been around already under controlled distribution and is finally available for all customers and partners. It enables you to connect a Microsoft Outlook 201 ...
  344. ]]>
  345. </description>
  346. <link>http://blog.nashcom.de/nashcomblog.nsf/dx/imsmo-v.20-released.htm</link>
  347. <category></category>
  348. <dc:creator>Daniel Nashed</dc:creator>
  349. <comments>http://blog.nashcom.de/nashcomblog.nsf/dx/imsmo-v.20-released.htm?opendocument&amp;comments</comments>
  350. <guid isPermaLink="true">http://blog.nashcom.de/nashcomblog.nsf/dx/imsmo-v.20-released.htm</guid>
  351. <content:encoded><![CDATA[ <font size=2 face="sans-serif">Finally IBM has released IMSMO 2.0. It has been around already under controlled distribution and is finally available for all customers and partners.</font> <br /> <br /><font size=2 face="sans-serif">It enables you to connect a Microsoft Outlook 2013 client to a Domino V9.0.1 Server.</font> <br /> <br /><font size=2 face="sans-serif">The software is an add-on to your Domino server similar to what a Traveler does (in fact they share some code base but they are not the same!).</font> <br /><font size=2 face="sans-serif">Also the gateway need to resist on the mail-server of the user. We asked to have a way to use a gateway server approach but IBM implemented it this way.</font> <br /> <br /><font size=2 face="sans-serif">If you are running in a production environment and you are running with more than a handful of users it is strongly recommended to use DB2 for the state database instead of the derby database.</font> <br /><font size=2 face="sans-serif">So for every server that has IMSMO enabled you need a connection to a DB2 server for the state database.</font> <br /><font size=2 face="sans-serif">Another way would be to have a local replica of the mailfile on the IMSMO server for all users running an Outlook Client.</font> <br /> <br /><font size=2 face="sans-serif">This solution is not intended for a whole, large organization. It's more one of the flexible options to support Outlook Clients in your environment for users who want or need the client for some special reason.</font> <br /> <br /><font size=2 face="sans-serif">For the Outlook Client you have to deploy an add-on which handles the connection. </font> <br /><font size=2 face="sans-serif">The first version with the project name "Hawthorn" was using the Active Sync protocol for sync and rest services with a plug-in for additional services like OOO and busytime lookup. T</font> <br /><font size=2 face="sans-serif">hat's why only Outlook 2013 and higher was supported because earlier releases did not support ActiveSync.</font> <br /> <br /><font size=2 face="sans-serif">The new version uses SyncML which gives IBM more control over the connection and functionality. The plugin does now handle the whole connection from client to server over SyncML.</font> <br /><font size=2 face="sans-serif">Older clients can still connect over ActiveSync but the new model makes more sense to only use the new plug-in.</font> <br /><font size=2 face="sans-serif">IBM also plans to support other Outlook Clients leveraging the plug-in approach.</font> <br /> <br /><font size=2 face="sans-serif">If you are entitled to download Domino V9.0.1, you can download IBM mail support for Microsoft Outlook at no charge from Passport Advantage®.</font> <br /> <br /><font size=2 face="sans-serif">ReadMe</font> <br /> <br /><font size=2 face="sans-serif">IBM Mail Support for Microsoft Outlook 2.0 Release Notes Multiplatform English (CNCZ9EN )</font> <br /> <br /><font size=2 face="sans-serif">Servers</font> <br /> <br /><font size=2 face="sans-serif">IBM mail Add-on 2.0.0 (for IMSMO) Windows 64 bit Multilingual (CNBK6ML )</font> <br /><font size=2 face="sans-serif">IBM mail Add-on 2.0.0 (for IMSMO) AIX 64 bit Multilingual (CNBK7ML )</font> <br /><font size=2 face="sans-serif">IBM mail Add-on 2.0.0 (for IMSMO) Linux 64 Multilingual (CNBK8ML ) </font> <br /> <br /><font size=2 face="sans-serif">Client</font> <br /> <br /><font size=2 face="sans-serif">IBM mail Add-in 2.0.0 (for IMSMO) Windows 32/64 bit Multilingual (CND43ML )</font> <br /> <br /> <br /><font size=2 color=red face="sans-serif">But you should wait to download and install the client component. There is an issue where I have an open PMR since yesterday afternoon.</font> <br /><font size=2 color=red face="sans-serif">It looks like there is an issue with the client package. Development reported back that they are working on it with high priority. </font> <br /><font size=2 color=red face="sans-serif">I will blog about it once I have more details.</font> <br /> <br /> <br /><font size=2 face="sans-serif">Here is a quick link to the admin guide:</font> <br /> <br /><a href=http://www.ibm.com/support/knowledgecenter/SSKTMJ_9.0.1/admin_imsmo/adm_toc.html><font size=2 color=blue face="sans-serif">http://www.ibm.com/support/knowledgecenter/SSKTMJ_9.0.1/admin_imsmo/adm_toc.html</font></a> <br /> <br />  ]]></content:encoded>
  352. <wfw:commentRss> http://blog.nashcom.de/nashcomblog.nsf/dxcomments/imsmo-v.20-released.htm</wfw:commentRss>
  353. <wfw:comment> http://blog.nashcom.de/nashcomblog.nsf/dx/imsmo-v.20-released.htm?opendocument&amp;comments</wfw:comment>
  354. </item>
  355. </channel></rss>
  356.  

If you would like to create a banner that links to this page (i.e. this validation result), do the following:

  1. Download the "valid RSS" banner.

  2. Upload the image to your own server. (This step is important. Please do not link directly to the image on this server.)

  3. Add this HTML to your page (change the image src attribute if necessary):

If you would like to create a text link instead, here is the URL you can use:

http://www.feedvalidator.org/check.cgi?url=http%3A//blog.nashcom.de/nashcomblog.nsf/feed.rss

Copyright © 2002-9 Sam Ruby, Mark Pilgrim, Joseph Walton, and Phil Ringnalda