Domino on Linux/Unix, Troubleshooting, Best Practices, Tips and more ...

    Details about JVM 1.8 Update in Notes/Domino 9.0.1 FP8

    Daniel Nashed  5 February 2017 23:30:51
    After my post I got a couple of offline and online questions about details for JVM 1.8 in the Notes Client.

    The release notes will be update but here is the comment from Scott in case you missed it in the comments.

    Thanks Scott for this detailed additonal information!!!

    Java Upgrade to 1.8.

    The Java run time environment provided with Domino has been upgraded to Java JRE version 1.8 to provide you with access to the latest features.

    - This is actually both Notes & Domino. So the JRE will be 1.8 for both Notes & Domino in 9.0.1 FP8.

    The preliminary fix list will be updated to state this. This was the first step.

    Designer will have 1.6 for compiling applications in FP8. But top of the list for the next FP is to upgrade the compiler in Designer to also use Java 1.8.

    This will come with a number of other dependency upgrades:

    - Upgrading the version of Eclipse, SWT, OSGi for the Notes client & Designer

    - Upgrading the version of OSGi for the Domino Server

    The work was big enough that it was separated into 2 Feature Packs. 901FP8 starts the work.

    Look for the session at IBM Connect 9am Wed Feb 22nd: Notes and Domino Roadmap

    IBM Notes/Domino 9.0.1 Feature Pack 8 Preliminary Release Notice

    Daniel Nashed  27 January 2017 15:57:33
    Today IBM released the first official information about Feature Pack 8 for Notes and Domino 9.0.1

    The Preliminary Release Notice provides detailed information about the first feature pack which is currently listed with status "gold candidate".

    Here are the release notes, with some comments from my side. (comments in blue).

    Things to Note:
    • NBP replaced with ICAA - There is no NBP (Notes Browser Plugin) shipped with 9.0.1 FP8. This has been replaced with ICAA (IBM Client Application Access). For more information, see IBM Client Application Access V1.0.1 documentation
    • Notes Client on Linux - There is no Notes client for Linux shipped with 9.0.1 FP8. This client platform has been discontinued and customers are encouraged to move to Windows or Mac.
    • Domino Server on Linux32 and AIX32 - There is no Domino Server for Linux32 and AIX32 shipped with 9.0.1 FP8. This server platform has been discontinued and customers are encouraged to move to the 64-bit platforms. Windows 32 bit remains a shipped and support platform.
    • Windows Server 2016 Support - (SPR #SVROAEPS4R)

    It was an expected and announced move from the browser plugin to a stand-alone application because vanishing support for the type of plugins IBM is using.

    Windows Server 2016 support is an important update for customers on the Windows platform. And Windows remains the only platform with 32bit support.
    Background is probably that applications like Sametime are still leveraging on the Windows 32bit Domino platform.

    But for all other platforms including Linux moving to a 64bit only implementation only makes a lot of sense. For AIX customer should have moved already to native 64bit because of the limits of AIX segmented memory model.
    For Linux most customers running mail and application servers and Traveler have already moved to native 64bit.

    The Linux client for SLED has been discontinued earlier. And there have been some discussions and rumors.
    But dropping the Linux client support with FP8 completely was a surprise for me.

    New Features in IBM® Domino® 9.0.1 Social Edition Feature Pack 8

    The documentation in Knowledgebase will be updated with these new features to coincide with the ship date of 9.0.1 FP8

    1) Optionally Move Views outside of NSF  for Increased data store in NSF.
    This feature is useful for large databases and provides the following benefits:
    - A smaller database file size, to avoid reaching the 64GB limitation.
    - Faster database backup and restore.
    - Better performance by allowing concurrent access to database and views.

    This is a long awaited feature and brings a couple of benefits as mentioned in the release notes.
    The feature can be enabled per database and the view index is stored in a separate file in either the same directory or in a complete different location (similar to the way FT index can be moved).
    It allows storage optimization and has less contention. Also the fragmentation on the NSF disk will be reduced. And of course your backup solution does not need to backup index data (NIF).
    The size of the view/folder index for a mail-databases are around 10% of the database size (that's before DAOS). With DAOS enabled the remaining size is 30-40% of the full database which means NIF is around 30% of the remaining NSF size.
    That's a great improvement!

    2) Java Upgrade to 1.8.
    The Java run time environment provided with Domino has been upgraded to Java JRE version 1.8 to provide you with access to the latest features.

    The long waited update to Java 1.8 is shipping with FP8 :-)
    This is the first step but the designer will hopefully be updated later this year to take benefit on new functionality for development of new application.

    3) Optionally Increase Document Summary Data (SPR #AKNX64TLRS APARID: LO04193)
    You can increase the document summary data limit on Notes 9 databases to 16MB from 64K. (The size limit for a single field remains 32 K.)

    This feature is in discussion for a while and also a long waited new functionality. 64K for summary data not much but this was a difficult to change internal limitation.
    Now with FP8 you can have up to 16MB summary data which is really an improvement for application developers!

    4) Add support for ADFS 3.0 and update the corresponding Cookbook instructions for configuration.

    ADFS 3.0 has been around for a while and is a much cleaner and straight forward implementation. It does not need IIS components and it build into the Windows server without extra download.
    Also the administration and configuration is easier. Most customers looking into SAML today with Microsoft and other products are looking into ADFS 3.0.
    So it was time to add ADFS 3.0 support. We implemented it for Web Federated Login for some customers and it worked well. Now we are getting official support!

    Hopefully we get fully updated cook-books with cleaner and more detailed descriptions and background how to implement it.

    New Features in IBM® Notes® 9.0.1 Social Edition Feature Pack 8

    1) Optionally Add Show Options: "Group By Date" And "Beginning Of Message", To Desktop Policy Settings (SPR #JSTN98BP3T APARID: LO75595)
    Administrators can add the notes.ini setting EnableGroupByDate=1 on mail servers to enable the Show > Group By Date option in all mail files.

    2) Optionally Retain MIME formatting when forwarding or replying to internet messages
    A notes.ini setting is now available for Notes Standard clients to retain MIME message formatting when users reply to or forward messages received from the internet. Without this setting, MIME messages are converted to Notes Rich Text which can cause some MIME formatting to be lost.

    3) Optionally Enable displaying internet addresses in mail and calendar documents
    You can enable internet addresses rather than Notes addresses to display in the Notes client mail and calendar. For example, display rather than Samantha Daryn/Renovations@Renovations. To enable this feature, add the following setting to the notes.ini file on a Notes client $INETADDRESSFIXUP=1

    Those changes in the Notes client show that there is still some development on the Notes client.
    Both features can make sense in many customer environments.

    -- Daniel

    Notes 9.0.1 FP7 IF1 released

    Daniel Nashed  8 December 2016 15:59:38
    There is a new IF1 for the Notes Client. Now it begins to be more complicated.
    The client IF1 and the server IF1 for the Linux issue (see previous posts) have nothing to do with each other and contain different SPRs.

    The most important fix is the issue we had with ID vault when the new port encryption is used.
    Given that the SPR is fixed in the client this looks like a client issue and not a server issue.

    -- Daniel

    Notes 9.0.1 Fix Pack 7 Interim Fix 1

            Duplicate Attachment Icons When Using Ls Embedobject To Attach Files To A NotesRichTextItem        

            Notes User Id File Upload To Vault Failed If Port_enc_adv Parameter Is Enabled

    Traveler available with some important changes

    Daniel Nashed  15 November 2016 19:14:58
    Traveler has been released with some important fixes and also changes. The Release documentation has some interesting details.

    Here is the extract from the release documentation with some comments.

    What's New

    "Device wipe is no longer an option for iOS 10.x devices as support was dropped by Apple. You can still use the Wipe Traveler Data option."

    For security reasons Apple disabled wipe over ActiveSync which is understandable. Before that change every server could wipe any device connected via ActiveSync.
    With this Apple side change Traveler could not delete the device any more and the status from the device was not interpreted correctly by the server.
    Traveler does now check if the device still supports the wipe (running iOS earlier than 10.x) and does only allow the Data Wipe over ActiveSync if the full wipe is not supported on the device.

    "Yellow status message if the IBM Traveler server is not listed as a Trusted Server for an end user's mail server. This is required for future security and feature enhancements planned for 2017. The status message will include information about how to correct."

    Sounds like IBM is planning a bigger change in 2017 for Traveler. I am curious what this higher security requirements are needed for. Trusted Servers are a quite high requirement which allow the Traveler servers to fully authenticate as any user on the mail server. It's much higher than just granting manager access to an individual mailfile.

    I have removed the Trusted Servers entry on my mail-server but I did not yet see the warning.

    "Database schema updates to improve data integrity.

    Tablerepair tell command to support the above schema updates. A warning message will be displayed at startup if any of the schema updates were not applied with instructions to run the tablerepair command. The server will continue to function properly if no action taken.

    NOTE: IBM Traveler does include a database schema update. Action may be required if you manually manage your database schema (this is not common). If you use auto schema updates (default behavior) there is no action required. See Updating the Enterprise Database for more information ("

    So this is an important information. This new version requires a schema change. If you are running stand-alone that should not cause any issues.
    If you have automatic schema update enabled the schema update should also happen automatically.
    And if you are switching from manual schema update to automatic schema update you should be careful. There is one ARPA fixed for DB2 and you should be aware of the default schema name differences for manual and automatic schema configuration.

    I guess with this schema change the issue has been discovered and the fix is that the NTS parameter with the schema name will be automatically set.
    (See -> for details).

    The fix-list contains some other important fixes! Check the fixlist link below for details.

    My server is already updated but I had not much time to test.

    IBM Traveler Fixes

    IBM Traveler Server Release Documentation

    DNUG Domino Day 2016 in DUS und DNUG Comes to you in BER

    Daniel Nashed  21 October 2016 13:13:55
    DNUG "Domino Day" - Fachgruppen-Tag Notes/Domino/Verse

    Auch in diesem Jahr haben wir wieder einen DNUG Event im Bereich Notes/Domino in Düssldorf.
    Und Anfang November hat Anett Hammerschmidt für unsere Fachgruppe einen halben Tag DNUG Comes To you mit anschließendem DNUG Stammtisch in Berliin.

    Bei beiden Events geht es um atkeulle Themen und Entwicklungen im Bereich Notes und Domino.
    Und es werden auch Kollegen von IBM vor Ort sein, mit denen man die aktuelle Strategie von IBM im Bereich Notes/Domino diskutieren kann.

    Ich hoffe viele von Euch auf einem der beiden Events begrüßen zu können.

    Anbei die Links zu beiden Veranstaltungen.

    Beide Tage sind für DNUG Mitglieder kostenlos .
    Aber auch Nicht-Mitglieder sind herzlich eingeladen (mit einem Kostenbeitrag am Domino Day).

    -- Daniel

    DNUG "Domino Day" - Fachgruppen-Tag Notes/Domino/Verse

    Donnerstag, 24. November in Düsseldorf

    BERLIN - DNUG: Team Verse and Notes Domino Comes to You

    Mittwoch, 2. November in Berlin

    IBM Champion Nomination 2016

    Daniel Nashed  18 October 2016 11:07:09
    The IBM Champion program is a great way to thank active members of the community and also to help them in some way to continue their work for the community.
    The nomination is still open until November 14th. So you still have time to nominate someone. Or renominate one of the current IBM Champions.

    See some details and official links below.

    -- Daniel

    "The IBM Champion program recognizes innovative thought leaders in the technical community — and rewards these contributors by amplifying their voice and increasing their sphere of influence.
    An IBM Champion is an IT professional, business leader, developer, or educator who influences and mentors others to help them make best use of IBM software, solutions, and services."

    So if there is someone you think how deserves it, here is the nomination form -->

    For more details see -->

      IBM Domino 9.0.1 Fix Pack 7 Interim Fix 1 addresses critical issues affecting Domino 9.0.1 FP7 for Linux64 & zLinux64

      Daniel Nashed  14 October 2016 12:08:35
      As reported before on Linux64 there is a issue with the cluster replicator which has been addressed with IF1 (SPR #KBRNAEMPX2).
      Because of a change in FP7 that needed a recompile of the whole core including all components (SPR# KBRN9Q7EZW) but some files where missing in the installations.

      IBM has fixed the issue with 9.0.1 FP7 IF1 which is already available for download. I got it already yesterday for testing thru our PMR and it replaces the missing files.

      If you are running Domino on Linux64 with FP7 you should update your server asap to IF1.

      -- Daniel

      The this linke for additional information and download links

      here is the list of files replaced by IF1

      rwxr-xr-x 1 root root  33K Aug 18 16:42 billing
      -rwxr-xr-x 1 root root  54K Aug 18 16:42 cldbdir
      -rwxr-xr-x 1 root root  58K Aug 18 16:42 clrepl
      -r--r--r-- 1 root root 6.9K Sep 13 22:39 daosmgr.res
      -rwxr-xr-x 1 root root 160K Aug 18 16:42 decs
      -rwxr-xr-x 1 root root 408K Aug 18 16:42
      -rwxr-xr-x 1 root root 390K Aug 18 16:42
      -rwxr-xr-x 1 root root 188K Aug 18 16:42
      -rwxr-xr-x 1 root root 300K Aug 18 16:42
      -rwxr-xr-x 1 root root 333K Aug 18 16:43
      -rwxr-xr-x 1 root root 8.0K Aug 18 16:41
      -rwxr-xr-x 1 root root 230K Aug 18 16:42
      -rwxr-xr-x 1 root root  15K Oct 12 23:57
      -rwxr-xr-x 1 root root 9.2K Aug 18 16:41
      -r--r--r-- 1 root root  11K Sep 13 22:39 smtp.res

      Domino 9.0.1 FP7 issue Notes User Id File Upload To Vault Failed If Port_enc_adv Parameter Is Enabled

      Daniel Nashed  12 October 2016 12:45:24
      Alex Novak mentioned another issue with FP7 which might affect you in my blog comments.

      We only have the public description of the SPR and I assume only the ID Vault server communication is affected.

      SPR # BBSZAEEK8C APAR #LO90429.: Notes User Id File Upload To Vault Failed If Port_enc_adv Parameter Is Enabled

      So for now you should not enable the new AES encryption on your ID Vault server until this issue is fixed.

      Given the 3 issues I reported in the last days in my blog (one is only effecting Linux64) I would wait for the next IF that hopefully addresses all those issues if you did not deploy it yet.

      -- Daniel

      Cluster replicator hang with 9.0.1 FP7 on Linux64

      Daniel Nashed  12 October 2016 12:32:24
      There is another issue (SPR #RSOIAEME5L) that might affect you when running with Linux64 and 9.0.1 FP7.

      Due to the change in FP7 on Linux64 (SPR# KBRN9Q7EZW) all server binaries needed to be updated in FP7.
      It turned out that some binaries have not been replaced by the FP7 installer. In this case the cluster replicator task wasn't updated.
      Because of the change of internal structures this causes issues with older core servertasks in Domino (business partner applications using the public C-API are not affected).

      In this cases the cluster replicator servertasks are hanging.

      If you are planning to update Domino on Linux64 to FP7 you should wait until this issue is fixed!

      -- Daniel

      CD to MIME Conversion Issue in 9.0.1 FP7 generating Javascript for sections

      Daniel Nashed  10 October 2016 09:41:42
      We ran into an issue at a customer on Friday. Today we got the confirmation that it is a bug and development is already looking into this.
      It looks like a low level issue when converting Richtext into MIME in mails on server side.

      In my test I have seen than probably all server based conversions are affected. Clients sending MIME message directly do not show this issue (and that should be the default in hopefully most companies so it hopefully is not an issue for your users).

      When the server converts a message to MIME JavaScript is generated for collapsible sections (for example when you reply to a mail in Notes style and your client prefers richtext when sending internet mail).

      There have been some changes in the conversion code in fixpack 7 which might have caused this unintended change.

      We have seen this when mails are converted by the mail-router and also 3rd party applications that convert messages.

      The SPR we got from support todays show it also impacts POP3 and IMAP.

      The critical part of the issue is that Javascript in mail is rated as active content by many antivirus/spam software. This can lead to rejected mails and even negative score for the sending servers.

      The only work-around is to ensure your clients are sending MIME directly and don't use the option to send richtext to internet recipients.

      Format for messages addressed to internet addresses: Notes Rich Text Format -> MIME Format
      You can ensure clients use that setting by pushing the setting via desktop policy. In our case the initial value was set correctly but the setting was not enforced and users changed it.
      But this can also occur with agents sending messages in richtext -- For example with newsletters etc..

      -- Daniel

      Reply Section Or Twistie In A Cd-mime Conversion Is Converted Incorrectly In Fixpack 7

      With a location doc which specifies to send to the server in
      Format for messages addressed to internet addresses: Notes Rich Text

      Send a typicall reply chain memo to 9.0.1 Domino FP6 for conversion either external or to a POP or IMAP user who has a
      Prefers Mime on their location doc and it will be noticed that after upgrading Domino to FP7 the arrows are missing and the
      format looks not quite right, the arrows are replaced by javascript links in the received note

      • [IBM Lotus Domino]
      • [Domino on Linux]
      • [Nash!Com]
      • [Daniel Nashed]