Traveler 9.0.1.18 with new Security Mode for Mail-File Access
Daniel Nashed – 22 June 2017 08:07:40
Traveler 9.0.1.18 comes with a couple of minor fixes and a big change in the way Traveler Server access mail-databases. In 9.0.1.15 IBM introduced a new check if the Traveler server is listed in Trusted Servers (Server Security Tab) to show a warning if not.
Now we know what IBM was preparing for. The server now acts as the user instead of the server. That's only possible if listed in Trusted Servers.
You still need the Traveler server to be listed in the ACL of the mail databases. Trusted Servers means that to server itself can make the session on a database look like it would be the user session.
But the remote server still needs access to the database.
I have done a quick test. Without the proper ACL an error is logged and also the user status reports an error.
The IBM Traveler server encountered an internal error validating your User ID CN=John Doe/O=Acme/CÞ. Please contact your server administrator.
[CN=notes.acme.de/OU=Srv/O=Acme-Net, mail/johndoe.nsf] is not reachable, status(0x4ac) "Unexpected internal error".
The new method for accessing mailfiles solves a couple of limitations. See details from the documentation below.
-- Daniel
What's new?
Traveler Server Run as User
Starting with IBM Traveler 9.0.1.18, the run as user feature will now be enabled by default. When running as the user, the Traveler server will access the user's mail file as the user ID instead of the server ID. This feature resolves several long standing issues with accessing the user's mail file as the server ID, including:
- Honor ACL controls on mail file and corporate lookup for the user.
- Prevent event notices and automated responses from being sent from the server ID.
- Prevent the server ID from being assigned as the owner of the mail profile when there is no owner defined.
Note: For run as user feature to function properly, the Traveler server must be listed as a trusted server in the user's Mail Server document. To disable run as user, set this notes.ini parameter: NTS_USER_SESSION=false
APAR # | Abstract |
LO90096 | Info update continues to be ghosted on mobile device after the event is processed. |
LO91797 | Empty comments displayed on iOS native Calendar application when event processed in iNotes. |
LO91836 | Invalid this and future reschedule generated by iOS native Calendar application. |
LO91875 | Ghosted event not displayed on mobile device. |
LO91956 | Maill attachment does not sync to mobile device when contains angle brackets < and >. |
LO91997 | IBM Traveler web administrator may show iOS Verse 9.4 device as not supporting security capabilities. |
LO92010 | Better handling of special character in mail header fields. |
LO92080 | Ignore a reply message with out a valid action defined. |
LO92085 | Hard delete processed notices vs soft delete to prevent from filling up trash folder. |
LO92209 | Second meeting room may be lost if event updated from mobile device. |
LO92210 | Unable to turn off iOS Verse application password via Domino policy document setting. |
LO92257 | Two instances of a previously processed event may show on mobile device if the daylight savings rules change for the time zone. |
LO92303 | SQL Syntax error adding index TSGUDTSTAMPCREATEIDXSQL9 on DB2. |
- Comments [1]