Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.
OPENNTF WEBINARS
October OpenNTF Webinar - What we like about
Domino/Notes 12, recommended new features to try
AGENDA
• Welcome – Howard Greenberg and Graham Acres
• Time-based One-time Authentication (TOTP)
• Roberto Boccadoro
• One...
ASKING QUESTIONS
• First Question – Will this be recorded?
• Yes, view on YouTube!!!
• https://www.youtube.com/user/OpenNT...
THANKS TO THE OPENNTF SPONSORS
• HCL made a contribution to help our organization
• Funds these webinars!
• Contests like ...
THIS IS OUR COMMUNITY
• Join us and get involved!
• We are all volunteers
• No effort is too small
• If your idea is bigge...
NEXT WEBINAR
• Signup at https://openntf.org/webinars
UPCOMING EVENTS
• Collabsphere Online – October 19-21
• https://collabsphere.org/ug/cs2021.nsf/register.html
• Engage 2022...
SETTING UP TOTP
ON A DOMINO SERVER
Roberto Boccadoro – OpenNTF Contributing Director
ELD Engineering
WHAT IS MFA ?
Multi-factor authentication (MFA; encompassing two-factor
authentication, or 2FA, along with similar terms) ...
MFA IN DOMINO V12
V12 supports MFA authentication out-of-the-box, without the
need of 3° party solutions.
When users log o...
REQUIREMENTS
• A V12 Domino server
• A Vault database upgraded to the V12 idvault.ntf design
• Users must have a TOTP appl...
SETUP
1. Issue a vault trust certificate for TOTP
2. Enable TOTP authentication in the Configuration Settings
document
3. ...
ISSUE A VAULT TRUST CERTIFICATE FOR TOTP
At the console of a vault server, issue the following command:
mfamgmt create tru...
ISSUE A VAULT TRUST CERTIFICATE FOR TOTP
To verify: open the Domino directory on any server in the domain,
select the Cert...
ENABLE TOTP AUTHENTICATION IN THE
CONFIGURATION SETTINGS DOCUMENT
Edit (or create) a configuration settings document
Click...
ENABLE TOTP AUTHENTICATION IN THE
CONFIGURATION SETTINGS DOCUMENT
The algorithm used to generate the token: Use the defaul...
3. ENABLE TOTP AUTHENTICATION ON SERVERS
There are 3 different possibilities:
• Enable TOTP authentication for a server th...
3. ENABLE TOTP AUTHENTICATION ON SERVERS
This is an example of using a Server Document
Open the Server document in the Dom...
3. ENABLE TOTP AUTHENTICATION ON SERVERS
Select the Ports > Internet Ports tab.
In the Web section, in both Name & passwor...
4. ENABLING SECURE MAIL OPERATIONS FOR
TOTP (OPTIONAL)
You can optionally configure support for secure mail operations (de...
5. CONFIGURE THE TOTP LOGIN FORM
Open (or create) the Domino Web Server Configuration database
Important: The name of the ...
RESTART THE DOMINO SERVER TO ENABLE
TOTP
DEMO TIME!
ONE TOUCH SETUP
FOR DOMINO V12
Roberto Boccadoro – OpenNTF Contributing Director
ELD Engineering
WHAT IS ONE-TOUCH SETUP ?
In previous versions of HCL Domino, setting up a Domino server
involved multiple steps. Starting...
ENVIRONMENT VARIABLES
This is the easiest way to set up the server, tough it is limited compared
to the use of a JSON file...
ENVIRONMENT VARIABLES
The list of the environment variables for server setup is available here:
https://help.hcltechsw.com...
JSON FILE
Allows to do more than environment variables:
Creation of ID Vault
Create and update applications and documents ...
INVOKING SETUP ON WINDOWS/LINUX
Environment variables
• Install Domino
• Run the shell script/batch file defined before (s...
INVOKING SETUP ON WINDOWS/LINUX
Use Daniel Nashed script
./install_domino.sh to install Domino
domino setup to invoke One-...
INVOKING SETUP ON DOCKER
Environment variables
• Create a volume to store the Domino data directory. For example, to creat...
DEMO TIME!
RETURN OF THE DOTS!
Now in the Domino v12…
Serdar Basegmez


Twitter: @serdar_basegmez


Blog: http://lotusnotus.com
LONG TIME AGO…
WHAT IS DOTS?
• DOTS: Domino OSGi Tasklet Services


• Develop and run OSGi level server Tasklets for Domino


• Run backg...
HISTORY OF DOTS
• OpenNTF project contributed by IBM


• Named as JAVADDIN project in 2010


• Renamed as OSGi Tasklet Ser...
DOTS RETURNED TO DOMINO V12!
• Installed with the Core product


• Support: Windows 64 and Linux 64


• Upgraded to Eclips...
OVERVIEW OF DOTS
• DOTS task coordinate its tasklets/threads


• Separate JVM and OSGi Container


• Supports multiple pro...
WHEN SHOULD YOU USE DOTS?
• Need Background processing in your application?


• Accessing Domino resources


• Long-runnin...
WHEN SHOULDN’T YOU USE DOTS?
• Expensive for simple tasks


• More time consuming to develop/maintain/deploy


• Steep lea...
DOTS OR JAVA AGENTS?
• Agents are easier to develop


• Easy development/maintenance/deployment


• Well-integrated into D...
DOTS OR JAVA AGENTS?
• Java Agents are inherently slow…
DOTS OR JAVA AGENTS?
• Java Agents are inherently slow…
Run!
DOTS tasklet: Everything is ready to run
> tell amgr run "tes...
DOTS OR JAVA AGENTS?
• Java Agents are inherently slow…


• Old and Buggy


• Incompatible with many modern libraries


• ...
DOTS OR XOTS?
• XOTS might be a feasible alternative…


• “DOTS tasklets within XPages” (credits to Paul Withers)


• Part...
EXAMPLE PROJECTS
OpenNTF Collaboration Today - FeedMonster
FEEDMONSTER
• DOTS module in OpenNTF Collaboration Today


• Problem:


• Curators adding news stories manually


• Find t...
FEEDMONSTER
• DOTS module designed to pre-fetch new blog posts
Blog Feeds
Queue Documents
Feed URL #1
Feed URL #2
…
Feed U...
EXAMPLE PROJECTS
Customer Case: CRM - E-Mail Marketing integration
E-MAIL MARKETING INTEGRATION
• A customer case


• CRM, Sales and Marketing Automation apps


• Notes Client apps


• Mult...
E-MAIL MARKETING INTEGRATION
• Tasklet can handle long-running upload process


• Watching queue every minute


• Very sma...
START USING DOTS TODAY!
HOW TO START? - UPGRADERS
• Update Eclipse 4.6.2 or later


• Recompile your plugins


• Upgrade to Domino v12


• Removes...
HOW TO START? - NEWBIES
• Eclipse IDE is needed for development


• Minimum Eclipse 4.6.2 (Neon 2)


• Designer might be u...
THANK YOU!
QUESTIONS?
Use the GoToWebinar Questions Pane
Please keep all questions related to the
topics that our speakers are discus...
Upcoming SlideShare
Loading in …5
×

of

October OpenNTF Webinar - What we like about Domino/Notes 12, recommended new features to try Slide 1 October OpenNTF Webinar - What we like about Domino/Notes 12, recommended new features to try Slide 2 October OpenNTF Webinar - What we like about Domino/Notes 12, recommended new features to try Slide 3 October OpenNTF Webinar - What we like about Domino/Notes 12, recommended new features to try Slide 4 October OpenNTF Webinar - What we like about Domino/Notes 12, recommended new features to try Slide 5 October OpenNTF Webinar - What we like about Domino/Notes 12, recommended new features to try Slide 6 October OpenNTF Webinar - What we like about Domino/Notes 12, recommended new features to try Slide 7 October OpenNTF Webinar - What we like about Domino/Notes 12, recommended new features to try Slide 8 October OpenNTF Webinar - What we like about Domino/Notes 12, recommended new features to try Slide 9 October OpenNTF Webinar - What we like about Domino/Notes 12, recommended new features to try Slide 10 October OpenNTF Webinar - What we like about Domino/Notes 12, recommended new features to try Slide 11 October OpenNTF Webinar - What we like about Domino/Notes 12, recommended new features to try Slide 12 October OpenNTF Webinar - What we like about Domino/Notes 12, recommended new features to try Slide 13 October OpenNTF Webinar - What we like about Domino/Notes 12, recommended new features to try Slide 14 October OpenNTF Webinar - What we like about Domino/Notes 12, recommended new features to try Slide 15 October OpenNTF Webinar - What we like about Domino/Notes 12, recommended new features to try Slide 16 October OpenNTF Webinar - What we like about Domino/Notes 12, recommended new features to try Slide 17 October OpenNTF Webinar - What we like about Domino/Notes 12, recommended new features to try Slide 18 October OpenNTF Webinar - What we like about Domino/Notes 12, recommended new features to try Slide 19 October OpenNTF Webinar - What we like about Domino/Notes 12, recommended new features to try Slide 20 October OpenNTF Webinar - What we like about Domino/Notes 12, recommended new features to try Slide 21 October OpenNTF Webinar - What we like about Domino/Notes 12, recommended new features to try Slide 22 October OpenNTF Webinar - What we like about Domino/Notes 12, recommended new features to try Slide 23 October OpenNTF Webinar - What we like about Domino/Notes 12, recommended new features to try Slide 24 October OpenNTF Webinar - What we like about Domino/Notes 12, recommended new features to try Slide 25 October OpenNTF Webinar - What we like about Domino/Notes 12, recommended new features to try Slide 26 October OpenNTF Webinar - What we like about Domino/Notes 12, recommended new features to try Slide 27 October OpenNTF Webinar - What we like about Domino/Notes 12, recommended new features to try Slide 28 October OpenNTF Webinar - What we like about Domino/Notes 12, recommended new features to try Slide 29 October OpenNTF Webinar - What we like about Domino/Notes 12, recommended new features to try Slide 30 October OpenNTF Webinar - What we like about Domino/Notes 12, recommended new features to try Slide 31 October OpenNTF Webinar - What we like about Domino/Notes 12, recommended new features to try Slide 32 October OpenNTF Webinar - What we like about Domino/Notes 12, recommended new features to try Slide 33 October OpenNTF Webinar - What we like about Domino/Notes 12, recommended new features to try Slide 34 October OpenNTF Webinar - What we like about Domino/Notes 12, recommended new features to try Slide 35 October OpenNTF Webinar - What we like about Domino/Notes 12, recommended new features to try Slide 36 October OpenNTF Webinar - What we like about Domino/Notes 12, recommended new features to try Slide 37 October OpenNTF Webinar - What we like about Domino/Notes 12, recommended new features to try Slide 38 October OpenNTF Webinar - What we like about Domino/Notes 12, recommended new features to try Slide 39 October OpenNTF Webinar - What we like about Domino/Notes 12, recommended new features to try Slide 40 October OpenNTF Webinar - What we like about Domino/Notes 12, recommended new features to try Slide 41 October OpenNTF Webinar - What we like about Domino/Notes 12, recommended new features to try Slide 42 October OpenNTF Webinar - What we like about Domino/Notes 12, recommended new features to try Slide 43 October OpenNTF Webinar - What we like about Domino/Notes 12, recommended new features to try Slide 44 October OpenNTF Webinar - What we like about Domino/Notes 12, recommended new features to try Slide 45 October OpenNTF Webinar - What we like about Domino/Notes 12, recommended new features to try Slide 46 October OpenNTF Webinar - What we like about Domino/Notes 12, recommended new features to try Slide 47 October OpenNTF Webinar - What we like about Domino/Notes 12, recommended new features to try Slide 48 October OpenNTF Webinar - What we like about Domino/Notes 12, recommended new features to try Slide 49 October OpenNTF Webinar - What we like about Domino/Notes 12, recommended new features to try Slide 50 October OpenNTF Webinar - What we like about Domino/Notes 12, recommended new features to try Slide 51 October OpenNTF Webinar - What we like about Domino/Notes 12, recommended new features to try Slide 52 October OpenNTF Webinar - What we like about Domino/Notes 12, recommended new features to try Slide 53 October OpenNTF Webinar - What we like about Domino/Notes 12, recommended new features to try Slide 54 October OpenNTF Webinar - What we like about Domino/Notes 12, recommended new features to try Slide 55 October OpenNTF Webinar - What we like about Domino/Notes 12, recommended new features to try Slide 56
Upcoming SlideShare
What to Upload to SlideShare
Next
Download to read offline and view in fullscreen.

0 Likes

Share

Download to read offline

October OpenNTF Webinar - What we like about Domino/Notes 12, recommended new features to try

Download to read offline

In this webinar OpenNTF members will discuss the Domino/Notes 12 features they like and suggest for everyone to check out!

The topics and speakers will be:

Time-based One-time Authentication (TOTP) - Roberto Boccadoro
TOTP allows multi-factor authentication. When users login to a Domino web server they have to provide a time-based one-time use password in addition to their usual name/password. This is done using a third party application like Google Authenticator, Authy or Duo Mobile on their mobile devices/computers.

Domino OSGI Tasklet Service (DOTS) - Serdar Basegmez
Create Domino server tasks using Java OSGI plugins. These can be scheduled and can interface with the server console using TELL commands.

One Touch Setup for Domino - Roberto Boccadoro
In previous versions of HCL Domino, setting up a Domino server involved multiple steps. Starting with Domino 12, you can use one-touch Domino setup to set up a server in just a single step.

Related Books

Free with a 30 day trial from Scribd

See all

Related Audiobooks

Free with a 30 day trial from Scribd

See all
  • Be the first to like this

October OpenNTF Webinar - What we like about Domino/Notes 12, recommended new features to try

  1. 1. OPENNTF WEBINARS October OpenNTF Webinar - What we like about Domino/Notes 12, recommended new features to try
  2. 2. AGENDA • Welcome – Howard Greenberg and Graham Acres • Time-based One-time Authentication (TOTP) • Roberto Boccadoro • One Touch Setup for Domino • Roberto Boccadoro • Domino OSGI Tasklet Service (DOTS) • Serdar Basegmez • Questions – Everyone
  3. 3. ASKING QUESTIONS • First Question – Will this be recorded? • Yes, view on YouTube!!! • https://www.youtube.com/user/OpenNTF • Use the Questions Pane in GoToWebinar • We will get to your questions at the end of the webinar • The speakers will respond to your questions verbally • (not in the Questions pane) • Please keep all questions related to the topics that our speakers are discussing!!! • Unrelated Question => post at: • http://openntf.slack.com/
  4. 4. THANKS TO THE OPENNTF SPONSORS • HCL made a contribution to help our organization • Funds these webinars! • Contests like Hackathons • Running the organization • Prominic donates all IT related services • Cloud Hosting for OpenNTF • Infrastructure management for HCL Domino and Atlassian Servers • System Administration for day-to-day operation
  5. 5. THIS IS OUR COMMUNITY • Join us and get involved! • We are all volunteers • No effort is too small • If your idea is bigger than you can do on your own, we can connect you to a team to work on it • Test or help or modify an existing project • Write guides or documentation • Add reviews on projects / stars on Snippets
  6. 6. NEXT WEBINAR • Signup at https://openntf.org/webinars
  7. 7. UPCOMING EVENTS • Collabsphere Online – October 19-21 • https://collabsphere.org/ug/cs2021.nsf/register.html • Engage 2022 – Bruges, Belgium – March 22-23, 2022 • https://engage.ug/
  8. 8. SETTING UP TOTP ON A DOMINO SERVER Roberto Boccadoro – OpenNTF Contributing Director ELD Engineering
  9. 9. WHAT IS MFA ? Multi-factor authentication (MFA; encompassing two-factor authentication, or 2FA, along with similar terms) is an electronic authentication method in which a user is granted access to a website or application only after successfully presenting two or more pieces of evidence (or factors) to an authentication mechanism: knowledge (something only the user knows), possession (something only the user has), and inherence (something only the user is). • Something the user knows: Certain knowledge only known to the user, such as a password, PIN, TAN, etc. • Something the user has: Any physical object in the possession of the user, such as a security token (USB stick), a bank card, a key, etc. • Something the user is: Some physical characteristic of the user (biometrics), such as a fingerprint, eye iris, voice, typing speed, pattern in key press intervals, etc.
  10. 10. MFA IN DOMINO V12 V12 supports MFA authentication out-of-the-box, without the need of 3° party solutions. When users log on to a Domino Web server, you can require that they provide time-based one-time passwords in addition to their user names and passwords. Time-based one-time password (TOTP) authentication provides an extra layer of security when users authenticate to a Domino Web server
  11. 11. REQUIREMENTS • A V12 Domino server • A Vault database upgraded to the V12 idvault.ntf design • Users must have a TOTP application installed locally on a device or computer. TOTP applications that comply with RFC 6238 are supported, including Google Authenticator, Authy, and Duo Mobile.
  12. 12. SETUP 1. Issue a vault trust certificate for TOTP 2. Enable TOTP authentication in the Configuration Settings document 3. Enable TOTP authentication on servers 4. Enabling secure mail operations for TOTP (optional) 5. Configure the TOTP login form 6. Restart the vault server to enable TOTP
  13. 13. ISSUE A VAULT TRUST CERTIFICATE FOR TOTP At the console of a vault server, issue the following command: mfamgmt create trustcert <Notes DN to allow> <certifier ID file> <certifier password> For example: mfamgmt create trustcert "*/O=mfatest1" cert.id sr$1ulv7bYT
  14. 14. ISSUE A VAULT TRUST CERTIFICATE FOR TOTP To verify: open the Domino directory on any server in the domain, select the Certificates view, and verify that you see a Multi-Factor Authentication Certificate similar to the following one: Issue the show idvault command and verify that output lists the MFA trust for the correct organization, as shown in bold in the following example: show idvault [0FE0:0006-0860] Administration Server: server1/renovations [0FE0:0006-0860] /renovations trusts this vault [0FE0:0006-0860] /renovations trusts /renovations for MFA [0FE0:0006-0860] /renovations trusts renovations admin/renovations to reset passwords [0FE0:0006-0860] /renovations trusts server1/renovations to reset passwords [0FE0:0006-0860] Setting renovationsvaultVaultSetting uses this vault
  15. 15. ENABLE TOTP AUTHENTICATION IN THE CONFIGURATION SETTINGS DOCUMENT Edit (or create) a configuration settings document Click the Security tab. Complete the following fields in the Multi Factor Authentication section.
  16. 16. ENABLE TOTP AUTHENTICATION IN THE CONFIGURATION SETTINGS DOCUMENT The algorithm used to generate the token: Use the default, HMAC- SHA256, unless you find that there are older TOTP applications in your environment that don't support it. Note: The ID vault server supports downgrading the HMAC algorithm by one level, for example, from HMAC-SHA256 to HMAC-SHA1. Therefore, HCL has kept the default algorithm as HMAC-SHA256 to support TOTP clients like Google Authenticator. Authy and Microsoft Authenticator support HMAC-SHA1 currently and they work against the server enabled for either HMAC-SHA1 or HMAC-SHA256.
  17. 17. 3. ENABLE TOTP AUTHENTICATION ON SERVERS There are 3 different possibilities: • Enable TOTP authentication for a server through a Server document • Enable TOTP authentication for a server through a Web Site document • Enable TOTP authentication for a server through a Virtual Server document
  18. 18. 3. ENABLE TOTP AUTHENTICATION ON SERVERS This is an example of using a Server Document Open the Server document in the Domino directory. Select the Internet Protocols > Domino Web Engine tab. In the Session authentication field, select Single Server or Multiple Server (SSO). In the Domino Access Services section, select TOTP in the Enabled services field. TOTP is not supported with Basic authentication or with SAML
  19. 19. 3. ENABLE TOTP AUTHENTICATION ON SERVERS Select the Ports > Internet Ports tab. In the Web section, in both Name & password fields, select Yes with TOTP.
  20. 20. 4. ENABLING SECURE MAIL OPERATIONS FOR TOTP (OPTIONAL) You can optionally configure support for secure mail operations (decryption, encryption, signing) for web users with Notes IDs, such as iNotes users. Note: When you enable this feature, the ability for iNotes users to upload and download their IDs to and from the vault is disabled. • Open the Security Settings document and click the ID Vault tab. • In the section TOTP-based ID Downloads, select Yes in the Allow TOTP authentication with the ID vault field. • To allow web users who do not use TOTP to continue to download their Notes IDs for secure mail operations, select Yes in the Allow password authentication with the ID vault. To require that all web users use TOTP in order to download their Notes IDs, select No. • Open the vault database. • Open the Configuration document. • In the TOTP authenticated vault login section, specify all of the Domino web mail server names in the Trusted servers field.
  21. 21. 5. CONFIGURE THE TOTP LOGIN FORM Open (or create) the Domino Web Server Configuration database Important: The name of the database must be DOMCFG.NSF • Open the Sign In Form Mappings view. • Click Add Mapping. • Under Site Information, choose one:  All Web Sites/Entire Server -- to use the custom log-in form for all Web Sites on the server, or for the entire Web server.  Specific Web Sites/Virtual Servers -- to map the custom log-in form to specific Web Site documents or Virtual Servers. If you choose this option, a new field appears, in which you specify the IP addresses of the Web Site documents or Virtual Servers • Under Form Mapping, for Target Database specify DOMCFG.NSF and for Target Form, specify $$LoginUserFormMFA. • Make sure that the -Default- entry in the ACL of DOMCFG.NSF has Reader access with Read public documents enabled
  22. 22. RESTART THE DOMINO SERVER TO ENABLE TOTP
  23. 23. DEMO TIME!
  24. 24. ONE TOUCH SETUP FOR DOMINO V12 Roberto Boccadoro – OpenNTF Contributing Director ELD Engineering
  25. 25. WHAT IS ONE-TOUCH SETUP ? In previous versions of HCL Domino, setting up a Domino server involved multiple steps. Starting with Domino 12, you can use one- touch Domino setup to set up a server in a single step. You invoke one-touch Domino setup by referring to a JSON file or a set of environment variables that contain the setup configuration information. Using one-touch Domino setup you can: • Set up servers • Set up an ID vault • Create and update applications and documents and enable and run agents. This feature is available only through JSON file input. One-touch Domino setup is supported on Domino on Docker, Windows, and UNIX platforms.
  26. 26. ENVIRONMENT VARIABLES This is the easiest way to set up the server, tough it is limited compared to the use of a JSON file Windows/Linux: run a batch file or a shell script to export the system environment variables needed. Docker: define the system environment variables for Docker to export in a text file specified by the --env-file parameter set SERVERSETUP_SERVER_TYPE=first set SERVERSETUP_SERVER_NAME=adminserver set SERVERSETUP_SERVER_DOMAINNAME=ACME set SERVERSETUP_SERVER_TITLE=ACME Administration Server set SERVERSETUP_NETWORK_HOSTNAME=adminserver.acme.com set SERVERSETUP_ORG_ORGNAME=sherlock set SERVERSETUP_ORG_CERTIFIERPASSWORD=passw0rd set SERVERSETUP_ADMIN_LASTNAME=Sherlock Holmes set SERVERSETUP_ADMIN_PASSWORD=passw0rd set SERVERSETUP_ADMIN_IDFILEPATH=C:dominoadminserverdataa dmin.id export SERVERSETUP_SERVER_TYPE=first export SERVERSETUP_SERVER_NAME=adminserver export SERVERSETUP_SERVER_DOMAINNAME=ACME export SERVERSETUP_SERVER_TITLE="ACME Administration Server" export SERVERSETUP_NETWORK_HOSTNAME=adminserver.acme.c om export SERVERSETUP_ORG_ORGNAME=sherlock export SERVERSETUP_ORG_CERTIFIERPASSWORD=passw0rd export SERVERSETUP_ADMIN_LASTNAME="Sherlock Holmes" export SERVERSETUP_ADMIN_PASSWORD=passw0rd export SERVERSETUP_ADMIN_IDFILEPATH=admin.id SERVERSETUP_SERVER_TYPE=additional SERVERSETUP_SERVER_NAME=mailserver1 SERVERSETUP_SERVER_DOMAINNAME=Ren ovations SERVERSETUP_SERVER_TITLE=Renovations Mail Server
  27. 27. ENVIRONMENT VARIABLES The list of the environment variables for server setup is available here: https://help.hcltechsw.com/domino/12.0.0/admin/inst_onetouch_preparing_sysenv.html If you use system environment variables as input on Unix platforms, make sure that the variable names are in upper case. If you export system environment variables as input, if string values have spaces, enclose the values in quotes in the export command. For example, specify export SERVERSETUP_SERVER_TITLE="ACME Application Server" and not SERVERSETUP_SERVER_TITLE=ACME Application Server.
  28. 28. JSON FILE Allows to do more than environment variables: Creation of ID Vault Create and update applications and documents and enable and run agents. Is a JSON file, so be careful with editing  The list of JSON objects and parameters is available here: https://help.hcltechsw.com/domino/12.0.0/admin/inst_onetouch_preparing_json.html In the official documentation there are examples of: Minimal JSON file for first server setup Minimal JSON file for additional server setup Full JSON file for first server setup Full JSON file for additional server setup JSON file for server setup with an ID vault and application configuration A great example of a full server setup with all the options, created by Daniel Nashed is available here: https://github.com/IBM/domino- docker/blob/master/lab/kubernetes/domino/auto_config_domino12.json
  29. 29. INVOKING SETUP ON WINDOWS/LINUX Environment variables • Install Domino • Run the shell script/batch file defined before (see slide 3) • Run • C:HCLDominonserver -autoconf • /opt/hcl/domino/bin/tools/startup /opt/hcl/domino/notes/latest/linux/server - autoconf JSON FILE • Install Domino. • Run the Domino server program with the -autoconf option specifying the source JSON file. C:dominonserver -autoconf C:<path>setup.json /opt/hcl/domino/bin/server -autoconf <path>setup.json
  30. 30. INVOKING SETUP ON WINDOWS/LINUX Use Daniel Nashed script ./install_domino.sh to install Domino domino setup to invoke One-Touch Setup domino start to start the server There are 4 files in the repository: ENV First server setup ENV Additional server setup JSON First server setup JSON Additional server setup Run • domino setup env 1 • domino setup env 2 • domino setup json 1 • domino setup json 2
  31. 31. INVOKING SETUP ON DOCKER Environment variables • Create a volume to store the Domino data directory. For example, to create a volume called notesdata, run the following Docker command: docker volume create notesdata • Run the following Docker command to create your container and invoke one-touch Domino Setup to set up and run the server: docker run -it -v notesdata:/local/notesdata --name adminserver --env-file localnotesdataenv.txt -p 8585:8585 -p 1352:1352 -p 443:443 domino- docker:V1200 --autoconf JSON FILE • Create a volume to store the Domino data directory. See above • Run the following Docker command. This command creates a Docker container without yet configuring Domino by making the container entry point a bash shell. The command also exports system environment variables that enable one-touch Domino setup to be invoked in the final step. docker run -it -v notesdata:/local/notesdata --name adminserver --entrypoint /bin/bash --env SetupAutoConfigure=1 --env SetupAutoConfigureParams=setup.json - p 8585:8585 -p 1352:1352 -p 443:443 domino-docker:V1200 • Copy your source JSON file, for example, setup.json, to/local/notesdata in your container using a docker cp command or other method. • Run /local/start.sh
  32. 32. DEMO TIME!
  33. 33. RETURN OF THE DOTS! Now in the Domino v12… Serdar Basegmez Twitter: @serdar_basegmez Blog: http://lotusnotus.com
  34. 34. LONG TIME AGO…
  35. 35. WHAT IS DOTS? • DOTS: Domino OSGi Tasklet Services • Develop and run OSGi level server Tasklets for Domino • Run background tasks in a lightweight scalable container • Tasklet: A lightweight server task • Manual (console commands / socket trigger) • Scheduled or on server start • Triggered (Hooks through data events) • Tooling: Eclipse IDE + OpenNTF XPagesSDK • Leverage existing OSGi assets
  36. 36. HISTORY OF DOTS • OpenNTF project contributed by IBM • Named as JAVADDIN project in 2010 • Renamed as OSGi Tasklet Service in 2011 • Added to IBM Domino 9 Social Edition in 2013 • Installed with the OpenSocial add-on • For internal use (Out of Support) • Removed in version 10 in 2018
  37. 37. DOTS RETURNED TO DOMINO V12! • Installed with the Core product • Support: Windows 64 and Linux 64 • Upgraded to Eclipse OSGi 4.6.2 (Neon 2)
  38. 38. OVERVIEW OF DOTS • DOTS task coordinate its tasklets/threads • Separate JVM and OSGi Container • Supports multiple profiles • Virtual containers • Separate service threads • Great for scalability Source: Domino OSGi Tasklet Service (DOTS) Documentation
  39. 39. WHEN SHOULD YOU USE DOTS? • Need Background processing in your application? • Accessing Domino resources • Long-running • Unattended • Scalable • High performance • Great alternative to Java agents • More compatible • Much faster / scalable • Less buggy
  40. 40. WHEN SHOULDN’T YOU USE DOTS? • Expensive for simple tasks • More time consuming to develop/maintain/deploy • Steep learning curve • Java, OSGi, Eclipse, Deployment, etc. • Attended background tasks • If not scheduled or not triggered by internal event • Some form of user interaction
  41. 41. DOTS OR JAVA AGENTS? • Agents are easier to develop • Easy development/maintenance/deployment • Well-integrated into Domino Designer • Wide range of triggers • Scheduling • Web/XPages/Notes actions • High level database events • Good Security • Code signing, ACL, etc. • Runs on Notes client too… • However, they are not perfect!
  42. 42. DOTS OR JAVA AGENTS? • Java Agents are inherently slow…
  43. 43. DOTS OR JAVA AGENTS? • Java Agents are inherently slow… Run! DOTS tasklet: Everything is ready to run > tell amgr run "testXPagescrash.nsf" 'LongJobAgent' 
 09.11.2012 19:38:39 JVM: Java Virtual Machine initialized. 
 09.11.2012 19:38:39 AMgr: Start executing agent 'LongJobAgent' in 'testXPagescrash.nsf' 
 09.11.2012 19:38:39 Agent Manager: Agent printing: 181349 
 09.11.2012 19:41:02 Agent Manager: Agent printing: 2227 
 09.11.2012 19:41:02 Agent Manager: Agent printing: Finished in 143 secs... - 
 09.11.2012 19:41:02 AMgr: Agent 'LongJobAgent' in 'testXPagescrash.nsf' completed execution > load dots > Listening for transport dt_socket at address: 8001 09.11.2012 19:42:40 Domino OSGi Tasklet Container started ( profile DOTS ) > 181349 > 2227 09.11.2012 19:43:22 [DOTS] (annotated) Finished in 41 secs... AMGR launches a Thread JVM Initializes Prepare Java and JNI interfaces Load Agent Bytecode Run! Java Agent:
  44. 44. DOTS OR JAVA AGENTS? • Java Agents are inherently slow… • Old and Buggy • Incompatible with many modern libraries • Design limitations (SSL, reflection, etc) • Buggy behaviours (Memory leak in JAR files) • Java Agents are not scalable • A resource-intensive agent can block other agents
  45. 45. DOTS OR XOTS? • XOTS might be a feasible alternative… • “DOTS tasklets within XPages” (credits to Paul Withers) • Part of the OpenNTF Domino API • Differences: • XOTS: Shares context and code base with XPages apps • Developed as Java classes right in the DDE • Utilises all functionalities of ODA (logging, auto-recycling, etc.) • Disadvantages • Shares the same resources with XPages apps. • XOTS is a community-driven effort
  46. 46. EXAMPLE PROJECTS OpenNTF Collaboration Today - FeedMonster
  47. 47. FEEDMONSTER • DOTS module in OpenNTF Collaboration Today • Problem: • Curators adding news stories manually • Find the news story • Adjust title, summary, etc. • Publish • Manual import is a time consuming process • Curator might save huge time if some blog posts were imported automatically!
  48. 48. FEEDMONSTER • DOTS module designed to pre-fetch new blog posts Blog Feeds Queue Documents Feed URL #1 Feed URL #2 … Feed URL #N Feed Monster Manual Fetch Scheduled Queue Refresh Manual Queue Refresh Scheduled Fetch Domino Console Commands Blogs
  49. 49. EXAMPLE PROJECTS Customer Case: CRM - E-Mail Marketing integration
  50. 50. E-MAIL MARKETING INTEGRATION • A customer case • CRM, Sales and Marketing Automation apps • Notes Client apps • Multiple facilities, multiple Domino servers • Campaign and Newsletter e-mails • A third party E-mail Marketing service • Upload CSV file to a secure FTP (SCP) server • All uploads are transient.
  51. 51. E-MAIL MARKETING INTEGRATION • Tasklet can handle long-running upload process • Watching queue every minute • Very small footprint for queue monitoring • Reuse Java code already developed before User builds a target query for the campaign Predefined target lists for newsletters UploadJob Queue DOTS Tasklet (Scheduled / Manual) • Fetch next UploadJob • Run query • Convert to CSV file • Compress • Upload to SCP Server Upload Job #1 Upload Job #2 … Upload Job #N
  52. 52. START USING DOTS TODAY!
  53. 53. HOW TO START? - UPGRADERS • Update Eclipse 4.6.2 or later • Recompile your plugins • Upgrade to Domino v12 • Removes existing DOTS plugins • Resets everything
  54. 54. HOW TO START? - NEWBIES • Eclipse IDE is needed for development • Minimum Eclipse 4.6.2 (Neon 2) • Designer might be used with a few unsupported settings. • “Unsupported” means “exciting” (like bungee jumping) • Install the latest OpenNTF XPagesSDK for testing/debugging • Local Domino Server for development is recommended • File-level access between Eclipse and Domino is needed • For Mac users, Linux/Windows VM works well • Development setup is easy. • DOTS documentation by HCL • BP207 slides from IBM Connect 2013 • Notesin9 - Episode 93: Introduction to DOTS
  55. 55. THANK YOU!
  56. 56. QUESTIONS? Use the GoToWebinar Questions Pane Please keep all questions related to the topics that our speakers are discussing!!! Unrelated Question => post at: http://openntf.slack.com/

In this webinar OpenNTF members will discuss the Domino/Notes 12 features they like and suggest for everyone to check out! The topics and speakers will be: Time-based One-time Authentication (TOTP) - Roberto Boccadoro TOTP allows multi-factor authentication. When users login to a Domino web server they have to provide a time-based one-time use password in addition to their usual name/password. This is done using a third party application like Google Authenticator, Authy or Duo Mobile on their mobile devices/computers. Domino OSGI Tasklet Service (DOTS) - Serdar Basegmez Create Domino server tasks using Java OSGI plugins. These can be scheduled and can interface with the server console using TELL commands. One Touch Setup for Domino - Roberto Boccadoro In previous versions of HCL Domino, setting up a Domino server involved multiple steps. Starting with Domino 12, you can use one-touch Domino setup to set up a server in just a single step.

Views

Total views

151

On Slideshare

0

From embeds

0

Number of embeds

0

Actions

Downloads

9

Shares

0

Comments

0

Likes

0

×