1. Tips To Delight Your
Domino Admin
Gabriella Davis -Technical Director -TheTurtle Partnership
HCL Lifetime Ambassador
1

2. • Admin of all things and especially quite complicated things where the fun is
• Working with the design, deployment and security of technologies within
global infrastructures
• working with the real world security and privacy aspects of expanding data
ecosystems
• Stubborn and relentless problem solver
• HCL Lifetime Ambassador
Gabriella Davis

3. Validate Internet Address -
Uniqueness
1
2 3
1

4. Finding Users (a)
1 2
2

5. Finding Users (b)
3
2

6. Group Membership
People and GroupsView - Select Group
All group memberships including nested
memberships for any selected user ,
server or group are shown
3

7. Finding Groups (a)
Before removing or renaming a group,
fi
nd out where it is used and how
4

8. Finding Groups (b)
4

9. Effective Access
1
2
5

10. Updating Private Folders (a)
When replacing the design of a database such as the mail
fi
le, the existing
private folders do not automatically update to the new mail le design.
User Update: Actions >> Folder >> Upgrade Folder Design
6

11. Updating Private Folders (b)
As an administrator the server console command
load convert mailgdavis.nsf * mail12.ntf -u
will upgrade the mail
fi
le gdavis.nsf to the mail12.ntf templte and overwrite the
folder design of each folder with the inbox design
6

12. Archiving Logs (a)
2
1
3
7

13. Archiving Logs (b)
7

14. Archiving Logs (c)
load compact log.nsf -a (via a program document)
Archiving documents from log.nsf (Clouds's Log)
Pushing log.nsf to archive/a_log.nsf
Replicator added 144 document(s) to archive/a_log.nsf from log.nsf
Pushing log.nsf to archive/a_log.nsf
[Archived log.nsf, 144 documents were archived and 144 were deleted
load compact log.nsf -REPLICA (via a program document)
7

15. DBMT (a)
• Runs copy-style compact operations
• Purges deletion stubs
• Expires soft deleted entries
• Updates views
• Reorganises folders
• Merges full-text indexes
• Updates unread lists
• Ensures that critical views are created for failover
• Replaces Updall and Compact
Load updall -nodbmt tells updall to run but not perform the functions that
DMBT already does
8

16. DBMT (b)
-compactThreads
-updallThreads
-ftiThreads
-timeLimit refers to compact timeout for DBMT -range starttime stoptime
–compactNdays (run Compact every x days)
–ftiNdays (run FT Index every x days)
–force d (day Sunday =1)
fi
xup if compact fails for consecutive day
8

17. Database Repair & Symmetrical Clusters (a)
• What problem is this solving?
• Missing databases across cluster mates
• Missing or corrupt NLOs
• Fast distribution of databases
• Corrupt databases
❖ File location and
fi
lename must be identical
Add notes.ini setting D10_Enable_Repair=1
Add “AutoRepair” to servertasks
Create program document for “Repair All” and / or RprCleanup
9

18. Database Repair & Symmetrical Clusters (b)
1
2
9

19. Manually Uploading IDs To The Vault
Single or multiple IDs can be uploaded to an IDVault by aVault Administrator
The user who owns the ID must have a vault policy assigned so the upload task can nd the correct
vault for storage.
To upload an ID you must know that IDs password
highlight person in Domino Administrator then Actions - Upload ID
fi
les to ID Vault
10

20. Copy As Table
In any view , select documents then choose Edit - Copy AsTable
This can be pasted into a mail message or any external application that allows
text pasting
Where application links are supported they show, otherwise a hyperlink
notes://serverid/docid is constructed
11

21. Domino Admin - Copy File List
Go to Files tab in Domino Administrator
Select All (Ctrl-A) and choose Edit - Copy
Paste into Excel or other tabular application
Domino
Admin
Excel
12

22. Prevent Mail Forward Rules
Router - Restrictions and Controls - Delivery Controls
13

23. Policies
The $Policies view in the local names.nsf shows what policies are being applied
The “home” server speci
fi
ed in the location document is where the policy is
pulled from
14

24. Catalog
If you are running the catalog task each night there is some very valuable data in
the catalog.nsf
even databases set not to update in the catalog will appear in hidden views
Easily identify any databases where Anonymous or -Default- have unwanted high
access
Make sure catalog.nsf is replicating throughout the domain on each server.
15

25. View Optimisation
Domino creates temporary
fi
les due view rebuilds and then deletes them once
complete however often those
fi
les aren’t deleted and take up space in your
data directory
Domino uses the “temp” directory for these builds if it can but if it can’t nd
one it uses the data directory instead
With the server down thoseTMP
fi
les can be safely deleted
Since they are intended to be temporary any olderTMP
fi
les can be deleted
16

26. Disable_View_Rebuild_Opt
If the server continually reports that it’s unable to rebuild views due to
insuf
fi
cient disk space and that it will revert to using standard view rebuild it will
be telling Domino to fallback to standard view rebuilding instead of optimised
view builds usingTMP
fi
les
avoid using this notes.ini setting if you can as it disables view optimisation.
However if you are seeing the error and can’t either free up disk space or
change the rebuild directory usingVIEW_REBUILD_DIR you may need to.
17

27. Move Views Out Of The Database
Why would you do that?
reduce database size
improve performance
locate large views on another drive
CREATE_NIFNSF_DATABASES=1
NIFNSFEnable=1
NIFBasePath=path
load compact -c -nifnsf on(off) appsstaf
fl
ist.nsf
18

28. Stop Compact Stopping
If you are compacting a mail
fi
le and mail is delivered to it, the compact stops
Use MailFileDisableCompactAbort=1 to ensure the mail is queued for delivery
until compact is
fi
nished
For large
fi
les that can take a while, sometimes too long for mail not to be
delivered
MailFileEnableDeliveryFailover=1 will ensure the server doesn’t queue the mail
but instead delivers to to a cluster mate
Usually if your home server is up and responding the router will not deliver
mail to a cluster mate even if your mail
fi
le is inaccessible
19

29. Compact Options
Run only against databases of ODS version X
compact -O 43 -c
Run against any databases that aren’t ODS version X
compact -o 52 -c
20

30. PIRC
• A database doesn’t replicate with a server for a year and then suddenly, one day, someone
switches on an old machine and this old database (usually containing names.nsf) suddenly
replicates.
• and brings back all the deleted documents that are more than 90 days old with it
• Suddenly your server replica is full of old documents you deleted months ago
• A new database property on a database running on 8.5.3 or higher will prevent documents
old than the purge date from replicating back in
• To turn on PIRC to a large number of databases use Compact '-PIRC On'
• The replicating client or server will think it has replicated successfully but the receiving
server will reject the unwanted notes. To see what’s happening you can enable
• DEBUG_REPL_PIRC (1 for general info , 2 for specific data info)
• Replicate -NOPIRC will force PIRC to turn off for that replication session only
21

31. Web Authentication & SSO
Why isn’t a web login working?
• WebAuth_Verbose_Trace=1 to Domino server’s notes.ini (via “Set Config=“
• Granted Access:
• WebAuth> LOOKUP in view $Users (user='Gabriella Davis' org='Turtle')
• WebAuth> VERIFY password
• WebAuth> LOOKUP in view $Users (user='CN=Gabriella Davis/O=Turtle' org='')
• WebAuth> Matched to a single entry in NAB for pre-authenticated user
(user='CN=Gabriella Davis/O=Turtle' org=''). Using the record that we match
• WebAuth> User CN=Gabriella Davis/O=Turtle found in group Cache!
22

32. ID Vault - Mismatched Passwords
If the password of a local client ID is a mismatch to the vaulted ID then syncing
will stop and not restart. To force the local ID to be reinserted into theVault
add this to notes.ini on theVault server.
ENABLE_AUTORECOVERY_FROMBADPASSWORD=1
if then syncing stops for 7 days the client ID is re-uploaded into the vault
automatically
23

33. ID Vault - Inactivating Users
load qvault -x O=Demovault -i “CN=Mike Smith/O=Turtle” - i
Then to reactivate
load qvault -x O=Demovault -i “CN=Mike Smith/O=Turtleo - v
24

34. ID Vault On Slow Servers
The Notes client will poll the server hosting theirVault looking for updates
however if a server is very busy or there is poor network latency then the user
may get an incorrect “wrong password” response due to polling timeout.
To increase the timeout when you know the response times are slow
IDV_POLL_INTERVAL=8000 (8 seconds as milliseconds)
25

35. Update_Fulltext_Thread
The update task queues databases needing updating and then batches them to
rebuild
fi
rst the views and then the FT indexes
Often that means FT indexes can be delayed behind large view rebuilds or
worse view rebuilds can be delayed behind a corrupt FT index
Let the update task separate the text indexing thread from the view indexing
thread
Yes it means more threads running but that’s a small overhead compared with
adding updaters= to try and resolve the same issue
26

36. FT_FLY_INDEX_OFF
Searching a database requires that database to be full text indexed rst ..
Not true. Domino will attempt to build an in memory index in response to a
search query if the database if not properly indexed
This is both inef
fi
cient for the server and frustrating to the users who often don’t
get the accuracy they expect
Use event monitors to look for databases being searched when they aren’t indexed
(“database is not full text indexed”) then choose whether to create an index for
them
When FT_FLY_INDEX_OFF=1 the server will refuse to perform a search on a
database that isn’t indexed
27

37. FTG_USE_SYS_MEMORY
The FullText engine uses a % of memory that is assigned to the Domino server
and shared by all the other server tasks
FTG_USE_SYS_MEMORY tells Domino to draw the memory it needs from the
operating system directly and not from Domino’s own allocation
28

38. FTbasepath
Full text indexes are created by in a directory underneath each database, indexes can
contain thousands of
fi
les on the
fi
le system being continually updated, created and
deleted
this results in a lot of fragmentation as well as consuming space assigned to the data
directory
customers often delete indexes or not turn them on in order to save space
Using FTBASEPATH the indexes can be moved away from the data directory to
another path or even drive
recreate the indexes in the new location and delete the old ones using load updall
-R
29

39. Removing SMTP Banner Details
Do you want your server coughing up unasked for information such as software,
version and platform in response to requests for connections? To prevent that
For HTTP
Add HTTPDisableServerHeader=1 to server notes.ini
For SMTP
SMTPNoVersionInRcvdHdr=1
30

40. Cleanup Workspace
Clear (rebuild) Workspace
From a command prompt in the Notes program directory
c:ibmnotesnotes -RPARAMS -resetcon
fi
g
Clear Cache
From a command prompt in the Notes program directory.
c:ibmnotesnotes -RPARAMS -clean
31

41. Domino Statistics
Available statistics can be seen on the Statistics
tab in Domino Administrator
The console command “sh st ..” for each statistic
will also work, even with wildcards
Right mouse click and copy the statistics to a
spreadsheet
32

42. Protecting Against Spam Mail
In the server con
fi
guration document
Router/SMTP - Restrictions & Controls - SMTP Inbound Restrictions
now scroll alllllll the way to the bottom
ambiguous names are where multiple matches are found across all directories
33

43. Directory Sync
Create and maintain a Domino Directory consisting of Active Directory Users
Use Directory Assistance to enable them to authenticate using their AD password
for applicaitons
they won’t have a Notes ID
they will still need to be licensed
Domino Directory - Server - Directory Sync
34

44. Domino Con
fi
guration Tuner (a)
Can be used from any Notes client - the template DCT.NTF is installed with
Domino Administrator but can also be downloaded directly from
https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0078801
35

45. Domino Con
fi
guration Tuner (b)
35