8/3/2019 MELJUN_CORTES_Building the IBM Lotus Domino 8.5 Infrastructure - Presentation
1/165
2009 IBM Corporation
Building the IBMLotusDomino8.5 Infrastructure
8/3/2019 MELJUN_CORTES_Building the IBM Lotus Domino 8.5 Infrastructure - Presentation
2/165
IBM Software Group | Lotus Software
Course Outline
Setting Up the First Server and Administrator
Adding IBM Lotus Domino Servers
Adding IBM Lotus Notes Clients
Administering Users
Setting Up Server Administration
Synchronizing IBM Lotus Domino System Databases
Configuring Basic Intranet Mail Routing
Configuring Mail Routing to the Internet
Establishing Mail Controls
Implementing Mail Rules and Storage Limits Monitoring Mail
Resolving Common Mail Routing Problems
2
8/3/2019 MELJUN_CORTES_Building the IBM Lotus Domino 8.5 Infrastructure - Presentation
3/165
IBM Software Group | Lotus Software
Lesson 1 Objectives
Setting Up the First Server and Administrator
After completing this lesson, you should be able to:
Analyze a deployment plan.
Install the Lotus Domino server software.
Install the Lotus Domino Administrator client software.
Launch and configure the first server.
Configure the first workstation.
Assign roles to administrators and severs.
3
8/3/2019 MELJUN_CORTES_Building the IBM Lotus Domino 8.5 Infrastructure - Presentation
4/165
IBM Software Group | Lotus Software
Planning Considerations
Determine business problems to be addressed
Examine organizational structure
Design the Lotus Domino environment to enhance and supportthe organizational structure
4
8/3/2019 MELJUN_CORTES_Building the IBM Lotus Domino 8.5 Infrastructure - Presentation
5/165
IBM Software Group | Lotus Software
Planning Checklist
Task Procedure 1 Identify structure of organization.
2 Create planning team.
3 Identify tracking mechanism.
4 Define the business problem.
5 Identify how Lotus Domino can address the business problem.
6 Identify access needs.
7 Identify hardware requirements (site map).
8 Identify server roles.
9 Select location for servers.
10 Identify network protocol(s) and networking changes.
11 Choose replication topology.
12 Identify directory strategy.
13 Select mail routing strategy.14 Develop naming scheme.
15 Define security.
16 Determine server configurations.
17 Determine client configurations.
18 Determine rollout strategy.
19 Determine education strategy.
8/3/2019 MELJUN_CORTES_Building the IBM Lotus Domino 8.5 Infrastructure - Presentation
6/165
IBM Software Group | Lotus Software
Planning Guidelines
Consider all necessary information
Establish and follow guidelines
6
8/3/2019 MELJUN_CORTES_Building the IBM Lotus Domino 8.5 Infrastructure - Presentation
7/165
IBM Software Group | Lotus Software
Classroom Implementation
HeadquartersHeadquarters
Doctor Notes/WWCorpDoctor Notes/WWCorp
East01/SVR/WWCorp
East02/SVR/WWCorp
East01/SVR/WWCorp
East02/SVR/WWCorp
East03/SVR/WWCorp
East04/SVR/WWCorp
East03/SVR/WWCorp
East04/SVR/WWCorp
East05/SVR/WWCorp
East06/SVR/WWCorp
East05/SVR/WWCorp
East06/SVR/WWCorp
NNN: WWCorpEastNNN: WWCorpEast NNN: WWCorpWestNNN: WWCorpWest
West01/SVR/WWCorp
West02/SVR/WWCorp
West01/SVR/WWCorp
West02/SVR/WWCorp
West03/SVR/WWCorp
West04/SVR/WWCorp
West03/SVR/WWCorp
West04/SVR/WWCorp
West05/SVR/WWCorp
West06/SVR/WWCorp
West05/SVR/WWCorp
West06/SVR/WWCorp
Admin East01Admin East02 Admin West01Admin West02
Admin East03Admin East04
Admin West03Admin West04
Admin East05Admin East06
Admin West05Admin West06
Mail Routing
NNN: WWCorpHQNNN: WWCorpHQ
Hub/SVR/WWCorpHub/SVR/WWCorp
8/3/2019 MELJUN_CORTES_Building the IBM Lotus Domino 8.5 Infrastructure - Presentation
8/165
IBM Software Group | Lotus Software
Implementation Checklist
Task Procedure
1 Set up the first server.
2 Add an administrators workstation.
3 Set up access to the Domino Directory.
4 Add Lotus Domino servers.
5 Add organizational units.
6 Register administrators.
7 Add Lotus Notes clients.
8 Create user groups.9 Create organizational policy.
10 Register users.
11 Set administration preferences.
12 Set up access to servers.
13 Set up server logging.
14 Synchronize Lotus Domino system databases throughout the domain.
15 Route mail internally.
16 Route mail to the Internet.
17 Set mail controls.
18 Test mail routing and delivery.
8
8/3/2019 MELJUN_CORTES_Building the IBM Lotus Domino 8.5 Infrastructure - Presentation
9/165
IBM Software Group | Lotus Software
Supported Platforms and System Requirements
Lotus Domino and Lotus Notes Release Notes
IBM Web site:
For Lotus Domino 8.5, go tohttp://www-01.ibm.com/support/docview.wss?rs=463&uid=swg27013072
9
http://www-01.ibm.com/support/docview.wss?rs=463&uid=swg27013072http://www-01.ibm.com/support/docview.wss?rs=463&uid=swg27013072http://www-01.ibm.com/support/docview.wss?rs=463&uid=swg27013072http://www-01.ibm.com/support/docview.wss?rs=463&uid=swg270130728/3/2019 MELJUN_CORTES_Building the IBM Lotus Domino 8.5 Infrastructure - Presentation
10/165
IBM Software Group | Lotus Software
Implementation Checklist
Task Procedure
1 Set up the first server.
2 Add an administrators workstation.
3 Set up access to the Domino Directory.
4 Add Lotus Domino servers.
5 Add organizational units.
6 Register administrators.
7 Add Lotus Notes clients.
8 Create user groups.
9 Create organizational policy.
10 Register users.
11 Set administration preferences.
12 Set up access to servers.
13 Set up server logging.
14 Synchronize Lotus Domino system databases throughout the domain.
15 Route mail internally.
16 Route mail to the Internet.
17 Set mail controls.
18 Test mail routing and delivery.
8/3/2019 MELJUN_CORTES_Building the IBM Lotus Domino 8.5 Infrastructure - Presentation
11/165
IBM Software Group | Lotus Software
Lotus Domino Server Installation Types
Lotus Domino Utility Server:
Application services
Lotus Domino cluster support
No messaging services
Lotus Domino Messaging Server:
Messaging services
No application services or Lotus Domino cluster support
Lotus Domino Enterprise Server:
Messaging services
Application services
Lotus Domino cluster support, including mail servers
11
8/3/2019 MELJUN_CORTES_Building the IBM Lotus Domino 8.5 Infrastructure - Presentation
12/165
IBM Software Group | Lotus Software
Platform and Operating System Requirements
Category Requirements
Supported
operating systemversions
Microsoft Windows Server 2003 Standard Edition, or Enterprise Edition with Service Pack 2
Microsoft Windows Server 2003 X64 Edition
Microsoft Windows Server 2008 Standard or Enterprise Edition
Microsoft Windows Server 2008 x64 Standard or Enterprise Edition
Processorssupported
Intel Pentium or higher and compatibles (32-bit and 64-bit chips as appropriate), or equivalents
RAM 512 MB minimum or more recommended per CPU
Disk space 1.5 GB minimum per partition
Swap space Two times the physical RAM installed
Monitors Color monitor required
Protocols
NetBIOS over IP (32-bit processor only, only Microsoft IP is supported)
NetBIOS over IPX (32-bit processor only)
TCP/IP (includes IPv6)
12
8/3/2019 MELJUN_CORTES_Building the IBM Lotus Domino 8.5 Infrastructure - Presentation
13/165
IBM Software Group | Lotus Software
Lotus Notes 8.5 Client Types
Client type Description
Basic
Based on Lotus Notes 7 platform.
Applications stored on Domino servers.
Use when: Client computers do not have enough RAM or other hardware resources for Standard edition. You are not ready to train users on Lotus Notes 8.5 interface changes. Servers have not yet been upgraded to Lotus Domino 8.5.
Standard
Supported by IBMLotusExpeditor and IBMLotusEclipse platforms.Contains Java -enabled, Eclipse, and SWT capabilities.Applications stored on Domino servers and WebSphere Application Servers.
Preferred configuration to gain all functionality included in Lotus Notes 8.5.
13
IBM S f G | L S f
8/3/2019 MELJUN_CORTES_Building the IBM Lotus Domino 8.5 Infrastructure - Presentation
14/165
IBM Software Group | Lotus Software
What is Eclipse?
A platform designed for building IDEs that provide template-driven and CSS-based customization.
An open-source Java platform that has become the foundationfor RCP development.
The environment that Lotus Notes 8.5 is based on.
14
IBM S ft G | L t S ft
8/3/2019 MELJUN_CORTES_Building the IBM Lotus Domino 8.5 Infrastructure - Presentation
15/165
IBM Software Group | Lotus Software
Client Installation Types
Available client options:
Notes Client (selected by default)
Sametime (integrated) (selected by default)
IBMLotusDomino Designer
Lotus Domino Administrator
Activities
Composite Application Editor
IBMLotusSymphony
15
IBM Software Group | Lotus Software
8/3/2019 MELJUN_CORTES_Building the IBM Lotus Domino 8.5 Infrastructure - Presentation
16/165
IBM Software Group | Lotus Software
What is Lotus Expeditor?
A client platform designed for end-to-end smart client applicationsolutions.
Extends Lotus Notes 8.5 by providing application installation andmanagement services.
Builds clients on Eclipse and supports running them on multipleoperating systems.
16
IBM Software Group | Lotus Software
8/3/2019 MELJUN_CORTES_Building the IBM Lotus Domino 8.5 Infrastructure - Presentation
17/165
IBM Software Group | Lotus Software
Expeditor Component Packaging
Enables customization of Lotus Notes client installation.
Adds any or all of the supplementary client-supported
functionality provided by IBM for Lotus Notes 8.5.
17
IBM Software Group | Lotus Software
8/3/2019 MELJUN_CORTES_Building the IBM Lotus Domino 8.5 Infrastructure - Presentation
18/165
IBM Software Group | Lotus Software
Eclipse Update Sites
Catalogs that contain features and plug-ins for Eclipse and RCPapplications.
Require JAR file packaging and manifest file to facilitate Eclipseaccess to remote servers.
18
IBM Software Group | Lotus Software
8/3/2019 MELJUN_CORTES_Building the IBM Lotus Domino 8.5 Infrastructure - Presentation
19/165
IBM Software Group | Lotus Software
Automated Installation Options
Tuning the installer for automated install.
Configuring the installer content via features and install manifest.
Scripting the installer for specific options and silent install.
Using the installer in conjunction with Smart Upgrade.
Using the installer in conjunction with other deployment systems.
19
IBM Software Group | Lotus Software
8/3/2019 MELJUN_CORTES_Building the IBM Lotus Domino 8.5 Infrastructure - Presentation
20/165
IBM Software Group | Lotus Software
Workstation Sharing Considerations
Operating system must support multiple user profiles.
Cannot share Lotus Domino Designer or Lotus Domino
Administrator clients.
20
IBM Software Group | Lotus Software
8/3/2019 MELJUN_CORTES_Building the IBM Lotus Domino 8.5 Infrastructure - Presentation
21/165
So t a e G oup | otus So t a e
Components Created During First Server Setup
File System
Names.nsfCert.idServer.id
User.idOucert.id (optional)
Certificate(s)ConfigurationConnectionsDomainGroupsMail-in databasePerson
ProgramServerPolicies
Domino Directory Database(Names.nsf file)
21
IBM Software Group | Lotus Software
8/3/2019 MELJUN_CORTES_Building the IBM Lotus Domino 8.5 Infrastructure - Presentation
22/165
p |
The Domino Directory
Most important database in the Lotus Domino environment.
Stores information about all Lotus Domino resources.
All Domino servers in a domain contain a replica of the DominoDirectory.
22
IBM Software Group | Lotus Software
8/3/2019 MELJUN_CORTES_Building the IBM Lotus Domino 8.5 Infrastructure - Presentation
23/165
p |
Replicas of the Domino Directory
Replicas enable collaboration between users on different servers.
Replication synchronizes changes on replicas to ensure all
servers have updated information.
23
IBM Software Group | Lotus Software
8/3/2019 MELJUN_CORTES_Building the IBM Lotus Domino 8.5 Infrastructure - Presentation
24/165
Comparing Domains and Organizations
Component Description
Domino domain The collection of Domino servers and users that share the same Domino Directory.
Dominoorganization
Defined by the certifier that stamps the IDs of users, servers, and other certifiers.
Trust relationship within the organization lets users and servers communicate and share data.Organizational certifier provides security and uniformity in naming of users and servers.Certifier name is part of the hierarchical name of all users and servers in the organization.
24
IBM Software Group | Lotus Software
8/3/2019 MELJUN_CORTES_Building the IBM Lotus Domino 8.5 Infrastructure - Presentation
25/165
Purposes of Organizational Units
Management by region or division.
Separation of servers from users.
Unique names for users who have the same common name.
25
IBM Software Group | Lotus Software
8/3/2019 MELJUN_CORTES_Building the IBM Lotus Domino 8.5 Infrastructure - Presentation
26/165
Worldwide Corporation's Lotus Domino Organization
Hierarchy
/WWCorp
/East/WWCorp /SVR/WWCorp/West/WWCorp
26
IBM Software Group | Lotus Software
8/3/2019 MELJUN_CORTES_Building the IBM Lotus Domino 8.5 Infrastructure - Presentation
27/165
Alternatives to Organizational Units
Use Group documents to manage subsets of users.
Consider keeping servers and users in the same container.
Differentiating between users with the same names:
Use the middle initial as part of the common name.
Include a unique OU during user registration.
27
IBM Software Group | Lotus Software
8/3/2019 MELJUN_CORTES_Building the IBM Lotus Domino 8.5 Infrastructure - Presentation
28/165
Organizational Hierarchy
f0851091-5.png
/WWCorp
/East/WWCorp /West/WWCorp /SVR/WWCorp
IBM Software Group | Lotus Software
8/3/2019 MELJUN_CORTES_Building the IBM Lotus Domino 8.5 Infrastructure - Presentation
29/165
Descendants of the Organization Certifier
When only one organization hierarchy exists, all names aredescendants of the organization certifier.
The certifier IDs stamp server, user, and other certifier IDs withtheir certificates:
The /WWCorp organization certifier stamps one entity, the userDoctor Notes.
The /WWCorp certifier stamps the following OU certifiers,which will stamp the IDs for other users and servers:
/SVR
/East /West
29
IBM Software Group | Lotus Software
8/3/2019 MELJUN_CORTES_Building the IBM Lotus Domino 8.5 Infrastructure - Presentation
30/165
Organization Security
All servers and users under /WWCorp can authenticate with eachother.
Access is allowed unless another security measure exists.
30
IBM Software Group | Lotus Software
8/3/2019 MELJUN_CORTES_Building the IBM Lotus Domino 8.5 Infrastructure - Presentation
31/165
Organization Certifier ID Security
The certifier ID file is the most important ID file in theorganization.
Cert.id can and should be moved from Domino\data subdirectoryto a secure place.
31
IBM Software Group | Lotus Software
8/3/2019 MELJUN_CORTES_Building the IBM Lotus Domino 8.5 Infrastructure - Presentation
32/165
Authentication Between Organizations
When two organization certifiers exist, the infrastructures cannotcommunicate without administrative intervention.
Use cross-certification to establish trust between Lotus Dominoorganizations.
32
IBM Software Group | Lotus Software
8/3/2019 MELJUN_CORTES_Building the IBM Lotus Domino 8.5 Infrastructure - Presentation
33/165
Country Codes
For multinational organizations, provides an additionalhierarchical level.
Multiple organization certifiers required (one for each countrycode to be used).
Does not replace the organization component.
33
IBM Software Group | Lotus Software
8/3/2019 MELJUN_CORTES_Building the IBM Lotus Domino 8.5 Infrastructure - Presentation
34/165
Server Audience Types
Server audience Description
Web browsersFor Web browsers, such as MicrosoftInternet Explorer, MozillaFirefox, and Netscape Navigator, toaccess data on the server.
Internet mailpackages
For Internet mail clients using the following protocols to access mail on the server: POP3 (Post Office Protocol 3) IMAP (Internet Message Access Protocol) SMTP (Simple Mail Transfer Protocol)
Directory Services For clients using LDAP (Lightweight Directory Access Protocol).
34
IBM Software Group | Lotus Software
8/3/2019 MELJUN_CORTES_Building the IBM Lotus Domino 8.5 Infrastructure - Presentation
35/165
The Lotus Domino Server Log
Log.nsf reports all server activity and provides detailedinformation about databases and users on the server:
Can be configured to report the desired level of detail aboutserver activity.
Is created automatically when a server is started for the firsttime.
35
IBM Software Group | Lotus Software
8/3/2019 MELJUN_CORTES_Building the IBM Lotus Domino 8.5 Infrastructure - Presentation
36/165
Administrator Group Security Options
Prohibit anonymous access:
Adds an ACL entry called Anonymous to all databases
Gives it the No Access ACL setting
LocalDomainAdmins:
Creates a group that gives some or all administrators Manager
access to all databases.The first servers administrator is added to LocalDomainAdmins
during first server setup.
Other administrators can be added to the group later.
36
IBM Software Group | Lotus Software
8/3/2019 MELJUN_CORTES_Building the IBM Lotus Domino 8.5 Infrastructure - Presentation
37/165
The Client Configuration Program
Connects to the specified server, which must contain a Persondocument for the user.
Downloads the ID file if the file is stored in the users Persondocument.
Creates the users local Contacts file.
Configures bookmarks for the users mail and Contacts files, andother databases specified in setup settings of policies.
Creates documents in the Contacts file.
37
IBM Software Group | Lotus Software
8/3/2019 MELJUN_CORTES_Building the IBM Lotus Domino 8.5 Infrastructure - Presentation
38/165
Access in the Domino Directory
Having Manager access to the IBM Lotus Domino Directory ACLenables editing the ACL.
To create and edit documents in the Domino Directory,administrators must also be assigned the appropriate ACLrole(s).
Worldwide Corporation will assign all ACL roles to the
administrators and to servers.
38
IBM Software Group | Lotus Software
8/3/2019 MELJUN_CORTES_Building the IBM Lotus Domino 8.5 Infrastructure - Presentation
39/165
Privileges and the LocalDomainAdmins Group
During first server setup, if LocalDomainAdmins is added andassigned Manager access in the ACL of every database, anyadministrator listed in LocalDomainAdmins can change the ACL
of any database, including the Domino Directory.
LocalDomainAdmins is not automatically assigned any roles:
The roles in the Domino Directory specify who can create and
edit documents.
Without the roles, an administrator cannot perform anyregistration tasks, because the registration program createsdocuments.
Managers can edit the ACL, so members ofLocalDomainAdmins could assign the appropriate ACL roles tothemselves.
39
IBM Software Group | Lotus Software
8/3/2019 MELJUN_CORTES_Building the IBM Lotus Domino 8.5 Infrastructure - Presentation
40/165
Lesson 2 ObjectivesAdding IBM Lotus Domino Servers
After completing this lesson, you should be able to:
Register servers.
Configure and start an additional Lotus Domino Server.
40
IBM Software Group | Lotus Software
8/3/2019 MELJUN_CORTES_Building the IBM Lotus Domino 8.5 Infrastructure - Presentation
41/165
Implementation Checklist
Task Procedure 1 Set up the first server.
2 Add an administrators workstation.
3 Set up access to the Lotus Domino Directory.
4 Add Lotus Domino servers.5 Add organizational units.
6 Register administrators.
7 Add Lotus Notes clients.
8 Create user groups.
9 Create organizational policy.
10 Register users.
11 Set administration preferences.
12 Set up access to servers.
13 Set up server logging.
14 Synchronize Lotus Domino system databases throughout the domain.
15 Route mail internally.
16 Route mail to the Internet.
17 Set mail controls.
18 Test mail routing and delivery.
IBM Software Group | Lotus Software
8/3/2019 MELJUN_CORTES_Building the IBM Lotus Domino 8.5 Infrastructure - Presentation
42/165
The Server Registration Process
Existing server and workstation required
Server registration creates:
A Server document in the Domino DirectoryAn ID file stored as an attachment in the Server document or
as a file at the operating system level.
42
IBM Software Group | Lotus Software
8/3/2019 MELJUN_CORTES_Building the IBM Lotus Domino 8.5 Infrastructure - Presentation
43/165
Domino Directory Access for Registering Servers
ACL access:
Author access or higher
The Create documents privilegeThe ServerCreator role
Certifier ID and password access
43
IBM Software Group | Lotus Software
S ID Fil S O i
8/3/2019 MELJUN_CORTES_Building the IBM Lotus Domino 8.5 Infrastructure - Presentation
44/165
Server ID File Storage Options
Storing the ID file in the Domino Directory of an existing server:
Allows the new server to detach the ID file from the Serverdocument of the existing server's Domino Directory.
Requires a password for the attached server ID. The result isthat after the server is configured, it cannot be restarted fromthe Domino Administrator remotely, because the password
prompt displays on the server machine.
Storing the ID file in the file system requires that the additionalserver machine has access to the ID file locally or on thenetwork.
44
IBM Software Group | Lotus Software
Cl S I l t ti
8/3/2019 MELJUN_CORTES_Building the IBM Lotus Domino 8.5 Infrastructure - Presentation
45/165
Classroom Server Implementation
g0851091-1.pngEast01/SVR/WWCorpEast02/SVR/WWCorp
East01/SVR/WWCorpEast02/SVR/WWCorp
Hub/SVR/WWCorpHub/SVR/WWCorp
East03/SVR/WWCorpEast04/SVR/WWCorp
East03/SVR/WWCorpEast04/SVR/WWCorp
East05/SVR/WWCorpEast06/SVR/WWCorp
East05/SVR/WWCorpEast06/SVR/WWCorp
West03/SVR/WWCorpWest04/SVR/WWCorp
West03/SVR/WWCorpWest04/SVR/WWCorp
West05/SVR/WWCorpWest06/SVR/WWCorp
West05/SVR/WWCorpWest06/SVR/WWCorp
West01/SVR/WWCorpWest02/SVR/WWCorp
West01/SVR/WWCorpWest02/SVR/WWCorp
IBM Software Group | Lotus Software
St d d Di t St t
8/3/2019 MELJUN_CORTES_Building the IBM Lotus Domino 8.5 Infrastructure - Presentation
46/165
Standard Directory Structure
f0851092-1.png
IBM Software Group | Lotus Software
C t l Di t St t
8/3/2019 MELJUN_CORTES_Building the IBM Lotus Domino 8.5 Infrastructure - Presentation
47/165
Central Directory Structure
Central DirectoriesCentral Directories
ConfigurationDirectories
ConfigurationDirectories
IBM Software Group | Lotus Software
Clearing the Server ID Password
8/3/2019 MELJUN_CORTES_Building the IBM Lotus Domino 8.5 Infrastructure - Presentation
48/165
Clearing the Server ID Password
Requires local access to the ID file
Two approaches:
In Domino Administrator, click ConfigurationCertificationIDProperties.
Run nlnotes.exe from a Windows server, then click FileSecurityUser Security.
48
IBM Software Group | Lotus Software
L 3 Obj ti
8/3/2019 MELJUN_CORTES_Building the IBM Lotus Domino 8.5 Infrastructure - Presentation
49/165
Lesson 3 ObjectivesAdding IBM Lotus Notes Clients
After completing this lesson, you should be able to:
Create an organizational unit certifier.
Register new administrators.
Register users from a file.
Replicate Server document changes.
Set up an administrator workstation.
Verify the Domino installation.
Create replicas on multiple servers.
49
IBM Software Group | Lotus Software
Implementation Checklist
8/3/2019 MELJUN_CORTES_Building the IBM Lotus Domino 8.5 Infrastructure - Presentation
50/165
Implementation Checklist
Task Procedure 1 Set up the first server.
2 Add an administrators workstation.
3 Set up access to the Lotus Domino Directory.
4 Add Lotus Domino servers.
5 Add organizational units.
6 Register administrators.
7 Add Lotus Notes clients.
8 Create user groups.
9 Create organizational policy.
10 Register users.
11 Set administration preferences.
12 Set up access to servers.
13 Set up server logging.14 Synchronize Lotus Domino system databases throughout the domain.
15 Route mail internally.
16 Route mail to the Internet.
17 Set mail controls.
18 Test mail routing and delivery.
IBM Software Group | Lotus Software
Certifier Registration
8/3/2019 MELJUN_CORTES_Building the IBM Lotus Domino 8.5 Infrastructure - Presentation
51/165
Certifier Registration
Certifier document in the Domino Directory:
Contains the certified public key
During authentication, the key is compared with the key in anID file
Certifier ID file for certifying descendants of the organizationalunit
51
IBM Software Group | Lotus Software
Certification Log
8/3/2019 MELJUN_CORTES_Building the IBM Lotus Domino 8.5 Infrastructure - Presentation
52/165
Certification Log
Must be named Certlog.nsf
Maintains a record of each use of a certifier to register users orother certifiers:
Name, license type, and ID number for the registered user,server, or certifier
Date of certification and expiration
Name, license type, and ID number of the certifier ID used tocertify the new ID
52
IBM Software Group | Lotus Software
Mail Servers for Each Administrator
8/3/2019 MELJUN_CORTES_Building the IBM Lotus Domino 8.5 Infrastructure - Presentation
53/165
Mail Servers for Each Administrator
HeadquartersHeadquarters
Hub/SVR/WWCorpHub/SVR/WWCorpDoctor Notes/
WWCorp
Doctor Notes/WWCorp
East01East02
East01East02
East03East04
East03East04
East05
East06
East05East06
West01West02
West01West02
West05
West06
West05West06
West03West04
West03West04
Administrator name Mail server name
Admin East01 East01/SVR/WWCorp
Admin East02 East02/SVR/WWCorp
Admin East03 East03/SVR/WWCorp
Admin East04 East04/SVR/WWCorp
Admin East05 East05/SVR/WWCorp
Admin East06 East06/SVR/WWCorp
Admin West01 West01/SVR/WWCorp
Admin West02 West02/SVR/WWCorp
Admin West03 West03/SVR/WWCorp
Admin West04 West04/SVR/WWCorp
Admin West05 West05/SVR/WWCorp
Admin West06 West06/SVR/WWCorp
53
IBM Software Group | Lotus Software
Internet Password Options
8/3/2019 MELJUN_CORTES_Building the IBM Lotus Domino 8.5 Infrastructure - Presentation
54/165
Internet Password Options
Certificate revocation checking via Online Certificate StatusProtocol (OCSP)
Advanced Encryption Standard (AES) support for SSL
Smartcard improvements
54
IBM Software Group | Lotus Software
Internet Password Locking
8/3/2019 MELJUN_CORTES_Building the IBM Lotus Domino 8.5 Infrastructure - Presentation
55/165
Internet Password Locking
3 Strikes rule for HTTP
Enable Enforce Internet Password Lockout in serverConfiguration Settings documents
Override server settings with user security policies
Extended ACLs
55
IBM Software Group | Lotus Software
ID File Distribution
8/3/2019 MELJUN_CORTES_Building the IBM Lotus Domino 8.5 Infrastructure - Presentation
56/165
ID File Distribution
Attach the ID file to the user's Person document in the DominoDirectory
Store the ID file on disk
56
IBM Software Group | Lotus Software
Servers for Each Administrator
8/3/2019 MELJUN_CORTES_Building the IBM Lotus Domino 8.5 Infrastructure - Presentation
57/165
Se e s o ac d st ato
Administrator Server
Admin East01 East01/SVR/WWCorp
Admin East02 East02/SVR/WWCorp
Admin East03 East03/SVR/WWCorp
Admin East04 East04/SVR/WWCorp
Admin East05 East05/SVR/WWCorp
Admin East06 East06/SVR/WWCorp
Admin West01 West01/SVR/WWCorp
Admin West02 West02/SVR/WWCorp
Admin West03 West03/SVR/WWCorp
Admin West04 West04/SVR/WWCorp
Admin West05 West05/SVR/WWCorp
Admin West06 West06/SVR/WWCorp
IBM Software Group | Lotus Software
User Registration
8/3/2019 MELJUN_CORTES_Building the IBM Lotus Domino 8.5 Infrastructure - Presentation
58/165
g
One at a time by using the Registration dialog box
Multiple users simultaneously by using a text file
User namesOther information
58
IBM Software Group | Lotus Software
Replicating the Domino Directory to Other Servers
8/3/2019 MELJUN_CORTES_Building the IBM Lotus Domino 8.5 Infrastructure - Presentation
59/165
p g y
Registration modifies the Domino Directory on the registrationserver
Other servers need this information
Replication enables all servers to have all new information
Some changes require a server restart
59
8/3/2019 MELJUN_CORTES_Building the IBM Lotus Domino 8.5 Infrastructure - Presentation
60/165
IBM Software Group | Lotus Software
Lotus Domino Administrator
8/3/2019 MELJUN_CORTES_Building the IBM Lotus Domino 8.5 Infrastructure - Presentation
61/165
Menus
Graphics
Tabs:People & Groups
Files
Server
Messaging
Replication
Configuration
61
IBM Software Group | Lotus Software
Administration Process
8/3/2019 MELJUN_CORTES_Building the IBM Lotus Domino 8.5 Infrastructure - Presentation
62/165
Automation of routine administrative tasks to manage:
Names
Mail filesServer documents
Components:
Administration Process task (Adminp)
Administration server
Administration Requests database (Admin4.nsf)
Certification Log (Certlog.nsf)
62
IBM Software Group | Lotus Software
Lesson 4 Objectives
8/3/2019 MELJUN_CORTES_Building the IBM Lotus Domino 8.5 Infrastructure - Presentation
63/165
Administering Users
After completing this lesson, you should be able to:
Create groups.
Create an organizational policy.
Create and assign an explicit policy.
63
IBM Software Group | Lotus Software
Implementation Checklist
8/3/2019 MELJUN_CORTES_Building the IBM Lotus Domino 8.5 Infrastructure - Presentation
64/165
Task Procedure 1 Set up the first server.
2 Add an administrators workstation.
3 Set up access to the Lotus Domino Directory.
4 Add Lotus Domino servers.
5 Add organizational units.
6 Register administrators.
7 Add Lotus Notes clients.
8 Create user groups.
9 Create organizational policy.
10 Register users.
11 Set administration preferences.
12 Set up access to servers.
13 Set up server logging.14 Synchronize Lotus Domino system databases throughout the domain.
15 Route mail internally.
16 Route mail to the Internet.
17 Set mail controls.
18 Test mail routing and delivery.
IBM Software Group | Lotus Software
Groups
8/3/2019 MELJUN_CORTES_Building the IBM Lotus Domino 8.5 Infrastructure - Presentation
65/165
Collections of users or servers, or both, that have something incommon
Facilitate management by enabling administrators to affect
multiple users or servers simultaneously
Nesting groups
Deny List Only
Access issues for members of multiple groups
Auto-populated groups
65
IBM Software Group | Lotus Software
Auto-populated Groups
8/3/2019 MELJUN_CORTES_Building the IBM Lotus Domino 8.5 Infrastructure - Presentation
66/165
Option for updating auto-populatedgroup membership once the home
mail server is specified
Option for updating auto-populatedgroup membership once the home
mail server is specified
66
IBM Software Group | Lotus Software
Policies
8/3/2019 MELJUN_CORTES_Building the IBM Lotus Domino 8.5 Infrastructure - Presentation
67/165
A Policy document and associated Policy Settings documents
Can apply to all users, an OU, a group, or a single user
Multiple policies can apply to a user; policy precedence rulesdetermine the effective policy setting
Can be organizational or explicit
67
IBM Software Group | Lotus Software
Types of Policy Settings Documents
8/3/2019 MELJUN_CORTES_Building the IBM Lotus Domino 8.5 Infrastructure - Presentation
68/165
Activities
Archiving
Desktop Mail
Registration
Security
Setup
Lotus Traveler
Roaming
Symphony
68
IBM Software Group | Lotus Software
Policy Precedence Rules
8/3/2019 MELJUN_CORTES_Building the IBM Lotus Domino 8.5 Infrastructure - Presentation
69/165
Specific overrides general:
Explicit overrides organizational
Change precedence in the Policy Settings document
69
IBM Software Group | Lotus Software
Static and Dynamic Policy Settings
8/3/2019 MELJUN_CORTES_Building the IBM Lotus Domino 8.5 Infrastructure - Presentation
70/165
Static:
Set during user registration
Set during workstation setup Dynamic:
Set when a user logs into the server
70
IBM Software Group | Lotus Software
Policy Management Tools
8/3/2019 MELJUN_CORTES_Building the IBM Lotus Domino 8.5 Infrastructure - Presentation
71/165
Policy Viewer:
Settings for each policy
Settings by functional areaSettings assigned to a specific user
Effective policies on different levels in the policy hierarchy
Policy Synopsis tool:Determines the effective policy governing a user
Reports are stored in the Policy Synopsis Results database
71
8/3/2019 MELJUN_CORTES_Building the IBM Lotus Domino 8.5 Infrastructure - Presentation
72/165
IBM Software Group | Lotus Software
Lesson 5 ObjectivesSetting Up Server Administration
8/3/2019 MELJUN_CORTES_Building the IBM Lotus Domino 8.5 Infrastructure - Presentation
73/165
Setting Up Server Administration
After completing this lesson, you should be able to:
Customize the Lotus Domino Administrator work environment.
Set access to create databases on the server.
Set administration levels.
Set logging levels.
73
IBM Software Group | Lotus Software
Implementation Checklist
8/3/2019 MELJUN_CORTES_Building the IBM Lotus Domino 8.5 Infrastructure - Presentation
74/165
Task Procedure 1 Set up the first server.
2 Add an administrators workstation.
3 Set up access to the Lotus Domino Directory.
4 Add Lotus Domino servers.
5 Add organizational units.
6 Register administrators.
7 Add Lotus Notes clients.
8 Create user groups.
9 Create organizational policy.
10 Register users.
11 Set administration preferences.
12 Set up access to servers.
13 Set up server logging.
14 Synchronize Lotus Domino system databases throughout the domain.
15 Route mail internally.
16 Route mail to the Internet.
17 Set mail controls.
18 Test mail routing and delivery.
IBM Software Group | Lotus Software
Administration Preferences
8/3/2019 MELJUN_CORTES_Building the IBM Lotus Domino 8.5 Infrastructure - Presentation
75/165
Domains to administer
Type and order of the file information displayed
How Lotus Domino collects and displays server monitoring data Defaults to use when registering users, servers, and certifiers
75
IBM Software Group | Lotus Software
Server Console Administration Tasks
8/3/2019 MELJUN_CORTES_Building the IBM Lotus Domino 8.5 Infrastructure - Presentation
76/165
Start or stop server tasks
Instruct a server task to perform a function
Change server configuration variables
Restart the server
76
IBM Software Group | Lotus Software
Server Access Control Mechanisms
8/3/2019 MELJUN_CORTES_Building the IBM Lotus Domino 8.5 Infrastructure - Presentation
77/165
Lotus Domino authentication
Lotus Domino authorization
Server document
Security tab
To allow/restrict Set this field
To limit access to onlythose users listed in theDomino Directory
Access server: Clear the users listed in all directories check box
To explicitly allow people,servers, or groups accessto this server and denyall others
Access server: Enter or select names under the word and
To explicitly deny people,servers, or groups accessto this server
Not access server
77
IBM Software Group | Lotus Software
User Access to the Server
8/3/2019 MELJUN_CORTES_Building the IBM Lotus Domino 8.5 Infrastructure - Presentation
78/165
To allow users or a group this type of access Edit this server access field
Create replica databases on this server Create new replicas
Create databases on this server Create new databases & templates
78
IBM Software Group | Lotus Software
Administration Levels
8/3/2019 MELJUN_CORTES_Building the IBM Lotus Domino 8.5 Infrastructure - Presentation
79/165
79
IBM Software Group | Lotus Software
Administration Level Details
8/3/2019 MELJUN_CORTES_Building the IBM Lotus Domino 8.5 Infrastructure - Presentation
80/165
Full Access administrators
Administrators
Database Administrators
Full Remote Console Administrators
View-Only Administrators
System Administrators
Restricted System Administrators
80
IBM Software Group | Lotus Software
Full Access Administrator Best Practices
8/3/2019 MELJUN_CORTES_Building the IBM Lotus Domino 8.5 Infrastructure - Presentation
81/165
Leave the field blank.
Create a special Full Access administrator ID file.
Disable Full Access administrators in the Notes.ini file.
81
IBM Software Group | Lotus Software
Administration Levels and Domino Web Administrator
8/3/2019 MELJUN_CORTES_Building the IBM Lotus Domino 8.5 Infrastructure - Presentation
82/165
Web-based administration tool (Webadmin.nsf).
HTTP server task synchronizes names in Web Serverdocuments Full Access administrators and administrators
fields with the ACL for Webadmin.nsf, so to add access to WebAdministrator, modify these fields.
Names that are not already on the ACL list are added with
Manager access and all roles. If the HTTP server detects a name that is already in the ACL, it
does not update the access rights.
82
IBM Software Group | Lotus Software
Domino Server Log
8/3/2019 MELJUN_CORTES_Building the IBM Lotus Domino 8.5 Infrastructure - Presentation
83/165
Mail routing events
Replication events
Server phone calls
Security events
Newsgroup events
Miscellaneous events
Database usage
User activity (if configured)
83
IBM Software Group | Lotus Software
The Notes.ini File
8/3/2019 MELJUN_CORTES_Building the IBM Lotus Domino 8.5 Infrastructure - Presentation
84/165
One for server, another for client
To edit:
Edit the file directly, but this can cause unexpected results.
Use the Set Configuration server command.
Use a Configuration Settings document (server notes.ini only).
84
IBM Software Group | Lotus Software
Logging Levels
8/3/2019 MELJUN_CORTES_Building the IBM Lotus Domino 8.5 Infrastructure - Presentation
85/165
LOG_MAILROUTING
LOG_REPLICATION
LOG_SESSIONS
LOG_TASKS
LOG_VIEW_EVENTS
85
IBM Software Group | Lotus Software
Lesson 6 ObjectivesSynchronizing IBM Lotus Domino System Databases
8/3/2019 MELJUN_CORTES_Building the IBM Lotus Domino 8.5 Infrastructure - Presentation
86/165
After completing this lesson, you should be able to:
Create server groups for replication.
Create a Connection document.
86
IBM Software Group | Lotus Software
Implementation Checklist
Task Procedure
8/3/2019 MELJUN_CORTES_Building the IBM Lotus Domino 8.5 Infrastructure - Presentation
87/165
1 Set up the first server.
2 Add an administrators workstation.
3 Set up access to the Lotus Domino Directory.
4 Add Lotus Domino servers.
5 Add organizational units.
6 Register administrators.
7 Add Lotus Notes clients.
8 Create user groups.
9 Create organizational policy.10 Register users.
11 Set administration preferences.
12 Set up access to servers.
13 Set up server logging.
14 Synchronize Lotus Domino system databases throughout the domain.
15 Route mail internally.
16 Route mail to the Internet.
17 Set mail controls.
18 Test mail routing and delivery.
IBM Software Group | Lotus Software
Server Groups and Replication
8/3/2019 MELJUN_CORTES_Building the IBM Lotus Domino 8.5 Infrastructure - Presentation
88/165
Three Connection documents:
1.Destination Server: East012.Destination Server: East023.Destination Server: East03
East03East03
East02East02
East01East01
HubHub
West03West03
West02West02
West01West01
One Connection document
Destination server: East Mail Servers,where East Mail Servers is a groupconsisting of the following members:
East01
East02 East03
88
IBM Software Group | Lotus Software
Replication Controls
8/3/2019 MELJUN_CORTES_Building the IBM Lotus Domino 8.5 Infrastructure - Presentation
89/165
Replication type
Database priority
Connection documents Selective replication
Server access
Access Control List
Element access
89
IBM Software Group | Lotus Software
Replication Types
8/3/2019 MELJUN_CORTES_Building the IBM Lotus Domino 8.5 Infrastructure - Presentation
90/165
Pull Pull
Pull Push
Pull only Push only
90
IBM Software Group | Lotus Software
Methods for Forcing Replication
C l d
8/3/2019 MELJUN_CORTES_Building the IBM Lotus Domino 8.5 Infrastructure - Presentation
91/165
Console commands
Console commands and a text file listing servers and databasesto replicate
Domino Administrator:
On the Server tabTools pane, click ServerReplicate Lotus Notes or Domino Administrator:
Select the database and click FileReplicationReplicate
91
IBM Software Group | Lotus Software
Multiple Hub Configuration
8/3/2019 MELJUN_CORTES_Building the IBM Lotus Domino 8.5 Infrastructure - Presentation
92/165
HubHub
EastEast
HubHub
MailMail
CorporateHub
CorporateHub
ApplicationApplicationApplicationApplication
MailMail
ApplicationApplication
WestWest
HeadquartersHeadquarters
92
IBM Software Group | Lotus Software
Replication Schedules for Critical Applications
Domino Director (Names nsf) se eral times thro gho t the da
8/3/2019 MELJUN_CORTES_Building the IBM Lotus Domino 8.5 Infrastructure - Presentation
93/165
Domino Directory (Names.nsf): several times throughout the day
Critical applications:
Specify high replication priority, and create a Connectiondocument specifying high priority databases with a shortinterval
Or, place critical applications in a subdirectory of the
Domino\data directory, and create a Connection documentspecifying the subdirectory to replicate at a short interval
Or, click FileReplicationOptions for thisApplicationOther and set Set scheduled replicationpriority for this replica to High.
93
IBM Software Group | Lotus Software
Completed Connection Document
8/3/2019 MELJUN_CORTES_Building the IBM Lotus Domino 8.5 Infrastructure - Presentation
94/165
94
IBM Software Group | Lotus Software
Lesson 7 ObjectivesConfiguring Basic Intranet Mail Routing
8/3/2019 MELJUN_CORTES_Building the IBM Lotus Domino 8.5 Infrastructure - Presentation
95/165
After completing this lesson, you should be able to:
Configure Notes Named Networks.
Implement a hub-and-spoke mail routing topology.
Select a mail storage format for incoming mail.
95
IBM Software Group | Lotus Software
Implementation Checklist
Task Procedure
1 Set up the first server
8/3/2019 MELJUN_CORTES_Building the IBM Lotus Domino 8.5 Infrastructure - Presentation
96/165
1 Set up the first server.
2 Add an administrators workstation.
3 Set up access to the Lotus Domino Directory.
4 Add Lotus Domino servers.
5 Add organizational units.
6 Register administrators.
7 Add Lotus Notes clients.
8 Create user groups.
9 Create organizational policy.10 Register users.
11 Set administration preferences.
12 Set up access to servers.
13 Set up server logging.
14 Synchronize Lotus Domino system databases throughout the domain.
15 Route mail internally.
16 Route mail to the Internet.
17 Set mail controls.
18 Test mail routing and delivery.
IBM Software Group | Lotus Software
Intranet Mail Routing Checklist
Task Procedure
8/3/2019 MELJUN_CORTES_Building the IBM Lotus Domino 8.5 Infrastructure - Presentation
97/165
Task Procedure
1. Set up Notes Named Networks for mail routing.
2. Create mail routing topologies and schedule mail routing
between NNNs.
3. Select a mail storage format.
97
IBM Software Group | Lotus Software
Classroom Intranet Implementation
NRPC Mail
NRPC Mail
8/3/2019 MELJUN_CORTES_Building the IBM Lotus Domino 8.5 Infrastructure - Presentation
98/165
f0851097-1.png
Hub/SVR/WWCorpHub/SVR/WWCorpNNN: WWCorpHQNNN: WWCorpHQ
East01East02
East01East02
East03East04
East03East04
East05East06East05East06
West01West02
West01West02
West03West04
West03West04
West05West06West05West06
NRPC MailRouting Within
NNNs
NRPC Mail
Routing WithinNNNs
NRPC MailRouting Between
NNNs
NRPC MailRouting Between
NNNs
NNN: WWCorpEastNNN: WWCorpEast NNN: WWCorpWestNNN: WWCorpWest
IBM Software Group | Lotus Software
Mail Routing Components
Mail file
8/3/2019 MELJUN_CORTES_Building the IBM Lotus Domino 8.5 Infrastructure - Presentation
99/165
Mail file
Mail server
Mailer
Domino Directory
Mail.box
Router
99
IBM Software Group | Lotus Software
Sample Intranet Mail Routing Scenario
3
3
8/3/2019 MELJUN_CORTES_Building the IBM Lotus Domino 8.5 Infrastructure - Presentation
100/165
f0851097-2.png
66
11
Automaticmail routing
within the NNN
Automaticmail routing
within the NNN
Connectiondocument formail routing
Connectiondocument formail routing
22 44
55
NNN: WWCorpHQNNN: WWCorpHQ
East01East01
Juans mail serverEast04
Juans mail serverEast04
NNN: WWCorpEastNNN: WWCorpEast NNN: WWCorpWestNNN: WWCorpWest
West01West01
Marys mail serverWest06
Marys mail serverWest06
IBM Software Group | Lotus Software
Opportunistic Routing
Routing mail when servers connect to replicate based on
8/3/2019 MELJUN_CORTES_Building the IBM Lotus Domino 8.5 Infrastructure - Presentation
101/165
out g a e se e s co ect to ep cate based oestablished replication schedule
Might not be often enough to transfer mail between NNNs
101
IBM Software Group | Lotus Software
Connection Document Mail Routing Options
Routing task
8/3/2019 MELJUN_CORTES_Building the IBM Lotus Domino 8.5 Infrastructure - Presentation
102/165
g
Route at once if X messages pending
Router type
102
IBM Software Group | Lotus Software
Router Types and Connection Documents
Two Connection documents required
8/3/2019 MELJUN_CORTES_Building the IBM Lotus Domino 8.5 Infrastructure - Presentation
103/165
q
Can use Pull Push for one server and Push Wait for the other
Pull Push and Pull Only settings
103
IBM Software Group | Lotus Software
Mail Storage Formats
MIME:
8/3/2019 MELJUN_CORTES_Building the IBM Lotus Domino 8.5 Infrastructure - Presentation
104/165
Messages sent over SMTP are always sent in MIME format
Notes Rich Text
104
IBM Software Group | Lotus Software
Lesson 8 ObjectivesConfiguring Mail Routing to the Internet
After completing this lesson, you should be able to:
8/3/2019 MELJUN_CORTES_Building the IBM Lotus Domino 8.5 Infrastructure - Presentation
105/165
te co p et g t s esso , you s ou d be ab e to
Enable the SMTP listener task.
Configure Basic SMTP settings.
Restrict Internet mail delivery.
Enable whitelist and blacklist filters.
Configure extended SMTP (E/SMTP) options.
Configure Internet addressing. Test SMTP.
105
IBM Software Group | Lotus Software
Implementation Checklist
Task Procedure
1 Set up the first server.
8/3/2019 MELJUN_CORTES_Building the IBM Lotus Domino 8.5 Infrastructure - Presentation
106/165
2 Add an administrators workstation.
3 Set up access to the Lotus Domino Directory.
4 Add Lotus Domino servers.
5 Add organizational units.
6 Register administrators.
7 Add Lotus Notes clients.
8 Create user groups.
9 Create organizational policy.
10 Register users.
11 Set administration preferences.
12 Set up access to servers.
13 Set up server logging.
14 Synchronize Lotus Domino system databases throughout the domain.
15 Route mail internally.
16 Route mail to the Internet.
17 Set mail controls.
18 Test mail routing and delivery.
IBM Software Group | Lotus Software
Internet Mail Routing Checklist
Task Procedure
8/3/2019 MELJUN_CORTES_Building the IBM Lotus Domino 8.5 Infrastructure - Presentation
107/165
1. Enable the SMTP listener task on appropriate servers.
2. Configure basic SMTP options.
3. Restrict mail flow to and from the Internet.
4. Set advanced SMTP options.
5. Configure Internet mail addressing.
107
IBM Software Group | Lotus Software
Classroom Internet Implementation
8/3/2019 MELJUN_CORTES_Building the IBM Lotus Domino 8.5 Infrastructure - Presentation
108/165
f0851098-1.png
Hub/SVR/WWCorpHub/SVR/WWCorpRelays, SMTP
Controls
Relays, SMTPControls
IBM Software Group | Lotus Software
SMTP Implementation Scenarios
All servers
8/3/2019 MELJUN_CORTES_Building the IBM Lotus Domino 8.5 Infrastructure - Presentation
109/165
Selected servers
Combined
109
IBM Software Group | Lotus Software
Best Practice Implementation
8/3/2019 MELJUN_CORTES_Building the IBM Lotus Domino 8.5 Infrastructure - Presentation
110/165
f0851098-2.png
Relays, SMTPControls
Relays, SMTPControls
HubHub HubHub
IBM Software Group | Lotus Software
Sample Internet Mail Routing Scenario
3
3
8/3/2019 MELJUN_CORTES_Building the IBM Lotus Domino 8.5 Infrastructure - Presentation
111/165
Hub/SVR/WWCorpHub/SVR/WWCorp
11
RelayRelay
Mary CostelloWest03/SVR/WWCorp
Mary CostelloWest03/SVR/WWCorp
22
IBM Software Group | Lotus Software
SMTP Listener and Router Tasks
SMTP listener task:
8/3/2019 MELJUN_CORTES_Building the IBM Lotus Domino 8.5 Infrastructure - Presentation
112/165
Handles incoming SMTP connections.
Delivers messages received over those connections to
Mail.box.
Router task for SMTP:
Same Router task that handles Lotus Notes routing (NRPC).
When a message in Mail.box requires transfer to anotherserver, the Router determines where to send it and whether tosend it over NRPC or SMTP.
112
8/3/2019 MELJUN_CORTES_Building the IBM Lotus Domino 8.5 Infrastructure - Presentation
113/165
IBM Software Group | Lotus Software
SMTP Inbound and Outbound Controls
Inbound controls enable you to allow or deny:
R i i f ifi l I d i
8/3/2019 MELJUN_CORTES_Building the IBM Lotus Domino 8.5 Infrastructure - Presentation
114/165
Receiving messages from specific external Internet domains.
Receiving unsolicited commercial messages in general or from sources
listed in one or more DNS Blacklists (DNSBLs).
Receiving messages directed to specific Lotus Notes addresses.
Relaying of messages from specific external Internet hosts to external
Internet domains.
Outbound controls enable you to allow or deny:
Sending messages to specific Internet addresses to be sent out to the
Internet.Sending messages from specific Lotus Notes addresses to the Internet.
114
IBM Software Group | Lotus Software
DNS Whitelist Filters
Used in conjunction with anti-spam features
Validate that the mail received by your inbound SMTP server is
8/3/2019 MELJUN_CORTES_Building the IBM Lotus Domino 8.5 Infrastructure - Presentation
115/165
legitimate mail
Query process:
DNS query tries to locate the IP address of the connectingserver in the whitelist database as specified on theConfiguration Settings document.
IP addresses found in the database are considered to belegitimate senders of e-mail and will be added to the whitelisthost lists.
115
IBM Software Group | Lotus Software
Enabling DNS Whitelist Filters
Silently skip blacklist filters (Default)
8/3/2019 MELJUN_CORTES_Building the IBM Lotus Domino 8.5 Infrastructure - Presentation
116/165
Log only
Log and tag message
116
IBM Software Group | Lotus Software
DNS Whitelist Filter Statistics
8/3/2019 MELJUN_CORTES_Building the IBM Lotus Domino 8.5 Infrastructure - Presentation
117/165
117
IBM Software Group | Lotus Software
DNS Blacklist Filters
Similar in operation to whitelist filters
Q
8/3/2019 MELJUN_CORTES_Building the IBM Lotus Domino 8.5 Infrastructure - Presentation
118/165
Query process:
When blacklist filters are enabled, the Lotus Domino server
sends a query to the specified sites to check the blacklist.
If a host is blacklisted, the Lotus Domino server will act inwhatever way is specified in the Configuration Settings
document.
118
IBM Software Group | Lotus Software
Actions for Hosts Found in DNS Blacklist Database
Log only (default)
L d t
8/3/2019 MELJUN_CORTES_Building the IBM Lotus Domino 8.5 Infrastructure - Presentation
119/165
Log and tag message
Log and reject message
119
IBM Software Group | Lotus Software
Private Whitelist Filters
Exceptions to blacklist filters
Provide more granular administrative control
8/3/2019 MELJUN_CORTES_Building the IBM Lotus Domino 8.5 Infrastructure - Presentation
120/165
Provide more granular administrative control
120
IBM Software Group | Lotus Software
Private Blacklist Filters
Exceptions to whitelist filters
Provide more granular administrative control
8/3/2019 MELJUN_CORTES_Building the IBM Lotus Domino 8.5 Infrastructure - Presentation
121/165
Provide more granular administrative control
121
IBM Software Group | Lotus Software
Order of Whitelist and Blacklist Precedence
1. Private whitelists
2 Private blacklists
8/3/2019 MELJUN_CORTES_Building the IBM Lotus Domino 8.5 Infrastructure - Presentation
122/165
2. Private blacklists
3. DNS whitelists
4. DNS blacklists
122
IBM Software Group | Lotus Software
E/SMTP Settings Uses
To reduce connection charges:
Set the extended Turn (ETRN) extension to enable the calling
8/3/2019 MELJUN_CORTES_Building the IBM Lotus Domino 8.5 Infrastructure - Presentation
123/165
Set the extended Turn (ETRN) extension to enable the callingserver (such as an ISP server) to request the called server to
push mail to the ISP server. To restrict messages of a specific size from being delivered:
Enable the Size extension field.
123
IBM Software Group | Lotus Software
Configuring Internet Addresses
When to configure:
During user registration
8/3/2019 MELJUN_CORTES_Building the IBM Lotus Domino 8.5 Infrastructure - Presentation
124/165
During user registration
Or, any time after a user is registered
Lookup options:
Full SMTP address only
Local part of the SMTP address
Full SMTP address, then if no matches are found, the local partSMTP address
124
IBM Software Group | Lotus Software
Lesson 9 ObjectivesEstablishing Mail Controls
After completing this lesson, you should be able to:
Configure router restrictions.
8/3/2019 MELJUN_CORTES_Building the IBM Lotus Domino 8.5 Infrastructure - Presentation
125/165
g
Implement message disclaimers.
Implement mail delivery controls.
Implement mail transfer controls.
Configure multiple server mailboxes.
125
IBM Software Group | Lotus Software
Implementation Checklist
Task Procedure
1 Set up the first server.
2 Add an administrators workstation.
3 Set up access to the Lotus Domino Directory
8/3/2019 MELJUN_CORTES_Building the IBM Lotus Domino 8.5 Infrastructure - Presentation
126/165
3 Set up access to the Lotus Domino Directory.
4 Add Lotus Domino servers.
5 Add organizational units.6 Register administrators.
7 Add Lotus Notes clients.
8 Create user groups.
9 Create organizational policy.
10 Register users.
11 Set administration preferences.
12 Set up access to servers.
13 Set up server logging.
14 Synchronize Lotus Domino system databases throughout the domain.
15 Route mail internally.
16 Route mail to the Internet.
17 Set mail controls.
18 Test mail routing and delivery.
126
IBM Software Group | Lotus Software
Mail Restrictions and Controls
To control this type of mail flow Use this field
Allow only the specified domains tosend mail to this domain
Allow mail only from domains
8/3/2019 MELJUN_CORTES_Building the IBM Lotus Domino 8.5 Infrastructure - Presentation
127/165
send mail to this domainy
Restrict specific domains fromsending mail to this domain
Deny mail from domains
Restrict only specific organizationhierarchy to send mail to this domain
Allow mail only from the following organizations andorganizational units
Deny messages larger than a specificsize
Maximum message size
To route larger messages as lowpriority, therefore, defer transferring
until a different time of day
Send all messages as low priority if message size isbetween
127
IBM Software Group | Lotus Software
Message Disclaimers
Notices added to outgoing SMTP e-mail messages to protect anorganization's legal interests
8/3/2019 MELJUN_CORTES_Building the IBM Lotus Domino 8.5 Infrastructure - Presentation
128/165
Can be enabled or disabled from the Lotus Notes client, the
Domino server, or both Multiple disclaimers can be used
Implementation:
Enable message disclaimers at the server level
Create Mail Policy Settings documents that contain theappropriate disclaimer text for the organization
128
IBM Software Group | Lotus Software
Attaching and Enabling Message Disclaimers
Attachment options:
At the server, disclaimer text that is specified in the Policy
8/3/2019 MELJUN_CORTES_Building the IBM Lotus Domino 8.5 Infrastructure - Presentation
129/165
Settings document is attached by the server
At the Lotus Notes client, disclaimer text is attached by theLotus Notes client prior to depositing the mail message onthe server
Enabling message disclaimers
129
IBM Software Group | Lotus Software
Message Disclaimer Policy Settings
8/3/2019 MELJUN_CORTES_Building the IBM Lotus Domino 8.5 Infrastructure - Presentation
130/165
130
IBM Software Group | Lotus Software
Mail Delivery Controls
To control this type of mail delivery Use this field
Maximum number of server threads Domino can create to delivermail from Mail.box to local mail files
Maximum delivery threads
Encryption Encrypt all delivered mail
8/3/2019 MELJUN_CORTES_Building the IBM Lotus Domino 8.5 Infrastructure - Presentation
131/165
Encryption Encrypt all delivered mail
Whether or not the server permits the use of pre-delivery agents Pre-delivery agents
Maximum time (in seconds) that a pre-delivery agent, such as amail filter, can run before the Router interrupts it
Pre-delivery agent timeout
Whether the Router supports the rule action to send copies ofselected messages automatically to other recipients
User rules mail forwarding
131
IBM Software Group | Lotus Software
Mail Transfer Controls
To manage this type of mail Set this field
When low priority mail should be transferred Low priority mail routing time range
8/3/2019 MELJUN_CORTES_Building the IBM Lotus Domino 8.5 Infrastructure - Presentation
132/165
p y p y g g
How often the Router should retry transferring mail Initial transfer retry interval
How often expired messages should be purged from the server'sMail.box
Expired message purge interval
132
IBM Software Group | Lotus Software
Using Multiple Server Mailboxes
Reduces contention
Increases reliability
8/3/2019 MELJUN_CORTES_Building the IBM Lotus Domino 8.5 Infrastructure - Presentation
133/165
Increases delivery speed
133
IBM Software Group | Lotus Software
Lesson 10 ObjectivesImplementing Mail Rules and Storage limits
After completing this lesson, you should be able to:
Create and activate a server mail rule.
8/3/2019 MELJUN_CORTES_Building the IBM Lotus Domino 8.5 Infrastructure - Presentation
134/165
Enable mail journaling.
Implement blacklist tag and whitelist tag mail rule configurations.
Establish mail quotas.
Control inbox size with Inbox Maintenance.
Archive mail.
134
IBM Software Group | Lotus Software
Implementation Checklist
Task Procedure
1 Set up the first server.
2 Add an administrators workstation.
3 Set up access to the Lotus Domino Directory.
8/3/2019 MELJUN_CORTES_Building the IBM Lotus Domino 8.5 Infrastructure - Presentation
135/165
4 Add Lotus Domino servers.
5 Add organizational units.
6 Register administrators.
7 Add Lotus Notes clients.
8 Create user groups.
9 Create organizational policy.
10 Register users.
11 Set administration preferences.
12 Set up access to servers.
13 Set up server logging.
14 Synchronize Lotus Domino system databases throughout the domain.
15 Route mail internally.
16 Route mail to the Internet.
17 Set mail controls.
18 Test mail routing and delivery.
IBM Software Group | Lotus Software
Mail Rules
Define actions to be taken on certain messages
Use to:
8/3/2019 MELJUN_CORTES_Building the IBM Lotus Domino 8.5 Infrastructure - Presentation
136/165
Reject messages.
Redirect messages with attachments to a quarantine database.
Copy messages to another database.
136
IBM Software Group | Lotus Software
How Mail Rules Work
8/3/2019 MELJUN_CORTES_Building the IBM Lotus Domino 8.5 Infrastructure - Presentation
137/165
137
IBM Software Group | Lotus Software
Mail Rule Processing
When the Domino server starts
When Mail.box receives any new message
8/3/2019 MELJUN_CORTES_Building the IBM Lotus Domino 8.5 Infrastructure - Presentation
138/165
When a new rule is added
When Mail.box receives any encrypted message
When a rule prevents a message from reaching its destination
138
IBM Software Group | Lotus Software
Mail Rule Actions
Journal a message
Move a message to a database for storage or quarantine
8/3/2019 MELJUN_CORTES_Building the IBM Lotus Domino 8.5 Infrastructure - Presentation
139/165
Refuse to accept or deliver a message
Change the routing state of a message
Administrator review of messages redirected toquarantine database
Stop processing of subsequent mail rules
139
IBM Software Group | Lotus Software
Mail Journaling
Captures copies of messages sent through the system
Works in conjunction with mail rules
8/3/2019 MELJUN_CORTES_Building the IBM Lotus Domino 8.5 Infrastructure - Presentation
140/165
Does not disrupt the normal routing process
140
IBM Software Group | Lotus Software
How Mail Journaling Works
Messages are examined as the pass through Mail.box
Journal flag is placed on the message before transferring it to thenext server
8/3/2019 MELJUN_CORTES_Building the IBM Lotus Domino 8.5 Infrastructure - Presentation
141/165
next server
Selected messages are encrypted and saved to a Lotus DominoMail Journaling database (Mailjrn.nsf)
Message is delivered from the destination server after removing
the journal flag
141
IBM Software Group | Lotus Software
Tag Mail Rule Conditions
Enables administrators and users to do more with the messagesthat get tagged by private whitelists, private blacklists, DNSwhitelists, and DNS blacklists.
8/3/2019 MELJUN_CORTES_Building the IBM Lotus Domino 8.5 Infrastructure - Presentation
142/165
For server mail rules, the administrator can move taggedmessages to a particular database for analysis, or they can placethe messages on hold.
For user mail rules, the user can move tagged messages to a
certain folder, delete them, or send copies to the administrator.
142
IBM Software Group | Lotus Software
Tags, Field Names, and Values
Tag Field name and value
Private Whitelist $DNSWLSite:
DNS Whitelist$DNSWLSite:
8/3/2019 MELJUN_CORTES_Building the IBM Lotus Domino 8.5 Infrastructure - Presentation
143/165
DNS Whitelistfound>
Private Blacklist $DNSBLSite:
DNS Blacklist $DNSBLSite:
143
IBM Software Group | Lotus Software
Tagged Messages and Fields Examples
8/3/2019 MELJUN_CORTES_Building the IBM Lotus Domino 8.5 Infrastructure - Presentation
144/165
144
IBM Software Group | Lotus Software
Creating Mail Rules with Tags
8/3/2019 MELJUN_CORTES_Building the IBM Lotus Domino 8.5 Infrastructure - Presentation
145/165
145
IBM Software Group | Lotus Software
Mail Quotas
Size limits that are set on users mail files
Two types:
Absolute
8/3/2019 MELJUN_CORTES_Building the IBM Lotus Domino 8.5 Infrastructure - Presentation
146/165
Absolute
Warning threshold
Associated with a particular mail file database, not with a user ID
Implementation options:
During registration
Per database
146
IBM Software Group | Lotus Software
Enabling Inbox Maintenance in Mail Policy Settings
Inbox Maintenance enabled in the Policy Settings Document
Inbox Maintenance enabled in the Policy Settings Document
8/3/2019 MELJUN_CORTES_Building the IBM Lotus Domino 8.5 Infrastructure - Presentation
147/165
147
IBM Software Group | Lotus Software
Configuring Inbox Maintenance in the Server Document
8/3/2019 MELJUN_CORTES_Building the IBM Lotus Domino 8.5 Infrastructure - Presentation
148/165
Inbox Maintenance configurationin the Server document
Inbox Maintenance configurationin the Server document
148
IBM Software Group | Lotus Software
Archiving
Automation of copying outdated mail to an archive database ordeleting the mail, and cleaning up the mail file
Archiving policies:
8/3/2019 MELJUN_CORTES_Building the IBM Lotus Domino 8.5 Infrastructure - Presentation
149/165
Easy to manage and allow for standardizationProvide more control over mail environment
149
IBM Software Group | Lotus Software
Archive Policy Documents
Policy document
Archive Policy Settings document:
Whether to allow archiving
8/3/2019 MELJUN_CORTES_Building the IBM Lotus Domino 8.5 Infrastructure - Presentation
150/165
Whether to allow archiving
Whether or not to allow Lotus Notes users to set their ownprivate archiving criteria where archiving occurs
Archive location
Archive log information
Archive Criteria Settings document:
Establishes the criteria for document selection and mail
file cleanup
150
IBM Software Group | Lotus Software
Lesson 11 ObjectivesMonitoring Mail
After completing this lesson, you should be able to:
Verify routing and check mail delivery.
Enable mail statistics.
8/3/2019 MELJUN_CORTES_Building the IBM Lotus Domino 8.5 Infrastructure - Presentation
151/165
Enable message tracking.
Configure Message Recall.
151
IBM Software Group | Lotus Software
Implementation Checklist
Task Procedure
1 Set up the first server.2 Add an administrators workstation.
3 Set up access to the Lotus Domino Directory.
4 Add Lotus Domino servers.
8/3/2019 MELJUN_CORTES_Building the IBM Lotus Domino 8.5 Infrastructure - Presentation
152/165
5 Add organizational units.
6 Register administrators.
7 Add Lotus Notes clients.
8 Create user groups.
9 Create organizational policy.
10 Register users.
11 Set administration preferences.
12 Set up access to servers.
13 Set up server logging.
14 Synchronize Lotus Domino system databases throughout the domain.15 Route mail internally.
16 Route mail to the Internet.
17 Set mail controls.
18 Test mail routing and delivery.
8/3/2019 MELJUN_CORTES_Building the IBM Lotus Domino 8.5 Infrastructure - Presentation
153/165
8/3/2019 MELJUN_CORTES_Building the IBM Lotus Domino 8.5 Infrastructure - Presentation
154/165
IBM Software Group | Lotus Software
Misdelivered Mail
Dead mailMail that is not delivered to the recipient and cannot be
returned to the sender for non-delivery.
8/3/2019 MELJUN_CORTES_Building the IBM Lotus Domino 8.5 Infrastructure - Presentation
155/165
Undelivered mail:Mail that is not delivered because either the Router on the
server is not running or the recipient's mail server is down
155
IBM Software Group | Lotus Software
Mail Statistics
Provide additional information on:Mail flow
Current mail configuration
8/3/2019 MELJUN_CORTES_Building the IBM Lotus Domino 8.5 Infrastructure - Presentation
156/165
Use the Server Monitor to enable and monitor statistics
156
IBM Software Group | Lotus Software
Message Tracking
Tracking information stored in MTstore.nsf Message tracking can:
Track messages across Lotus Domino domains.
8/3/2019 MELJUN_CORTES_Building the IBM Lotus Domino 8.5 Infrastructure - Presentation
157/165
Be used by administrators and users from a Lotus Notes clientor Web browser.
Provide reports of where a particular mail message was sent.
157
8/3/2019 MELJUN_CORTES_Building the IBM Lotus Domino 8.5 Infrastructure - Presentation
158/165
IBM Software Group | Lotus Software
Recalling a Message
1. Open or select the message in your Sent mail folder.2. Click Recall Message.
3. If the message was sent to more than one recipient, select the
8/3/2019 MELJUN_CORTES_Building the IBM Lotus Domino 8.5 Infrastructure - Presentation
159/165
recipients from which to recall the message.4. (Optional) To recall the message even if a recipient has already
opened it, select Recall the message even if it has beenread.
5. (Optional) To suppress recall status reports, clear Send me arecall status report for each recipient.
6. Click OK twice.
159
IBM Software Group | Lotus Software
Lesson 12 ObjectivesResolving Common Mail Routing Problems
After completing this lesson, you should be able to: Send a mail trace.
Restart the Router.
8/3/2019 MELJUN_CORTES_Building the IBM Lotus Domino 8.5 Infrastructure - Presentation
160/165
Force mail routing. Resolve undelivered and dead mail.
160
IBM Software Group | Lotus Software
Implementation Checklist
Task Procedure
1 Set up the first server.2 Add an administrators workstation.
3 Set up access to the Lotus Domino Directory.
4 Add Lotus Domino servers.
5 Add organizational units.
8/3/2019 MELJUN_CORTES_Building the IBM Lotus Domino 8.5 Infrastructure - Presentation
161/165
5 Add organizational units.
6 Register administrators.
7 Add Lotus Notes clients.
8 Create user groups.
9 Create organizational policy.
10 Register users.
11 Set administration preferences.
12 Set up access to servers.
13 Set up server logging.
14 Synchronize Lotus Domino system databases throughout the domain.
15 Route mail internally.
16 Route mail to the Internet.
17 Set mail controls.
18 Test mail routing and delivery.
IBM Software Group | Lotus Software
Mail Troubleshooting Checklist
Task Procedure
1 The network connections are set up properly.2 The servers and Router are up and running.
3 The DNNs are set up properly.
4 The appropriate Connection documents exist and contain the following: the server
8/3/2019 MELJUN_CORTES_Building the IBM Lotus Domino 8.5 Infrastructure - Presentation
162/165
name is correct, the schedule is enabled, the Router type is correct.5 The connection requirements for sending mail, such as calling times or message
thresholds, have been met.
6 Replication between servers is successful, ensuring Connection documentinformation is up-to-date on all relevant servers.
7 Router restrictions do not prohibit message delivery.
8 SMTP settings are correct.
9 Inbound and outbound controls are properly set.
10 Quotas are not exceeded.
11 Mail rules do not prohibit message delivery.
12 The mail address is correct.
13 The person information is correct.
IBM Software Group | Lotus Software
Common Causes of Mail Routing Problems
Mail server down Router not running
Mail routing connection issues
8/3/2019 MELJUN_CORTES_Building the IBM Lotus Domino 8.5 Infrastructure - Presentation
163/165
163
IBM Software Group | Lotus Software
Troubleshooting Stages
Servers Routers
Network and server connections
8/3/2019 MELJUN_CORTES_Building the IBM Lotus Domino 8.5 Infrastructure - Presentation
164/165
Document settings
Message settings
Person settings (Person document or Location document)
164
IBM Software Group | Lotus Software
The Delivery Failure Process
3. Delivery Failure Reportplaced in servers mailbox
3. Delivery Failure Reportplaced in servers mailbox
1. Destinationserver down
1. Destinationserver down
8/3/2019 MELJUN_CORTES_Building the IBM Lotus Domino 8.5 Infrastructure - Presentation
165/165
2. Senders mail fileunavailable
2. Senders mail fileunavailable
165