Gregg Eldred

PCQuest: IBM Lotus Domino vs Microsoft Exchange-Part II

Gregg Eldred — Wed, 10 Mar 2010 16:50:38 -0400

In the first installment of the series, PCQuest looked at licensing and provided a high level view of features in Lotus Notes and Domino 8.5 and Microsoft Exchange and Outrlook 2010. In this, the second article in the series, they focus on the new features in each messaging platform.

Domino has incorporate several new technologies to save storage space like techniques to manage attachments, use of compression techniques, etc. There are techniques to reduce I/O, routing optimization methods to reduce latency and ensure faster mail delivery, etc. Several enhancements have also been done in group policy management to ease administration, and there are features to recover lost user ids and passwords.

. . . Just as Domino introduced features to save disk space, Exchange 2010 has added archiving, retention, and discovery features. In these, every user gets a personal archive folder, which is directly associated with the user's mailbox. Users can directly drag and drop email from their primary mailbox to this folder. This keeps their primary mailbox light, thereby helping improve performance. The process of moving emails to archives folder can also be automated through policies, to make it easier for users to manage their mailboxes.

I don't know how interesting it is, however the only people to comment on the series, to date, are Lotus Notes and Domino users. For the second installment, you will see a comment on Lotus Traveler.and connectivity with iPhones. Hopefully, a future post in the series will detail the mobile options for both platforms.

Link: PCQuest: IBM Lotus Domino vs Microsoft Exchange-Part II

Redbook: Best Practices for Building Web Applications for Domino 8.5.1

Gregg Eldred — Tue, 9 Mar 2010 22:39:33 -0400

This IBM Redbooks wiki has the following objectives:

Provide guidance on Best Practices for Domino Web Development, with emphasis on the new XPages design element. This wiki introduces the key new features of XPages and discusses how and why these features are meaningful within the context of Domino Web Development.
Provide hands-on tutorials and sample code, which give you the opportunity to work with XPages and to understand the improvements in Domino 8.5 Web application development. As a foundation application for each of the tutorials, we begin with a well known Lotus Notes and Domino application--the Document Library Template.

More >

PDF version of Redbook

The Husband Store

Gregg Eldred — Tue, 9 Mar 2010 21:52:16 -0400

A store that sells new husbands has opened in New York City , where a woman may go to choose a husband. Among the instructions at the entrance is a description of how the store operates:

You may visit this store ONLY ONCE! There are six floors and the value of the products increase as the shopper ascends the flights. The shopper may choose any item from a particular floor, or may choose to go up to the next floor, but you cannot go back down except to exit the building!

So, a woman goes to the Husband Store to find a husband. On the first floor the sign on the door reads:

Floor 1 - These men Have Jobs.

She is intrigued, but continues to the second floor, where the sign reads:

Floor 2 - These men Have Jobs and Love Kids.

'That's nice,' she thinks, 'but I want more.'

So she continues upward. The third floor sign reads:

Floor 3 - These men Have Jobs, Love Kids, and are Extremely Good Looking.

'Wow,' she thinks, but feels compelled to keep going.

She goes to the fourth floor and the sign reads:

Floor 4 - These men Have Jobs, Love Kids, are Drop-dead Good Looking and Help With Housework.

'Oh, mercy me!' she exclaims, 'I can hardly stand it!'

Still, she goes to the fifth floor and the sign reads:

Floor 5 - These men Have Jobs, Love Kids, are Drop-dead Gorgeous, Help with Housework, and Have a Strong Romantic Streak.

She is so tempted to stay, but she goes to the sixth floor, where the sign reads:

Floor 6 - You are visitor 31,456,012 to this floor. There are no men on this floor. This floor exists solely as proof that women are impossible to please. Thank you for shopping at the Husband Store.

PLEASE NOTE:

To avoid gender bias charges, the store's owner opened a New Wives store just across the street.

The first floor has wives that love sex.

The second floor has wives that love sex and have money and like beer.

The third, fourth, fifth and sixth floors have never been visited.

Thanks, Laurie.

PCQuest: Preview: Lotus Notes/Domino vs MS Exchange/Outlook 2010

Gregg Eldred — Mon, 8 Mar 2010 12:37:59 -0400

The first of several installments from PCQuest where they compare and contrast IBM Lotus Notes and Domino 8.5 and Microsoft Exchange and Outlook 2010 has been published. The initial article looks at licensing and a high level view of features.

Email servers have evolved considerably over the years. From being basic solutions that send/receive emails, they've become full-fledged platforms that enable unified communication in an enterprise, allow social networking, and even enable workflow automation. What this obviously means is that an enterprise doesn't choose a simple mail server anymore. It chooses the platform and then selects components that cater to its specific business requirements.

IBM Domino/Notes and Microsoft Exchange are the two dominant players in this space, which are now in their 2010 and 8.5 versions respectively. If you're already using one of them, then you need to decide whether or not to upgrade to its newer version or migrate to the other one.

While I believe that there are other options available to an organization, upgrading or migrating helps to keep the discussion simple. And I'll be curious to see where the discussion goes.

Link: PCQuest: Preview: Lotus Notes/Domino vs MS Exchange/Outlook 2010

Number One Son: Marine

Gregg Eldred — Sun, 7 Mar 2010 22:52:07 -0400

Some people wonder all their lives if they've made a difference. The Marines don't have that problem.
Ronald Reagan, President of the United States; 1985

Number One Son is now a United States Marine.

After 13 weeks of only communicating with him via letters, on March 4 we finally saw and spent time with Number One Son.

March 4 was Parent's Day at Parris Island. It started by arriving at the Parade Deck at 7:00 AM to watch the start of the Motivational Run. At that hour, all of the recruits looked pretty much the same, however we saw his platoon. After performing some warm up exercises, the recruits left the Parade Deck for their run. We saw his platoon run by and, somehow, I found him. Yelled out his name, as I have been known to do during his days of running cross country. No response, and none was expected. After that, we left the base for some breakfast. Returned to the base at 9:00, where we signed in and then made our way over to the All Weather Training Facility. It is here that the Commanding Officer recounts the training that the recruits experienced, explains the rules and responsibilities of liberty, introduces the Drill Instructors, and then performs the Liberty Ceremony. At the conclusion of the ceremony, the recruits are on liberty. A little chaotic, as parents, family, and friends seek out their recruits.

We found our recruit and much laughing, crying, and hugging commenced.

We spent the next 5-1/2 hours touring the base, having lunch with our recruit, and visiting MCX (think of it as the base's "Costco"). It was while walking the base with Number One Son that we learned of his orders. After his leave, he will report to Infantry School for 5-7 weeks. At the completion of that portion of his training, he will be heading directly to training for Embassy duty. It is difficult training, offered to only a handful of recruits based on their MOS, test scores, and demeanor/character. However if he passes, he will probably be assigned duty in Washington, DC. This is, from what we have been told, very good duty and allows him an opportunity for rapid promotion.

2:30 came way too quickly and we had to return him to the All Weather Training Facility so that he could report back to his platoon.

At 7:00AM, we were back at the base to see the Morning Colors Ceremony. However, it was cancelled due to the weather (cold). So, we made our way to the Parade Deck for the Graduation Ceremony. And what a ceremony it is. While the Parris Island Marine Corps Band plays, the recruits march out onto the Parade Deck. It is an amazing sight - nearly 400 men marching in perfect time. As they turn, the sounds of 800 shoes clicking at the same moment is inspiring.

I think that this was the first time I got emotional during the playing of the National Anthem.

While I have seen a few graduations in my time, this was, by far, the best graduation ceremony. Nary a dry eye in the house.

At the conclusion of the ceremony, parents, family, and friends rushed onto the Parade Deck to meet their Marines. More laughing, hugging, and crying.

Private Eldred (left) and his friend, Private Rivera. Marines.

The word "proud" is a good one, but one that doesn't do justice to the feelings that we have for Number One Son.

Thank you, again, for your kind words, prayers, and letters. Number One Son kept every piece of mail that he received and was grateful for all of it.

How about some humor? As you know, there are few items permitted to be sent to recruits. Packages are opened by the recruit, in full view of the entire platoon and Drill Instructors. One recruit's family must not have received the memo. On Valentine's Day, this particular recruit received a package from his girlfriend. Upon opening the package, he discovered that she sent him a pink teddy bear. The Drill Instructor in charge of discipline (the "kill hat," as he is referred) got his KA-BAR out, stuck it in the bear's belly, and ripped it up to it's neck. At that point he declared, "I am going to douse this is kerosene, tie a balloon to it's neck, and set it on fire. We can watch it burn as it flies out of sight. We are going to call this bear 'PJ'."

Recruits are not allowed to laugh while in formation, so most started "coughing" into their sleeves. Number One Son said it was one of the funniest things he saw.

On the way home, we stopped at Wendy's for lunch, with our Marine. What did he eat?

A Triple Baconator, small fry, and a Mr. Pibb.
Sweet and Spicy Asian Boneless Wings, small fry, and a lemonade.
Coffee Toffee Twisted Frosty

Quite an amazing sight.

Link: MCRD Parris Island Flickr Photo Set

Link: Marine Corps Recruit Depot Parris Island

Overheard

Gregg Eldred — Sun, 7 Mar 2010 21:45:40 -0400

Tech1: "Oh, man, they include the web address of their Exchange server in the presentation. Webmail.RNCHQ.Org/Exchange, expect the hacker onslaught any minute now."

Tech2: "Why bother? They already ruined a perfectly good machine by putting Exchange on it."

Thanks, Matt.

University of Dayton: Moving Students from Lotus Notes to Gmail?

Gregg Eldred — Mon, 1 Mar 2010 22:41:35 -0400

I'm not sure why, but I am enjoying the discussion that is occurring at the University of Dayton concerning e-mail. Currently, all students and staff are on the university's Domino servers. But that will probably be changing. I've talked about UD twice, once about the students forwarding their Notes mail to more familiar messaging systems and then about a paragraph in a Letter to the Editor. Now, the student newspaper, Flyer News, is reporting that the university is evaluating a move from Domino to Gmail for the students.

Rumors have been floating around campus about a change from IBM's Lotus Notes e-mail system to the more high tech Google mail (Gmail) accounts.

Lotus Notes users have been complaining of not having enough storage, so UDit has decided to look into a new e-mail system.

"We feel that offering students an increase in storage is advantageous for the students," said Susan McCabe, assistant CIO, financial and administrative operations and director of systems integration.

The benefits of switching will ultimately be the maximized mail storage that Gmail offers to users. The idea is still fresh, and there are still questions unanswered about the switch.

I like the article, as the author includes some opinions that are favorable both to Lotus Notes and the switch to Gmail.

Link: University of Dayton: One Students Opinion of University E-Mail (Lotus)

Link: University of Dayton Students Forwarding Their Notes Mail

Link: Flyer News: UD examines switch to Gmail

Big Bang Theory: Vanity Cards

Gregg Eldred — Mon, 1 Mar 2010 22:08:33 -0400

Silly me. I have been DVR'ing/taping/recording (whatever you want to call it these days) Big Bang Theory primarily so that I can stop the recording to be able to read the vanity cards that close every episode. Little did I know that they were available on the internets. For example, here is the one that appeared after this evenings episode:

I worked for Stan Lee twenty-five years ago at Marvel Animation in Los Angeles. My favorite memory is sitting in his office with the legendary Johnny Carson writer, Bob Smith. We were discussing an animated series featuring Rodney Dangerfield as “a dog that got no respect.” (Bob was the actual brains behind the project, I was just hanging around hoping to be included.) Anyway, the meeting was going along nicely, the idea of creating an unloved mutt modeled on Rodney seemed both poignant and hilarious. Then Stan rose from the throne-like seat behind his desk and said, “what this project needs is a real comedy writer.” I looked over at Bob, one of the whitest guys you’ve ever seen, and watched him get even whiter. I glanced down and saw his fists curl into bloodless mallets. A cold, eerie silence filled the room. It felt as if time had stopped. I remember thinking I’m about to see a legendary Johnny Carson writer kill the guy who invented Spider- Man. And then the oddest thing happened. Bob smiled and said, “Yeah, Stan, that’s what it needs, a real comedy writer.” Stan was happy to be agreed with. The clock started ticking again, the atmosphere returned to normal. Bob and I left the office. Stan never had a clue. When I told him this story on the set of The Big Bang Theory, he jokingly said, “So? You’re still not a real comedy writer.” We both laughed. It was funny. But I’m still gonna sic Bob Smith on his wrinkled old ass.

Thanks, Rory.

SnTT: SMTP TLS on Domino

Gregg Eldred — Thu, 25 Feb 2010 11:20:43 -0400

As I have been getting quite a few referrers looking for SMTP TLS on Domino or Domino TLS, a friend has graciously provided this primer on enabling TLS with Domino.

This post now fully peer reviewed and correct

For the purposes of illustration here, I have used 192.168.0.1 to mean the public IP address of your Domino SMTP/mail router server, domino.company.example to mean your Domino server's fully qualified host name and keyfile.kyr to mean the keyring file used for TLS.

Using SMTP TLS (Transport Layer Security) on Domino is very simple. I have broken down the process into 5 steps:

1. DNS Set Up

Before you start, you will need correct forward and reverse pointing for your Domino server. domino.company.example should have a host A record in public DNS pointing to 192.168.0.1 and 192.168.0.1 should have a PTR record pointing to domino.company.example.

When an SSL certificate is issued it will be issued bearing the fully qualified host name of your server and you will need to take steps to prove to the CA that the server is yours to secure. These steps include having correct DNS pointing and may well include others such as providing details of your company registration. Some CAs will verify your claim to secure domino.company.example by correlating the domain name registration with your company name and Dun & Bradstreet reference for example.

If you can't set up correct DNS for whatever reason, give up now and address that issue first.

2. Firewall Config

SMTP TLS uses TCP port 465. In addition to the other ports you have open at the firewall, you will need to open TCP/465 inbound to and outbound from domino.company.example.

If you have one of those firewalls that interferes with SMTP (example: Pix fixup), turn that off now (not the firewall, just the fixup or equivalent). Fixup and like firewall tomfoolery will prevent the use of EHLO by any SMTP client that connects. No EHLO, no TLS.

3. Keyring File Creation

If you already have an SSL certificate for domino.company.example (for HTTPS for example), you can skip this part.

To use TLS, you will need an SSL certificate on a keyring file. This keyring file is exactly the same as one used for other web security duties such as secure web access and is obtained the same way.

Open the Server Certificate Admin database on your server (typically certsrv.nsf) or create one from the template if none exists. Click Create Keyring File.

Here, Common Name means the fully qualified host name of your Domino server. Organisation should match whatever details exist in your domain registration. State should be the two letter abbreviation for your state if in the US, otherwise your region, province or whatever. British readers take note: Country is GB for Great Britain, NOT UK!

Click " Create Key Ring".

This will create two files, keyfile.kyr and keyfile.sth in the Domino root data directory. keyfile.kyr is the key ring and keyfile.sth is the stash file which holds the keyring password, hashed.

Now click Create Certificate request.

Click the Create Certificate request button:

You will need to copy and paste the entire certificate request from this screen into either an email to your certificate authority or their web form if they have one. If you are looking for an authority to use, I still recommend Digi-Sign.

Depending on how efficient your chosen CA is you should shortly receive back a certificate to be installed on the keyring. They may also send one or more trusted roots. If they do, you will need to install those on the keyring first.

To install trusted roots, click "Install Trusted Root Certificate into Keyring":

Here, File Name is the full path to the trusted root certificate file you have been sent and which you have dropped into the local file system temporarily. Repeat this step for all trusted roots you have been sent.

Now you can install your new certificate. Click "Install Certificate Into Keyring"

Here, File Name is the full path to the certificate for domino.company.example which you have dropped into the local file system temporarily.

That's it. You're done. You now have a keyring file containing an SSL certificate valid for domino.company.example and you can go ahead and modify server settings to use it.

4. Domino Server Configuration

Edit the Server Config document for domino.company.example. On the Router/SMTP / Advanced / Commands and Extensions tab, ensure that SSL negotiated over TCP/IP port: is set to Enabled. (Housekeeping tip: disable all the extensions you don't need while you're there.)

Now edit the server document for domino.company.example.

Pay close attention now! Even if your server uses Internet Site documents, you must temporarily set "Load Internet configurations from Server\Internet Sites documents:" on the "Basics" tab to Disabled. There is no need to save the server document in this state, but only by disabling Internet Site documents will you expose this part of the server document form on the Ports/Internet Ports tab. Select the Ports/Internet Ports tab now.

Every other type of Internet site has individual settings for SSL on an Internet Site document BUT outbound mail routing via SMTP does not. This is where you tell your server what keyring to use for outbound SMTP TLS. Enter the name of your new keyring file there, then go back to the Basics tab and re-enable Internet Sites if you need to.

Now you can go back to the Ports/Internet Ports tab. You will see that the SSL settings portion of the form has now been hidden. Set Mail (SMTP Inbound) and Mail (SMTP Outbound) like this:

Save the server document.

If you are not using Internet Site documents, you're done. Otherwise open your inbound SMTP Site document and configure the security tab like so:

Make sure the correct keyring file name is there. If you plan to use authentication, you can enable the Name & Password options. Otherwise leave them off.

Now you're done.

5. Testing

Restart the router and SMTP tasks.

To verify that inbound SMTP TLS is working you can set a notes.ini variable SSL_Trace_Keyfileread=1. This will log keyfile reads to the console.

Telnet into port 25 of domino.example.com. Type EHLO whatever after the greeting. You should see something like this:

220 domino.company.example ready at Thu, 25 Feb 2010 12:14:35 +0000
ehlo whatever
250-domino.company.example Hello whatever ([10.0.100.11]), pleased to meet you
250-TLS
250-STARTTLS
250 SIZE

The exact make-up of this may vary but you should see at least 250-TLS and 250-STARTTLS.

Now enter STARTTLS. You should see something like this at the Domino console:

02/25/2010 12:14:55.77 [078C:0029-0988] ReadKeyfile> Recovering password from stash file
02/25/2010 12:14:56.07 [078C:0029-0988] ReadKeyfile> Password is password
02/25/2010 12:14:56.07 [078C:0029-0988] ReadKeyfile> Reading keyfile c:\lotus\domino\data\keyfile.kyr
02/25/2010 12:14:56.09 [078C:0029-0988] ReadKeyfile> Looking for trusted roots
02/25/2010 12:14:56.19 [078C:0029-0988] ReadKeyfile> Found trusted roots
02/25/2010 12:14:56.19 [078C:0029-0988] ReadKeyfile> Exit status = 0
02/25/2010 12:14:56.19 [078C:0029-0988] ReadKeyfile> Recovering password from stash file
02/25/2010 12:14:56.19 [078C:0029-0988] ReadKeyfile> Password is password
02/25/2010 12:14:56.19 [078C:0029-0988] ReadKeyfile> Reading keyfile c:\lotus\domino\data\keyfile.kyr
02/25/2010 12:14:56.19 [078C:0029-0988] ReadKeyfile> Looking for cert chain
02/25/2010 12:14:56.23 [078C:0029-0988] ReadKeyfile> Got cert chain
02/25/2010 12:14:56.23 [078C:0029-0988] ReadKeyfile> Exit status = 0
02/25/2010 12:14:56.23 [078C:0029-0988] ReadKeyfile> Recovering password from stash file
02/25/2010 12:14:56.23 [078C:0029-0988] ReadKeyfile> Password is password
02/25/2010 12:14:56.23 [078C:0029-0988] ReadKeyfile> Reading keyfile c:\lotus\domino\data\keyfile.kyr
02/25/2010 12:14:56.23 [078C:0029-0988] ReadKeyfile> Looking for private key
02/25/2010 12:14:56.23 [078C:0029-0988] ReadKeyfile> Decoding keys
02/25/2010 12:14:56.27 [078C:0029-0988] ReadKeyfile> Keys decoded
02/25/2010 12:14:56.27 [078C:0029-0988] ReadKeyfile> Exit status = 0

Things to look out for: Correct keyring file is being used. Password is found. Exit status is 0.

Testing outbound is less straightforward. You need to wait until the Domino server encounters an external host which offers TLS. When one does, your server will attempt to negotiate a secure channel and you will see a similar SSL keyfile read debug trace at the Domino console.

Remember to set notes.ini SSL_Trace_Keyfileread=0 when you have finished.

Finished. That wasn't difficult or expensive and it does offer some real security benefit where the supposed security benefits of many other common practices around Internet mail are wholly illusory.

Technorati Tag: Show-n-Tell Thursday SnTT

Whom God Would Destroy by Commander Pants

Gregg Eldred — Tue, 23 Feb 2010 22:49:07 -0400

I have to think that I am lucky. Over the course of the past year, I have been introduced to quite a few new authors. Where I was once hesitant to take a chance on a new author, I now relish the opportunity to delve into characters and writing that is fresh, new, and, in almost all cases, original and funny. When the author, Commander Pants, contacted me to review his (I assume) novel, Whom God Would Destroy, I welcomed the opportunity. This novel builds to an amazing and satisfying climax and will provide the reader with quite a few things to ponder over several days, after turning the last page.

God returns to Earth in the person of Jeremy. Jeremy runs a New Age store in Ripley, Massachusetts, touching the lives of anyone that comes into contact with him. One of those people is Oliver, an outreach counselor for a mental health organization. Most of the people that Oliver knows are on some kind of medication, and it is his job to help his charges to function in society. His clients have a variety of mental health issues and each must be dealt with in their own way. One, Doc, believes that aliens have implanted a device in his brain to communicate directly with him. Another, Abbey, has a multiple personality disorder. And then there is Greg; as the author states "Rhyme and Reason" are not on speaking terms with him. Weaving through the novel is Jeremy, who has returned to Earth to check on humanity and deliver a new message, since all of his earlier missives have done more damage than good.

On the surface, Whom God Would Destroy is a very entertaining novel. There are enough characters to keep the readers interest without overloading the book. As the majority are in some aspect of the mental heath community, Commander Pants has plenty of comical situations with which to play. Of the characters, only Abbey and Greg cause the reader to think about the action and the dialogue as they are difficult people to grasp due to their "issues." The others flow naturally and easily. Jeremy, while reviewing what worked a few thousand years ago to get a crowd worked up, adapts to the new mediums of communication to promote his message and recruit some disciples. This is a character that could have been given more time in the first half of the book. He is a great character. Don't worry, Jeremy is provided ample time in the second half. He has quite a bit to say and explain. All of it, thoroughly engrossing. This novel is a fun read; who would have thought that aliens love McDonald's Big Macs? It is only after finishing the book that you realize that Commander Pants has made some serious points; (over) medication of the mentally ill, our core belief system, the psychiatric profession, religion, human nature, among others. This novel will stay with you, long after you have put it down. While there are a few, minor editing mistakes, they do not detract from the overall enjoyment of this excellent novel from a very promising author.

Disclosure:
Obtained from: Author
Payment: Free

Technorati tag: book review Commander Pants