Changing the name of a server is a really, really bad thing

A couple of years ago we hired a new network admin to handle Windows servers and some routine Domino stuff, like registering users. He decided to change the name of our mail server from MAIL to Mail, then updated it everywhere he could find it. I never noticed the change, but I did notice we've had weird errors and never could figure out why.

After upgrading to Domino 7.0.2, resource reservations and the Out Of Office agent simply stopped working. Yesterday I finally noticed the name of the server was different on the Server doc than it was in the server's notes.ini, and I changed it back to the all uppercase spelling.

Voila! Reservations started working (some as far back as 2 years ago) and Out of Office agents started processing properly. I think having it "broken" for so long is going to cause some long-term cleanup problems, but it's mostly fixed now.

The moral of this story is twofold: first, only give admins as much access as they need. Second, don't try to rename a server by just changing its title on the Server document.

Alternative ways of accessing the Lotusphere 2007 keynote

I took the liberty of downloading the video and uploading it to Google video. You can download the full WMV here (294MB).

I did some sleuthing and found a couple of alternative URL's that are embedded in the page with the videos that you can use to stream the video directly to Windows Media Player:

mms://rx-lvl3-pa07.rbn.com/farm/*/ibmpdc/pdc/open/wmdemand/jan07/smarcus/lotusphere-v300.wmv
http://play.rbn.com/play.asx?url=ibmpdc/pdc/open/wmdemand/jan07/smarcus/lotusphere-v300.wmv

Either of those should launch Windows Media Player, breaking you free from the embedded viewer. You will not be able to save the file directly from WMP, and you still can't fast forward and rewind. If you want to do that you'll need an ASX ripper. I used SDP to get the video I uploaded to Google.

Lotusphere etiquette

Okay, now that the glow has faded it's time to get a little ugly. I ran into a number of rude and obnoxious behaviors at Lotusphere and it's time to educate some people on what is and is not appropriate.

1. Don't stop in the middle of the way. If you need to stop for any reason, step to the side. Next year I'll be kneecapping anyone fixated on a Crackberry who is standing in the middle of a walkway. You've been warned.
   
   
2. Don't walk and try to read your e-mail on a mobile device. You're only walking about 1/3rd your regular speed and it's extremely annoying to someone who has 5 minutes to get to their next session. Step to the side, read your so-important-it-can't-wait messages, then move on at a normal pace.
   
   
3. Be aware of your backpack. Those things are HUGE. Two people standing face to face, both wearing backpacks, are going to take about 6 feet of space when approached from the side. Do this in a hallway, or in the rotunda near the bar in the Dolphin, and it seriously restricts traffic flow. Also, when entering a row of people already seated your backpack is about face level and can be disfiguring. Just pay attention and be aware.
   
   
4. Always sit in the middle of a row. Sitting at the end just makes it more difficult for anyone else to get in, and you'll get disturbed as people come in. Move to the middle and make it easier on everyone.
   
   
5. If you are in a session and you're staying in the same room for the next session, move to the far side of the room. Like #3 above, this just makes it easier on everyone.
   
   
6. Seats are for people. As much as your backpack might tell you it wants to see Nathan's riveting session, it doesn't really need to. The same goes for water bottles, laptop cases, notebooks, folios, and other accessories. Don't listen to them.
   
   
7. Unless you're on stage, don't talk during sessions. Nobody paid $2,000 and traveled hundreds of miles to hear you.
   
   
8. Turn off the beeping/chirping devices! I wish they could implement a system like hospitals have that disables them.
   
   
9. Don't take or place phone calls during sessions. Yes, I heard this several times. If you can't sit for an hour without talking on the phone, please just stay home. Not only are you not getting much out of Lotusphere, you're likely to get assaulted by someone near you.
   

That's all for now. I'm sure I'll come up with some others, but those were at the top of my list.

-- Mr. Manners

Lotusphere 2007 Wrapup

From the Lotus side of things this year was very different than last for a number of reasons. First, the message from Lotus was from Lotus. I read on another blog that there was not a single IBM logo present on the opening or closing sessions. Second, they focused on what is important: their products and their customers. There were a couple of shots taken at the competition, but the overall message was about Lotus' own offerings and how they extend business value. I already bought the Lotus collaboration vision, I don't need to be sold it again. And if I do, there were sessions that would help me, but it wasn't pervasive.

This latter point hints at a larger change in mindset at Lotus. Until now it seemed like Lotus had a hard time accepting the fact that they are a market leader, and as a result they were constantly attacking. Overall they are leading the pack, their customers believe in their vision (hence the 8 quarters of sustained growth), and it finally seems like Lotus got it. There is no need to apologize or compare, all you need to do is deliver what you promise and the rest will follow. As Mike Rhodin said in his opening keynote: "When people deliver what you need when you need it, big things happen."

With regards to sessions there were some deep dives, but in general there was much more focus on end user usability and usefulness. This mirrors Lotus' own new focus on those two factors. I think the productivity editors and composite applications are going to drive a whole new class of applications that are going to empower users to be productive in ways they never imagined.

The only disappointing part was I still don't think Lotus gets what a SMB is. Much of the upcoming architecture is going to require skillsets that SMB's are going to have a hard time affording. Installation of products other than Domino still isn't as easy as it needs to be. Websphere Portal Express shows it is possible, but even it is at a price point where no one with less than 1000 users is going to be able to seriously consider it.

If you don't like sappy stuff, skip the following. :-)

For me, personally, this week has been one of the most uplifting experiences in my life, and it is directly attributable to my own participation in the community. Last year Lotusphere was all technical for me, and I came back with some great information. This year was still primarily about the content, but there was an air of camaraderie that was only possible because of the blogging community. I don't consider myself to be on the same level as many of you technically, and I was truly humbled to be accepted into the group so readily. Many of you are luminaries in our community and to have you genuinely interested in meeting me and talking to me -- me! -- was a little overwhelming. Thank you all for being genuine, warm, and friendly people.

Lotusphere 2007 - Day 5

I'm typing this from bed, curled into a fetal position. As long as the vorpal bunnies stay on the dresser I think I'll be okay.

BOF508... the blogger thing

I arrived a few minutes late, thanks to the phone system at the Swan not giving me a wakeup call again. Or maybe I just missed it because I only had about 2 hours of sleep. Anyway...

The session was great, with a lot of good input. Someone asked Ed what was on the horizon as far as vision for IBM (that's a summary). That was discussed a bit, then Ed turned it around and asked what we had seen that we really felt was innovative and would have an impact. At the time the discussion was about the stuff coming out of the IBM Research, which is amazing, but it struck me that everything I had seen so far that's being delivered in Notes 8 would have an impact. Composite apps (which DO NOT REQUIRE PORTAL), usability enhancements, the productivity editors... all that, added up, is like Notes is a completely new product. It's innovative and it will absolutely have an impact.

AD509 - Using web services features in Notes and Domino

This was one of the sessions I most wanted to sit in on. I need to get started with web services, but I didn't really have time to read through the documentation and figure it out on my own. This session provided some cookbook style instructions for getting started, as well as some of the pitfalls to watch out for. Unfortunately I wasn't coherent enough to take many notes, but here are the high points I did write down:

• You can code web services in either LotusScript or Java
  
  
• For Domino 7 it is a publisher only. Notes and Domino 8 can both consume web services. More on that in a bit.
  
  
• There is a Web Services Explorer plugin for Eclipse that lets you interact with web services. This is a great way to test them.
  
  
• Include "lsxsd.lss" to get the XML schema types, fault classes and holder (in/out parameters) classes.
  
  
• Web Services and session based authentication - Web services only respond to HTTP error messages, they don't process HTML forms. Starting in Domino 7.02 you can work around this by creating an Internet Site rule of type "Override session authentication" for the pattern "?OpenWebService". This does require Internet Sites be used for the server running the web service.

New Features in Web Services in Notes and Domino 8

• Both Notes and Domino can consume web services. This is HUGE!
  
  
• Changes to default properties of web services - message format has been changed from RPC to Document/Literal SOAP Message Format. Also, there is a check box to include operation name in SOAP action. I don't remember why this is relevant, but people clapped so it must be a good thing.
  
  
• Interoperability - Literal encoding of arrays. Again, I'm not sure what this means, but people clapped. Also, support for the XML schema datatype element has been added.

In the future

• Web services API for mail and calendar. This will let you use web services to get a user's mail and calendar information, opening that up to pretty much everything on the planet.
  
  
• Work being done on Web Service security
  
  
• Conforming to the WS-I (interop) standard
  
  
• Data type enhancements
  
  
• Validation

BP312 - Trap and manage your errors

Download OpenLog from OpenNTF. It includes everything you need to log your LotusScript and Java errors to a Notes database, instead of just using local logging via the NotesLog class. Version 1.5, which is in beta and will be released shortly, allows you to log JavaScript errors. That's simply amazing. And you can integrate your OpenLog error logging with Domino Domain Monitoring, so your admins can see when your apps are generating errors that might affect server performance. This is an incredibly slick tool, and I'm already cooking up some ideas for making it even slicker.

I picked up way too many side projects this week.

Lotusphere 2007 - Day 4 - Animal Kingdom

For the Animal Kingdom outing Robert, the coordinator of the Over the Rainbow group, asked us to meet at the Dolphin. We started out with 5 in our group, lost one before we made it to the bus, picked up a few more, and I think at one point we had 8 or 9, including a couple of "token straight guys". At least one person had seen my posting about our group here and e-mailed me and was able to find (!) and join us while we were there.

Everest was great, there are some pictures of face painting that I'll need to get permission to share. Matt the 5-Eyed Man is a sight to behold. It rained a lot, we all got wet, and some of us hung out at Jellyrolls until way too late.

The event was so successful that I think Robert is going to try to do it again next year. If you want to be included on the distribution list, let me know and I'll forward it on. Oh, and thanks to everyone who has been supportive of this endeavor. For some people it's a touchy issue, and I am sensitive to that, and I'm also a little overwhelmed that so many people asked me how our little group was doing.

Lotusphere 2007 - Day 4 - Speedgeeking

This was simply amazing. 12 stations, 5 minutes at each station, and a veritable inundation of incredibly cool and helpful but overwhelming information. Ben Langhinrichs has already blogged about what was covered, so I won't repeat it here.

My favorite demo was from two brilliant guys from the University of Paderborn in Germany. They're offering a free implementation of something like Activities that's all NSF based. It's using the composite application framework so it's only available for Notes 8, but it's really really cool. They said they'd have it posted when the Notes 8 client goes into public beta next month.

For those of you who didn't attend, there was also an open bar! I overheard one of the organizers saying they didn't announce that because they only wanted the people there who really wanted to be there. So you lost out for not hiking 1/2 a mile in the rain.

Hats off to Rocky Oliver for coordinating this event, and to all the presenters. You showed some incredibly cool stuff. I can testify first hand that both Paul Mooney and Bill Buchan can talk every bit as fast as Chris Miller. The only difference being that neither Paul nor Bill are intelligible when talking as fast as a native New Yorker. :-P

Microsoft Transporter Suite

I got this in my e-mail on January 22nd:

This e-mail is being sent to all current beta members of the Transporter Suite for Lotus Domino:

Today, Microsoft publicly announced the Microsoft Transporter Suite for Lotus Domino to make the transition from Lotus to Microsoft easier.

Today we are also are opening releasing a Public Beta of these tools. The public beta software was placed on the Microsoft Connect site and is now open for anyone to participate.

You can simply download the software from the 'Download' page. If you have any feedback or problems with the beta please use the 'Feedback' link within connect.
Also, we have started to blog about this release on our blog site: http://blogs.technet.com/collabtools/default.aspx


plus Channel 9 has a demo of the tools: http://channel9.msdn.com/go/mscolab/transporter !!!

I'm downloading the video now, but it's 290MB and I'm only getting 8KB/s, so it's going to take a few hours. When I get back to the office and things are less crazy I'll give the Transporter a try myself.

Favorite quotes from Lotusphere

"But it's a fun death march." - Gabriella Davis

"We're running out of time so we'll just say this: xACL BAD!" - Gabriella Davis

"When people deliver what you need when you need it, big things happen." - Mike Rhodin

"I like the sound of that: Office, obsolete." - Mike Rhodin

"What the hell is a foo? Is it married to bar?" - Rocky Oliver

"We've got to manage change in a way that doesn't drive us insane or make us attack someone with an axe. Because that's messy." - Bill Buchan

"If you didn't raise your hand you're in a world of pain." - Bill Buchan

"Marketing - ooh bicycles!" - Bill Buchan

"Your colon has an entirely different purpose we won't discuss here." - Nathan Freeman

"I'm not psychotic this time." - Andrew Pollack

"I really wish we had -R in DOS. We could really have destroyed things." - Andrew Pollack

"My blubber hurts." - Matt the 5-eyed Man

Rob McDonagh - "I think that's a little harsh, don't you"?
Julian Robichaux - "No."

Lotusphere 2007 - Day 4

Just one more day then my brain can quit crying.

BP308 Leverage DXL and OOP to build powerful tools

Mikkel Heisterberg showed a demo of creating an image resource via DXL, and also embedding a picture from the file system into a NotesRichText field. It was pretty slick, and the most important thing I learned was that with image resources there are control blocks in the Base64 encoding. Mikkel said he blogged about this and there are some comments from Ben Langhinrichs that explains why it is that way, so head over there and check it out if you're interested.

He also spent some time going through is excellent lsdoc application, which is like Javadoc for LotusScript. This was a bit esoteric, and oddly enough it mostly focused on applying design patterns to Notes development. I would have liked to have seen more code, but I can download that myself so it's not such a bad thing.

BP403 Moving Domino to Linux

This was mostly fairly high-level linux admin info, which was helpful to me because so far I've just dabbled in linux and Googled to learn stuff. Actually having a living breathing person explain it was a good thing. The key takeaways:

• Compiling your own linux kernel is a good thing. It optimizes the build for the current hardware. If you download a prebuilt kernel it's completely generic.
  
  
• chown notes:notes /local/notesdata/* - This sets the owner and group for all items in the Notes data directory to the notes account.
  
  
• chmod 664 -R /local/notesdata/* - This sets the proper permissions on everything in the Notes data directory.
  
  
• ps -af - shows all running processes and what spawned it
  
  
• The Domino cache is not case sensitive, but Linux is. If you have a file in your /domino/html directory called FILE.txt and you access it with the URL http://server/file.txt, you will get a 404. However, if you do load it properly by going to http://server/FILE.txt, any later references to file.txt will resolve. Obviously this can get ugly in the case of you having a bookmark to the correct URL and someone else typing in all lower case. They call to say it doesn't work, you open it, and then it works for them. Later when the cache has emptied, it no longer works for them, they call, and the insanity repeats.
  
  
• You have to install Domino as root, but you can't run Domino as root. If you use su to switch to your notes account then try to load Domino you will get an error about Display permissions. The moral of this story is that after installing Domino, log off and log back on as your notes user before starting Domino.

AD301 - Calendar and Scheduling 101 - Integrating Notes C&S into your apps

Read the slides. That's what the presenter did. And that's all I'm going to say.

Lunch

Over lunch I had an extremely interesting conversation with one of the hardware people working in IBM Research, and following that another very enlightening conversation with one of the Sametime developers. The gist of the conversation I was having with both gentlemen was this use case: A user pulls up his Sametime contact list, selects someone, and does click to call. Using SIP, I hand that call off to my PBX, and redirect it to my IP hardphone. Basically all I'm doing is using Sametime as an electronic phone directory. This is doable today using a Sametime conference server and about $40K worth of add-ons from Avaya, Cisco or Nortel. The reason it's so heavy is the Sametime client doesn't include any client-side SIP interface.

There is a light at the end of this tunnel! A client-side SIP interface will be added when Sametime 7.5.1 ships later this year. I wish I had caught the names of the two gentlemen I spoke with, I'd like to publicly thank both of them for embodying the spirit of "It revolves around you". If I find out who they are I'll give them a shout out.

Meet the Developers Lab

In Rocky Oliver's presentation about writing maintainable code he referenced a specific use case where he had to use a work around, and he said the underlying problem was fixed. I have run into the same issue, and in my own experience it is not fixed. I posted this previously, but here's the scenario:

You have a NotesDocumentCollection, and you step through it thusly:

Set doc = dc.GetFirstDocument
Do Until doc Is Nothing
...
Set doc = dc.GetNextDocument(doc)
Loop

I'm sure we've all done this, and there's no problem for most applications. The problem is this leaves very document in the cache, which purges itself periodically. For very large document collections that iterate rapidly it can load so many documents between purge intervals that it can severely degrade performance and potentially even crash the server.

This is what Rocky said was fixed in 7.0.2, so I took the time to stop by the Developer lab and asked Andre Guirard. According to Andre there has been no change in this behaviour. It is still recommended that you use Delete inside the loop when you're dealing with large NotesDocumentCollections. Personally I always put it into every NotesDocumentCollection loop. It doesn't hurt anything, and in the off chance you have a larger than expected collection it won't degrade server performance when you process it.

UPDATE: I spoke with Rocky briefly before the SpeedGeeking event, and he said he would discuss this in more depth with Andre. Hopefully I can get to the bottom of this and put it to rest once and for all.

BP204 - Integrating OpenOffice.org

Every day so far there's been one session that made my brain whimper. First it was Paul Calhoun's Java jumpstart, then it was Andre Guirard's New and Next in Domino Designer, then it was Nathan and Chris' Interface Matters... today, that award goes to John Head and Alan Bell for the stunningly brilliant work they did integrating OpenOffice.org and the forthcoming IBM Productivity Editors into Notes applications. The samples and slides are available from the blogs, but here's the idea in a nutshell:

• You can control OpenOffice.org through COM automation, much like you would Word or Excel.
• OpenOffice.org is much, much simpler to work with and Alan is providing free LotusScript classes that will handle all the heavy lifting for you. That's the biggest part of the battle!
  
• The code you write to work with Notes and OpenOffice.org will port over to the IBM Productivity Editors, with a major caveat. The current version of OpenOffice.org is 2.1 IBM used version 1.1 for the Productivity Editors. So, as long as you don't do anything that won't work in 1.1, it'll work in the Productivity Editors.

And why would you care about any of this? I'm glad you asked!

• Many businesses export Notes data to Excel to create graphs. You can very, very easily build the whole thing on the fly for users. Also, you can easily copy NotesRichText formatting to OpenOffice.org components. No more using DXL exports or stepping through Rich Text CD records!!
  
• You can also do dynamic mail merges. A user checks of a few customer records in your CRM, clicks a button, and it dynamically generates "thank you for your business" documents. No mucking about with NotesRichText!!
  
• And, you can just pass a set of arguments to the OpenOffice.org objects and they'll generate a PDF from any document.
• Finally, OpenOffice.org is free, stable and available for Windows, Mac and Linux platforms. It is very feature rich and compares favorably with MS Office. One serious limitation is the inability to convert MS Office macros, which is honestly what prevents us from using it.

OpenOffice.org is seriously cool, and worth looking at. Since Writer, Calc and Impress are coming bundled with Notes 8 it can really keep your users in a single environment for everything.

Down time

I finally had enough. I just couldn't do another session. Exhaustion and fatigue are setting in. Next up... SpeedGeeking at 5:45, which I'll blog about separately.

Stan's ordeal

I'm sure most, if not all, of you know who Stan Rogers is. He updated his blog on December 28th and gave more details about his situation. If you didn't catch the update, it's absolutely worth the read. It's a testament to the resiliency of the human spirit.

In case you don't know, Stan is a guru on so many things Notes and Domino. He has done an extensive amount of work with Javascript and web development, and there doesn't seem to be much that he doesn't know. He has contributed very, very heavily to the developerWorks Lotus forum (formerly Notes.net). Late last year, Stan had a meltdown and spent some time in a mental health facility, and he has been very open about that on his blog.

It's at times horrific, but I sincerely appreciate his willingness to share his experiences. When you blog there's always the fine line between telling people enough about your personal life so that you don't come across as a code-spewing robot, and telling people so much it makes them uncomfortable. Given the circumstances I think Stan has handled his situation beautifully and poetically.

Lotusphere 2007 - Day 3

Today started out with a missed wakeup call, so I missed breakfast, the BOF on designing user interfaces, and a session about coding web services clients. Damn.

AD401 - AJAX frameworks

The bulk of the discussion centered around Dojo. Dojo is a unified open source DHTML toolkit written in Javascript, HTML and CSS. The big thing is there are no server-side dependencies, and it works on IE 5.5+ and Firefox 1.0+. Using Dojo with Domino is really simple:

• Extract the dojo package into your server's domino/html directory
• Add a script tag referencing dojo.js to your Domino design element (form, page, etc.)
• Call the functions

And at this point they changed speakers. The second guy had such a heavy accent I could only understand about 1/10th of what he said. He seemed to know what he was talking about, I just couldn't comprehend him at all. Looks like this is a session I'll be reviewing the slides for.

BP301 - Advanced Object Oriented Programming for LotusScript

The main thrust was showing how inheritance can be used to create elegant object hierarchies. Personally I don't find that very advanced, it's fairly standard OOP practice and I've been doing that since LS finally got classes. I did glean the following nice tidbits:

• When debugging you can use Getthreadinfo(11) to return the name of the class that generated the error. Getthreadinfo(10) will give you the name of the function that the error occurred in.
• LSI_Info(14) will return the full call stack. I think this only works on Notes 6.5+, but it might go back further.
• A common practice is to put each group of classes into its own script library. When you reference script libraries on a form, they all get loaded before the form will display. This can take a noticeable amount of time. You can dynamically load only the script libraries you need at a particular point in time by using the LotusScript statement Execute. I hadn't heard of this one before. Unfortunately Bill was running short on time, so you'll have to check the presentation for the full details. He said he would post it on his blog shortly.

ID102 - Designing a world class user experience

This was Mary Beth's session, and it was great to get a behind the scenes look at what they did to come up with all the new stuff. One of the cool things was they identified their five large core audiences, found out what the most popular magazine was for each, then cut pictures out of them and made a collage. They then presented these to users and asked them to pick. What they ended up with was the color palette and some good guidance for the UI as a whole. They also went into detail about how they defined a "world class user experience", and all the components that went into it. Really really interesting stuff.

Here are some nifty takeaways about Notes 8:

• If Notes crashes you won't have to reboot to reload it. I'm sure everyone reading this knows how to kill the processes or uses some utility to kill them, but this is a great step forward in usefulness.
• Preferences are unified. No more trying to explain to you users that some preferences are in Files > Preferences > User Preferences but others are in Tools > Preferences.
• Find free time was cleaned up. Each person, room and resource has a check box so you can choose to include or omit them from the free time search. This means if there is someone whose schedule you don't care about, you can not have their availability affect the overall free time search.
• I think Mary Beth misstated this, but on the off chance it's correct I'll repeat it anyway: If you send someone an Internet e-mail, and that person is also on Notes 8, message recall will remove the message from the recipient's e-mail. Quite frankly, that scares the bejeezus out of me if it's true.
• Synchronize Contacts is an entry on the Replicator!!
• The Workspace still doesn't roam. BUT -- if you click the Open button there is an entry for Applications, which is analogous to your Databases folder, and your Workspace tabs are listed as folders. This portion does roam. Why they can do this but they can't figure out how to copy desktop6.ndk around is anybody's guess.

AD303 - Extreme Makeover

Nothing extreme, in any sense of the word, was shown. It was all very high level and nothing went into any depth. He showed adding HTML tags to a Notes form, then adding a stylesheet. That's covered in Designer help. I was looking for something a little more out of the box.

BP101 - Why your interface matters

A simply amazing and jaw-dropping display of some of the most amazing Notes client UI's I've ever seen. I use a lot of the techniques shown individually, but I've never had the time to wire them all together. Seeing what you can do with that makes me want to start, though. A particularly funny moment was when Nathan showed using a table border (the box with the drop shadow option on it) to put whitespace around a table, giving it padding. I've been doing that for years, but apparently it was an epiphany for most of the crowd. But then, I'm not Nathan's target audience of "straight white males". :-)

One thing Chris pointed out, and it definitely bears repeating, is that designing a good user interface is hard and it takes longer, but it is worth the effort. I think Nathan also said that he thinks our job is to make the user's life easier, not our own, so the work required is worth it. It's a sentiment I definitely take to heart and it's good to see some other people putting the users first.

Here are some good tips I picked up that I plan to start using:

• Make the data stand out. Most people put darker labels and lighter data. Nathan has the concept of making the label a lighter color, like a dark gray, and the data 1 pt larger and a darker color, like black. This makes the data stand out, and I think it's a great idea.
• Put key info into the form header. On a Memo form the top part with all the address info is actually in the form header. The Body field is on the bottom portion of the form. You can do the same thing, which means the lower section of the form will scroll, leaving the header in place with key info stationary in the header.
• Use caption tables to give users expandable sections in Notes. The UI for them is a little strange to me, but I can see that they can be useful.
• Not all databases need user-facing views. You can give users other methods of accessing data, such as layers with a Z-order to simulate popups. I've done similar things from VB, so seeing an implementation in Notes really made me happy.

Nathan also demoed a site called colourlovers.com. This lets you search by tag for a palette of coordinated colors you can use in your apps. He showed a tool he created that uses image resources to show you a quick sample skin of what it will look like. And wow, it's already available!

BOF507 - OpenNTF

It really really sucked having to hike from the Dolphin all the way over to Yacht & Beach for the BOF, but I did it and I'm glad I did. I'm horrible with guessing crowd sizes, but the room was full and I'd say there were at least 60 people there. One topic that kept coming up was transforming DXL and updating UI elements. Nathan has the idea of using it to aid in making apps multilingual. Andre Guirard wants to use it to build an extensible (Nathan suggested wiki-driven) best practices rules engine. Tim (forgot his last name) wanted to use it to change action bar attributes on all the views in a database. Which, incidentally, I'm already working on.

There was also discussion of audience members using the Quick Elementer project, which lets you easily copy design elements between databases, and Qenos Workflow, which is a full-featured workflow framework.

Suggested updates to the OpenNTF site included a way for chefs to request specific help, such as a designer, tech writer, or Java/LotusScript/JavaScript/Web guru. Another suggestion was to make the documentation page a wiki, so the community could document the projects. That's an incredible suggestion. I've spent the last two months working on !!Help!! documentation, and it's a tough uphill battle. Just getting it set up and configured so I can document it is proving a challenge. I'm sure that someone who actually uses it would be able to document it much more easily and better than I will.

gobsmacked

During the keynote today there was the discussion of blogs. Up came a slide that had a fanned out series of screenshots of about half a dozen blogs. Here's one of Alan Lepofsky's pictures of this.


Here my blog is barely visible on the left side, but during the event it was much more plainly visible. I was utterly speechless to see this up on the screen.

Lotusphere 2007 - Day 2

Hold onto your seats, this is going to be a vertical climb.

Opening Session

Yes, the speaker was Neil Armstrong, no I didn't like the band. Now that we have that out of the way... This year's theme is "It Revolves Around YOU". 2006 was the best year ever for Lotus and they have experienced 2 years of double digit growth. To quote Mike, "When people deliver what you need when you need it, big things happen."

Neil's monologue was engaging, interesting and compelling. He spoke of his career that led up to the moon landing, and said role was that of a simple technician: his job was to install mirrors on the moon to measure its distance from the Earth. I sure didn't know that, I thought it was a macho "let's get there first" response to the Russians launching the first satellite and doing the first space docking. Near the end of Neil's speech he was discussing the effort involved in doing something well, and continuing to do so: "There is little satisfaction in achieving the easy goals." I'll be sure to keep that in mind.

Two new products were announced: Quickr and Connections. According to comments on Ed Brill's blog, Quickr 8.0 will replace QuickPlace. I find that particularly interesting since QuickPlace 8.0 was either announced or released during Collaboration University back in September. The demo of Quickr was boring until they showed this:

• Create a new memo
  
• Open the sidebar in Notes 8
• Select your Quickr file library
• Drag a file to an e-mail
• Send it to someone
• You're asked whether you want to send an attachment, or just a link to the document in your file library
  

That's freaking HUGE! My world is rocked! Now you can have common repositories of documents that all users share or users can have individual repositories, and just share them through Notes. And Quickr just stores links from the file system to the files, so even if you edit them without going through Quickr, Quickr will only give out the most recent copy. It makes the process of creating a link to a file system document in Notes doable by mere mortals. I'm really looking forward to this.

Connections, I just don't get. It's "social networking for business". Umm.. okay.. whatever. The only thing that interested me is Activities rolls up under Connections and so does Dogear. More on that later.

Quickr Personal Edition is being made available for free to all Notes and DWA licenses under maintenance when Notes 8 is released. Likewise, Lotus Component Designer is included in the Domino Designer entitlement. More on that later, too.

Websphere Portal Express 6.0 was also announced. Supposedly it can be installed in under an hour, which is a tremendous improvement over the several days it used to take. Apparently it's severely limited in what it can expose and consume, but it might be worth looking into.

Everyone on stage was extremely careful to NEVER mention "Eclipse RCP". It was always referred to as Lotus Expeditor, which helped cement what it is. It's just the guts that runs Notes, and you can license it standalone too. I'm not quite sure of the use case for that, but whatever works for them.

AD102 - What's new and next in Domino Designer

Notes and Domino 8 are web service consumers out of the box. Andre Guirard demoed creating a LotusScript script library, importing a WSDL file, and it automatically created LotusScript functions out of the XML. Very, very cool stuff.

NSFDB2 includes what's called DB2 Federated Data. This lets you put non-DB2 data into a Domino Database Access View. This is interesting because now you can take, say, your Oracle data on products and surface it directly in Domino without having to import the records into Domino or set up DECS or LEI.

There is now an OnSelect view event!! It fires after every document selection in a view, and you can write your code in LS! YAY!!

Most of the new features are only available if you're running composite applications, which requires the Expeditor-based client. You can create a new composite application by creating a new database and selecting the template - Blank Composite Application -. You can retrofit an existing application by using the new Launch option Launch as Composite Application. For Notes 7 apps that you want to launch as composite apps in Notes 8, there is an additional set of properties. Sorry, I missed them, Andre was going about Mach 3 by this point.

• Thread Views - This lets you define a column as expanding and showing a related view. So, for example, you could have one view that shows records from your Items forms and when you expand it, it shows entries from your Orders view. There's still some wiring that ties the two together, but you no longer have to build huge forms with every possible field, you can tie together related data much more easily.
  
  
• View Property: Viewers - This lets you choose possible orientations or layouts for your view. The standard is Table, but there is also a Tiled version, which is what the business card layout in the new Address Book database is. The list of Viewers is not a dialog or selectable list, you have to know what the possible options are. Andre suggested pulling apart the existing code to find them. Yikes!
  
  
• Column Properties - You can specify column wrapping, so if the screen isn't wide enough the columns actually snake around, and you can also specify ANY column to expand as the screen width expands. Currently it's just the last column that can do that.
  
  
• Action Bar - Split action with subaction buttons. If you click the large portion of the button it executes the first entry in the action list. If you click the dropdown side of the button you get a list of all the subactions.
  
  
• Partial Response Hierarchies - A response without a parent will be displayed as a main document. I'm not sure what the use case is for this, but lots of people applauded so I thought I'd mention it.
  

The following enhancements are in Notes 8, but don't require a composite application:

• Action Bar - Disable default actions in context menu. That's right, you now have complete control over what is in the context menu!
  
  
• View Column property - Defer index creation until first use for columns with click sorts. This prevents the click-sort index from being created immediately.
  
  
• RichText Light - Thumbnail content option, will automatically scale a picture you insert.
  
  
• Agent Trigger - On server start, to run an agent when a server starts.
  
  
• Database property - Don't allow simple search. This affects how the server behaves when users execute a search on a database without a full text index. Instead of churning forever then returning the "there is no full text index" error on the console, it will notify the user that it can't do the search.
  

Blogger Q&A

The only person on the stage I knew was Mike Rhodin. In the audience was Julian Robichaux, Bruce Elgort, Ben Langhinrichs, Bill Buchan, John Head, Sean Burgess, Chris Miller, Chris Byrne, Volker Weber, and several others I didn't know. I apologize to anyone I left out, I just don't know your name! Ed Brill and Alan Lepofsky were also in attendence. We were joined by two people via teleconference and I didn't write down either name. During the intros of Mike and crew one of the people on the conference call asked how to spell Mike's name, and the room erupted in laughter. If you don't know who Mike Rhodin is, why the hell are you here?

Mike started out with about a 5 minute re-hash of what he covered in the Opening Session, then took the first question. Julian Robichaux asked about Activities and how that is being delivered from a technical perspective. It was discussed as part of Connections during the Opening Session and he wanted clarification. What followed was a 10 minute monologue by Mike that didn't really answer the question.

The only thing I gleaned from it is that Domino, Sametime, Portal, Connections and Quickr comprise the Workplace strategy. Within each of those there are additional features, such as Connections containing Activities and Dogear. In the case of Connections, when you license the higher-level product you get all the underlying functionality. Don't quote me on that, but that's how I understood it.

Next up was John Head, who asked about simplifying Web 2.0 technologies for Domino developers. Again, there was no clear answer. Different people on the panel discussed what was being delivered in Portal, RAD and Lotus Component Designer, but nobody really said much about how that applies to Domino developers.

The next question was from Ben Langhinrichs, who asked about the relative complexity of implementing some of these new products. He pointed out that Eclipse moves on its own release cycle, as does Java. What was Lotus doing to insulate their products from developers who deployed other tools built on these products. The answer is Notes 8 and Sametime 7.5 are both fully self-contained. They have their own highly optimized JVM's built in, and all the code is already compiled. Finally, a relevant answer!

And then we were out of time. Mike agreed to take one more question, and Chris Byrne brought up IBM's extremely visible presence in Second Life. Chris has blogged about his distaste for this in light of the questionable content in Second Life. I appreciate Chris' interest in this, but I really don't think this was the proper venue to address the issue because nobody else in the room particularly cared. It's like that one person during Gurupalooza who asks some nitpicky environment-specific question.

A few more things I got out of the ramblings was Mike's views on the high-level vision for Quickr and Connections. Quickr is about content: files, Notes documents, chat history. All those things users need to archive and find. Connections is about people, and tying the Quickr data to them: Activities and Dogear. He also commited to delivering everything that was discussed by the end of 2007, and a public beta of Notes 8 next month.

AD502 - Writing maintainable code

Okay, I'll admit it. I write some pretty horrible code. Most of you have seen it. No comments and little attempt at explaining what's going on. I'm a solo developer, why on Earth would I need comments? After sitting through this session, I'm very, very ashamed.

Here are some of the suggestions Rocky presented:

• Name things in a way that is self-documenting. This is largely common sense, i.e., don't call variables var1, and use Option Declare. However, it got a little more subtle. How about naming script libraries so you know what they are when you use them? Such as LS.Person.FE.6. This is a LotusScript library, related to the Person form, it's Front End, and it's for Notes version 6. Now that just makes too much sense. He had a similar set of recommendations about most design elements and it is rather lengthy, so I won't go into them here. You can download the presentations from the developerWorks Lotus Sandbox after Lotusphere is over.
  
  
• Comment your forms and subforms. Include a section at the top of a form that identifies the Purpose, Comments, Uses, Used By, and Edit History. Again, another *duh*. A suggestion for subforms was to include a delimiter at the top and bottom to show where it starts and ends. This is so you can tell what's a subform when you have it embedded in a form. Something like this:
  
  >> Begin Subform
  [subform layout stuff]
  >> End Subform
  
  Again, simply brilliant in its simplicity.
  
  
• Create script libraries for field events. This one is less obvious, but it makes a lot of sense. Instead of stuffing hundreds of lines of code into a form's events, create a script library with the same name as the form, then functions to correspond to the form's events. Then on the form just reference the function. This makes it much easier to know which events have code behind them, and you can edit it without having to modify the form.

Meet the Developers Lab

A while back I played around with the Lotus Component Designer. I did a little more tinkering after that post and I mostly figured it out, but I was still left wondering why it was relevant to me. I don't use Portal or really have a use for it, and deploying LCD to WAS CE just gives you a browser interface. I saw a little more about composite applications in the past few days, and it hit me: What if I could use LCD to create a component, publish it on WAS CE, then surface it in a composite app? I would get all the goodness of working in an Eclipse-based IDE, I'd be moving toward a Java-oriented environment, and I'd have some more options available when I create composite applications.

Sadly, that's not possible. In order to wire LCD components into a composite app you have to run it through Websphere Portal. Said another way, LCD is useless unless you also run Portal, or you're satisfied with just a web interface. The only path for getting LCD components into Notes 8 is to use Websphere Portal. Bummer.

The guys in the Meet the Developers Lab did describe a process where you could create a ZIP file of your component, unzip it on a web server, then send people a link to install it into Notes 8. But then you can't manage the application. When you do ANY update you have to send the users a link to download the updated component. I'm noodling the possibilities for working around that.

I spoke with Peter Jantzen (hope I spelled that correctly), the product manager responsible for this area, and he said they're trying to find the right approach. I think this is one of those disconnects between IBM and their customers. I'm a fairly small Domino shop (200 users) and I really have no use for WAS or Portal. However I do want to use LCD because, quite honestly, I have no idea when Domino Designer will stop sucking and I'm tired of dealing with it. Designer on Eclipse (which I saw demoed today) won't be available until post-R8. Nobody will commit to anything so it could be 8.01 or R10. It looks like my only option is to just deal with it, or migrate to something else.

Lotusphere 2007 - Day 1

I'm taking a break between festivities, so I'll try to make this short.

My first session was JMP102, a Domino Domain Manager Jumpstart, and it was awesome. DDM was introduced in Domino 7 and it's an extension of the events4 database. It gives you the ability to send targeted probes if, for example, the ACL on your server's names.nsf changes. Very, very cool stuff. I had read the Redbook about it, but never had a chance to really try to piece it all together. This session did an amazing job of putting the pieces together. (That was a theme that would be repeated throughout the day.) At one point the presenter made the statement "Here the view icons proceed from calm green, indicating everything is okay, to oh-my-goodness red!" Take that, Notes 8 design team. ;-)

My second session was JMP403, a Java jumpstart. For the past couple of months I've been trying to wrap my head around Java and I've been stuck just trying to get a handle on Eclipse. Once again, this session did an incredible job of putting the pieces together. Now I get it, and I'll be able to take what I learned and apply it directly to my work when I get back. I have to say, Eclipse is pretty freaking amazing.

Next was lunch, and other than a total failure in planning it was fine. Believe it or not lunch was overflowed. I had to hike from the Dolphin to the Yacht & Beach Club, which was about 1/2 a mile, then stand in line with about 300 people. I barely made my next session, and I'll be stopping by the Lotusphere Information booth to let them know what kind of crap I think this is.

After lunch I attended JMP301, an AJAX and Javascript jumpstart. And once again, a lot of what I had read was put together and the pieces all clicked. I could seriously stop today and be so far ahead of where I was when I came here. The only question I still have is regarding running an agent and returning the results to the browser. I know it's possible and I know I've read some techniques, hopefully now that I have a better grasp on what's going on I'll be able to apply it. This is seriously huge for my company.

Last up was JMP104 - Domino Security A to Z. This was a good session, but in a different way than the others. It was a lot of tips and hints, and while it was mostly geared toward larger installations there are some things I'll be doing very soon. Like taking myself out of the Full Access Administrator field on my server documents, removing */org from Run Unrestricted Agents, and setting up a special signing ID for databases. I'm debating creating a separate ID to use for development, too.

After the last session finished at 6:00 I had time to run back to the room, freshen up, then head over for the welcome party. The food was mediocre to poor, but it was pretty cool to see all the people. I'm not much of a crowd person so I either stood by myself or wandered aimlessly for a while.

I finally worked up the courage and asked someone in a Lotus911 shirt if he knew where I could find Nathan Freeman. Lo and behold, Nathan was about 5 feet away. The next hour or so after that was a surreal and uplifting blur. I met Chris Byrne, Andrew Kelly, Jon Von, Bruce Elgort (and wife Gail), Chris Miller, and Bill Buchan. All of them are extremely nice guys and those who had seen my blogging were almost immediately supportive. That was a tremendous relief, actually. It's one of those things where I don't really know what people are thinking. I put my ideas out there and I don't get much feedback, so I don't know if people are silently nodding or sitting there thinking "what an ass". It's good to know there are some people who are like-minded.

I have to say that Bill's response to meeting me was a little overwhelming. Today was Bill's 4oth birthday and while the cake was served at the welcome party (pictures of the mayhem forthcoming), the real party is going to be at Jellyroll's. Bill was sincerely concerned that we were having our Over the Rainbow meeting tonight at Jellyroll's. He said that while the "culture and class would be a welcome departure", he didn't want to spoil our event. When he found out it wasn't tonight he was insistent that I come to Jellyroll's. I'm tickled that Bill was concerned about intruding, but even moreso that he was aware of our little group. I guess some people actually are reading this. :-)

Lotusphere 2007 - Day -1

Today was a "pre" day for Lotusphere 2007. I drove down from Charleston, listening to Bruce Elgort and Julian Robichaux' Taking Notes podcasts along the way, via my Monster iCarPlay Wireless Plus. I think in the 6.5 hour drive I made it through about 12 podcasts. I don't remember exactly how many, it was a long drive. Okay, now you know the answer to the question "just how weird is Charles?"

The most surprising thing I learned: either Julian or Bruce (give me a break, I listened to you guys talk for over 6 hours!!) didn't realize you could put group names in brackets in the ACL of a template and they would be copied to any databases based on that template. Whoever it was learned that from a SnTT post.

The most illuminating bit: John Head's explanation of what Workplace is now. There are no products labelled Workplace anymore except the stuff like Workplace blah blah For Business Controls blah blah, and the other related items that nobody uses. Pretty much everything else that used to be Workplace is now part of Portal. Workplace is just a concept being wrapped around all the "stuff" a business user needs to collaborate. Personally I'm hoping the BS of trying to pretend it's a "strategy" will be dropped and the term will fade into distant memory.

Finding the Walt Disney World Swan proved a challenge. The Google Map directions list street names but Disney doesn't put up street signs anywhere! You exit off the frontage road and you come to an intersection and you have no clue what road you're at. I drove around for 15 minutes or so before I finally saw the big swan on top of the building and just headed towards it.

Tonight's Over the Rainbow gathering had to be moved from 8 to 9 because Atlantic Dance Hall doesn't open until 9. Many thanks to Robert for arranging it, and it was a pleasure meeting Alex (who brought the token straight guy, Mike), Matt, and Lynwood (hope I spelled that right). In our small group we had admins, developers, IBM sales and a business partner represented. Everyone was represented and the only one ruthlessly maligned was the sales guy. What did he expect?

Tomorrow starts bright and early for me with a Domino Domain Manager jumpstart at 8:00 AM, so I'm heading to bed early. Yeah, it's midnight, but I'm learning that most of the hardcore Lotusphere veterans count on no more than 4 hours a night of sleep. I aspire one day to achieve your greatness, but this sophomore needs his beauty sleep.

SnTT - Setting up Sametime and Notes client SSO

The Problem: Too Many Passwords

A couple of years ago we implemented Sametime and have been using the Limited Use entitlement to get free corporate instant message. It works great, but my users have always had to enter their Internet password into the Sametime box to log in.

• When they changed their password in Notes it wasn't reflected on the Sametime server immediately. They would try their new password here, and it wouldn't work.
  
  
• If the password didn't work some users would delete the user name that was already in there and put in their Windows user name. Don't ask me why, they're users. :-P
  
  
• That wouldn't work and by the time they tried every combination of username and password they could think of they were frustrated and calling Notes all kinds of names.
  
  
• When the mail and Sametime servers finally do replicate the passwords are in sync, but then old password no longer works and users are even more confused.
  
  
• There was also the odd situation where sometimes the new password wouldn't work for Sametime, even after it was replicated! I had to go into the names.nsf on the Sametime server and manually update the Internet password for the user to get it to work.
  

The Solution: SSO To The Rescue

The solution is to use Single Sign-On (SSO) between the Notes client and Sametime. That way all a user has to do is log into Notes and they're automatically authenticated with Sametime. I have been trying to get this to work for the past couple of years. I went through the Administrator help, I read forum posts, and every time I eventually run out of time and have to move on, leaving my SSO configuration broken.

After recently spending the better part of a week dealing with this insanity again, I finally got SSO working with the guidance of an extremely helpful but counter-intuitive post from Scot Haberman in the Sametime forum. The heart of my problem: Sametime doesn't recognize Domino Internet Site documents, but that's the only configuration Administrator help shows you. I'm sure this is documented somewhere but I never found it until I finally searched through the Sametime forum.

Below are Scot's instructions written out step by step with expanded discussion. All the descriptions and labels shown here are from Domino Administrator 7.0.2. Be aware that I do use Internet Sites for everything except Sametime and the following screenshots will show some of those documents.

I will be up front and tell you that I don't fully understand why this works. If you try to follow the Domino Administrator help on setting up SSO it's a lot more complicated than what is listed here. I also don't know if this works for Sametime integration with DWA.

Part 1 - Configuring the SSO documents

1. Open Domino Administrator, click the Configuration tab, expand the Web section, and click the Internet Sites entry
2. Delete any documents for your Sametime server and any documents listed as Web SSO Configuration: LtpaToken.
   
3. Click the Web Server Configurations entry on the left, in the Web section
   
4. Look for a category labeled * - Web SSO Configurations -. It will be at the top of the view and you may have to scroll UP to find it.
   
   
   
5. If there is no such document you will have to create a new document. There are two ways to do this. Either go back to the Internet Sites section and click the Create Web SSO Configuration view action
   
   
   or open an existing Web Server Configuration document (they're created automatically), click the Create Web action, and select SSO Configuration.
   
   
   
   
6. Complete the configuration as follows:
   
   The Configuration Name must be LtpaToken
   The Organization must be blank.
   Only list the Sametime server.
   
   
7. When finished, click the Keys action and select Create Domino SSO Key.
   
   
8. Save and close the Web SSO Configuration.
9. From the view, copy the document you just created to the clipboard and paste it back into the same view. You will have two copies of the same document.
10. Edit the pasted document, adding the Organization you used in the Internet Site documents for your other servers (mine is WMBIRD).
    
    
11. The document will disappear from the Web Server Configurations view and be displayed in the Internet Sites view instead.
    
    

Part 2 - Using the SSO Configuration

1. Edit the Server document for your Sametime server and go to the Internet Protocols > Domino Web Engine tab. Change it as follows:
   
   
   Change Session authentication to Multiple Servers (SSO)
   Change Web SSO Configuration to LtpaToken
   
   
2. Stop and reload the HTTP task on the Sametime server
   
3. From your Notes client, click File > Preferences > User Preferences, then select the Instant Messaging section, and check the box for Log into instant messaging using single sign-on (SSO)

Wrapup

That's all there is to it. Now you should be able to log into Sametime from your Notes client without entering a password.

SnTT , show-n-tell thursday

iPhone hype

I'll admit I'm not up on the latest gadgets. I only got an iPod after I won one and I still don't even have a cell phone or PDA of any type. Reading through the info on the iPhone I can't help but wonder if people are going to be disappointed by all it doesn't do:

• No removable storage
• Cingular-only in the US
• No 3G support
• Can't be used as a laptop modem
• No Word or Excel support
• No synchronization with corporate e-mail
• No third-party applications

Okay, it could be argued that the iPhone is not meant to be a corporate device. Its focus is on consumer media. Even then it's still lacking. No removable media is still a big deal, as is the lack of high-bandwidth networking. Furthermore:

• No voice dialing or voice memos.
  
• iTunes isn't included, so you can't download songs over the air. The iPhone will have to be connected to a computer for that.
  
• It only has 8GB of storage maximum. For a device trotted out as a portable video player that's simply not enough.
  
• It's all touch screen. Many users prefer the tactile feedback of real buttons, even if they don't know it yet.
  

I'm sure there will be a market for the iPhone, but Steve Jobs' target of 10 million units by the end of 2008 is going to be a tremendous stretch.

Lotusphere 2007 sessions I'll be attending

It looks like another insanely busy Lotusphere: 31 sessions, 1 hands-on lab, and 5 Birds-of-a-Feather. Let's see if I can keep up with the schedule I set for myself.

Saturday, January 20th

• 8:00PM - 9:00PM: "Over the Rainbow" - A gathering of gay Lotusphere attendees at Atlantic Dance Hall bar (on the Boardwalk across from the Dueling Pianos)

Sunday, January 21st

• 8:00AM - 10:00AM: JMP102 - IBM Lotus Domino Domain Manager Jumpstart
• 10:30AM - 12:30AM: JMP202 - "It Takes Two to Tango" - Learning Java Using the Eclipse Development Platform
• 1:30PM - 3:30PM: JMP301 - JavaScript and AJAX Jumpstart
• 4:00PM - 6:00PM: JMP104 - IBM Lotus Domino Security Features A to Z

Monday, January 22nd

• 11:00AM - 12:00PM: AD102 - What's New and What's Next in IBM Lotus Domino Designer
• 1:00PM - 2:00PM: AD501 - Writing, Debugging and Troubleshooting IBM Lotus Domino Agents with Eclipse
• 2:15PM - 3:15PM: AD206 - Taking it Personally - Building a Personalized Portal with Business Rules
• 3:45PM - 4:45PM: AD406 - Building Composite Applications for IBM Lotus Notes 8
• 5:00PM - 6:00PM: AD105 - IBM Lotus Component Designer's Dynamite for IBM Lotus Domino Developers
• 6:15PM - 7:15PM: BOF320 - Crank It Up a Notch! Enhancing Your Existing Collaboration Environment

Tuesday, January 23rd

• 7:00AM - 8:00AM: BOF202 - Designers Unite: Developing Innovative Interfaces In IBM Lotus Notes
• 8:30AM - 9:30AM: BP201 - Coding Web Service Clients for IBM Lotus Domino
• 10:00AM - 11:00AM: ID401 - Activity Centric Computing - Getting Work Done
• 11:15AM - 12:15PM: BP301 - Advanced Object Oriented Programming for LotusScript
• 1:30PM - 2:30PM: ID102 - Designing a World-Class User Experience for IBM Lotus Notes
• 3:00PM - 4:00PM: AD303 - Extreme Makeover - IBM Lotus Domino Application Edition
• 4:15PM - 5:15PM: AD505 - DevBlast - 30 LotusScript Tips
• 5:45PM - 6:45PM: BOF507 - OpenNTF - An Open Source Community

Wednesday, January 24th

• 7:00AM - 8:00AM: BOF210 - IBM Lotus Domino and Remote Databases - Using LSX LC, DECS and LEI to make the Data Available Where the Business Needs It
• 8:30AM - 9:30AM: BP308 - Leverage DXL and OOP to Build Powerful Tools
• 10:00AM - 11:00AM: BP403 - Moving IBM Lotus Domino to Linux
• 11:15AM - 12:15PM: AD301 - Calendaring and Scheduling 101: How to use IBM Lotus Notes and Domino Calendar and Scheduling in your Applications
• 1:30PM - 2:30PM: AD103 - Lotus Component Designer Overview
• 3:00PM - 4:00PM: BP101 - Designing the User Experience: Why Your Interface Matters
• 4:15PM - 5:15PM: AD201 - Introduction to IBM Lotus Expeditor 6.1
• 5:45PM - 6:15PM: FUN102 - Speedgeeking at Lotusphere
• 7:30PM - 10:30PM: "Over the Rainbow" - Meeting location at Animal Kingdom to be determined
  

Thursday, January 25th

• 7:00AM - 8:00AM: BOF508 - The Lotus Software Blogging Community (Not Just Bloggers!).
• 8:30AM - 9:30AM: AD509 - Using Web Services in IBM Lotus Notes and Domino
• 10:00AM - 11:00AM: BP307 - IBM Lotus Component Designer Application Development - Building an Employee Application System
• 11:15AM - 12:15PM: FUN103 - Gurupalooza

Many thanks to Ben Langhinrichs for his Lotusphere sessions database. I never could have pulled all this together so quickly without his hard work.

Choosing the right spam solution

While I was on vacation Ed Brill blogged the question "Have we hit the "who cares" point with spam?" Ed's premise was that since your e-mail address is out there, and the whole point of having e-mail is to be reachable, was trying to obfuscate e-mail addresses even worth the effort?

The discussion turned into one of spam filtering techniques and what solutions can or "should" be used. In that message thread I found the following comments by Mike Lazar particularly inflammatory:

Full disclosure -- My company is a strategic partner with Microsoft Exchange Hosted Services, i.e., the former FrontBridge. I don't know why any organization, regardless of size, wouldn't use one of the 3 big services for anti-spam/anti-virus. Whether it's MEHS, Postini, or MessageLabs, they are all superior to anything you can do with native tools or an appliance.
...
Frankly, the cost is also negligible, espeically when compared to buying an appliance, maintaining it, etc.
...
It comes down to a service vs. DIY approach, and honestly, a service is the better/proper fit for the vast, vast, majority of organizations out there.

I respect Mike's knowledge, and am aware that he has worked with Domino in the past. I have nothing against him, and I do think Mike is entitled to his opinion. I also think it is wrong. :)

First, there isn't anything any of the "big 3" offers that you can't get with another solution. There is absolutely no basis in fact for that statement. Going through the Postini and MessageLabs feature lists, there isn't anything listed that I don't have currently.

Second, the costs are not negligible. The best price I was ever quoted from Postini was $1.50 per mailbox per month. The Barracuda we're using costs us about $0.40 per mailbox per month, which is the annual support contract and the 1 hour a week we spend on maintenance. (If we had more mailboxes it would actually decrease since there is no per-user mailbox charge.)

Third, I find it offensive that anyone would be arrogant enough to tell every company using Domino's built-in spam filtering, an appliance, or DIY spam filter that they are totally wrong-minded. Chris Linfoot works for a large manufacturer, relies on Domino's built-in spam filtering, and has had tremendous success. Companies like IBM, Coca-Cola, FedEx, and Nintendo all use appliances. To Mike's way of thinking they all made the wrong choice.

The message I'm trying to get across is before you choose a spam solution be sure to investigate what makes the most sense for your organization. There are several ways to tackle this problem and only you can determine what is right for your company. For me, outsourcing is the least desirable option.

Notes and Domino 7.0.2 part numbers

I've been having problems for the past couple of months with Passport Advantage not showing me the correct entries. Sometimes I have to go the All Downloads section, other times I have to search by part number. I'm sure there's a decoder ring somewhere, but I wanted to make it easier on everyone else and just give you the part numbers and the file descriptions in case you need them.

• C96RIEN - Notes and Domino 7.0.2 Release Notes
• C940BML - Notes 7.0.2 Quick Start Guide -Multilingual
• C94QIEN - Notes Client 7.0.2 - English
• C94QAEN - Notes, Administrator and Designer 7.0.2 - English
• C94QBEN - Domino 7.0.2 - Win32 - English
• C94QEEN - Domino 7.0.2 - Intel Linux - English
• C84T5NA - Install Shield Tuner
• C940CML - Server 7.0.2 Quick Start Guide - Multilingual
  

5 things you never wanted to know about me

From Ed to Nathan to Mary Beth... that's how we ended up here. So here goes.

1. I complain a lot.
You already know that. Umm... this is gonna leave a mark. Can I send my therapists' bill to Mary Beth since she put me up to this?

1. I attended two universities but graduated from neither: DeVry Institute of Technology, then transferred to Southern Polytechnic State University (it was called Southern College of Technology when I attended).

2. I've been to five foreign capitals, but not Washington, DC: Panama City, Panama; Vatican City; Rome, Italy; London, England; Lisbon, Portugal (twice). My partner says I can count six foreign capitals, but I don't consider Grand Cayman to be an independent nation.

3. I have crossed the Atlantic three times by boat: October 1997 Wind Star, November 2003 Wind Surf and October 2005 Galaxy. I'll be crossing it again in November 2007 on the Regatta. Incidentally, my partner's birthday is October 27th, and he decided when he was 35 that it would be a good idea to do something special for his birthday (he climbed Ayers Rock). That's why I travel in October and early November every year.

4. When I met my partner (at age 23) I didn't drink and I didn't cook. While I haven't devolved into alcoholism, I do enjoy adult beverages (Jack Daniels is my favorite -- incidentally, did you know they use Notes? [not for their website, though]) and I make a mean dirty martini. I also love to cook, but hate to use recipes. I go off what I learn from FoodTV (mostly Alton Brown, because he's a food nerd) and my own taste memory. My most recent favorite concoction: brined pork tenderloin with an amaretto, Grand Marnier and juniper berry reduction.

5. I love to do home improvement projects. I have refinished cabinets and hardwood floors, ripped out wallpaper and stripped popcorn off ceilings. My most recent endeavor involved applying venetian plaster to our 30-foot long hall, and ending in a rusty red accent wall. This was in addition to the cable light system and venetian plaster on the ceiling I did last year. (Pictures coming soon.) Yes, I did venetian plaster on the ceiling. My chiropractor loved me.

I guess I need to tag someone now, but I honestly have no clue who reads my blog to know if they'll get the memo. Oh well, here goes... the idea seems to be to tag 3 - 5 people, so how about Chris Whisonant (crap, already taken), Rocky Oliver (shaking fist at Chris), Ben Langhinrichs, Alan Lepofsky, and... Paul Robichaux. Here's hoping at least one of them read my blog, or I'm going to look even sillier.

SNTT - Integrating a Barracuda Spam Firewall with Domino LDAP

Spam is a never ending battle. A few years ago I purchased a Barracuda Networks Spam Firewall 300 to help reduce my headaches and the load on my Domino servers. It is hands down the best $1900 I have spent and I have been nothing but thrilled with it. On the average day we reject over 85% of all inbound SMTP traffic with virtually no false positives.


As you can see, the number of "bad recipients" is significant. Here's what happens during the delivery process:

• Barracuda checks its own rules and filters to see if the message is spam
• If it's not spam, it tries to deliver to Domino and waits for an OK response.
• Domino checks the recipient to make sure it's valid (I have this setting enabled). If it is, the Barracuda takes the response and updates the log to show the message was delivered.
  
• If the recipient isn't valid, the Barracuda shows the document as not delivered and flags it as a bad recipient. Meanwhile, Domino generates its own delivery failure report, which it delivers to the sender. The Barracuda doesn't cache these bad recipients, it just passes them through.
  

On an average day this isn't a problem. However in mid-December we started getting about 500 e-mails an hour for randomly generated e-mail addresses. Domino handled the load fine, but it was generating about 400MB of log entries a day and causing our mail.boxes to backlog with delivery failure reports.

I had to stop this. Luckily the Barracuda has the option to do LDAP lookups to verify recipients exist before it even tries to deliver the messages. Getting the Barracuda to resolve all the possible incoming e-mail addresses my users have proved to be more challenging than I expected.

Step One: Enabling LDAP in Domino
Let me start by saying I am a mediocre Domino administrator. I find Domino Administrator overwhelming and difficult to use, and I honestly don't understand what a lot of it means. I usually leave it alone until something breaks, then I hit the Internet and methodically try solutions until something fixes my problem. Also, my knowledge of LDAP begins and ends with defining the acronym. I have a vague idea of what it does and why it's important, but it's never been anything I thought I would have a use for. Even with that crippling deficiency, enabling LDAP really isn't so bad.

The biggest trouble I had was finding the right Configuration document. The Domino Administrator help says to go to your default configuration document, but doesn't tell you which one that is. Since I only have LDAP running on my mail server I thought that's where I would go to enable it. Wrong-o. Here's the first thing that went wonky on me. When I open the Configurations view, this is what I get.


Notice the scrollbar on the right side of the view. If I scroll up ....


*Poof* I have more Configuration documents! Okay, maybe it's not magic (I can suspend my disbelief for a moment) and maybe some of you already knew about this. I don't understand why it's behaving like this, and I only discovered this when I accidentally hit the scroll wheel on my mouse and the other documents appeared, so color me clueless. The "default" Configuration document is the one listed as "* - [All Servers]". Once you find the Configuration document, click the Edit button and go to the LDAP tab.


What this does is maps fields on the Person document to the standard LDAP schema. I honestly have no clue what 99% of this stuff means or why it's relevant. I also don't know when/where/how/why all that stuff got put in there, but I just left it. I do know from extensive trial and error that at a minimum you need the cn, FullName, mail and shortname LDAP attributes. The only one I had to add was the FullName. The rest of the LDAP configuration is as follows.


We already had anonymous LDAP enabled for some network scanners to be able to e-mail files to users. While setting that up I learned that if you don't limit the number of LDAP entries that can be returned it takes a while for LDAP to run through the entire directory. I only have 200 users and I was getting timeout errors. I set the maximum entries to 15 and the errors went away. I didn't do any analysis, I just tried it and it worked. Your mileage may vary. Once you have these settings to your liking, click Save and Close.

If you didn't have LDAP already loaded, load it from the server console (load ldap). If it was already running, issue the command tell ldap reloadschema.

Step Two: Configuring the Barracuda
LDAP configuration is done from the Domains tab.



The important bits:

• LDAP Server - your server's IP address
• LDAP Port - 389 is the default
• Exchange Accelerator/LDAP Verification - Set to Yes
• Unify Email Aliases - Set to Yes, unless you have a reason not to. Everything I read on the Barracuda support forums said this should always be Yes, so I enabled it. Pittsburgh is still intact and mail is flowing, so I guess it didn't hurt anything.
  
• Bind DN - Only required if you don't allow anonymous LDAP. If that's the case I'll assume you know what to put here.
  
• Bind Password - Password for the above account.
• LDAP Filter - This is the most important part and requires more discussion. See below.
• Everything else - leave it at the default

The LDAP filter tells your Barracuda what LDAP fields to search and what constitutes a match. For example, if you used nothing but (|(mail=${recipient_email})), it would only look for an exact match on the incoming e-mail address. That is to say, if the InternetAddress field on the Person document does not contain the recipient e-mail address, this would not be a match and would be a "bad recipient".

And that's a bad, bad thing because... we have lots of people with e-mail aliases in the FullName field (which is labeled User name on the Person record). Mostly this is when someone gets married, wants their primary e-mail address to be their married name, but still needs to get e-mail with their previous address. The easy way to accommodate this is to change the primary internet address and copy the old one to the FullName field as an alias.

A "mail=" search won't match these aliases. Okay, so you might think you could match the incoming name against the ShortName field since you rename people using the standard AdminP process. Unfortunately the automatic rename process does not update the ShortName field. It could be part of your process to update it manually, but I haven't been doing that and didn't want to try to figure out which ones needed updating.

As you consider all the implications you might think you need to do a search against the FullName attribute. However, aliases entered in the FullName field are listed under the cn attribute. I don't understand why, but that's the way it works.

Taking all this into consideration, the LDAP filter on my production Barracuda is:

(|(mail=${recipient_email})(cn=${recipient_email})(shortname=${recipient_local_part}))

This searches for the internet address, any e-mail aliases, and the shortname as a final last-ditch attempt to get the message delivered. LDAP queries are always OR'ed, so if anything matches it will return a True, the message will be delivered, and life is good. But if none of those match, the Barracuda will take care of sending the delivery failure report. The Barracuda does not cache invalid LDAP recipients, but at least Domino isn't having to do the double duty of doing both the lookup and generating a NDR.

That's all there is to it. As simple as the filter is, it took me many hours of tinkering before I finally found the right combination that worked for me. I strongly recommend you do some tests using the Test LDAP feature in the Barracuda to make sure you are getting everything you expect.

SnTT , show-n-tell thursday