HCL Traveler – Cleaning up the “lotustraveler.nsf” database

If you are seeing some old and invalid objects in the “lotustraveler.nsf”, on the HCL Traveler server, try running “tell traveler cleanup show” command. It will show you which entries are obsolete and could be deleted.

Provided that you are OK with the result, run the “cleanup” command without the “show” option, this command will delete the entries previously shown.

To find out more about the HCL Traveler “cleanup” command, take a look at the official documentation.

HCL Sametime Meetings – Meeting Chat Issue

Recently I ran into the issue with HCL Sametime, the Chat was not working inside the Sametime Meetings. In this environment, the Sametime Meetings components are deployed on a single Docker host server.

After a little bit of Troubleshooting and Log Analysis, I found the following error in the Sametime Proxy catalina logs:

WARNING [https-jsse-nio-443-exec-8] com.ibm.rtc.stproxy.servlet.STProxyServlet.forward CLFRX0050E: User null – /stwebapi/chat/nway – <meeting_server_ip_address> is not authenticated.

Not coming any further, I opened a case at HCL, and the answer from the HCL Support came as fast as lightning. I deployed an internal STUN server, as it turns out, if you deploy your own STUN server and reference it for use in the “.env” file together with Google STUN servers, you should not set the “DOCKER_HOST_ADDRESS” variable inside of the “custom.env” file.

So the solution was easy, I just deleted the value of the “DOCKER_HOST_ADDRESS”, and enabled the configuration changes, as described in the official documentation.

HCL Sametime: Make Your Meetings Deployment and Administration Easy

Don’t forget to register for the today’s webinar “HCL Sametime: Make Your Meetings Deployment and Administration Easy”. It starts today at 4:00 PM CEST, and as the title says, the focus will be the Deployment and Administration of HCL Sametime:

Video meetings solutions can be cumbersome and time-consuming to deploy, configure and maintain. But it doesnโ€™t have to be that way. Get up and running easily โ€” and deploy however you want, whether on-premises, private cloud, or a hybrid solution โ€” with deep savings in both time and admin resources.

See you there! ๐Ÿ™‚

HCL Sametime Policies – Troubleshooting

I needed to set a new HCL Sametime policy just for a handful of users, so I have decided to do this via an explicit Sametime policy, assigned to the users via a new user group in LDAP user repository.

This process is simple and very well documented, check out the official documentation if you have to do this:

https://help.hcltechsw.com/sametime/11.5/admin/creating_new_policy.html

After creating, setting the policy and restarting the HCL Sametime Community server, I ran into a problem, the settings in the newly created policy didn’t have any impact on the Sametime clients.

In order to find the cause for the problem, I have set the following debug settings in the “sametime.ini” (in the [Debug] section) file:

POLICY_DEBUG_LEVEL=5

ST_POLICY_NOTES_GROUPS=1

“POLICY_DEBUG_LEVEL” can be set to ‘1’, ‘3’ or ‘5’, depending on the log information you want, ‘5’ being the most verbose.

After setting the debug level I found the following Entries in the Log:

[ 08:36:02.756 | 15.04.2021 | INFO | 15 ] : FilterSyntaxAdapter : replaceSubStrings :  replaceSubStringsInFilter replacing %s with <dominounid> result is :(&(objectclass=inetOrgPerson)(|(mail= <dominounid> )(cn= <dominounid> )(uid= <dominounid> )))

[ 08:36:02.756 | 15.04.2021 | INFO | 15 ] : DirLdapBlackBox : resolveUser : authFilter=(&(objectclass=inetOrgPerson)(|(mail= <dominounid> )(cn= <dominounid> )(uid= <dominounid> )))

[ 08:36:02.756 | 15.04.2021 | FINEST | 15 ] : DirLdapBlackBox : resolveUser : authFilter = (&(objectclass=inetOrgPerson)(|(mail= <dominounid> )(cn= <dominounid> )(uid= <dominounid> )))

[ 08:36:02.756 | 15.04.2021 | FINEST | 15 ] : DirLdapBlackBox : resolveUser : resolveBase =

[ 08:36:02.756 | 15.04.2021 | FINEST | 15 ] : DirLdapBlackBox : executeQuery : Ldap bb: executing LDAP query

[ 08:36:02.758 | 15.04.2021 | FINEST | 15 ] : DirLdapBlackBox : executeQuery : Ldap bb: LDAP query returned

[ 08:36:02.758 | 15.04.2021 | FINEST | 15 ] : DirLdapBlackBox : resolveUser : DN is not found for a user 4BD5D68A8A47FFA9C1258599002E9F47

[ 08:36:02.758 | 15.04.2021 | FINEST | 15 ] : SscPolicyRequestHandler : calculateUserPolicyByHisDirectoryUnitPolicy : 4BD5D68A8A47FFA9C1258599002E9F47 name is resolved to DN:

[ 08:36:02.758 | 15.04.2021 | INFO | 15 ] : DirLdapBlackBox : polulateEnvTableForLDAPServer : ldapHost =

[ 08:36:02.758 | 15.04.2021 | INFO | 15 ] : DirLdapBlackBox : getContextFromPool : A context has been retrieved from the conection pool for LDAP server

[ 08:36:02.758 | 15.04.2021 | SEVERE | 15 ] : DirLdapBlackBox : groupSearchByName : searchFilterGenerator is null, returning empty group list

Seeing this, the solution for the issue was pretty straightforward. The Sametime Internal User ID was set to “dominounid”, and it this parameter was missing from the LDAP Search filter used when resolving the user distinguished name to Sametime internal username. In order to solve this I had to modify the value of the LDAP search filter, used for resolving usernames to distinguished names, to include the “dominounid” parameter.

This can be done in the “stconfig.nsf” database, you just need to restart the HCL Community Server afterwards. Take a look at the screenshot after the configuration change:

The screenshot displayed above shows the LDAP Filter configuration change.

After that the HCL Sametime policy mechanism could be used as intended. Please do note that the issue was not a software defect, but rather the environment specific circumstances which ultimately resulted in a configuration error.

HCL Connections Docs – 2.0.1 Update Issue

Lately I had an issue upgrading from HCL Docs 2.0 CR3 iFix009 to 2.0.1. While upgrading “Docs Editor” application, using upgrade/install scripts, I was blessed with the following error code:

2021-03-05 17:23:16,464 INFO –>IM:RegisterDocsInNews
2021-03-05 17:23:16,465 INFO Register Docs application in Connections News Started
2021-03-05 17:23:40,280 INFO Register Docs application in Connections News completed
2021-03-05 17:23:47,996 INFO –>IM:ReviseLotusConnectionsConfig
2021-03-05 17:23:47,997 INFO Register Docs application in LCC.xml
2021-03-05 17:24:03,913 INFO Exception: ‘ascii’ codec can’t encode character u’\xa0′ in position 32627: ordinal not in range(128)
2021-03-05 17:24:03,913 ERROR Error while executing command, now rollback previous changesโ€ฆ
2021-03-05 17:24:03,913 INFO –>IM:Rollback RegisterDocsInNews
2021-03-05 17:24:03,914 INFO Rollback successfully.
2021-03-05 17:24:03,914 INFO Remove temp dirโ€ฆ
2021-03-05 17:24:03,915 INFO Exception: Upgrade failed. Check log file for more detail.
2021-03-05 17:24:03,915 INFO –>IM:FAILED

Although it took me a lot of time to solve this issue, it is quite simple.ย  I don’t know how, but I had some “Non-breaking space” characters in the LotusConnections-config.xml file for which, as it turns out, Python 2.7 does not show a lot of love.

To solve this problem I have done the following:

  1. Login to the WAS Deployment Manager and check out the LotusConnections-config.xml.
  2. Create a backup of the file.
  3. Delete all “Non-breaking space characters.
    • I managed to do this only in vim editor, by using the following setting “set list listchars=nbsp:!”.
    • Delete all newly shown “Non-breaking space” characters.
    • For more information, take a look at the Stack Exchange post.
  4. Check the file back in.
  5. Synchronize all WAS nodes in the cell.
  6. Restart the installation.

After that, the installation should complete. I hope this helps. ๐Ÿ™‚

Note that the Error code shown above lists the exact position in the “LotusConnections-config.xml” file where the problematic character was found in the first place, but this can be misleading as you could have more than one “Non-breaking space” character in the file, so make sure to delete all of those characters.

HCL Connections 7 – PDF Export Issues

After upgrading to HCL Connections 7, the new PDF Export feature didn’t work. By clicking on the new “PDF” button inside the Wiki Page and trying to export it as a PDF, I would get an error in the GUI. In my two environments where I have encountered this, I had to do the following steps.

  1. Install “wkhtmltopdf” software and additional fonts.

This step is very well documented in the official documentation. Albeit a bit hidden.

2. Modify the IC360 configuration parameters.

In order to do this, login to the WAS Administration Console or ISC, and navigate to “Resources –>Resource Environment –> Resource environment entries –> ic360 –> Custom Properties”. Make sure that the following configuration parameters are correct:

“http.hostname” should correspond with the FQDN you are using to access HCL Connections, for example “social.domain.com”.

“http.auth.admin.user” set to WAS Administrator username.

“http.auth.admin.password” needs to have the value of WAS Administrator password. When changing the password, just delete the whole value, including “{xor}” in the field, after saving, the password will automatically be encrypted with XOR.

For additional information about IC360 configuration parameters, refer to the official documentation.

3. Sync and restart IC360 Applications.

After doing the steps mentioned above, you should be able to export the HCL Connections content to PDF files.

HCL Sametime Meetings 11.5 and LTPA version 2

As the LTPA Token version 2 is more secure than the LTPA Token version 1, it has become a new default for me. Lately I found out that the Sametime Meetings Server does not accept the LTPA Token v2 out of the box, more on that in the following. ๐Ÿ™‚

After installing a brand-new HCL Sametime 11.5 environment, inclunding Sametime 11.5 IF1 Sametime Proxy server, importing the LTPA Key from Webphere Application Server and setting the Community Server to use the version 2 of the LTPA Token only, I found that the SSO between via LTPA was not working as expected.

HCL Sametime Proxy server was working as expected, it was accepting the LTPA Tokens and authenticating users by it. Users logged in to the HCL Sametime Proxy server could login into HCL Connnections and vice versa. But the Sametime Meetings component was not accepting the LTPA Token 2, users could login to the Sametime Meetings server, but the SSO functionality via LTPA was not working.

After a brief call with a good friend of mine, Herwig Schauer from HCL, I got the information that you need to set the LTPA Cookie name to “LtpaToken2”, which is the default name for LTPA v2 Token, on the Sametime Meetings server. For Sametime Meetings Docker deployment, this can be done in “docker-compose.yml” file. You have to add the “LTPA_COOKIE_NAME” parameter, in the “auth” section of the file, and set it to “LtpaToken2”.

“docker-compose.yml” file.

After that just apply the standard procedure for changing the Sametime Meetings configuration files, and you should be good to go.

@Herwig Schauer, thank you very much for the information! ๐Ÿ™‚

Here it comes! HCL Domino & Notes v12 Beta 3

Today Luis Guirigay, Barry Rosen and Thomas Hampel showed us the HCL Domino & Notes Beta 3 of the Version 12. Guess what!? It is available on the HCL Flexnet site for download as of now! ๐Ÿ™‚

Where to download the v12 Beta.

I will give my best to list the most important takeaways from the today’s webinar in the following.

This is the last of the planed Beta releases before the global launch of the HCL Domino and Notes Version 12.

Timeline and Components of the HCL Domino and Notes v12.

The latest beta release is available in the following languages:

HCL Domino v12 supported languages.

As of HCL Domino version 12, additional Linux server distributions are supported.

Additional Linux Platforms.

HCL Notes 64-Bit Basic Client for Windows is available for download, a release of HCL Notes 64-Bit Standard Windows Client is planned in the future.

HCL Notes 64 Bit Client Beta.

I was especially excited as I have seen the following slide:

The Active Directory Password sync looked perfect and polished in a Demo. It takes less than 5 seconds to sync a user’s password, since it was changed in Active Directory, to Domino.

The Backup Solution also looks great, the whole backup and restore process can be controlled inside one new Domino Database. In a Demo, the restore process certainly looked fast and easy, Thomas restored some deleted Mails and Folders with ease.

New Domino Backup and Restore Database.

The backup and restore process should now be possible with most backup software vendors.

Architecture of the HCL Domino v12 backup/restore solution.

There are also some news about licensing, the CCB/CCX Licenses can now be tracked easily inside Domino, no matter how complicated your environment is.

HCL Domino & Notes Entitlement Tracker Demo.

HCL Nomad Web will also be publicly available with HCL Domino and Notes v12.

If you would like to participate in the Beta program, you can do so, HCL is open about it and they will welcome any feedback. You will need to register for an Account and afterwards you will be able to access the beta forum.

And last but not least, make space in your calendar for the HCL Domino and Sametime Launch Event on June the 7th.

Happy Testing! ๐Ÿ™‚