We Have Lost The “wasadmin” Account Password!

If you have lost the “wasadmin” account password or any other local WebSphere account, there is a rather simple way to recover it.

Just connect to the server where WebSphere Deployment Manager is running, via RDP or SSH, depending on the OS of the server, and open the “security.xml” file located under “<WebSphere_Installation_Directory>/AppServer/profiles/<Deployment_Manager_Profile>/config/cells/<Cell_Name>” for example “/opt/IBM/WebSphere/AppServer/profiles/ic-dmgr01/config/cells/ic-cell01”.

After that just search for the account name, for which you would like get the password, in the same line you should find the attribute “password”:

Then just copy the value of the “password” attribute, now we need to decode the xor encoded password. For that I am usually using the following Website: https://strelitzia.net/wasXORdecoder/wasXORdecoder.html

Just paste the encoded text and click the “decode” button, after that you should have the password.

EngageUG – Implementing Certificate Based Authentication for HCL Traveler Access

I am proud and honored that I was allowed to present this year at Engage in Arnhem. To be frank, I still can’t believe it. 🙂 I held a 25-Minute Session about implementing certificate based authentication for HCL Notes Traveler authentication. If anyone is interested, the Slides is embedded below:

I also took a video of my presentation, I wanted to make sure I didn’t miss any errors I have made, so that I can improve my overall presentation skills. Apart from the viewing angle, the video has not turned out to bad. 🙂

HCL Sametime 11 – SSO between ST WebClient and iNotes/Verse on-Premises

You can integrate HCL iNotes and/or HCL Verse on-Premises, with Sametime 11 via ST Proxy server, the same way the integration was done with Sametime Version 9.0.1.

But before you can integrate the products mentioned above, you have to configure Single-Sign-On between Sametime WeClient and iNotes/VoP.

With Sametime version 9.0.1, you would export the LTPA Token from Websphere Application Server and import it in the Domino “Web SSO Configuration” document of the iNotes/VoP server and Sametime Community Server. Thus making sure that all components involved are using the same LTPA Token.

But in the Sametime Version 11, we do not have any WebSphere components. So, you just have to make sure that the Sametime Community and iNotes/VoP servers are using the same LTPA Token. Either export the LTPA Token from the old Sametime environment or any other existing WebSphere server and import it in the relevant Domino “Web SSO Configuration” documents. After restarting all components involved, the SSO should be working and you can proceed with integrating Sametime with iNotes and/or Verse on-Premises.

How to Make Domino Deployment and Monitoring Radically Easier – Webinar

Make sure to register for the “How to Make Domino Deployment and Monitoring Radically Easier” Webinar taking place tomorrow at 3:00 PM – 4:00 PM CET.

Join this session to learn how to create a controlled, efficient Domino deployment (regardless of where you want your servers) powered by Panopta, our new partner. You’ll learn how to get complete visibility of your Domino servers’ key health metrics in easy to use dashboards, ensure the right person is notified in case of any health or performance issues, and solve problems with automated remediation instead of manual intervention. And, with much of the configuration done out of the box, you’ll learn how to get this all up and running quickly!

How to Make Domino Deployment and Monitoring Radically Easier – Registration form

HCL Sametime 11 – Limited Use vs. Standard License

I found that there is a lot of confusion going around which Sametime features are covered in Limited Use License, although I could not find a document or a matrix chart covering this in detail, the following article provides some important insights:

Excerpt of the article:

HCL Sametime 11 Limited Use prohibits the use of the following components:

- File transfer
- Screen capture - Multiple communities - External user - Built-in audio / video function - Integration with external meetings - To ensure compliance with the Limited Use terms, these features must be disabled in policy settings.

Before deploying Sametime 11 Limited Use, make sure that the features important for you are covered in the license. And if one or another function is not working, check with support if it is covered in the Limited Use license in the first place, it might save you some time spent troubleshooting.

UPDATE

My friend, Roberto Boccadoro found the official licensing agreement, thank you very much! You can Access it via the following URL:

Excerpt of the document:

Notwithstanding any provision in the Agreement, Licensee is not authorized to use any of the following components or functions of the Program:

  • Access to File Transfer (of HCL Sametime)
  • Screen Capture (of HCL Sametime)
  • Multiple Communities (of HCL Sametime)
  • External users (of HCL Sametime)
  • Embedded Audio/Video features (of HCL Sametime)
  • External conferencing integration (of HCL Sametime)

HCL Sametime 11 – ST Proxy Server & DNS

Obviously, when deploying any application, DNS is important and the needed DNS entries need to be set.

Before deploying the HCL Sametime 11 Proxy Server you need to make sure that the MongoDB and the Sametime Community Servers are reachable via FQDNs and hostnames.

If you have to work with a “host” file, in DMZ for example, make sure to create separate entries for hostnames and FQDNs mentioned. If you are using a separate DNS Alias to access the Sametime Community server, other than the “real” FQDN and Hostname, make sure to create the entries for the “real” FQDN and Hostname of the Community server, even if you have not used them during the ST Proxy installation. During one deployment I ran into this issue. After enabling the debugging on the ST Proxy Server, I got the following errors:

FINE [White Rabbit (Timer). 2] com.ibm.rtc.stproxy.cluster.ServerLogin.connect Connecting to ST server: Server name: CN=domino-server-name/O=domino-organization, Cluster name: CN=domino-server-name/O=domino-organization, Server URL: domino-community-server.domain.local, serverID: null, Sametime session: null

WARNING [Chuck the postman’s dispatching thread.4] com.ibm.rtc.stproxy.cluster.ServerLogin.loggedOut CLFRX0011W: Unable to log in to the Sametime community server CN=domino-server-name/O=domino-organization. Error message is 80000207

After editing the host file of the ST Proxy server, on which the error was produced, the Sametime Webclient was working as desired and there were no errors in the log file.

Domino 10.0.1 – IdP Catalog Database and the German Language Pack

If you are running Domino 10.0.1 Servers with German Language Pack and trying to implement SAML authentication mechanism, make sure to switch to the English version of the IdP Catalog database.

Or else you could run into the problem with creating the Service Provider Certificate by using the “Create SP Certificate” button in the “IdP Configuration” document, this action will create the certificate, but it will not create the “ServiceProvider.xml” file. When doing so, I got the following error:

Agent message: CreateIdPXML error 91 (Object variable not set) line 19 Please pass this error message to your notes admin

We had this issue in two customer environments, using Domino Version 10.0.1 to 10.0.1 FP3.