Lotus Notes Presentation - Please loo into it!!

Groupware (Slide - 1):
Groupware refers to programs that help people work together collectively while located remotely from each other.
Programs that enable real time collaboration are called synchronous groupware. Groupware services can include
the sharing of calendars, collective writing, e-mail handling, shared database access, electronic meetings with
each person able to see and display information to others, and other activities. Sometimes called collaborative
software, groupware is an integral component of a field of study known as Computer-Supported Cooperative Work
or CSCW.

Groupware (Slide - 2)(The Evolution Of Groupware) :
At the heart of the information age, or information revolution, is knowledge. A business lives and dies by its capability to use,
manage, and share information. It is important to note that data is not information. Application developers are charged with
turning raw data into knowledge ”useful information. The term groupware ( group information-management software) is a loosely
defined concept that refers to a type of application that enables groups of people to collaborate together to create, share, and use
information more effectively.
Groupware relies heavily on networks for the transfer of information among individuals and organizations. Groupware promotes
working together in teams. This fits in well with today's business climate, where teams are promoted and heavily emphasized in
almost every sector of business. Groupware evolved from two basic models: the share model and the send model.
•The share model relies on the document or database application being in an area accessible to all
users ”that is, shared ”typically on a file server. If all users have access to the directory on the file
server where the file exists, they can all work on the file. Most database applications do not support
concurrent access of specific records, but they do support concurrent access to files. This is referred
to as the share model.
Share Model
•In the send model, information is pushed , or sent, to the user. This typically involves email.
Examples of this type of application are forms routing, requisitions, and document approval. Using
email to route forms closely mimics the routing of a paper document in an office. In a typical
scenario, you might fill out a requisition form for a new PC and send it to your boss. He then
approves it, but because you want a $5,000 laptop and it's over his approval ceiling, the form gets
routed to the branch manager, exactly as in a paper-routing flow.
Send Model

The Client Server Architecture of Lotus Notes & Domino 7.5 :
KAV stands for Kaspersky Anti-Virus for Lotus Domino.

Accessing Lotus Notes Mail Server from Mobile(iPhone):
The foundation for communication between IBM® Lotus® Notes® workstations and Domino
servers or between two Domino servers is the Notes remote procedure call (NRPC) service.

Replication :
1. One of the key features of a Domino database is that you can distribute copies of it to Notes
clients and other servers. Through a process called replication, Notes clients and servers keep
the information synchronized.
2. Every Domino database has a replica ID that identifies it to Notes clients and Domino servers.
When two databases have the same replica ID, they are replica copies.
3. Replication can occur between Domino servers or between Domino servers and Notes clients.
4. Replication can be controlled by formulas, which limit the data exchanged between the replica
copies of the database.
For example, a salesperson might want to see only documents that relate to his sales territory; a
replication formula can be created to limit the documents replicated to the Notes client. This
permits the user to work more efficiently. One can limit the documents sent between replica copies
on servers.
NB: It is important to note that not all copies of the database are in synch at the same time. Over
time, however, all the replicas will be synchronized.
NB: The universal ID, which uniquely identifies a document across all replicas of a database. In text
format, the universal ID is a 32-character combination of hexadecimal digits (0-9, A-F). The
universal ID is also known as the unique ID or UNID.

Replication or Save Conflict :
1. Replication Conflict : Whenever, a single document is edited by multiple users
at the same time and the changes are saved in different replicas (copies) of the
document then a replication conflict occurs. The only thing that is responsible for the
Main/Conflict Document dependency is the presence of a $REF item in Conflict document (populated
with the UNID of the Parent document). Using this $REF field value we can identify the Main
document.
2. Save Conflict : A save conflict occurs when two or more than two users edit the
same document in an application on a server at the same time. When more
than one user edits the same document simultaneously then the document that
has been saved first is designated as the main document by Notes.
NB: It not just by looking at the View with Documents marked as “[Replication or Save conflict]” we can
identify this type of Documents also we can identify the presence of a field known as “$Conflict”. So by
tracking this field we can identify all documents that are of type “Replication or Save Conflict”.
Removing the Replication or Save Conflict Documents :
• We can prevent the occurrence of this type of document by Locking the Documents individually
from Form properties Dialog Box. When one user is editing the document no other user will be
allowed to edit the Document.
• We can select the option “Merge replication & save Documents” so that when ever a conflict
document will occur Notes will be able to automatically handle them.
• We can provide Authors Access to Users - Access rights can be set for users to forbid them
from editing other users' documents.
• Allow Versioning Of Documents such that when a conflict occurs automatically Notes will create
a new document.
• Limit entries in $Revision field – which shows the date and time for each document update.
NB: We shall Discuss each in Detail in our Next Slides when we talk about
Database Level Security & Form Level Security.

Lotus Notes Security :
• Network level security.
• Server level security.
• Workstation level security.
• Database level security.
• Forms & Views level security.
• Document level security.
• Field level security.

Network Level security :
This refers to securing against the possibility of the data
confidentiality & integrity being compromised while being
transmitted over the Network. If the data passed back and
forth over your network is sensitive, you should encrypt data
packets so that unwanted listeners cannot read the
information as it zips by on the wire.
Client Server Architecture:
For Notes-to-Domino sessions, you can use native network
port encryption, which does exactly that. See Domino
Administrator -> Server -> Status -> Tools -> Ports ->
Setup.
Web Server Architecture:
For browser-to-Domino sessions, Domino supports the
industry-standard HTTPS protocol, which achieves the same
goal. See Domino Administrator -> Configuration -> Server -
> All Server Documents -> server-name -> Ports -> Internet
Ports -> Web.

Server level Security :
1. The Domino server software does just what the name implies: it serves up data either to Notes
clients, Web clients, or both. Domino can be installed on most operating system platforms.
2. When a client makes a request to the Domino server, the first check that the server makes is to
verify that the client has access to the server. Each server has its own security settings as defined in
the Security section of the Server document in the Domino Directory.
3. Appropriate entries in these fields
(user names, group names, as well as
some wildcard entries) can go a long
way to securing the server. These
settings control who can access your
server, who's denied access to your
server, how the client is authenticated,
who can run various types of agents,
as well as various security features.
4. Server Security can broadly be
divided under two broad Headings.
I. Authentication.
II. Authorization.

I. Authentication : Server document fields come into play during client authentication. Because
the Notes client and a browser client have different capabilities, authentication for each is
different.
They are as follows:
i. Notes client authentication.
ii. Web Client Authentication.
Notes Client Authentication:
The Notes user ID file contains all the information needed for a user to identify themselves to the
Domino server. This includes the user name, password, and appropriate certificates for the
organization. Before connecting to the server, the user must enter their password correctly.
Then, to establish a connection with the Domino server, all certificates stored in the ID are sent to
the server. The server validates the certificates stored in the ID with the corresponding certificates in
the Domino Directory and assures that the client is valid-or access is denied.
The user name is compared with Person documents, Group documents, and Server document access
fields; and if the user name doesn't pass these tests, access to the server is denied. If all is well-the
client can be validated and authenticated and that valid and authenticated user is not denied access
to the server by means of various fields in the Server document-then the client is good to go.
Once a session is established, the user will not be prompted to identify themselves again during the
session unless the ID is locked.
NB: Pressing F5, or the user ID can be configured on the User Preferences dialog box to be locked (and the session dropped) after any number of minutes of inactivity. The
password must be entered again to reactivate the session. Locking the ID prevents someone else from sitting at your machine and using your identity if you leave the
machine unattended.

Special Notes client authentication scenarios :
Anonymous access : The authentication process checks certificates in the Notes ID with certificates in the Domino Directory.
However, you may want users and servers outside your organization to have access to databases on your server without
obtaining a certificate.
Example : have a discussion database for your customers; it would be unwieldy to cross-certify every user from every customer
organization, and since the information in the database is not sensitive, it would be unnecessary as well. By allowing
Anonymous access using the "Allow anonymous Notes connections" field in the Server document, this non-authenticated access
is possible.
Password Checking : To ensure that users change their passwords on a regular basis, you can turn on password checking
using the "Check passwords on Notes IDs" field in the Server document. Then users must change their password within the
chosen time interval or they are locked out of the server during authentication and must rely on an administrator to reinstate
them.
Web Client Authentication :
1. Because the Web client has no Notes ID, verification of the client happens in a different way. Instead of authenticating when the browser client
connects with the server (as happens with a Notes client), authentication occurs when the browser attempts to access a server with Anonymous
access disabled (via the Ports/Internet Ports tab of the Server document) or a database on the server that does not allow Anonymous access or
whose Default access is set to No access. (If the database's ACL allows Anonymous access or has its Default access set to Reader or above, then
no authentication occurs; anyone can access the database).
2. If the server or database has been secured, however, then the client is prompted to enter a name and a password when they try to access that
data. This information is verified by comparing the supplied name and password against the Person document in the Domino Directory and the
Internet password field in that document. If the name and password provided don't match those stored in the Person document, access is
denied. This name and password information is stored in a packet header sent to the server for verification.
3. The Domino server supports the Internet X.509 standard for public key certificates. These certificates are used for secure
Internet transport for SSL and S/MIME (explained in the Secure messaging section below). Additionally, the Notes client
support for Internet protocols allows you to store X.509 certificates in your ID file for use in securing transactions with other
Web servers over SSL, and to sign and encrypt mail to Internet mail users using S/MIME.

II. Authorization : Once getting access to the Server this aspects controls the activity that can
be performed on the Server.
i. Controlling administration of the server : Performing administrative tasks on the Domino server is made easier
through the use of the remote server console. Administrators can change settings, observe situations, or
reboot the Domino server from nearly any Windows NT machine using the Domino Administrator client or a
Web browser. The security to this privilege should be strictly controlled. Domino provides separate settings in
the Server document to control who can perform remote administration either from the Domino Administrator
client or a Web browser.
ii. Monitoring the Server : The Domino server log (log.nsf) provides a play-by-play account of what is happening
on the server. A quick search of this database can tell you if there are security or access concerns. The server
console can also give real-time information about what's happening with the server.
iii. Disabling the OpenServer URL command :The special URL, http://myserver/?OpenServer, generates a page
containing active links to all the databases on the server. Access to this list of all databases is convenient and
useful for administrators or application developers working on a Web site. However, the setting in the Server
document that controls the OpenServer URL command, "Allow HTTP clients to browse databases," is all-or-
nothing. There is no way to limit which users can see the database list or which databases appear on the list.
iv. Securing the Client : The first line of defense for the Notes client is, of course, the user ID and password.
When a Notes client is registered, the user name and appropriate certificates for the organization are stored
in the Notes user ID file. Corresponding certificates for each user are also stored in the Domino Directory.
When the IDs are created during registration, you can define a password as well as the complexity, or quality,
of the password. Passwords with a higher password quality scale rating are more secure than those with a
lower rating. Protecting the ID with a password means that no one can use the ID to access a Domino server
without knowing the password.

Workstation Level Security :
ECL is a very powerful Tool. It can restrict the rights of locally
executing agents/Actions created by others. It also helps in
reducing the Risk of infection by malicious code, since it
allows to restrict who can execute a code locally on Notes
Client.
A Notes workstation ECL can limit the following:
 Access to the file system.
 Access to current database.
 Access to environment variables.
 Access to non-Notes databases.
 Access to external code.
 Access to external programs.
 Ability to send mail.
 Ability to read other databases.
 Ability to modify other databases.
 Ability to export data.
 Access to Workstation Security ECL.
Administration ECL that is stored in the Domino Directory and gets
copied to the user's workstation when the system administrator
registers a new user.
Limitation of ECL : It cannot be managed easily. When a Notes Client is set up on a Workstation for the first time, the ECL is
copied from the Administration ECL defined in the Domino Directory. Subsequently, any changes that you wish to make to the
ECL are not simple and easy to rollout to a large number of users.

Database Level Security (Slide - 1)
• Domino databases are identified by a filename and a replica ID. The
replica ID is unique in each database that is created and is used to
identify each replica copy on multiple servers or workstations for the
purpose of synchronizing the data. When synchronization occurs through
replication, the replica IDs are compared before replication begins.
• Databases are the primary units of storage in Domino. In simple terms, a
Domino database is a collection of related documents stored in a file,
usually with the .nsf extension (which stands for Notes Storage Facility ).
You can store a Domino database file on a server or on a local hard disk
(or both).
• A Domino database is not like a relational database; it is an unstructured
or, at best, semi-structured database. Relational databases, on the other
hand, are structured. In relational databases, a table is defined by its
fields, and each field also is structured (with the exception of Memo fields,
which are similar to Domino rich-text fields).
• Databases are collections of documents; documents contain fields.
Domino doesn't necessarily add disk space when you add a document. If Domino determines that more disk space is needed,
it adds space based on an internal algorithm that can accommodate several new documents. When documents are deleted,
Domino leaves a deletion stub but doesn't immediately release the disk space. These document stubs are important because
they are used to properly replicate the deletions to any other replica copies of the database that exist. Then, after a defined
period of time (90 days, by default), the document stub is deleted. The space left by the deletion of the document or the
deletion stub is referred to as whitespace. The whitespace can be reused by new documents. can compact the database to
remove the whitespace.

• Instead of records, you find notes inside a Domino database. Many
different types of objects in a Domino database are stored as a note.
• The access control list (ACL) of a Domino database is stored in a note,
each form created in a database is stored in a note, each view is a note,
and so on. Some notes have only one instance per database, whereas
others might have multiple instances. The ACL note has only one
instance, whereas there are usually multiple form notes in a database.
• Notes are not related to each other in any way, although the "wrapper" of
a note does provide a label that defines its contents as that of a form,
view, document, and so on.
Difference between Universal ID & Note ID:
• The note ID uniquely identifies a document within a particular database.
• The note ID is an 8-character combination of letters and numbers.
• A note ID represents the location of a document within a specific
database file, so documents which are replicas of one another generally
have different note IDs.
• The universal ID uniquely identifies a document across all replicas of a
database.
• The universal ID is a 32-character combination of hexadecimal digits (0-
9, A-F). Its also known as Document Unique ID.

Note Type Description
Design Collection of all forms, views, pages, and so on.
Info The database help "About Database" document.
Icon The database icon.
Help The "Help “Usi g Data ase" do u e t.
ACL The access control list for the database.
Page Information other than fields. The information can be an embedded element, text, graphics, or hotspots.
Form Note used to enter information into a document and to display a document. A form supplies a template for the layout
of the user interface that you will provide for data input and viewing data.
View Note that contains a list of documents programmatically selected to display specific information in a columnar format.
Folder Note that contains a list of documents selected by the user to display specific information in a columnar format.
Outline A method for providing a navigational structure to an application, through outline entries that can represent views,
documents, other databases, and pages.
Document A data note or record.
Item A field note.
Outline A note that contains the outline information for providing navigation of the database.
Navigator Note that contains an image map for navigational purposes.
Frameset A set of frames or display areas, used to display other design elements and documents whose contents are changed
programmatically.

Note Type Description
Agent A set of instructions or a program that performs specific actions in your application based on a triggered event.
Shared images A storage facility for image files (GIF, JPEG, BMP) that will be reused in other design elements.
Shared files A storage facility for files that will be reused in other design elements.
Shared applets A storage facility for Java applets that will be reused in multiple places within the database.
Subforms A portion of a form that can be embedded in multiple forms within a database.
Shared fields Field definitions that can be reused in multiple forms and subforms.
Script libraries Storage facility for LotusScript and Java that will be reused in multiple places within the database.
Shared actions Programmable hotspots on top of a view or form that can be reused in multiple views or forms.
Database script Programmable events available at the database level.
The Database Access Control List :
Once access is allowed to the server, the server checks
access to the data itself. If the data being requested is
contained in a Notes/Domino database, the first access
point to the database is the Access Control List.
The Access Control List controls access to each Domino
database application. A client's access level can be
different for each application or the administrator can
more universally control access by creating groups of
users and assigning access to the group.

Every database includes an access control list (ACL), which Notes uses to determine the level of access users and servers have to a
database. Levels assigned to users determine the tasks that users can perform on a database. Levels assigned to servers determine
what information within the database the servers can replicate. Only someone with Manager access can modify the ACL. Access
levels for a database. To change an access level for a user, you must have Manager access to the database.
Access level Allows users to Assign to
1 Manager  Delete the database.
 Encrypt the database.
 Modify replication settings.
 Modify the database ACL.
 Perform all tasks allowed by lower access levels.
 Two people who are responsible for the
database. If one person is absent, the
other can manage the database.
2 Designer  Create a full-text search index.
 Modify all database design elements (fields, forms,
views, public agents, the database icon, Using This
Database document, and About This Database
document).
 Perform all tasks allowed by lower access levels
 A database designer and/or the person
responsible for future design updates.
3 Editor  Create documents.
 Edit all documents, including those created by others.
 Read all documents unless there is a Readers field in
the form (you can't edit a document if you can't read it)
 Any user allowed to create and edit
documents in a database.
Exceptions:
 Note Reader access lets you read all documents unless there is a Readers field in the form. Then you can read a document only
if your name is listed in the Readers field on the form. Despite having a Managers Access you will not even know that a
Document Exist.
 Author access, by default, does not include the access level option "Create documents." When you assign Author access to a
user or server, you must also specify the "Create documents" access level privilege. From version 6.0 a user with Editor Access
can also edit a Document if his name is not present in the Authors field.

Access level Allows users to Assign to
4 Author  Create documents.
 Edit the documents where there is an Authors field in the
document and the user is specified in the Authors field.
 Read all documents unless there is a Readers field in the
form.
 Users who need to contribute
documents to a database.
 When possible, use Author access
rather than Editor access to reduce
Replication or Save Conflicts.
5 Reader  Read documents.  Users who only need to read
documents in a database, but not
create or edit documents.
6 Depositor  Create documents.  Users who only need to contribute
documents, but who do not need to
read or edit their own or other users'
documents. For example, use
Depositor access for a ballot box
application.
7 No Access  None, with the exception of options to "Read public
documents" and "Write public documents"
 Terminated users, who do not need
access to the database, or users who
have access on a special basis. Also,
users who do not need access but
are part of a group that does have
access.
 Should be assigned as the default
access to prevent most users from
accessing a confidential database.

User types in the ACL :
 A user type identifies whether a name in the ACL is for a person, server, or group. When you assign a user type
to a name, you specify the type of ID required for accessing the database with that name.
 The user types are Person, Server, Mixed Group, Person Group, Server Group, and Unspecified. The -Default-
group in the ACL is always assigned Unspecified as the user type. If you have added Anonymous to the ACL,
then it should have a user type of Unspecified.
Optional privilege When to select/deselect it
1 Create documents  Select this option for all users with Author access.
 Deselect this option to prevent Authors from adding any more documents. They can continue to read
and edit documents they've already created.
2 Delete documents  Deselect this option if you don't want a user to delete documents, no matter what the access level.
Authors can delete only documents they create. If the document contains an Authors field, Authors
can delete documents only if their name, a group, or a role that contains their name appears in the
Authors field.
3 Create private agents  A user can run agents that perform tasks allowed by the user's assigned access level in the ACL only.
Private agents on server databases take up disk space and processing time on the server, so you may
want to deselect this option to prevent users from creating private agents.
NB: Whether or not a user can run agents depends on the access set by the Domino administrator in
the Agents Restrictions section of the Server document in the Domino Directory. If you select "Create
Lotus Script/Java agents" for a name in the ACL, the Server document controls whether or not the user
can run the agent on the server.
Additional privileges in the access control list
A person with Manager access to a database can select an access level for each person, group, and server and can then enhance
or restrict this level as needed by selecting or deselecting the additional privileges within the access level. Depending on the
access level, some of the following optional privileges are available for you to select or deselect when giving a user access to
your database.

Optional privilege When to select/deselect it
4 Create personal
folders/views
Personal folders and views created on a server are more secure than those created locally, and
they are available on multiple servers. Administrative agents can operate only on folders and
views stored on a server.
Deselect this option to prevent users from creating folders and views on a server, which saves
disk space on the server. They can still create folders and views locally.
5 Create shared
folders/views
Deselect this option to maintain tighter control over database design. Otherwise, a user assigned
this privilege can create folders and views that are visible to others.
6 Create Lotus Script /
Java agents
Lotus Script and Java agents on server databases can take up significant server processing time,
so you may want to restrict which users can run them.
NB: Whether or not a user can run agents depends on the access set by the Domino administrator
in the Agents Restrictions section of the Server document in the Domino Directory. If you select
"Create LotusScript/Java agents" for a name in the ACL, the Server document controls whether or
not the user can run the agent on the server.
7 Read public documents Select this option to allow users to read documents or see views and folders designated as
"Available to Public Access users," an option in the Security tab of the Forms, Views, and Folders
Properties dialog boxes. This option lets you give users with No Access or Depositor access the
ability to view specific documents, forms, views, and folders without giving them Reader access.
In addition, documents that you want available to public access users must contain a field called
$PublicAccess. The $PublicAccess field should be a text field, and its value should be equal to one.
8 Write public documents Select this option to allow users to create and modify documents with forms designated as
"Available to Public Access users" in the Security tab of the Form Properties dialog box. This
option lets you give users create and edit access to specific documents without giving them
Author access, or an equivalent role, and gives users access to create documents from any form
in a database.
9 Replicate or copy
documents
Select this privilege to allow users to replicate or copy the database, or documents from the
database, locally or to the clipboard.

Roles in the ACL:
 A database designer can assign special access to database design elements and database functions by creating roles. A role
defines a set of users and/or servers.
 The difference between a Role & a Group is Groups are not specific to a Database as a group can be present in Multiple
Database AC where as Roles are specific to the database in which they are created.
 You must have Manager access to create roles in the database ACL. You must create a role before you assign it to a name or
group in the ACL. Once you have created roles in an ACL, they are listed in the Roles list box on the Basics panel of the ACL
dialog box. Role names appear in brackets -- for example, [Sales]. When you add an entry to a database ACL, you can assign
them to a role by selecting a role from the Roles list box.
NB: Note If you do not have Manager access to the ACL (meaning that you are not allowed to edit the ACL), the Roles tab does
not appear in the ACL dialog box.
 Roles are specific to a database, you must modify database ACLs on an individual basis in order to assign roles to users.
 In the Domino Administrator you can create, modify, or delete roles for multiple database ACLs, but you cannot assign a
name to a role or remove a name from a role in the ACL or display names assigned to a role, as you can in the Notes client.
To restrict who can The Designer uses What needs to be Done
1 Edit specific Documents Authors Field The Specific Role needs to be added in the Authors Field. The
Role needs to be assigned to the person or Group.
2 Edit specific portions of a
document
The Controlled Access section Need to Write a Formula like @IsMember(@UserRoles;”[AO]”)
3 Read specific documents A Readers field or a read access list
on the Security tab of the
Document Properties dialog box
The Specific Role needs to be added in the Readers Field. The
Role needs to be assigned to the person or Group.
NB: In the Client Server Environment in replica Copies the Roles will not work if the ACL Dialog Box, in the Advance Tab the
Check Box “Enforce consistent Access across all Replicas of Databases” is unchecked.

Enabling Database Encryption:
 An entire database can be encrypted when creating a new database or a new replica of an existing database. When a
database is encrypted locally, it can be opened only by the Notes User ID that was used to encrypt the database.
 Locally encrypting a database is useful for databases that contain sensitive information and are carried on a laptop.
 The database is encrypted and the laptop is stolen, the database cannot be accessed unless the password for the Notes User
ID is known.

Using the ACL log :
 You can display a log of all changes made to a database ACL. Each entry in the list shows when the change occurred, who
made the change, and what changed. The log stores only 20 lines of changes, not the complete history. Only users who have
manager access in the ACL can view the ACL log.
To display an ACL log
1. Make sure that you have Manager access in the
database ACL.
2. From the Domino Administrator Server pane, select
the server that stores the databases.
3. Click Files, and select one or more databases from
the Domino data directory.
4. Choose File - Database - Access Control.
5. Click Log.
6. Highlight a line of log history. To see the complete
text of the log history, look in the field at the bottom
of the dialog box.
7. (Optional) Click Copy to copy the ACL log to the
clipboard so that you can paste it in a document.

Managing database ACLs with the Web Administrator :
The Web Administrator is a utility application that is packaged as an IBM® Lotus® Notes® database (WEBADMIN.NSF). The Web
Administrator lets you add, delete, and modify database ACL entries; change roles; and view the ACL log for all databases on the
server.
To modify database ACLs, you must:
 Have at least Editor access in the Web Administrator ACL. By default, IBM® Lotus® Domino® Full Access Administrators
and Administrators get Manager access in the ACL of the WEBADMIN.NSF when this database is created.
 Have Manager access in the database ACLs of all the databases you want to modify.
 Set the "Maximum Internet name & password access" option on the Advanced panel of the Access Control List dialog box to
Manager on all the databases you want to modify, if you are not using SSL with X.509 client certificates. This option is set to
Manager by default in the WEBADMIN.NSF so you can add more user names to the ACL of the WEBADMIN.NSF from a browser.

Setting Editor Access for Web Browsers :
 Additional ACL setting affects the level of access
that Web clients have to a database. This setting is
found in the Advanced tab of the ACL .
 The Maximum Internet Name & Password field
defaults to Editor, which is actually the highest
level of access that a non-Notes client can have
because the Designer and Manager features aren't
available from a Web browser.
 this property for any databases hosted on a
Domino server running HTTP to ensure that
Internet users can't slip in and gain access to
information they shouldn't see.
 Enforcing a consistent access control list is
helpful for maintaining an access control
list that won't be changed by a user with a
replica copy or another server
administrator.
 This is useful when administration is
decentralized, but the database manager
must have central control over access to
the database

Forms & Views Level Security (Slide - 1)
Firstly we need to understand the Form properties Dialog Box. Then only we can talk about Form Level Security.
The Form Properties Dialog Box has following Tabs:
Tabs Contents
1 Form info Name , Comment, Type, Display, Versions, Options, and Conflict Handling
2 Defaults On Create, On Open , On Close, On Web Access, and Data Source Option
3 Launch Auto Launch and Auto Frame
4 Form Background Color , Graphic or Resource, and Options
5 Header Add Header to Form, Size , and Border
6 Printing Specify Header or Footer (radio button set), Header/Footer Text, Format, and Options
7 Security Read Access, Create Access, Encryption Keys, Disable Printing/Forwarding/Copying to Clipboard, and Public
Access.

Forms & Views Level Security (Slide - 2)(Form Info Tab) :-
• None (default).
• New versions become responses.
• Previous versions become
responses.
• New versions become siblings
Versions
• Available when versioning is changed
from None.
• Manual: File, New Version
• Automatic: File, Save
Create
Versions
Versions
 With version control, each version
of the document is saved.
 Notes controls the manner in
which the document's versions
are saved with the Versioning and
Create Versions fields.
 When a new version becomes a
response, the original document
remains the main document and
is listed first in the view.
 The new version is a response
document and is indented and
listed underneath the original.
Options
Checkbox Name Functionality Details
1 Default Database Form Domino uses the default database form to display documents with
no associated form (the Form field is empty).
2 Store Form in Document Whenever the document is saved, the form is saved with it.
3 Disable Field Exchange This stops documents created with the form from participating in
Notes/FX (Notes Field Exchange)
4 Automatically Refresh Fields This refreshes all fields whenever a change is made to any field
while in edit.
5 Anonymous Form No author information is saved with the document.

Forms & Views Level Security (Slide - 3) (Form Info Tab)
:-
Options
Checkbox Name Functionality Details
6 No Initial Focus When a document is displayed with this setting, there is no initial
focus on the frame containing the document.
7 No Focus on F6 This prevents F6 and Shift+F6 from adding focus to a frame. F6
selects the next frame, and Shift+F6 selects the previous frame
8 Sign Documents That Use This Form ” Digital signatures are enforced when a
document created from the form is saved. This does not work for
Web clients.
9 Render Pass-Thru HTML in
Note
Pass-thru HTML is displayed to Notes clients as it would appear to a
browser client
10 Do Not Add Field Names to
Field Index
Field names are typically stored in a table that permits them to be
seen in various places, such as view columns and actions. Checking
this property prevents the field names for a form from being saved
to the field index
Conflict Handling
Options Conflict Handling section determine what happens:
1 Create Conflicts This is the default selection. Replication conflict documents are
automatically created whenever Notes detects a conflict.
2 Merge Conflicts If a conflict is detected, the documents are merged unless two or
more editors change the contents of the same field. In that case, a
replication or save conflict document is created.
3 Merge/No Conflicts This option merges the conflicts but does not create a replication
conflict document.
4 Do Not Create Conflicts No merge takes place; one document is kept and the conflicting
document is discarded.

Forms & Views Level Security (Slide - 4) (Defaults Tab) :-
Sections Explanation
1  On Create  Formula Inherits Values from Selected document
 Inherit entire selected Document into Rich Text field
A user can set up inheritance from one document to another to retrieve
specific values or to retrieve the entire document into a rich-text field.
Domino is not a relational database, it is not always easy to get information
from other documents.
If you need information from another document in the current document,
you can store it in the new document using inheritance.
Inheritance happens only once ”when the document is composed.
For inheritance to work, the new document must be composed while the
document from which the information is to be inherited is highlighted in a
view or is opened. Inheritance is frequently used between main documents
and response documents, but it can also occur between two main
documents.
It is important to note that if information in the parent document changes,
the information in the child document does not change automatically.
2  On Open  Automatically Enable Edit Mode.
 Show Context pane.
3  On Close  Present mail send Dialog box.
4  On Web Access  The On Web Access section is redesigned in Domino Designer 6. You can
specify the type of content by selecting Notes, HTML, or Other in the
Content Type radio button. Character Set can be used for international
applications. Generate HTML for All Fields allows hidden fields on the form
to participate in a Web client session.
 If you view the HTML source of a document, you'll
find a line similar to the following:
< BODY TEXT ="000000" BGCOLOR ="FFFFFF"
LINK ="0000FF" ALINK ="008080" VLINK
="FF00FF">
 This specifies active links ( ALINK ) as cyan,
unvisited links (LINK) as blue, and visited
links (VLINK) as purple. The values are in
hexadecimal format.
NB: We can achieve point number 1 easily using Formula Language & Lotus Script.

Forms & Views Level Security (Slide - 5) (Security Tab) :-
The last tab, the Security tab, contains advanced properties for the form. The first
two list boxes for read access and create access can be used to enhance author
access to the form. Each of these list boxes provides access to the database ACL,
from which you can choose specific users, groups, or .
There are two Access Levels which we determine :
 Who can create Documents using this Form.
 Who can read Documents created using this Form.
NB:
Note that although a user might have Editor access to the database and the
form, if the user does not have the encryption key, he will not be able to save
the document created with the form.

Forms & Views Level Security (Slide - 6)(Views) :-
Firstly we need to understand the View Types. Then only we can talk about View Level Security.
There are two view styles: Outline and Calendar.
 An Outline view displays documents in a tabular format.
 An Calendar view displays documents in day, week, and month formats.
The Notes All Documents view is an example of a standard Outline view, and your Notes Calendar is an example of a Calendar view. Both can be found in
your mail database. When you create a view, you must specify the type, and you cannot change it. Essentially, there are six types of views:
Types Of views Explanation of each type
1 Shared  Shared is the default view type of view.
 Users with Reader access to the database can create their own private views if given the access through the Create
Personal Folders/Views option in the Access Control List (ACL) for the database.
 Users with Editor access and above can create shared views as long as Create Shared Folders/Views is checked in the
ACL for that user or a group to which the user belongs.
 For designers and managers, it is checked by default.
2 Shared, Contains
Documents Not in Any
Folders
 Speaks for itself.
3 Shared, Contains Deleted
Documents (used with
soft deletions).
 Quite useful for reviewing documents that are marked for deletion before
actually deleting them. To use this properly, you must also set the
database property Allow Soft Deletions, on the Advanced tab.
 In combination with the setting on the same tab titled Soft Delete Expire
Time in Hours, this determines how long deleted documents will remain in
the database before being permanently deleted. Documents in the deleted
view can be undeleted by dragging them to another folder. Alternatively,
you can program a button to accomplish the task.

Forms & Views Level Security (Slide - 7) :-
Types Of views Explanation of each type
4 Shared, Private on First
Use.
 This is useful for displaying a subset of documents unique to individual users. Essentially, this is a design that is
shared, in the sense that it appears to all users ”but when it is first used, it becomes personal to the user.
 The difference between these two views is that one is stored with the database and the other is stored in the
desktop.dsk file.
5 Shared, Desktop Private
on First Use.
6 Private.  Private, is created by the user. If the user has the rights to create private views in the ACL, the private view is stored
on the server. Otherwise, the view is stored in the desktop.dsk file. For this reason, many administrators do not permit
the option Create Personal Views/Folders to be set. Of the six views available, the type you will create most often will
be a shared view.
The View Properties Dialog Box :
There are six tabs on the View properties box.
 View Info (its self Explanatory)
 Options(its self Explanatory)
 Styles
 Launch
 Advanced
 Security
Picture
NB: (We generally don’t use)
 Each time you move to a new document, actions such as hide-when are evaluate.
 Save users some time by letting them create and edit documents at the view level, instead of using
a form.

Advanced Tab
Of View
Property Dialog
Box.
Explanation Each Sections in the Advanced Tab
1 Index  The Index section has settings that control the refresh period of indexes, the
discard period, and the access level for the initial index build. For the most part,
Domino Administrators rather than developers will use these settings.
2 Unread Marks  There are three choices: None, Unread Documents Only, and Standard (Compute
in Hierarchy). If you choose Unread Documents Only, asterisks will appear only
for main and response documents; they will not appear for collapsed categories.
This setting improves performance over Standard, which displays an asterisk for
every document, regardless of its position.
3 ODBC Access  Only one check box exists, Generate Unique Keys in Index. You use this with the
Notes SQL DISTINCT clause to retrieve unique (non duplicate) data from an
ODBC relational data source.
4 Web Access  This section determines how the view will function when accessed from a Web
browser. Choosing the setting Treat View Contents as HTML enables you to fill
contents of the columns with HTML. The HTML displays for Web browsers, and the
Formula language displays for Notes clients . The view applet gives Web browsers
some of the functionality that a standard Notes client has. Clicking the check box
Allow Selection of Documents gives Web browsers the capability to select
documents. As with a Notes client, a check mark appears in the selection margin.
Three options determine what colors display for the active link and unvisited and
visited links in the view.
5 Logging  The setting Include Updates in Transaction Log works in conjunction with
database transaction logging.

 The Security tab (see Figure) controls access to the view. Access is
normally set to All readers and above, but by deselecting this, you can
restrict the readers of a view.
 The window is scrollable and displays the users and groups in the ACL, as
well as the roles for the database.
 The button to the right of the window allows access to the Domino
directory.
 Using roles in conjunction with Author access in the database ACL is a
powerful way to extend editing privileges to certain documents without
giving the user Editor access to the entire database.
 Further extend this control by not allowing certain forms to appear on the
Create menu and using a view with limited access.
 The option Available to Public Access Users works in conjunction with the
ACL properties Read Public Documents and Write Public Documents.

Document Level Security (Slide - 1) :
Document Level Security can be achieved by using Authors & Readers Field.
 Author type data fields on a document can control who is allowed to edit a document once it is created if the user has only
Author level access to the database in the ACL. The designer can hard-code entries in this type of field, create a formula to
determine what entries are placed in this field, or make the field editable and allow the users of the application to determine the
list of people who can edit the document. The latter is helpful if the application is used in a collaborative work environment
where each project/document may need a unique set of editors and that set will be determined when the document is created.
 Reader type data fields are used to determine who can read a document once it is created. Reader fields can refine and override
the setting in the ACL. For example, even if someone has Manager level access to the database in the ACL, if there is a Reader
field in a document and the manager's name isn't in it, the manager won't be able to read the document. If a user's name is not
in a Reader field (and there is at least one entry in that field), the document will not even be visible in any view. This is a very
powerful document security feature. Even if a user has the proper ACL access to open and read a database, they may not be
able to view or access all of the documents in it.
Document Level Security can be achieved by using Signed documents and fields :
 Digital signatures can be attached to entire documents or to fields within a document. A digital signature is the electronic
equivalent of a handwritten signature-a unique block of text that verifies your identity-that is appended to a message. It can be
used to confirm the identity of the sender and the integrity of the message. The block of text is encrypted and decrypted using
public and private keys.
 Sign-enabled fields on a form allow a digital signature to be attached when a document is saved or mailed. Digital signatures
verify that authors are who they say they are and guarantee that the information in the document has not been tampered with.
The private key in a user ID file generates the signature. When a user opens the document containing the signed field, Notes
verifies the signature by comparing it with the author's public key in the Domino Directory. When a sign-enabled field is placed
within a section on a form, the signature appears across the top of the section if the signature can be verified when the
document is opened.

Document Level Security (Slide - 2) :
Document Level Security can be achieved by using Signed documents and fields .
 Again, because signing a document is done using the user's private key (which is stored in the Notes user ID) and verification of
the signature is made by comparing to the user's public key stored in the Domino Directory, signing of fields and documents
(including e-mail) is not available for Web clients.
Document Level Security can be achieved by Preventing edit mode.
 P- A document can programmatically be prevented from being put in Edit mode as it is being opened in the client even if the
user has the appropriate ACL and document access, providing yet another level of security. Programmatic control of Edit mode
does not prevent data from being modified by agents or actions, but it does allow yet another way for designers to control how
a document and its data are handled
Document Level Security can be achieved by Using hide-when’s.
 Portions of text and/or data fields on a document can be hidden from certain users by using hide-when formulas. Although hide-
when’s cannot be classified as a security feature, they may function as "security by obscurity." This is often safe, but it is not
secure. Data hidden with hide-when formulas can be seen from the view or document by accessing a document's properties in
the Notes client, so it's only "secure" as long as the user is ignorant of this ability. Hiding fields or data also does not protect the
data from being modified by agents, actions, or other programmatic access. However, it's a nice feature that allows the designer
to selectively display (or hide) data based on a conditions defined in the formula

Field Level Security (Slide - 1) :
To understand Field Level Security we need to understand the Encryption techniques used in Notes :
 Notes, symmetric encryption is known as secret key encryption, and Domino Designer has features that allow developers to
easily use it for encrypting fields in documents. Users can create secret keys and give these keys names. Applications reference
the keys by their names in a special field called SecretEncryptionKeys. When a document is saved, the keys named in this field
are retrieved from the user's ID file, and all fields marked with a special property are encrypted with those keys.
 Notes uses public key encryption for electronic mail, and Domino Designer also provides developers with the ability to use it for
encrypting fields in documents. Public keys are always associated with users. Applications reference the keys by the users'
names in a special field called PublicEncryptionKeys. When a document is saved, all the user names in this field are located in
the Domino Directory or the user's personal address book, the corresponding keys are retrieved, and all fields marked with a
special property are encrypted with those keys.
Field Level Security can be achieved by using the below methods.
 Field data can be encrypted using encryption keys, which are created by one user and distributed either via e-mail (which
should also be encrypted) or by exporting, distributing, and then importing the key. The keys are stored in the Notes user ID.
When a document that contains encrypted fields is opened for reading or editing, if the necessary keys are present in the user's
ID, the fields in the document are decrypted and the data can be viewed. This is completely seamless to the person accessing
the document.
 Encrypted fields cannot be displayed in a view because they are not decrypted until the document is opened. The encrypted
data cannot be viewed from a document's properties in a view, providing true security, unlike hide-when formulas. Encrypted
fields cannot be read by Web clients because the necessary decryption/encryption keys are stored in the Notes user ID, which is
not used by the Web client.

Implementing field encryption in an application :
To demonstrate both secret key and public key field encryption the
following features:
 The Body field in the Document, Response, and Response To
Response documents can be encrypted.
 Encryption can be done using either public keys or secret
keys.
 Secret keys will be selected from a list maintained in a profile
document.
The Security Options
of a field are on the
Advanced tab of the
Field properties box..
Using Signed Fields:-
Notes documents can be signed if certain conditions are met.
1) A field must have the property Sign If Mailed or Saved in Section
set. however, have multiple signatures if you create a signed field
in multiple controlled-access sections. When a document is
signed, Domino creates a unique electronic signature from the
user's private key. The user 's public key and list of certificates
are also stored in the document in a field called $Signature if the
document is being mailed, or Sig_ Section Name , (where Section
Name is the name of the section field), if the signature is signed
in a section.

NB:
 Unfortunately, field encryption cannot work in Web applications. Encryption support is a Notes client feature. Secret keys are
stored in Notes ID files. Although public keys are stored in the Domino Directory, the private keys that are used to decrypt data
that is encrypted with a public key are also stored in Notes ID files. Browsers don't have the built-in support, and browser users
don't have Notes ID files.
 Domino's encryption is unbreakable, and that is both good and bad.
 Encrypted fields can't be seen in views. For encryption to work, you must hold a Notes ID with the necessary encryption keys.
Without the encryption keys, the fields remain unencrypted.
A default encryption key can be assigned to the
form on the Security tab of the Form properties
box. To assign an encryption key to a form, you
must first hold a key in your ID.
 To save a document with encrypted fields, the
user must possess the key. An encryption key can
be created and distributed from a user ID.
Two types of Notes keys can be created with an
ID: North American and international. Documents
or fields encrypted with North American keys
aren't readable by international users. If there are
international users of your application, you must
create international keys.
 After a field has been encrypted, the document is
still readable by those who don't possess the key
the encrypted fields are simply blank. Users who
possess the key can view, enter, and edit data in
the fields.
Encryptions keys avalable for
document encryption.

Agent Security (Slide - 1) :
Option Description
1 Run as Web user Checking this option specifies the current Web user to be the agent's effective user.
NB: The effective user is the user under whose authority the agent runs. The effective user name will be
used for ACL access rights; rights to create applications, replicas and templates on the server; and as the
mail sender or document author. The effective user rights are not used to determine the operations the agent
is permitted to perform; these are based on the agent signer (the agent owner).
2 Run on behalf of Lets you specify the agent's effective user. Note that restricted signers can run agents only
under the same authority as their own -- they can enter their own name only. Unrestricted
signers and signers with rights to run "On Behalf of anyone" can run agents on behalf of
anyone. Whoever you specify in this field must be included in the ACL of any application being
accessed. If the agent sends mail or creates documents, the name specified here will be the
mail sender or document author.
3 Allow remote debugging Checking this enables the agent to be debugged through a remote debugger. Only LotusScript
can be remotely debugged; however, you can monitor or cancel the execution of agents
written in Java™, formula language, or simple agents.
4 Allow restricted operations Lets users who have unrestricted rights specify whether the agent should run in restricted,
unrestricted, or unrestricted with full administrator rights mode. The default setting is
restricted mode, the safest setting. This option has no effect on users with restricted rights.
5 Allow user activation Checking this box allows users with editor access to enable this agent without affecting its
signature.
6 Default access for viewing and
running this agent
The default level for viewing and running the agent is "All readers and above." You can
deselect this option and choose who you want to have default access for viewing and running
the agent.
7 Allow Public access users to Lets users who have public access to documents in an application view and run the agent.

Domino Directory(Names.nsf) (Slide - 1) :
Domino Directory contains vital information about the users, groups and servers in a Lotus Notes Domino email environment.
Administrators often use the Domino Directory to perform common Domino systems management tasks as well.
The Role of the Domino Directory in Application Security :
 A Domino Directory (names .nsf), formerly known as the Public Name and Address Book (or to we longtime Notes geeks , the
NAB ), defines each Domino domain. The Directory is the single most important database in your Domino environment because
it contains many documents that define every aspect of your Domino environment.
 The information developers need to know concerning the role of the Domino Directory in regard to application security, such as
creating new databases, creating replica databases, and running agents.
Server Documents :
 Server documents define the servers in your Domino environment and control such things as server access, database creation,
security, protocols.

Domino Directory(Names.nsf)
(Slide - 2) (Security Tab)
 The Security tab of a Domino Server document
controls access to the server.
 To create a replica database on a server, you must
be named in the Create Replica Databases field,
which is also found in the Security tab of the
Server document.
 Any time changes are made to these fields, the
server must be restarted. To make it easy to grant
this privilege to individual users, most
administrators create groups such as Domino
Administrators and Domino Developers, and place
the group names in these two fields. Granting a
privilege to an individual is then a simple matter of
adding the individual to the appropriate group,
thus avoiding the need to restart the server.
 In the Security tab of the Server document, the
settings that control the ability to run agents on
the server.
 Developers should be listed in the Run Restricted
LotusScript/Java Agents and the Run Unrestricted
LotusScript/Java Agents fields in the Agent
Restrictions Section.

Domino Directory(Names.nsf) (Slide - 3) (Person Documents)
 The Person document is
created every time a new
user is registered and is
ultimately used to
authenticate both Web and
Notes client users.
 When a user attempts to
access resources on a server,
the server searches the
Person documents in the
Directory in an attempt to
authenticate the user. Among
other things, it contains the
user 's name, password, and
certificates

Domino Directory(Names.nsf) (Slide - 3) (Group Documents)
 Group documents are used
to facilitate access for a
related list of people and are
the preferred way to grant
access to databases.

Importance Of Desktop.dsk (Slide - 1)
 Specifies the location of the
DESKTOP.DSK file used to customize the
Notes workspace. Without this setting in
the NOTES.INI file, Notes uses the
DESKTOP.DSK file in the Notes data
directory to determine how to display
the Notes workspace. The following is a
list of platform-specific uses for
location: For the Macintosh, Desktop
specifies the path. For example:
 Desktop=Notes:Desktop
 For Windows, Desktop specifies a drive
letter, path, and file name.
 For example:
DESKTOP=C:NOTESDESKTOP.DSK

Importance Of Database Templates (Slide - 1)
 Templates are used to manage the distribution of database designs.
 There are essentially two types - database templates and master design templates.
 Database templates are used to create or replace the design of a database application.
 Master design templates, on the other hand, can be used to refresh the design of the database and can be
configured to automatically propagate (through a process called "Inherit Design") database design
changes.
Creating a Database Template :
Database templates can be created both from scratch (just like creating a database) and by copying the design of an existing one
and changing the file extension from .NSF to .NTF. Where NTF stands for Notes Template Facility.
Master Design Templates :
Master design templates, are used to manage incremental enhancements to
the database and automatic propagation of design changes across one or
more database applications. Using a master design template, you can make
changes to a database, verify that the enhancements work as intended, and
have them reviewed by the customer prior to applying them to the live
production database application.
Note :
To ensure that changes to the master template are automatically applied to
the target databases, be sure that all databases are located on the same
Domino server as the master template database

To create a master design template, perform the following steps.
Step 1. Locate the database to be used as the master design in the Lotus Notes client.
Step 2. Select the File > Database Properties menu options. Switch to tab 4 to set the
property values as illustrated in Figure.
Step 3. Select the option Database file is a master template and specify a unique Template.
name text tag.

After a master design template has been established, it can be associated with one or more
databases. Complete the following steps to associate the design with a database.
Step 1. Locate the database to be used as the master design in the Lotus Notes client.
Step 2. Select the File > Database Properties menu options and switch to tab 4 to set the p
property values.
Step 3. Select the Inherit design from master template option and set the template name
in the database properties dialog (see Figure 20.6). Be sure that the template name
exactly matches the master template (as outlined in the previous section).
Configuration is now complete. Design changes will be applied as defined by the
Domino server configuration settings. Alternatively, you can manually force a
database design refresh by selecting either the File > Database > Refresh
Design or Replace Design menu options.

Lotus Notes/Domino RDBMS integration using ODBC (Slide - 1):
Let us start with a case study. The company’s employee information is kept in RDBMS. When a user opens
Employee form in Notes and input employee id as key, the employee details such as name, age, designation etc
are imported from RDBMS.
ODBC stands for Open Database Connectivity developed by Microsoft. It’s a set of APIs where user can access
any RDBMS without relying on vendor specific APIs. The vendors who provide support for ODBC distribute ODBC
drivers which should be installed in windows system. It’s again Microsoft so may not work well in other OS
environments. Some ODBC bridges in other OS like Linux are available which may not be quite stable.
The ODBC driver is required for connecting Lotus Notes with MySQL.
Go to Start–>Settings–>Control Panel–>Administrative Tools–>Data Sources (ODBC). This may be different for other Windows
operating systems like vista. Ensure that your windows user id has got administrative rights. Go to drivers tab and check whether
MySQL ODBC driver is listed.
To create System Data Source Name. Go to System DSN tab and click
Add button. Select MySQL Driver from list and click Finish.

tem Data Source Name. Go to System DSN tab and click Add button. Select MySQL Driver from list and click
Finish. You are prompted to enter DSN details. Let us give mydatasource as Data Source Name. Enter server as
local host since MySQL is installed in our local machine. Enter root in User field and password as password (give
the password you have given during MySQL installation). Select the database mydb from the list. Click on test
button. If everything is Ok, you get “Connection successful” message. Click OK button to save the details. Click
OK to exit from the window.
Let us get into Domino side. LS:DO, Lotus Script Data Object
is a Lotus Script extension providing ODBC classes.
There are mainly 3 classes which are used for ODBC.
 ODBCConnection
 ODBCQuery
 ODBCResultSet

Here I am showing a Flow Chart to Explain how to Update a Record or Insert a Record in the Back end Database:
START
Uselsx “*LSXODBC”
Connect To External RDBMS
using DSN, User ID & Password
Is
Connection
Successful
No
Display On screen :
ERROR “Unable To
connect To The
External RDBMS –
Check Your User ID
or Password ”
END
Yes
Execute an SQL Select
Query To find out if the
Record Exist in External
Database.
Is
Record
Found
Execute a SQL Update
Statement to Update the
relevant Fields of the Record
in the External RDBMS
Execute a SQL Insert
Statement to insert a new
Record in the External RDBMS
Record
Updated
Successfully
Record
Inserted
Successfully
Using The ODBC Connection Class
Using Lotus Script we can Connect
Lotus Notes with any External RDBMS
Like SQL Server, Oracle, DB2…etc.

Here I am showing a Flow Chart to Explain how to Run Procedure from Front End:
START
Uselsx “*LSXODBC”
Connect To External RDBMS
using DSN, User ID & Password
Is
Connection
Successful
No
Display On screen :
ERROR “Unable To
connect To The
External RDBMS –
Check Your User ID
or Password ”
END
Yes
Execute an SQL
Procedure in the Back
End External Database.
Is Record
Set
Available
Update Statement to Update
the relevant Fields of the
Record in the External
RDBMS
Update Fields One By One based
in the lotus Notes database order
the fields are Returned.
The Procedure
Ran Successfully
& has Returned
Multiple Records. The Procedure
Ran Successfully
but it did Not
Returned any
Records.
Using The ODBC Connection Class
Using Lotus Script we can Connect
Lotus Notes with any External RDBMS
Like SQL Server, Oracle, DB2…etc.
Get Row
Count
Is Row
Count
Greater
Than
Number Of
Rows
Returned
Display Message
“All Documents
in the Lotus
Notes Database
are updated”
A
Increment
Row Count
By One

Lotus Notes/Domino RDBMS integration using DECS (Slide - 1):
 DECS stands for Domino Enterprise Connection Services. This product was introduced in Release 4.63 of Notes, and grew out
of a need for real-time access to external data sources on a field-by-field basis. Due to the fact that many applications and
data reside in databases that aren't Domino based, it's important to most companies to be able to gain access to this data in
their Domino applications.
 Real-time access to this data was first made available in Notes Pump, which is mainly used for exchanging large quantities of
information between Domino and back-end systems. Lotus Enterprise Integrator is the new name for Notes Pump. In its
current version, it contains the capabilities for moving large quantities of data, as opposed to the real-time feature of DECS.
 The purpose of DECS is to provide a Notes application with the capability to access, create, update, and delete data from an
external database. The major restriction of DECS is that it's incapable of providing a Notes application with ongoing
synchronization of data that has been added to or deleted from the back-end database through processes other than the
Notes application. For that, you must provide an external method of synchronizing the data using Lotus Enterprise Integrator,
a third-party tool, or the Lotus Script: Data Object (LS:DO).
 The engine for DECS is a separate server task. This process runs on a Domino server, intercepting requests for the external
data and fulfilling those requests. The client can be either a Notes client or a Web browser, and the client does not need a local
connection to the data source that contains the back-end information being retrieved. However, because this is a server task,
the requests cannot be fulfilled if the client is a Notes client and the user is running the application from a local replica unless
the client has access to the back-end data from the server through a defined data source. This is an important fact to consider
when developing applications that could potentially run on a standalone client or for a disconnected user.
 You can create a document and replicate it to the running server with a DECS connection. The DECS server task then sends
any changes that you make to the back end, including the addition of new documents. So, one-way data flow is possible, even
if disconnected. Additionally, if you select the Leave Real-Time Fields in Document option, you can perform full data exchange
when you replicate, but you'll encounter replication and synchronization issues.

 DECS is not only a server process; it also contains a Domino database for setting up and administering the connections and
retrieval of data. This database is known as the DECS Administrator database, and it's created when you install DECS.
 Prior to running DECS, your Domino administrator must set it up to run on the server. Installation of DECS is an option when
installing or upgrading the server. If installed at one of those times, it automatically creates the DECS Administrator database
and starts the DECS task on the server. If DECS has not been installed at the time of a server installation or upgrade, it can be
easily started by the server administrator adding the DECS task to the Notes.ini file in the ServerTasks= line, or it can be
manually started using the Load DECS server command. If DECS is installed separately, you have to create the DECS
Administrator database manually from the template. Additionally, you might have to add EXTMGR_ADDINS=decsext to the
Notes.ini file.
 For DECS to operate , the DECS task must be running on the server. To test DECS, there must also be a DECS Administrator
database on the server with a valid connection document and an activity document that the DECS task is running.
 When installed, the process for using DECS is fairly easy, with wizards that guide you through the process. Three basic steps
are involved:
 Creating a connection to the external data source.
 Creating the Notes application that accesses the external data source.
 Creating a real-time activity that defines the relationship between the Notes application and the external data source.

 The DECS Administrator database
defines all the data connections and
activities that the DECS task can run.

 The DECS Connection document for the
ODBC connection defines which external
data source and Notes database are
connected. .

 The columns available from the available
table are automatically added to the
connection document when the table is
chosen.

Creating the Activity
Activities define what happens when the connection is made to the
external data source. Activities can be created to retrieve
information from a data source and populate a field in a Domino
database or to take the data in a Domino database field and update
the back-end data source. In other words, an activity defines the
relationship between the Domino application and the data source.
So, you're now ready to create an activity. When Create Activity is
chosen from the Navigator pane, the activity form appears, as
shown in Figure. The dialog box that pops up appears every time
you create a new activity unless you turn off the User Assistant from
the Navigator pane.
NOTE :
To turn the User Assistant off, click the Disable Assistant hotspot
label. If you want to turn the User Assistant back on, simply click the
Enable Assistant hotspot label again.

 After you close the dialog box, another one pops up with a list of
Notes Then One has to follow few more Steps to Create a
Successful Connection with the External RDBMS Database.
 Using DECS we get a Structured Table Of all the Documents in the
RDBMS.
 Using DECS we Can Insert a new Document as an Record in The
RDBMS Table.
 Using DECS can Update Multiple Records using Multiple Selected
front End Documents in the RDBMS database Table.
 Using DECS we can send Document Attachment in the BLOB Field in
the RDBMS Table.

Lotus Notes/Domino RDBMS integration A Scenario(Slide - 7):
Vendor
Development
Vendor
Development
proposal
Vendor Details
Quality Control
Department
Quality Control
Information
Quality Control Information
Rejection Of
Finished
Goods based
on Finished
product
specifications
Data Flow Diagram Of
A Chemical Raw
Material Manufacturing
Plant.

 We Presume that the Vendor Details are coming from the Backend ERP System.
 We presume that the Raw Material specification which are to be used for Production comes from the Back
end ERP System.
Presumptions based on which we design
the Work-Flow Diagram in the Next Slide.
Based on the Data Flow Diagram its clearly understood that we can come up with 2 Workflow Applications.
 Vendor Development Proposal.
 Sending Finished Product to the sales Department which do not meet the Required Specifications.

START
Is
Vendor
Details
Present
in the
ERP
System
END
Yes
No
Fetch Vendor Details from
the ERP System
Send a Mail To
the First In-Line
Manager
The Purchase
Department keys in the
Vendor Details
Is Manger
Authentic
Send Mail To The
Next Inline
Manager
Authenticate
the Manager
Manger puts
Comment in
Respective
Managers Section
Is Vendor
Accepted
By Manger
Insert or Update
The Vendor
Details & all the
Manager
Comments in the
ERP System
The Process can
Repeat for n Number
Of Managers.
Finally When
the Vendor Is
AcceptedVendor Development
Proposal Workflow
Diagram.
Fetch
Vendor
Detail
Information
yes

START
END
Yes
No
The QC-Chemist Send
a Mail To the First In-
Line Manager with all
the Specification
The Chemist Keys
Comments about
Specifications Details
Is Manger
Authentic
Send Mail To The
Next Inline
Manager
Authenticate
the Manager
Manger puts
Comment in
Respective
Managers Section
Is
Accepted
By 1st
Inline-
Manager
Insert/Update the
Product Details &
all the Manager
Comments in the
ERP System
The Process can
Repeat for n
Number Of in-line
Managers.
Finally When
the Product Is
Accepted
Workflow Diagram For
Marketing Finished Product
that do not meet the Final
Specifications Of the Quality
Control Department.
Fetch Finished
Product details
that has failed
QC Specification

Lotus Notes Presentation - Please loo into it!!

Lotus Notes Presentation - Please loo into it!!

Recommandé

Recommandé

Contenu connexe

Tendances

Tendances (19)

Similaire à Lotus Notes Presentation - Please loo into it!!

Similaire à Lotus Notes Presentation - Please loo into it!! (20)

Dernier

Dernier (20)

Lotus Notes Presentation - Please loo into it!!