In many organizations, users are still faced with entering multiple passwords and even some configuration data to gain access to their Notes Client, Sametime Client and Connections Plugins.
In this session I will show you how you can provide a secure IBM Notes Client experience without the user entering any configuration data or passwords at all.
Buzzword Bingo for this session: ID Vault, SSO, LTPA, SPNEGO, SAML, Domino Policies, Account Documents, Citrix
When using Notes, iNotes, Sametime and Connections on either Windows or a mobile device, users are confronted with several different passwords and settings they have to enter. In this session I will show you how to setup and configure Notes & Domino so that users do not have to enter passwords or server settings and still get logged into Notes, Sametime and Connections when starting their Notes Client or Browser.Buzzwords for this talk are: SSO, NSL, LTPA, SAML and SPNEGO.
Making the move from rich clients to browsersRahul A. Garg
Standardizing on browser clients presents numerous benefits to many organizations in terms of cost, maintenance, flexibility and ease of use, but making the transition requires thought and planning. Get an understanding of the business drivers supporting standardization on browser clients as well as the unique benefits of making such a move. Learn important architectural and functional differences between the rich client and browser client as well considerations for your server infrastructure and how to optimize performance. Get advice on how to easily extend your existing IBM Notes client based applications out to the world of browser users.
Id111 - IBM Notes Browser Plug-in at Connect 2014rajeshpatil
The document discusses the goals and functionality of IBM Notes Browser Plug-in, which allows IBM Notes applications to run within a web browser without any modifications, providing seamless access to existing Notes/Domino applications and exposing relevant Notes Client functionality in the browser. It also covers how to customize the Notes Browser Plug-in user interface through the creation of browser extensions.
Tip from ConnectED: Notes Goes Cloud: The IBM Notes Browser Plug-in Integrate...SocialBiz UserGroup
At IBM ConnectED last January, speaker Martin Garrels, from GAD eG, presented how GAD and IBM created an innovative solution enabling the IBM Notes Browser Plug-in to work in a fully integrated browser-based workplace. GAD is moving its workplace to a web-based cloud solution, using the power of iNotes, XPages, Connections, WebSphere Portal and the IBM Notes Browser Plug-in. With an IBM Domino infrastructure of about 1900 servers and 65,000 users in a multi-domain environment, GAD serves about 10,000 custom applications. Many applications are web-enabled with XPages technology, but a lot more are legacy applications, which are still in use. To put them in a browser context, the GAD and IBM team overcame many challenges.
For more information, go to the SocialBiz User Group at https://reg.socialbizug.org/
Living in the Web is Easy! Making the Move from Rich Clients to BrowsersRahul A. Garg
The document discusses trends driving organizations to move applications from traditional rich clients to web browsers. It outlines considerations for supporting clients in browsers versus traditional desktop clients. Key application modernization approaches like XPages and the Notes Browser Plugin are covered. Examples are provided of industries making the move to browser-based clients like IBM itself, manufacturers, retailers, and financial organizations. Server optimization techniques and secure access approaches are also summarized. The presentation aims to help organizations understand how to support users with browser-based access to applications rather than requiring local desktop clients.
This document summarizes the key features and enhancements in IBM iNotes 9.0 Social Edition. It provides an overview of the new user interface, improved social integration with IBM Connections, extensibility through Notes widgets and Live Text, calendar updates, and additional usability improvements. System requirements and supported browsers are also outlined. The document is intended to help users understand the new capabilities in this latest release of IBM iNotes.
What's new in iNotes 9.0 Social EditionRahul A. Garg
Come see what's new in IBM iNotes 9.0 Social Edition and the cloud-based SmartCloud Notes web offering, plus hear about our plans for upcoming releases. The iNotes team has been hard at work in turning innovations around OpenSocial and end-user productivity into an experience that will make you and your organization more productive and more responsive. Come check out how these innovations have transformed iNotes and how they benefit the rest of the IBM portfolio, as well as your own projects. As always, this session will be packed with demos of the latest features and previews of future additions. If browser clients are an integral part of your collaborative infrastructure and strategy, then don't miss this session!
The document discusses IBM Notes Browser Plug-in which allows Notes applications to run unmodified in a web browser. The plug-in is installed either standalone or with Notes Client. It provides access to custom applications via browser bookmarks or Notes URLs. New features in version 9.0.1 include Microsoft Windows support, mail template application support, and IBM SmartCloud support. The demo shows a Notes application running inside the browser plug-in similarly to the Notes client and integration with iNotes.
When using Notes, iNotes, Sametime and Connections on either Windows or a mobile device, users are confronted with several different passwords and settings they have to enter. In this session I will show you how to setup and configure Notes & Domino so that users do not have to enter passwords or server settings and still get logged into Notes, Sametime and Connections when starting their Notes Client or Browser.Buzzwords for this talk are: SSO, NSL, LTPA, SAML and SPNEGO.
Making the move from rich clients to browsersRahul A. Garg
Standardizing on browser clients presents numerous benefits to many organizations in terms of cost, maintenance, flexibility and ease of use, but making the transition requires thought and planning. Get an understanding of the business drivers supporting standardization on browser clients as well as the unique benefits of making such a move. Learn important architectural and functional differences between the rich client and browser client as well considerations for your server infrastructure and how to optimize performance. Get advice on how to easily extend your existing IBM Notes client based applications out to the world of browser users.
Id111 - IBM Notes Browser Plug-in at Connect 2014rajeshpatil
The document discusses the goals and functionality of IBM Notes Browser Plug-in, which allows IBM Notes applications to run within a web browser without any modifications, providing seamless access to existing Notes/Domino applications and exposing relevant Notes Client functionality in the browser. It also covers how to customize the Notes Browser Plug-in user interface through the creation of browser extensions.
Tip from ConnectED: Notes Goes Cloud: The IBM Notes Browser Plug-in Integrate...SocialBiz UserGroup
At IBM ConnectED last January, speaker Martin Garrels, from GAD eG, presented how GAD and IBM created an innovative solution enabling the IBM Notes Browser Plug-in to work in a fully integrated browser-based workplace. GAD is moving its workplace to a web-based cloud solution, using the power of iNotes, XPages, Connections, WebSphere Portal and the IBM Notes Browser Plug-in. With an IBM Domino infrastructure of about 1900 servers and 65,000 users in a multi-domain environment, GAD serves about 10,000 custom applications. Many applications are web-enabled with XPages technology, but a lot more are legacy applications, which are still in use. To put them in a browser context, the GAD and IBM team overcame many challenges.
For more information, go to the SocialBiz User Group at https://reg.socialbizug.org/
Living in the Web is Easy! Making the Move from Rich Clients to BrowsersRahul A. Garg
The document discusses trends driving organizations to move applications from traditional rich clients to web browsers. It outlines considerations for supporting clients in browsers versus traditional desktop clients. Key application modernization approaches like XPages and the Notes Browser Plugin are covered. Examples are provided of industries making the move to browser-based clients like IBM itself, manufacturers, retailers, and financial organizations. Server optimization techniques and secure access approaches are also summarized. The presentation aims to help organizations understand how to support users with browser-based access to applications rather than requiring local desktop clients.
This document summarizes the key features and enhancements in IBM iNotes 9.0 Social Edition. It provides an overview of the new user interface, improved social integration with IBM Connections, extensibility through Notes widgets and Live Text, calendar updates, and additional usability improvements. System requirements and supported browsers are also outlined. The document is intended to help users understand the new capabilities in this latest release of IBM iNotes.
What's new in iNotes 9.0 Social EditionRahul A. Garg
Come see what's new in IBM iNotes 9.0 Social Edition and the cloud-based SmartCloud Notes web offering, plus hear about our plans for upcoming releases. The iNotes team has been hard at work in turning innovations around OpenSocial and end-user productivity into an experience that will make you and your organization more productive and more responsive. Come check out how these innovations have transformed iNotes and how they benefit the rest of the IBM portfolio, as well as your own projects. As always, this session will be packed with demos of the latest features and previews of future additions. If browser clients are an integral part of your collaborative infrastructure and strategy, then don't miss this session!
The document discusses IBM Notes Browser Plug-in which allows Notes applications to run unmodified in a web browser. The plug-in is installed either standalone or with Notes Client. It provides access to custom applications via browser bookmarks or Notes URLs. New features in version 9.0.1 include Microsoft Windows support, mail template application support, and IBM SmartCloud support. The demo shows a Notes application running inside the browser plug-in similarly to the Notes client and integration with iNotes.
IBM Notes : Have it your way and make it work for you Vinayak Tavargeri
The exceptional ability to customize IBM Notes to fit your customer or business needs continues with the new IBM Notes 9.x Social Edition.
Learn how to make company-wide changes and tweak Notes to suit your personal work style. We'll show you how to fine-tune your client experience
and improve your productivity by adjusting settings, and we'll offer hidden gems on how to personalize, manage and master the new pieces as well
the new features to enhance the more traditional components.You'll leave brimming with the latest and greatest tips for the latest and greatest
client so you can have it your way and make it wok for you!
IBM Lotus Notes & Domino: The Road Ahead (2008)Davalen LLC
Lotusphere Comes to You 2008: Richmond
Presented by Len Barker, Davalen
Agenda:
-Lotus ® Notes® and Domino® 8 in use today
-Planned Releases
-Lotus Traveler® for mobile access
-New Products
Lotus Protector®
Enterprise Integration with Project “Atlantic”
Lotus Foundations®
-Complete Solutions: Collaboration Beyond E-mail
Lotus Notes And Domino 8.5 Security Comparison 2Sarwar Javaid
This document summarizes critical issues with password authentication, security and management in Lotus Notes and Domino 8.5. It outlines drawbacks of the Notes Shared Login feature and ID vault password recovery. It also discusses limited roaming user capabilities, unsupported password checking and lack of support for Citrix/third party applications. Additionally, it addresses that single sign-on is not available for Domino and browser-based users lack security and usability. The document promotes an alternative password management solution that addresses all of these issues.
This document discusses IBM Notes/Domino activity logging and activity trends. It provides an overview of how to configure activity logging, what types of activities are logged, and how to analyze the log data. It also covers how to use activity trends to view historical trends on user activity, database access, and server load. Examples are given on using the log data to track mail sender IP addresses and database access IP addresses. Tips on troubleshooting large log file sizes and limiting the growth of the activity database are also included.
Lotusphere 2012 - What's next in Lotus Notes & DominoIBM Danmark
IBM presented updates and future plans for Lotus Notes, Domino, iNotes, and Designer. Key points included:
- Upcoming versions will focus on quality, base features for social edition, and common One UI.
- Traveler will add features like enhanced calendar views for Android and improved security.
- iNotes social edition will include embedded experiences, Connections file integration, and improved mobile experiences.
- Designer improvements include JavaScript editing/debugging, multi-user support, and consuming OpenNTF assets on additional platforms.
Traveler is the mobile offering for IBM's messaging platform. At our Connect 2014 conference in Orlando Paul Miller and I discussed our 2013 accomplishments and strategy for 2014 for the Traveler product.
What's new in Mitel MiVoice Business 7.1?denwacomms
The document summarizes new features and enhancements in Mitel MiVoice Business Release 7.1, including:
1) Expanded geographic support with UTF-8 character and Arabic name support.
2) Increased capacity limits for remote directory entries, call conferencing participants, and cluster user capacity.
3) Enhancements to voicemail security, phone key support, and operator console functionality.
AD101: IBM Domino Application Development FuturesEamon Muldoon
IBM presented updates and future plans for application development with Domino and XPages. Key points included:
- Recent fixes and releases for Notes/Domino/Designer and the XPages Extension Library.
- Future plans to add responsive design capabilities using Bootstrap, integrate relational data sources, and improve document encryption and signatures for XPages.
- The source code for the XPages Extension Library is now available on GitHub to encourage community contributions.
- A vision for deploying and running Domino applications on Bluemix was presented, including runtime support, services, and integration with DevOps tools.
IBM Notes and Domino had a productive year in 2015, releasing several updates and new features. Plans for 2016 include bringing the Domino platform to Bluemix to allow XPages applications to be developed and run in the cloud. The IBM Client Access Application will be updated with standalone installation and improved support for commands and themes. IBM SmartCloud Notes and Verse also had a strong year with over 100 updates, new migration, administrator, end-user, and language capabilities. Roadmaps emphasize continued innovation through third-party integration, Watson assistants, and potential on-premises versions of Verse.
Lotusphere 2011: INV105 Messaging and Collaboration StrategyEd Brill
The document discusses IBM's messaging and collaboration strategy and plans for 2011. It provides a summary of IBM's 2010 accomplishments with Lotus Notes, Domino, Symphony, and Protector. Near-term plans for 2011 include maintenance releases for Notes/Domino 8.5x with a focus on quality, consumability, and some new features. The document also outlines a high-level roadmap that includes expanding mobile support and moving Notes/Domino to the cloud, but states future products are not a commitment and plans may change.
This document provides various legal disclaimers and notices for information presented about IBM's Verse product. It states that product plans are subject to change without notice, and limits IBM's liability. It also notes that any statements about IBM's future intent or product plans could change or be withdrawn without notice. Performance data presented may have been obtained in controlled environments and may vary in other settings.
MiVoice Business software versions through timedenwacomms
Here's a summary of features on the Mitel MiVoice Business platform (formally Mitel 3300). Very useful if you are upgrading from quite an old version of Mitel software.
JMP205 From Zero To Mobile Hero - IBM Sametime 8.5.2 Mobile Access Server Ins...Frank Altenburg
This document provides a 17 step process to deploy an IBM Sametime 8.5.2 Proxy Server for mobile access in less than a day. The proxy server allows access to an existing IBM Sametime environment from iOS and Android mobile devices. The steps include installing DB2, the Sametime System Console, and Sametime Proxy Server on a single Windows server. The proxy server connects to the existing Sametime servers and LDAP directory. Upon completion, mobile users can access Sametime features through native iOS and Android apps downloaded from the respective app stores or directly from the proxy server.
IBM Notes Domino & Verse Update (english version)eschwalb
The document discusses upcoming changes and enhancements to IBM Notes and Domino. Key points include:
- IBM Notes 10 will include a 64-bit Notes client for Windows and macOS, with faster updates and a leaner installation.
- New features in Notes 10 include forwarding emails as EML attachments and improved mail sending policies controlled by administrators.
- Notes 10 will also allow delaying or scheduling email delivery instead of immediate sending.
- IBM and HCL have partnered to deliver Domino 10 in 2018 with continued investment in the Notes, Domino, Verse and Sametime portfolio.
- Future roadmaps will focus on application development, user experience, and lowering the total cost of
Foundry Management System Desktop Application Dharmendra Sid
Presentation of Industrial Project Final Semester Department of Computer Science, Shivaji University, Kolhapur in the year March-2012.
Designed & Developed at Kadam Software & Services
The document discusses user management in IBM Connections. It describes how user profiles are stored in LDAP directories and the PeopleDB database. It also discusses how single sign-on is implemented using LTPA cookies and tokens. User authentication can integrate with directories like Active Directory, Domino, and Websphere Identity Management. Procedures are important for handling user leave/returns from maternity or sabbatical.
Tipps zum effizienteren Umgang mit und Empfehlungen zum sicheren Betrieb von ssh(d). Sichere Kommandozeile auch von unterwegs mit Mosh. SSH Zwei-Faktor-Authentifizierung mit “Google Authenticator”.
Feed me, Seymour! Supplemental User Data For IBM Connections ProfilesMartin Leyrer
Presentation given at ICONUK 2016-09-15 in London
If you have tried to map a long office name and adress into the officeName of the PEOPLEDB, you probably stumbled upon the chapter "Supplemental user data for Profiles" in the IBM Connections documentation. What is described as "supplemental tables within the Profiles database" are in fact rather essential tables that can help you with adoption by providing more data within a users profile. Also, their use cuts down on the number of customizations needed as well as providing more information to the Cognos reports.
I will talk you through the countries, departments, organization, enmployee and worklocation tables, how the can be filled with data either through csv files as well as custom assembly lines and how to reference them efficiently. Also we will take a look on what is necessary to expose the additional data in search, business cards and the profile pages.
After this session you should be able to easily and quickly add more data to your IBM Connections profiles.
Buzzword Bingo for this session: fill-scripts, profiles, tdi, csv workplace, address, department, reports, cognos, search.
The latest, ultimative final version, current release, approved, last minute...Martin Leyrer
To offer your customers the best IBM Connections install possible, there are quite a few thing you should at least think about activating. The range of options you should think about spans from enabling the file sync through URL previews to assigning ToDos to multiple people.
We will take you on a tour of free features that you could enable for your users to give them a better Connections experience. You will leave this session with a checklist and links to documentation so you can start implementing right after the session.
Buzzword Bingo for this session: free, hidden settings, free, checlist, additional functionality, free, best practice
Debugging IBM Connections for the Impatient Admin - Social Connections VIIMartin Leyrer
With relational databases, LDAP servers, files shares and a lot of Java components, IBM Connections is a complex environment to install and operate. A diverse set of settings and tools is needed in case something does not work as expected.
In this talk I will present you the “Best Practices” and debugging settings for Connections that will offer additional information quick, in case something goes wrong. Also, I will offer you recommendations for tools your customer should provide you on the server so you can work out any issues efficiently.
Google Authenticator, possible attacks and preventionBoštjan Cigan
This presentation describes Google's Time Based One Time Password authentication scheme and its practical implementation Google Authenticator. It also presents possible attacks and their prevention.
IBM Notes : Have it your way and make it work for you Vinayak Tavargeri
The exceptional ability to customize IBM Notes to fit your customer or business needs continues with the new IBM Notes 9.x Social Edition.
Learn how to make company-wide changes and tweak Notes to suit your personal work style. We'll show you how to fine-tune your client experience
and improve your productivity by adjusting settings, and we'll offer hidden gems on how to personalize, manage and master the new pieces as well
the new features to enhance the more traditional components.You'll leave brimming with the latest and greatest tips for the latest and greatest
client so you can have it your way and make it wok for you!
IBM Lotus Notes & Domino: The Road Ahead (2008)Davalen LLC
Lotusphere Comes to You 2008: Richmond
Presented by Len Barker, Davalen
Agenda:
-Lotus ® Notes® and Domino® 8 in use today
-Planned Releases
-Lotus Traveler® for mobile access
-New Products
Lotus Protector®
Enterprise Integration with Project “Atlantic”
Lotus Foundations®
-Complete Solutions: Collaboration Beyond E-mail
Lotus Notes And Domino 8.5 Security Comparison 2Sarwar Javaid
This document summarizes critical issues with password authentication, security and management in Lotus Notes and Domino 8.5. It outlines drawbacks of the Notes Shared Login feature and ID vault password recovery. It also discusses limited roaming user capabilities, unsupported password checking and lack of support for Citrix/third party applications. Additionally, it addresses that single sign-on is not available for Domino and browser-based users lack security and usability. The document promotes an alternative password management solution that addresses all of these issues.
This document discusses IBM Notes/Domino activity logging and activity trends. It provides an overview of how to configure activity logging, what types of activities are logged, and how to analyze the log data. It also covers how to use activity trends to view historical trends on user activity, database access, and server load. Examples are given on using the log data to track mail sender IP addresses and database access IP addresses. Tips on troubleshooting large log file sizes and limiting the growth of the activity database are also included.
Lotusphere 2012 - What's next in Lotus Notes & DominoIBM Danmark
IBM presented updates and future plans for Lotus Notes, Domino, iNotes, and Designer. Key points included:
- Upcoming versions will focus on quality, base features for social edition, and common One UI.
- Traveler will add features like enhanced calendar views for Android and improved security.
- iNotes social edition will include embedded experiences, Connections file integration, and improved mobile experiences.
- Designer improvements include JavaScript editing/debugging, multi-user support, and consuming OpenNTF assets on additional platforms.
Traveler is the mobile offering for IBM's messaging platform. At our Connect 2014 conference in Orlando Paul Miller and I discussed our 2013 accomplishments and strategy for 2014 for the Traveler product.
What's new in Mitel MiVoice Business 7.1?denwacomms
The document summarizes new features and enhancements in Mitel MiVoice Business Release 7.1, including:
1) Expanded geographic support with UTF-8 character and Arabic name support.
2) Increased capacity limits for remote directory entries, call conferencing participants, and cluster user capacity.
3) Enhancements to voicemail security, phone key support, and operator console functionality.
AD101: IBM Domino Application Development FuturesEamon Muldoon
IBM presented updates and future plans for application development with Domino and XPages. Key points included:
- Recent fixes and releases for Notes/Domino/Designer and the XPages Extension Library.
- Future plans to add responsive design capabilities using Bootstrap, integrate relational data sources, and improve document encryption and signatures for XPages.
- The source code for the XPages Extension Library is now available on GitHub to encourage community contributions.
- A vision for deploying and running Domino applications on Bluemix was presented, including runtime support, services, and integration with DevOps tools.
IBM Notes and Domino had a productive year in 2015, releasing several updates and new features. Plans for 2016 include bringing the Domino platform to Bluemix to allow XPages applications to be developed and run in the cloud. The IBM Client Access Application will be updated with standalone installation and improved support for commands and themes. IBM SmartCloud Notes and Verse also had a strong year with over 100 updates, new migration, administrator, end-user, and language capabilities. Roadmaps emphasize continued innovation through third-party integration, Watson assistants, and potential on-premises versions of Verse.
Lotusphere 2011: INV105 Messaging and Collaboration StrategyEd Brill
The document discusses IBM's messaging and collaboration strategy and plans for 2011. It provides a summary of IBM's 2010 accomplishments with Lotus Notes, Domino, Symphony, and Protector. Near-term plans for 2011 include maintenance releases for Notes/Domino 8.5x with a focus on quality, consumability, and some new features. The document also outlines a high-level roadmap that includes expanding mobile support and moving Notes/Domino to the cloud, but states future products are not a commitment and plans may change.
This document provides various legal disclaimers and notices for information presented about IBM's Verse product. It states that product plans are subject to change without notice, and limits IBM's liability. It also notes that any statements about IBM's future intent or product plans could change or be withdrawn without notice. Performance data presented may have been obtained in controlled environments and may vary in other settings.
MiVoice Business software versions through timedenwacomms
Here's a summary of features on the Mitel MiVoice Business platform (formally Mitel 3300). Very useful if you are upgrading from quite an old version of Mitel software.
JMP205 From Zero To Mobile Hero - IBM Sametime 8.5.2 Mobile Access Server Ins...Frank Altenburg
This document provides a 17 step process to deploy an IBM Sametime 8.5.2 Proxy Server for mobile access in less than a day. The proxy server allows access to an existing IBM Sametime environment from iOS and Android mobile devices. The steps include installing DB2, the Sametime System Console, and Sametime Proxy Server on a single Windows server. The proxy server connects to the existing Sametime servers and LDAP directory. Upon completion, mobile users can access Sametime features through native iOS and Android apps downloaded from the respective app stores or directly from the proxy server.
IBM Notes Domino & Verse Update (english version)eschwalb
The document discusses upcoming changes and enhancements to IBM Notes and Domino. Key points include:
- IBM Notes 10 will include a 64-bit Notes client for Windows and macOS, with faster updates and a leaner installation.
- New features in Notes 10 include forwarding emails as EML attachments and improved mail sending policies controlled by administrators.
- Notes 10 will also allow delaying or scheduling email delivery instead of immediate sending.
- IBM and HCL have partnered to deliver Domino 10 in 2018 with continued investment in the Notes, Domino, Verse and Sametime portfolio.
- Future roadmaps will focus on application development, user experience, and lowering the total cost of
Foundry Management System Desktop Application Dharmendra Sid
Presentation of Industrial Project Final Semester Department of Computer Science, Shivaji University, Kolhapur in the year March-2012.
Designed & Developed at Kadam Software & Services
The document discusses user management in IBM Connections. It describes how user profiles are stored in LDAP directories and the PeopleDB database. It also discusses how single sign-on is implemented using LTPA cookies and tokens. User authentication can integrate with directories like Active Directory, Domino, and Websphere Identity Management. Procedures are important for handling user leave/returns from maternity or sabbatical.
Tipps zum effizienteren Umgang mit und Empfehlungen zum sicheren Betrieb von ssh(d). Sichere Kommandozeile auch von unterwegs mit Mosh. SSH Zwei-Faktor-Authentifizierung mit “Google Authenticator”.
Feed me, Seymour! Supplemental User Data For IBM Connections ProfilesMartin Leyrer
Presentation given at ICONUK 2016-09-15 in London
If you have tried to map a long office name and adress into the officeName of the PEOPLEDB, you probably stumbled upon the chapter "Supplemental user data for Profiles" in the IBM Connections documentation. What is described as "supplemental tables within the Profiles database" are in fact rather essential tables that can help you with adoption by providing more data within a users profile. Also, their use cuts down on the number of customizations needed as well as providing more information to the Cognos reports.
I will talk you through the countries, departments, organization, enmployee and worklocation tables, how the can be filled with data either through csv files as well as custom assembly lines and how to reference them efficiently. Also we will take a look on what is necessary to expose the additional data in search, business cards and the profile pages.
After this session you should be able to easily and quickly add more data to your IBM Connections profiles.
Buzzword Bingo for this session: fill-scripts, profiles, tdi, csv workplace, address, department, reports, cognos, search.
The latest, ultimative final version, current release, approved, last minute...Martin Leyrer
To offer your customers the best IBM Connections install possible, there are quite a few thing you should at least think about activating. The range of options you should think about spans from enabling the file sync through URL previews to assigning ToDos to multiple people.
We will take you on a tour of free features that you could enable for your users to give them a better Connections experience. You will leave this session with a checklist and links to documentation so you can start implementing right after the session.
Buzzword Bingo for this session: free, hidden settings, free, checlist, additional functionality, free, best practice
Debugging IBM Connections for the Impatient Admin - Social Connections VIIMartin Leyrer
With relational databases, LDAP servers, files shares and a lot of Java components, IBM Connections is a complex environment to install and operate. A diverse set of settings and tools is needed in case something does not work as expected.
In this talk I will present you the “Best Practices” and debugging settings for Connections that will offer additional information quick, in case something goes wrong. Also, I will offer you recommendations for tools your customer should provide you on the server so you can work out any issues efficiently.
Google Authenticator, possible attacks and preventionBoštjan Cigan
This presentation describes Google's Time Based One Time Password authentication scheme and its practical implementation Google Authenticator. It also presents possible attacks and their prevention.
CAP offers easy-to-deploy analytics API on cloud for security, devops and sysadmins. CAP helps you to identify noteworthy items in huge data sets: uncover indications of security threats, service failures and other odd events, increasing the business value of your data. CAP is a non-signature based detection of anomalies. Rules, fingerprints and blacklists are based on historical information whereas CAP can detect previously unknown threats.
This document summarizes a presentation on API and data security. The agenda includes introductions of the speaker and organizers, an overview of API security threats and vulnerabilities, and demonstrations of OAuth, JWT, cryptography techniques for data encryption, and API security policies. The presentation covers best practices for API security such as enabling HTTPS, using OAuth and JWT for authentication, restricting payload sizes to prevent DDoS attacks, and applying API policies for rate limiting and threat protection. It also demonstrates client management and identity management use cases using OpenID Connect and SAML with Okta.
In this presentation we'll explore the latest developments in MuleSoft's Anypoint Code Builder IDE and how it can help streamline your integration projects. We'll also dive into the exciting world of Splunk and demonstrate how to efficiently push your application logs to Splunk for real-time analysis and troubleshooting.
This document provides an overview and agenda for training on SAP Netweaver Gateway. It discusses the introduction to Gateway, deployment options, REST, OData, and how to create OData services from BOR and RFC functions. It covers the Gateway service builder, architecture, and development life cycle. It also discusses technical skills required and how to query OData services. The training will cover creating OData services using the service builder, BOR/RFC generator, and operations like retrieving, creating, updating and deleting entities.
This document discusses best practices for log monitoring. It recommends developing a logging policy to determine what information to collect, centralizing log collection on a dedicated secure server, normalizing log formats, regularly reviewing logs both manually and automatically, implementing log rotation policies based on volume and retention requirements, and using monitoring tools to analyze logs.
RESTful services on IBM Domino/XWork (SUTOL 11 Nov. 2015 in Prague)John Dalsgaard
Loose coupling of systems is key to future development! Why? Because it will allow us to change the "components" as we go along instead of creating monster big systems that are tied together using all sorts of different technologies. Webservices have been a way to obtain this over the last decade. More recently a special variant has become very popular, namely the JSON based REST service. Imagine you could extend your data out to the world outside your Domino environment? - in an easy way....! And imagine those data could easily be incorporated into other systems via standardized interfaces... Could that extend the value of your current systems further? Could this be a way to use new technologies to modernize your users' experience of working with your systems? Come and take away knowledge about how to open your Domino/XWork based systems up to the world outside using JSON based REST services. They are going to be key to future development in Domino/XWork - whether you want to use data in browser solutions (e.g. based on angular.js or ExtJS) or native mobile apps (built in whatever technology is best).
Solutions to reduce Total Cost of Setup (TCS) and simplify your life! - #iJac...Andrea Fontana
- The document introduces Cracker Jack 1.0, a suite of automated installation tools called "iJack" for simplifying the installation and configuration of IBM collaboration products like Connections and Portal.
- iJack allows users to define server and package locations, choose components, and have the installation executed automatically with minimal setup time. It aims to standardize installations and reduce maintenance costs.
- The first iJack modules will be for Portal and Connections on Windows, Linux, and AIX platforms. The goal is to optimize the installation process and move customer spending from setup to projects.
MuleSoft Surat Virtual Meetup#19 - Identity and Client Management With MuleSoftJitendra Bafna
This document summarizes an event about identity and client management with MuleSoft. The agenda includes an introduction to API security, discussions of identity management using SAML and OpenID Connect, client management using dynamic client registration, and a live demonstration. The organizers are Jitendra Bafna from Capgemini and Nitish Jain from IBM, both with experience in integration and APIs. The speaker is also Jitendra Bafna. The event aims to help attendees understand how to secure APIs and manage user identities and clients when working with MuleSoft technologies.
Identity Summit UK: STATELESS SESSIONS AND MANAGING HIGH-VOLUME DIGITAL SERVICESForgeRock
ANDY HALL, DIRECTOR OF PRODUCT MANAGEMENT, FORGEROCK
With identity moves beyond simple users and web apps to also include devices and things, the volume of identities to manage grows exponentially. Identity deployments are now asked to support over a hundred million identities. In this session, Andy will discuss the exploding requirements for scale and how to meet them.
Customer Scale: Stateless Sessions and Managing High-Volume Digital ServicesForgeRock
Rob Wapshott, Sr Software Developer, ForgeRock:
When identity moves beyond simple users and web apps to also include devices and things, the
volume of identities to manage grows exponentially. Identity deployments are now asked to support
over a hundred million identities. In this session, Rob will discuss the exploding requirements for
scale and how to meet them.
Key components of the Enterprise Mobility Suite are Azure AD Premium, Windows Intune and Azure Rights Management. Learn not only what the Microsoft Enterprise Mobility Suite is, but also how one can deploy it in an enterprise organization. During this session, you will gain the knowledge to optimize the adoption of IT, BYOD and SaaS as the core cloud solution components. Key concepts that will be covered are identity and access management, mobile device management and data protection.
Eduardo Silva is an open source engineer at Treasure Data who works on Fluentd and FluentBit projects. FluentBit is a lightweight log collector for embedded Linux applications and IoT devices. It has built-in system metrics collection and supports custom inputs and outputs using msgpack serialization. FluentBit integrates with Fluentd for log aggregation and is designed to have low resource usage for constrained environments. The roadmap includes adding a library mode and more supported sensors.
The document summarizes an event held by the Patna MuleSoft Meetup Group to discuss integrating SAP and MuleSoft using IDoc. The agenda included an overview of SAP, MuleSoft connectivity to SAP, configuring IDoc communication, a demo, common issues and Q&A. The speaker discussed SAP integration challenges, MuleSoft connectors for SAP, IDoc structure, useful SAP transaction codes, and configuration setup on the SAP and MuleSoft sides.
How automate your SAP PI/PO/CPI and API management processesDaniel Graversen
This document discusses SAP integration tools and processes. It outlines common problems with SAP integration development, testing, governance, monitoring and support. It then introduces the Figaf tool, which aims to automate and simplify these areas of SAP integration. The document discusses how Figaf can help with development workflows, change management, testing, support ticket handling and more. It also covers the Figaf installation options, pricing, and roadmap for additional features.
FIDO Enablement Workshop: How to FIDO-enable web applications using FIDO prot...FIDO Alliance
Tutorial on how to FIDO-enable web applications using U2F. Backed by FIDO members who have implemented FIDO specifications and/or FIDO-enabled web-applications.
From FIDO Alliance Seminar in Washington, D.C., October, 2015.
The wait is over! ForgeRock is releasing shiny new versions of all solution areas of the ForgeRock Identity Platform. To give you a preview on what’s coming, join this webinar to hear directly from the Product Managers what’s new in:
Access Management
Identity Management
Directory Services
Identity Gateway
Shared Services
Learn more about ForgeRock Access Management:
https://www.forgerock.com/platform/access-management/
Learn more about ForgeRock Identity Management:
https://www.forgerock.com/platform/identity-management/
IBM Domino 9.0 Social Edition OpenSocial Component DeploymentRahul A. Garg
The document provides instructions for deploying and configuring IBM Domino 9.0 Social Edition's OpenSocial Component. It describes installing the component on Domino servers, creating necessary databases like the widget catalog and credential store, configuring account and policy settings, and verifying the setup. Key steps include installing the OpenSocial Component installer on Domino, creating and configuring the widget catalog and credential store databases, setting up a managed account, and configuring desktop and security policy settings.
Nagios Conference 2013 - Sam Lansing - Getting Started With Incident Manager ...Nagios
This document provides an overview and introduction to Nagios Incident Manager (IM) and Nagios Network Analyzer (NNA). It discusses how IM bridges the gap between Nagios monitoring and help desk ticketing to allow alerts to automatically create tickets. It also outlines basic features of NNA for network monitoring and analysis including tracking netflow samples, custom queries, and integration with Nagios monitoring. The presenter encourages attendees to try the free 60-day trials of IM and NNA to explore their capabilities and interfaces.
Social Connections VI -- Customizing Connections Profiles to Provide a Compan...Martin Leyrer
Connections and especially Connections Profiles are very customizable. I will show you, based on the work my colleagues and I did for a customer, why, what and how you can customize the TDI assembly lines and the Connections Profiles user interface to provide your customers with a profiles experience adapted to their expectations (including leading and trailing titles, customized hierarchy trees, additional fields, imported rich text, etc.).
Social Conndections VI -- Debugging IBM Connections During Install And OperationMartin Leyrer
With relational databases, LDAP servers, files shares and a lot of Java components, IBM Connections is a complex environment to install and operate. A diverse set of settings and tools is needed in case something does not work as expected.
In this talk I will present you the debugging settings for Connections that will offer additional information quickly, in case something goes wrong. Also, there will be recommendations for tools your customer should provide you on the server so you can work out any issues efficiently.
"Was, SSH kann auch das?" @ Linuxwochen Wien 2013Martin Leyrer
Tipps zum effizienteren Umgang mit und Empfehlungen zum sicheren Betrieb von ssh(d). Sichere Kommandozeile auch von unterwegs mit Mosh. SSH Zwei-Faktor-Authentifizierung mit “Google Authenticator”.
Slides von den Linuxwochen 2013.
Digitools: Sicherheit im Netz
Sowohl Internet wie auch das World Wide Web werden immer integriertere Bestandteile unseres Lebens. Jedoch sollte man im virtuellen Leben einige grundlegende Details beachten, um problemfrei die Vorteile der Online-Angebote nutzen zu können.
So wie z.B. das regelmäßige Service des Autos oder das Versperren der Haustüre zu den Selbstverständlichkeiten des täglichen Lebens gehören, so sollte man auch seinen Rechner „versperren“ und regelmäßig einer Überprüfung unterziehen.
Um „sicher“ im Netz unterwegs zu sein, genügt es jedoch nicht nur, eine Software zu installieren. Ein prüfender Blick auf die diversen Angebote und deren Nutzungsbedingungen gehören genauso dazu, wie ein kritischer Blick darauf, welche Daten von den verschiedenen Diensten überhaupt gesammelt werden.
Während es in manchen Situationen wichtig ist, genau zu wissen, mit wem man online kommuniziert und wie man dessen Identität - etwa bei signierten E-Mails - überprüfen kann, so ist es – etwa im Rahmen einer Recherche – manchmal von Vorteil, wirklich anonym im Netz unterwegs zu sein.
All diese Themen wollen wir im Rahmen des Workshops „Digitools: Sicherheit im Netz“ aufgreifen und Ihnen praxisorientiert zeigen, wie sie sicher surfen, vertrauliche E-Mails schreiben oder anonym kommunizieren können.
Der dreistündige Workshop ist in drei Teile (mit zwei Pausen zu je 15 Minuten) gegliedert und bietet zwischendurch auch ausreichend Zeit für Fragen und Diskussionen.
Teil 1 – Sicher Online
Firewall, Virenscanner, Einstellungen – Was sollte ich beachten, wenn ich „sicher“ surfen will. Welche Einstellungen sollte ich in meinem Browser ändern, wie schütze ich mich vor Spyware und Drive-By Downloads. Sind Cookies nun gut oder böse, wie kann ich diese einfacher verwalten. Wie kann ich „sicher“ Online-Banking und andere Online-Angebote nutzen.
Teil 2 – Vertrauen ist gut, ...
Wie kann ich mich relativ gefahrlos in Sozialen Netzwerken bewegen. Was sollte ich im Umgang mit den diversen Anwendungen dieser Netzwerke beachten. Wann und wem darf ich meine Passwörter bekannt geben, wer verbirgt sich eigentlich hinter dieser Site, udgl.
Teil 3 – Black Helicopter Alert
Wirklich anonym über das Internet zu kommunizieren, ist ein Anspruch, den nicht nur die Anhänger von Verschwörungstheorien für sich in Anspruch nehmen können. Auch Anwälte, Unternehmen sowie Personen wie Du und ich wollen oder müssen immer wieder im Web surfen oder kommunizieren können, ohne Spuren zu hinterlassen. Aber auch das Löschen von Accounts in diversen Netzwerken oder Diensten ist nicht immer so einfach, wie man sich das vorstellt.
Im letzten Teil des Workshops widmen wir uns den „schwarzen Künsten“ des Internets wie etwa dem Tor Netzwerk oder jenen „offenen Proxies“ um solche Inhalte sehen zu können, die vor uns verborgen werden.
Accessible Websites With Lotus Notes/Domino, presented at the BLUG day event,...Martin Leyrer
EU-Legislation demands 'accessible' websites, often leaving details or exact specifications on what that means out. In this session, we will have a look at the most often cited 'specifications', the Web Content Accessibility Guidelines (WCAG) 1.0 and 2.0 and how to interpret them. I will show a few free tools that can help a Notes Developer to asses what needs to be done to make a website 'compliant'. And of course I will offer quick tips and easy to implement 'hacks' to make an existing web application more 'accessible', sharing along the way a few best practices and experiences from the work I have done so far.
Effiziente Fehlersuche In Web 2.0 Anwendungen - Graz EditionMartin Leyrer
Moderne Anwendungen bestehen nicht mehr aus ein wenig HTML sowie Code am Server. Cascading Style Sheets (CSS), JavaScript und AJAX machen die Anwendungen einerseits benutzerfreundlicher, andererseits auch schwerer zu entwickeln und zu pflegen. Mit dem Open Source Browser Firefox und einer Handvoll von Open Source Plug-Ins kann sich der Entwickler sein Leben aber deutlich einfacher machen. Diese Session behandelt Firefox-Erweiterungen, die sich in der Praxis bei der Entwicklung großer Web 2.0 Anwendungen bewährt haben. Gezeigt werden "am lebenden Objekt" unter anderem die Webdeveloper Toolbar sowie Firebug. Der Bogen der vorgestellten Tools erstreckt sich aber noch weiter und beinhaltet u.a. Sicherheitschecks, WAI-Tools und noch viel mehr.
Open Source und Free Software unter WindowsMartin Leyrer
Die erste Assoziation zu Open Source und Freier Software ist oft eine GNU/Linux Distribution. Viele Anwender scheuen aber aufgrund der (vermuteten) Komplexität vor einem Wechsel auf das neue Betriebssystem zurück.
In diesem Talk möchte ich zeigen, dass man auch unter Windows eine Vielzahl von Open Source Anwendungen und Freie Software im täglichen Umgang mit dem PC einsetzen und so den sanfteren Wechsel zu einem freien Betriebssystem vorbereiten kann.
Effiziente Fehlersuche in Web 2.0 AnwendungenMartin Leyrer
Moderne Anwendungen bestehen nicht mehr aus ein wenig HTML sowie Code am Server. Cascading Style Sheets (CSS), JavaScript und AJAX machen die Anwendungen einerseits benutzerfreundlicher, andererseits auch schwerer zu entwickeln und zu pflegen. Mit dem Open Source Browser Firefox und einer Handvoll von Open Source Plug-Ins kann sich der Entwickler sein Leben aber deutlich einfacher machen. Diese Session behandelt Firefox-Erweiterungen, die sich in der Praxis bei der Entwicklung großer Web 2.0 Anwendungen bewährt haben. Gezeigt werden "am lebenden Objekt" unter anderem die Webdeveloper Toolbar sowie Firebug. Der Bogen der vorgestellten Tools erstreckt sich aber noch weiter und beinhaltet u.a. Sicherheitschecks, WAI-Tools und noch viel mehr.
Taking AI to the Next Level in Manufacturing.pdfssuserfac0301
Read Taking AI to the Next Level in Manufacturing to gain insights on AI adoption in the manufacturing industry, such as:
1. How quickly AI is being implemented in manufacturing.
2. Which barriers stand in the way of AI adoption.
3. How data quality and governance form the backbone of AI.
4. Organizational processes and structures that may inhibit effective AI adoption.
6. Ideas and approaches to help build your organization's AI strategy.
Digital Banking in the Cloud: How Citizens Bank Unlocked Their MainframePrecisely
Inconsistent user experience and siloed data, high costs, and changing customer expectations – Citizens Bank was experiencing these challenges while it was attempting to deliver a superior digital banking experience for its clients. Its core banking applications run on the mainframe and Citizens was using legacy utilities to get the critical mainframe data to feed customer-facing channels, like call centers, web, and mobile. Ultimately, this led to higher operating costs (MIPS), delayed response times, and longer time to market.
Ever-changing customer expectations demand more modern digital experiences, and the bank needed to find a solution that could provide real-time data to its customer channels with low latency and operating costs. Join this session to learn how Citizens is leveraging Precisely to replicate mainframe data to its customer channels and deliver on their “modern digital bank” experiences.
"Frontline Battles with DDoS: Best practices and Lessons Learned", Igor IvaniukFwdays
At this talk we will discuss DDoS protection tools and best practices, discuss network architectures and what AWS has to offer. Also, we will look into one of the largest DDoS attacks on Ukrainian infrastructure that happened in February 2022. We'll see, what techniques helped to keep the web resources available for Ukrainians and how AWS improved DDoS protection for all customers based on Ukraine experience
Dandelion Hashtable: beyond billion requests per second on a commodity serverAntonios Katsarakis
This slide deck presents DLHT, a concurrent in-memory hashtable. Despite efforts to optimize hashtables, that go as far as sacrificing core functionality, state-of-the-art designs still incur multiple memory accesses per request and block request processing in three cases. First, most hashtables block while waiting for data to be retrieved from memory. Second, open-addressing designs, which represent the current state-of-the-art, either cannot free index slots on deletes or must block all requests to do so. Third, index resizes block every request until all objects are copied to the new index. Defying folklore wisdom, DLHT forgoes open-addressing and adopts a fully-featured and memory-aware closed-addressing design based on bounded cache-line-chaining. This design offers lock-free index operations and deletes that free slots instantly, (2) completes most requests with a single memory access, (3) utilizes software prefetching to hide memory latencies, and (4) employs a novel non-blocking and parallel resizing. In a commodity server and a memory-resident workload, DLHT surpasses 1.6B requests per second and provides 3.5x (12x) the throughput of the state-of-the-art closed-addressing (open-addressing) resizable hashtable on Gets (Deletes).
For the full video of this presentation, please visit: https://www.edge-ai-vision.com/2024/06/how-axelera-ai-uses-digital-compute-in-memory-to-deliver-fast-and-energy-efficient-computer-vision-a-presentation-from-axelera-ai/
Bram Verhoef, Head of Machine Learning at Axelera AI, presents the “How Axelera AI Uses Digital Compute-in-memory to Deliver Fast and Energy-efficient Computer Vision” tutorial at the May 2024 Embedded Vision Summit.
As artificial intelligence inference transitions from cloud environments to edge locations, computer vision applications achieve heightened responsiveness, reliability and privacy. This migration, however, introduces the challenge of operating within the stringent confines of resource constraints typical at the edge, including small form factors, low energy budgets and diminished memory and computational capacities. Axelera AI addresses these challenges through an innovative approach of performing digital computations within memory itself. This technique facilitates the realization of high-performance, energy-efficient and cost-effective computer vision capabilities at the thin and thick edge, extending the frontier of what is achievable with current technologies.
In this presentation, Verhoef unveils his company’s pioneering chip technology and demonstrates its capacity to deliver exceptional frames-per-second performance across a range of standard computer vision networks typical of applications in security, surveillance and the industrial sector. This shows that advanced computer vision can be accessible and efficient, even at the very edge of our technological ecosystem.
Programming Foundation Models with DSPy - Meetup SlidesZilliz
Prompting language models is hard, while programming language models is easy. In this talk, I will discuss the state-of-the-art framework DSPy for programming foundation models with its powerful optimizers and runtime constraint system.
Main news related to the CCS TSI 2023 (2023/1695)Jakub Marek
An English 🇬🇧 translation of a presentation to the speech I gave about the main changes brought by CCS TSI 2023 at the biggest Czech conference on Communications and signalling systems on Railways, which was held in Clarion Hotel Olomouc from 7th to 9th November 2023 (konferenceszt.cz). Attended by around 500 participants and 200 on-line followers.
The original Czech 🇨🇿 version of the presentation can be found here: https://www.slideshare.net/slideshow/hlavni-novinky-souvisejici-s-ccs-tsi-2023-2023-1695/269688092 .
The videorecording (in Czech) from the presentation is available here: https://youtu.be/WzjJWm4IyPk?si=SImb06tuXGb30BEH .
How information systems are built or acquired puts information, which is what they should be about, in a secondary place. Our language adapted accordingly, and we no longer talk about information systems but applications. Applications evolved in a way to break data into diverse fragments, tightly coupled with applications and expensive to integrate. The result is technical debt, which is re-paid by taking even bigger "loans", resulting in an ever-increasing technical debt. Software engineering and procurement practices work in sync with market forces to maintain this trend. This talk demonstrates how natural this situation is. The question is: can something be done to reverse the trend?
AppSec PNW: Android and iOS Application Security with MobSFAjin Abraham
Mobile Security Framework - MobSF is a free and open source automated mobile application security testing environment designed to help security engineers, researchers, developers, and penetration testers to identify security vulnerabilities, malicious behaviours and privacy concerns in mobile applications using static and dynamic analysis. It supports all the popular mobile application binaries and source code formats built for Android and iOS devices. In addition to automated security assessment, it also offers an interactive testing environment to build and execute scenario based test/fuzz cases against the application.
This talk covers:
Using MobSF for static analysis of mobile applications.
Interactive dynamic security assessment of Android and iOS applications.
Solving Mobile app CTF challenges.
Reverse engineering and runtime analysis of Mobile malware.
How to shift left and integrate MobSF/mobsfscan SAST and DAST in your build pipeline.
Discover top-tier mobile app development services, offering innovative solutions for iOS and Android. Enhance your business with custom, user-friendly mobile applications.
HCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAUpanagenda
Webinar Recording: https://www.panagenda.com/webinars/hcl-notes-und-domino-lizenzkostenreduzierung-in-der-welt-von-dlau/
DLAU und die Lizenzen nach dem CCB- und CCX-Modell sind für viele in der HCL-Community seit letztem Jahr ein heißes Thema. Als Notes- oder Domino-Kunde haben Sie vielleicht mit unerwartet hohen Benutzerzahlen und Lizenzgebühren zu kämpfen. Sie fragen sich vielleicht, wie diese neue Art der Lizenzierung funktioniert und welchen Nutzen sie Ihnen bringt. Vor allem wollen Sie sicherlich Ihr Budget einhalten und Kosten sparen, wo immer möglich. Das verstehen wir und wir möchten Ihnen dabei helfen!
Wir erklären Ihnen, wie Sie häufige Konfigurationsprobleme lösen können, die dazu führen können, dass mehr Benutzer gezählt werden als nötig, und wie Sie überflüssige oder ungenutzte Konten identifizieren und entfernen können, um Geld zu sparen. Es gibt auch einige Ansätze, die zu unnötigen Ausgaben führen können, z. B. wenn ein Personendokument anstelle eines Mail-Ins für geteilte Mailboxen verwendet wird. Wir zeigen Ihnen solche Fälle und deren Lösungen. Und natürlich erklären wir Ihnen das neue Lizenzmodell.
Nehmen Sie an diesem Webinar teil, bei dem HCL-Ambassador Marc Thomas und Gastredner Franz Walder Ihnen diese neue Welt näherbringen. Es vermittelt Ihnen die Tools und das Know-how, um den Überblick zu bewahren. Sie werden in der Lage sein, Ihre Kosten durch eine optimierte Domino-Konfiguration zu reduzieren und auch in Zukunft gering zu halten.
Diese Themen werden behandelt
- Reduzierung der Lizenzkosten durch Auffinden und Beheben von Fehlkonfigurationen und überflüssigen Konten
- Wie funktionieren CCB- und CCX-Lizenzen wirklich?
- Verstehen des DLAU-Tools und wie man es am besten nutzt
- Tipps für häufige Problembereiche, wie z. B. Team-Postfächer, Funktions-/Testbenutzer usw.
- Praxisbeispiele und Best Practices zum sofortigen Umsetzen
Skybuffer SAM4U tool for SAP license adoptionTatiana Kojar
Manage and optimize your license adoption and consumption with SAM4U, an SAP free customer software asset management tool.
SAM4U, an SAP complimentary software asset management tool for customers, delivers a detailed and well-structured overview of license inventory and usage with a user-friendly interface. We offer a hosted, cost-effective, and performance-optimized SAM4U setup in the Skybuffer Cloud environment. You retain ownership of the system and data, while we manage the ABAP 7.58 infrastructure, ensuring fixed Total Cost of Ownership (TCO) and exceptional services through the SAP Fiori interface.
Have you ever been confused by the myriad of choices offered by AWS for hosting a website or an API?
Lambda, Elastic Beanstalk, Lightsail, Amplify, S3 (and more!) can each host websites + APIs. But which one should we choose?
Which one is cheapest? Which one is fastest? Which one will scale to meet our needs?
Join me in this session as we dive into each AWS hosting service to determine which one is best for your scenario and explain why!
2. Thanks to our sponsors!
7th Sutol Conference, November 2015
3. 7th Sutol Conference, November 2015
● IBM Collaboration Solutions IT-Specialist
with IBM Austria
● ICS product stack since 1995
(Notes 3.3 on OS/2 on an i368)
● IBM e-mail: martin.leyrer@at.ibm.com
● E-mail: leyrer@gmail.com
● Twitter: http://www.twitter.com/leyrer
● Facebook: https://www.facebook.com/leyrer
● Blog: http://www.leyon.at
● LinkedIn: http://at.linkedin.com/in/leyrer
Martin Leyrer - IBM
7. 7th Sutol Conference, November 2015
Navigation
● The What And Why
● The Quick Win
– Notes Shared Login / ID Vault
– Automatic Client Configuration
– SPNEGO For iNotes And Webapps
● Expanding The Possibilities – SAML
● Q & A
8. 7th Sutol Conference, November 2015
Remove Notes Password Prompts with NSL – Notes
Shared Login
● Enabled via policy (or manually by the end user)
● Locks and encrypts the Notes ID in the current Windows Profile using the
PC SID (Security Identifier) and Microsoft's Data Protection API (DPAPI).
● Certificates within the ID are locked and bound to that PC and that OS
profile.
● The old “Notes Single
Logon” feature has to be
uninstalled.
● Limited to Windows.
● Need ID Vault
● Need Notes/Domino 8.5
9. 7th Sutol Conference, November 2015
Uninstall/Remove “Notes Single Logon” for NSL To
Work
10. 7th Sutol Conference, November 2015
ID Vault
● Optional
● Server-based database
● Holds protected copies of IBM Notes user Ids
● Users are assigned to a vault through policy configuration
● Copies of user IDs are uploaded to a vault automatically once the policy
has taken effect
11. 7th Sutol Conference, November 2015
The Benefits Of Using An ID Vault
● Authorized personnel can change (reset) passwords on IDs without access to the
ID files or the vault
● Custom application to reset passwords
● Easy recovery of lost or damaged user IDs
● Automatic synchronization of multiple ID copies
● No user involvement during ID renames
● No user involvement during ID key rollover
23. 7th Sutol Conference, November 2015
AND IT WORKS !
We have Single Sign On with Windows!
24. 7th Sutol Conference, November 2015
ID Vault – If It Does NOT Work
● Check whether the policies are actually coming down to the client
– Check Policy Synopsis for that user in the Admin Client
– Check the “($Policies)” view in the PNAB
– Modify the person entry in the Domino Directory & access mail server to
initiate a policy push
● Roaming user? Did you remove the ID file from the PNAB?
– https://ibm.biz/BdFnm9
– 8.5.3 provides a new detachid.zip utility and
“javaAgentForDetachid.java” (in utilityNotesCustomizationKit_1_0.zip
– RoamingIDIsInNAB=0 in the person document
25. 7th Sutol Conference, November 2015
Navigation
● The What And Why
● The Quick Win
– Notes Shared Login / ID Vault
– Automatic Client Configuration
– Token Based Single Sign On for Sametime And Connections
– SPNEGO For iNotes And Webapps
● Expanding The Possibilities – SAML
● Q & A
27. 7th Sutol Conference, November 2015
ConfigFile To The Rescue
● It IS possible to install and configure the Notes Client completely
WITHOUT user interaction*
– See https://ibm.biz/BdFnmd for details
● The notes.ini parameter, ConfigFile= points to a text (.TXT) file that
contains the parameters that the wizard needs. For example:
ConfigFile=C:Program FilesLotusNotesDatasetup.txt
* … except from the one time password prompt for the ID Vault
28. 7th Sutol Conference, November 2015
ConfigFile With Environment Variables
Starting with 8.5.1 the parameter CONFIGFILE= can contain system environment
variables, too. In case the setup configuration file is stored next to the template
notes.ini the following setting would apply to all Windows flavors:
CONFIGFILE=%ALLUSERSPROFILE%Application
DataLotusNotesDataconfig.txt
which resolves to...
CONFIGFILE=C:Documents and SettingsAll UsersApplication
DataLotusNotesDataconfig.txt
29. 7th Sutol Conference, November 2015
Setup.txt
Username=User Name/Acme
KeyfileName=c:Program FilesLotusNotesDatausername.id ID Vault!
Domino.Name=servername/Acme
Domino.Address=servername.acme.com
Domino.Port=TCPIP
Domino.Server=1
AdditionalServices=0
AdditionalServices.NetworkDial=0
Replication.Threshold=9999
Replication.Schedule=0
Starting with 8.5 the scripted setup code can resolve system environment
variables on any line of the configuration file that is read in.
31. 7th Sutol Conference, November 2015
Navigation
● The What And Why
● The Quick Win
– Notes Shared Login / ID Vault
– Automatic Client Configuration
– Token Based Single Sign On for Sametime And Connections
– SPNEGO For iNotes And Webapps
● Expanding The Possibilities – SAML
● Q & A
32. 7th Sutol Conference, November 2015
Token Based Single Sign On for Sametime And
Connections
● Works for Sametime Connect
Embedded Client
● Works for Connections Plugins
● Prerequisite: Properly configured
“Multiple Server SSO” on Domino
Server
33. 7th Sutol Conference, November 2015
LTPA Token
● The LTPA token is sent to the User Agent (Browser) as a Set-Cookie
response header
● The user agent sends this to the target HTTP server as a Cookie request
header for subsequent actions.
● Because browser user agents only send Cookie request headers to
servers whose host name matches the issuer of the cookie, the server
must share the same DNS (“DNS domain”) space as the other LTPA
servers in the SSO group.
● The LTPA token, which includes user information and an expiration time, is
signed by the issuer to ensure data integrity and is encrypted to ensure
data privacy.
● LTPA tokens can be used only for SSO among LTPA servers that share
the same key material (LTPA key)
34. 7th Sutol Conference, November 2015
Websphere LTPA Version 1 (“LtpaToken”)
● Contains
– the token expiration time
– the user identity (usually the LDAP distinguished name)
– a digital signature
● LTPA1 signatures are generated using SHA-1/RSA 1024-bit key
● After the digital signature has been attached, the user data and signature
are encrypted with a 3DES key obtained from the LTPA key file
35. 7th Sutol Conference, November 2015
Websphere LTPA Version 2
● Same format as LTPA1 tokens
● can contain additional information relating to the security context of the
authenticated user
● LTPA2 signatures are generated using SHA-1/RSA 1024-bit key
● After the digital signature has been attached, the user data and signature
are encrypted with a 3DES or AES key obtained from the LTPA key file
36. 7th Sutol Conference, November 2015
Domino LTPA Version
● Contains
– a fixed-size and value header starting field
– a token creation time
– a token expiration time
– the authenticated user name (Domino FQDN)
– a message authentication code (MAC) covering all content
● Domino uses a shared key and SHA-1 to calculate a MAC over the
content
● After the MAC has been attached, the user data and MAC are encrypted
with a 3DES key obtained from the LTPA key file
37. 7th Sutol Conference, November 2015
LTPA Websphere vs. Domino
● Domino can consume (decrypt, parse and process) and generate (create
and encrypt) either the Domino or Websphere formats
● WebSphere cannot consume or generate the Domino format.
45. 7th Sutol Conference, November 2015
Push Account Documents To Users via Document
Settings/Policy
46. 7th Sutol Conference, November 2015
AND IT WORKS !
Automatic Configuration & Login for
Connections and Sametime Plugin!
47. 7th Sutol Conference, November 2015
Navigation
● The What And Why
● The Quick Win
– ID Vault
– Automatic Client Configuration
– Token Based Single Sign On for Sametime And Connections
– SPNEGO For iNotes And Webapps
● Expanding The Possibilities – SAML
● Q & A
48. 7th Sutol Conference, November 2015
Windows Single Sign-on for Web Clients (SPNEGO)
● Available since Lotus Domino 8.5.1
● User acquires Kerberos credentials when starting Windows.
– Windows verifies user's password.
– Password never travels over the wire via HTTP.
● SSO technology leveraging the Windows credentials sometimes called
by these names:
– SPNEGO (Simple and Protected GSS-API Negotiation Mechanism)
– Integrated Windows Authentication” for the Windows Intranet
49. 7th Sutol Conference, November 2015
Windows Single Sign-on for Web Clients (SPNEGO)
● SPNEGO-aware browsers know how to
● ask Windows for a Kerberos ticket, based on
● browser configuration, and
● the user's requested URL.
● send the Kerberos ticket as part of SPNEGO protocol request
● SPNEGO-aware Domino validates the ticket to authenticate the user.
50. 7th Sutol Conference, November 2015
Setting Up SPNEGO
● Create a Domino Web SSO document (enable Windows single sign-on
integration)
● Set up a SPN (Service Principal Name) for the Domino server in Active
Directory
– Domino must run under an Active Directory account you set up for it
● Run domspnego
– Take the output and give it to your AD administrator to run setspn with
● Run setspn -a http://<dominohostname>
<accountnamerunningdomino>
● Update person documents with AD name appended to FullName (and
optional others like krbPrincipalName and LTPA User Name)
51. 7th Sutol Conference, November 2015
Update Domino Person Document for SPNEGO
● Update person documents with AD name appended to FullName
(and optional others like krbPrincipalName and LTPA User Name)
52. 7th Sutol Conference, November 2015
AND IT WORKS !
Automatic Login to Domino in
Internet Explorer and Firefox on Windows!
53. 7th Sutol Conference, November 2015
Navigation
● The What And Why
● The Quick Win
– ID Vault
– Automatic Client Configuration
– Token Based Single Sign On for Sametime And Connections
– SPNEGO For iNotes And Webapps
● Expanding The Possibilities – SAML
● Q & A
54. 7th Sutol Conference, November 2015
SAML – Security Assertion Markup Language
● Provides ease of use for end users – reduce the # of passwords to
memorize
● The only “Notes password” is the IdP's password
– And SPNEGO/Kerberos to Microsoft's ADFS can eliminate that prompt as
well
– Once a user has authenticated with the IdP they won’t be asked again
● Notes client uses SAML to fetch the user's ID file from the vault
– ID file is stored in memory instead of being written to disk
● Works on Citrix, Linux, and Mac as well as Windows
– Requires Notes Standard client
– Support for Notes, iNotes, and Web Clients
55. 7th Sutol Conference, November 2015
SAML – IdP - Identity Provider (SSO)
● ADFS (Active Directory Federation Services in Windows 2008 and
Windows 2012)
– SAML 2.0 only
– can be combined with SPNEGO
– Enhances Integrated Windows Authentication (IWA)
● TFIM (Tivoli Federated Identity Manager)
– SAML 1.1 and 2.0
56. 7th Sutol Conference, November 2015
SAML – Assertions
● IdP (Identity Providers) use HTTP or SOAP to communicate to SP
(Service Providers) via XML based assertions
● Assertions have three roles
● Authentication
● Authorisation
● Retrieving Attributes
57. 7th Sutol Conference, November 2015
Notes Federated Login with SAML
1) User launches Notes and Notes
connects to the ID Vault
2) The ID Vault (configured for
SAML authentication) reaches
out to IdP.
3) IdP prompts user for
credentials.
4) Correct credentials are
supplied.
5) IdP provides SAML
artifact (XML) to ID Vault.
6) ID Vault provides ID to Notes.
Once Notes session is completed,
ID is removed from machine.
58. 7th Sutol Conference, November 2015
SAML – Installation
● Warning! - This is hard!
– One of the most complex Domino based things I have seen so far.
● Find help with comprehensive knowledge of:
– Domino server admin
– Notes client configuration and security
– Active Directory configuration at your company
– ADFS
– SAML concepts
– SSL configuration on Domino & in Windows/IIS
– Enterprise browser configuration
● It's worth the effort, especially in the long run.
Read the Connect 2014 presentation “SHOW100 : AD+SAML+Kerberos+IBM Notes &
Domino = SSO!” by Rob Axelrod and Andy Pedisich, Technotics https://ibm.biz/BdFnyF
59. 7th Sutol Conference, November 2015
NSL/SPNEGO vs. SAML
● NSL/SPNEGO
● SPNEGO requires Windows
Environment
– Active Directory
– Windows Domain Login
– Microsoft Supported
browsers
– Domino on Windows
● Requires Windows clients for the
users
● Citrix not supported
● Requires Domino on Windows
● Has a very specific use case
SAML
● Not everything supports it (yet)
– Traveler doesn’t
– Sametime doesn’t*
– Citrix does!
● ID Vault is a requirement so IDs
that can’t be vaulted can’t be used
(multiple passwords, smartcards,
etc)
● Complex to set up
* Sametime for IBM Verse integration via
SAML based SSO https://ibm.biz/BdHqd4
60. 7th Sutol Conference, November 2015
Navigation
● The What And Why
● The Quick Win
– ID Vault
– Automatic Client Configuration
– Token Based Single Sign On for Sametime And Connections
– SPNEGO For iNotes And Webapps
● Expanding The Possibilities – SAML
● Q & A
61. 7th Sutol Conference, November 2015
Frequently Questioned Answers
Martin Leyrer
IBM Collaboration Solutions IT-Specialist with IBM Austria
IBM e-mail: martin.leyrer@at.ibm.com
E-mail: leyrer@gmail.com
Twitter: http://www.twitter.com/leyrer
Facebook: https://www.facebook.com/leyrer
Blog: http://www.leyon.at
LinkedIn: http://at.linkedin.com/in/leyrer
62. 7th Sutol Conference, November 2015
Further Reading
“Upgrading from Notes client single logon to Notes shared login” by Nancy
E. Kho
https://ibm.biz/BdFnM6
“Single Sign-on (SSO) technologies for the Domino Web Server” by Jane
Marcus
https://ibm.biz/BdFnyT
“Connect 2014 SHOW100 : AD + SAML + Kerberos + IBM Notes and
Domino = SSO!” by Rob Axelrod and Andy Pedisich, Technotics
https://ibm.biz/BdFnyF
“Simplifying The S's: Single Sign-On, SPNEGO and SAML” by Gabriella
Davis
https://ibm.biz/BdFnfq