Sync Contacts Between Lotus Notes, Traveler and iNotes

Lotus Notes has four main functions: email, calendar, address book, and to-do. Of these functions, the address book is the only piece that is stored locally on whatever computer you added the entries. Thus, if you need to have access to your address book when you are at a different computer, or when you are using a iNotes on the web, or a smart phone with Traveler you can set up the address book sync via the iNotes webmail client.

INotes is the newest version of Lotus Notes webmail. It lets you sync your address book contacts out to your webmail and your smart phone. To set up the sync, you need to be in your Notes client:

  • Open Lotus Notes
  • Select the mail tab
  • Click Actions – iNotes Web Access – Synchronize Notebook

This process will sync your contacts, however, your groups will not be web-accessible. Also, please notice that this process is not dynamic. If you make a change to either the web or client version of your address book you will need to resynchronize the two again in the same way as above. Alternatively you may enable the sync on the replication tab to ensure that it will happen automatically.


Sametime 8.5.1 Deployment

To deploy a Sametime environment with multiple levels of licensing, multiple Sametime servers with each respective license versions needed (Entry, Standard, etc.). The Sametime wiki has a number of useful resources to plan out a complex Sametime deployment:

  • http://www-10.lotus.com/ldd/stwiki.nsf/page.xsp?documentId=6F6353B28F5FB51185257775007AC431&action=openDocument
  • http://www-10.lotus.com/ldd/stwiki.nsf/dx/1.3_Lotus_Sametime_product_family
  • http://www-10.lotus.com/ldd/stwiki.nsf/xpViewCategories.xsp?lookupName=Learning%20Center

And here are some documents that delve into the details:

  • http://www-10.lotus.com/ldd/stwiki.nsf/dx/Chapter_2._Planning_a_Sametime_8.5.1_deployment
  • http://publib.boulder.ibm.com/infocenter/sametime/v8r5/index.jsp?topic=/com.ibm.help.sametime.v851.doc/plan/plan_topol_deploy.html

Domino 8.5.2 Adding Email Aliases

Often times people need to receive email for multiple valid variation of their email addresses. On most email systems, these are called email aliases. IBM Domino has a slightly unusual way of allowing system administrators to define aliases:

  • Open the Domino Administrator Tool
  • On the People & Groups tab, select People
  • Edit the Person document of the person you would like to add an email alias to
  • Add the alternative email addresses to Short name/UserID like this:

    "UsedID [email protected]
    [email protected]
  • Save and close the Person document
  • Navigate to the Server... tab
  • Select the Server console
  • To enable the changes on the SMTP server, enter in the Domino Command: TELL ROUTER UPDATE CONFIG

Domino 8.5 SSL Key Import Into Keyring File

Domino Server SSL Key Import

By default, the SSL key order process in the Domino Administrator assumes that only single domain certificates are used. Hence, when you have a multi domain UCC or a wildcard certificate, it has to be loaded into the keyring (a.k.a. kyr file) outside of the Domino Administrator.

The basic overview of the process is this:

  • Create a kyr (keyring) file to hold the keys.
  • Create a p12 (PKCS#12) file with the certificate that needs to be added to the keyring.
  • Add the p12 (PKCS#12) file to the keyring.
  • Install the new keyring on the Domino Servers (mail, traveler, sametime, Quickr)

Domino Server PKCS#12 key generation and import

Create PKCS#12 from SSL KEY and CRT files

For this step I recommend to be on the Linux or AIX with openssl installed. Assuming that you have the certificate key, the CA issued certificate, and the certificate chains all in the same directory, you can run the following command to generate the p12 file:

openssl pkcs12 -export \
-in certificate-from-CA.crt \
-inkey certificate-key-file.key \
-certfile root-ca-bundle.crt \
-out certificate-in-pkcs12-format.p12

Add PKCS#12 to Domino Server Kyr Keyring File

For this step I recommend to be on the sametime server under Linux or AIX. In theory, this should work, but in practice, I found that the version 7 of the gsk tools doesn’t seem to be able to open kyr files. So you may need to skip ahead to the legacy Windows XP method, unless you can find the gsk5bas package on one of your older install media.

rpm -Uvh ${SAMETIME_CD_PATH}/SametimeEntryServer/GSKit/Linux/gsk7bas-7.0-4.28.i386.rpm
vi /opt/ibm/lotus/notes/latest/linux/ibm-jre/jre/lib/security/java.security

Add last provider to list:

security.provider.1=com.ibm.jsse2.IBMJSSEProvider2
security.provider.2=com.ibm.crypto.provider.IBMJCE
security.provider.3=com.ibm.security.jgss.IBMJGSSProvider
security.provider.4=com.ibm.security.cert.IBMCertPath
security.provider.5=com.ibm.security.sasl.IBMSASL
security.provider.6=com.ibm.spi.IBMCMSProvider

remove conflicting jar file:

mv /opt/ibm/lotus/notes/latest/linux/ibm-jre/jre/lib/ext/gskikm.jar /opt/ibm/lotus/notes/latest/linux/ibm-jre/jre/lib/ext/gskikm.removedjar-

set environment:

set JAVA_HOME
JAVA_HOME=/opt/ibm/lotus/notes/latest/linux/ibm-jre/jre export JAVA_HOME

Domino Server Required Utilities for SSL Key Import (legacy Windows XP method)

  • Download and install IKEYMAN.
  • Open the kyr file in gsk5.
  • Import the p12 cert.
  • Save the new kyr file.

Domino Server SSL Key Management References

  • http://www.redbooks.ibm.com/redpapers/pdfs/redp0046.pdf
  • http://www.turtleweb.com/turtleblog.nsf/dx/11022009232215GDAVGR.htm?opendocument&comments
  • http://www.deadspace.de/?p=294
  • ftp://ftp.software.ibm.com/software/webserver/appserv/library/v61/ihs/GSK7c_SSL_Ikm_Guide.pdf
  • https://support.quovadisglobal.com/KB/a93/how-do-i-install-my-digital-certificate-into-lotus-notes.aspx
  • http://replay.waybackmachine.org/20081121002554/http://www.justinclarke.com/archives/2005/08/sending_smime_e.html
  • http://www.eulerhermes.com/en/documents/secure-email/ehcica_howto_import_lotus_notes_en.pdf/ehcica_howto_import_lotus_notes_en.pdf
  • http://publib.boulder.ibm.com/infocenter/sametime/v8r0/index.jsp?topic=/com.ibm.help.sametime.802.doc/Entry/st_adm_security_ssl_ikey_lin_t.html

For more information about Domino Server solutions, visit our collaboration section.