Home
Configuring
Use this information to configure your network, users, servers (including Web servers), directory services, security, messaging, widgets and live text, and server clusters.
Configuring users and servers
Topics in this section describe how to set up users and servers.
Configuring Web servers
This section describes how to set up the HCL Domino® Web server, and the Domino Web Navigator.
The Domino® Web server
Domino® provides an integrated Web application server that can host Web sites that both Internet and intranet clients can access, and that can serve up pages that are stored in the file system or in a Domino database.
Hosting Web sites
You can use Web Site documents to host Web sites on Domino®. The Web Site document is one type of Internet Site. Web Site documents contain Web site configuration information and are managed through the Servers\Internet Sites view along with other types of Internet site documents.
Enabling support for Server Name Indication (SNI)
Starting with Domino 11.0.1, you can enable Web servers to support the Server Name Indication (SNI) extension to the Transport Security Layer (TLS) protocol.

Configuring
Use this information to configure your network, users, servers (including Web servers), directory services, security, messaging, widgets and live text, and server clusters.
- Configuring a network
  This section presents the planning concepts and setup procedures necessary for a successful HCL Domino® deployment over a network. It provides information on network protocols from a Domino perspective but does not attempt to provide general network information.
- Configuring users and servers
  Topics in this section describe how to set up users and servers.
  - Understanding the Server document
    The Server document is set up when you register a server. It contains many of the settings that define how your server operates.
  - Policies
    Use Domino® policy settings to control how users work with Notes®. A policy is a document that identifies a collection of individual policy settings. Policy settings documents define a set of defaults that apply to the users and groups to which the policy is assigned. You can change policy settings and they will be automatically applied to the assigned users and groups.
  - Defining default settings for Notes® user registration
    Before you register new Notes® users, you can specify default settings that apply to all users. Default settings simplify user registration and ensure user settings consistency. You can define many default settings, such as what mail server users have or what certifier ID to use for user registration. You can also specify a default workstation execution control list (ECL) to protect data from unauthorized workstation access.
  - Using groups
    Groups are lists of users, groups, and servers that have common traits. They are useful for mailing lists and access control lists. Using groups can simplify administration tasks.
  - Replicas
    You can make a database available to users in different locations, on different networks, or in different time zones, by creating replicas of the database.
  - Calendars and scheduling
    The calendar and scheduling features allow users to check the free time of other users, schedule meetings with them, and reserve resources, such as conference rooms and equipment.
  - Editing the notes.ini file
    The Domino and Notes notes.ini files contain the settings required for the server and client to operate correctly. If you modify or add settings in a notes.ini file, do so cautiously and never edit the file directly with a text editor.
  - Configuring directory services
    This section describes how to plan, set up, and use HCL Domino® directory services.
  - Configuring messaging
    This section provides an overview of messaging and describes how to set up mail routing, how to set up and customize mail servers, and how to track mail.
  - Configuring iNotes®
    HCL iNotes® provides HCL Notes® users with browser-based access to Notes mail and to Notes calendar and scheduling features. Administrators specify mail policy and security policy settings as well as notes.ini file settings to complete the full implementation of HCL iNotes.
  - Configuring Web servers
    This section describes how to set up the HCL Domino® Web server, and the Domino Web Navigator.
    - The Domino® Web server
      Domino® provides an integrated Web application server that can host Web sites that both Internet and intranet clients can access, and that can serve up pages that are stored in the file system or in a Domino database.
      - Setting up a Domino® server as a Web server
        You can specify that you want to run the HTTP task on the Domino® server. Domino can then function as a Web server and allow browser clients to access databases on the server.
      - Hosting Web sites
        You can use Web Site documents to host Web sites on Domino®. The Web Site document is one type of Internet Site. Web Site documents contain Web site configuration information and are managed through the Servers\Internet Sites view along with other types of Internet site documents.
        Configuring the SameSite cookie attribute
        Configure the SameSite cookie attribute to enable a Domino web server to assert that browsers can only send cookies that originate from the Domino server web site.
        Enabling support for Server Name Indication (SNI)
        Starting with Domino 11.0.1, you can enable Web servers to support the Server Name Indication (SNI) extension to the Transport Security Layer (TLS) protocol.
        Hosting multiple Web sites on a partitioned server
        You can set up multiple Web sites for each server's HTTP process on a partitioned server for Web Site documents or for Virtual Servers).
        Configuring HTML, CGI, icon, and Java™ files for Web Site documents
        HCL Domino® looks for individual HTML, CGI, and icon files in specific directories on the server's hard drive. You can change the URL path for icons and CGI program files. The URL path is where Domino looks for icons or CGI programs when it encounters a reference in the HTML code to one of these.
        Configuring DSAPI, HTTP methods, and WebDAV in Web Site documents
        You can set up a Web Site document to support the HCL Domino® Web Server Application Programming Interface (DSAPI), various HTTP methods, and Web-based Distributed Authoring and Versioning (WebDAV).
        Domino® Web Engine settings for Web Site documents
        On the Domino® Web Engine tab, you can set up session authentication, specify GIF or JPEG conversion and the number of lines to display in a view, limit the number of documents displayed when searching, redirect URLs, restrict data users can send to the Domino database, store preferences in cookies, set up language preferences, and specify an international character set.
        Setting up session authentication for Web Site documents
        You can enable session-based name-and-password authentication for a Web site document. Web clients must use a browser that supports cookies. You can customize an HTML login form for users to enter their credentials, address multiple login prompts, allow logout using the ?logout URL or formula, and log user sessions.
        Specifying GIF or JPEG conversion in Web Site documents
        You can control the format and method that Domino® uses to display images that appear in documents. The Domino Web server supports both GIF and JPEG image formats. This setting has no effect on images referenced using pass-through HTML. When you enable progressive or interlaced rendering, the image appears to download quickly and you can typically identify the image before it is completely downloaded.
        Specifying the number of lines to display in a view
        You can specify the default number of lines to display in a view when users do not specify a line count in a URL. The number of lines to display depends on your preference. Displaying many lines per view makes it easy to find an item in a large view. Displaying fewer lines per view make it easy to read the items in the view. You can also specify the maximum number of lines to display in a view when the user specifies a line count in a URL. Entering a maximum number of lines prevents users from overloading server resources by requesting a large number of lines to display.
        Limiting the number of documents displayed during a Web Site search
        You can specify a default and maximum number of documents to display as a result of performing a search on a database. Users can specify the number of documents for a search query to return using the SearchMax parameter with the SearchSite and SearchView commands.
        Finding links with the Redirect URL command
        You use the Redirect URL command to create anchor, document, view, and database links on a Web page. These links and the links for domain search results can direct users to a database on the same server or another server. Enable this option on any server that runs the domain search and on servers for which you want to resolve links to other servers.
        Restricting the amount of data users can send to a Domino® database
        The HTTP POST and PUT methods allow users to send data to the Domino® server. The Server record field Maximum size of request content sets a limit on the amount of data that can be sent using either POST or PUT. This limit is enforced for all POST and PUT methods, whether the target is a database, CGI program, or Java™ servlet, and applies to all Web sites.
        Specifying the character set to use when retrieving Web pages
        Domino® uses the default character set and character set mapping selection to generate HTML text for the browser. If you have international users who need to see text in nonwestern languages, you need to make changes to the settings. The character set setting affects all databases on the server.
        Storing Web user preferences in cookies
        Web users can configure their own time zone and regional preferences. Customized preferences are stored in cookies that reside in Web client browsers. Thus, your preferences can't be used if you access the server from a browser other than the one for which you set up cookies.
        Setting up language preferences
        The Web server uses language string resource modules to render Web pages in different languages. The Domino® Web server can support multiple languages and be configured to handle them on the fly.
        Table of character set mapping for Web server pages
        The default character set governs the available choices for character set mapping. If a character set group has mapping choices, you must also select which character set to use.
        Web Site rules and global Web settings
        Web Site rules are documents that help you maintain the organization of a Web site. They are created as response documents to Web Site documents, and apply only to that particular Web Site document. If you want to apply a rule to more than one Web Site document, copy and paste the rule document from one Web Site document to the other.
        Protecting files on a server from Web client access
        File protection documents control access to non-database files that users can access via Web browsers. Like database file (.NSF) access control lists (ACLs), which specify the names of the users who can access them and the level of access they have, you can enforce file protection for files that browser users can access -- for example, HTML, JPEG, and GIF -- also by specifying the level of access for these types of files and the names of the users who can access them.
        Creating a Web Site authentication realm document
        Using an HCL Domino® Web Site authentication realm, you can specify the text string that appears when a user tries to access a certain directory, or file on a Domino Web server. When the browser prompts the user for a name and password, the browser's authentication dialog displays the text string. The browser uses the realm to determine which credentials -- that is, user name and password -- to send with the URL for subsequent requests. The Domino Web server caches the user's credentials to use for different realms, in order to avoid prompting the user repeatedly for the same credentials.
      - Customizing Web server messages and login
        Use the Domino Web Server Configuration database to create a modern-looking web user login form or to create custom Web server messages.
      - Using gzip compression
        The Domino® Web server can serve files compressed by gzip (GNU zip). You must add the compressed file to the appropriate server directory. This feature is on by default.
      - HTML generation options
        The HTMLOptions capability was developed for the Web server as a general, extensible way for Web application developers to specify form and field specific options to control the Web engine's HTML generation. It allows users to select alternate behavior for the web server HTML generator, without requiring dedicated Domino® Designer events or info box controls.
    - The Web Navigator
      The Web Navigator lets Notes® workstations access the Web, without having a direct connection to the Internet. The Web Navigator server, which has a direct connection to the Internet, retrieves pages for users. The Web Navigator retrieves pages on Internet servers -- for example, servers that use Internet services such as HTTP, FTP, or Gopher.
  - Setting up a cluster
    Setting up a cluster includes the tasks of creating and verifying that it is working correctly, and then setting up user access, mail, replications, size quotas, directory assistance, roaming, web navigation, and use of a private LAN in the cluster.
  - Configuring Widgets and Live Text
    Widgets and Live Text enables end users to see and act on Live Text in supported documents, including HCL Notes® mail, using XML extensions (widgets) created specifically for their use.
  - Domain Search
    Notes® client and Web users can use Domain Search to search an entire Domino® domain for database documents, files, and attachments that match a search query.

Enabling support for Server Name Indication (SNI)

Starting with Domino 11.0.1, you can enable Web servers to support the Server Name Indication (SNI) extension to the Transport Security Layer (TLS) protocol.

About this task

SNI enables a Domino Web server to support multiple virtual host(s) (Web sites) over HTTPS where multiple host names can be configured to map to a single IP address. To enable SNI support, add the notes.ini setting ENABLE_SNI=1 to the server and restart the HTTP task.

Note the following things to consider before enabling SNI support:

SNI is supported only for inbound HTTP requests.
To use SNI, there must be either a default Web site configured or at least one Web site with an IP address configured to use as the starting point for the TLS hand shake. If the server receives the TLS SNI extension, it attempts to switch to the site that matches the host name in the SNI extension after the TLS handshake is complete.
Enabling SNI may require you to adjust Web site configurations (rules and other settings). With SNI enabled, the server can map from the default or IP address Web site to another site by host name after the TLS handshake. This can cause a change in behavior in existing configurations where there may be one Web site with just an IP address configured and others with just the host name(s) configured. Old configurations would continue to use the IP address site. With SNI enabled, the request can switch to use a host name site which may have a different configuration than the IP address site.