Home
Configuring
Use this information to configure your network, users, servers (including Web servers), directory services, security, messaging, widgets and live text, and server clusters.
Configuring users and servers
Topics in this section describe how to set up users and servers.
Configuring iNotes®
HCL iNotes® provides HCL Notes® users with browser-based access to Notes mail and to Notes calendar and scheduling features. Administrators specify mail policy and security policy settings as well as notes.ini file settings to complete the full implementation of HCL iNotes.
Editing the configuration settings document for iNotes®
Many of the features you enable using the configuration settings document can also be configured using policies.
Specifying notes.ini file settings for HCL iNotes®
A number of notes.ini file settings are available, some also represented in policy documents, to help you tune your configuration of HCL iNotes®. This section contains many of the notes.ini file settings for iNotes, but is not a comprehensive list due to the fact that some have been replaced by settings in the server configuration document.
Enabling the whitelist Active Content Filter
You can enable a whitelist filter as the Active Content Filter (ACF) in Domino. The ACF is used to remove potentially harmful active content from HTML messages such as JavaScript, Java, and ActiveX. A whitelist filter removes all entities except those in the whitelist. A blacklist filter (used by default) retains all entities except those in the blacklist.

Configuring
Use this information to configure your network, users, servers (including Web servers), directory services, security, messaging, widgets and live text, and server clusters.
- Configuring a network
  This section presents the planning concepts and setup procedures necessary for a successful HCL Domino® deployment over a network. It provides information on network protocols from a Domino perspective but does not attempt to provide general network information.
- Configuring users and servers
  Topics in this section describe how to set up users and servers.
  - Understanding the Server document
    The Server document is set up when you register a server. It contains many of the settings that define how your server operates.
  - Policies
    Use Domino® policy settings to control how users work with Notes®. A policy is a document that identifies a collection of individual policy settings. Policy settings documents define a set of defaults that apply to the users and groups to which the policy is assigned. You can change policy settings and they will be automatically applied to the assigned users and groups.
  - Defining default settings for Notes® user registration
    Before you register new Notes® users, you can specify default settings that apply to all users. Default settings simplify user registration and ensure user settings consistency. You can define many default settings, such as what mail server users have or what certifier ID to use for user registration. You can also specify a default workstation execution control list (ECL) to protect data from unauthorized workstation access.
  - Using groups
    Groups are lists of users, groups, and servers that have common traits. They are useful for mailing lists and access control lists. Using groups can simplify administration tasks.
  - Replicas
    You can make a database available to users in different locations, on different networks, or in different time zones, by creating replicas of the database.
  - Calendars and scheduling
    The calendar and scheduling features allow users to check the free time of other users, schedule meetings with them, and reserve resources, such as conference rooms and equipment.
  - Editing the notes.ini file
    The Domino and Notes notes.ini files contain the settings required for the server and client to operate correctly. If you modify or add settings in a notes.ini file, do so cautiously and never edit the file directly with a text editor.
  - Configuring directory services
    This section describes how to plan, set up, and use HCL Domino® directory services.
  - Configuring messaging
    This section provides an overview of messaging and describes how to set up mail routing, how to set up and customize mail servers, and how to track mail.
  - Configuring iNotes®
    HCL iNotes® provides HCL Notes® users with browser-based access to Notes mail and to Notes calendar and scheduling features. Administrators specify mail policy and security policy settings as well as notes.ini file settings to complete the full implementation of HCL iNotes.
    - iNotes® ultra-light mode
      The ultra-light mode of HCL iNotes® is designed for use on a mobile device. It is also the accessible mode available on Microsoft™ Windows™ operating systems (Win32) using Mozilla Firefox 3.0 or later.
    - Getting started with iNotes®
      After installing and configuring HCL Notes® and enabling HCL iNotes®, perform these tasks to enable users to get up and running with iNotes.
    - Creating mail policy settings for iNotes® users
      HCL Domino® administrators can use a number of mail policy settings.
    - Creating security policy settings for iNotes® users
      To create or enforce security settings for HCL iNotes® users, you must create a security policy settings document.
    - Desktop policy settings supported in iNotes®
      When applied to a user, these desktop policy settings lock down the associated user preferences in HCL iNotes®. Any existing policies previously assigned to iNotes users are enforced.
    - Editing the configuration settings document for iNotes®
      Many of the features you enable using the configuration settings document can also be configured using policies.
      - Secure mail for iNotes®
        To allow HCL iNotes® users to encrypt and digitally sign email messages, you must enable both the Encrypted mail support and the Name Resolution and Validation fields on the iNotes tab of the server's configuration settings document.
      - Adding a disclaimer to outgoing iNotes® messages
        You can add a disclaimer to outgoing HCL iNotes® messages. A disclaimer is a denial or a disavowal of legal responsibility for the contents of the message. In some countries, not having a proper disclaimer on messages may result in fines leveled by regulatory agencies.
      - Configuring alternate name support in iNotes®
        An alternate name is helpful when a user wants to use his or her native language and character set to type, display, and look up names. For example, users can type a name in a native language and character set when sending mail. A user's primary name is recognizable to an international audience; an alternate name is recognizable to the user's native language.
      - Using browser cache management
        Use browser cache management to improve client side performance and security of HCL iNotes® sessions on Internet Explorer by controlling which entries are stored in the cache and which are removed when the iNotes session ends.
      - Making calendar details available to all users
        You can make calendar details available to all users with settings on the server's configuration settings document.
      - Making Notes® links work in iNotes®
        You can configure HCL iNotes® so that users can open HCL Notes® links (document, view, or application links) in either a new browser window or in Notes. iNotes supports Notes links to any server, as long as the user has access to the application to which the link connects and the application is on an HCL Domino® server in the local area network. This is also useful for iNotes users who reply with history or forward a thread with Notes links back to a Notes user. You can also configure the server to offer Notes links only or Web links only.
      - Setting a maximum attachment size
        You can set a maximum attachment size other than the default value.
      - Specifying notes.ini file settings for HCL iNotes®
        A number of notes.ini file settings are available, some also represented in policy documents, to help you tune your configuration of HCL iNotes®. This section contains many of the notes.ini file settings for iNotes, but is not a comprehensive list due to the fact that some have been replaced by settings in the server configuration document.
        Notes.ini file settings used when integrating iNotes® with HCL Connections™ Docs
        There are several notes.ini file settings that correspond to the settings on the mail policy settings document, HCL Connections™ Docs Integration section. When configuring HCL iNotes® integration with HCL Connections™ Docs, these notes.ini file settings override the corresponding settings in the mail policy setting document. To set up iNotes and HCL Connections™ Docs integration, use the steps in the procedure Integrating iNotes with HCL Connections Docs.
        Notes.ini file settings used when integrating iNotes® with Connections Files
        There are several notes.ini file settings that correspond to the settings on the mail policy settings document, Connection Files Integration section. When configuring HCL iNotes® integration with HCL Connections™, these notes.ini file settings override the corresponding settings in the mail policy settings document. To set up iNotes and Connections integration, use the steps in the procedure Integrating iNotes with Connections files.
        Enabling accessible features in the client
        Mail, Calendar, Contacts, and Preferences are fully accessible. The HCL iNotes® client has a preference to limit full mode functionality available to just the currently accessible piece. There is also a server-wide setting that allows administrators to limit all iNotes users to this accessible feature set.
        Setting up type-ahead
        The type-ahead feature in HCL iNotes® uses the names of people to whom users have recently sent email to populate a list of type-ahead names that display when a user is completing an address field that expects an email address. This feature caches, in memory, a list of names that are used most frequently, and then displays those names at the beginning of the list.
        Setting up Auto Save
        The auto save feature in HCL iNotes® automatically saves the body of mail messages created by users so that drafts and changes made to them are maintained should users forget to save them, or if something happens to their workstation (for example, a crash or power outage).
        Using prefetch for documents
        You can set a notes.ini file variable so that the client loads the contents of either the visible unread messages or all visible messages in an asynchronous manner after the view list is loaded.
        Enabling Notes-style search
        To search HCL iNotes® using a Notes-style query, use the notes.ini file setting INOTES_WA_DISABLE_WEBSTYLE_SEARCH=1.
        Allowing users to take the Domino® directory offline
        You can use a notes.ini file variable, $DOLSDirectoryCatalog, to set the name of an HCL Domino® directory that the user may take offline.
        Enabling the whitelist Active Content Filter
        You can enable a whitelist filter as the Active Content Filter (ACF) in Domino. The ACF is used to remove potentially harmful active content from HTML messages such as JavaScript, Java, and ActiveX. A whitelist filter removes all entities except those in the whitelist. A blacklist filter (used by default) retains all entities except those in the blacklist.
        Disabling the Active Content Filter
        Use the notes.ini file variable, iNotes_WA_DisableActCntSecurity, to disable the Active Content Filter. A setting of 1 disables the filter. Setting this variable to 0 (or omitting it from the server's notes.ini file) enables the filter.
        Setting the level of automatic cache clearing
        If you choose not to enable Browser Cache Management for the HCL Domino® server, HCL iNotes® tab of the Configuration Settings document, you can set the level of automatic cache clearing using the notes.ini file variable iNotes_WA_LogoutScrubType.
        Redirecting users to a Web page after logout
        Specifying the number of names to return
        Use the notes.ini file setting, iNotes_WA_NameLookupMaxNumMatch=value to specify the maximum number of names to return on name lookups.
        Using GZIP to improve iNotes® performance
        By default, HCL iNotes® uses compression, GZIP format, to reduce network bandwidth consumption and provide better performance, particularly for users with slow network connections. You can use the Compress HTTP response data setting in the configuration settings document to enable or disable compression. Use the notes.ini file settings to turn GZIP compression on and off, and to specify the types of content to compress.
        Enforcing two-digit years in a calendar
        Administrators can enforce the use of two-digit years by disabling the International date settings preference available to users.
        Enabling days in work week calendar display
        You can enforce the display of a five-day work week, or allow HCL iNotes® users to decide whether or not to display it.
        Enabling or disabling the secondary calendar
        Administrators can specify a notes.ini file setting to enable or disable the display of a secondary calendar.
        Enabling a whitelist of acceptable file types
        To prevent direct opening of attachments that may contain harmful content, a content-disposition header has been added that instructs the browser to save the file attachment rather than opening it directly.
        Preventing users from acknowledging a request for a return receipt on iNotes® incoming mail messages
        Use a server notes.ini file parameter to show or suppress a prompt that lets the HCL iNotes® client user choose whether to acknowledge a request for a return receipt on an incoming message.
        Disabling ultra-light mode
        You can disable HCL iNotes® ultra-light mode using a notes.ini file setting.
    - Renaming an iNotes® user
      You rename an HCL iNotes® user who has an iNotes ID and an HCL Notes® certified public key located in their person document in the Domino® Directory the same way you rename a Notes user.
    - Integrating with other applications
      HCL iNotes® can be integrated with HCL Sametime® and HCL Connections™.
    - Customizing iNotes®
      Once HCL iNotes® has been installed and configured, you can customize your implementation in the following ways:
  - Configuring Web servers
    This section describes how to set up the HCL Domino® Web server, and the Domino Web Navigator.
  - Setting up a cluster
    Setting up a cluster includes the tasks of creating and verifying that it is working correctly, and then setting up user access, mail, replications, size quotas, directory assistance, roaming, web navigation, and use of a private LAN in the cluster.
  - Configuring Widgets and Live Text
    Widgets and Live Text enables end users to see and act on Live Text in supported documents, including HCL Notes® mail, using XML extensions (widgets) created specifically for their use.
  - Domain Search
    Notes® client and Web users can use Domain Search to search an entire Domino® domain for database documents, files, and attachments that match a search query.

Enabling the whitelist Active Content Filter

You can enable a whitelist filter as the Active Content Filter (ACF) in Domino. The ACF is used to remove potentially harmful active content from HTML messages such as JavaScript, Java, and ActiveX. A whitelist filter removes all entities except those in the whitelist. A blacklist filter (used by default) retains all entities except those in the blacklist.

About this task

Blacklist filters need to be maintained to continually guard against threats from new markup patterns. Whitelist filters are considered a security best practice because they are explicit about the patterns that are allowed.

The whitelist filter is applied to HCL iNotes® and HCL Verse™ messages but not to HCL Notes® messages.

Procedure

By default, the blacklist filter is used. To enable iNotes® and Verse™ to use the whitelist filter instead, add the following notes.ini setting to Domino mail servers:
```
DOMINO_ENABLE_WHITELIST_ACF=1
```
Optional: To allow individual users to choose between the whitelist and blacklist:
1. Have a user copy the following URL parameter to the browser to use when logging on to mail, depending on your client:
  Verse:
```
<mailfile_url>?whitelist-acf=0
```
  iNotes:
```
<mailfile_url>?OpenDatabase&whitelist-acf=0
```
  If your site redirects logins, for <mailfile_url>, specify the redirect URL.