Jump to main content
HCL Domino 12 documentation
Welcome to the HCL Domino® 12 documentation.
Learn about all of the new features for administrators in HCL Domino® 12.
New install and setup features and enhancements
These are the install and setup features and enhancements provided with Domino 12.
New security features and enhancements
These are the security features and enhancements provided with HCL Domino® 12.
New DAOS features and enhancements
HCL Domino® 12 provides the following new features and enhancements for Domino Attachment and Object Service (DAOS).
New features related to the end-user experience
The following features relate to the HCL Notes® end-user experience.
Replication enhancements
HCL Domino® 12 provides these replication enhancements.
Backup and restore capability
Backup and restore capability is integrated with Domino 12 servers.
Stand-alone Domino directory enhancements
The new Domino directory design (pubnames.ntf) provides several stand-alone enhancements that improve usability for administrators.
Users in Active Directory can sync their Windows passwords
Active Directory password synchronization enables Windows users whose Active Directory information is synced to Domino to apply their Windows passwords to their Domino HTTP and Notes ID passwords.
Administration Process support for updating names in Verse user profiles
The Administration Process rename person request now updates names in HCL Verse user profiles.
New ODS level
HCL Domino® 12 introduces a new on-disk structure (ODS) version for databases: ODS 55.
MarvelClient Essentials integration
The following improvements have been made to the integration of MarvelClient with Domino.
Entitlement tracking
As of Domino 12.0, a new internal mechanism is provided for collecting the highest entitlement that individual users have across a Domino domain. When a user appears in the ACL of a database with Reader access or above and that person has the right to access the server, the user is said to be an entitled user.
Domino OSGI Tasklet Service (DOTS) is available again
DOTS is available again in Domino 12.
New Java™ Runtime Environment
A new Java™ Runtime Environment (JRE) is provided with HCL Domino® 12 and HCL Domino Designer 12.
TCP/IP port buffer size
Domino 12 has changed the TCP/IP port buffer default size from 4000 to 8000.
Components no longer included in this release
The following components are no longer included.
Documentation updates
Some late-breaking changes to this documentation are currently available only in the English documentation on the HCL Software Product Documentation site on the web.
Welcome to HCL Domino® Administrator Help.
Accessibility features for Domino Administrator
Accessibility features help users who have a physical disability, such as restricted mobility or limited vision, to use information technology products.
Translated languages
This release of HCL Domino® and Notes® is translated into the following languages.
Using Domino® Administrator Help
Because Domino Administrator Help is a Notes application, you can use familiar Notes gestures to find information.
A trial version of HCL Domino® 12.0 is available free of charge.
Domino trial requirements
Read about the Domino trial requirements.
Deploying the Domino on Docker trial server
To deploy a new Domino server in a Docker container, complete the following steps.
Preparing the Domino server
Before you configure the additional products that are part of the trial, complete the following steps.
Configuring additional products
After you prepare the HCL Domino® server, optionally configure any of the following pre-installed products: HCL Domino® Volt, HCL Verse, HCL Traveler, HCL Domino® AppDev Pack.
Useful Docker commands for the trial
While administration and configuration steps are largely executed the same way for both a Domino-container-based server and non-container-based server, there are a few differences to keep in mind.
Use this documentation to install the HCL Domino® server and subsequently deploy the HCL Notes®client.
Installing and upgrading Domino® servers
Perform a new or upgrade install of one or many Domino® servers.
Installing and upgrading Notes® clients
Use this documentation to upgrade the existing Domino® server and subsequently upgrade the Notes® client to a new release. You can also upgrade additional clients such as Domino Administrator and Domino Designer clients and additional features and plug-ins such as the embedded HCL Sametime® client.
Use this topic as an overview of planning task.
Roadmap for deploying Domino® servers
Use this as a tool when planning how to integrate HCL Domino® into your existing environment.
Planning server-to-server connections
Servers must connect to each other to exchange data, for example to replicate databases and exchange mail. You can create connections between servers across a local area network (LAN) or wide area network (WAN), by using a pass-through server (a server that acts as an intermediary server between a client and its destination), or over the Internet. Create a Server Connection document whenever you need to establish any new or additional server connections. You can modify this document when necessary.
Planning directory services
HCL Domino® provides a range of directory service features.
Planning a mail routing topology
HCL Domino® offers you considerable flexibility in configuring your mail system infrastructure, allowing you to use HCL Notes® routing, SMTP routing, or both, for internal and external messages.
Planning a cluster
When planning a cluster, it is important to consider the performance and ability of your hardware. The cluster must have enough CPU power, memory, and disk space to handle the cluster traffic and the number of databases and replicas required.
Planning the TCP/IP network
The default TCP/IP configuration for an HCL Domino® server is one IP address that is globally bound, meaning that the server listens for connections at the IP addresses of all NICs on the computer. Global binding works as long as the computer does not have more than one IP address offering a service over the same assigned TCP port.
Planning the NetBIOS network
The HCL Domino® network is compatible with NetBIOS, a set of IBM® session-layer LAN services that has evolved into a standard interface that applications use to access transport-layer network protocols.
Messaging overview
The HCL Domino® mail system has three basic components: Domino mail servers, Domino mail files, and mail clients. The Domino mail server is the backbone of an organization's messaging infrastructure, acting both as an Internet mail server and an HCL Notes® mail server. Domino provides standards-based Internet messaging through its support of the Simple Mail Transfer Protocol (SMTP), Post Office Protocol version 3 (POP3), Internet Message Access Protocol (IMAP), and Multipurpose Internet Mail Extensions (MIME). At the same time, Domino supports Notes mail through the use of Notes routing protocols -- Notes remote procedure calls (NRPC) -- and the Notes rich text message format.
Planning your Notes® client deployment
Use the references listed here to plan for, install, upgrade to, and configure the HCL Notes® client.
Planning security
An important aspect of planning security for your Domino® environment is understanding the tasks and features involved with securing each type of resource.
Use this information to configure your network, users, servers (including Web servers), directory services, security, messaging, widgets and live text, and server clusters.
Configuring a network
This section presents the planning concepts and setup procedures necessary for a successful HCL Domino® deployment over a network. It provides information on network protocols from a Domino perspective but does not attempt to provide general network information.
Configuring users and servers
Topics in this section describe how to set up users and servers.
This section describes security features, including execution control lists, IDs, and TLS.
Overview of Domino security
Setting up security for your organization is a critical task. Your security infrastructure is critical for protecting your organization's IT resources and assets. As an administrator, you need to give careful consideration to your organization's security requirements before you set up any servers or users. Up-front planning pays off later in minimizing the risks of compromised security.
Server access for Notes® users, Internet users, and Domino® servers
To control user and server access to other servers, Domino® uses the settings you specify on the Security tab in the Server document as well as the rules of validation and authentication. If a server validates and authenticates the Notes® user, Internet user, or server, and the settings in the Server document allow access, the user or server is allowed access to the server.
The database access control list
Every .NSF database has an access control list (ACL) that specifies the level of access that users and servers have to that database. Although the names of access levels are the same for users and servers, those assigned to users determine the tasks that they can perform in a database, while those assigned to servers determine what information within the database the servers can replicate. Only someone with Manager access can create or modify the ACL.
Domino® server and Notes® user IDs
Domino® uses ID files to identify users and to control access to servers. Every Domino server, Notes® certifier, and Notes user must have an ID.
The execution control list
You use an execution control list (ECL) to configure workstation data security. An ECL protects user workstations against active content from unknown or suspect sources, and can be configured to limit the action of any active content that does run on workstations.
Domino® server-based certification authority
You can set up a Domino® certifier that uses the CA process server task to manage and process certificate requests. The CA process runs as a process on Domino servers that are used to issue certificates. When you set up a Notes® or Internet certifier, you link it to the CA process on the server in order to take advantage of CA process activities. Only one instance of the CA process can run on a server; however, the process can be linked to multiple certifiers.
TLS security
Transport Layer Security (TLS) is a security protocol that provides communications privacy and authentication for Domino® server tasks that operate over TCP/IP.
TLS and S/MIME for clients
Clients can use a Domino® certificate authority (CA) application or a third-party CA to obtain certificates for secure TLS and S/MIME communication.
Encryption protects data from unauthorized access.
Name-and-password authentication for Internet/intranet clients
Name-and-password authentication, also known as basic password authentication, uses a basic challenge/response protocol to ask users for their names and passwords and then verifies the accuracy of the passwords by checking them against a secure hash of the password stored in Person documents in the Domino® Directory.
Time-based one-time password (TOTP) authentication
When users log on to a Domino Web server, you can require that they provide time-based one-time passwords in addition to their user names and passwords.
Multi-server session-based authentication (single sign-on)
Multi-server session-based authentication, also known as single sign-on (SSO), allows Web users to log in once to a Domino® or WebSphere® server, and then access any other Domino or WebSphere servers in the same DNS domain that are enabled for single sign-on (SSO) without having to log in again.
Using Security Assertion Markup Language (SAML) to configure federated-identity authentication
Federated identity is a means of achieving single sign-on, providing user convenience and helping to reduce administrative cost. In Domino® and Notes®, federated identity for user authentication uses the Security Assertion Markup Language (SAML) standard from OASIS.
Using a credential store to store credentials
A Domino® server can use a credential store application as a secure artifact repository. Examples of secure artifacts include authentication credentials and security keys.
History of supported key sizes in Notes and Domino
This article provides information about the RSA key sizes supported by Notes® and Domino® from past releases to the current release.
This documentation provides information about the administration tools for managing and monitoring servers and databases.
Administration tools
Topics in this section describe the tools you can use to administer a Domino® server.
This section describes how to use the tools and features that help you monitor a Domino® system.
Managing servers
Manage Domino® servers by performing any of these tasks.
Managing databases
Topics in this section describe how to set up and manage Domino® databases.
Use this information to improve HCL Domino® server, Domino Web server, and messaging performance through the use of resource balancing and activity trends, Server.Load commands, advanced database properties, cluster statistics, and the Server Health Monitor.
Resource balancing and activity trends
Domino® server resource utilization can be separated into two types, system activity and user activity. System activity, which includes the level of processor, disk, memory, and network consumption that Domino generates to keep the server running, is a fixed amount of activity, as long as systems are healthy and performing smoothly. Domino servers typically use a modest percentage of their resources to run. The remaining server capacity is used to support user activity, which varies with the usefulness of the data on the server.
The Server.Load tool
Server.Load is a capacity-planning tool that you use to run tests, also called "scripts" and "workloads," against a targeted Domino® server to measure server capacity and response metrics.
Tuning Domain Indexer performance
Each time the Domain Indexer task runs, it looks in the Domain Catalog for new databases that have the Include in multi database indexing property enabled. It then looks for documents and files in existing databases and file systems that are new or changed since the last time it ran, and adds them to the Domain Index.
Improving Domino® server performance
Read the following topics for help on improving basic Domino® server performance and capacity, as well as the performance of these features: Agent Manager, databases and the Domino directory, the directory catalog, LDAP searches, mail, Web server, Windows NT™ server, and UNIX™ server.
Improving Web server performance
After you set up the Domino® Web server and make sure that it runs properly, check the server's performance and response time.
Improving mail performance
Domino® includes features that improve efficiency in specific environments, but these features may not be switched on by default.
Setting advanced database properties
Advanced database properties include performance optimization and compression features, as well as ways to manage usability features such as unread marks and soft deletions.
Understanding cluster statistics
Three categories of Domino® cluster statistics help you analyze clusters
Improving the performance of the Server Health Monitor
If the Domino® Administration client workstation performs at 100 percent CPU utilization for a long period of time, the Server Health Monitor discards server statistic data to keep up with the workload.
This section describes how to find and solve problems with HCL Domino® server and Administrator client.
Troubleshooting a problem
Troubleshooting is a systematic approach to solving a problem. The goal of troubleshooting is to determine why something does not work as expected and how to resolve the problem.