Home
What's new in Domino 12?
Learn about all of the new features for administrators in HCL Domino® 12.
What's new in 12.0.1?
HCL Domino 12.0.1 introduces the following new features.
Enhancements related to security features
HCL Domino 12.0.1 provides the following enhancements related to security features.
ID files in mail files no longer used for vaulted iNotes and Verse users
In this release, if an iNotes or Verse user has an ID file in the vault, the vaulted ID is always used for secure mail operations.

What's new in Domino 12?
Learn about all of the new features for administrators in HCL Domino® 12.
- What's new in 12.0.1?
  HCL Domino 12.0.1 introduces the following new features.
  - Enhancements related to security features
    HCL Domino 12.0.1 provides the following enhancements related to security features.
    - ID files in mail files no longer used for vaulted iNotes and Verse users
      In this release, if an iNotes or Verse user has an ID file in the vault, the vaulted ID is always used for secure mail operations.
    - Certificate Manager enhancements
      Certificate Manager (CertMgr) includes the following enhancements for HCL Domino 12.0.1.
    - TOTP enhancements
      The following TOTP enhancements are provided in Domino 12.0.1
    - New algorithms for importing and exporting S/MIME and TLS credentials
      Domino 12.0.1 adds more flexibility and security by supporting new algorithms for the PKCS#12 and PEM functionality used for importing and exporting S/MIME and TLS credentials.
    - Use Notes Shared Login to secure server ID files
      The Notes Shared Login (NSL) functionality has been extended to securing server ID files.
    - More secure internet passwords supported when logging on to Domino Java console
      Administrators whose Internet passwords have the secure Internet password option Yes - Password verification compatible with Notes/Domino release 8.0.1 set can now log on to the Domino Java Console. Previously, this level of Internet password security was not supported for the Java console.
    - New qvault command option to update user data
      A new qvault command option, -p, allows you to update user data in the ID vault.
  - One-touch setup enhancements
    HCL Domino 12.0.1 includes Domino one-touch setup enhancements.
  - Silent installs supported for cascaded MUI pack
    Silent installs are supported for the cascaded Multilingual User Interface (MUI) pack introduced in V12.0
  - Beta version of 64-bit Windows clients
    A beta version of a 64-bit Domino Designer client, Administrator client, and Notes standard client for Windows (English-only) is provided through a separate installer.
  - Improved name lookup to find Active Directory users
    When Domino users want to add the names of Active Directory users or groups to Domino groups, database ACLs, or email messages, Active Directory can now be one of the directories that is available for them to search.
  - Auto-processing of rename requests
    A new features allows you to configure the Administration Process to automatically process rename requests for users who have Notes IDs in the vault. This feature avoids the need for a user to authenticate with a Domino server from the Notes client to kick off rename processing.
  - Entitlement tracking enhancements
    HCL Domino 12.0.1 provides the following enhancements to the Entitlement tracking feature.
  - Mail routing between Domino and domains with Internationalized Domain Names (IDNs)
    Domino mail users can now communicate with non-Domino mail users who use internationalized domain names (IDNs) in their email addresses.
  - DKIM signing for messages routed to external Internet domains
  - Hide folders in the Files tab of the Domino Administrator
    A new server notes.ini setting allows you to prevent specified folders in the Domino data directory from loading in the Files tab of the Domino Administrator.
  - Backup and restore enhancements
    V12.0.1 provides the following enhancements for backup and restore functionality.
  - New Updall options
    New Updall options are available.
  - Compact enhancement
    When you use the compact command with -c, -X, and -restart options, a file called <database>.restart is created when the time limit specified by -X is reached.
  - New Notes client notes.ini settings
    Use notes.ini settings to customize the following aspects of the Notes 12.0.1 client.
  - notes.ini setting recommendation for Windows Server 2022
    Windows Server 2022 is supported as of HCL Domino 12.0.1. If high-traffic mail or applications servers on this platform exhibit performance issues (high system CPU usage or hangs), to improve performance, use the notes.ini setting OS_DISABLE_CACHESET=1. This setting disables manipulation of the Microsoft File System Cache.
  - .ind file enhancements
    HCL Domino 12.0.1 provides .ind files enhancements.
  - R4.6 and R5 sections removed from Domino directory
    Sections of the Domino directory that pertained only to Domino R4.6 or R5 are removed in HCL Domino 12.0.1.
  - New Java Runtime Environment (12.0.1)
    A new Java Runtime Environment (JRE) is provided with HCL Domino 12.0.1 and HCL Domino Designer 12.0.1.
- What's new in 12.0?
  HCL Domino 12.0 introduces the following new features.
- Components no longer included in this release
  The following components are no longer included.

ID files in mail files no longer used for vaulted iNotes and Verse users

In this release, if an iNotes or Verse user has an ID file in the vault, the vaulted ID is always used for secure mail operations.

Regardless of the type of authentication that is configured (password, SAML, or TOTP), if the iNotes or Verse user has an ID in the vault, it is always used for secure mail operations. Previously, the ID file in iNotes or Verse user mail files was used. The ID file still remains in the mail file for other applications that might need to access it.

User security preference changes

Because of this change, the following iNotes and Verse end-user security preferences are no longer needed or provided when a Domino 12.0.1 server is used:

Synchronize Notes ID with Vault (iNotes) or Sync with Vault (Verse)
Import Notes ID

The following security settings depend on the server configuration:

Change Notes ID Password This button is not provided if SAML or TOTP is enabled on the server.
Change Internet Password This button is not provided if SAML is enabled on the server.

Changes to ID vault configuration

Related to this change are also the following changes to ID vault configuration.

If you specify No in the Automatic ID downloads section of the ID vault tab in a Security Settings document, a new field, Allow trusted server ID downloads, is shown:

Allow trusted server ID downloads field set to Yes

The default value for this new field is No. By setting it to Yes, you can allow iNotes and Verse user IDs to be downloaded from the ID vault without any restrictions while allowing restriction to continue for Notes client user IDs. Enabling this setting is important if you have Verse users or vaulted iNotes users to ensure their IDs can always be downloaded and cached from the server.

If you select Yes for Allow trusted server ID downloads, you must also specify which servers you trust to download the iNotes and Verse IDs from. To specify the trusted servers:

Open the vault database.
Open the Configuration document.
In the Non iDP authentication login field, specify the names of the ID vault servers that you trust for iNotes ID downloads.
Note: This field was previously in a section of the document named TOTP authenticated login. The section name is changed to indicate that the field applies beyond just TOTP.