Home
Administering HCL Nomad
The following topics provide instructions on how to install, configure, and manage HCL Nomad.
SafeLinx as the Nomad server
An HCL SafeLinx 1.2 or later server configured as a HCL Nomad server is required to handle communications with Nomad clients.
Completing the prerequisites
Before you begin configuring the HCL Nomad server, complete the following prerequisites:
Configuring a Domino LDAP server for Nomad
Configuring Nomad to bind anonymously to the Domino LDAP server
For security reasons, configuring the Nomad server to bind anonymously to search the Domino LDAP directory is not recommended. However, should you need to bind anonymously for some reason, you must allow the Domino LDAP service to access specific attributes.

Administering HCL Nomad
The following topics provide instructions on how to install, configure, and manage HCL Nomad.
- System architecture
  This topic describes the system architecture for HCL Nomad for web browsers, iOS, and Android.
- Nomad server on Domino
  The Nomad server on Domino services Nomad clients directly from your Domino server. It has been designed to simplify Nomad deployment.
- SafeLinx as the Nomad server
  An HCL SafeLinx 1.2 or later server configured as a HCL Nomad server is required to handle communications with Nomad clients.
  - Getting started with Nomad server wizard
  - Completing the prerequisites
    Before you begin configuring the HCL Nomad server, complete the following prerequisites:
    - Configuring a Domino LDAP server for Nomad
      - Configuring Nomad to bind anonymously to the Domino LDAP server
        For security reasons, configuring the Nomad server to bind anonymously to search the Domino LDAP directory is not recommended. However, should you need to bind anonymously for some reason, you must allow the Domino LDAP service to access specific attributes.
    - Hosting the Nomad for web browsers static web files
      This topic only applies to Nomad for web browsers.
  - Collecting required information
  - Installing and setting up SafeLinx
  - Configuring the Nomad server
  - Logging in to verify the configuration
  - Configuring SafeLinx to accept LTPA cookies from other servers
    If there are other servers in the Nomad server network configured for single sign-on, you can configure SafeLinx to accept LTPA cookies from those servers.
- HCL Nomad and panagenda MarvelClient
  The HCL Nomad management solution MarvelClient from panagenda is now provided with all installations of HCL Nomad on iOS, Android, and HCL Nomad for web browsers. panagenda MarvelClient allows administrators to manage HCL Nomad clients by defining their own settings.
- Managing HCL Nomad via an MDM provider (mobile)
  Starting with version 1.0.4 for HCL Nomad for iOS, and version 1.0.13 for HCL Nomad for Android, managed configuration via most common Mobile Device Management (MDM) providers is supported. All MDM providers are slightly different in how they implement managed configurations for applications.
- Configuring Nomad federated login
  When you configure Nomad federated login, HCL Nomad for web browser users are not prompted for their HCL Notes ID passwords when they set up Nomad. Instead, they are prompted only for credentials from a SAML identity provider (IdP) that is accessed through the Nomad server.
- Setting notes.ini values
  This topic describes how to configure notes.ini settings.
- Configuring notes.ini customizations
  This topic describes notes.ini settings used to customize startup and runtime behavior.
- Configuring application switcher (Nomad for web browsers)
  Application (app) switcher is an optional, configurable dropdown menu displayed on the left of HCL Nomad for web browsers' navigation bar. Each app switcher menu entry shows an application icon followed by the application’s name. Clicking on an app switcher menu entry navigates to the corresponding application address in a new browser tab.
- Shared usage (Nomad for web browsers)
  Nomad for web browsers administrators can force local user data to clear on shutdown. This option is only recommended when the usage pattern will be a new user each time Nomad is loaded or reloaded.
- Troubleshooting (Nomad for web browsers)
  This topic describles troubleshooting for administrators.

Configuring Nomad to bind anonymously to the Domino LDAP server

For security reasons, configuring the Nomad server to bind anonymously to search the Domino LDAP directory is not recommended. However, should you need to bind anonymously for some reason, you must allow the Domino LDAP service to access specific attributes.

About this task

By default, the Nomad server binds anonymously to search for required information in the Domino directory. However, best practice is to instead configure it to bind using a dedicated system user ("bind user"). Any Domino user with read access to the Domino server names.nsf file can be the bind user.

If the the Nomad server must bind anonymously (not recommended), you must configure the Domino LDAP task to allow anonymous access to the following attributes:

dominoPerson objectclass attributes: maildomain, mailserver
dominoServer object class attribute: Smtpfullhostdomain

See the procedure Configuring anonymous LDAP search access to a Domino directory in the Domino documentation on how to add all three attributes. Restart the Domino LDAP task (restart task ldap command) when you're done.