Home
Administering IBM Traveler
Information on planning, installing, configuring, and administering IBM Traveler.
Administering IBM Traveler
The IBM Traveler server component functions as a Domino® server add-in task and responds to Domino server console commands. Topics in this section describe common administrative tasks for administering a IBM Traveler server.
Device security
There are a number of considerations to be aware of when securing different device types.
Apple device security
There are special considerations to be aware of when securing the Apple Mail client or the IBM Verse® client.

Administering IBM Traveler
Information on planning, installing, configuring, and administering IBM Traveler.
- Planning for installation and configuration
  There are many installation and configuration considerations you should review before installing the IBM Traveler server.
- Installing the IBM Traveler server
  The following topics describe options for installing and uninstalling the server:
- Configuring IBM Traveler server
  The IBM Traveler configuration settings are part of the Domino® server document. The first time that the IBM Traveler server is started, it performs any necessary configurations. You might want to perform additional configurations beyond the basics. The following topics describe additional configuration options.
- Administering IBM Traveler
  The IBM Traveler server component functions as a Domino® server add-in task and responds to Domino server console commands. Topics in this section describe common administrative tasks for administering a IBM Traveler server.
  - Starting and stopping the server
    The IBM Traveler server and the HTTP server automatically start if you accept the default settings during installation. Use the commands in this topic to manually start or stop the IBM Traveler server.
  - Using the administration application
    The IBM Traveler administration database is contained in the LotusTraveler.nsf. This database contains the user interface that is used to view mobile user and device information, as well as set default device preference and security policies.
  - Assigning preferences and security settings to devices
    There are different ways to assign settings that determine how users work with the IBM Traveler server. You can use the built-in set of default device preferences and security settings that IBM Traveler provides, which is simpler. Or you can create a IBM Traveler policy settings document, which provides greater flexibility and control but is more complex to configure.
  - Device security
    There are a number of considerations to be aware of when securing different device types.
    - IBM Verse for Android device security
      There are special considerations to be aware of when securing an IBM Verse for Android device.
    - Apple device security
      There are special considerations to be aware of when securing the Apple Mail client or the IBM Verse® client.
    - BlackBerry Mobile device security
      There are special considerations to be aware of when securing a BlackBerry device.
    - Windows™ Phone, Windows™ Tablet, and Windows RT device security
      There are special considerations to be aware of when securing a Windows™ Phone, Windows Tablet, or Windows RT device.
  - Working with attachment security settings
    You can control how IBM Traveler clients manage file attachments and images.
  - Remote wipe
    If a mobile device is lost or stolen, an administrator can issue a remote wipe command to remove all sensitive data from the device. You can remove the IBM Traveler application and data from the device and, depending on the device, restore the device to the factory default settings.
  - Console commands
    This topic provides a detailed description of the IBM Traveler console commands.
  - Controlling access to IBM Traveler
    When a user leaves the company or a device is lost or stolen, you must remove or restrict access to the IBM Traveler server. This section covers methods for removing and restricting access.
  - Deleting a user from IBM Traveler
    An administrator can remove old or invalid users from the IBM Traveler administrator UI and database. This should only be done for users where access is already restricted using a IBM Traveler or Domino® server access list, or who are no longer listed in the Domino directory.
  - Creating links to start the IBM Verse mobile app
    Create links that a user can click to start the IBM Verse mobile app from a web page or email.
  - Enabling syncing of read or unread changes
    Unread replication is enabled for each user automatically by the IBM Traveler server so that unread marks sync correctly with the device. This section explains how to activate unread replication manually using the Domino® Administrator client.
  - Repeated crash protection
    When certain Notes® documents are corrupted or contain non-standard content, they can cause the IBM Traveler server to repeatedly crash as it tries to process these documents. A repeating crash prevention feature exists to help minimize IBM Traveler server outage in these instances.
  - Maintaining the IBM Traveler database
    Whether running standalone IBM Traveler servers with the internal database or a pool of servers with an enterprise database, the database requires periodic maintenance to maintain optimal performance.
  - Address conversion
    Not all devices support the full range of acceptable IBM® Domino® mail addresses as well as they support internet addresses.
  - Address encoding for Microsoft Exchange ActiveSync devices
    ActiveSync devices, such as Windows Phone and Tablet, BlackBerry 10, and Apple iOs, cannot support the full range of acceptable Domino® mail addresses. To allow the device to properly handle non-standard internet address formats, IBM Traveler has a feature that encodes them into internet addresses supported by these devices.
  - Enforcing data sync limits
    Administrators can enforce synchronization data limits for all users using a setting in the Default Settings document.
  - Log types
    IBM Traveler has many different logs with a variety of purposes.
  - HTTP request handling and 409 responses
    IBM Traveler handles HTTP requests in specific ways that may result in 409 responses.
  - Confirming external recipients on Android devices
    For IBM Verse for Android clients, you can choose to prompt the user to confirm the sending of mail to external recipients. This provides an extra step to help prevent the unintentional sending of mail outside of your organization.
  - Adaptive Initial Sync
    Adaptive Initial Sync (AIS) helps ensure server availability in certain server bring up or recovery situations.
  - FCM or GCM messaging for IBM Verse for Android clients
    IBM Traveler server can use Firebase Cloud Messaging (FCM) or Google Cloud Messaging (GCM) for real time push notifications to keep your Mail, Calendar, Contact and To Do data on your IBM Verse for Android clients up to date. Google has deprecated GCM and replaced it with FCM.
  - How synced data moves through the system
    When a device needs to sync data with the user's mail server, the user registers that device with the IBM Traveler server. This involves some initial setup which includes negotiating security settings as well as data options and filters to be used when syncing the data from the user's mail database to the device and vice versa.
  - How IBM Traveler processes attachments
    There are several issues to be aware of in how IBM Traveler processes attachments.

Apple device security

There are special considerations to be aware of when securing the Apple Mail client or the IBM Verse® client.

Apple Mail authentication

IBM® Traveler relies on the Domino® infrastructure (HTTP and Admin Client) to authenticate the user. The authentication credentials can be one of the user's allowed Domino® name formats, along with the user's HTTP password, or it can be something defined with the Directory Assistance database. All devices use HTTP basic authentication, so HTTPS is recommended for security reasons unless using a VPN or a secured network.

IBM Verse authentication

IBM Verse relies on the Domino infrastructure (HTTP and Admin Client) to authenticate the user. The authentication credentials can be one of the user's allowed Domino name formats, along with the user's HTTP password. These credentials are stored securely at the client. In addition to HTTP basic authentication, IBM Verse for iOS, when used with the cloud offering, can also use some forms of SAML authentication. For more information on SAML, see Federated identity in IBM SmartCloud for Social Business Explained.

Account information and passwords

Apple Mail Mail, Calendar, and Contacts are controlled with the single Exchange ActiveSync account. These credentials are controlled by Apple.

IBM Verse, IBM® Traveler Companion and To Do's store all of their credentials in the Apple iOS provided keychain.

Data storage

Apple devices provide hardware encryption. This encryption is controlled by Apple and is reported to be AES 256-bit.

IBM® Traveler Companion does not persist any PIM data.

IBM Verse and IBM® Notes® To Do's data is stored in a local database and secured using the Apple iOS Data Protection capabilities.

Have feedback?
Google Analytics is used to store comments and ratings. To provide a comment or rating for a topic, click Accept All Cookies or Allow All in Cookie Preferences in the footer of this page.