Deleting a user FAQ

The following is a set of frequently asked questions about deleting a user from HCL Traveler.

  1. Is deleting documents from the LotusTraveler.nsf database the correct way to remove configurations for users and devices?

    No. Deleting documents from the LotusTraveler.nsf is not the correct way to delete users.

    The HCL Traveler task itself maintains the "master data" (in the embedded Derby DB found in /data/traveler/ntsdb). Other tasks can change the master data by making requests for the change. They are then notified when changes are made in the master data. This includes the LotusTraveler.nsf and the Servlet home page. LotusTraveler.nsf is updated by the Traveler task whenever any data that LotusTraveler.nsf uses is updated. The data does NOT flow the other way except for the actions in the LotusTraveler.nsf, which have buttons at the beginning of the Views (deny access, remote wipe). These buttons operate by making tell commands to HCL Traveler and updating the data, which then updates LotusTraveler.nsf. For example, if the deny access action is executed for a device, LotusTraveler.nsf is unchanged and the tell traveler security call is made to HCL Traveler. When HCL Traveler receives the tell command, it executes it and updates LotusTraveler.nsf with the new state. As a result, LotusTraveler.nsf is indirectly updated instead of directly.

    For more information, see Deleting a user from HCL Traveler.

  2. Is deleting records from the Traveler database the correct way to remove configurations for users and devices?

    No. Deleting records directly from the enterprise database (Traveler HA) or the Derby database is not supported. The delete commands handle removing and cleaning up the records associated with a user or device.

  3. What delete commands delete which Traveler data?
    • tell traveler delete <DeviceID> <username> - deletes all sync data related to the user.
    • tell traveler security delete <DeviceID> <username> - deletes the security records from the SEC_RECORDS table.
    • tell traveler admindata delete <DeviceID> <username> - aborts all syncs processing in Traveler, unregisters the devices and clears all of the various cached information that Traveler keeps for the given device.
  4. If I delete a document for a user or device in the LotusTraveler.nsf, does that entry still exist in the Traveler application even though it is no longer viewable?

    Yes. If you delete entries from the LotusTraveler.nsf (or delete the LotusTraveler.nsf database itself), they will be recreated by the Traveler task over time. As values change in the Traveler task, they are sent to LotusTraveler.nsf, which stores the new data by creating new entries for the ones that are now missing. As a result, over time, your LotusTraveler.nsf will be repopulated with the same data it had before (plus any new changes).

  5. Should all HCL Traveler user and device configuration changes and deletions be done from the server console, using the tell traveler commands?
    Yes. Everything should be done using the tell commands. The tell commands can be executed in various ways:
    1. Tell commands on the Domino console.
    2. Using the action buttons in LotusTraveler.nsf.
    3. Using the Traveler User Home Page (/traveler).
    4. Using the Traveler Admin APIs.
  6. When using console commands such as tell traveler security allstatus, why does the system show old device IDs for users who no longer have those devices?

    tell traveler delete <device> <user> is the proper way to delete a device. This command deletes all knowledge that the HCL Traveler server has of the device, except for the security record. Because of the importance of the security information, it is not cleaned by the delete command. In addition, HCL Traveler auto-deletes devices that have not been used in a certain number of days (this setting is on the HCL Traveler tab in the Server document). This is another reason security information is kept separate from delete, so that the device cannot return after being auto-deleted without security actions. The admin must separately clear the security actions for them to be cleared. You can clear the security actions in LotusTraveler.nsf or with tell commands, but not using the user managed security web page.

  7. If I want to transition a device from one user to another, what is the correct way to remove the current user from the device before allocating it to the new user?
    The correct way is to run the following two tell commands:
    tell traveler security delete <device> <olduser> 
    tell traveler delete <device> <olduser>
  8. When deleting a user, why does delete or reset not also clear the security record?

    Because an auto-delete can happen after a specified number of days, it cannot clear the security state. Also, if user commands are enabled in the servlet (the server document), a user could delete the device to circumvent the security protocols. As a result, the delete command does not delete the security record. The admin is the only one who can clear security actions.

  9. If a document from the LotusTraveler.nsf database is deleted by mistake, will the mobile device still be active and sync normally?

    Yes. The Traveler task has the real data and would slowly rebuild LotusTraveler.nsf. The device will continue to operate normally.

  10. Assume that a device is locked using the LotusTraveler.nsf database and the lock device action button. Then, by mistake, the same user configuration document is also deleted from the LotusTraveler.nsf database (while the device is still locked). What is the recovery procedure recommended by HCL?

    When something on the device is updated that affects the information in LotusTraveler.nsf, it reappears. If you want to take actions within the database, but the record is not present at that time, you should use the tell commands in the Domino console directly. All of the actions in LotusTraveler.nsf map to tell traveler security commands.