Skip to main content link. Accesskey S
  • Help
  • IBM Logo
  • IBM Notes and Domino wiki
  • All Wikis
  • All Forums
  • ANNOUNCEMENT: THIS WIKI IS READ-ONLY. Learn more...
  • Home
  • Product Documentation
  • Community Articles
  • Learning Center
  • IBM Redbooks
  • API Documentation
Search
Community Articles > Lotus Domino > User-centric settings
  • Share Show Menu▼
  • Subscribe Show Menu▼

About the Original Author

Click to view profileIBM contributorStanton Sievers
Contribution Summary:
  • Articles authored: 16
  • Articles edited: 0
  • Comments Posted: 3

Recent articles by this author

Integration with XPage Embedded Experiences
XPages can be leveraged as embedded experiences in Notes and iNotes. This article outlines the considerations one should make to enable this functionality.

Gadget data flow
OpenSocial Component functionality in Notes and iNotes relies on several different pieces of data, including proxy rules, OAuth consumer information, and gadget capability information. This article outlines how this data is used and how its use can be customized.

Collecting support data
In the event that verification of the OpenSocial Component fails an administrator will need to collect support data. This article outlines how an administrator can collect support data for Notes, iNotes, and Domino.

Verification
Once the OpenSocial Component is installed and configured, administrators need to verify that their environment is working properly. This article outlines how an administrator can do such verification.

Troubleshooting
In the event that verification of the OpenSocial Component fails an administrator may need to troubleshoot his or her environment. This article outlines how an administrator can do such troubleshooting.
Community articleUser-centric settings
Added by IBM contributorStanton Sievers | Edited by IBM contributorDoug MacDonald on January 28, 2014 | Version 29
expanded Abstract
collapsed Abstract
The OpenSocial Component functionality must be enabled at the user level. This article outlines how that enablement is achieved for Notes and iNotes users
ShowTable of Contents
HideTable of Contents
  • 1 Overview
  • 2 Notes User-Centric Settings
    • 2.1 Managed Account
    • 2.2 Notes Desktop Policy Settings
      • 2.2.1 Accounts Tab
      • 2.2.2 Custom Settings Tab
      • 2.2.3 Widgets Tab
    • 2.3 Notes Security Policy Settings
    • 2.4 Notes Verification
  • 3 iNotes User-Centric Settings
    • 3.1 iNotes Desktop Policy Settings
    • 3.2 iNotes Security Policy Settings
    • 3.3 iNotes Mail Policy Settings
    • 3.4 iNotes Verification

< Previous | Cookbook Contents | Next >


Overview


In order for the OpenSocial Component functionality to work for Notes and iNotes users, certain user-centric settings much be in place. The goal of this article is to aggregate information on how to configure the user-centric settings that are need to enable OpenSocial Component functionality in Notes and iNotes clients.

The following list shows an overview of the settings that need to be in place as well as which clients they are for. If a deployment includes both Notes and iNotes users, some settings can (and will) overlap.
  • Managed Account (Notes only)
  • Policy
    • Desktop Settings
      • Widgets (Notes and iNotes)
      • Accounts (Notes only)
      • Custom Settings (Notes only)
    • Security Settings
      • Execution Control List (Notes only)
      • Proxies (iNotes only)
    • Mail Settings
      • iNotes use only (iNotes only)

For more information on Domino policies, see Domino Policies - FAQ and How do Domino policy changes get applied?. There is also an entire category on policyexternal link in the Notes and Domino wiki where more information can be found.

Notes User-Centric Settings


Managed Account


A managed account is an account that is created and configured on the Domino Server and pushed by policy to Notes users for use in the Accounts framework there. The managed account required for OpenSocial Component functionality is used when rendering remotely in Notes. See Gadget rendering process for more information on rendering remotely. The account is used in Notes to establish a session with the Domino Server with Shindig in order to obtain a security token that is used in the gadget rendering process. In a sense, the SSO token used to authenticate the current Notes user with the Domino Server with Shindig is exchanged for this security token.

For details on setting up this managed account, see:
For 9.0, Configuring a managed account for the OpenSocial Componentexternal link.
For 9.0.1, Configuring a managed account for the OpenSocial Component.

For more information on security tokens, see the "Security Tokens" section of the Server-centric settings page.

Notes Desktop Policy Settings


Accounts Tab


The aforementioned managed account, once created, must be pushed to Notes clients by policy. This is accomplished in a desktop policy settings document in the "Accounts" tab. For details on pushing the account by policy, see steps #8-12 of:
For 9.0, Creating policies for the OpenSocial componentexternal link.
For 9.0.1, Creating policies for the OpenSocial component.

Custom Settings Tab


NOTE: This section is only required for setup of the OpenSocial features on IBM Notes 9.0. This configuration is now part of the IBM Notes 9.0.1 client by default.

Notes client require a single notes.ini setting in order for OpenSocial Component functionality to fully function. See steps #6-7 of Creating policies for the OpenSocial componentexternal link.

For more information on pushing notes.ini settings to Notes clients by policy, see Pushing policy settings to the client for updating notes.ini and Eclipse preference settingsexternal link

Having trouble finding the "Custom Settings" tab? See here: Where is that Desktop Policy Settings tab hiding?

Widgets Tab


Notes clients require a minimal amount of Widgets configuration to function. steps #2-5 of:
For 9.0, Creating policies for the OpenSocial componentexternal link.
For 9.0.1, Creating policies for the OpenSocial component.

The "Gadget Server URL" field is critical in the remote gadget rendering process as it dictates which Domino Server with Shindig Notes clients will use to render OpenSocial gadgets remotely.

Note: If using HTTPS for the protocol on the Gadget Server URL, one may need to make some other changes as outlined in OpenSocial Component on Domino using TLS or SSLexternal link. Special considerations need to be taken when using HTTPS depending on the CA of the certificates as outlined in Using HTTPS When Rendering OpenSocial Gadgetsexternal link.

More information on configuring Widgets for iNotes users can be found here:
For 9.0, Using policies to control widgets and live text access.
For 9.0.1, Using policies to control widgets and live text access.

Notes Security Policy Settings


Notes clients require Execution Control List (ECL) configuration in a security policy settings document in order to establish trusted widget approvers. The ECL mechanism in Notes 9.0 and above has a new "Configure Widget capabilities" ability that can be assigned to users or groups. This ability, when given to a user or group, establishes that user or group as a trusted Widget approver, i.e., a Widget Catalog administrator who approves Widgets via the Widget approval process.

For more information, see steps #14-18 of:
For 9.0, Creating policies for the OpenSocial componentexternal link.
For 9.0.1, Creating policies for the OpenSocial component.

Note: ECL settings in the Domino Directory replicate as design elements. If a Domino Directory is not replicating design to home mail servers, the ECL setting will not take affect for the users of that server.

Notes Verification


An administrator can verify the effective policy set for given users by Using the Policy Synopsis tool to determine the effective policyexternal link

To verify policy for Notes clients, one can inspect the client preferences in both the Accounts and Widgets preference panes. In the Accounts preference pane, one should see the Managed Account that was pushed by policy. In the Widgets preference pane, one can verify the Widget catalog server and database name, as well as any categories that are pushed by policy.

iNotes User-Centric Settings


iNotes Desktop Policy Settings


Information on configuring desktop policy settings for iNotes users is detailed in steps #1-6 on this page:
For 9.0, Creating policies for Domino Social Edition Open Social component.
For 9.0.1, Creating policies for Domino Social Edition Open Social component.

The "Gadget Server URL" field is critical in the gadget rendering process as it dictates which Domino Server with Shindig iNotes clients will use to render OpenSocial gadgets.

Note: If using HTTPS for the protocol on the Gadget Server URL, one may need to make some other changes as outlined in OpenSocial Component on Domino using TLS or SSLexternal link. Special considerations need to be taken when using HTTPS depending on the CA of the certificates as outlined in Using HTTPS When Rendering OpenSocial Gadgetsexternal link.

More information on configuring Widgets for iNotes users can be found here:
For 9.0, Using policies to control widgets and live text access.
For 9.0.1, Using policies to control widgets and live text access.

More information on desktop policy settings for iNotes users can be found here:
For 9.0, Desktop policy settings supported in iNotes.
For 9.0.1, Desktop policy settings supported in iNotes.

iNotes Security Policy Settings


Security policy settings are required when enabling the OpenSocial Component for iNotes users because HTTP requests to the Domino Server with Shindig will be proxied through the iNotes Mail Server. By default, the iNotes Mail Server will reject all HTTP requests through its proxy. The security policy settings will whitelist that traffic so that it is allowed. For more information on the traffic that flows through the proxy see the Gadget rendering process article.

Information on configuring security policy settings for iNotes users is detailed in steps #7-12 on this page:
For 9.0, Creating policies for Domino Social Edition Open Social component.
For 9.0.1, Creating policies for Domino Social Edition Open Social component.

More information on security policy settings for iNotes users can be found here:
For 9.0, Creating security policy settings for iNotes users.
For 9.0.1, Creating security policy settings for iNotes users.

iNotes Mail Policy Settings


In order for Desktop policy settings to work for iNotes users, the policy must also have a mail settings document. For more information, see Desktop policy settings not taking affect in iNotes 8.5external link

More information on mail policy settings for iNotes users can be found here:
Fo r9.0, Creating mail policy settings for iNotes users.
For 9.0.1, Creating mail policy settings for iNotes users.

Note: Information on Widgets in iNotes outlined in Using widgets in iNotes have been deprecated in 9.0. Widgets in iNotes are controlled via the "Widgets" tab in the desktop settings document.

iNotes Verification


An administrator can verify the effective policy set for given users by Using the Policy Synopsis tool to determine the effective policyexternal link

Keep in mind that any policies applied to iNotes users may take up to 12 hours to take effect. To process iNotes user policy immediately, an administrator can execute the following command in the Domino server console on the home mail server for the iNotes users.
tell adminp process mailpolicy

For more information, see How to force AdminP to immediately process Mail Policy Settings documentsexternal link


< Previous | Cookbook Contents | Next >
expanded Attachments (0)
collapsed Attachments (0)
expanded Versions (34)
collapsed Versions (34)
Version Comparison     
VersionDateChanged by              Summary of changes
34Feb 13, 2014, 12:45:11 PMDoug MacDonald  IBM contributor
33Feb 13, 2014, 11:46:05 AMDoug MacDonald  IBM contributor
32Feb 3, 2014, 12:02:11 PMDoug MacDonald  IBM contributor
31Feb 3, 2014, 12:01:34 PMDoug MacDonald  IBM contributor
30Jan 28, 2014, 2:59:02 PMDoug MacDonald  IBM contributor
This version (29)Jan 28, 2014, 2:07:11 PMDoug MacDonald  IBM contributor
28Jan 24, 2014, 11:16:28 AMThomas J Evans  IBM contributor
27Jan 24, 2014, 11:15:31 AMThomas J Evans  IBM contributor
26Jan 24, 2014, 10:50:53 AMDoug MacDonald  IBM contributor
25Jan 24, 2014, 9:52:07 AMDoug MacDonald  IBM contributor
24Jan 24, 2014, 9:52:03 AMDoug MacDonald  IBM contributor
23Jan 24, 2014, 9:46:32 AMDoug MacDonald  IBM contributor
22Jul 2, 2013, 1:47:38 PMStanton Sievers  IBM contributor
21May 23, 2013, 2:06:38 PMStanton Sievers  IBM contributor
20Apr 18, 2013, 10:57:17 AMStanton Sievers  IBM contributorMaking all headings unique so TOC links work well
19Apr 18, 2013, 10:41:25 AMStanton Sievers  IBM contributorMinor Change
18Apr 18, 2013, 10:40:59 AMStanton Sievers  IBM contributorECL replicates as a design element
17Apr 9, 2013, 1:51:03 PMStanton Sievers  IBM contributorMinor Change
16Apr 8, 2013, 6:55:36 AMStanton Sievers  IBM contributorAdding a link to the security tokens section.
15Apr 2, 2013, 6:45:25 AMStanton Sievers  IBM contributorAdding another link with policy information
14Apr 1, 2013, 3:09:12 PMStanton Sievers  IBM contributor
13Apr 1, 2013, 2:53:10 PMStanton Sievers  IBM contributorAdding links for more policy information
12Apr 1, 2013, 1:02:49 PMStanton Sievers  IBM contributorAdding navigation
11Apr 1, 2013, 12:48:00 PMStanton Sievers  IBM contributor
10Apr 1, 2013, 12:41:29 PMStanton Sievers  IBM contributor
8Mar 28, 2013, 9:01:36 PMStanton Sievers  IBM contributor
7Mar 28, 2013, 8:47:46 PMStanton Sievers  IBM contributor
6Mar 28, 2013, 8:15:39 PMStanton Sievers  IBM contributor
5Mar 28, 2013, 8:12:49 PMStanton Sievers  IBM contributor
4Mar 28, 2013, 7:53:48 PMStanton Sievers  IBM contributor
3Mar 26, 2013, 2:36:54 PMStanton Sievers  IBM contributor
2Mar 26, 2013, 2:04:22 PMStanton Sievers  IBM contributor
1Mar 26, 2013, 1:49:42 PMStanton Sievers  IBM contributor
0Mar 26, 2013, 1:50:31 PMStanton Sievers  IBM contributorMinor Change
Copy and paste this wiki markup to link to this article from another article in this wiki.
Go ElsewhereStay ConnectedHelpAbout
  • IBM Collaboration Solutions wikis
  • IBM developerWorks
  • IBM Software support
  • Twitter LinkIBMSocialBizUX on Twitter
  • FacebookIBMSocialBizUX on Facebook
  • ForumsLotus product forums
  • BlogsIBM Social Business UX blog
  • Community LinkThe Social Lounge
  • Wiki Help
  • Forgot user name/password
  • About the wiki
  • About IBM
  • Privacy
  • Accessibility
  • IBM Terms of use
  • Wiki terms of use