What's new in IBM Domino 9.0 Social Edition?
This topic describes the new features of the IBM® Domino® server and Domino Administrator client in release 9.0 Social Edition. It also describes new Domino Administrator functionality that supports IBM Notes® installation and upgrade, Notes federated login, and Notes Social Edition OpenSocial component support for embedded experiences features.
Administration - new features
OpenSocial component supports embedded experiences features
The OpenSocial component provides social and web features to make third-party processes available directly in the client user's mail. The OpenSocial component supports:
Program document now supports server groups and pattern matching
- iNotes® Widgets and LiveText
- OpenSocial 2.0 Gadgets in the sidebar, pop-ups, and anywhere Notes and iNotes previously made widgets available
- Embedded experiences in Notes and iNotes
For more information, see the related topics.
Fault Analyzer Task calculates dispositions by default
The Fault Analyzer task has been enhanced. Using a disposition value, fault reports are sorted in a new view to help explain the type of issues encountered and to allow administrators to focus on the reports important to them.
Database maintenance tool (dbmt) for user mail files
You can take advantage of a new tool for performing multiple daily/weekly administrative tasks on user's mail database files. The dbmt tool does all of the following:
Replication-style compacting now available
- runs copy-style compact operations
- purges deletion stubs
- expires soft deleted entries
- updates views
- reorganizes folders
- merges full-text indexes
- updates unread lists
- ensures that critical views are created for failover
In addition to in-place and copy-style compacting, new compact options allow you to create a replica in the background while compacting.
Quality of Service (QoS) feature helps keep Domino servers available
Quality of Service, or QoS, is designed to react to the general operation of a Domino server in order to keep that server up and functioning reliably at all times. If QoS detects that a server is not responding or hung, QoS probing can be configured to email an administrator about the problem and/or automatically terminate the server and restart it. QoS log information can also be useful for analysis by IBM Support.
Server - new features
IBM HTTP Server (IHS) can now run on the same computer as a Domino server and support Transport Layer Security (TLS)
Domino has the option of running the IBM HTTP Server on the same computer as a Domino HTTP server; the purpose of this enhancement is to support the Transport Layer Security (TLS) protocol.
Note: This IHS server module is supported only on Windows™.
A pass-through reverse proxy module named mod_domino is provided to forward HTTP requests to the Domino HTTP server. The pass-through reverse proxy module creates the context necessary to have the Domino HTTP server provide the HTTP request context expected by Domino Web applications, as if the Domino HTTP server were in direct contact with the browser client. Using the proxy module allows an IHS server to run "in front of" the Domino server.
Security - new features
Security Assertion Markup Language (SAML)
Federated identity is a means of achieving single sign-on, providing user convenience and helping to reduce administrative cost. Notes and Domino federated identity for user authentication uses the Security Assertion Markup Language (SAML) standard from OASIS.
SAML authentication allows a user to authenticate once with a designated identity provider (IdP), after which the user can access any server that is partnered with the IdP. Both Notes client and Web client users can make use of SAML-based authentication. Authentication depends upon signed XML identity assertions. The result for the user is transparent authentication and single-sign on with one-time authentication for multiple Domino web servers and applications, as well as any third-party applications that are also partnered with the IdP. The IdP determines the method of the one-time authentication; it might prompt the user for a password, or use a non-password authentication methods such as Integrated Windows authentication (SPNEGO/Kerberos) for users within an intranet. For Notes client users on Citrix, SAML authentication can facilitate a single-sign on solution, usually with the IdP configured for Integrated Windows authentication (IWA). SAML authentication at Notes client startup is referred to as federated login.
Secure Hash Algorithm (SHA-2)
The Secure Hash Algorithm (SHA-2) is available for use with some encryption features on all platforms supported by this release. SHA-2 is widely used and is approved by Federal Information Processing Standard (FIPS) 140-2, to assist in compliance with government mandate NIST 800-131. SHA-2 is currently available to use for X.509 certificate signature verification and S/MIME signed mail, and some areas of Notes/Domino where a password such as the Internet (HTTP) password was previously "hashed."
Note: For more information on hashing, see the Information center topic on electronic signatures:
Using a credential store to share credentials
In this release, the on-premises Domino server can use a credential store application (credstore.nsf). The credential store is a secure repository for document encryption keys and other tokens necessary for Notes and iNotes client users to grant access to applications that use the OAuth (open authorization) protocol. OAuth allows user credentials to be shared with compliant applications so that users avoid extra password prompts.
In combination with new Domino Social Edition Embedded Experiences Add-On configuration and deployment, a credential store allows Domino to support embedded-experience applications designed using the OpenSocial 2.0 standard and the Apache Shindig container.
Widgets - new features
The Widgets tab in the desktop policy settings document provides additional How To Apply settings
Widgets can be configured for specific releases of Notes and iNotes clients
In this release, the widget catalog administrator can use the Platform field in widget catalog documents to control which widgets in a category of widget are deployed to users. This feature is enabled by default on iNotes clients. For Notes clients you need to enable a preference to use this feature.
Widgets importing changes
The process for importing widgets is improved to support importing OpenSocial gadgets as widgets.
Policies - new features
New Notes® client preferences now assignable by policy
You can use the new option Mark new contacts as private by default in the Desktop policy settings document, Basics tab, Contacts section to assign this client preference. The preference is useful for client users who delegate access to their mail and contacts.
There are also NOTES.INI settings you can use on the Domino server in the Desktop policy settings document, Custom Settings -> Notes.ini tab to apply other calendaring improvements in this release to users of a policy:
Changes to policy settings for return receipts
- AUTO_SORT_DATE=11 or 12 - Enables the preference Automatically sort date columns (takes effect after reopening mail tab).
A value of 11 enables the option Most recent on top (the default) and 12 enables Most recent on bottom.
- TypeaheadShowServerFirst=1 - When users affected by the policy see a typeahead list, the server lists server results first, and then a Search Local Directory for name option.
Tip: This NOTES.INI setting also works in Notes and Domino release 8.5.3.
There are changes and enhancements to return receipt behavior on both outgoing and incoming mail messages. For Notes client users, the administrator can configure the behavior through a combination of policy settings and NOTES.INI settings on the Domino server. The settings are configured entirely through NOTES.INI settings for iNotes client users.
Tip You can see all the related topics below in context in your installed IBM Domino 9.0 Social Edition Administrator Help application, or you can download that Help if you have not yet installed Domino 9.0 Social Edition. At a future date these topics will also be available on the Notes and Domino wiki.
Configuring the Domino OpenSocial component
Running Compact using a Program document
Maintaining user mail files using the DBMT tool instead of Updall
Monitoring quality of service
Installing the IBM HTTP server module to support TLS
Using Security Assertion Markup Language (SAML) to configure federated-identity authentication
Using a credential store to share credentials
Creating the widget catalog
Configuring widgets for specific Notes client releases
Detailed system requirements for Notes, Domino, Domino Administrator, Domino Designer, and Traveler .