- Is deleting documents from the LotusTraveler.nsf database the correct way to remove configurations for users and devices?
No. Deleting documents from the LotusTraveler.nsf
is not the correct way to delete users.
The Traveler task itself maintains the "master data" (in the embedded Derby DB found in /data/traveler/ntsdb
). Other tasks can change the master data by making requests for the change. They are then notified when changes are made in the master data. This includes the LotusTraveler.nsf
and the Servlet home page. LotusTraveler.nsf
is updated by the Traveler task whenever any data that LotusTraveler.nsf
uses is updated. The data does NOT flow the other way except for the actions in the LotusTraveler.nsf
which have buttons at the top of the Views (deny access, remote wipe). These buttons operate by making tell commands to Lotus Notes® Traveler and updating the data, which then updates LotusTraveler.nsf
. For example, if the "deny access" action is executed for a device, LotusTraveler.nsf
is unchanged and the "tell traveler security" call is made to Traveler. When Traveler gets the tell command, it executes it and updates LotusTraveler.nsf
with the new state. Thus, LotusTraveler.nsf
is updated but indirectly instead of directly.
For more information, see Deleting a user from Lotus Notes Traveler
- If I delete a document for a user or device in the LotusTraveler.nsf, does that entry still exist in the Traveler application even though it is no longer viewable?
Yes. If you delete entries from the LotusTraveler.nsf (or delete the LotusTraveler.nsf database itself), they will be recreated by the Traveler task over time. As values change in the Traveler task, they are sent to LotusTraveler.nsf, which stores the new data by creating new entries for the ones that are now missing. As a result, over time, your LotusTraveler.nsf will be repopulated with the same data it had before (plus any new changes).
- Should all Traveler user and device configuration changes and deletions be done from the server console, using the "tell traveler" commands?
Yes. Everything should be done using the tell commands. The tell commands can be executed in various ways:
- Tell commands on the Domino® console.
- Using the action buttons in LotusTraveler.nsf.
- Using the Lotus Notes Traveler User Home Page (/servlet/traveler)
- What are the recommendations for creating correct ACL entries in the LotusTraveler.nsf database?
For the system administrator, the ACL should be set to Manager status with every setting underneath Server checked except Delete documents. Roles are not used and can be ignored. Additionally, the admin user (person) must have the right to execute remote tell commands. If you are using an older Traveler version, you may have migrated with an ACL that allows everything. In later releases, the ACL is setup with Delete turned off to avoid confusion in regards to deleting records.
- When using console commands such as tell traveler security allstatus, why does the system show old device IDs for users who no longer have those devices?
tell traveler delete <device> <user> is the proper way to delete a device. This command deletes all knowledge that the Traveler server has of the device, except for the security record. Because of the importance of the security information, it is not cleaned by the delete command. In addition, Traveler auto-deletes devices that have not been used in a certain number of days (this setting is on the Lotus® Traveler tab in the Server document). This is another reason security information is kept separate from delete, so that the device cannot return after being auto-deleted without security actions. The admin must separately clear the security actions for them to be cleared. Youou can clear the security actions in LotusTraveler.nsf or with tell commands, but not in the servlet.
- If I want to transition a device from one user to another, what is the correct way to remove the current user from the device before allocating it to the new user?
The correct way is to run the following two tell commands:
tell traveler security delete <dev> <olduser>
tell traveler delete <dev> <olduser>
- When deleting a user, why does delete or reset not also clear the security record?
Because an auto-delete can happen after a specified number of days, it cannot clear the security state. Also, if user commands are enabled in the servlet (the server document), a user could delete the device to circumvent the security protocols. As a result, the delete command does not delete the security record. The admin is the only one who can clear security actions.
- If a document from the LotusTraveler.nsf database is deleted by mistake, will the mobile device still be active and sync normally?
Yes. The Traveler task has the real data and would slowly rebuild LotusTraveler.nsf. The device will continue to operate normally.
- Assume that a device is locked using the LotusTraveler.nsf database and the lock device action button. Then, by mistake, the same user configuration document is also deleted from the LotusTraveler.nsf database (while the device is still locked). What is the recovery procedure recommended by IBM?
When something on the device is updated that affects the information in LotusTraveler.nsf, it reappears. If you want to take actions within the database, but the record is not present at that time, you should use the tell commands in the Domino console directly. All of the actions in LotusTraveler.nsf map to tell traveler security commands.