<< Previous | Home

IBM Connections Cloud (SmartCloud) FINALLY adds much awaited feature

We have had OnTime Group Calendar working with IBM Connections Cloud (SmartCloud) for a years so that customers could move all or part of their mail users to IBM Connections Cloud and host OnTime Group Calendar on-premises or (IBM SmartCloud Notes Hybrid). We have seen adoption and do have customers using it but the main obstacle to full adoption by customers has been the lack of mailfile ACL controls for the customers. Since we require access to the mail files (we do need to read data you know...) a PMR to change ACL's and/or a custom mail template in IBM Connections Cloud was required to add on-premises Domino servers to the cloud mail file ACL's. With the latest update of IBM Connections Cloud this capability has finally been added to the administration panel so that customers may control these capabilities themselves. Yay!!

Administrators can control access to mail files from administrator interface (available on or after August 17 2015)
Company administrators can now control access to mail files through the Users page of the IBM SmartCloud Notes administration interface. Previously, IBM services needed to review, and then apply the template to the users. Administrators can now make the ACL changes directly against the mail file, saving them time and money.

For more information refer to the info center (Administration: control access to mail files).

Eclipse target platform invalidated by IBM Notes 9.0.1FP4 on Mac

After installing IBM Notes 9.0.1FP4 I have been unable to launch Notes from my Eclipse workspace when doing RCP development (i.e. plugin development) for Notes. I finally decided to solve it. The stacktrace is like the one below:

2015/07/20 08:16:42.280 SEVERE CLPDN0016E: Error starting RCPApplication com.ibm.rcp.personality.framework.RCPApplication 
::class.method=com.ibm.rcp.personality.framework.internal.RCPApplication.run() ::thread=Thread-1 

java.lang.NoSuchFieldError: isWindows
   at com.ibm.rcp.platform.personality.DefaultWorkbenchWindowAdvisor.createLaunchChevron(DefaultWorkbenchWindowAdvisor.java:2229)
   at com.ibm.rcp.platform.personality.DefaultWorkbenchWindowAdvisor.createShortcutBarItems(DefaultWorkbenchWindowAdvisor.java:591)
   at com.ibm.rcp.platform.personality.DefaultWorkbenchWindowAdvisor.createWindowContents(DefaultWorkbenchWindowAdvisor.java:733)
The issue turned out to be due to duplicate similar named plugins from the target platform with different versions. For instance I had the com.ibm.common.services.icalendar plugin in both version and in version Manually running through the plugins included in the target platform and excluding the older versions solved the issue. There must have been a problem deleting the older versions when upgrading my Notes client but in any case it's solved now.

IBM Notes IBM Connections plugins cannot connect after upgrade to v. 9.0.1FP4 on Mac

After upgrading to IBM Notes 9.0.1 on my Mac the IBM Connections activities sidebar plugin failed to connect to our IBM Connections server. After tingering around with connection settings I checked the trace log and saw the below stacktrace:

CWPST0306W: An exception occurred while invoking the target method login.
   at com.ibm.rcp.accounts.internal.auth.module.AbstractJ2eeFormLoginModule.login(AbstractJ2eeFormLoginModule.java:393)
   at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
   at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
   at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
   at java.lang.reflect.Method.invoke(Method.java:597)
   at com.ibm.rcp.security.auth.ExtLoginModuleProxy.invokeImpl(ExtLoginModuleProxy.java:109)
   at com.ibm.rcp.internal.security.AbstractProxy.invoke(AbstractProxy.java:77)
   at com.sun.proxy.$Proxy2.login(Unknown Source)
   at com.ibm.rcp.security.auth.ExtLoginModuleProxy.login(ExtLoginModuleProxy.java:141)
   at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
   at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
   at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
   at java.lang.reflect.Method.invoke(Method.java:597)
   at javax.security.auth.login.LoginContext.invoke(LoginContext.java:769)
   at javax.security.auth.login.LoginContext.access$000(LoginContext.java:186)
   at javax.security.auth.login.LoginContext$4.run(LoginContext.java:683)
   at java.security.AccessController.doPrivileged(Native Method)
   at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680)
   at javax.security.auth.login.LoginContext.login(LoginContext.java:579)
   at com.ibm.rcp.security.auth.service.AbstractLoginService.login(AbstractLoginService.java:125)
   at com.ibm.rcp.accounts.internal.AccountsLoginContextServiceImpl.login(AccountsLoginContextServiceImpl.java:189)
   at com.ibm.rcp.net.http.internal.URLConnectionFactory.getURLConnection(URLConnectionFactory.java:175)
   at com.ibm.rcp.net.http.internal.URLConnectionFactory.getURLConnection(URLConnectionFactory.java:69)
   at com.ibm.rcp.net.http.internal.protocol.HttpsURLConnection.(HttpsURLConnection.java:73)
   at com.ibm.rcp.net.http.internal.protocol.HttpsHandler.createURLConnection(HttpsHandler.java:42)
   at com.ibm.rcp.net.http.internal.protocol.BaseHandler.openConnection(BaseHandler.java:73)
   at com.ibm.rcp.net.http.internal.protocol.BaseHandler.openConnection(BaseHandler.java:96)
   at org.eclipse.osgi.framework.internal.protocol.URLStreamHandlerProxy.openConnection(URLStreamHandlerProxy.java:112)
   at java.net.URL.openConnection(URL.java:945)
   at com.ibm.lconn.client.base.service.Connector.getConnection(Connector.java:69)
   at com.ibm.lconn.client.base.service.Connector.get(Connector.java:39)
   at com.ibm.lconn.client.base.service.ServiceFeedUtil.getHiddenEmail(ServiceFeedUtil.java:278)
   at com.ibm.lconn.client.base.service.ServiceFeedUtil$1.run(ServiceFeedUtil.java:212)
   at org.eclipse.core.internal.jobs.Worker.run(Worker.java:55)
Caused by: java.lang.IllegalArgumentException: TLSv1.1
   at com.sun.net.ssl.internal.ssl.ProtocolVersion.valueOf(ProtocolVersion.java:133)
   at com.sun.net.ssl.internal.ssl.ProtocolList.(ProtocolList.java:38)
   at com.sun.net.ssl.internal.ssl.SSLSocketImpl.setEnabledProtocols(SSLSocketImpl.java:2218)
   at com.ibm.rcp.security.ssl.PlatformSSLProtocolSocketFactory.createSocket(PlatformSSLProtocolSocketFactory.java:158)
   at sun.net.www.protocol.https.HttpsClient.createSocket(HttpsClient.java:404)
   at sun.net.NetworkClient.doConnect(NetworkClient.java:145)
   at sun.net.www.http.HttpClient.openServer(HttpClient.java:424)
   at sun.net.www.http.HttpClient.openServer(HttpClient.java:538)
   at sun.net.www.protocol.https.HttpsClient.(HttpsClient.java:276)
   at sun.net.www.protocol.https.HttpsClient.New(HttpsClient.java:367)
   at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.getNewHttpClient(AbstractDelegateHttpsURLConnection.java:172)
   at sun.net.www.protocol.http.HttpURLConnection.plainConnect(HttpURLConnection.java:966)
   at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:158)
   at sun.net.www.protocol.http.HttpURLConnection.getOutputStream(HttpURLConnection.java:1031)
   at sun.net.www.protocol.https.HttpsURLConnectionImpl.getOutputStream(HttpsURLConnectionImpl.java:230)
   at com.ibm.rcp.accounts.internal.auth.module.AbstractJ2eeFormLoginModule.executeLogin(AbstractJ2eeFormLoginModule.java:180)
   at com.ibm.rcp.accounts.internal.auth.module.AbstractJ2eeFormLoginModule.login(AbstractJ2eeFormLoginModule.java:364)
   ... 33 more
The issue is caused by IBM Notes on Mac using the standard Apple Java v. 1.6 that doesn't support TLS v. 1.1 and it seems like the newer versions of the sidebar plugin forces the TLS version to 1.1. I couldn't find a way using JVM arguments to change that.

After corresponding with IBM the issue has been confirmed and is tracked as IBM Notes SPR #NPEI9Y85BZ and the Lotus Expeditor team is working on a fix. If you open a PMR and reference this detect you will receive the fix once ready.

Guest post - Moving on: Brian O'Neill Edition

First, thanks to Mikkel for letting me publish this on his blog. I've always gone back and forth about starting my own blog in the past, but never did, hence why I needed some help to get this message out.

So, why am I writing? I'm excited to announce that I have accepted a new role within my current company, Gore. I will be transitioning into our customer facing capabilities center in Newark, Delaware. I will be championing the digital experience in that facility as well as helping the existing team grown into two new facilities located in the Asia Pacific and European regions. This role will find me moving out of IT (and out of the IBM space), and into the public relations leg of corporate sales. One of the cool things about this role is that it will still allow me to keep my feet wet in the IT space. I am very excited.

As I've been a part of the Lotus community since 2001, I've been inspired by the stories of those who have followed their passions by doing things like building their lego empire or becoming a college professor. Even with their love for our yellow community, they showed the rest of us that it's okay to change and grow in other areas. I will surely miss working in the social software space and directly with IBM Connections, but I am really looking forward to learning new skills and seeing what this new world holds for me.

I've been honored to have had the opportunity to work within the ICS community. All of you have made these years a highlight of my career. I started thinking through who I might want to thank for where I am now. Certainly there is my family. And there are many within my group of colleagues at Gore, the IBM Champion program, and also Social Connections. But, really, it comes down to YOU. If you are reading this, I'm sure you have helped me with something along the way. No matter how big or how small, thank you.

As a song from my favorite band, 311, says "Reconsider everything".

Have VMWare ESXi VM hardware look like the underlying hardware

Had an issue today where I couldn't use the IBM OEM Windows 2012R2 media that IBM provided together with our new xServer because the media running in the ESXi VM didn't see the underlying IBM hardware. The solution was to set an ESXi option on the VM called SMBIOS.reflectHost = "TRUE" as described in this post (Unable to install Microsoft Windows Server 2012 on VMware ESXi host - IBM System x). That made the VM represent the underlying hardware.

Tags : ,

git log to the rescue

Today I needed to figure out when a certain setting (DisablePrint - funnily enough disables print in the OnTime Group Calendar Notes UI's) was added to OnTime Group Calendar and I just couldn't remember. So how would I find out? No way was I going to do diffs all the way back through all my tags. A bit of googling and voila! - git log to the rescue. Using a combination of git log and git tag I was able to find out in a couple of minutes. Besides being very cool and an excellent display of the power of git it also highlight just why meaningful commit messages are very important as they give you this option to go back through the log and figure out when stuff was added.

Tags :

IBM announce dates for bringing TLS v. 1.2 to IBM Domino

So in October of 2014 I wrote about the upcoming TLS (transport layer security) enhancements that IBM was planning to bring to IBM Domino as part of the industry wide panic about the POODLE attack which I still consider mainly theoretical. I was a bit critical towards IBM as they chose to patch their seriously lacking SSL v. 1.3 implementation and implement TLS v. 1.0 on top of IBM Domino v. 9.0.x (IBM Domino, POODLE, SHA-1 and why it's also sad when IBM decides to update the security stack). The reason I was critical was that I thought that you either take security serious and bring the stack to the front of the line (TLS v. 1.2, v. 1.3 in draft) or get out of the game.

Since then I have been pleasantly surprised to hear about the initiatives IBM has going on. At IBM ConnectED 2015 I attended a very nice session by David Kern from IBM and Daniel Nashed (IBM Business Partner) on the TLS and security improvements planned for IBM Domino. Among others was massive cipher suite updates incl. upcoming support for Diffie-Hellman and perfect-forward-secrecy. Cool stuff! Yesterday I was very pleased to see that IBM now has announced the support for TLS v. 1.2 coming in Q1/Q2 of 2015 (the technote is a bit confusing as to when it will be out).

So all appears to be good and IBM is moving in the right direction with this. Very nice.

Tags : , , , ,

Docker without sudo

Using Docker looks very promising but having to use sudo all the time is really a killer. Luckily there's a way around it by adding users to the docker group and restarting the docker service.

  • Add the docker group if it doesn't already exist: sudo groupadd docker
  • Add the connected user "${USER}" to the docker group. Change the user name to match your preferred user: sudo gpasswd -a ${USER} docker
  • Restart the Docker daemon: sudo service docker restart
  • If you are on Ubuntu 14.04 and up use docker.io instead: sudo service docker.io restart
How can I use docker without sudo?

Tags : ,