Skip to main content link. Accesskey S
  • HCL Logo
  • HCL Notes and Domino wiki
  • THIS WIKI IS READ-ONLY. Individual names altered for privacy purposes.
  • HCL Forums and Blogs
  • Home
  • Product Documentation
  • Community Articles
  • Learning Center
  • API Documentation
Search
Community Articles > Lotus Domino > User-centric settings
  • Share Show Menu▼
  • Subscribe Show Menu▼

Recent articles by this author

Integration with XPage Embedded Experiences

XPages can be leveraged as embedded experiences in Notes and iNotes. This article outlines the considerations one should make to enable this functionality.

Gadget data flow

OpenSocial Component functionality in Notes and iNotes relies on several different pieces of data, including proxy rules, OAuth consumer information, and gadget capability information. This article outlines how this data is used and how its use can be customized.

Collecting support data

In the event that verification of the OpenSocial Component fails an administrator will need to collect support data. This article outlines how an administrator can collect support data for Notes, iNotes, and Domino.

Verification

Once the OpenSocial Component is installed and configured, administrators need to verify that their environment is working properly. This article outlines how an administrator can do such verification.

Troubleshooting

In the event that verification of the OpenSocial Component fails an administrator may need to troubleshoot his or her environment. This article outlines how an administrator can do such troubleshooting.
Community articleUser-centric settings
Added by ~Vera Umponetexings | Edited by ~Lisa Elfanalyettu on February 13, 2014 | Version 34
  • Actions Show Menu▼
expanded Abstract
collapsed Abstract
The OpenSocial Component functionality must be enabled at the user level. This article outlines how that enablement is achieved for Notes and iNotes users
ShowTable of Contents
HideTable of Contents
  • 1 Overview
  • 2 Notes User-Centric Settings
    • 2.1 Managed Account
    • 2.2 Notes Desktop Policy Settings
      • 2.2.1 Accounts Tab
      • 2.2.2 Custom Settings Tab
      • 2.2.3 Widgets Tab
    • 2.3 Notes Security Policy Settings
    • 2.4 Notes Verification
  • 3 iNotes User-Centric Settings
    • 3.1 iNotes Desktop Policy Settings
    • 3.2 iNotes Security Policy Settings
    • 3.3 iNotes Mail Policy Settings
    • 3.4 iNotes Verification

< Previous | Cookbook Contents | Next >


Overview


In order for the OpenSocial Component functionality to work for Notes and iNotes users, certain user-centric settings much be in place. The goal of this article is to aggregate information on how to configure the user-centric settings that are need to enable OpenSocial Component functionality in Notes and iNotes clients.

The following list shows an overview of the settings that need to be in place as well as which clients they are for. If a deployment includes both Notes and iNotes users, some settings can (and will) overlap.
  • Managed Account (Notes only)
  • Policy
    • Desktop Settings
      • Widgets (Notes and iNotes)
      • Accounts (Notes only)
      • Custom Settings (Notes only)
    • Security Settings
      • Execution Control List (Notes only)
      • Proxies (iNotes only)
    • Mail Settings
      • iNotes use only (iNotes only)

For more information on Domino policies, see domino-policies-faqCreate New Article and when-will-a-domino-policy-change-take-effectCreate New Article. There is also an entire category on policyexternal link in the Notes and Domino wiki where more information can be found.

Notes User-Centric Settings


Managed Account


A managed account is an account that is created and configured on the Domino Server and pushed by policy to Notes users for use in the Accounts framework there. The managed account required for OpenSocial Component functionality is used when rendering remotely in Notes. See Gadget rendering process for more information on rendering remotely. The account is used in Notes to establish a session with the Domino Server with Shindig in order to obtain a security token that is used in the gadget rendering process. In a sense, the SSO token used to authenticate the current Notes user with the Domino Server with Shindig is exchanged for this security token.

For details on setting up this managed account, see:
For 9.0, Configuring a managed account for the OpenSocial Componentexternal link.
For 9.0.1, Configuring a managed account for the OpenSocial Component.

For more information on security tokens, see the "Security Tokens" section of the Server-centric settings page.

Notes Desktop Policy Settings


Accounts Tab


The aforementioned managed account, once created, must be pushed to Notes clients by policy. This is accomplished in a desktop policy settings document in the "Accounts" tab. For details on pushing the account by policy, see steps #8-12 of:
For 9.0, Creating policies for the OpenSocial componentexternal link.
For 9.0.1, Creating policies for the OpenSocial component.

Custom Settings Tab


NOTE: This section is only required for setup of the OpenSocial features on IBM Notes 9.0. This configuration is now part of the IBM Notes 9.0.1 client by default.
Notes 9.0 clients require a single notes.ini setting in order for OpenSocial Component functionality to fully function. See steps #6-7 of [http://www-10.lotus.com/ldd/dominowiki.nsf/xpDocViewer.xsp?lookupName=Administering+IBM+Domino+9.0.1+Social+Edition#action=openDocument&res_title=Assigning_NOTES.INI_or_location_document_settings_using_a_desktop_policyd901&content=pdcontent|Creating policies for the OpenSocial component]].

For more information on pushing notes.ini settings to Notes clients by policy, see Assigning NOTES.INI or location document settings using a desktop policyexternal link

Having trouble finding the "Custom Settings" tab? See here: Where is that Desktop Policy Settings tab hiding?

Widgets Tab


Notes clients require a minimal amount of Widgets configuration to function. steps #2-5 of:
For 9.0, Creating policies for the OpenSocial componentexternal link.
For 9.0.1, Creating policies for the OpenSocial component.

The "Gadget Server URL" field is critical in the remote gadget rendering process as it dictates which Domino Server with Shindig Notes clients will use to render OpenSocial gadgets remotely.

Note: If using HTTPS for the protocol on the Gadget Server URL, one may need to make some other changes as outlined in OpenSocial Component on Domino using TLS or SSLexternal link. Special considerations need to be taken when using HTTPS depending on the CA of the certificates as outlined in Using HTTPS When Rendering OpenSocial Gadgetsexternal link. If HTTP traffic is disabled, IBM Connections gadgets will not be able to render as described in this technoteexternal link. This issue will be resolved in a future fix pack.

More information on configuring Widgets for iNotes users can be found here:
For 9.0, Using policies to control widgets and live text access.
For 9.0.1, Using policies to control widgets and live text access.

Notes Security Policy Settings


Notes clients require Execution Control List (ECL) configuration in a security policy settings document in order to establish trusted widget approvers. The ECL mechanism in Notes 9.0 and above has a new "Configure Widget capabilities" ability that can be assigned to users or groups. This ability, when given to a user or group, establishes that user or group as a trusted Widget approver, i.e., a Widget Catalog administrator who approves Widgets via the Widget approval process.

For more information, see steps #14-18 of:
For 9.0, Creating policies for the OpenSocial componentexternal link.
For 9.0.1, Creating policies for the OpenSocial component.

Note: ECL settings in the Domino Directory replicate as design elements. If a Domino Directory is not replicating design to home mail servers, the ECL setting will not take affect for the users of that server.

Notes Verification


An administrator can verify the effective policy set for given users by Using the Policy Synopsis tool to determine the effective policyexternal link

To verify policy for Notes clients, one can inspect the client preferences in both the Accounts and Widgets preference panes. In the Accounts preference pane, one should see the Managed Account that was pushed by policy. In the Widgets preference pane, one can verify the Widget catalog server and database name, as well as any categories that are pushed by policy.

iNotes User-Centric Settings


iNotes Desktop Policy Settings


Information on configuring desktop policy settings for iNotes users is detailed in steps #1-6 on this page:
For 9.0, Creating policies for Domino Social Edition Open Social component.
For 9.0.1, Creating policies for Domino Social Edition Open Social component.

The "Gadget Server URL" field is critical in the gadget rendering process as it dictates which Domino Server with Shindig iNotes clients will use to render OpenSocial gadgets.

Note: If using HTTPS for the protocol on the Gadget Server URL, one may need to make some other changes as outlined in OpenSocial Component on Domino using TLS or SSLexternal link. Special considerations need to be taken when using HTTPS depending on the CA of the certificates as outlined in Using HTTPS When Rendering OpenSocial Gadgetsexternal link. If HTTP traffic is disabled, IBM Connections gadgets will not be able to render as described in this technoteexternal link. This issue will be resolved in a future fix pack.

More information on configuring Widgets for iNotes users can be found here:
For 9.0, Using policies to control widgets and live text access.
For 9.0.1, Using policies to control widgets and live text access.

More information on desktop policy settings for iNotes users can be found here:
For 9.0, Desktop policy settings supported in iNotes.
For 9.0.1, Desktop policy settings supported in iNotes.

iNotes Security Policy Settings


Security policy settings are required when enabling the OpenSocial Component for iNotes users because HTTP requests to the Domino Server with Shindig will be proxied through the iNotes Mail Server. By default, the iNotes Mail Server will reject all HTTP requests through its proxy. The security policy settings will whitelist that traffic so that it is allowed. For more information on the traffic that flows through the proxy see the Gadget rendering process article.

Information on configuring security policy settings for iNotes users is detailed in steps #7-12 on this page:
For 9.0, Creating policies for Domino Social Edition Open Social component.
For 9.0.1, Creating policies for Domino Social Edition Open Social component.

More information on security policy settings for iNotes users can be found here:
For 9.0, Creating security policy settings for iNotes users.
For 9.0.1, Creating security policy settings for iNotes users.

iNotes Mail Policy Settings


In order for Desktop policy settings to work for iNotes users, the policy must also have a mail settings document. For more information, see Desktop policy settings not taking affect in iNotes 8.5external link

More information on mail policy settings for iNotes users can be found here:
Fo r9.0, Creating mail policy settings for iNotes users.
For 9.0.1, Creating mail policy settings for iNotes users.

Note: Information on Widgets in iNotes outlined in Using widgets in iNotes have been deprecated in 9.0. Widgets in iNotes are controlled via the "Widgets" tab in the desktop settings document.

iNotes Verification


An administrator can verify the effective policy set for given users by Using the Policy Synopsis tool to determine the effective policyexternal link

Keep in mind that any policies applied to iNotes users may take up to 12 hours to take effect. To process iNotes user policy immediately, an administrator can execute the following command in the Domino server console on the home mail server for the iNotes users.
tell adminp process mailpolicy

For more information, see How to force AdminP to immediately process Mail Policy Settings documentsexternal link


< Previous | Cookbook Contents | Next >


  • Actions Show Menu▼


expanded Attachments (0)
collapsed Attachments (0)
Edit the article to add or modify attachments.
expanded Versions (1)
collapsed Versions (1)
Version Comparison     
VersionDateChanged by              Summary of changes
This version (34)Feb 13, 2014, 5:45:11 PM~Lisa Elfanalyettu  
expanded Comments (0)
collapsed Comments (0)
Copy and paste this wiki markup to link to this article from another article in this wiki.
Go ElsewhereStay ConnectedAbout
  • HCL Software
  • HCL Digital Solutions community
  • HCL Software support
  • BlogsDigital Solutions blog
  • Community LinkHCL Software forums and blogs
  • About HCL Software
  • Privacy
  • Accessibility