Posts Tagged ‘dominoreference’

old password + new password = confusion

Today, I was testing the “Force user to change Internet Password on next login:” option on the last tab of the person document.

I wanted to set an HTTP password for several users that will only be POP3 clients, and set the “Force user to change Internet Password on next login:.” I wanted to do this so that we could have remote admins at that site change the user’s password through the web interface and then setup the Outlook client to connect to Domino via POP3 – all without giving the remote non-Domino admin access to our directory. They are in Brazil, we are in Hong Kong and there are 300 users, so it’s a logistical issue. It’s a long story why outlook and why POP3….don’t ask.

I set a password of 87654321 on one account, forced replication to the remote server, used IE to login, which presented me with a change password dialog. I changed the password to 12345678, and it let me on in to the mailbox.

I then noticed that I could login with both the old and new password. ????
I ran “tell adminp process all” on each server involved and replicated both admin4.nsf and names.nsf, and then repeated the process of both tell adminp and manual replication to make sure that adminp had finished all it needed to finish for the password change process to complete.

Still, I could login with both passwords = me confused.

I searched the Notes 6/7 discussion forum and then found a couple of documents in the administrator help which explain that this is a caching issue. By default the old password is cached for 48 hours to alleviate any confusion between HTTP access on multiple servers, and adminp and/or replication delays.

Look at the administrator documents titled for the full explanation:
Caching Internet password changes for SSO

Disabling “optional network drivers” Lan0, Com1, Com3

For a very long time, the “Optional Network Drivers” that Lotus forces you to install has been a very big thorn in my side.

Who uses anything besides TCPIP anymore?

I always disable any non TCPIP ports after install as it complicates Notes configuration for desktop support people, complicates location document creation, and I had one user once who had all the default ports enabled. He also had some network drives permanently mapped. When he was at a site that could not see the network mapped drives, and he would save an attachment, Notes would freeze.

After some study, I realized that Notes was trying to build the list of places to store the attachment for explorer and searching every possible port to map those drives.

I disabled everything except TCPIP for the guy and tried the same process. The guy thought I was Santa Claus and that he’d just received the best Christmas gift ever. The attachment save dialog window instantly opened and presented a local directory.

I’ve tried several ways to get around this on install (and there is no way to disable the ports by policies).
Read the rest of this entry »

Domino 6.5.x upgrade notes

This weekend, I’ve upgraded 30+ servers in 10 countries. It’s been an all weekend affair, and I spent a pretty good time organizing myself last week.

First, most of our servers were 6.5.6FP2, and we wanted to apply FP3, the DWA for Windows Vista java hotfix, and 6.5.6 FP3 HF29 which fixes the Out of Office agent (OOO is enabled even after user disables it).
We had 4 servers that were 6.5.4, 6.5.5, and 6.5.4FP2. These servers were the only servers that really gave me any problem.
I also wanted to upgrade TrendMicro OfficeScan from 2.6 to 3.0 (only about 4 servers needed this).

I only ran into a couple of gotchas. Here’s how I did it. Read the rest of this entry »


I'm currently available
for Lotus Notes / Domino consulting engagements.


Connect with me: