LotusQuickr80 Domino Admin

Lotus IBM Lotus Quickr Version 8.
Administrators Guide: Services for Lotus Domino
Lotus IBM Lotus Quickr Version 8.0
Administrators Guide: Services for Lotus Domino
Note Before using this information and the product it supports, read the information in Notices on page A-1.
First Edition This edition applies to version 8, release 0 of IBM Lotus Quickr and to all subsequent releases and modifications until otherwise indicated in new editions. Copyright International Business Machines Corporation 2007. All rights reserved. US Government Users Restricted Rights Use, duplication or disclosure restricted by GSA ADP Schedule Contract with IBM Corp.
Contents
Part 1. Welcome to the Administrators Guide for IBM Lotus Quickr Version 8.0
Deciding on the services to use . . . 1-1 Supported hardware and software . . 2-1
Configuring collaborative installations . . . . . 5-1
Part 4. Configuring services for Lotus Domino

Understanding the basics . . . . . . 6-1
Starting Lotus Quickr . . . . . . . . Starting Lotus Quickr on Windows . . Starting Lotus Quickr on AIX or Solaris . Starting Lotus Quickr on i5/OS . . . Stopping Lotus Quickr . . . . . . . Stopping Lotus Quickr on Windows, AIX, Solaris . . . . . . . . . . . . Stopping Lotus Quickr on i5/OS . . . Understanding administration tools . . . Creating and using the qpconfig.xml file Using qptool . . . . . . . . . . Using the Site Administration link . . Using the notes.ini file . . . . . . . . . . . or . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-1 6-1 6-1 6-1 6-2 6-2 6-2 6-3 6-3 6-7 6-7 6-9
Checking for known issues before installation . . . . . . . . . . . . . 3-1
Part 2. Planning services for Lotus Domino Part 3. Installing

Installing services for Lotus Domino 4-1
Installing on Windows . . . . . . . . . . 4-1 Installing on AIX or Solaris . . . . . . . . . 4-2 Installing on IBM i5/OS . . . . . . . . . . 4-3 IBM Lotus Quickr and Domino compatibility on i5/OS . . . . . . . . . . . . . . . 4-4 Preparing your TCP/IP configuration . . . . 4-4 Installing and configuring a Domino server for IBM Lotus Quickr . . . . . . . . . . . 4-7 Pre-accepting the IBM Lotus Quickr software agreements . . . . . . . . . . . . . 4-8 Installing IBM Lotus Quickr on i5/OS . . . . 4-9 Adding IBM Lotus Quickr to the Domino server 4-9 Removing IBM Lotus Quickr from a Domino server on i5/OS . . . . . . . . . . . 4-10 Upgrading to Lotus Quickr 8 . . . . . . . . 4-11 Whats new? . . . . . . . . . . . . 4-11 Backing up places and PlaceTypes . . . . . 4-13 Upgrading servers . . . . . . . . . . 4-13 Upgrading the design of databases on the server. . . . . . . . . . . . . . . 4-17 Upgrading places and PlaceTypes . . . . . 4-17 Unregistering and re-registering places with the Place Catalog . . . . . . . . . . . . 4-19 Clearing the browser cache on offline clients 4-20 Upgrading the on-disk structure of places . . 4-20 Updating Lotus Sametime integration features 4-21 Changing the server URL root . . . . . . 4-25 Moving a place from an older-release server to a current-release server . . . . . . . . . . 4-25 Enabling the Domino Servlet Engine . . . . . 4-26 Enabling UTF-8 character encoding for non-English server versions . . . . . . . . 4-27 Modifying TCP/IP registry settings on Windows servers . . . . . . . . . . . . . . . 4-27
Performing i5/OS-specific configuration tasks . . . . . . . . . 7-1

Changing Lotus Quickr server properties on i5/OS 7-1 Changing Lotus Quickr language dictionaries on i5/OS . . . . . . . . . . . . . . . . 7-1 Running multiple IBM Lotus Quickr servers on i5/OS . . . . . . . . . . . . . . . . 7-1
Connecting to a user directory . . . . 8-1

Preparing to access LDAP directory servers from behind a firewall on i5/OS . . . . . . . . . 8-1 User directories . . . . . . . . . . . . . 8-1 Supported directory services configurations . . 8-2 Feature differences when accessing places through group membership . . . . . . . . 8-3 Support for special characters in names . . . . 8-4 Setting up Domino to control directory services . . 8-5 Switching to Domino control of directory services . . . . . . . . . . . . . . 8-6 Setting up Lotus Quickr to control directory services . . . . . . . . . . . . . . . 8-6 Customizing Lotus Quickr control of directory services . . . . . . . . . . . . . . 8-7 Using accented characters in user names (AIX and Solaris) . . . . . . . . . . . . . . . 8-16 Testing access to an LDAP directory server . . . 8-16 Access to the Domino Directory through LDAP 8-17 Disconnecting from a user directory . . . . . 8-17
Configuring the Place Catalog . . . . 9-1

How the Place Catalog Works . . . . . . . . 9-3
Installing connectors . . . . . . . . 5-1

Copyright IBM Corp. 2007
Configuring clustered servers . . . . 10-1 iii
Creating a Lotus Domino cluster. . . . . Implementing a method for distributing HTTP requests . . . . . . . . . . . . . Load balancing . . . . . . . . . Failover to a hot-spare . . . . . . . Modifying scheduled qptool commands in the notes.ini file . . . . . . . . . . . Setting up the Place Catalog for a cluster . .
. . . . . .
. 10-1 . 10-2 . 10-2 . 10-3 . 10-3 . 10-3
Configuring security . . . . . . . . 11-1

Configuring user authentication . . . . . . . 11-1 Configuring multi-server single sign-on authentication . . . . . . . . . . . . 11-1 Modifying cache settings related to user authentication . . . . . . . . . . . . 11-4 Configuring access to the server . . . . . . . 11-5 Specifying administrators . . . . . . . . 11-5 Specifying who can create places on the server 11-6 Specifying super user access to the server . . . 11-7 Configuring expanded membership . . . . . . 11-9 Expanded membership . . . . . . . . . 11-9 Setting up expanded membership . . . . . 11-11 Blocking specific protocols referenced in link URLs . . . . . . . . . . . . . . . 11-14 Blocking HTML attachments that contain cross-site scripts . . . . . . . . . . . . 11-14 Hiding the Log In and Log Out links . . . . . 11-15 Configuring browser caching for tighter security 11-15 Clearing Lotus Quickr files from the Internet Explorer cache . . . . . . . . . . . 11-15 Preventing caching of pages that contain data on browsers . . . . . . . . . . . . 11-16
Translating LDAP distinguished names for offline use . . . . . . . . . . . . . . . . 13-7 How to configure translation . . . . . . . 13-7 Table of expressions . . . . . . . . . . 13-9 Example of translating names that contain the dc attribute . . . . . . . . . . . . . 13-9 Configuring offline use for specific environments 13-10 Configuring offline use in an environment that uses IBM Network Dispatcher . . . . . . 13-10 Configuring offline use in an environment that uses Sun Java System Portal Server . . . . 13-10 Configuring offline use in an environment that uses CA SiteMinder . . . . . . . . . 13-10 Using a passthru server for offline use . . . 13-10 Performing optional offline configuration tasks 13-11 Using an alternate Web server for offline downloads. . . . . . . . . . . . . 13-11 Using Lotus Quickr login passwords for offline use . . . . . . . . . . . . . 13-11 Hiding the Work Offline link from users . . . 13-12 Offline setup FAQs . . . . . . . . . . . 13-12
Configuring place options
. . . . . 14-1
14-1 14-2 14-2 14-3 14-5 14-6 14-7 14-7 14-7 14-8 14-8 14-9 14-9 14-9
Integrating with other applications
12-1
12-1 12-1 12-1 12-2 12-2 12-4 12-6
Configuring connectors . . . . . . . . . . Enabling connector uploads of 10MB or larger files . . . . . . . . . . . . . . . Preventing the use of connectors . . . . . . Enabling Lotus Sametime features in places . . . Preparing the servers to enable Lotus Sametime features in places . . . . . . . . . . . Enabling awareness and instant messaging in places. . . . . . . . . . . . . . . Enabling online meetings . . . . . . . .
Enabling or disabling context menus or document drag-and-drop . . . . . . . . . . . . . Displaying user images and user information in user context menus . . . . . . . . . . . Specifying a footer that appears on all pages . . Adding and removing graphic text fonts . . . . Changing the maximum allowed attachment size Disabling ActiveX . . . . . . . . . . . Disabling Java applets . . . . . . . . . . Displaying CGI variables in HTML source pages Disabling page compression . . . . . . . . Customizing user notifications settings . . . . Configuring where the server routes undeliverable e-mails . . . . . . . . . Disabling calendar subscriptions . . . . . . Configuring an email URL prefix when using a gateway server . . . . . . . . . . . Using qpconfig.xml settings to configure notifications . . . . . . . . . . . .
Customizing the My Places feature

Enabling DBCS members to use My Places . Opening places in a new browser window . Using a custom application for My Places . . . .
15-1
. 15-1 . 15-1 . 15-2
Setting up Lotus Quickr for offline use . . . . . . . . . . . . . . . 13-1

Enabling Domino Off-Line Services . . . . . . Enabling Domino Off-Line Services on Windows, AIX, or Solaris . . . . . . . . Enabling Domino Off-Line Services on i5/OS Creating certifier IDs for offline use. . . . . . Understanding the certifier ID requirements Creating an organization certifier for external members in a different organization . . . . Creating an organizational unit certifier for external members . . . . . . . . . . . Creating a /QP organizational unit certifier for local members . . . . . . . . . . . . Creating an Offline Security Policy document . . 13-1 13-1 13-2 13-3 13-3 13-4 13-5 13-5 13-6
Specifying rules for a reverse proxy configuration . . . . . . . . . . . 16-1 Customizing Web page cache settings . . . . . . . . . . . . . 17-1 Configuring cross-place searching 18-1
Part 5. Administering services for Lotus Domino
iv
Lotus Quickr: Administrators Guide: Services for Lotus Domino
Managing place membership . . . . 19-1

Adding external members to places . . . . . . 19-1 Changing member names in places . . . . . . 19-3 Changing the hierarchy of member names in places. . . . . . . . . . . . . . . . 19-5 Updating external member information in places 19-6 Removing members from places . . . . . . . 19-8 Changing local member passwords . . . . . . 19-9 Managing expanded membership . . . . . . 19-10 Enabling expanded membership in places 19-10 Changing the directory server or base distinguished name used for the expanded membership groups . . . . . . . . . 19-11 Recreating expanded membership groups to resolve problems . . . . . . . . . . 19-12 Using expanded membership logging . . . 19-12
To extract the names of users from log files on AIX and Solaris . . . . . . . . . . . Example of extracting names from one log file Example of extracting names from multiple log files . . . . . . . . . . . . . . . Example of extracting names from log files on multiple servers . . . . . . . . . . . To extract the names of users from log files on Windows . . . . . . . . . . . . . Example of extracting names from multiple log files on Windows . . . . . . . . . . . Example of extracting names from log files on multiple servers on Windows . . . . . . .
22-6 22-6 22-6 22-6 22-7 22-7 22-7
Maintaining a cluster . . . . . . . . 23-1

Creating replica stubs for new places, rooms, and PlaceTypes . . . . . . . . . . . . . . 23-1 Adding a Lotus Quickr server to a cluster . . . 23-2 Removing a server from a cluster . . . . . . 23-3
Managing places
. . . . . . . . . 20-1
Using My Places for place administration . . . . 20-1 Using My Places to display place statistics . . 20-1 Using My Places to perform place administration tasks . . . . . . . . . . 20-1 Sending mail to place members . . . . . . . 20-2 Sample template file . . . . . . . . . . 20-3 Sending newsletters to subscribers . . . . . . 20-3 Locking and unlocking places on the server . . . 20-4 Archiving places . . . . . . . . . . . . 20-5 Restoring an archived place that you removed 20-6 Renaming places . . . . . . . . . . . . 20-7 Moving a place from one current-release server to another . . . . . . . . . . . . . . . 20-7 Removing places and PlaceTypes from the server 20-8 Reactivating a place mistakenly removed using QPTool remove . . . . . . . . . . . 20-9 Completing the deletion of a place mistakenly deleted through the file system . . . . . . 20-9 Generating reports about places . . . . . . 20-10 Registering and unregistering places . . . . . 20-11
Part 6. Customizing services for Lotus Domino

Place architecture . . . . . . . . . 24-1 Customizing and creating objects with Lotus Notes and Domino Designer . . . . . . . . . . . . . 25-1
To customize existing objects in Lotus Notes . To create new objects in Lotus Notes . . . . . . 25-1 . 25-1
Writing client-side JavaScript to extend place functionality . . . . . . 26-1 Using XML to access the Lotus Quickr Java API . . . . . . . . . . 27-1
Setting up the server to access the Java API . . Setting up the server for Java API access (Windows, AIX, Solaris) . . . . . . . Setting up the server to access the API (i5/OS) Accessing the Java API . . . . . . . . . Accessing the API from a command line . . Accessing the API from a Java program . . Accessing the API using qptool execute . . . XML details . . . . . . . . . . . . . 27-1 . 27-1 27-1 . 27-2 . 27-2 . 27-3 . 27-5 . 27-5
Managing templates (PlaceTypes)

Reordering the servers PlaceType list . . . . Hiding PlaceTypes in the PlaceTypes list . . . Refreshing places and PlaceTypes . . . . . Refreshes . . . . . . . . . . . . Refreshing using the qptool refresh command Refreshing PlaceTypes using the Work with Templates link . . . . . . . . . . . Preventing a place from being refreshed . . Copying a PlaceType to another server . . . Deleting PlaceTypes . . . . . . . . . .
21-1
. . . . 21-1 21-1 21-1 21-1 21-6 21-7 21-8 21-8 21-8
. . . .
Creating PlaceTypes . . . . . . . . 28-1

PlaceTypes . . . . . . . . . . . . Signing a newly inherited scheduled PlaceBot place . . . . . . . . . . . . . . Reordering the servers PlaceType list . . . Hiding PlaceTypes in the PlaceTypes list . . . in . . . . 28-1 a . 28-2 . 28-2 . 28-2
Maintaining servers . . . . . . . . 22-1

Backing up Lotus Quickr data . . . . . . Determining server status on i5/OS . . . . Updating statistics in the Place Catalog . . . Generating reports about servers . . . . . Registering and unregistering servers . . . . Recovering if the Place Catalog server goes down Tracking the number of active Lotus Quickr users To set up logging of user access . . . . . . . . . . 22-1 22-1 22-2 22-3 22-4 22-4 22-5 . 22-5
Automating tasks with PlaceBots

Creating a PlaceBot . . . Java PlaceBot files . . LotusScript PlaceBot files Managing PlaceBots . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
29-1
. . . . 29-1 29-1 29-3 29-3
Contents
Debugging a PlaceBot . . . . . . LotusScript PlaceBots . . . . . Java PlaceBots . . . . . . . . Disabling PlaceBots for tighter security Running PlaceBots offline . . . . .
. . . . .
. . . . .
. . . . .
. . . . .
29-4 29-4 29-4 29-4 29-5
Creating custom place themes
. . . 30-1
. 30-1 30-4 . 30-5 . 30-6 . 30-6 . 30-7
Theme layouts . . . . . . . . . . . . <QuickPlaceSkinComponent> tag in layouts <IteratingValue> tag in layouts . . . . . One HTML file for multiple layouts . . . Creating a new theme . . . . . . . . . Editing a custom theme. . . . . . . . .
Part 7. Troubleshooting services for Lotus Domino

Known issues documented on IBM Support site. . . . . . . . . . . . 31-1 Troubleshooting installation problems . . . . . . . . . . . . . 32-1
Opening the installation log file on i5/OS . . . 32-1
A second cn component in distinguished name is preventing user authentication . . . . . . . A user cant log in to a place after a distinguished name change . . . . . . . . . . . . . User cant log in after name change in Domino Directory . . . . . . . . . . . . . . In a third-party authentication environment, users with non-standard names are unable to authenticate . . . . . . . . . . . . . In a third-party authentication environment, users with multi-character delimiters in their names are unable to authenticate . . . . . . . . . . Users are rechallenged for credentials when publishing and lose their edits . . . . . . . If place member and super user have same name, the super user gets member access . . . . . . A user who is a member of a group is not getting the expected access . . . . . . . . . . .
36-1 36-1 36-1
36-1
36-2 36-3 36-3 36-3
Troubleshooting qptool problems
37-1
37-1 37-1 37-1 37-1 37-1 37-2 37-2 37-2 37-2 37-3 37-3
Troubleshooting connectors
. . . . 33-1
You receive the error The path specified is too long when using connectors to add a document to a place . . . . . . . . . . . . . . 33-1
Troubleshooting place problems . . . 34-1

Imported HTML files with non-English characters not displaying correctly using Safari . . . . . 34-1 Option to create or import Microsoft Office pages missing . . . . . . . . . . . . . . . 34-1
Troubleshooting user directory problems . . . . . . . . . . . . . 35-1

Cant add a member from the user directory. . . Names of external members are missing or displayed as distinguished names . . . . . . Mapping dn to display_name causes problems You cannot use automatic lookup to add new members if more than one match is found . . . Cannot add two members with the same distinguished name . . . . . . . . . . . You cannot create a place that has the same name as a user in the directory . . . . . . . . . Places do not show changes to user information made in directory . . . . . . . . . . . . OK with Anonymous access shows rather than OK with credentials when saving user directory settings . . . . . . . . . . . . . . . User directory set to localhost or 127.0.0.1 causes server crash. . . . . . . . . . . . . . Whats New notification doesnt work for users who access rooms through group membership . . 35-1 35-1 35-1 35-1 35-1 35-2 35-2
Changehierarchy command adds entries to the Place Catalog in situations when it shouldnt . . Addmember command fails when you mistakenly use the -g argument to add an individual user . . Must unlock archived place before moving it back and registering . . . . . . . . . . . . qptool changemember appears to change a user to a group . . . . . . . . . . . . . . . qptool report returns the error Database is not full-text indexed . . . . . . . . . . . . Uppercase place names specified in XML input are converted to lowercase . . . . . . . . . . qptool does not archive a place that already exists in the specified archive directory . . . . . . Cant use qptool commands on a place whose name begins with a hyphen . . . . . . . . qptool changemember does not change the name in existing page banners . . . . . . . . . qptool remove -cleanup after qptool remove -p placename not working . . . . . . . . . . Problem using nqptool commands on server/program command line . . . . . . .
Troubleshooting offline problems

New rooms not installing to offline place during synchronization . . . . . . . . . . . Users are unable to sign in offline . . . . . Users unable to log in offline to a place with many rooms . . . . . . . . . . . . User installing offline using Sun ONE Portal Server is prompted to reauthenticate . . . . Users cant install places offline in a CA SiteMinder environment . . . . . . . . Users see ERROR 500 message when installing offline . . . . . . . . . . . . . . A PlaceBot does not run offline . . . . . . Offline users cant edit their member profiles when Sametime is enabled and the place name begins with QuickPlace . . . . . . . . Users with flat names cant take places offline
38-1
. 38-1 . 38-1 . 38-1 . 38-1 . 38-2 . 38-2 . 38-2
35-2 35-2 35-2
Troubleshooting security problems vi
36-1
. 38-2 38-2
Offline not working for external users after changemember or changehierarchy commands used . . . . . . . . . . . . . . . Offline is not working for a super user . . . Offline users cant use places and rooms accessed through group membership . . . . . . . Offline authors or readers see synchronization errors . . . . . . . . . . . . . . . Problem installing places offline on Windows XP Cannot install places with the same name from two different servers . . . . . . . . . .
Client logging settings . Other settings . . . . . 38-3 . 38-3 . 38-3 . 38-3 38-3 . 38-3
. .
. .
. .
. .
. .
. .
. .
. .
. 41-4 . 41-4
XML nodes and node actions . . . . 42-1

The service node . . . . query (service) . . . . search (service) . . . The server node . . . . getPlaceTypes (server) . The place node . . . . create (place) . . . . remove (place) . . . forceRemove (place) . update (place) . . . The placetype node . . . The person node. . . . add (person) . . . . remove (person) . . . update (person) . . . The group node . . . . add (group) . . . . remove (group) . . . update (group) . . . The member node . . . add (member) . . . remove (member) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 42-1 . 42-1 . 42-2 . 42-7 . 42-8 . 42-9 . 42-10 . 42-12 . 42-12 . 42-13 . 42-14 . 42-15 . 42-19 . 42-21 . 42-22 . 42-24 . 42-25 . 42-26 . 42-26 . 42-27 . 42-29 . 42-31
Troubleshooting Lotus Sametime problems . . . . . . . . . . . . . 39-1

Users cant schedule meetings from a place . . Lotus Sametime is not working for local users External members with flat names cannot join online meetings that they publish . . . . . . 39-1 39-1 . 39-1
Troubleshooting problems with non-English versions . . . . . . . . 40-1

Non-English characters displaying incorrectly . Headlines not working with French version of Internet Explorer . . . . . . . . . . . . 40-1 . 40-1
Part 8. Reference
notes.ini settings . . . . . . . . . 41-1
Web page cache settings Offline settings . . . Server logging settings . . . . . . . . . . . . . . . . . . . . . . . . . . 41-1 . 41-1 . 41-1
Part 9. Appendixes
Notices . . . . . . . . . . . . . . A-1
Trademarks . . . . . . . . . . . . . . A-3
Contents
vii
viii
Part 1. Welcome to the Administrators Guide for IBM Lotus Quickr Version 8.0
Welcome to the administrators guide for IBM Lotus Quickr. In this guide you can find information about how to install, configure, and administer the server.
Deciding on the services to use

IBM Lotus Quickr is collaboration software that is built to leverage a broad set of skills and technologies by offering two deployment options: services for Lotus Domino and services for WebSphere Portal. Both deployment options provide a first-rate collaboration application that provides the following capabilities: v Places where teams can collaborate using documents, blogs, wikis, tasks, and feed generation. v A My Places page through which users can see and open all places to which they have access. v The ability to create and customize places easily with templates, themes and skins. v Connectors that enable users to manage documents on the server through IBM Lotus Notes, IBM Lotus Sametime, Microsoft Windows Explorer, and Windows Office applications. v Document management features such as checkin and checkout, drafts, versioning, workflow, and access control. v Extensions for custom application development. For many customers, services for Lotus Domino will be an appropriate deployment choice. Deploying services for WebSphere Portal is a suggested alternative deployment in the following circumstances: v The skill set and IT strategic technical direction of your organization aligns best with WebSphere Portal technology. v Your organization requests the use of an operating system not yet supported by services for Lotus Domino, for example, Red Hat Linux. v You want to deploy specific functionality that is not available with services for Lotus Domino, for example, composite applications or multilingual support on a single server. For more information on the two deployment options, contact your IBM account representative.
1-1
1-2
Supported hardware and software

Before installing IBM Lotus Quickr, review the hardware and software requirements, noting the different requirements for services for Lotus Domino and services for WebSphere Portal. See the detailed system requirements document at the following URL: http://www.ibm.com/support/docview.wss?rs=3264&uid=swg27009740
2-1
2-2
Checking for known issues before installation

Before installing IBM Lotus Quickr, review the known issues that are described on the IBM Support Site. 1. Open the following URL: http://www.ibm.com/support/search.wss?rs=3264&tc=SSVGKL&atrn=SWVersion&atrv=8.0 2. Refine your search. v To see only issues within a specific category (for example, installation), select the category in the Product Category list. v To see any alerts containing must see information, select Flashes (Alerts) in the Document Type list.
3-1
3-2
Part 2. Planning services for Lotus Domino

Before installing services for Lotus Domino, read the planning information. IBM Lotus Quickr services for Lotus Domino, is a secure, portable, self-service Web application that provides instant, centralized, team places that can be used in both intranet and extranet deployments. It provides seamless online and offline support and enables teams to: v Coordinate people, tasks, plans, and resources. v Collaborate by sharing and discussing ideas, resolving issues, co-authoring documents, exchanging files, and managing schedules. v Communicate actions, decisions, key findings, and other knowledge by posting them to the team place. To facilitate rapid deployment, Lotus Quickr services for Lotus Domino includes ready-made templates, called PlaceTypes, from which you can create sites designed to manage projects, facilitate discussion, plan events, or author and store project documents. Users can easily create, manage, and customize places. Using Java, HTML, and other tools, users with advanced Web skills can implement sophisticated customizations.
The Lotus Quickr services for Lotus Domino environment

IBM Lotus Quickr services for Lotus Domino runs as a Web application on an Lotus Domino server. It leverages Lotus Domino features, such as: v Lotus Domino clustering and replication to update and distribute place content among servers. v Lotus Domino security to control access to places and servers. v Lotus Domino mail infrastructure to invite members to join places and to notify them of changes. v Lotus Domino single sign-on (SSO) to enable users to log in to a server without being prompted to log in again during the session. v Lotus Domino Off-Line Services (DOLS) to enable users to take places offline and work while disconnected from the network. v Lotus Domino Domain Search to support searches across multiple places and servers. v Lotus Domino directory services, an optional user directory configuration that leverages directory services features available through Domino. In addition, Lotus Quickr services for Lotus Domino integrates with other applications and technologies, for instance: v It draws on the capabilities of IBM Lotus Sametime to provide online awareness and real-time communication. v It supports the use of the Lightweight Directory Access Protocol (LDAP) to enable connection to an external LDAP-compliant directory for authenticating users and obtaining user and group information. v It uses Web services technology to enable users to use connectors to manage documents on the server through IBM Lotus Notes, IBM Lotus Sametime, Microsoft Windows Explorer, and Windows Office applications. Lotus Quickr services for Lotus Domino administration involves using a combination of Lotus Domino and Lotus Quickr tools: Domino Administrator client, configuration through the Domino Directory (names.nsf), and notes.ini file on the Domino side, and qptool commands entered at the server console, the qpconfig.xml configuration file, and the Site Administration link on the server home page on the Lotus Quickr side.
Directory services planning

Place membership lists can be created locally in places (in CONTACTS1.NSF), so that specifying place member from a user directory is not required. However, connecting to a user directory maximizes the features that are available to you. The following features are supported only when a user directory is in use: v IBM Lotus Sametime integrated in places v My Places, personal listings of places v Single sign-on authentication v Super user access to the server v User names in double-byte character sets Connecting to a user directory also provides these member management features: v User information is managed in a central location, rather than in individual places. v External members use the same name and password to access any place of which they are a member, whereas local members might have different user names and passwords in each place. v Many of the qptool commands that enable you to manage member information for multiple places at once are available only for external members. For example, you can use the qptool addmember command to add external members to places, but not to add local members. Local membership is supported, even when a user directory is used. The local Lotus Quickr administrator specified during installation is a local member of the servers Site Administration place. To connect to a user directory, you have a choice of two directory services configurations. You can set up Lotus Quickr to control directory services, or you can set up the underlying Lotus Domino server to control directory services. When Lotus Quickr controls directory services, you connect to a single external LDAP directory server, and configure the LDAP directory connection through the Site Administration link and the qpconfig.xml file. When the underlying Lotus Domino server controls directory services, Lotus Quickr uses any of the directories that Lotus Domino does, for example, multiple directories accessed through directory assistance, and you use the directory services configuration procedures of Lotus Domino.
Security planning
By default, users can connect to a Lotus Quickr server anonymously or through basic name-and-password authentication. Server access is controlled through the Ports Internet Ports Web tab in the Server document in the Domino Directory. By default, any user who can connect to the server can create places. The local Lotus Quickr administrator, created at the end of Lotus Quickr installation, can use the Site Administration Security link on the home page to limit the ability to create places to specific authenticated users. The local administrator can also designate additional administrators, who then have the ability to create and delete places, use the Site Administration link, and create and delete PlaceTypes. Users who create places have super user access to the places, meaning they can see and edit all place content, as well as control all access to place content. The available places access levels are: Author, Reader, Editor, Manager, and Super User. An administrator can use the qpconfig.xml file to specify the name of a user or group in a user directory that has super user access to all places on the server. Note that if you want to use Lotus Sametime integration features, or to use My Places Show Usage Statistics to run qptool commands on places, you must configure the server to use single sign-on authentication.
International considerations
For this release, if you use any non-English version of Lotus Quickr server, you must set up the server to generate output using UTF-8 encoding so that page content displays correctly in non-English languages. See the Installation section of the infocenter for more information. To enable people who use double-byte character set (DBCS) languages, such as Japanese or Chinese, to use My Places, you must enable single sign-on authentication on the server. In addition, you must use the notes.ini file to configure the DBCS language to use. See the Configuring section of the infocenter for more information.
Part 2.Planning
Part 3. Installing
This section describes installing services for Lotus Domino and installing connectors on users desktops.
Installing services for Lotus Domino

You can install IBM Lotus Quickr on a Microsoft Windows, IBM AIX, Sun Solaris, or IBM i5/OS system.
Installing on Windows
Perform the following steps to install IBM Lotus Quickr on a Microsoft Windows system. 1. Review the hardware and software requirements on the IBM Support Site. See the detailed system requirements document at: http://www.ibm.com/support/docview.wss?rs=3264&uid=swg27009740. 2. Review the known issues that are described on the IBM Support Site. To see a list of all current known issues in this release, use the following URL: http://www.ibm.com/support/ search.wss?rs=3264&tc=SSVGKL&atrn=SWVersion&atrv=8.0. To see just installation issues, select Installation in the Product Category list. 3. Install IBM Lotus Domino version 7.0.2. Keep the following points in mind: v Select Domino Enterprise Server as the server type. v If you install partitioned Lotus Domino servers so that you can install Lotus Quickr on each partition, when you configure the server for TCP/IP, assign a separate IP address to each partition rather than using port mapping. For more information, see the topic Partitioned servers and IP addresses in Domino 7 Administrator Help. For information on installing the Lotus Domino server, see the topic Installing Domino on Windows systems in Domino 7 Administrator Help. 4. Run the Domino Server Setup program. Keep the following points in mind: v Choose to set up HTTP services. v Use a Domino server certifier that includes no more than two organizational units (OUs). For example, the certifier /OU=Dallas/OU=Div1/O=Acme is acceptable, but the certifier /OU=Sales/OU=Dallas/OU=Div1/O=Acme is not acceptable. Otherwise the internal names of local users defined in Lotus Quickr places will be truncated and these users will be unable to log in to the server. The local administrator specified at the end of the installation is a required local user. For information on setting up the Domino server, see the topic Using the Domino Server Setup program in Domino 7 Administrator Help. Install Lotus Domino 7.0.2 Fix Pack 1. See the following Support Technote for information on this fix pack: http://www.ibm.com/support/docview.wss?rs=899&uid=swg21254159. Stop the Lotus Domino server if it is running. Stop any other Windows programs that are running. Stop any Web applications that listen on TCP/IP port 80. Skype is an example of such an application. Insert and start the Lotus Quickr installation CD. If you are installing from a network drive, navigate to the directory that contains the installation kit. Double-click the Setup.exe file. In the Software License Agreement window, click Accept. In the Welcome window, click Next. In the Choose Destination Location window, select the directory that holds the Lotus Domino program files, and then click Next. In the Start Copying Files window, review the directory path names that are displayed, and if they are correct, click Next to begin the installation.
5. 6. 7. 8. 9. 10. 11. 12. 13. 14.
4-1
15. After installation is complete, click Next in the Lotus Quickr Server Configuration window that opens automatically. 16. In the Specify name and password window, type the user name and password for the first Lotus Quickr server administrator. Specify the name for a new, local administrator. Do no specify the name of the Lotus Domino server administrator or any other name from a user directory that Lotus Quickr uses. 17. In the Congratulations dialog box, click Finish. Related tasks Enabling the Domino Servlet Engine on page 4-26 After you have installed or upgraded to IBM Lotus Quickr, enable the Domino Servlet Engine. This step enables place managers to use place administration actions, such as qptool lock and unlock from My Places Show Usage Statistics. Enabling UTF-8 character encoding for non-English server versions on page 4-27 If you use any non-English version of the IBM Lotus Quickr server, you must set up the server to generate output using UTF-8 encoding so that page content displays correctly in non-English languages. Modifying TCP/IP registry settings on Windows servers on page 4-27 If your IBM Lotus Quickr server runs on Microsoft Windows, you must modify specific TCP/IP registry parameters to ensure good performance.
Installing on AIX or Solaris

Perform the following steps to install IBM Lotus Quickr on an IBM AIX or Sun Solaris system. 1. Review the hardware and software requirements on the IBM Support Site. See the detailed system requirements document at: http://www.ibm.com/support/docview.wss?rs=3264&uid=swg27009740. 2. Review the known issues that are described on the IBM Support Site. To see a list of all current known issues in this release, use the following URL: http://www.ibm.com/support/ search.wss?rs=3264&tc=SSVGKL&atrn=SWVersion&atrv=8.0. To see just installation issues, select Installation in the Product Category list. 3. Install IBM Lotus Domino version 7.0.2. Keep the following points in mind: v Select Domino Enterprise Server as the server type. v If you install partitioned Lotus Domino servers so that you can install Lotus Quickr on each partition, when you configure the server for TCP/IP, assign a separate IP address to each partition rather than using port mapping. For more information, see the topic Partitioned servers and IP addresses in Domino 7 Administrator Help. For information on installing the Lotus Domino server, see the topic Installing Domino on Windows systems in Domino 7 Administrator Help. 4. Run the Domino Server Setup program. Keep the following points in mind: v Choose to set up HTTP services. v Use a Domino server certifier that includes no more than two organizational units (OUs). For example, the certifier /OU=Dallas/OU=Div1/O=Acme is acceptable, but the certifier /OU=Sales/OU=Dallas/OU=Div1/O=Acme is not acceptable. Otherwise the internal names of local users defined in Lotus Quickr places will be truncated and these users will be unable to log in to the server. The local administrator specified at the end of the installation is a required local user. For information on setting up the Domino server, see the topic Using the Domino Server Setup program in Domino 7 Administrator Help. 5. Install Lotus Domino 7.0.2 Fix Pack 1. See the following Support Technote for information on this fix pack: http://www.ibm.com/support/docview.wss?rs=899&uid=swg21254159. 6. Stop the Lotus Domino server if it is running. 7. Open a terminal window and log in to the server as a root user.
4-2
8. Navigate to the directory that contains the installation kit. 9. Enter this command to start the installation:
./install
10. When prompted, type the number that corresponds to the language in which you prefer to read the Lotus Software Agreement. Press Enter to continue, and then press Enter again to display the license agreement. 11. When you have read the agreement, press 1 to accept the agreement and continue with the installation. Note: Many of the following steps require that you accept a default or type a new value. To change a default, press Enter and type a new value. After you enter a new setting, press Enter to accept the change and continue with the installation. Specify the Lotus Domino program directory as the directory where the Lotus Quickr program files will be installed. The default Domino program directory is opt/ibm/lotus. You must install the Lotus Quickr program files to the directory that holds the Domino program files. Press TAB to continue. Specify the Lotus Domino data directory as the directory where the Lotus Quickr data files will be installed. The default Domino data directory is /local/notesdata. You must install the Lotus Quickr data files into the directory that holds the Domino data files. Press TAB to continue. Specify the UNIX user who will own the Lotus Quickr server files. This must be the same user who owns the Domino server files. Specify the UNIX group that will own the Lotus Quickr server files. This must be the same group that owns the Domino server files. The UNIX user specified in the previous step must be a member of this group. Type the name and password of the first Lotus Quickr administrator. Specify the name for a new, local administrator. Do no specify the name of the Lotus Domino server administrator or any other name from a user directory that Lotus Quickr uses. When the installation program displays Configuration of the Install program is complete, press TAB to review your installation settings. For example: Installation type: New Install Program directory: /opt/ibm/lotus Data directory: /local/notesdata UNIX user: UNIX user UNIX group: UNIX group
12.
13.
14. 15.
16.
17.
18. Press TAB to install Lotus Quickr. Related tasks Enabling the Domino Servlet Engine on page 4-26 After you have installed or upgraded to IBM Lotus Quickr, enable the Domino Servlet Engine. This step enables place managers to use place administration actions, such as qptool lock and unlock from My Places Show Usage Statistics. Enabling UTF-8 character encoding for non-English server versions on page 4-27 If you use any non-English version of the IBM Lotus Quickr server, you must set up the server to generate output using UTF-8 encoding so that page content displays correctly in non-English languages.
Installing on IBM i5/OS

This section provides instructions on how to install IBM Lotus Quickr on IBM i5/OS. To perform a new installation of Lotus Quickr on i5/OS, complete the following tasks as appropriate: Related tasks
4-3
Enabling the Domino Servlet Engine on page 4-26 After you have installed or upgraded to IBM Lotus Quickr, enable the Domino Servlet Engine. This step enables place managers to use place administration actions, such as qptool lock and unlock from My Places Show Usage Statistics. Enabling UTF-8 character encoding for non-English server versions on page 4-27 If you use any non-English version of the IBM Lotus Quickr server, you must set up the server to generate output using UTF-8 encoding so that page content displays correctly in non-English languages.
IBM Lotus Quickr and Domino compatibility on i5/OS

Lotus Domino must be installed on the same system as IBM Lotus Quickr, and the software versions of the two products must be compatible. This topic lists a number of compatibility issues to keep in mind. v Lotus Quickr 8 requires Domino 7.0.2 or a later. If Domino 7.0.2 is used, Fix Pack 1 or later must also be installed. For the latest information about compatibility between Lotus Quickr and Domino releases on i5/OS, go to http://www.ibm.com/systems/i/software/quickr/ v You must install Domino and Lotus Quickr on the same system. Install Domino first and then install Lotus Quickr. v If you have an earlier version of Lotus QuickPlace installed on the i5/OS platform, you must remove the Lotus QuickPlace product, upgrade to a release of Domino compatible with Lotus Quickr 8, and then install Lotus Quickr 8. Removing an existing Lotus QuickPlace installation is not required for Windows, AIX, and Solaris. v Lotus Quickr must use the Domino HTTP server (the Domino HTTP server task). Lotus Quickr will not work with the IBM HTTP server. On the i5/OS platform, the IBM HTTP server can be running on your system for other applications. Follow the instructions in the topic Verifying the configuration of IBM HTTP Server to ensure you do not encounter TCP/IP port conflicts between the Lotus Quickr server and the IBM HTTP server. v On the i5/OS platform, there are language considerations for Lotus Quickr. The QNOTES user profile has a locale object associated with it that identifies some of the language dependent settings, such as date and time separators, that will be used by the server. Lotus Quickr and Domino share the QNOTES user profile and locale objects. As a result, when you add Lotus Quickr to a Domino server, Lotus Quickr uses the QNOTES user profile and the locale settings that are associated with the Domino server. After the Domino server is set up, you can install Lotus Quickr and then install the files for your preferred language from the Lotus Quickr Language Pack. For more information, see the Readme.txt file included on the Lotus Quickr Language Pack CD.
Preparing your TCP/IP configuration

This section provides instructions on how to prepare your TCP/IP configuration for IBM Lotus Quickr . Your system must have enough TCP/IP addresses defined so that you can that you can assign at least one for the exclusive use of each of the following servers: v Your IBM Lotus Quickr server v Each Domino server v Each Sametime server v Each instance of IBM HTTP Server running on your system Each of these servers must use a unique host name or TCP/IP address to avoid port conflicts between the servers. Do not attempt to use Domino port mapping. Contact your network administrator to assign additional TCP/IP addresses and host names, if needed. Ensure that the new host names are also added to your Domain Name Server (DNS).
4-4
Complete the following tasks, as appropriate for your system:
Adding a TCP/IP interface and host name

This topic explains how to add a TCP/IP interface and host name to your system. If your network administrator has assigned an additional TCP/IP interface for your use, follow these steps to add the interface to your system: 1. Open iSeries Navigator. 2. Open the system where you will add IBM Lotus Quickr. 3. Click Network. 4. Click TCP/IP Configuration. 5. Right-click Interfaces and select New Interface. 6. Select Local Area Network. 7. Follow the wizards instructions to configure the TCP/IP interface. If you need assistance in any window of the wizard, click Help. To add a host table entry for the TCP/IP interface: To add a host table entry for the TCP/IP interface you plan to use for your Lotus Quickr server, follow these steps: 1. Open the Host Table. v Open iSeries Navigator. v Open the system where you plan to install Lotus Quickr. v Click Network. v Right-click TCP/IP Configuration and select Properties. v On the TCP/IP Configuration properties display, click the Host Table tab. 2. 3. 4. 5. 6. 7. Click Add. In theIP Address field, enter the TCP/IP address you have chosen to use for your Lotus Quickr server. For example, enter 10.1.2.4. In the Host name field, enter the fully qualified name for the Domino server where you will add Lotus Quickr. For example, enter twpserver.acme.com. Optional: Optional: enter a description in the Description field. Click OK to add the entry to your servers host table. Click OK to exit the TCP/IP Configuration Properties window.
Verifying the configuration of other Domino servers

Follow these steps to verify the configuration of other Domino servers on your system. Complete the following steps for each Domino server: 1. Open the Server document of the Domino server. 2. Select Internet Protocols. 3. Select the HTTP tab. 4. In the Host name(s) field, enter a unique TCP/IP address or TCP/IP host name of your Domino server. 5. In the Bind to host name field, select Enabled. 6. Restart the Domino server to make any changes take effect. For more information on unique Domino host names and the Bind to host name option, see the Lotus book, Installing and Managing Domino for i5/OS (i400help.pdf). This book is available on the Web at
4-5
http://www-10.lotus.com/ldd/doc
Verifying the configuration of Sametime servers

See the document Installing and Managing IBM Lotus Sametime for i5/OS for information about properly configuring your Sametime server to use a unique host name and TCP/IP address. This book is available on the Web at http://www-10.lotus.com/ldd/doc
Verifying the configuration of IBM Directory Server (LDAP)

Follow these steps to verify the configuration of IBM Directory Server on IBM i5/OS. To verify the configuration of IBM Directory Server (LDAP), follow the procedure appropriate for your environment. If you do not plan to use IBM Directory Server (LDAP) on the same system: If you are not planning to use IBM Directory Server (LDAP) on the same system as your IBM Lotus Quickr server, you should disable it by completing these steps: 1. Open iSeries Navigator and open your system. 2. Click Network. 3. Click Servers. 4. Click TCP/IP. 5. From the list on the right, right-click Directory and select Stop. If you plan to use IBM Directory Server (LDAP) on the same system: If you are planning to use it, complete these steps to force the IBM Directory Server to use a specific IP address: 1. Open iSeries Navigator and open your system. 2. Click Network. 3. Click Servers. 4. Click TCP/IP. 5. From the list on the right, right-click Directory and select Properties. 6. Click the Network tab. 7. Click IP Addresses... 8. Select Use selected IP addresses and specify from the list which interfaces you want to bind. 9. Click OK to close the Directory - IP Addresses page. 10. Click OK to close the Directory Properties page.
Verifying the configuration of IBM HTTP Server

Your IBM Lotus Quickr server will use the Domino HTTP server. It is possible that you may have already configured IBM HTTP Server on your system for other applications. If so, then you must verify that each instance of the IBM HTTP Server is bound to a specific TCP/IP address. To change the IBM HTTP Server settings, follow these steps: 1. If the IBM HTTP server is currently running, stop it. v Open iSeries Navigator. v Open the system where you plan to install Lotus Quickr. v Click Network.
4-6
v Click Servers. v Click TCP/IP. v In the right pane, right-click HTTP Administration and select Stop Instance-->All. 2. Start the HTTP Administration server. v Click Network. v Click Servers. v Click TCP/IP. v In the right pane, right-click HTTP Administration and select Start. 3. Open the IBM HTTP server configurations page. v Start your Web browser. v Enter the following URL: http://hostname.yourco.com:2001/HTTPAdmin where hostname.yourco.com is the fully qualified host name of your system. v Click IBM Web Administration for i5/OS. v Select the Manage tab. v Select the HTTP Servers tab. 4. Select a configuration from the menu at the top of the screen, and complete the following items for each configured instance of the IBM HTTP server. v From the list on the left pane, select General Server Configuration. v In the right pane, find the IP address and port table in the section called Server IP address and ports to listen on. v If one of the rows in the table has an asterisk (*) in the IP Address column, then the server is listening on all IP addresses. Select that row. Replace the asterisk (*) with the IP address for this server and click Continue. v When finished updating the server IP address table, click Apply to save your changes. 5. When each instance of the IBM HTTP server is configured to use a specific IP address, restart the HTTP servers. v Open iSeries Navigator. v Open the system where you plan to install Lotus Quickr. v Click Network. v Click Servers. v Click TCP/IP. v In the right pane, right-click HTTP Administration and select either Start Instance-->All, or select the particular server instances you would like to start. For more information on managing IBM HTTP server, see the IBM eServer iSeries Information Center at http://www.ibm.com/eserver/iseries/infocenter
Installing and configuring a Domino server for IBM Lotus Quickr

Before installing IBM Lotus Quickr, you must install a compatible release of Domino and configure it for Lotus Quickr. This topic contains a few considerations to keep in mind. For complete instructions on configuring a Domino server, see the Domino documentation available on the Web at http://www.ibm.com/developerworks/lotus/ When installing and configuring Domino, keep the following points in mind:
4-7
v Your Domino server must be bound to the IP address prepared for use with Lotus Quickr. For more information, see Preparing your TCP/IP connection. To bind the Domino server to the IP address set aside for Lotus Quickr, follow these steps: Open the Server document of the Domino server. Select Internet Protocols. Select the HTTP tab. In the Host name(s) field, enter the TCP/IP address set aside for Lotus Quickr. In the Bind to host name field, select Enabled. Restart the Domino server to make any changes take effect. v Use a Domino server certifier that includes no more than two organizational units (OUs). For example, the certifier /OU=Dallas/OU=Div1/O=Acme is acceptable, but the certifier /OU=Sales/OU=Dallas/ OU=Div1/O=Acme is not acceptable. Otherwise the internal names of local users defined in Lotus Quickr places will be truncated and these users will be unable to log in to the server. The local administrator specified at the end of the installation is a required local user.
Pre-accepting the IBM Lotus Quickr software agreements

To speed up installation on i5/OS, you can pre-accept the Lotus Quickr software agreements before starting installation. If you do not pre-accept the software agreements, the installation process will restore the product to the system, but then stop and wait for you to accept the agreements before completing the installation. To pre-accept the Lotus Quickr software agreements: 1. Insert the Lotus Quickr CD into the optical drive of your system. 2. Enter the following command on an i5/OS command line:
GO LICPGM
3. 4.
5.
6.
The Work with Licensed Programs display appears. From the Work with Licensed Programs (LICPGM) menu, select option 5 (Prepare for install) and press Enter. The Prepare for Install display appears. Type 1 in the option field next to Work with software agreements. Press Enter. When the Work with Software Agreements display appears, you see all IBM licensed programs that require software agreement acceptance and whether the agreement has been accepted. Only licensed programs that are not yet installed appear on this display. The software agreements for Lotus Quickr will not appear in the list until you restore them from the CD in a later step. Press F22 (shift-F10) to restore the Software Agreements from the Lotus Quickr CD. For the Device parameter, specify the name of your optical drive. For example, OPT01. Press Enter to restore the Lotus Quickr software agreements to the system. Once the Software agreements are restored from the Lotus Quickr CD, the following message is displayed:
Waiting for reply to message on message queue QSYSOPR.
You can sign on to another session to respond to the message or ask the system operator to respond. To view and respond to the message from another session: a. Enter the following command on an i5/OS command line:
wrkmsgq qsysopr
b. Select option 5 to display the messages in the QSYSOPR message queue. c. Locate the following message in the queue:
Load the next volume in optical device OPT01. (X G)
4-8
The Lotus Quickr software agreements have already been restored. If you want to restore more software agreements from another CD, insert the next CD and respond with G. When the sofware agreements have been restored from the next CD, the message is issued again. When you are done, respond to the message with X. 7. The Work with software agreements display should now include an entry for Lotus Quickr: Licensed Program 5724S31. 8. For each entry for Licensed Program 5724S31, type 5 in the option field and press Enter to display the Software Agreement. Then press F14 (Accept) to accept the terms of the software agreement.
Installing IBM Lotus Quickr on i5/OS

Follow these steps if you are installing IBM Lotus Quickr on your system for the first time. If you are upgrading an existing Lotus Quickr server, see Upgrading from a previous version of Lotus QuickPlace. To install Lotus Quickr , follow these steps: 1. Review the hardware and software requirements on the IBM Support Site. See the detailed system requirements document at: http://www.ibm.com/support/docview.wss?rs=3264&uid=swg27009740. 2. Review the known issues that are described on the IBM Support Site. To see a list of all current known issues in this release, use the following URL: http://www.ibm.com/support/ search.wss?rs=3264&tc=SSVGKL&atrn=SWVersion&atrv=8.0. To see just installation issues, select Installation in the Product Category list. 3. Sign on to your system with a user profile that has the required authority. For more information, see the Lotus Quickr Release Notes. 4. Insert the Lotus Quickr for i5/OS CD into your optical drive. 5. On any i5/OS command line, type the following command and press F4:
LODRUN
6. On the LODRUN display, type the following value in the Device field and press Enter:
*opt
7. In the Directory field, type the following value and press Enter:
/os400
8. When the Lotus Quickr option screen is displayed, type a 1 beside the Lotus Quickr product option and press Enter to begin the installation. The system loads the Lotus Quickr programs to the appropriate system libraries and /QIBM directories. Note: If the Domino server ID files are password protected, you will be prompted to enter the password. After the password has been entered, press Enter to continue with the installation of Lotus Quickr. If your server ID file has multiple passwords, the passwords must be entered one at a time. 9. If you prefer to use a non-English version of Lotus Quickr, you should install the Lotus Quickr Language Pack at this time. The Language Pack can either be installed from CD-ROM or downloaded from the Web. Language Pack installation instructions are included with the Language Pack.
Adding IBM Lotus Quickr to the Domino server

Follow these steps to add Lotus Quickr to an existing Domino server on IBM i5/OS. To add Lotus Quickr to a Domino server: 1. Stop the Domino server on which you plan to add Lotus Quickr. 2. On any i5/OS command line, type the following command and press F4:
ADDLQPDOM
4-9
3. Fill in the following fields and press Enter to add Lotus Quickr to the Domino server.
Field Domino server name Explanation The name of the Domino server where you will add Lotus Quickr. Specifies the name of the person who is the administrator for this Lotus Quickr server. The administrators name should be a local user and should not be present in the external directory. The password you want to use for the Lotus Quickr administrators ID. Keep a record of this password as you will need it to sign on to the Lotus Quickr home page as the administrator. The Server ID password is only required if the Domino server is password-protected. You would have specified this password when the Domino server was created. If the ID file requires multiple passwords, then the passwords must be enclosed inside single quotation marks and separated by commas. For example: Password.......password1,password2 Start Domino Server If you press F10, an additional parameter is displayed. This parameter gives you the option of starting the Lotus Quickr server immediately after adding Lotus Quickr to the Domino server. To start the Domino server after adding Lotus Quickr, specify *YES.
Lotus Quickr Administrator
Administrator password
Server ID Password
Removing IBM Lotus Quickr from a Domino server on i5/OS

Use the Remove IBM Lotus Quickr from a Domino Server command to remove Lotus Quickr from a Domino server on i5/OS. The Remove IBM Lotus Quickr from a Domino Server command makes the following changes to a Domino server: v Removes Lotus Quickr data from the Domino server. v Removes the Lotus Quickr directory from the Domino server data directory. v Changes the NOTES.INI file for the Domino server to disable Lotus Quickr. To remove Lotus Quickr from a Domino server, follow these steps. To perform this task, you must have *ALLOBJ, *IOSYSCFG, *JOBCTL, and *SECADM special authorities. 1. End the Domino server and subsytem. 2. Enter the following i5/OS command:
RMVLQPDOM dominoservername
where dominoservername is the actual name of the Domino server. 3. Verify that you want to remove Lotus Quickr from the Domino server by typing a G and pressing Enter. Note: If you do not wish to remove Lotus Quickr from the Domino server, press any other key. 4. Restart the Domino server.
4-10
5. To verify that Lotus Quickr was removed from the Domino server, use a Web browser to try to access the Lotus Quickr home page for the Domino server at the following URL: http://dominoservername:port/lotusquickr where dominoservername is the name of your Lotus Quickr server and port is the associated port number. For example:
http://twpserver1:81/lotusquickr
Note: If removing an earlier release of Lotus QuickPlace, access the following URL instead: http://dominoservername:port/QuickPlace You should get an error indicating that the file was not found.
Upgrading to Lotus Quickr 8

Follow the steps below in the order indicated to upgrade IBM Lotus QuickPlace Version 6.5.1 or 7.0 to IBM Lotus Quickr Version 8.0. The process of upgrading a server and places is separated into independent stages. This separation minimizes the downtime required to upgrade. After you upgrade a server, you can choose to upgrade places and PlaceTypes to enable new features in them when it is convenient. Users can continue to work in their existing places before you upgrade places and PlaceTypes, and can continue to create new places and PlaceTypes, as long as they do not use existing places or PlaceTypes to create them. The existing places remain available except when they are locked for the relatively short time when they are being upgraded. In a non-cluster environment, Lotus Quickr Version 8.0 servers can coexist in the same IBM Lotus Domino domain as Lotus QuickPlace Version 6.5.1 or 7.0 servers. However, this coexistence is supported only during the limited process of upgrading. Servers in a cluster should all run Lotus Quickr Version 8.0 Related tasks Enabling the Domino Servlet Engine on page 4-26 After you have installed or upgraded to IBM Lotus Quickr, enable the Domino Servlet Engine. This step enables place managers to use place administration actions, such as qptool lock and unlock from My Places Show Usage Statistics. Enabling UTF-8 character encoding for non-English server versions on page 4-27 If you use any non-English version of the IBM Lotus Quickr server, you must set up the server to generate output using UTF-8 encoding so that page content displays correctly in non-English languages. Moving a place from an older-release server to a current-release server on page 4-25 You can move a place from an IBM Lotus QuickPlace 6.5.1 or 7.0 server to an IBM Lotus Quickr 8 server.
Whats new?
Read about the new features in this release.
Lotus Quickr connectors

Connectors enable your users to work with IBM Lotus Quickr documents from IBM Lotus Notes, IBM Lotus Sametime, Microsoft Windows, and Microsoft Office applications. From these applications users can check out, modify, and check in documents on the server, add documents to the server, and share documents through e-mail and chats. To use connectors, users click the Lotus Quickr Connectors download link from the server home page, and follow simple installation steps to download the connectors they want to use (connector for Windows Explorer required.) Users of the connector for Lotus Sametime and the connector for Lotus Notes can invite others to download the connectors by sending URL links to the servers to use for the downloads. Administrators can configure which servers to use for these collaborative installations.
4-11
Atom feed
The Atom feed is an XML-formatted feed that can pull content from various place document repository areas such as folder document listings, forms listings, members listings, and a Whats New document.
User interface changes

A number of new user interface and navigation features are available: v Context menus for places, folders, documents, and people are available for all types of documents in Lotus Quickr, including regular posts, tasks, and calendar events, anywhere a document name appears in Lotus Quickr. v Analogous to document context menus, member context menus associated with peoples names will be available anywhere a place members name appears in Lotus Quickr. v In any folder view, you can drag-and-drop documents into another folder. v A business-card-style menu pops up when you click on the dropdown menu icon beside a place member name anywhere in Lotus Quickr. v A dropdown menu appears when mousing over the Create action button. Releasing the mouse on any item accesses the appropriate Edit mode for the new document. Administrators can use the qpconfig.xml file to disable context menus or document drag-and-drop, and to configure images and attributes to show in member context menus.
New place member role

A new place member role is available: the place super user is a new access level for place managers, giving them super-user type access throughout one place only. This role allows one or more individuals access to every single room and document in a place.
Place administration through My Places

External members who have at least reader access to places can use My Places to display statistics about the places. External members with manager access can use My Places to perform the following place administration tasks: locking and unlocking places, updating and resetting place statistics in the Place Catalog, removing places. Performing place administration tasks through My Places requires that single sign-on be enabled on the server.
Extension of place functionality using client-side JavaScript

Developers can enhance the functionality of a place by using client-side JavaScript in themes, imported HTML forms, imported HTML pages, and any other object within the product that will render its HTML or JavaScript
Known issues and system requirements documented on IBM Support Site replace release notes
No Release Notes are provided in this release. System requirements and known issues are now documented exclusively on the IBM Support Site. Related tasks Configuring collaborative installations on page 5-1 Users of the connector for Lotus Sametime and the connector for Lotus Notes can invite others to download the connectors by sending URL links to the servers to use for the downloads. You can configure which servers to use for these collaborative installations. Enabling or disabling context menus or document drag-and-drop on page 14-1 You can use the qpconfig.xml file to control the extent to which context menus are enabled in the user
4-12
interface. Context menus are menus that are available from documents, folders, user names, and My Places by hovering over a drop-down arrow. You can also enable or disable the ability to drag and drop documents in folders. Context menus and document drag-and-drop are enabled by default. Displaying user images and user information in user context menus on page 14-2 The Lotus Quickr user interface provides context menus next to member names. You can use the qpconfig.xml file to display images and LDAP directory attributes of external members in these context menus. The images are accessed through a Web service URL that you specify. Using My Places for place administration on page 20-1 External members who have at least reader access to places can use My Places to display statistics about the places. External members with manager access can use My Places to perform place administration tasks. Writing client-side JavaScript to extend place functionality on page 26-1 You can enhance the functionality of a place by using client-side JavaScript in themes, imported HTML forms, imported HTML pages, and any other object within the product that will render its HTML or JavaScript, to extend to your own JavaScript code off of any JavaScript function within the product.
Backing up places and PlaceTypes

Places and PlaceTypes are assets that are critical to your organization. Before you upgrade, perform the following steps to back up places and PlaceTypes: 1. Make backup copies of the following files: v All of the subfolders in domino_data_root\QuickPlace, except quickplace, Help, and AreaTypes. These are your places. v All of the subfolders in domino_data_root\QuickPlace\AreaTypes. These are your PlaceTypes. Save the backup copies to different media from the media your organization uses for its standard backup process. Do not rely solely on your organizations standard backup process, because it might delete backup copies too quickly. 2. Verify the backup media by restoring it. If this step is not possible, make duplicate backup copies. 3. Save the backup copies in a secure location for at least several months.
Upgrading servers
Upgrade a server by performing the steps described for your operating system. If you are upgrading a server in a clustered environment, you must prevent servers from replicating during the upgrade process. To prevent replication of clustered servers during the upgrade process: 1. Disable replication of one server in the cluster, and then stop the server. If you are using Network Dispatcher, redirect HTTP traffic to the other cluster members. 2. Upgrade the server, following one of the procedures referenced below. 3. Restart the server. 4. Repeat steps 1 -3 for each server in the cluster. Do not allow IBM Lotus QuickPlace Version 6.5.1 or Version 7.0 servers to replicate with IBM Lotus Quickr Version 8.0 servers. 5. When all servers in the cluster are running Lotus Quickr Version 8.0, re-enable cluster replication and enable qptool replicamaker between the servers.
Upgrading a server on Windows

Perform the following steps to upgrade a server on the Microsoft Windows operating system: 1. If you are upgrading an IBM Lotus QuickPlace server that is set up for offline use, offline users should perform the following steps on their clients before you upgrade the server: a. Synchronize offline places with the server. b. Click Start Programs Lotus Domino Sync Manager Uninstall Lotus Domino Sync Manager.
4-13
Note: Users will need to re-install places offline after the upgrade is complete. 2. Stop the IBM Lotus Domino server if it is running. 3. Stop any other Windows programs that are running. 4. Upgrade the Lotus Domino server to Version 7.0.2, if you have not already done so. For instructions, see the book Upgrading to IBM Lotus Notes/Domino 7 available on the Web at www.lotus.com/ldd/doc. Note: If you start the upgraded Lotus Domino server before upgrading to Lotus Quickr, ignore the java.dll could not be found error message if it is displayed. After you upgrade to IBM Lotus Quickr Version 8.0 the error will no longer be displayed. 5. Perform the following steps to upgrade to Lotus Quickr Version 8.0. a. Insert and start the Lotus Quickr installation CD. If you are installing Lotus Quickr from a network drive, navigate to the directory with the installation kit. Double-click Setup.exe. In the Software License Agreement window, click Accept. In the Welcome window, click Next. In the Choose Destination Location window, select the directory that holds the Lotus Domino program files, and then click Next. f. In the Start Copying Files window, review the directory path names that are displayed, and if they are correct, click Next to begin the installation. g. After installation is complete, in the Lotus QuickrServer Configuration window, click Next. 6. In the Congratulations dialog box, click Finish. b. c. d. e.
Upgrading a server on AIX or Solaris

Perform the following steps to upgrade a server on the IBM AIX or Sun Solaris operating system: 1. If you are upgrading an IBM Lotus QuickPlace server that is set up for offline use, offline users should perform the following steps on their clients before you upgrade the server: a. Synchronize the offline places with the server. b. Uninstall Lotus Domino Sync Manager. Note: Users will need to re-install places offline after the upgrade is complete. 2. Upgrade the Lotus Domino server to Version 7.0.2, if you have not already done so. For instructions, see the book Upgrading to IBM Lotus Notes/Domino 7 available on the Web at www.lotus.com/ldd/doc. Note: If you start the upgraded Lotus Domino server before upgrading to Lotus Quickr Version 8.0, ignore the java.dll could not be found error message if it is displayed. After you upgrade to Lotus QuickrVersion 8.0 the error will no longer be displayed. 3. Perform the following steps to upgrade to Lotus QuickrVersion 8.0. a. Stop the Lotus Domino server. b. Open a terminal window and log in to the server as a root user. c. Navigate to the directory that contains the Lotus Quickr installation kit. d. Enter this command to start the installation:
./install
e. When prompted, type the number that corresponds to the language in which you prefer to read the Lotus Software Agreement. Press Enter to continue, then press Enter again to display the license agreement. f. When you have read the agreement, press 1 to accept the agreement and continue with the installation.
4-14
Note: Many of the following steps require that you accept a default or type a new value. To change a default, press Enter and type a new value. After you enter a new setting, press Enter to accept the change and continue with the installation. g. Specify the Domino program directory as the directory where the Lotus Quickr program files will be installed. The default Domino program directory is opt/ibm/lotus. You must install the Lotus Quickr program files to the directory that holds the Domino program files. Press TAB to continue. h. Specify the Domino data directory as the directory where the Lotus Quickr data files will be installed. The default Domino data directory is /local/notesdata. You must install the Lotus Quickr data files into the directory that holds the Domino data files. Press TAB to continue. i. Specify the UNIX user who will own the Lotus Quickr server files. This must be the same user who owns the Domino server files. j. Specify the UNIX group that will own the Lotus Quickr server files. This must be the same group that owns the Domino server files. The UNIX user specified in the previous step must be a member of this group. k. When the installation program displays Configuration of the Install program is complete, press TAB to review your installation settings. For example: v Installation type: New Upgrade. v v v v v Program directory: /opt/ibm/lotus Data directory: /local/notesdata UNIX user: UNIX user UNIX group: UNIX group Press TAB to install Lotus QuickPlace.
Upgrading a server on i5/OS

This procedure describes how to upgrade an existing IBM Lotus Quickplace 6.5.1 or 7.0 server to IBM Lotus Quickr 8.0 on i5/OS. To upgrade an existing Lotus Quickplace 6.5.1 or 7.0 server to IBM Lotus Quickr 8.0 on i5/OS: 1. End any existing Domino servers on your system. After ending the servers, be sure that any active Domino subsystems are also ended. 2. Delete any Lotus QuickPlace hotfixes if they are installed. To see a list of Lotus QuickPlace hotfixes, type the following i5/OS command and press Enter:
DSPPTF LICPGM(PROGRAM_ID)
where PROGRAM_ID is the licensed program ID of the version you are upgrading from: v 5733LQP (Lotus Quickplace 6.5.1) v 5724J24 (Lotus Quickplace 7.0) To delete the hotfixes, type the following command and press Enter:
RMVPTF LICPGM(PROGRAM_ID) SELECT(PTF#)
3. Delete the Lotus QuickPlace licensed program by typing the following command and pressing Enter:
DLTLICPGM LICPGM(PROGRAM_ID)
where PROGRAM_ID is the licensed program ID of the version you are upgrading from: v 5733LQP (Lotus Quickplace 6.5.1) v 5724J24 (Lotus Quickplace 7.0) 4. Upgrade your Lotus QuickPlace server to a Domino release compatible with Lotus Quickr 8.0. For more information on installing Domino and upgrading your server, see the book Installing and Managing Domino for System i. 5. Prepare the Domino server for the addition of Lotus Quickr.
4-15
v If you plan to install Lotus Quickr in a language other than English, visit the Lotus Quickr for i5/OS Web site at the following address for a link to the latest information regarding Domino language versions and the additional steps that may be necessary to prepare the Domino server for your preferred language: http://www.ibm.com/systems/i/software/quickr/ v Start the Domino server and use Domino Administrator to edit the Server document. Verify that the Fully qualified internet host name field on the Basics tab contains the fully qualified name of the Domino server and not the name of the system. If necessary, edit the field and save the Server document. Before proceeding to the next step, end the Domino server. 6. Insert the Lotus Quickr for i5/OS CD in your systems optical drive. 7. On any i5/OS command line, type the following command and press F4:
LODRUN
8. On the LODRUN display, type the following value in the Device field and press Enter:
*opt
9. In the Directory field, type the following value and press Enter:
/os400
10. When the Lotus Quickr option screen appears, type a 1 beside the Lotus Quickr product option and press Enter to begin the installation. The system loads the Lotus Quickr programs to the appropriate system libraries and /QIBM directories. You will see status messages as the system installs the software. Note: If you already have Domino installed on your system and the server ID files are password protected, you will be prompted to enter the password. After the password has been entered, press Enter to continue with the installation of Lotus Quickr. If your server ID file has multiple passwords, the passwords must be entered one at a time. 11. If you prefer to use a non-English version of Lotus Quickr, you should install the Lotus Quickr Language Pack at this time. The Language Pack can either be installed from CD-ROM or downloaded from the Web. Language Pack installation instructions are included with the Language Pack as file Read1st. 12. Perform the following manual steps to ensure the Lotus Quickr home page uses the updated Version 8 template: a. Enter the following command on an i5/OS command line:
CPY OBJ(/server_data_dir/lotusquickr/*) TODIR(/server_data_dir/quickplace) SYMLNK(*YES) SUBTREE(*ALL) REPLACE(*YES) OWNER(*KEEP)
where server_data_dir is your server data directory. b. Open the notes.ini file and add the following line:
QuickPlaceSubdirectory=QuickPlace
c. Save and close the notes.ini file. 13. Start the Lotus Quickr server. Note: When you start the Domino server you also start the Lotus Quickr server. Upgrade the design of all databases on the server. See the topic Upgrading the design of databases on the server. 15. Upgrade places and PlaceTypes. See the topic Upgrading places and PlaceTypes. 16. Register the server and all places with the Place Catalog. See the topic Unregistering and re-registering places with the Place Catalog. 14. Note: Old PlaceTypes cannot be used to create new places, and old places cannot be used to create new PlaceTypes. Old places cannot be refreshed from their PlaceTypes, and old PlaceTypes cannot be refreshed from their places, until both are upgraded.
4-16
Upgrading the design of databases on the server

Before you upgrade places and PlaceTypes, use the qptool upgrade command to upgrade the design of all databases on the IBM Lotus Quickr server. To upgrade the design of databases: From the Domino server console, enter the following command:
load qptool upgrade -server
When the upgrade is finished, the qptool.upgrade.xml file is created in the Domino program directory. This file indicates if the upgrade was successful. qptool.upgrade.xml contains the following xml:
<?xml version="1.0"?> <service> <servers> <server> <hostname>servername</hostname> <placetypes/> <places/> <action_status action="upgrade"> <code>code number(0 if successful)</code> <message>error message(if theres an error)</message> </action_status> </server> </servers> </service>
Note: The qptool.upgrade.xml file is overwritten each time qptool upgrade is run. Therefore you should check this file to ensure that the upgrade was successful before continuing on to the next step, upgrading places and PlaceTypes.
Upgrading places and PlaceTypes

After you upgrade the design of databases on the server, you can upgrade places and PlaceTypes created prior to IBM Lotus QuickrVersion 8.0 to enable the new features in them. You can upgrade them all at once or incrementally. Keep the following points in mind about upgrading: v Upgrades are supported only for IBM Lotus QuickPlace Version 6.5.1 or Version 7.0 places and PlaceTypes. v Prior to upgrading places and PlaceTypes, you cannot use existing places or PlaceTypes to create new places or PlaceTypes. v Do not modify or refresh PlaceTypes until after they are upgraded. v When a place is upgraded, the user interface components SiteMapLauncher and MyPlaces are not added to custom themes. Place managers must add these components themselves. For information on user interface components, see the XXX. v A place is locked while it is being upgraded. If you upgrade multiple places at the same time, only one place is locked at a time. v To log server activities related to upgrading places and PlaceTypes, use the notes.ini setting QuickPlaceUpgradeLogging=value, where value is a number from 1 to 4. Enable upgrade logging only temporarily to aid in troubleshooting.
Upgrading all places and PlaceTypes at once

After upgrading the design of databases on the server, you can upgrade all places and PlaceTypes at once. If there is a large amount of data to upgrade, this can take a considerable amount of time, even multiple days, and once begun, the process should not be stopped. If there is a large amount of data to upgrade, consider upgrading places and PlaceTypes incrementally, instead.
4-17
To upgrade all places and PlaceTypes at once, enter the following command from the Domino server console:
load qptool upgrade -a
When the upgrade is finished, the file qptool.upgrade.xml is created by default in the Domino program folder. This file indicates whether the upgrade was successful. It contains the following xml:
<?xml version="1.0"?> <service> <servers> <server> <hostname>servername/hostname> <placetypes/> <places> <place> <name>placename</name> <action_status action="upgrade"> <code>code number(0 if successful)/code> <message>error message(if theres an error)/message> </action_status> </place> </places </server> </servers> </service>
Upgrading places and PlaceTypes incrementally

You can upgrade individual places and PlaceTypes incrementally, for example, if you have many of them to upgrade. Note: If the place used to create a PlaceType still exists, upgrade the place before upgrading the PlaceType. To determine which place was used to create a PlaceType, log in to the server as an administrator, click Work with Templates, click the PlaceType, and see the field Original place used to create this PlaceType. To upgrade places and PlaceTypes incrementally, enter one of the commands described in Table 4-1
Table 4-1. Upgrading places and PlaceTypes incrementally Task Upgrade one place Upgrade multiple places Upgrade one PlaceType Upgrade multiple PlaceTypes Command load qptool upgrade -p place load qptool upgrade -p place place place load qptool upgrade -pt PlaceType load qptool upgrade -pt PlaceType PlaceType PlaceType
When the upgrade is finished, the file qptool.upgrade.xml is created by default in the Domino program folder. This file indicates whether the upgrade was successful. It contains the following xml:
<?xml version="1.0"?> <service> <servers> <server> <hostname>servername</hostname> <placetypes/> <places/> <action_status action="upgrade"> <code>code number(0 if successful)</code> <message>error message(if theres an error)</message>
4-18
</action_status> </server> </servers> </service>
Forcing the upgrade of places and PlaceTypes

You can upgrade places and PlaceTypes that the qptool upgrade command does not normally upgrade. To force the upgrade of places and PlaceTypes, enter one of the commands in the following table. Note: Do not force upgrades when upgrading from a previous release in a clustered server environment. Doing so causes replication conflicts and document duplication.
Table 4-2. Forcing the upgrade of places and PlaceTypes Task Force the upgrade of all places and PlaceTypes on the server Force the upgrade of one place Force the upgrade of multiple places Force the upgrade of one PlaceType Force the upgrade of multiple PlaceTypes Command load qptool upgrade -a -f load qptool upgrade -p place -f load qptool upgrade -p place place place -f load qptool upgrade -pt PlaceType -f load qptool upgrade -pt PlaceType PlaceType PlaceType -f
Unregistering and re-registering places with the Place Catalog

After you have upgraded places and PlaceTypes, unregister and then re-register the places with the Place Catalog. These steps add place fields to the Place Catalog that are new in this release. You can unregister and re-register all places at once or do it incrementally.
Unregistering and re-registering all places at once

To unregister and then re-register all places in the Place Catalog at once, perform the following steps. 1. From the Domino server console, enter the following command to unregister all places:
load qptool unregister -a -placecatalog
2. From the Domino server console, enter the following command to re-register all places:
load qptool register -a -placecatalog
When unregistration or registration is finished, the file qptool.register.xml is created by default in the Domino program directory. This file indicates whether the command was successful, for example:
<?xml version="1.0"?> <service> <servers> <server> <hostname>servername</hostname> <places> <place> <name>placename</name> <action_status action="RegisterInPlaceCatalog"> <code>code number(0 if successful)</code> <message>error message(if theres an error)</message> </action_status> </place> </places> </server> </servers> </service>
4-19
Unregistering and re-registering places incrementally

To unregister and re-register individual places in the Place Catalog, perform the following steps. 1. From the Domino server console, enter the following command to unregister a place or places:
load qptool unregister -p place -placecatalog
Note: You can specify multiple places, separated by spaces. 2. From the Domino server console, enter the following command to re-register the place or places:
load qptool register -p place -placecatalog
When unregistration or registration is finished, the file qptool.register.xml is created by default in the Domino program directory. This file indicates whether the command was successful, for example:
<?xml version="1.0"?> <service> <servers> <server> <hostname>servername</hostname> <places> <place> <name>placename</name> <action_status action="RegisterInPlaceCatalog"> <code>code number(0 if successful)</code> <message>error message(if theres an error)</message> </action_status> </place> </places> </server> </servers> </service>
Clearing the browser cache on offline clients

Microsoft Internet Explorer users who took places offline in a previous release, should perform the following steps to clear the browser cache on their client before installing places offline in the current release. 1. From Internet Explorer, click Tools Internet Options Delete Files . 2. Click Delete all offline content and click OK. 3. Click Tools Internet Options Settings View Objects. 4. Delete the LotusDRSControlClass and the LotusQuickPlaceClass. 5. Re-open the browser.
Upgrading the on-disk structure of places

If you upgraded from IBM Lotus QuickPlace Version 6.5.1, use the IBM Lotus Domino Compact command to compact the databases of existing places from Version 6.5.1. Compacting the databases upgrades their on-disk structure (ODS) from the Lotus Domino 6.5. format to the Lotus Domino 7 format to take advantage of any database performance improvements provided with Lotus Domino 7. Note: Upgrading the database ODS is not necessary if you upgraded from Lotus QuickPlace 7. Perform the following steps to use the Files tab of the Domino Administrator to run the Compact task on the databases of existing places. 1. From the server pane of the Domino Administrator, select the Domino server on which IBM Lotus Quickr runs. 2. Click the Files tab. 3. Select the databases to upgrade.
4-20
4. In the Tools pane at the right, click Database Compact. Or drag the selected database(s) to the Compact tool. 5. Optional: Select options to control how the Compact task runs. 6. Click OK.
Updating Lotus Sametime integration features

After you upgrade a IBM Lotus QuickPlace server to IBM Lotus Quickr Version 8.0, you can then follow the steps below to update the IBM Lotus Sametime awareness, instant messaging, and web conferencing integration in places, if you use those features. Lotus Quickr Version 8.0 supports Lotus Sametime Version 7.5 or later for these integration features. These steps assume that the integration features were operating successfully prior to the upgrade. Note: The integration features described here are separate from the connector for Lotus Sametime that provides access to places from the Lotus Sametime client interface.
Updating integration features after upgrading to Lotus Quickr 8

After you upgrade to IBM Lotus Quickr Version 8.0, perform the following steps to update integration features. 1. To update awareness and instant messaging integration, copy the PeopleOnline31.jar file from the Lotus Quickr server to the Lotus Sametime server as described in the following table. Replace the existing file.
File name PeopleOnline31.jar Copy from On Microsoft Windows, IBM AIX, and Sun Solaris, the QuickPlace subdirectory of the Lotus Quickr server data directory. For example: On Windows: C:\Lotus\Domino\Data\ QuickPlace\PeopleOnline31.jar On AIX and Solaris: /opt/notesdata/QuickPlace/ PeopleOnline31.jar On IBM i5/OS the following directory: /qibm/proddata/lotus/quickplace/ DATA/QUICKPLACE/ PeopleOnline31.jar Copy to \Domino\html\QuickPlace\ peopleonline subdirectory of the Lotus Sametime server data directory.
2. (i5/OS only) Enter the following command to ensure that QNOTES is still the owner of the file:
CHGOWN OBJ(<ST_server_data_dir>/Domino/html/QuickPlace/peopleonline/*) NEWOWN(QNOTES)
3. Start the LDAP directory server, then start the IBM Lotus Sametime server, and then IBM Lotus Quickr server.
Updating integration features if you upgrade to Lotus Sametime

If you have upgraded to IBM Lotus Sametime Version 7.5 or later, after the upgrade, perform the following steps to update the awareness and instant messaging integration and the Web conferencing (Lotus Sametime meeting) integration. 1. To update the awareness and instant messaging integration after the Lotus Sametime upgrade:
4-21
a. Download the Lotus Sametime Software Development Kit (SDK) Version 7.5x to a convenient directory. This directory does not have to be on the Lotus Sametime server. You can find the kit at the IBM developerWorks web site at http://www.ibm.com/developerworks/lotus/downloads/ toolkits.html. b. Extract the download file to a convenient directory. c. Copy the files listed below to the QuickPlace\peopleonline subdirectory on the Lotus Sametime server:
File name STComm.jar Copy from client\stjava\bin subdirectory of the extracted SDK Copy to \Domino\html\QuickPlace\ peopleonline subdirectory of the Lotus Sametime server data directory \Domino\html\QuickPlace\ peopleonline subdirectory of the Lotus Sametime server data directory
CommRes.jar
client\stjava\bin subdirectory of the extracted SDK
d. (IBM i5/OS only) Enter the following command to ensure that QNOTES is the owner of each of the files:
CHGOWN OBJ(<ST_server_data_dir>/Domino/html/QuickPlace/peopleonline/*) NEWOWN(QNOTES)
2. To upgrade the Web conferencing integration after the Lotus Sametime upgrade: a. Open the notes.ini file on the IBM Lotus QuickPlace server. b. Edit the JavaUserClassesExt setting in the notes.ini file. If upgrading from Lotus QuickPlace 6.5.1, note that the entries for the xercesImpl.jar, xalan.jar, xml-apis.jar, and ibmjsee.jar files are no longer needed for Lotus Sametime releases after 6.5.1 and should be removed: v (Microsoft Windows) Edit the JavaUserClassesExt setting so it appears as follows; where a path is indicated, substitute your own Domino program directory path.
JavaUserClassesExt=QPJC1,QPJC2,QPJC3,QPJC4 QPJC1=C:\PROGRAM FILES\LOTUS\DOMINO\quickplace.jar QPJC2=C:\PROGRAM FILES\LOTUS\DOMINO\log4j-118compat.jar QPJC3=C:\PROGRAM FILES\LOTUS\DOMINO\STCore.jar QPJC4=C:\PROGRAM FILES\LOTUS\DOMINO\STMtgManagement.jar
v (IBM AIX) Edit the JavaUserClassesExt setting so it appears as follows; where a path is indicated, substitute your own Domino program directory path.
JavaUserClassesExt=QPJC1,QPJC2,QPJC3,QPJC4 QPJC1=/opt/lotus/notes/<latest>/ibmpow/quickplace.jar </latest> QPJC2=/opt/lotus/notes/<latest>/ibmpow/log4j-118compat.jar </latest> QPJC4=/opt/lotus/notes/<latest>/ibmpow/STMtgManagement.jar </latest>
v (Sun Solaris) Edit the JavaUserClassesExt setting so it appears as follows; where a path is indicated, substitute your own Domino program directory path.
JavaUserClassesExt=QPJC1,QPJC2,QPJC3,QPJC4 QPJC1=/opt/lotus/notes/<latest>/sunspa/quickplace.jar QPJC2=/opt/lotus/notes/<latest>/sunspa/log4j-118compat.jar QPJC3=/opt/lotus/notes/<latest>/sunspa/STCore.jar QPJC4=/opt/lotus/notes/<latest>/sunspa/STMtgManagement.jar
v (i5/OS) Edit the JavaUserClassesExt setting so it appears as follows. The path name shown is the recommended one for storing the STCore.jar and STManagement.jar files. If currently you use a different directory, you can continue to use it or you can copy the files to the recommended directory.
JavaUserClassesExt=LQPJava1,LQPJava2,LQPJava3,LQPJava4 LQPJava1=/QIBM/ProdData/Lotus/QuickPlace/quickplace.jar LQPJava2=/QIBM/ProdData/Lotus/QuickPlace/log4j-118compat.jar LQPJava3=/QIBM/UserData/Lotus/QuickPlace/STCore.jar LQPJava4=/QIBM/UserData/Lotus/QuickPlace/STMtgManagement.jar
4-22
c. Save and close the notes.ini file. d. Copy files from the Lotus Sametime server to the Lotus Quickr server, as indicated in the following tables: On Windows
File STMtgManagement.jar Copy from Domino program directory of the Lotus Sametime server, for example: C:\Program Files\Lotus\Domino STCore.jar Domino program directory of the Lotus Sametime server. Domino program directory of the Lotus Sametime server. Domino program directory of the Lotus Sametime server. Copy to Domino program directory of the Lotus Quickr server, for example: C:\Program Files\Lotus\Domino Domino program directory of the Lotus Quickr server. Domino program directory of the Lotus Quickr server. Domino program directory of the Lotus Quickr server.
ServiceLocator.properties
sametime.ini
On AIX:
File STMtgManagement.jar Copy from Domino program directory of the Lotus Sametime server, for example: /opt/lotus/notes/<latest>/ibmpow/ STCore.jar Domino program directory of the Lotus Sametime server. Copy to Domino program directory of the Lotus Quickr server, for example: /opt/lotus/notes/<latest>/ibmpow/ Domino program directory of the Lotus Quickr server.
Lotus Sametime server data directory, Lotus Quickr server data directory, for example: for example: /opt/notesdata /opt/notesdata
sametime.ini
Lotus Sametime server data directory. Lotus Quickr server data directory.
On Solaris:
File STMtgManagement.jar Copy from Domino program directory of the Lotus Sametime server, for example: /opt/lotus/notes/<latest>/sunspa/ STCore.jar Domino program directory of the Lotus Sametime server. Copy to Domino program directory of the Lotus Quickr server, for example: /opt/lotus/notes/<latest>/sunspa/ Domino program directory of the Lotus Quickr server.
4-23
File ServiceLocator.properties
Copy from
Copy to
sametime.ini
On i5/OS:
File STMtgManagement.jar Copy from The following directory on the system where you installed Lotus Sametime: /qibm/proddata/lotus/sametime Copy to The directory specified in the JavaUserClassesExt setting in Step 2b on the system where you installed Lotus Quickr, for example: /QIBM/UserData/Lotus/ QuickPlace/ STCore.jar The following directory on the system where you installed Lotus Sametime: /qibm/proddata/lotus/sametime ServiceLocator.properties sametime.ini Lotus Sametime server data directory. Lotus Quickr server data directory. Lotus Sametime server data directory. Lotus Quickr server data directory. The directory specified in the JavaUserClassesExt setting in Step 2b.
e.
(IBM i5/OS only) Use the CHGOWN command to change the owner of the files copied in the previous step to QNOTES. For example, enter the following commands:
CHGOWN OBJ(/qibm/userdata/lotus/quickplace/ST*) NEWOWN(QNOTES) CHGOWN OBJ(<QP_server_data_directory>/sametime.ini) NEWOWN(QNOTES) CHGOWN OBJ(<QP_server_data_directory>/ServiceLocator.properties) NEWOWN(QNOTES)
Verifying that Lotus Sametimeintegration is working

Verify the integration. Perform the following steps: 1. Start the LDAP directory server, then start the IBM Lotus Sametime server, and then IBM Lotus Quickr server. 2. To verify that awareness is working, sign on to a place as an external member and check for the awareness icon next to your sign on name. 3. To verify that instant messaging is working, click the Members link in the Table of Contents, click an online members name and start a chat. 4. If Web conferencing is configured, test that members can schedule online meetings. Click Calendar, click Create, click Online Meeting, fill in the relevant fields, and click Create. Users who subscribe to calendar events should receive an invitation in their mail, with a link to the meeting.
4-24
Changing the server URL root

New installations of IBM Lotus Quickr use /LotusQuickr in the server URL root, for example http://qkr.acme.com/LotusQuickr. If you upgrade to Lotus Quickr 8, /QuickPlace is used by default in the URL root. You can change the server URL root to /LotusQuickr, if you desire. Perform the following steps. It is important to follow these steps carefully, otherwise the HTTP server may crash or the Lotus Quickr server will not be recognized. Note: This procedure assumes that the path to domino_data_root is C:\Lotus\Domino\data. If you use a different data directory, substitute your path; for non-Windows platforms, specify the exact character case. 1. After Lotus Quickr 8 installation, start the Lotus Quickr server. Wait until startup completes and the HTTP task is running. 2. Shut down the Domino server. You must shut down the entire server, not just the HTTP task. 3. Rename the directory C:\Lotus\Domino\data\QuickPlace\ to C:\Lotus\Domino\data\LotusQuickr\. 4. Rename the directory C:\Lotus\Domino\data\LotusQuickr\quickplace\ to C:\Lotus\Domino\data\ LotusQuickr\lotusquickr\. 5. Create the following directories:
C:\Lotus\Domino\data\QuickPlace\ C:\Lotus\Domino\data\QuickPlace\AreaTypes\
6. Copy the file HaikuCommonForms.ntf, located in the directory C:\Lotus\Domino\data\LotusQuickr\ AreaTypes\, to the directory C:\Lotus\Domino\data\QuickPlace\AreaTypes\. 7. Open the notes.ini file in the domino_server_root directory with a text editor. 8. Specify the following settings, replacing the existing QuickPlace values:
QuickPlaceSubdirectory=LotusQuickr DisableUserCacheForUrl=/LotusQuickr/ DisableUserLookupForUrl=/LotusQuickr/
9. Close and save the file. 10. Start the Lotus Quickr server.
Moving a place from an older-release server to a current-release server

You can move a place from an IBM Lotus QuickPlace 6.5.1 or 7.0 server to an IBM Lotus Quickr 8 server. Perform the following steps: Note: These steps describe moving a single place, but you can instead move all places on a server. To do so, substitute the -p placename arguments in the steps below with the -a argument. 1. Enter the following command to make an archive copy of the place before you move it:
load qptool archive -p placename -dir directory
2. Use a file system command to copy the places directory and contents from the domino_data_root\ QuickPlace directory on the original server to the domino_data_root\LotusQuickr directory on the target server. 3. Enter the following command on the Lotus Quickr 8 server to unlock the place you copied:
load qptool unlock -p placename
4. Enter the following command on the Lotus Quickr 8 server to upgrade the place:
load qptool upgrade -p placename
5. Enter the following command on the Lotus Quickr 8 server to update the places information in the place and in the Place Catalog:
load qptool register -p placename -install
6. Enter the following command to delete the place from the original server:
4-25
load qptool remove -p placename
7. Run the Domino server compact task on the places databases on the Lotus Quickr server. This step upgrades the database format and results in improved performance. For more information on upgrading databases, see Domino Administrator Help. If the original and target servers use different user directories, and the external members of a place have different distinguished names in each directory, use the qptool changemember or changehierarchy command to change the names in the place so these users can continue to access it. Related tasks Upgrading to Lotus Quickr 8 on page 4-11 Follow the steps below in the order indicated to upgrade IBM Lotus QuickPlace Version 6.5.1 or 7.0 to IBM Lotus Quickr Version 8.0. The process of upgrading a server and places is separated into independent stages. This separation minimizes the downtime required to upgrade. After you upgrade a server, you can choose to upgrade places and PlaceTypes to enable new features in them when it is convenient. Users can continue to work in their existing places before you upgrade places and PlaceTypes, and can continue to create new places and PlaceTypes, as long as they do not use existing places or PlaceTypes to create them. The existing places remain available except when they are locked for the relatively short time when they are being upgraded.
Enabling the Domino Servlet Engine

After you have installed or upgraded to IBM Lotus Quickr, enable the Domino Servlet Engine. This step enables place managers to use place administration actions, such as qptool lock and unlock from My Places Show Usage Statistics. Note: To use this feature you must configure the server to use single sign-on authentication. Perform the following steps: 1. From IBM Lotus Notes or the Domino Administrator, open the Domino Directory (names.nsf) on the server. 2. Open the Server document. 3. Click Internet Protocols Domino Web Engine. 4. Below Java Servlets, select Domino Servlet Manager in the Java servlet support field. 5. Save and close the document. Related tasks Installing on Windows on page 4-1 Perform the following steps to install IBM Lotus Quickr on a Microsoft Windows system. Installing on AIX or Solaris on page 4-2 Perform the following steps to install IBM Lotus Quickr on an IBM AIX or Sun Solaris system. Installing on IBM i5/OS on page 4-3 This section provides instructions on how to install IBM Lotus Quickr on IBM i5/OS. Upgrading to Lotus Quickr 8 on page 4-11 Follow the steps below in the order indicated to upgrade IBM Lotus QuickPlace Version 6.5.1 or 7.0 to IBM Lotus Quickr Version 8.0. The process of upgrading a server and places is separated into independent stages. This separation minimizes the downtime required to upgrade. After you upgrade a server, you can choose to upgrade places and PlaceTypes to enable new features in them when it is convenient. Users can continue to work in their existing places before you upgrade places and PlaceTypes, and can continue to create new places and PlaceTypes, as long as they do not use existing places or PlaceTypes to create them. The existing places remain available except when they are locked for the relatively short time when they are being upgraded. Related information
4-26
Configuring multi-server single sign-on authentication on page 11-1 With multi-server single sign-on, users can log in to a server once and during that session access servers enabled for single sign-on in the DNS domain without providing names and passwords again.
Enabling UTF-8 character encoding for non-English server versions

If you use any non-English version of the IBM Lotus Quickr server, you must set up the server to generate output using UTF-8 encoding so that page content displays correctly in non-English languages. Perform the following steps: 1. From IBM Lotus Notes or the Domino Administrator, open the Lotus Domino Directory (names.nsf) on the server. 2. Open the Server document for the server and click Edit Server. 3. Click Internet Protocols Domino Web Engine. 4. In the Character Set section, select Yes in the Use UTF-8 for output field. 5. Click Save & Close. 6. Enter the following command at the server console to restart the HTTP task:
restart task http
Related tasks Installing on Windows on page 4-1 Perform the following steps to install IBM Lotus Quickr on a Microsoft Windows system. Installing on AIX or Solaris on page 4-2 Perform the following steps to install IBM Lotus Quickr on an IBM AIX or Sun Solaris system. Installing on IBM i5/OS on page 4-3 This section provides instructions on how to install IBM Lotus Quickr on IBM i5/OS. Upgrading to Lotus Quickr 8 on page 4-11 Follow the steps below in the order indicated to upgrade IBM Lotus QuickPlace Version 6.5.1 or 7.0 to IBM Lotus Quickr Version 8.0. The process of upgrading a server and places is separated into independent stages. This separation minimizes the downtime required to upgrade. After you upgrade a server, you can choose to upgrade places and PlaceTypes to enable new features in them when it is convenient. Users can continue to work in their existing places before you upgrade places and PlaceTypes, and can continue to create new places and PlaceTypes, as long as they do not use existing places or PlaceTypes to create them. The existing places remain available except when they are locked for the relatively short time when they are being upgraded.
Modifying TCP/IP registry settings on Windows servers

If your IBM Lotus Quickr server runs on Microsoft Windows, you must modify specific TCP/IP registry parameters to ensure good performance. Adjust values for the following Windows TCP/IP registry parameters on the server: v TcpTimedWaitDelay v MaxUserPort v TcpWindowSize v MaxFreeTcbs v MaxHashTableSize For detailed information on these parameters, see the section TCP/IP registry optimizations in the IBM Redbook, Tuning Windows Server 2003 on IBM System x Servers at http://www.redbooks.ibm.com/ redpapers/pdfs/redp3943.pdf. Here are sample values for these parameters:
4-27
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters] "TcpTimedWaitDelay"=dword:0000001e "MaxUserPort"=dword:0000fffe "TcpWindowSize"=dword:0000ffff "MaxFreeTcbs"=dword:00011940 "MaxHashTableSize"=dword:0000ffff
Related tasks Installing on Windows on page 4-1 Perform the following steps to install IBM Lotus Quickr on a Microsoft Windows system.
4-28
Installing connectors
Connectors enable your users to work with documents on an IBM Lotus Quickr server from IBM Lotus Notes, IBM Lotus Sametime, Microsoft Windows Explorer, and Microsoft Office applications. Users install connectors themselves. Administrators can control which servers are available for collaborative connector installations, which are installations user initiate by sending others links to connector download locations.
Configuring collaborative installations

Users of the connector for Lotus Sametime and the connector for Lotus Notes can invite others to download the connectors by sending URL links to the servers to use for the downloads. You can configure which servers to use for these collaborative installations. By default, any IBM Lotus Quickr server can be used for collaborative installations. In this case a servers fully-qualified URL download location is constructed automatically from the servers relative URL. If your environment uses a reverse proxy to handle server requests and you want to allow collaborative installations, you should use this default configuration. You can change the default behavior and specify that collaborative installations occur from a different server. For example, if you use multiple servers, you might allow collaboration installations from only one of them. You can also disable collaborative installations altogether. Note that collaborative installation configuration does not effect the ability to download connectors in the standard way through direct server access. Perform the following steps: 1. Open the qpconfig.xml file in the domino_data_root directory, or create the file if it does not exist already. 2. Perform one of the following steps v To use a different server for collaborative installations, specify the following settings:
<webservices enabled="true"> <connector_install_url>http://value/qkrconn.msi</connector_install_url> </webservices>
where value is the fully-qualified host name of a Lotus Quickr server to use. v To prevent collaborative installations from a particular server, leave the connector_install_url element blank:
<webservices enabled="true"> <connector_install_url></connector_install_url> </webservices>
3. Save the modified file. 4. Enter the following command at the server console to restart the HTTP task:
restart task http
For example, to use the server quickr.acme.com for collaborative installations, specify the following settings:
<webservices enabled="true"> <connector_install_url>http://quickr.acme.com/qkrconn.msi</connector_install_url> </webservices>
Related concepts
5-1
Whats new? on page 4-11 Read about the new features in this release. Related information Creating and using the qpconfig.xml file on page 6-3 You use an XML configuration file, qpconfig.xml file, to perform many server configuration tasks. The server comes with a sample file, qpconfig_sample.xml, which is installed in the server data directory and which you use as a template.
5-2
Part 4. Configuring services for Lotus Domino

Configure services for Lotus Domino to suit the needs of your organization and environment.
Understanding the basics

To get going with server configuration and administration, first understand how to stop and start the server and understand the administration tools available to you.
Starting Lotus Quickr

You start IBM Lotus Quickr by starting the IBM Lotus Domino server on which it is installed. Follow the procedure appropriate for your operating system.
Starting Lotus Quickr on Windows

To start IBM Lotus Domino and IBM Lotus Quickr on Microsoft Windows, double click the Lotus Domino Server icon on the Desktop.
Starting Lotus Quickr on AIX or Solaris

Start IBM Lotus Quickr by entering a command at the command prompt. Perform the following steps: 1. Log in as the administrator specified during server installation. 2. Navigate to the Domino data directory. 3. Enter one of the following commands: v To run the server console in the background enter:
<Domino program directory>/bin/server &
v To run the server console in the foreground enter:

<Domino program directory>/bin/server
For example, if you used the default Domino program directory and want to run the server console in the background, enter:
/opt/ibm/lotus/bin/server &
Starting Lotus Quickr on i5/OS

Enter a command at the command line to start IBM Lotus Quickr.You must have *JOBCTL special authority to perform this task. Tip: You can also perform this task using iSeries Navigator. For more information, see Installing and Managing Domino 7 for i5/OS. Perform the following steps: 1. On any IBM i5/OS command line, type the following command and press Enter:
wrkdomsvr
2. On the Work with Domino Servers display, type 1 in the Opt column next to the Lotus Quickr server you wish to start and press Enter. 3. If the server is password protected, type 8 next to the Lotus Quickr server to work with the console, and press Enter. 4. Enter the password at the appropriate prompt. 5. Press F3 to exit the console.
6-1
Tip: You can also start the server by entering STRDOMSVR SERVER(servername) where servername is the name of the Lotus Quickr server. 6. Periodically press F5 to refresh your screen and wait for the server status to be *STARTED. Note: Starting the server may take a few minutes. You can verify that the HTTP task and the Lotus Quickr task have started by displaying the console, which is option 5 from the Work with Domino Servers display. 7. You can verify that the Lotus Quickr server has started by using a Web browser to access the server home page at the following URL: http://DominoServerName:port/Quickr where DominoServerName is the fully qualified host name of the Lotus Domino server and port is the TCP/IP port number. Note: Specifying a port number is only required if the port defined for Lotus Quickr is not the default port 80.
Stopping Lotus Quickr

To stop IBM Lotus Quickr, follow the procedure appropriate for your operating system.
Stopping Lotus Quickr on Windows, AIX, or Solaris

Use a server console command to stop the server. Enter either of the following commands at the IBM Lotus Dominoserver console:
exit
or
quit
Stopping Lotus Quickr on i5/OS

Enter a command at the command line to stop the server. You must have *JOBCTL special authority to perform this task. Tip: You can also perform this task using iSeries Navigator. For more information, see Installing and Managing Domino 7 for i5/OS. Perform the following steps: 1. On any i5/OS command line, type the following command and press Enter:
WRKDOMSVR
2. On the Work with Domino Servers display, type 6 in the Opt column next to the IBM Lotus Quickr server and press Enter. Note: This will stop the server in a controlled state. 3. Press Enter to confirm your server selection. Tip: You can also stop the server by entering the following command: ENDDOMSVR SERVER(servername) where servername is the name of the Lotus Quickr server. 4. Periodically press F5 to refresh your screen and wait for the server status to be *ENDED. Note: Stopping the server may take a few minutes. You can verify that all server jobs have ended by viewing the Work with Active Jobs display, which is option 9 from the Work with Domino Servers display.
6-2
5. From the Work with Domino Servers display, record the subsystem that is used by the Lotus Quickr server. 6. On the command line, type the following command and press Enter:
WRKSBS
7. In the Opt column next to the subsystem you recorded in step 5, type 4 and press Enter to end the subsystem. 8. Press Enter to confirm your subsystem selection. 9. Press Enter again to return to the Work with Domino Servers display.
Understanding administration tools

To configure and administer the server, use qpconfig.xml file settings, qptool commands, the Site Administration link on the server home page, and notes.ini file settings specific to IBM Lotus Quickr. In addition to these, you may need to perform IBM Lotus Domino server configuration tasks, for example, to set up mail routing.
Creating and using the qpconfig.xml file

You use an XML configuration file, qpconfig.xml file, to perform many server configuration tasks. The server comes with a sample file, qpconfig_sample.xml, which is installed in the server data directory and which you use as a template. The qpconfig_sample.xml file describes the available settings and their default values, and provides sample XML that you can customize to suit your needs. Note: All servers in a cluster should use the same qpconfig.xml settings. To create and use the qpconfig.xml file, perform the following steps: 1. Make a copy of qpconfig_sample.xml and name it qpconfig.xml. 2. Open the qpconfig.xml file using a text editor. 3. Locate the section of settings that you want to customize, for example:
Place Catalog =============
4. Remove the following two lines from the located section, to enable the sample settings between the lines
<!-=================== START OF SAMPLE ====================== =================== END OF SAMPLE ======================== -->
5. Modify the sample settings as needed. For example, to configure a server to use a Place Catalog on the remote server, qkcat/acme, change the sample values from this:
<place_catalog enabled="true" log_level="0"> <connection_pool size="8"/> <place_catalog_servers> <server> <domino_server_name>qpcat/IBM</domino_server_name> <nsf_filename>PlaceCatalog.nsf</nsf_filename> </server> </place_catalog_servers> </place_catalog>
to this:
<place_catalog enabled="true" log_level="0"> <connection_pool size="8"/> <place_catalog_servers> <server> <domino_server_name>qkcat/acme</domino_server_name>
6-3
<nsf_filename>PlaceCatalog.nsf</nsf_filename> </server> </place_catalog_servers> </place_catalog>
6. Close the file and save it in the server data directory, for example, save it in C:\Program Files\Lotus\Domino\Data. 7. Type the following command to restart the HTTP task so that the server recognizes the changes:
restart task http
Related concepts Sample user directory settings on page 8-14 If IBM Lotus Quickr control directory services, the following qpconfig.xml customizations are examples of ones you might use on Sun Java System Directory Server Server or IBM Tivoli Directory Server. Related tasks Configuring the qpconfig.xml file for online meetings on page 12-9 Specify online meeting settings in the qpconfig.xml file on the Lotus Quickr server. Using qpconfig.xml settings to configure notifications on page 14-9 Use the qpconfig.xml file to specify a variety of user notification settings. For example use qpconfig.xml settings to specify the text displayed in the password prompt of place invitations or to specify whether notifications sent to groups show the members of the groups. Using Lotus Quickr login passwords for offline use on page 13-11 Use the qpconfig.xml file to enable users to use their IBM Lotus Quickr login passwords when they log in to any offline places so they do not have to remember a separate password for each offline place. Customizing searches for login names on page 8-9 When an external member logs in to a place, by default the server searches the cn, uid, and shortname attributes in the LDAP directory for matches to the login name. You can use the qpconfig.xml file to specify other attributes for which to search. Customizing the search hint in the directory lookup interface on page 8-12 By default the directory lookup interface prompts users to search for user names by typing last name, first name. If you have customized the user lookup search, also customize the search hint to reflect the change. Customizing the search used to determine group membership on page 8-11 After the server authenticates a user, it searches for all the groups of which the user is a member, in order to determine user access to places through group membership. By default the server searches for the users names in the member attribute of groups defined as as objectclass=groupOfNames You can use the qpconfig.xml file to specify a different attribute for which to search and a different group object class definition. Customizing the search base used for group searches on page 8-14 By default, the search base you specify when you connect to an LDAP directory server is used for both user and group searches. You can use the qpconfig.xml file to specify a search base specifically for group searches. Customizing the group lookup search on page 8-10 When someone types the name of a group in the directory lookup interface to search for a group name to add as a place member, by default the server searches for the group name in the cn attribute of groups defined as objectclass=groupOfNames You can use the qpconfig.xml file to specify a different attribute for which to search and a different group object class definition. Customizing SSL connections on page 8-15 If you selected the option Check for SSL connection with LDAP user directory when you set up the connection to the LDAP directory server, optionally use qpconfig.xml settings to customize the Secure Sockets Layer (SSL) connection.
6-4
Customizing search filters on page 8-8 If IBM Lotus Quickr control directory services, you can use the qpconfig.xml file to customize the attributes it looks for during various types of searches. Customizing the display of search results on page 8-13 By default, when a user searches for users in the directory, the search results show the values for the sn and givename attributes in the first column, distinguished names in the second column, and the sn attribute in the range field at the top of the search results box. To display different attribute values, change the values for the member_lookup_ui and search_ui_index elements in the qpconfig.xml file. Opening places in a new browser window on page 15-1 Places opened through My Places open in the current browser window, by default. Use the qpconfig.xml file to open places accessed through My Places in a new browser window, instead. Disabling page compression on page 14-7 By default IBM Lotus Quickr compresses the content in HTML pages it transmits to clients if the browser supports compression. If the browsers in your environment do not support page compression, you can use the qpconfig.xml file to disable it. Specifying who has super user access from a browser on page 11-8 Use the qpconfig.xml file to specify who has super user access to the server when accessing it from a browser. You can specify only one name as a super user, either an external user or an external group name. Blocking HTML attachments that contain cross-site scripts on page 11-14 By default, users can attach HTML files that contain cross-site scripts to posts. Cross-site scripts can run on other users browsers. For tighter security, use the qpconfig.xml file to prevent users from attaching HTML files that contain cross-site scripts. Hiding the Work Offline link from users on page 13-12 At times you might want to hide the Work Offline link to prevent users from installing places offline, for example, during server maintenance. Using a custom application for My Places on page 15-2 Use the qpconfig.xml file to specify a URL to call a custom portal application for displaying My Places. Customizing the user lookup search on page 8-9 When someone types a name in the directory lookup interface to search for name to add as a place member, by default the server expects a last name, optionally followed by a comma (,) and first name, and searches for the last name in the sn attribute and the first name in the givenname attribute. By default the server also assumes that names are found in entries defined as objectclass=person. You can use the qpconfig.xml file to specify other attributes for which to search and a different object class definition. Customizing the attributes displayed for users and groups on page 8-8 Users and groups in an LDAP directory are described by a variety of attributes. For example, the value for a users first name is often stored as the givenname attribute and the last name as the sn (surname) attribute. Not all LDAP directories define attributes in the same way. Preventing caching of pages that contain data on browsers on page 11-16 By default, the server caches on browsers all IBM Lotus Quickr pages that users access. As a security measure, use the qpconfig.xml file to allow the server to cache only pages that do not contain data. Blocking specific protocols referenced in link URLs on page 11-14 By default, the server posts pages that contain links without considering the protocols specified in the link URLs. For tighter security, use the qpconfig.xml file to prevent the server from posting pages with URL links that reference specific protocols. Enabling or disabling context menus or document drag-and-drop on page 14-1 You can use the qpconfig.xml file to control the extent to which context menus are enabled in the user interface. Context menus are menus that are available from documents, folders, user names, and My Places by hovering over a drop-down arrow. You can also enable or disable the ability to drag and drop documents in folders. Context menus and document drag-and-drop are enabled by default.
6-5
Displaying user images and user information in user context menus on page 14-2 The Lotus Quickr user interface provides context menus next to member names. You can use the qpconfig.xml file to display images and LDAP directory attributes of external members in these context menus. The images are accessed through a Web service URL that you specify. Specifying a footer that appears on all pages on page 14-2 You can use the qpconfig.xml file to specify an HTML footer to display on the bottom of all pages in all places on the server. For example you might specify a corporate logo, administrative message, or corporate disclaimer. Clearing Lotus Quickr files from the Internet Explorer cache on page 11-15 As a security measure, configure the server to clear the IBM Lotus Quickr files (files from any URL that contains /quickplace/ or /quickr/ ) from the browser cache when users click Log Out from places. This feature is supported for Internet Explorer only. Hiding the Log In and Log Out links on page 11-15 After a user logs in to a place, the interface displays the Log Out link, and when the user logs out, the Log In link. You can hide the Log In and Log Out links after a user logs in. You might want to do this if single sign-on is enabled on the server, or if the server is running on a public pedestal, for example, at a trade show. Setting up the Place Catalog for a cluster on page 10-3 To ensure that a shared Place Catalog works properly for servers in a cluster, replicate the Place Catalog on the Place Catalog server to the other IBM Lotus Quickr servers in the cluster, and specify the details of the cluster environment in the qpconfig.xml file of each server in the cluster. All servers in a cluster should use the same qpconfig.xml settings. Preventing the use of connectors on page 12-1 Connectors are available for use by default, but you can prevent them from being used. Displaying CGI variables in HTML source pages on page 14-7 By default, IBM Lotus Quickr HTML source pages viewed through a browser do not display Common Gateway Interface (CGI) variables because they contain potentially sensitive information, for example information about the remote host and its users. However, you can enable the display of CGI variables, for example if you want to copy the variables from the source pages for use in custom applications. Configuring the Place Catalog on page 9-1 The Place Catalog is a database that collects information about IBM Lotus Quickr places and servers. A local Place Catalog is enabled by default on each Lotus Quickr server. You can customize the Place Catalog configuration, for example, set up a Place Catalog server, which is a server with a Place Catalog that multiple servers share. Enabling expanded membership on the server on page 11-11 To enable expanded membership on the server, use the qpconfig.xml file. Configuring collaborative installations on page 5-1 Users of the connector for Lotus Sametime and the connector for Lotus Notes can invite others to download the connectors by sending URL links to the servers to use for the downloads. You can configure which servers to use for these collaborative installations. Configuring cross-place searching on page 18-1 Configure cross-place searching to enable external place members to use the advanced search feature to search multiple places. Translating LDAP distinguished names for offline use on page 13-7 Domino recognizes only distinguished names that contain the traditional Domino CN,OU, O, and (optionally) C components. If the distinguished names of external members in an LDAP directory do not follow this model and you use Domino Off-Line Services with IBM Lotus Quickr, you must use qpconfig.xml settings to translate users names into a format that Domino recognizes, and then translate those names back into their original LDAP format. Related information A second cn component in distinguished name is preventing user authentication on page 36-1
6-6
In a third-party authentication environment, users with multi-character delimiters in their names are unable to authenticate on page 36-2 In a third-party authentication environment, users with non-standard names are unable to authenticate on page 36-1
Using qptool
qptool is a server task that you run with commands and associated arguments to perform a variety of administration tasks related to managing places and place membership. You can run qptool from the IBM Lotus Quickr server console or from an operating system command prompt. Use qptool while the server is running. Perform the following steps to run qptool from the server console:
load qptool [command] [arguments]
Perform the following steps to run qptool from the command prompt: 1. Navigate to the Domino program directory (the root installation directory). For example, navigate to C:\Program Files\Lotus\Domino. 2. Enter one of the following commands: v On Microsoft Windows:
nqptool [command] [argument]
v On IBM AIX or Sun Solaris:

qptool [command] [argument]
v On IBM i5/OS:
qptool server [servername][command] [arguments]
where [servername] is the name of the Lotus Quickr vserver. For example, to lock a place called place1 by running qptool from the server console, enter the following command:
load qptool lock -p place1
The Place Catalog reflects changes that result from qptool commands. You can also run qptool from a batch file or other program.
Using the Site Administration link

When you log in to the server as an IBM Lotus Quickr administrator, you have access to the Site Administration link on the home page. From there you can set up a connection to a user directory, control access to the server, as well as specify other configuration options. Perform the following steps to use the Site Administration link. 1. Open a browser and enter the servers host name appended by /LotusQuickr. For example:
http://servername.enterprise.com/LotusQuickr
2. Click Login and type a Lotus Quickr server administrator user name and password, for example, the name and password of the local administrator created during installation. 3. Click Site Administration. 4. Click Security to control access to the server, for example, to control who can create places and who can use Site Administration to perform administration tasks. 5. Click User Directory to connect to a user directory to maximize the features that are available to you and to make user management easier. 6. Click Other Options to perform any of the following configuration tasks:
6-7
Disable support for ActiveX file attachment and import features. Disable support for Java applet rich text features. Disable form agents (PlaceBots). Change the maximum allowed attachment size. Connect to IBM Lotus Sametime servers to enable Lotus Sametime features in places. Specify an offline passthru server or specify an alternate download location for installation of the offline client software. v Configure an email URL prefix. v Disable calendar subscriptions. Related information Configuring access to the server on page 11-5 A user with administrator access controls who has administrator access to the IBM Lotus Quickr server, who can create places on the server, and who has super user access to the server. v v v v v v User directories on page 8-1 When you set up directory services to connect the server to a user directory, administrators and place managers can add members to places by selecting names from the directory. Without a user directory, they must instead register local members in the membership database (Contacts1.nsf) of individual places. Disabling ActiveX on page 14-6 ActiveX controls are enabled by default, providing Internet Explorer users with additional file attachment and file import features. You can disable ActiveX controls. You might want to do this, for example, if you do not allow user installation of ActiveX controls and want to prevent users from seeing the prompt to install them, or if you want to provide a homogenous user experience for all browser users. Disabling Java applets on page 14-7 Java applets, enabled on the server by default, allow users who do not use Internet Explorer to use rich text controls (bold, italic, and so forth) when editing. You can disable Java applets on the server. Disabling form agents (PlaceBots) PlaceBots, known as agents in IBM Lotus Domino, are enabled by default. Place managers can import PlaceBots in custom forms, to run when pages are created from the forms. You can disable form PlaceBots, for example, for tighter security. Changing the maximum allowed attachment size on page 14-5 You can change the maximum size allowed for file attachments. By default, attachments can be no larger than 50MB. You can also remove the maximum attachment size restriction, and allow only system limitations, for example, IBM Lotus Domino attachment size limits or available disk space, to restrict attachment size. Enabling Lotus Sametime features in places on page 12-2 You can enable the awareness, instant messaging, and Web conferencing (meeting) features of IBM Lotus Sametime in places. Then members of a place can see when other members are online, chat with other members, and schedule and participate in online meetings with other members all from within the place. Setting up Lotus Quickr for offline use on page 13-1 Domino Off-Line Services provides the means for users to take places offline, make changes to the places, and then synchronize the changes with the online version on the server. A user must be an individual member of a place to take it offline; users who access a place through group membership cannot take places offline. Configuring an email URL prefix when using a gateway server on page 14-9 Use the Site Administration link to specify an alternate email URL prefix if the server is accessed through a gateway server. The prefix is used in place links displayed in outgoing e-mail messages.
6-8
Disabling calendar subscriptions on page 14-9 By default, place members have subscriptions to receive e-mails that are integrated with their personal calendars. You can use the Site Administration link to disable these subscriptions.
Using the notes.ini file

Use the notes.ini file, automatically installed in the server program directory, to configure Web page cache settings, offline settings, temporary logging settings to aid in troubleshooting, and miscellaneous other settings. Perform the following steps to specify a setting in the notes.ini file: 1. Open the notes.ini file in the server program directory, for example, C:\Program Files\Lotus\Domino. 2. Add or modify the setting. 3. Make sure there is a blank line at the end of the file. If there is not a blank line, press Enter to add one. 4. Close and save the modified file. 5. Enter the following command at the server console to restart the server so the change takes effect:
restart server
6-9
6-10
Performing i5/OS-specific configuration tasks

IBM Lotus Quickr for i5/OS provides additional functions that enable you to change server properties and to change language dictionaries.
Changing Lotus Quickr server properties on i5/OS

After you create an IBM Lotus Quickr server, you can change many of the properties that you originally specified. You must have *JOBCTL special authority to perform this task. Perform the following steps: 1. Stop the server that you want to modify. 2. On any i5/OS command line, type the following command and press Enter:
wrkdomsvr
3. On the Work with Domino Servers display, type a 2 in the Opt column next to the server name and press Enter. 4. On the Change Domino Server display, make any necessary changes to the values and press Enter. 5. Restart the Lotus Quickr server to make the changes take effect.
Changing Lotus Quickr language dictionaries on i5/OS

You can change the language dictionary that the spelling checker uses on the IBM Lotus Quickr for i5/OS. You must have *JOBCTL special authority to perform this task. The language dictionary is contained in the file wpdic.dic. By default, the wpdic.dic file contains the US/English dictionary, us.dic. You can change the language dictionary that the spelling checker uses by making a backup copy of the existing wpdic.dic file, for example wpdic.bak, and then renaming the language dictionary file that you want to use to wpdic.dic. For example, after you create a backup copy of wpdic.dic, rename German.dic to wpdic.dic. To change the dictionary that the spelling checker program uses, follow these steps. 1. From an i5/OS command line, type the following command and press Enter:
wrklnk /qibm/proddata/lotus/QuickPlace/shared/*.dic
2. Press Page Down until you see the object link called wpdic.dic displayed. 3. Enter option 7 next to the wpdic.dic object link to rename the object. 4. In the New Object field, change the name of the object link to the following and press Enter:
wpdic.bak
5. Select the language file that you want to use and enter option 7 to rename the file. 6. In the New Object field change the name of the object link to the following and press Enter:
wpdic.dic
Running multiple IBM Lotus Quickr servers on i5/OS

The i5/OS platform allows you to run multiple servers and applications within the same logical partition (LPAR). This topic contains an overview of where to find more information. In addition to your IBM Lotus Quickr server, you may decide to run multiple Domino servers, Sametime servers, HTTP servers, and LDAP servers, all in the same LPAR. However, you must carefully configure your TCP/IP environment so that the various servers do not encounter port conflicts. It is recommended
7-1
that you assign a separate TCP/IP address to each server and that you bind each server to its assigned IP address. In addition, be sure that your server can handle the workload. For more information, see the following: v The topic Preparing your TCP/IP connection v The document Installing and Managing Sametime 8 for i5/OS v Technote #1091353, Sametime for iSeries: Can Sametime and QuickPlace Be Installed on the Same System? You can find this technote by searching for 1091353 at the following Web site http://www.ibm.com/software/support
7-2
Connecting to a user directory

Connecting to a user directory, although optional, maximizes the features available to you.
Preparing to access LDAP directory servers from behind a firewall on i5/OS

If a IBM Lotus Quickr server that runs on i5/OS is behind a firewall and you plan to do user lookups in an LDAP directory that is outside the firewall, your system administrator must configure Client Socks support using iSeries Navigator. For details, see one of the following: v OS/400 Sockets Programming, SC41-5422-03 or later, which is available from the iSeries Online Library through the following Web site: http://www.ibm.com/eserver/iseries/infocenter v AS/400 Internet Security: IBM Firewall for AS/400, SG24-2162, which is available from the IBM Redbooks Web site: http://www.ibm.com/redbooks
User directories
When you set up directory services to connect the server to a user directory, administrators and place managers can add members to places by selecting names from the directory. Without a user directory, they must instead register local members in the membership database (Contacts1.nsf) of individual places. Connecting to a user directory maximizes the features that are available to you. The following features are supported only when a user directory is in use: v IBM Lotus Sametime features integrated in places v Expanded membership v My Places v Single sign-on authentication v Super user access to the server v User names in double-byte character sets Connecting to a user directory also provides these user management features: v User information is managed in a central location, rather than in individual places. v External members use the same name and password to access any place of which they are a member, whereas local members might have different user names and passwords in each place. v Many of the qptool commands that enable you to manage member information for multiple places at once are available only for external members. For example, you can use the qptool addmember command to add external members to places, but not to add local members. If you connect to a user directory, local membership is still supported. The local administrator specified during installation is a local member of the servers Site Administration place. Related information Using the Site Administration link on page 6-7 When you log in to the server as an IBM Lotus Quickr administrator, you have access to the Site Administration link on the home page. From there you can set up a connection to a user directory, control access to the server, as well as specify other configuration options.
8-1
Supported directory services configurations

You can set up IBM Lotus Quickr to control directory services or set up the underlying Lotus Domino server to control directory services. Table 8-1 highlights some of the benefits and limitations of these directory services configurations.
Table 8-1. Comparison of the supported directory services configurations Feature support User Authentication Lotus Quickr control of directory services Lotus Domino control of directory services
Supports only Domino basic Supports any user authentication name-and-password authentication or method configured on the Lotus multi-server session-based (single Domino server sign-on) authentication. Not supported and Domino server cannot use Supports one LDAP directory, and an optional additional LDAP directory for Lotus Quickr expanded membership use Supported Supported Supports access to any directory that Lotus Domino server can access, including multiple directories accessed through Domino directory assistance Not supported
Domino Internet Site documents Directory
Lotus Quickr expanded membership
Comparison of LDAP configuration options

Each supported directory services configuration has its own method and options for connecting to an LDAP directory. Both directory services configurations support connections to an LDAP directory, a directory accessed through the Lightweight Directory Access Protocol (LDAP). Table 8-2 describes where to find the LDAP directory connection options, depending on which directory services configuration you use.
Table 8-2. Location of LDAP directory connection options Option LDAP directory server port Location when Lotus Quickr controls directory services Site Administration - User Directory page Site Administration - User Directory page qpconfig.xml qpconfig.xml Location when Lotus Domino controls directory services Domino Directory and Directory Assistance document Domino Directory and Directory Assistance document Directory Assistance document Directory Assistance document
Secure Sockets Layer (SSL) connections SSL protocol to use Whether expired SSL certificates accepted Whether server certificate must include host name
qpconfig.xml
Directory Assistance document
Different search bases for groups and qpconfig.xml users Control of attributes that display in Lotus Quickr interface qpconfig.xml
Naming rules in Directory Assistance document None
8-2
Table 8-2. Location of LDAP directory connection options (continued) Option Control of attributes that display in Lotus Quickr directory lookup interface Searches narrowed to names that are part of place name Distinguished names that do not conform to the Domino naming convention Custom search filter for user authentication Custom search filter for group authorization Custom search filter for adding group members to places Custom search filter for adding user members to places Control whether nested groups are searched Control levels of nested group searches Search timeout Location when Lotus Quickr controls directory services qpconfig.xml Location when Lotus Domino controls directory services None
Site Administration - User Directory page qpconfig.xml
None
Directory Assistance document with all-asterisk naming rule
qpconfig.xml
qpconfig.xml
qpconfig.xml
None
qpconfig.xml
None
qpconfig.xml
notes.ini
None
Site Administration - User Directory page None None
Maximum entries returned Attribute to be used as name in SSO token Control over alias dereferencing
Directory Assistance document Directory Assistance document
None
Directory Assistance document Directory Assistance document
Support of directory change detection None
Feature differences when accessing places through group membership

The behavior that users see when accessing places through membership in an external group can be different than when accessing places through individual membership. Note: On IBM AIX and Sun Solaris servers, a maximum of 150 users from one group can be logged into a place simultaneously through the group membership. The server will not respond if that maximum is exceeded.
8-3
Table 8-3 summarizes the differences users see when accessing places through external group membership.
Table 8-3. Behavior differences when accessing places through membership in external groups Feature Current user link User experience when accessed through external group membership Link shows the members name rather than the group name. There is no member profile available through the link. When a member of a group edits a page, other members of the group do not see the status of the page as checked out. Members list shows the group name rather than the names of the members. Member profile for the group shows the group name. Members of the group do not have profiles, unless they also have access through individual membership. Page author shows the members of a group rather than the group name. You can search by member of a group, not by group name. A place invitation is sent to each member of a group. A page notification shows the e-mail address of the member of the group who sent it. The sender can send to the group name or can select specific members to send to. Ability to select specific members is controlled through the qpconfig.xml file. Members of a group cannot receive whats new e-mails or calendar event subscriptions because they do not have profiles in which to set the preferences to receive them. Members of groups cannot submit or approve workflow pages because they dont have a required Member profile. Customizations to the member lookup interface do not apply to groups. Awareness is not available for members of a group from the Members Online window, but is available elsewhere in the context of a place. Members of groups cannot work offline.
Editor access
Members list Member profile
Page author Search pages by author Place invitations Notifications
Whats new e-mails and calendar event subscriptions
Form workflow: editor-in-chief approval cycle
Custom member lookup interface controlled through the qpconfig.xml file (when IBM Lotus Quickr controls directory services) IBM Lotus Sametime awareness
Work offline
Support for special characters in names

IBM Lotus Quickr supports some special characters in user and group names. Table 8-4 summarizes special character support.
Table 8-4. Support for special characters in names Special character @ < Allowed for local users Yes No Allowed for local groups No No Allowed for external users and groups No No
8-4
Table 8-4. Support for special characters in names (continued) Special character > & : ; ^ , (comma) = ( ) # \ / | * + (apostrophe) Allowed for local users No No No No No No No No No No No No No No No No Yes Allowed for local groups No No No No No No No No No No No No No No No No Yes Allowed for external users and groups No Yes No No Yes Yes Yes Yes Yes Yes Yes Yes No No Yes No Yes
Setting up Domino to control directory services

Setting up the underlying IBM Lotus Domino to control directory services enables you to take advantage of the directory services and authentication methods that Lotus Domino supports. CAUTION: Switching from Domino control of directory services to Lotus Quickr control is not supported because members added to places during Domino control of directory services are not recognized after the switch. Perform the following steps to set up Lotus Domino to control directory services. 1. If users are located in a secondary directory rather than the Domino servers primary Domino Directory, set up directory assistance for the secondary directory. For instructions, see the section Directory Services - Directory Assistance in the Contents view of Domino Administrator Help. Keep the following points in mind: v Create a Directory Assistance document for each directory that contains Lotus Quickr users. v To use groups from a directory as place members, specify Group Authorization in the Directory Assistance document. Locate all such groups in one directory because you can enable this option for one directory only. v If the secondary directory is an LDAP directory and there are distinguished names in the directory that dont conform to the Domino naming convention, use an all-asterisk naming rule in the Directory Assistance document. 2. Perform the following steps: a. Log in to the Lotus Quickr server as an administrator. b. Click Site Administration. c. Click User Directory.
8-5
d. Click Change Directory. e. In the Type list select Domino Server. f. Select one of the following options v To allow place managers to create local members, click Allow managers to create new users in each place. v To prevent place managers from creating local members and require them to select members from a user directory, click Disallow new users. 3. Click Next. Make sure to complete this step so your changes take effect. Note: When Domino controls directory services, you cannot use expanded membership. For information on setting up directory services on the Domino server, see the Directory Services section in the Contents view of Domino Administrator Help.
Switching to Domino control of directory services

You can switch from IBM Lotus Quickr control of directory services to Lotus Domino control. CAUTION: After you make this change, reverting to Lotus Quickr control of directory services is not supported. Perform the following steps: 1. Set up Lotus Domino to control directory services. 2. Use the qptool changehierarchy command to change the format of the distinguished names of external members in places to use the Lotus Domino forward slash (/) delimiter. For example, to change the names of users and groups within the hierarchy ou=boston,o=acme to the Lotus Domino counterpart hierarchy, ou=boston/o=acme in place P1, use the following command:
load qptool changehierarchy -sourceh ou=boston,o=acme -targeth ou=boston/o=acme -p P1
Or to make the same change in all places, use the following command:
load qptool changehierarchy -sourceh ou=boston,o=acme -targeth ou=boston/o=acme -a
3. Restart the server by entering the following command at the server console:
restart server
Setting up Lotus Quickr to control directory services

When you set up IBM Lotus Quickr to control directory services, you specify an LDAP directory server to connect to. Perform the following steps: 1. Make sure the LDAP directory server is running. 2. Log in to the Lotus Quickr server as an administrator. 3. Click Site Administration. 4. Click User Directory. 5. Click Change Directory. 6. In the Type list select LDAP Server. 7. In the Name field, type the fully-qualified host name of the LDAP server, for example, ldap.acme.com. 8. In the Port number field, type the port number that the LDAP server uses to communicate with other servers. The default is 389, the port typically used.
8-6
9. Optional: Select Check for SSL connection with LDAP user directory. If you select this option and SSL is configured on the Lotus Quickr server and the LDAP server, the Lotus Quickr server will initiate all requests to the LDAP user directory as SSL encrypted requests. 10. Optional: In the Search base field type a distinguished name that represents the location in the directory name hierarchy at which to begin searches, for example, o=acme, ou=sales,o=acme, or dc=acme,dc=com. By default the Search base you specify applies to both user and group searches. However, you can use the qpconfig.xml file to specify a different search base for group searches. 11. Optional: Click Narrow searches to the place name to confine searches launched from a place to user directory names that include the name of that place. For example, with this option checked, if a user does a directory search from a place called Sales Support, the search looks only for users who have Sales Support in their user names. Important: Do not select this setting if your organization uses only three organizational units in names, because it will restrict you to a maximum of three places. 12. If a user name and password are required to access directory information on the LDAP server, perform the following steps: a. Click Check to use credentials specified below when searching the directory. b. Type the user name, an LDAP distinguished name, for example cn=admin,o=acme. c. Type the password. Note: If the password has an expiration date, make a note of it, because you will need to update this field with a new password then. 13. Optional: In the Authentication Timeout and Search Timeout fields, change the maximum amount of time, in seconds, the server can take to authenticate a user from the user directory or to perform a search. The default value for both time-out settings is 120 seconds and is adequate in most environments. If connections to the LDAP server are very slow, consider increasing the time-out values. If connections are very fast, consider reducing the values. If you leave the fields blank, the default settings are used. The LDAP server might also have time-out limits configured. In this case, the effective time-out limits are whichever are lowest between the Lotus Quickr server and the LDAP server. Note: Specifying 0, which allows the Lotus Quickr server to take an unlimited amount of time for user authentication and searches, is not recommended. 14. Select one of the following options: v To allow place managers to create local members, select Allow managers to create new users in each place. v To prevent place managers from creating local members and require them to select members from a user directory, click Disallow new users. 15. Click Next. Make sure to compete this step so your changes take effect. If in the future you want to change the LDAP directory that uses, repeat these steps. If there are distinguished names in the new directory that are different from the names in the original directory, use the qptool changehierarchy or changemember command to update the names in places. Note: The distinguished names of users and groups should be unique. If there are two identical distinguished names in the directory, only one of the names can be added to a place as a member. If two distinguished names are identical, add a middle initial or other distinguishing character to one of the names to make each name unique.
Customizing Lotus Quickr control of directory services

Use qpconfig.xml and notes.ini settings to customize IBM Lotus Quickr control of directory services.
8-7
Customizing the attributes displayed for users and groups

Users and groups in an LDAP directory are described by a variety of attributes. For example, the value for a users first name is often stored as the givenname attribute and the last name as the sn (surname) attribute. Not all LDAP directories define attributes in the same way. To display accurate information about users and groups in the IBM Lotus Quickr user interface, such as names, phone numbers, and e-mail addresses when Lotus Quickr controls directory services, you might need to change some of the default attributes. For example, by default the Lotus Quickr assumes an LDAP directory uses the sn attribute to define a users last name. However, if your LDAP directory uses the lastname attribute instead, you must use the qpconfig.xml file to specify the correct attribute. Perform the following steps to customize the attributes displayed for users and groups: 1. Change values in the <schema> element of the qpconfig.xml file as required by your LDAP directory. Values shown below are the default values.
<user_directory> <ldap> <schema> <object_class>objectClass</object_class> <user> <object_class_value>person</object_class_value> <common_name>cn</common_name> <display_name>cn</display_name> <first_name>givenname</first_name> <last_name>sn</last_name> <email>mail</email> <phone>telephone</phone> </user> <group> <object_class_value>groupOfNames</object_class_value> <common_name>cn</common_name> <display_name>cn</display_name> <member>member</member> </group> </schema> </ldap> </user_directory>
Note: Using distinguished names as the display name is not supported. 2. Save the modified qpconfig.xml file. 3. Enter the following command at the server console to restart the HTTP task on the server:
restart task http
4. If there are existing places, use the qptool updatemember command to update places to reflect the change. This step is not necessary if you have updated only attributes that are used in authentication, for example <display_name>, because these are updated automatically when you restart the http task. If your LDAP directory server allows anonymous access, ensure it will return the attributes you specify. Related information Creating and using the qpconfig.xml file on page 6-3 You use an XML configuration file, qpconfig.xml file, to perform many server configuration tasks. The server comes with a sample file, qpconfig_sample.xml, which is installed in the server data directory and which you use as a template.
Customizing search filters

If IBM Lotus Quickr control directory services, you can use the qpconfig.xml file to customize the attributes it looks for during various types of searches. Related information
8-8
Creating and using the qpconfig.xml file on page 6-3 You use an XML configuration file, qpconfig.xml file, to perform many server configuration tasks. The server comes with a sample file, qpconfig_sample.xml, which is installed in the server data directory and which you use as a template. Customizing searches for login names: When an external member logs in to a place, by default the server searches the cn, uid, and shortname attributes in the LDAP directory for matches to the login name. You can use the qpconfig.xml file to specify other attributes for which to search. Note: The qpconfig.xml file is case-sensitive, so when typing the names of attributes you must use the same character case used in your directory. Specifying case incorrectly causes directory lookup problems. Perform the following steps: 1. Change values in the <authentication> element (within search_filters element) of the qpconfig.xml file as required by your LDAP directory. Values shown below are the default values.
<user_directory> <ldap> <search_filters> <authentication><![CDATA[(I(cn={0})(uid={0})(shortname={0}))]]> </authentication> <user_lookup><![CDATA[(&(objectclass=person)(sn={0})(givenname={1}))]]> </user_lookup> <group_lookup><![CDATA [(&(objectclass=groupOfNames)(cn={0}))]]> </group_lookup> <group_membership><![CDATA [(&(objectclass=groupOfNames)(member={0}))]]> </group_membership> </search_filters> </ldap> </user_directory>
2. Save the modified qpconfig.xml file. 3. Enter the following command at the server console to restart the HTTP task on the server:
restart task http
For example, to look for a login name in the cn attribute or in the mail attribute, change the authentication element in qpconfig.xml to: <authentication><![CDATA[(| (cn={0})(mail={0}))] ]></authentication> Note that the zero {0} is required and indicates that Lotus Quickr looks for only one name value in an attribute. Related information Creating and using the qpconfig.xml file on page 6-3 You use an XML configuration file, qpconfig.xml file, to perform many server configuration tasks. The server comes with a sample file, qpconfig_sample.xml, which is installed in the server data directory and which you use as a template. Customizing the user lookup search: When someone types a name in the directory lookup interface to search for name to add as a place member, by default the server expects a last name, optionally followed by a comma (,) and first name, and searches for the last name in the sn attribute and the first name in the givenname attribute. By default the server also assumes that names are found in entries defined as objectclass=person. You can use the qpconfig.xml file to specify other attributes for which to search and a different object class definition. Note: The qpconfig.xml file is case-sensitive, so when typing the names of attributes you must use the same character case used in your directory. Specifying case incorrectly causes directory lookup problems.
8-9
Perform the following steps: 1. Change values in the <user_lookup> element of the qpconfig.xml file as required by your LDAP directory. Values shown below are the default values.
<user_directory> <ldap> <search_filters> <authentication><![CDATA[(|(cn={0})(uid={0})(shortname={0}))]]> </authentication> <user_lookup><![CDATA[(&(objectclass=person)(sn={0})(givenname={1}))]]> </user_lookup> <group_lookup><![CDATA [(&(objectclass=groupOfNames)(cn={0}))]]> </group_lookup> <group_membership><![CDATA [(&(objectclass=groupOfNames)(member={0}))]]> </group_membership> </search_filters> </ldap> </user_directory>
restart task http
For example, to search for the second specified name as a value for the mail attribute rather than the givename attribute, change the line as follows:
<![CDATA[(&(objectclass=person)(sn={0})(mail={1}))]]>
Note that zero (0) and one (1) indicate the first and second, comma-separated input values, respectively. Lotus Quickr does not accept more than two input values for the name. If you customize this search filter, you should also customize the hint the interface provides for searching and possibly other directory lookup user interface settings. Related information Creating and using the qpconfig.xml file on page 6-3 You use an XML configuration file, qpconfig.xml file, to perform many server configuration tasks. The server comes with a sample file, qpconfig_sample.xml, which is installed in the server data directory and which you use as a template. Customizing the group lookup search: When someone types the name of a group in the directory lookup interface to search for a group name to add as a place member, by default the server searches for the group name in the cn attribute of groups defined as objectclass=groupOfNames You can use the qpconfig.xml file to specify a different attribute for which to search and a different group object class definition. Note: The qpconfig.xml file is case-sensitive, so when typing the names of attributes you must use the same character case used in your directory. Specifying case incorrectly causes directory lookup problems. Perform the following steps: 1. Change values in the group_lookup element of the qpconfig.xml file as required by your LDAP directory. Values shown below are the default values.
<user_directory> <ldap> <search_filters> <authentication><![CDATA[(|(cn={0})(uid={0})(shortname={0}))]]> </authentication> <user_lookup><![CDATA[(&(objectclass=person)(sn={0})(givenname={1}))]]> </user_lookup> <group_lookup><![CDATA [(&(objectclass=groupOfNames)(cn={0}))]]>
8-10
</group_lookup> <group_membership><![CDATA [(&(objectclass=groupOfNames)(member={0}))]]> </group_membership> </search_filters> </ldap> </user_directory>
restart task http
For example, to search for the objectclass value groupOfUniqueNames and search for the name in the grouptitle attribute, change the line as follows:
<group_lookup><![CDATA [(&(objectclass=groupOfUniqueNames)(grouptitle={0}))]]></group_lookup>
The zero (0) indicates that Lotus Quickr looks for only one name as input for a group name. Related information Creating and using the qpconfig.xml file on page 6-3 You use an XML configuration file, qpconfig.xml file, to perform many server configuration tasks. The server comes with a sample file, qpconfig_sample.xml, which is installed in the server data directory and which you use as a template. Customizing the search used to determine group membership: After the server authenticates a user, it searches for all the groups of which the user is a member, in order to determine user access to places through group membership. By default the server searches for the users names in the member attribute of groups defined as as objectclass=groupOfNames You can use the qpconfig.xml file to specify a different attribute for which to search and a different group object class definition. Note: The qpconfig.xml file is case-sensitive, so when typing the names of attributes you must use the same character case used in your directory. Specifying case incorrectly causes directory lookup problems. Perform the following steps: 1. Change values in the group_membership element of the qpconfig.xml file as required by your LDAP directory. Values specified below in bold are the default values.
<user_directory> <ldap> <search_filters> <authentication><![CDATA[(|(cn={0})(uid={0})(shortname={0}))]]> </authentication> <user_lookup><![CDATA[(&(objectclass=person)(sn={0})(givenname={1}))]]> </user_lookup> <group_lookup><![CDATA [(&(objectclass=groupOfNames)(cn={0}))]]> </group_lookup> <group_membership><![CDATA [(&(objectclass=groupOfNames)(member={0}))]]> </group_membership> </search_filters> </ldap> </user_directory>
restart task http
For example, to search for the objectclass attribute value groupOfUniqueNames and the uniquemember attribute value, change the line as follows:
<group_membership><![CDATA[(&(objectclass=groupOfUniqueNames)(uniquemember={0}))]]></group_membership>
8-11
The zero (0) indicates that Lotus Quickr looks for only one name as input for a group name. Related information Creating and using the qpconfig.xml file on page 6-3 You use an XML configuration file, qpconfig.xml file, to perform many server configuration tasks. The server comes with a sample file, qpconfig_sample.xml, which is installed in the server data directory and which you use as a template. How the Exact Match lookup option affects search filters: When a user searches the directory for a user or group to add to a place, whether or not the user selects the Exact Match search option has an effect on the search filters that is used. For example, Table 8-5 describes the search filter used for user name lookups when one value and two comma-separated values are entered, depending on the Exact Match setting.
<user_lookup><![CDATA[(&(objectclass=person)(sn={0})(mail={1}))]]></user_lookup> Table 8-5. Effect of Exact Match lookup option Exact Match setting Selected Search filter used when users searches for: smi sn=smi mail=* Not selected sn=smi* mail=* Search filter used when user searches for: smi, @acme sn=smi mail=@acme sn=smi* mail=@acme*
Customizing the directory lookup interface

If IBM Lotus Quickr controls directory services, use the qpconfig.xml file to customize the user interface that users see when looking up users in the directory to add as place members. You can customize the search hint and also customize how the user interface displays the results of user searches. Customizing the search hint in the directory lookup interface: By default the directory lookup interface prompts users to search for user names by typing last name, first name. If you have customized the user lookup search, also customize the search hint to reflect the change. Note: The qpconfig.xml file is case-sensitive, so when typing the names of attributes you must use the same character case used in your directory. Specifying case incorrectly causes directory lookup problems. Perform the following steps: 1. Change values in the <search_ui_hint> element of the qpconfig.xml file. Values shown below are the default values.
<user_directory> <ldap> <search_ui_hint><![CDATA[( enter <B>last name, first name</B>)]]> </search_ui_hint> <search_ui_index>sn</search_ui_index> </ldap> </user_directory>
restart task http
For example, if you specified the following line in the <user_lookup> element of qpconfig.xml:
8-12
<user_lookup><![CDATA[(&(objectclass=person)(sn={0})(mail={1}))]]></user_lookup>
you might then specify the following line in the <search_ui_hint> element:
<![CDATA[( enter <B>last name, email</B>)]]>
Note: You can specify a maximum of 250 characters. Related information Creating and using the qpconfig.xml file on page 6-3 You use an XML configuration file, qpconfig.xml file, to perform many server configuration tasks. The server comes with a sample file, qpconfig_sample.xml, which is installed in the server data directory and which you use as a template. Customizing the display of search results: By default, when a user searches for users in the directory, the search results show the values for the sn and givename attributes in the first column, distinguished names in the second column, and the sn attribute in the range field at the top of the search results box. To display different attribute values, change the values for the member_lookup_ui and search_ui_index elements in the qpconfig.xml file. Note: The qpconfig.xml file is case-sensitive, so when typing the names of attributes you must use the same character case used in your directory. Specifying case incorrectly causes directory lookup problems. Perform the following steps: 1. To change the attributes that display in the first and second columns of search results, change values in the <member_lookup_ui> element of the qpconfig.xml file. Values specified below in bold are the default values. Change the value of the column_name element to change the attributes that display in the first column of results, and change the value of the column_disambiguate element to change the attribute that displays in the second column.
<user_directory> <ldap> <member_lookup_ui> <column_name> <person>sn, givenname</person> </column_name> <column_disambiguate> <person>dn</person> </column_disambiguate> </member_lookup_ui> </ldap> </user_directory>
2. To change the attribute value used to display the current range of names at the top of the results box, change the value of the <search_ui_index> element in qpconfig.xml. By default the value for the sn attribute shows in the range.
<user_directory> <ldap> <search_ui_index>sn</search_ui_index> </ldap> </user_directory>
restart task http
For example, display the sn and mail attribute values in the first results column, specify:
<column_name> <person>sn, mail</person> </column_name>
8-13
Related information Creating and using the qpconfig.xml file on page 6-3 You use an XML configuration file, qpconfig.xml file, to perform many server configuration tasks. The server comes with a sample file, qpconfig_sample.xml, which is installed in the server data directory and which you use as a template.
Sample user directory settings

If IBM Lotus Quickr control directory services, the following qpconfig.xml customizations are examples of ones you might use on Sun Java System Directory Server Server or IBM Tivoli Directory Server. Because each directory can have a custom configuration, it is important to verify these with the LDAP directory administrator. The default values are assumed for omitted settings.
<?xml version="1.0" encoding="UTF-8" standalone="yes"?> <server_settings> <user_directory> <ldap> <schema> <group> <object_class_value>groupOfUniqueNames</object_class_value> <member>uniquemember</member> </group> </schema> <search_filters> <group_lookup><![CDATA[(&(objectclass=groupOfUniqueNames)(cn={0}))]]> </group_lookup> <group_membership><![CDATA[(&(objectclass=groupOfUniqueNames)(uniquemember={0}))]]> </group_membership> </search_filters> </ldap> </user_directory> </server_settings>
Customizing the search base used for group searches

By default, the search base you specify when you connect to an LDAP directory server is used for both user and group searches. You can use the qpconfig.xml file to specify a search base specifically for group searches. For example, if the names of the groups you want to search are under ou=groups,o=acme in the directory name hierarchy, you could specify ou=groups,o=acme as the search base for groups so that only that branch of the directory is used for group searches. Note: The qpconfig.xml file is case-sensitive, so when typing the names of attributes you must use the same character case used in your directory. Specifying case incorrectly causes directory lookup problems. Perform the following steps: 1. Specify a value in the <base_dn> element of the qpconfig.xml file, for example:
<user_directory> <ldap> <base_dn> <group>ou=groups,o=acme</group> </base_dn> </ldap> </user_directory>
2. Save the modified qpconfig.xml file.
8-14
3. Enter the following command at the server console to restart the HTTP task on the server:
restart task http
Using nested groups

If your directory has nested groups -- groups within groups -- that contain the names of IBM Lotus Quickr users, use a notes.ini file setting to allow searches of the nested groups. Perform the following steps: 1. Open the notes.ini file in the servers data directory. 2. Add the following line to the notes.ini file:
QuickPlaceNestedGroupLimit=value
where value represents the number of levels of groups the server can search. By default the level is 1, meaning that the server doesnt search nested groups. Note: Specifying a value much larger than needed can degrade LDAP lookup performance. 3. Make sure to leave a blank line at the end of the file, and then close and save the file. 4. Enter the following command at the server console to restart the server so the change takes effect:
restart server
Customizing SSL connections

If you selected the option Check for SSL connection with LDAP user directory when you set up the connection to the LDAP directory server, optionally use qpconfig.xml settings to customize the Secure Sockets Layer (SSL) connection. Perform the following steps: 1. Specify values in the <ssl_protocol> element of the qpconfig.xml file, for example:
<ldap> <ssl protocol="3" accept_expired_certs="true"verify_servername=" true"/> </ldap>
Table 8-6 describes the settings. 2. Save the modified qpconfig.xml file. 3. Enter the following command at the server console to restart the HTTP task on the server:
restart task http Table 8-6. SSL settings in the qpconfig.xml file Setting protocol=number Description Type one of the following numbers to specify the SSL protocol used for the connection to the LDAP server: 0 - Negotiated (default) 1 - LDAP V2.0 only 2 - LDAP V3.0 handshake 3 - LDAP V3.0 only 4 - LDAP V3.0 with V2.0 handshake
8-15
Table 8-6. SSL settings in the qpconfig.xml file (continued) Setting accept_expired_certs=value Description Type false to prevent Lotus Quickr from accepting a certificate from the LDAP server if the certificate has expired. Type true (the default) to accept a certificate that has expired. Type false to prevent Lotus Quickr from verifying whether the LDAP server host name matches the host name in the SSL certificate. Type true (the default) to require that the host name matches the host name in the certificate. Note: If the value is set to true but the host name does not match the host name in the certificate, then LDAP authentications fail.
verify_servername=value
Using accented characters in user names (AIX and Solaris)

If IBM Lotus Quickr runs on IBM AIX or Sun Solaris, use a notes.ini file setting to allow the use of accented characters in LDAP directory user names. Perform the following steps: 1. Add the following setting to the server notes.ini file:: PLATFORM_CSID=20 2. Make sure to leave a blank line at the end of the file, and then close and save the file. 3. Enter the following command at the server console:
restart server
Testing access to an LDAP directory server

If the connection is done to the LDAP directory server anonymously (that is, without supplying credentials), the LDAP directory server must allow anonymous access to the attributes used by Lotus Quickr. You can use the Lotus Domino ldapsearch tool to test the server access to LDAP attributes. To test access to attributes, from the program directory on the Lotus Quickr server, enter a command such as the following one: ldapsearch -h ldap.acme.com cn=arch* In this example, ldap.acme.com is the LDAP directory server. The command returns the list of accessible users with common names that begin with the string arch. If your LDAP directory server is configured to allow access only with specific credentials, you can use the same search, supplying the credentials on the command line: ldapsearch -h ldap.acme.com -D [username] -w [password] cn=arch* Using the ldapsearch tool is one of the first steps to take when troubleshooting LDAP directory problems. If you cannot do lookups using ldapsearch there is an underlying network or directory server problem. For more information on ldapsearch, see Domino Administrator Help.
8-16
Access to the Domino Directory through LDAP

If you use the Domino Directory as your LDAP directory, fields in the Domino Directory are mapped to LDAP attributes. To view the mapping, open the Domino LDAP Schema database (schema.nsf) on the server. Lotus Quickr and ldapsearch use the attribute names rather than field names. For example, the field OfficePhoneNumber in the Domino Person document is mapped to the LDAP attribute telephonenumber. Telephonenumber is the name used in ldapsearch and in Lotus Quickr. If Domino is your LDAP directory and Lotus Quickr connects to it anonymously, you can edit the Domain Configuration Settings document in the Domino Directory to update the list of attributes allowed for anonymous access. For more information on setting access to a Domino LDAP directory, see Domino Administrator Help.
Disconnecting from a user directory

If you disconnect from a user directory, place managers can specify only local members. Any existing external place members no longer have access to the places. Perform the following steps to disconnect from a user directory: 1. Log in to the Lotus Quickr server as an administrator. 2. Click Site Administration. 3. Click User Directory. 4. Click Change Directory. 5. In the Type field click No Directory. 6. Click Next.
8-17
8-18
Configuring the Place Catalog

The Place Catalog is a database that collects information about IBM Lotus Quickr places and servers. A local Place Catalog is enabled by default on each Lotus Quickr server. You can customize the Place Catalog configuration, for example, set up a Place Catalog server, which is a server with a Place Catalog that multiple servers share. Perform the following steps: 1. Perform the following steps to configure Place Catalog settings in the qpconfig.xml file. Note: If you have only one server in your environment, or if you have more than one server but each uses its own Place Catalog, these steps are unnecessary unless you want to customize the Place Catalog settings. a. Open the qpconfig.xml file in the Domino data directory or create the file it it does not exist already. b. Specify the following settings in the file, replacing the values shown below with ones required for your environment:
<place_catalog enabled="true" log_level="0"> <connection_pool size="8"/> <place_catalog_servers> <server> <domino_server_name>PlaceCatalog/Acme </domino_server_name> <nsf_filename>PlaceCatalog.nsf</nsf_filename> </server> </place_catalog_servers> </place_catalog>
See Table 9-1 on page 9-2 for a description of the settings. c. Save the modified file. d. Enter the following command at the server console to restart the HTTP task:
restart task http
Note: If you use clustering, you must complete additional steps to set up the Place Catalog for the cluster environment. 2. If you will use a Place Catalog server with a Place Catalog that multiple servers share, perform the following steps on the Place Catalog server: a. Make sure the server is accessible to other Lotus Quickr servers over Lotus Notes RPC (TCP/IP port 1352) and the HTTP protocols. This is set up by default. b. Open the Place Catalog: from IBM Lotus Notes, click File Database Open, select the Place Catalog server in the Server field, and then type placecatalog.nsf in the Filename field. Note: You must type the file name because, by default, the Open Database window does not display the Place Catalog database for you to select. c. Click File Database Access Control, and give access only to Lotus Quickr servers and system administrators. By default, the database has the following listed as Managers in the ACL: Lotus Quickr Place Catalog server, the IBM Lotus Dominoadministrator, LocalDomainServers, and QuickPlaceAdministratorsSUGroup. d. Click File Database Properties, click the second-to-the-last tab on the right, and click Create Index to create a full-text index. The Place Catalog database must be full-text indexed for the qptool report command and the My Places feature to work. For more information on creating and updating full-text indexes, see Domino Administrator Help.
9-1
Table 9-1. Place Catalog settings in the qpconfig.xml file Element or attribute place_catalog enabled Description The place_catalog section contains settings to enable the server to use a Place Catalog. Set the enabled attribute to true to tell the server to search for an existing Place Catalog. The default setting is enabled=true. To prevent the server from looking for a Place Catalog, change the enabled attribute to enabled=false or remove the entire <place_catalog> section. log_level You can log operations related to the Place Catalog in the Domino server console as follows: Level 1 - Logs all Catalog database open and close operations Level 2 - Logs all server registration operations Level 3 - Logs all place registration operations Level 4 - Logs all member registration operations Each level also includes the information in the levels below it. connection_pool size For efficiency, the Lotus Quickr server creates a pool of connections to the Place Catalog that can be shared by the different requests the server receives. This number should reflect the number of simultaneous requests that could result in a query or update to the Place Catalog. These types of requests include creation of places, the addition of or changes to place membership, and administration requests made by qptoo1. You may want to start with a number representing a third of the maximum HTTP threads. For example, if the server uses 90 threads, then set this value to 30. domino_server_name Type the Domino hierarchical name of the Place Catalog server, for example, PlaceCatalog/Acme. If this server will use a Place Catalog on a different server, specify the name of that server. Specify the name of the Place Catalog database, for example, PlaceCatalog.nsf. If this server will use a Place Catalog on a different server, specify the database name of that Place Catalog on that server.
nsf_filename
Related tasks Setting up the Place Catalog for a cluster on page 10-3 To ensure that a shared Place Catalog works properly for servers in a cluster, replicate the Place Catalog on the Place Catalog server to the other IBM Lotus Quickr servers in the cluster, and specify the details of the cluster environment in the qpconfig.xml file of each server in the cluster. All servers in a cluster should use the same qpconfig.xml settings.
9-2
How the Place Catalog Works

The Place Catalog contains data on IBM Lotus Quickr servers, and the places, rooms, and members on those servers. Each server, place, and room has a separate entry in the Place Catalog. An entry is implemented as an IBM Lotus Notes document. The Place Catalog enables administrators to use the qptool report command, or an XML interface to the Lotus Quickr Java XML API, to report statistics on places and servers. It enables place members to use My Places to see a list of places they belong to and statistics about those places, as well as to search content across places and servers. Note: A room entry in the Place Catalog is labeled as a place entry. However, it shows statistics for the room only. The following figure shows an example of a Catalog entry for a place named place1:
9-3
The following figure shows a Place Catalog entry for a Lotus Quickr server called server1.acme.com.
9-4
How entries are updated

Some events cause immediate updates to the Place Catalog, while others cause updates only after the qptool placecatalog -push command is run. By default, a server notes.ini file includes the setting ServerTasksAt3=qptool placecatalog -push -a so that the command runs daily at 3 A.M. The following place and room statistics are updated through qptool placecatalog -push: v PlaceLastModified v PlaceSize v NumberOfReaders v NumberOfAuthors v NumberOfManagers v NumberOfEditors v NumberOfDocs v NumberOfDrafts v NumberOfAttachments v NumberOfCustomForms v NumberOfOfflineInstalls v LargestDocSize v LasyDayUses v LastDayReads v LastDayWrites v LastWeekUses v LastWeekReads v LastWeekWrites v LastMonthUses v LastMonthReads v LastMonthWrites
9-5
The following table describes the events that cause immediate updates to the Place Catalog:
Table 9-2. Events that are create or update Place Catalog entries in real time Event Server registration or unregistration Description A server becomes part of the service when qptool register -server command is issued, or when a place is created on the server. When a place is created, an entry for the server is immediately created in the Catalog if one does not already exist. Similarly, when qptool unregister -server is issued, the entry for the server is immediately removed from the Catalog. The servers place entry is removed. If the place is part of a Lotus Quickr server cluster with a virtual server, the virtual server place entry is also removed. A new entry is created. The Place Catalog server must be running for users to create new places in the service. If the place is created on one server in a cluster, an entry for the virtual server is also created. Place creation on a cluster server node by qptool replicamaker Place deletion from a browser or by qptool remove A place entry for that server cluster node is created.
Place removal by qptool unregister
Place creation from a browser or by qptool register
The places entry is deleted. Its name cannot be used for a new place until the qptool remove -cleanup command has run, either automatically overnight, or manually by the administrator. In a cluster environment, this would have to be done on all cluster nodes. The places entry for that server node is deleted from the catalog. The new member is added to the place entry with the proper access level. The member is removed from the place entry. The member moves to the field appropriate to their new access level. The PlaceLastAccessed field is updated, which can take up to a minute. The LoginCounts field value is incremented. The DocReadCounts field value is incremented. The PostingCounts field value is incremented. The PlaceIsLocked field of the Place Catalog entry is set to 1. If the place is in a cluster with a virtual server, the PlaceIsLocked field in the virtual server entry is also set to 1.
Place deletion in a cluster server node by qptool remove -cleanup Member creation
Member removal Member access change
Place accessed Place login Document read Posting Place locking by qptool lock
9-6
Table 9-2. Events that are create or update Place Catalog entries in real time (continued) Event Place unlocking by qptool unlock Description The PlaceIsLocked field of the Place Catalog entry is set to 0. If the place is in a cluster with a virtual server, the PlaceIsLocked field in the virtual server entry is also set to 0.
Note: You can use the qptool placecatalog -reset command to reset the place login, document read, and posting values to 0.
9-7
9-8
Configuring clustered servers

Configure clustering to provide high availability of servers in an IBM Lotus Quickr service. There are two aspects to clustering: configuring IBM Lotus Domino clustering to replicate data across the servers, and configuring a solution for distributing distribute HTTP requests to the servers in the cluster. Administering and managing a Lotus Quickr server that is in a cluster is the same as administering and managing a server that is not clustered. With the exception of adjustments to the load balancing hardware and software, you make changes individually to each server by addressing the server directly by its hostname or Domino name when you use any of the following methods or tools: v Using the browser to sign in to the server and visiting the Site Administration link. v Using the IBM Lotus Notes or the Domino Administrator to make changes, usually to the Lotus Domino Directory. v Making changes using the file system such as modifying the NOTES.INI file or qpconfig.xml file or inspecting HTTP logs. Note: Changes made through the Site Administration link do not replicate; you must make these changes on each server in a cluster. When you run a qptool command on a server in a cluster, Lotus Quickr applies the command only to the server on which you run it. The results of the command then replicate to the other servers in the cluster. For example, if you lock a place on one server in a cluster, the place is locked immediately only on that server. The place is locked on the other servers after replication replicates the lock property on the places databases to the other servers. Perform the following steps to configure clustered servers:
Creating a Lotus Domino cluster

A Lotus Domino cluster is a group of two to six Lotus Domino servers that provides users with constant access to data, balances the workload between servers, improves server performance, and maintains performance when the size of your enterprise increases. The servers in a cluster contain replicas of databases that you want to be readily available to users at all times. If a user tries to access a database on a cluster server that is unavailable, Domino opens a replica of that database on a different cluster server, if a replica is available. Domino continuously synchronizes databases so that whichever replica a user opens, the information is always identical. To create a cluster, you must have at least Author access, Delete Documents rights, and the ServerModifier and ServerCreator roles in the Lotus Domino Directory, and at least Author access to the Administration Requests database. If possible, use the Lotus Domino administration server when creating a cluster. The administration server does not have to be part of the cluster. See Domino Administration Help for detailed information on creating Lotus Domino clusters and managing cluster replication. Note: If a server already belongs to a different cluster, you do not have to remove the server from that cluster before you add it to the new cluster. The Lotus Domino Cluster Administration Process removes the server from the original cluster and then adds it to the new cluster. To create a cluster of IBM Lotus Quickr servers, perform the following steps:
10-1
1. From the Domino Administrator, click File Open Server to open the administration server or another server in the Lotus Domino domain of the IBM Lotus Quickr servers. 2. Click the Configuration tab. 3. Click Server All Server Documents. 4. Select the servers that you want to add to the cluster. 5. Click Add to Cluster. 6. When asked to choose the cluster you want to add the servers to, click Create New Cluster, and then click OK. 7. Type the name for the new cluster, and click OK. 8. Click Yes to add the servers to the cluster immediately, or click No to submit a request to the administration process to add the servers to the cluster. 9. If you chose Yes in the previous step, the cluster information is added immediately to the Domino Directory of the server you used to create the cluster. If this server is not part of the new cluster, replicate the changes to one of the servers you added to the cluster. If you chose No in the previous step, perform the following steps: a. If you used a server other than the administration server to create the cluster, force replication between the server you used and the administration server so that the administration server receives the requested changes sooner. b. Force replication between the administration server and the cluster servers so the cluster servers receive all the changes sooner.
Implementing a method for distributing HTTP requests

There are two methods available for distributing HTTP requests to servers in the cluster: load balancing or failover to a hot-spare. Note that IBM Lotus Quickr requires that HTTP requests sent to one node are continuously sent to that node for a predetermined amount of time known, sometimes referred to as sticky time.
Load balancing
The typical method is installing and setting up load balancing software. With load balancing, a virtual server is used to distribute HTTP requests so that the physical servers share the user load. The maximum capacity of the cluster is approximately the sum of the capacities of the servers in the cluster. For example, a cluster of three servers that each support 1,000 users has approximately a maximum capacity of 3,000 concurrent users. However, if one server goes offline, the capacity of the cluster is reduced correspondingly (to 2,000 users in the example). Therefore, the average capacity of a load-balanced cluster is less than the maximum possible, and allowance should be made for server downtime so that response times do not significantly decrease when a single server becomes unavailable. Having more than two servers in a cluster provides greater flexibility and reliability because when a server is taken offline for scheduled maintenance, failover can still occur among the remaining available servers. You purchase a load balancing product separately, and set it up following the product documentation. When you use load balancing, each physical server and place has an entry in the Place Catalog. In addition, there is an entry for the virtual server that represents the combination of all physical servers, and an entry for each place in the cluster that represents all the replicas of the place in the cluster. Real-time updates to the Place Catalog (such as place creation, locking of a place, and place membership changes) are made in the place entries that correspond to the virtual server. The non-real time updates (such as place size, time last accessed, and time last modified) are made to the place entries that correspond to the physical servers in the cluster. This information allows the administrator to know the differences in access and size for the places in each of the physical servers in the cluster. Use the qptool
10-2
placecatalog -update command to synchronize the place entries that correspond to the physical servers and the place entries that correspond to the virtual server.
Failover to a hot-spare
A less common method for distributing HTTP requests is failover to a hot spare, in which a primary server and a secondary server are clustered. The primary server handles user requests, and the secondary server is held in reserve in case the primary server fails or requires a scheduled stoppage. When the primary server is taken offline, user requests fail over to the hot spare until the primary server comes back online. In this type of cluster, the resources of the hot spare are not utilized while the primary server is active: the capacity of the cluster is the capacity of the primary server. Therefore, if a given server specification supports 1,000 concurrent users, two such servers are required to support 1,000 users. If the hot spare is identical to the primary server, the capacity remains the same after the primary server fails over. With the hot-spare solution data is maintained in separate entries in the Place Catalog for each physical server, and for each place on a physical server.
Modifying scheduled qptool commands in the notes.ini file

You must modify scheduled qptool commands in server notes.ini files. Perform the following steps: 1. Remove the following qptool commands from the notes.ini file of each server except the Place Catalog server: v qptool newsletter -daily -a, from the ServerTasksAt1 parameter v qptool remove -cleanup, from the ServerTasksAt2 parameter v qptool placecatalog -push and qptool deadmail -cleanup from the ServerTasksAt3 parameter These commands should run only on the Place Catalog server, to avoid duplication of newsletters and server tasks. 2. Add the following qptool command to the notes.ini file of the Place Catalog server only: ServerTasksAt6=qptool placecatalog -update This task updates statistics for the virtual server place documents.
Setting up the Place Catalog for a cluster

To ensure that a shared Place Catalog works properly for servers in a cluster, replicate the Place Catalog on the Place Catalog server to the other IBM Lotus Quickr servers in the cluster, and specify the details of the cluster environment in the qpconfig.xml file of each server in the cluster. All servers in a cluster should use the same qpconfig.xml settings. Note: Do not put dedicated Place Catalog servers in one cluster, and the Lotus Quickr place servers that they catalog in a separate cluster. This configuration can cause poor failover performance. Perform the following steps: 1. Perform the following steps on each server in the cluster except the Place Catalog server: a. Enter the following command at the server console to stop the HTTP task:
tell http quit
b. Enter the following command at the server console to flush the database cache:
dbcache flush
c. Delete the file PlaceCatalog.nsf from the server data directory. d. Create a replica of PlaceCatalog.nsf from the PlaceCatalog server to this server.
10-3
2. Perform the following steps on each server in the cluster, including the Place Catalog server. a. Open the qpconfig.xml file in the Domino data directory or create the file if it does not exist already. b. Specify the following settings in the file, replacing values shown below with ones required by your environment:
<cluster> <master virtual="true" ssl="false"> <port>80</port> <hostname>master.acme.com</hostname> <path_prefix><path_prefix /> </master> </cluster>
Table 10-1 describes the settings. c. Save the modified file. d. Enter the following command at the server console to restart the HTTP task: restart task http 3. Restart the Place Catalog server. 4. Restart the other Lotus Quickr servers. 5. Enter the following command at the server console of each server, one server at a time:
load qptool register -server Table 10-1. Cluster settings in the qpconfig.xml file Setting virtual=value Description The master server in a cluster acts as a users entry point to places on other servers in the cluster. If you use the failover to a hot-spare clustering solution in which the master server is a physical IBM Lotus Quickr server, specify virtual=false. If you use the load balancing clustering solution, in which the master server is an IP sprayer that acts as a virtual server, specify virtual=true. ssl=value If SSL is enabled on the master server, specify ssl=true, otherwise specify ssl=false. Note: Regardless if you use clustering, setting this to true populates the My Places list with URLs that begin with https rather than http. Specify the TCP port used to access requests by browsers, depending on whether SSL is enabled on the master server. The default port is 80 for non-SSL connections and 443 for SSL connections. Specify the DNS hostname of the master server (for example, master.acme.com).
<port>value</port>
<hostname>value</hostname>
10-4
Table 10-1. Cluster settings in the qpconfig.xml file (continued) Setting <path_prefix> value</path_prefix> Description If the Place Catalog (PlaceCatalog.nsf) is located in a subdirectory of the Lotus Domino data directory, type the subdirectory as the path_prefix. This information is used to create URLs to the master server. For example, on Microsoft Windows, if you put the Place Catalog in the directory C:\domino\data\catalog, type catalog as the path_prefix value. Or if you put the Place Catalog in the directory C:\domino\data\other\catalog, type other\catalog.
Related tasks Configuring the Place Catalog on page 9-1 The Place Catalog is a database that collects information about IBM Lotus Quickr places and servers. A local Place Catalog is enabled by default on each Lotus Quickr server. You can customize the Place Catalog configuration, for example, set up a Place Catalog server, which is a server with a Place Catalog that multiple servers share. Related information Creating and using the qpconfig.xml file on page 6-3 You use an XML configuration file, qpconfig.xml file, to perform many server configuration tasks. The server comes with a sample file, qpconfig_sample.xml, which is installed in the server data directory and which you use as a template.
10-5
10-6
Configuring security
Configuring security for the IBM Lotus Quickr involves configuring user authentication, configuring user access to the server, as well as performing other miscellaneous security configuration tasks.
Configuring user authentication

By default, the server uses basic name-and-password authentication to authenticate place members that connect through Web browsers or Lotus Quickr connectors. If you configure the server to connect to a user directory, there are additional methods available for authentication of external members, with the methods available dependent on whether IBM Lotus Quickr or IBM Lotus Domino controls directory services. If Lotus Quickr controls directory services, you can use the default basic name-and-password authentication or multi-server session-based name-and-password authentication (single sign-on). With single sign-on, users can log in to a server once and during that session automatically access any server enabled for single sign-on in the DNS domain without providing names and passwords again. If Lotus Domino controls directory services, you can use multi-server single sign-on internet client authentication, or SSL certificate authentication. For information on configuring user authentication when Lotus Domino controls directory services, see Domino Administrator Help. In addition to these authentication methods, Lotus Quickr supports the use of custom authentication applications through the Domino Server API (DSAPI). This interface allows some third-party vendors to design a DLL to support authentication for access to Lotus Quickr place databases. Note: To use SSL to encrypt the data transferred between Web browsers and Lotus Quickr server, enable SSL on the Domino Web server. For more information, see Domino Administrator Help.
Configuring multi-server single sign-on authentication

With multi-server single sign-on, users can log in to a server once and during that session access servers enabled for single sign-on in the DNS domain without providing names and passwords again. Keep the following points in mind: v When Lotus Quickr controls directory services, single-server single sign-on authentication is not supported, however, multi-server single sign-on achieves a similar result. v URLs issued to servers configured for single sign-on must specify the full DNS server name, not the host name or IP address. For browsers to be able to send cookies to a group of servers, the DNS domain must be included in the cookie, and the DNS domain in the cookie must match the server URL. This is why cookies cannot be used across TCP/IP domains. v Clustered servers must have the full DNS server name in the host name field of the Web Site or Server document so that the Internet Cluster Manager (ICM) can redirect to cluster members using SSO. If the DNS server hostname is not there, ICM redirects URLs to clustered Web servers with only the TCP/IP host name, by default, and cannot send the cookie because the DNS domain is not included in the URL. Perform the following steps to configure multi-server single sign-on authentication. These steps apply regardless of whether Lotus Quickr or IBM Lotus Domino controls directory services. Related information
11-1
Enabling the Domino Servlet Engine on page 4-26 After you have installed or upgraded to IBM Lotus Quickr, enable the Domino Servlet Engine. This step enables place managers to use place administration actions, such as qptool lock and unlock from My Places Show Usage Statistics.
Creating or editing a Web SSO Configuration document

The Web SSO configuration document is a domain-wide configuration document stored in the IBM Lotus Domino Directory. This document, which should be replicated to all servers participating in the single sign-on domain, is encrypted for participating servers and administrators, and contains a shared secret key used by servers for authenticating user credentials. To set up multi-server single sign-on for a IBM Lotus Quickr server, first create a Web SSO Configuration document, if there is not one already. If there is already a Web SSO Configuration document, edit the document by adding the Lotus Domino server names of the Lotus Quickr servers to it. Creating a Web SSO Configuration document: Create a Web SSO Configuration document is there is not one already. 1. Open the Domino Directory (names.nsf) of an IBM Lotus Quickr server in the domain. . 2. Click the Configuration Servers All Server Documents view. 3. Click Web and then cllick Create Web SSO Configuration. 4. Click Keys at the top of the Web SSO Configuration document. 5. To Initialize the Web SSO Configuration with a Domino shared secret key, click Create Domino SSO Key. Or, to import an IBM WebSphere LTPA key, perform the following steps: a. Click Import WebSphere LTPA Keys. b. Enter the path to the WebSphere LTPA export file (see WebSphere documentation for details about generating ltpatoken keys). c. Enter the password (specified when generating the keys in WebSphere). The document is updated to reflect the information in the export file. 6. Complete the rest of the document as follows:
Field Configuration Name Organization Action Type LtpaToken. This value is required. Leave this field blank so the document appears in the Web Configurations view. (Required) Type the DNS domain (for example, acme.com) for which the tokens will be generated. The servers enabled for single sign-on must all belong to the same DNS domain. Type the names of the IBM Lotus Domino servers to participate in single sign-on; for example, server1/acme, server2/acme. This document is encrypted so that only you, the members of the Owners and Administrators fields, and the servers specified have access to it. Note: Type only Lotus Domino server names in this field; group names, wild cards, and WebSphere server names are not allowed. Specify the time period, in minutes, after which the token will expire. The default is 30 minutes.
DNS Domain
Domino Server Names
Expiration (minutes)
11-2
Field Idle Session Timeout
Action Click Enabled and specify a Minimum Timeout value, in minutes, to indicate the number of minutes of inactivity after which the token will expire.
7. Click Save & Close to save the Web SSO Configuration document in the Web - Web Configurations view. A message on the status bar indicates the number of servers or people for whom the document is encrypted. If you receive messages on the client indicating that a particular key was not found for encrypting the document, you might have to change your clients location document to point to a different mail or directory server that has all the public keys included in Server and Person documents. Editing an existing Web SSO Configuration document: A Web SSO Configuration document may already exist for the domain. This might be the case, for example, if a IBM Lotus Sametime server is also installed in the domain. In this case, add the Lotus Domino names of the IBM Lotus Quickr servers to the existing Web SSO Configuration document. 1. Open the Domino Directory (names.nsf) of an IBM Lotus Quickr server in the domain. 2. Click the Web Web Server Configurations view. 3. Open the Web SSO Configuration document in edit mode. 4. In the Domino Server Names field, add the hierarchical Domino server name of each Lotus Quickr server in the domain that will participate in single sign-on; for example, server1/acme, server2/acme. 5. Close and save the document.
Completing single sign-on setup

After you have created or edited the Web SSO Configuration document for the domain, complete single sign-on setup. Perform the following steps: 1. Add the following setting to the notes.ini file of each IBM Lotus Quickr server that you will enable for single sign-on. This step prevents anonymous access to files in the html directory: NoWebFileSystemACLs=1 2. Enable multi-server session-based authentication in the Server document for each Lotus Quickr server that you want to enable for single-sign on: a. Open the Domino Directory (names.nsf) on the server. b. Click the view Configuration Servers All Server Documents. c. Click the Server document for the server and click Edit Server. d. Click Ports Internet Ports Web, and enable Name-and-password authentication for the Web (HTTP or HTTPS) port. e. Click the Internet Protocols - Domino Web Engine tab. f. Next to Session authentication, select Multiple Servers (SSO). g. Next to Web SSO Configuration, select LtpaToken. h. Click Save & Close. 3. Create the Domino Web Server Configuration database (domcfg.nsf) if it does not exist: a. From an IBM Lotus Notes client, choose File Database New. b. Next to Server at the top of the dialog box, select the server that runs Lotus Quickr. c. Next to Title, type a descriptive title, for example, Web Server Configuration. d. Next to File name, type domcfg.nsf. You must use this file name.
11-3
e. Next to Server in the middle of the dialog box, select any server. f. Click Show advanced templates. g. Next to Template, select Domino Web Server Configuration (domcfg5.ntf). h. Click OK. 4. Create a mapping form in the Domino Web Server Configuration database to enable single-sign on to work with Lotus Quickr: a. Open the Web Server Configuration database (domcfg.nsf). b. Click Add Mapping. c. Next to Applies To, select All Web Sites/Entire Server (default) or Specific Web Site/Virtual Server. If you select Specific Web Site/Virtual Server, a new field displays in which you specify the IP addresses of the Web Site documents or Virtual Servers. d. Next to Target Database, type LotusQuickr/resources.nsf, replacing the default entry. The path is case-sensitive on UNIX. If you upgraded from an earlier release and did not change the root directory name, type QuickPlace/resources.nsf. e. Next to Target Form, type QuickPlaceLoginForm. f. Click Save & Close. g. Replicate the database to all the Lotus Quickr servers that will use single sign-on. 5. After the Domino Web Server Configuration database has replicated, at the server console of each server, enter the following command to stop and restart the server:
restart server
The message Successfully loaded Web SSO Configuration confirms single sign-on setup.
Modifying cache settings related to user authentication

After a IBM Lotus Quickr server successfully authenticates a user, it adds the users name, password, and the groups of which the user is a member to its user cache. The next time the user attempts to authenticate, the server can quickly access the information in the cache to speed up authentication. You can modify the maximum number of user entries allowed in the cache and the length of time the entries remain in the cache. Peform the following steps: 1. Open the notes.ini file in the domino_server_root directory with a text editor. 2. To change the maximum number of user entries allowed in the cache, specify the following setting. The default value is 64 entries.
QuickPlaceMaxCachedUsers=number
where number is a number of user entries. When the cache reaches the specified number, older entries are removed to make room for new ones that are needed. 3. To specify the length of time user entries remain in the cache before the server removes them, specify the following setting. By default, entries remain in the cache for 120 seconds.
QuickPlaceExpireCachedUsers=interval
where interval is the length of time in seconds. 4. Make sure to leave a blank line at the end of the file. Press Enter, if necessary, to create one. 5. Close and save the file. 6. Enter the following command at the server console to restart the server so your changes takes effect:
restart server
11-4
Configuring access to the server

A user with administrator access controls who has administrator access to the IBM Lotus Quickr server, who can create places on the server, and who has super user access to the server. Related information Using the Site Administration link on page 6-7 When you log in to the server as an IBM Lotus Quickr administrator, you have access to the Site Administration link on the home page. From there you can set up a connection to a user directory, control access to the server, as well as specify other configuration options.
Specifying administrators
A user with administrator access can use the Site Administration link to perform a variety of administrative tasks, can create and delete places and PlaceTypes, and can control which users can create places. You created a local administrator as part of server installation. You can give additional users administrator access.
Giving administrator access to external users

Use the Site Administration link to add or remove administrator access for external users. Perform the following steps: 1. Log in to the server as an administrator. 2. Click Site Administration. 3. Click Security. 4. To grant a user administrator access, perform the following steps: a. Below Who can administer this server, click Add. b. Select Add existing network users from the directory. c. Click Directory. d. Search for the name. Tip: If the results of the search span multiple pages, use the arrow boxes above the name list to view the next or previous page of results. e. Select the check box next to each name that should have administrator access. f. Click Add. g. Click Close. h. Click Next. 5. To remove administrator access for a user, perform the following steps: a. Below Who can administer this server? click Remove. b. Select the check box next to each name that should no longer have administrator access. c. Click Next.
Giving administrator access to local users

You can use the Site Administration link to add and remove local administrators, and to modify local administrator names, passwords, and e-mail addresses. Note that you cannot remove or modify the local administrator account that you created during server installation. Perform the following steps: 1. Log in to the server as an administrator. 2. Click Site Administration. 3. Click Security. 4. To add a new local administrator, perform the following steps:
11-5
a. Below Who can administer this server, click Add. b. If the server is not connected to a user directory, type the user name, password, and e-mail address for the new local administrator, and then click Next. If the server is connected to a user directory, instead perform the following steps: 1) Click Create new users specially for access to this Lotus Quickr server. 2) Type the user name. 3) Click Next. 4) Type the password and e-mail address. 5) Click Next. 5. To modify a local administrators name, password, or e-mail address, perform the following steps: a. Below Who can administer this server?, highlight the administrator to modify. b. Click Modify. c. Change the user name, password, or e-mail address, as desired. d. Click Next. 6. To remove a local administrator, perform the following steps: a. Below Who can administer this server? click Remove. b. Select the check box next to each name that should no longer have administrator access. c. Click Next.
Specifying who can create places on the server

As administrator, you can allow only specific users to create places or you can allow all users who have access to the server to create places. Someone with super user access to the server can create places without being given this access explicitly.
Specifying which external users can create places

If the server is connected to a user directory, use the Site Administration link to specify the names of external users who you want to allow to create places. Perform the following steps: 1. Log in to the server as an administrator. 2. Click Site Administration. 3. Click Security. 4. To grant a user the access to create places, perform the following steps: a. Below Who can create new places on this server?, select Only specific users (or groups) who provide a name and password. b. Click Add. c. Select Add existing network users from the directory. d. Click Directory. e. Search for the name. Tip: If the results of the search span multiple pages, use the arrow boxes above the name list to view the next or previous page of results. f. Select the check box next to each name that should have administrator access. g. Click Add. h. Click Close. i. Click Next. 5. To remove a users access to create places, perform the following steps: a. Below Who can create new places on this server? click Remove.
11-6
b. Select the check box next to each name that should no longer have the access to create places. c. Click Next.
Specifying which local users can create places

Use the Site Administration link to specify the names of any local users who you want to allow to create places. Perform the following steps: 1. Log in to the server as an administrator. 2. Click Site Administration. 3. Click Security. 4. To grant a user the access to create places, perform the following steps: a. Below Who can create new places on this server, select Only specific users (or groups) who provide a name and password. b. Click Add. c. If the server is not connected to a user directory, type the user name, password, and optional e-mail address for the local user, and then click Next. If the server is connected to a user directory, instead perform the following steps: 1) Click Create new users specially for access to this Lotus Quickr server. 2) Type the user name. 3) Click Next. 4) Type the password and optional e-mail address. 5) Click Next. 5. To modify the name, password, or e-mail address of a local user who can create places, perform the following steps: a. Below Who can create places on this server?, highlight the name to modify. b. Click Modify. c. Change the user name, password, or e-mail address, as desired. d. Click Next. 6. To remove the access to create places from a user, perform the following steps: a. Below Who can create places on this server? click Remove. b. Select the check box next to each name that should no longer be allowed to create places. c. Click Next.
Allowing all users who have access to the server to create places
You can allow all users who can access the server to create places on it. This access is not allowed by default. Perform the following steps: 1. 2. 3. 4. Log in to the server as an administrator. Click Site Administration. Click Security. Below Who can create new places on this server, select Anyone who can connect to the server.
Specifying super user access to the server

A user granted super user access to the server can read and edit every page in every place, customize every place, control the membership of every place, create places, and use the Site Administration link to perform administration tasks. By default, no super user is defined.
11-7
Note the following additional points about super user access: v You can give super user access only to an external user or group. v Offline functionality is not supported when accessing a server as a super user. v You use the qpconfig.xml file to control super user access from a browser and a QuickPlaceAdministratorsSUGroup in the Domino Directory to control super user access from a Lotus Notes client. v Place managers automatically have super user access to the places they manage, and can give additional users super user access to those places. See the Help for additional information on place membership. v If a user is a super user as well as an explicit member of a place, the users level of access depends on whether the place uses standard membership or expanded membership. If the place uses standard membership, the user gets the access assigned through the explicit membership. If the place uses expanded membership, the user gets super user access to the place. For example, if a user with super user access is also a member of a place with Reader access and the place uses standard membership, the user has Reader access to the place. However, if the place uses expanded membership, the user has super user access to the place.
Specifying who has super user access from a browser

Use the qpconfig.xml file to specify who has super user access to the server when accessing it from a browser. You can specify only one name as a super user, either an external user or an external group name. Perform the following steps 1. Open the qpconfig.xml file in the domino_data_root directory, or create the file if it does not exist already. 2. Specify the following setting in the file:
<super_user enabled="true"> <dn>name</dn> </super_user>
where name is the distinguished name of a user or group in the user directory. Type the distinguished name exactly as it is in the directory; be sure to match character case and to include any spaces in the name. 3. Save the modified file. 4. Enter the following command at the server console to restart the HTTP task:
restart task http
Specifying who has super user access from a Lotus Notes client
Create a group in the Lotus Domino Directory to specify who has super user access when accessing the server from a IBM Lotus Notes client. Perform the following steps: 1. Create a group called QuickPlaceAdministratorsSUGroup in the Domino Directory that the Lotus Notes clients use. 2. Add as members the names to which you want to grant super user access. Note: You can give the same user or users super user access through the browser and through Lotus Notes if the Lotus Notes clients Domino Directory is also the IBM Lotus Quickr user directory. Create the
11-8
QuickPlaceAdministratorsSUGroup as described above, and also specify CN=QuickPlaceAdministratorsSUGroup as the distinguished name in the super_user element in the qpconfig.xml file.
Configuring expanded membership

Use expanded membership to expand the number of members allowed in a place from approximately 300 to 900 to up to 4000. To use expanded membership, you must connect to an LDAP directory, and IBM Lotus Quickr, rather than IBM Lotus Domino, must control directory services.
Expanded membership
Before you use expanded membership, learn more about this feature and its requirements. IBM Lotus Quickr by default lists the names of place members in the database access control lists (ACLs) of the rooms in a place. The combined names in an ACL cannot exceed 32K in size, which limits a place to approximately 300 to 900 members, depending on the length of the members distinguished names. Expanded membership removes this limitation by generating groups in an LDAP directory to store the names of individual members, and using these groups, rather than the individual user names, in room ACLs. Currently expanded membership is certified for a maximum of 4000 external user members in a place.
Important considerations
Consider the following points before you use expanded membership: v After you have set up a place to use expanded membership, you cannot revert the place to standard membership. v Expanded membership is supported only when Lotus Quickr, not IBM Lotus Domino, controls directory services. v If the directory server used for the expanded membership groups is also the Lotus Quickr user directory, specify a base distinguished name for the expanded membership groups that is outside the scope of the base distinguished name that Lotus Quickr uses for group lookups generally. v Do not modify the expanded membership groups. v The LDAP directory that stores the expanded membership groups must allow write access. v The user name and password used uses to manage the expanded membership groups (configured through Site Administration > User Directory page) must have write access to the base distinguished name configured for the groups. v Expanded membership is certified for 4000 external user members in a place. v LDAP directory servers can limit the number of members allowed in groups. v Places that use expanded membership cannot be used to create PlaceTypes. v Expanded membership pertains to individual external members and not to local members or to external group members. v Do not disable expanded membership on the server if there are places that use it.
Expanded membership groups

When a place uses expanded membership, Lotus Quickr creates room-specific access control groups in an LDAP directory. The LDAP directory can be one that Lotus Quickr uses generally, or a different directory. Lotus Quickr creates the following groups in this LDAP directory for the main room (Main.nsf) of a place and adds them to the main room database ACL: cn=h_Managers,ou=placename,base_dn
11-9
cn=h_Editors,ou=placename,base_dn cn=h_Authors,ou=placename,base_dn cn=h_Readers,ou=placename,base_dn where placename is the name of the place. base_dn is a base distinguished name for the expanded membership groups that is configured through the qpconfig.xml file. When an external user member is added to the place, Lotus Quickr adds the users name to one of these groups, according to the access assigned to the user. For example, Lotus Quickr adds an external user member with Reader access to the places cn=h_Readers.... group. If someone creates a subroom, Lotus Quickr creates the following groups in the directory, and adds the groups to the subroom ACL: cn=h_Managers,ou=uniquenumber,ou=placename,base_dn cn=h_Editors,ou=uniquenumber,ou=placename,base_dn cn=h_Authors,ou=uniquenumber,ou=placename,base_dn cn=h_Readers,ou=uniquenumber,ou=placename,base_dn where uniquenumber is the unique number XXXXXXXX in the room name PageLibraryXXXXXXXX.nsf that identifies the room. placename is the name of the place that contains the room. base_dn is the base distinguished name configured for the expanded membership groups. Removing an external user member from a place removes the users name from the expanded membership groups associated with the place. Removing an external user member from a subroom, removes the users name from the appropriate Lotus Quickr group associated with the subroom. Removing a place or a subroom removes the expanded membership groups associated with the place or subroom.
Examples of expanded membership groups

Suppose a place named salestrends uses expanded membership and the base distinguished name specified in the qpconfig.xml file for the expanded membership groups is ou=groups,o=teamworkplace. If someone adds an external user member to salestrends with Author access, Lotus Quickr adds the users name to a group created in the LDAP directory called cn=h_Authors,ou=salestrends,ou=groups,o=teamworkplace. The group is included in salestrends Main.nsf room ACL. Suppose someone creates a subroom named PageLibrary85256CD200797D7B.nsf within salestrends and adds an external user member to the subroom with Reader access. Then Lotus Quickr adds the users name to a group generated in the LDAP directory called
11-10
cn=h_Readers,ou=85256CD200797D7B,ou=salestrends,ou=groups,o=teamworkplace. The group is included in the subroom ACL.
Access control in places that use expanded membership

Expanded membership uses group names in room ACLs rather than individual user names to control the access of individual external user members. As a result, the access given to an individual external user member no longer takes precedence over the access assigned to groups the user belongs to, or over super user access. The access control behavior for expanded membership differs from standard membership in the following ways: v With expanded membership, an external user who is an explicit member of a place and who is also a super user has super user access to the place. With standard membership, the external user has the access the place assigns the user, not the super user access. v With expanded membership, if an external user is an explicit member of a place (through a Lotus Quickr group) and also belongs to another group that is a member of the place, the users access is the higher access of the two groups. With standard membership, the user has the access assigned to the individual user member.
User interface differences in places that use expanded membership

If you enable expanded membership for a place, users see the following changes: v When usersadd members they are no longer presented with a list of members with check boxes next to the member names. Instead, they click a button to display a window from which they can search for the members to add. v To create PlaceBots in a place, users must add a local user as a manager and then log in as that manager. v When posting, the option to notify all members is not available. v Users cannot create a PlaceType from a place that uses expanded membership.
Setting up expanded membership

To set up expanded membership, use the qpconfig.xml file to enable the feature on the server, use the Site Administration link to configure the name and password to use to connect to the LDAP directory, and use qptool to enable expanded membership in a place or places.
Enabling expanded membership on the server

To enable expanded membership on the server, use the qpconfig.xml file. 1. Open the qpconfig.xml file in the domino_data_root directory, or create the file if it does not exist already. 2. Specify values in the expanded_membership_model element in the file. Values shown below are example values that you should customize to meet the needs of your environment.
<expanded_membership_model enabled="true"> <ldap_server ssl="false"> <port>389</port> <hostname>quickr.acme.com</hostname> <base_dn>OU=emmGroups,O=acme</base_dn> </ldap_server> </expanded_membership_model>
Note: Be sure to type the base_dn value using the exact character case used in the directory. Table 11-1 on page 11-12 describes these settings. 3. Save the modified file. 4. Enter the following command at the server console to restart the HTTP task:
restart task http
11-11
Table 11-1. Description of the expanded_membership_model setting in qpconfig.xml Setting expanded_membership_model enabled=value Description Type true to enable expanded membership or false to disable it. Do not type false if any places are set up to use expanded membership. Specify true to use SSL encryption when connecting to the LDAP directory server that will store the expanded membership groups. Otherwise, specify false. Type the port number for the LDAP directory server that will store the expanded membership groups. Typically an LDAP server uses port 389 for unencrypted connections and port 636 for SSL connections. Type the host name of the LDAP directory server that will store the expanded membership groups. The host name can be the LDAP server that IBM Lotus Quickr already uses, or a different one. You must specify a host name, regardless. The directory must allow write access. Type the base distinguished name (directory node) under which to create the groups. The base distinguished name must already exist in the directory - the server does not create it. The components of the base distinguished name do not have to be O and OU. Do not use OU=QP as part of the base distinguished name because that is a reserved organizational unit in Lotus Quickr. If the directory server that stores the expanded membership groups is the same one that Lotus Quickr uses for other purposes, for better performance, specify a base distinguished name for the expanded membership groups that is outside the base used for group lookups generally. For example, if the base specified for group lookups generally is OU=groups,O=acme, use a different base for the expanded membership groups, for example OU=emmgroups,O=acme. Using separate base distinguished names for the two types of groups optimizes performance by preventing unnecessary searches of the expanded membership groups during the process of user authentication. Note: If you use Microsoft Active Directory, you must create a user entry in the directory that begins with CN=h_VirtualMember at the specified base_dn. For example, if you specify OU=emmGroups,DC=acme,DC=com as the base_dn, in Active Directory create the following user entry: CN=h_VirtualMember,OU=emmGroups,DC=acme,DC=com.
ldap_server ssl=value
ldap_server port value
ldap_server hostname value
ldap_server base_dn value
Configuring the name and password to use to connect to the LDAP server
Configure a user name and password for the IBM Lotus Quickr server to provide when connecting to the LDAP directory server that stores the expanded membership groups. The name and password must correspond to a valid user record in the directory, and the name must have write access to the base distinguished name used for the expanded membership groups.
11-12
If the directory allows anonymous write access to the base distinguished name (not a typical configuration), this step is unnecessary. Perform the following steps: 1. Log in to the server as an administrator. 2. Click Site Administration. 3. Click User Directory. 4. Click Change Directory. 5. Below Expanded Membership Model: v Type the user name in distinguished name format, for example, cn=qpadmin,o=acme. v Type the password for the name. Note: You see the Expanded Membership Model option only after you have enabled expanded membership on the server through the qpconfig.xml file 6. Click Next.
Enabling expanded membership in places

If you have enabled expanded membership on the server, use the qptool membershipmodel command to enable expanded membership in one place, specific places, or all places. After you have enabled expanded membership in a place, reverting the place to standard membership is not supported. If there are replicas of a place, run the command on one replica only. To enable expanded membership in a place or places, enter the following command at the server console::
load qptool membershipmodel arguments
where arguments are arguments described in Table 11-2

Table 11-2. Arguments for enabling expanded membership in places Argument -? -toexpanded -a Description Prints help on the command. Converts places to expanded membership. Runs the command on all places that do not currently use expanded membership Runs the command on a place or a space-separated list of places. Runs on places specified in an XML input file. XML output file that logs the results of the command. By default the command logs results to qptool.membershipmodel.xml in the server program directory.
-p places
-i inputfilename -o outputfilename
Table 11-3 on page 11-14 provides examples of using the membershipmodel command to enable expanded membership in places.
11-13
Table 11-3. Examples of enabling expanded membership in places Task Enable placeofmanymembers to use expanded membership. Enable all places that do not currently use expanded membership to use expanded membership. Command >load qptool membershipmodel -toexpanded -p placeofmanymembers >load qptool membershipmodel -toexpanded -a
Blocking specific protocols referenced in link URLs

By default, the server posts pages that contain links without considering the protocols specified in the link URLs. For tighter security, use the qpconfig.xml file to prevent the server from posting pages with URL links that reference specific protocols. Perform the following steps: 1. Open the qpconfig.xml file in the domino_data_root directory, or create the file if it does not exist already. 2. Specify the following settings in the file:
<security> <URLfield_protocol_filter enabled="true"> <allowed>"protocol","protocol"</allowed> <blocked>"protocol","protocol"</blocked> </URLfield_protocol_filter> </security>
where protocol is a protocol to allow or block. 3. Save the modified file. 4. Enter the following command at the server console to restart the HTTP task:
restart task http
For example, to allow links that reference the http: and https: protocols but block links that reference javascript, view-source, about, file, ftp, news, and mailto protocols, specify the following values:
<security> <URLfield_protocol_filter enabled="true"> <allowed>"http:","https:"</allowed> <blocked>"javascript:","view-source:","about:","file:","ftp:","news:","mailto:" </blocked> </URLfield_protocol_filter> </security>
Blocking HTML attachments that contain cross-site scripts

By default, users can attach HTML files that contain cross-site scripts to posts. Cross-site scripts can run on other users browsers. For tighter security, use the qpconfig.xml file to prevent users from attaching HTML files that contain cross-site scripts. Perform the following steps:
11-14
1. Open the qpconfig.xml file in the domino_data_root directory, or create the file if it does not exist already. 2. Specify the following settings in the file:
<security> <XSS_ImportHTML enabled="true"/> </security>
restart task http
Hiding the Log In and Log Out links

After a user logs in to a place, the interface displays the Log Out link, and when the user logs out, the Log In link. You can hide the Log In and Log Out links after a user logs in. You might want to do this if single sign-on is enabled on the server, or if the server is running on a public pedestal, for example, at a trade show. Perform the following steps to hide the Log In and Log Out links after initial log in: 1. Open the qpconfig.xml file in the domino_data_root directory, or create the file if it does not exist already. 2. Specify the following settings in the file:
<authentication> <sign_out enabled="false"/> <sign_in enabled="false"/> </authentication>
restart task http
Configuring browser caching for tighter security

For additional security, configure the server to clear the Internet Explorer browser cache on user logout, and to prevent caching of IBM Lotus Quickr pages in browsers.
Clearing Lotus Quickr files from the Internet Explorer cache

As a security measure, configure the server to clear the IBM Lotus Quickr files (files from any URL that contains /quickplace/ or /quickr/ ) from the browser cache when users click Log Out from places. This feature is supported for Internet Explorer only. The browser cache is cleared only if the sign_out element in the qpconfig.xml file is set to true, if ActiveX controls are enabled on the server, and if ActiveX is enabled on the browser. Internet Explorer enables ActiveX by default.
11-15
The Log Out link is never available to anonymous users, and to users who access places in accessibility mode on a server that is not enabled for single sign-on. The Log Out link is unavailable to all users if you configure the server to hide the Log Out link. If the Log Out link is unavailable for any of these reasons, you can configure the server to prevent caching of Lotus Quickr pages on browsers. To configure the server to clear Lotus Quickr files from the Internet Explorer cache, perform the following steps: 1. Open the qpconfig.xml file in the domino_data_root directory, or create the file if it does not exist already. 2. Specify the following settings in the file:
<authentication> <sign_out enabled="true"/> <clear_browser_cache enabled="true"/> </authentication>
restart task http
Preventing caching of pages that contain data on browsers

By default, the server caches on browsers all IBM Lotus Quickr pages that users access. As a security measure, use the qpconfig.xml file to allow the server to cache only pages that do not contain data. Any IBM Lotus Quickr pages containing data that users access after you have added this setting are not cached. Pages that do not contain user data continue to be cached for better performance. This feature is available for all supported browsers. Perform the following steps to prevent caching pages that contain data: 1. Open the qpconfig.xml file in the domino_data_root directory, or create the file if it does not exist already. 2. Specify the following settings in the file:
<browser_caches_place_content enabled="false"> </browser_caches_place_content>
restart task http
11-16

Your users can use connectors to work with documents on a IBM Lotus Quickr server from their desktop applications. Users can use IBM Lotus Sametime features within places, if you enable that capability on the server.
Configuring connectors
Connectors enable your users to work with IBM Lotus Quickr documents from IBM Lotus Notes, IBM Lotus Sametime, Microsoft Windows Explorer, and Microsoft Office applications. From these applications users can check out, modify, and check in documents on the server, add documents to the server, and share documents through e-mail and chats. To use connectors, users click the Lotus Quickr Connectors download link from the server home page, and follow simple installation steps to download the connectors they want to use (connector for Windows Explorer required.) Note: Managing document versions through connectors is not supported when accessing documents on a Lotus Quickr server running services for Lotus Domino.
Enabling connector uploads of 10MB or larger files

To enable connector users to upload files to the server that are larger than 10MB, you must perform specific configuration steps. Perform the following steps: 1. Use Site Administration Other Options to increase the maximum allowed attachment size to the desired size. 2. Perform the following steps from IBM Lotus Notes: a. Open the Domino Directory (names.nsf) on the server. b. Click Configuration Servers All Server Documents, and open the servers Server document in edit mode. c. Click Internet Protocols Domino Web Engine. d. In the Post Data section, set the Maximum Post Data size to the desired size. The default size is 10000 KB (10 MB). e. Click Internet Protocols HTTP. f. In the HTTP Protocol Limits section, set Maximum size of request content to the desired size. The default size is 10000 KB. g. Save and close the document.
Preventing the use of connectors

Connectors are available for use by default, but you can prevent them from being used. Perform the following steps: 1. Open the qpconfig.xml file in the domino_data_root directory, or create the file if it does not exist already. 2. Specify the following settings in the file to disable Web services:
<webservices enabled="false"> </webservices>
3. Save the modified file.

12-1
4. Enter the following command at the server console to restart the HTTP task:
restart task http
If you disable Web services, users can download the connectors but cannot access the server through them. Related information Creating and using the qpconfig.xml file on page 6-3 You use an XML configuration file, qpconfig.xml file, to perform many server configuration tasks. The server comes with a sample file, qpconfig_sample.xml, which is installed in the server data directory and which you use as a template.
Enabling Lotus Sametime features in places

You can enable the awareness, instant messaging, and Web conferencing (meeting) features of IBM Lotus Sametime in places. Then members of a place can see when other members are online, chat with other members, and schedule and participate in online meetings with other members all from within the place. Note the following requirements for this feature: v You can use IBM Lotus Quickr Version 8.0 with Lotus Sametime Version 7.5 or later. v On the IBM AIX and IBM i5/OS operating systems, you can install Lotus Quickr and Lotus Sametime on one computer if they are installed on separate partitioned IBM Lotus Domino servers. On Microsoft Windows and Sun Solaris, you must install the two products on separate computers. v The Lotus Quickr and Lotus Sametime servers must reside in the same Lotus Domino domain and the same DNS domain. v You must enable single sign-on authentication for Lotus Quickr and for Lotus Sametime. v The Lotus Sametime features are available only to place members registered in an LDAP directory, and not to local users. v You must configure Lotus Quickr and Lotus Sametime to use the same LDAP directory. v If you use a Lotus Domino Directory as your LDAP Directory, using one on a different server than either the Lotus Quickr or Lotus Sametime server is recommended. Then if you shut down one of the application servers (Lotus Quickr or Lotus Sametime), other servers continue to have access to the LDAP directory. The Lotus Sametime server requires access to the directory to run. Perform the following steps: Related information Using the Site Administration link on page 6-7 When you log in to the server as an IBM Lotus Quickr administrator, you have access to the Site Administration link on the home page. From there you can set up a connection to a user directory, control access to the server, as well as specify other configuration options.
Preparing the servers to enable Lotus Sametime features in places

Before you enable IBM Lotus Sametime features in places you must prepare the servers. The steps described here assume that you are enabling the Lotus Sametime features for the first time rather than upgrading an existing integration configuration. The steps also assume that you installed either Lotus Sametime or IBM Lotus Quickr first and are now integrating with the other product. If instead you are installing both of the products at the same time, you should set up multi-server session-based authentication (single sign-on) between the IBM Lotus Domino servers on which they run before installing the products. Using this approach, you can first isolate and solve any authentication problems that might arise between the Lotus Domino servers. Perform the following steps:
12-2
1. Make sure that you have installed or upgraded to Lotus Quickr. When prompted for the administrator name and password during a new installation, type a name that is not in the LDAP directory. 2. Connect Lotus Quickr to the same LDAP directory that you also use for Lotus Sametime. Both servers must use the same directory. 3. Make sure that you have installed Lotus Sametime Version 7.5 or later. For more information, see the Lotus Sametime installation guide that is appropriate for your platform, available on the Web at http://www.lotus.com/ldd/doc. Note: Configure the Lotus Sametime server to use HTTP port 80 or to tunnel over port 80; this step is required for the awareness feature. 4. Verify that awareness and instant messaging are working for Lotus Sametime. If you plan to integrate Web conferencing (meetings) with Lotus Quickr, verify, too, that Web conferencing is working. 5. Perform the following steps to update the Web SSO Configuration for Ltpa token document that was created when you installed Lotus Sametime: a. Ensure that the Lotus Domino Directory on the server has replicated throughout the Lotus Domino domain since you installed Lotus Sametime. b. Using IBM Lotus Notes open the Lotus Domino Directory on the Lotus Sametime server. c. Click the Configuration Web Server Configurations view. d. From within this view, expand the list of Web SSO Configurations. e. Open the Web SSO Configuration for Ltpa Token document in edit mode. If you cannot edit the document, contact an administrator about getting edit access or editing the document for you. f. Make sure that the Domino Server Names field contains the name of each of the Lotus Quickr and Lotus Sametime servers that should participate in single sign-on. g. Make sure that the DNS Domain field contains the fully-qualified DNS domain name of the Lotus Quickr and Lotus Sametime servers. h. Click Keys Create Domino SSO Key if you want to create a new key for SSO. i. Open the Server document for the Lotus Sametime server. j. Click Internet Protocols Domino Web Engine. k. In the HTTP Sessions section, select LtpaToken in the Web SSO Configuration field. l. Click Save & Close. m. Replicate the edits to the Lotus Quickr server. 6. Perform the following steps to enable single sign-on authentication on the Lotus Quickr server: a. From IBM Lotus Notes, open the Lotus Domino Directory for the domain. b. Open the Server document for the Lotus Quickrserver in edit mode. c. Click Ports Internet Ports Web and then in the Name & password field for the Web port select Yes. d. Click Internet Protocols Domino Web Engine , and in the Session authentication field select Multiple Servers (SSO), and then click OK. e. In the Web SSO Configuration field, select LtpaToken. f. Click Save & Close. g. Add the following setting to the notes.ini file on the Lotus Quickrserver: NoWebFileSystemACLs=1 h. Create a database from the Domino Web Server Configuration template (domcfg5.ntf), giving the database the file name domcfg.nsf. i. Open the database you created and click Add Mapping to open a mapping document. j. In the Target Database field of the mapping document, type lotusquickr/resources.nsf. k. In the Target Form field, type QuickPlaceLoginForm, and then click Save & Close to save the document.
12-3
7. Restart the Lotus Domino servers. 8. Perform the following steps to verify that single sign-on is working between Lotus Quickr and Lotus Sametime: a. From a browser, connect to the Lotus Quickr server. Because multi-server sign-on is enabled, you must enter the fully qualified host name to connect, for example, http://qpserver.acme.com/ quickplace b. Log in to Lotus Quickr using the name of an external user registered in the LDAP directory. c. Create a test place and verify that you can add several members from the LDAP directory. d. Using the same browser session, connect to the Lotus Sametime server. For example, enter http://stserver.acme.com/stcenter.nsf. e. Go to the Attend Meeting page and verify that you are still logged on to the server. If you can authenticate once and remain logged on to both Lotus Quickr and Lotus Sametime, multi-server sign-on is working. If you must authenticate more than once, multi-server sign-on is not working and you must resolve the problem before continuing.
Enabling awareness and instant messaging in places

Enable online awareness and instant messaging so that place members can see when other members are online and can chat with them from places. Perform these steps:
Copying the required Java files

To prepare to enable instant messaging and awareness in places, copy required Java files to the IBM Lotus Sametime server. Perform these steps: 1. Download the Lotus Sametime 7.5x Software Development Kit (SDK) to a convenient directory. Find the tookit on the Toolkits tab of the Lotus Downloads section of developerWorks at http://www.ibm.com/developerworks/lotus/downloads/toolkits.html. 2. Unzip the download file to a convenient directory to access the contents of the bin subdirectory. 3. In the Lotus Sametime server data directory, create the subdirectory path Domino\html\QuickPlace\ peopleonline. For example, on Microsoft Windows, if the path to the data directory is C:\Lotus\Domino\Data, the path to the peopleonline subdirectory should be C:\Lotus\Domino\ Data\Domino\html\QuickPlace\peopleonline. 4. (i5/OS only) Change the owner of the new subdirectories to QNOTES. For example, enter the following commands:
CHGOWN OBJ(*!ENTITY!*ST_server_data_dir>/Domino/html/QuickPlace) NEWOWN(QNOTES) CHGOWN OBJ(*!ENTITY!*ST_server_data_dir>/Domino/html/QuickPlace/peopleonline) NEWOWN(QNOTES)
5. Copy the files listed below to the QuickPlace\peopleonline subdirectory you just created on the Lotus Sametime server:
File name STComm.jar Copy from client\stjava\bin subdirectory of the Lotus Sametime SDK Copy to \Domino\html\QuickPlace\ peopleonline subdirectory of the Lotus Sametime server data directory \Domino\html\QuickPlace\ peopleonline subdirectory of the Lotus Sametime server data directory
CommRes.jar
client\stjava\bin subdirectory of the Lotus Sametime SDK
12-4
File name PeopleOnline31.jar
Copy from
Copy to
On WindowsIBM AIX, AIX, and \Domino\html\QuickPlace\ Solaris, the Lotus Quickr subdirectory peopleonline subdirectory of the of the Lotus Quickr server data Lotus Sametime server data directory directory. For example: On Windows: C:\Lotus\Domino\Data\ LotusQuickr\PeopleOnline31.jar On AIX and Solaris: /opt/notesdata/LotusQuickr/ PeopleOnline31.jar On i5/OS the following directory: /qibm/proddata/lotus/QuickPlace/ DATA/LOTUSQUICKR/ PeopleOnline31.jar
6. Verify that the QuickPlace\peopleonline subdirectory contains the three files. 7. (i5/OS only) Enter the following command to ensure that QNOTES is the owner of each of the files:
CHGOWN OBJ(*!ENTITY!*ST_server_data_dir>/Domino/html/QuickPlace/peopleonline/*) NEWOWN(QNOTES)
Specifying the Lotus Sametime server for Lotus Quickr to use

Use the Site Administration link on the IBM Lotus Quickr to specify the IBM Lotus Sametime server to use. Perform these steps: 1. Log in to Lotus Quickr as an administrator. 2. Click the Site Administration link. 3. Click Other Options. 4. Click Edit Options. 5. Below Sametime Servers, type the URL for the Lotus Sametime server in the Sametime Community Server field, specifying the fully qualified host name, for example http://stserver.acme.com. Note: If your Lotus Sametime server is configured to use Secure Sockets Layer (SSL), type https:// in the URL rather than http://. 6. Click Next. 7. Wait a few minutes for the setting to take effect, or restart the Lotus Quickr server to enable awareness and instant messaging immediately .
Verifying that places are enabled for awareness and instant messaging
Verify that awareness and instant messaging is enabled and working in places. Perform these steps: 1. Perform the following steps to verify the IBM Lotus Quickr settings: a. Log in to a place as a manager. b. Click Customize. c. Click Basics. d. On the Change Basics page, make sure that Chat: Show the Chat link is selected.
12-5
e. Also ensure that Members can see who is online and send instant messages is checked. This option only appears if Sametime awareness is enabled through Site Administration. f. Click Done. 2. To verify that awareness is working, log in to a place using a name in the user directory and check for the awareness icon next to your login name. Note: Lotus Sametime features are available only to members registered in a user directory and not to members registered locally in places. 3. To verify that instant messaging is working, click the Chat link on the right side of a page, right-click your name in the members list, or the name of another member that is online, and select Message.
Enabling online meetings

After you have enabled awareness and instant messaging in places, you can enable online meetings so that members can participate in online meetings from places. Perform the following steps:
Configuring a user for Lotus Quickr meeting integration

Configure a meeting user on the IBM Lotus Sametime server for integration with IBM Lotus Quickr. Perform these steps: 1. Register a user with an Internet password in the Domino Directory on the Lotus Sametime server. Use this name only for integration of Lotus Sametime with Lotus Quickr. 2. Add the name of that user to the access control list (ACL) of the STConfig.nsf database on the Lotus Sametime server. Assign the user name Manager access, the Person user type, and the [SametimeAdmin] role. For more information on database ACLs, see Domino Administrator Help. 3. Shut down and restart the Lotus Sametime server.
Copying files required for online meetings

Copy and configure files on the Lotus Quickr server. Perform these steps: 1. Copy the files from the Lotus Sametime server to the Lotus Quickr server, as described in the following tables: On Microsoft Windows:
File STMtgManagement.jar Copy from Domino program directory of the Lotus Sametime server, for example: C:\Program Files\Lotus\Domino STCore.jar Lotus Domino program directory of the Lotus Sametime server. Lotus Domino program directory of the Lotus Sametime server. Lotus Domino program directory of the Lotus Sametime server. Copy to Domino program directory of the Lotus Quickr server, for example: C:\Program Files\Lotus\Domino Lotus Domino program directory of the Lotus Quickr server. Lotus Domino program directory of the Lotus Quickr server. Lotus Domino program directory of the Lotus Quickr server
sametime.ini
12-6
On IBM AIX:
File STMtgManagement.jar Copy from Lotus Domino program directory of the Lotus Sametime server, for example: /opt/lotus/notes/<latest>/ibmpow/ STCore.jar Lotus Domino program directory of the Lotus Sametime server. Lotus Domino program directory of the Lotus Quickr server. Copy to Lotus Domino program directory of the Lotus Quickr server, for example: /opt/lotus/notes/<latest>/ibmpow/
sametime.ini
On Sun Solaris:
File STMtgManagement.jar Copy from Lotus Domino program directory of the Lotus Sametime server, for example: /opt/lotus/notes/<latest>/sunspa/ STCore.jar Lotus Domino program directory of the Lotus Sametime server. Lotus Domino program directory of the Lotus Quickr server. Copy to Lotus Domino program directory of the Lotus Quickr server, for example: /opt/lotus/notes/<latest>/sunspa/
sametime.ini
On IBM i5/OS:
File STMtgManagement.jar Copy from The following directory on i5/OS server where you installed Lotus Sametime: /qibm/proddata/lotus/sametime Copy to The following recommended directory on the i5/OS server on which you installed Lotus Quickr: /QIBM/UserData/Lotus/ QuickPlace/
12-7
File STCore.jar
Copy from
Copy to
The following directory on the i5/OS The following recommended server where you installed Lotus directory on the i5/OS server on Sametime: which you installed Lotus Quickr: /qibm/proddata/lotus/sametime /QIBM/UserData/Lotus/ QuickPlace/
ServiceLocator.properties sametime.ini
Lotus Sametime server data directory. Lotus Quickr server data directory. Lotus Sametime server data directory. Lotus Quickr server data directory.
2. (i5/OS only) Use the CHGOWN command to change the owner of the files copied in the previous step to QNOTES. For example, enter the following commands:
CHGOWN OBJ(/qibm/userdata/lotus/quickplace/ST*) NEWOWN(QNOTES) CHGOWN OBJ(<QP_server_data_directory>/sametime.ini) NEWOWN(QNOTES) CHGOWN OBJ(<QP_server_data_directory>/ServiceLocator.properties) NEWOWN(QNOTES)
3. On the Lotus Quickr server, edit the JavaUserClassesExt setting in the notes.ini file. v On Windows, add the text indicated in bold below to the setting. Where a path is indicated, substitute your own Lotus Domino program directory path. JavaUserClassesExt=QPJC1,QPJC2,QPJC3,QPJC4 QPJC1=C:\PROGRAM FILES\LOTUS\DOMINO\quickplace.jar QPJC2=C:\PROGRAM FILES\LOTUS\DOMINO\log4j-118compat.jar QPJC3=C:\PROGRAM FILES\LOTUS\DOMINO\STCore.jar QPJC4=C:\PROGRAM FILES\LOTUS\DOMINO\STMtgManagement.jar v On AIX, add the text indicated in bold below to the setting. Where a path is indicated, substitute your own Lotus Domino program directory path. JavaUserClassesExt=QPJC1,QPJC2,QPJC3,QPJC4 QPJC1=/opt/lotus/notes/<latest>/ibmpow/quickplace.jar QPJC2=/opt/lotus/notes/<latest>/ibmpow/log4j-118compat.jar QPJC3=/opt/lotus/notes/< latest >/ibmpow/STCore.jar QPJC4=/opt/lotus/notes/< latest >/ibmpow/STMtgManagement.jar v On Solaris, add the text indicated in bold below to the setting. Where a path is indicated, substitute your own Lotus Domino program directory path. JavaUserClassesExt=QPJC1,QPJC2,QPJC3,QPJC4 QPJC1=/opt/lotus/notes/<latest>/sunspa/quickplace.jar QPJC2=/opt/lotus/notes/<latest>/sunspa/log4j-118compat.jar QPJC3=/opt/lotus/notes/ <latest >/sunspa/STCore.jar
12-8
QPJC4=/opt/lotus/notes/ <latest >/sunspa/STMtgManagement.jar v On i5/OS, add the text indicated in bold below, assuming you added the STMtgManagement.jar and STCore.jar files to the recommended directory: JavaUserClassesExt=LQPJava1,LQPJava2,LQPJava3,LQPJava4 LQPJava1=/QIBM/ProdData/Lotus/QuickPlace/quickplace.jar LQPJava2=/QIBM/ProdData/Lotus/QuickPlace/log4j-118compat.jar LQPJava3=/QIBM/UserData/Lotus/QuickPlace/STCore.jar LQPJava4=/QIBM/UserData/Lotus/QuickPlace/STMtgManagement.jar
Configuring the qpconfig.xml file for online meetings

Specify online meeting settings in the qpconfig.xml file on the Lotus Quickr server. Perform these steps: 1. Look for the qpconfig.xml file in the Lotus Quickr server data directory. If there is no qpconfig.xml file, make a copy of the qpconfig_sample.xml file and name the copy qpconfig.xml. 2. Open the qpconfig.xml file with a text editor. 3. Make sure there is a <sametime> section in the file. If there is no <sametime> section, copy that section from the qpconfig_sample.xml file. 4. If the following lines exist in the<sametime> section of the file, remove them to enable the settings in the <sametime> section:

5. Within the <credentials> element, type the distinguished name and Internet password of the user you configured in the Domino Directory for Lotus Quickr meeting integration.
<sametime ldap="true"> <meetings invite_servers="false"> <tools> <audio enabled="true"/> <video enabled="true"/> </tools> <credentials> <dn>cn=John Doe/o=acme</dn> <password>xw356l78</password> </credentials> </meetings> </sametime>
6. Specify other <sametime> settings as needed: v If the Lotus Sametime server is configured to invite other Lotus Sametime servers to meetings, set invite_servers=true in the <meetings> element to support that feature in Lotus Quickr. v If you do not want to use audio Web conferencing features, set the audio enabled attribute to false in the <tools> element. v If you do not want to use Web conferencing video features, set the video enabled attribute to false in the <tools> element. 7. Save the qpconfig.xml file and restart the server for the settings to take effect. Related information Creating and using the qpconfig.xml file on page 6-3 You use an XML configuration file, qpconfig.xml file, to perform many server configuration tasks. The server comes with a sample file, qpconfig_sample.xml, which is installed in the server data directory and which you use as a template.
12-9
Specify the Lotus Sametime meeting server for Lotus Quickr to use
Use the Site Administration link on the IBM Lotus Quickr server to specify the IBM Lotus Sametime meeting server to use. Perform these steps: 1. Log in to Lotus Quickr as an administrator. 2. Click the Site Administration link. 3. Click Other Options. 4. Click Edit Options. 5. Below Sametime Servers, type the URL for the Lotus Sametime server in the Sametime Meeting Server field, specifying the fully qualified host name, for example http://stserver.acme.com. 6. Click Next.
Verifying that place members can use online meetings

To test the online meeting configuration, verify that members of places can use online meetings. Perform these steps: 1. Log in to a place as a manager. 2. Click Customize. 3. Click Basics. 4. On the Change Basics page, make sure that Members can schedule online meetings is selected. 5. Click Done. 6. Click the name of the place to return to the beginning. 7. From the place, choose Create Online Meeting. 8. Fill in the relevant fields, and then click Create. Users who subscribe to calendar events should receive an invitation in their mail, with a link to the meeting. For more information on subscribing to calendar events, click Help in a place.
12-10
Setting up Lotus Quickr for offline use

Domino Off-Line Services provides the means for users to take places offline, make changes to the places, and then synchronize the changes with the online version on the server. A user must be an individual member of a place to take it offline; users who access a place through group membership cannot take places offline. Offline use is supported only for Microsoft Windows users. To set up IBM Lotus Quickr for offline use, perform the following steps: Note: To enable offline use from a Lotus Quickr server that runs on IBM AIX, Sun Solaris, or IBM i5/OS, you must replace the file n_DOLBASE.exe on the IBM Lotus Domino 7.0.2 server with the one provided with a Lotus Domino 7.0.2 server for Microsoft Windows. For more information, see technote 1249502 at http://www.ibm.com/support/docview.wss?rs=1249502&uid=swg21249502. Related information Using the Site Administration link on page 6-7 When you log in to the server as an IBM Lotus Quickr administrator, you have access to the Site Administration link on the home page. From there you can set up a connection to a user directory, control access to the server, as well as specify other configuration options.
Enabling Domino Off-Line Services

The first step in setting up IBM Lotus Quickr for offline use is enabling Domino Off-Line Services.
Enabling Domino Off-Line Services on Windows, AIX, or Solaris

To enable Domino Off-Line Services if your server runs on the Microsoft Windows, IBM AIX, or Sun Solaris operating system, edit the Domino Directory and the notes.ini file. Perform the following steps: 1. Start the Domino server. 2. Open the Domino Directory, typically, names.nsf. 3. Open the servers Server document in the directory. 4. Click Internet Protocols - HTTP. 5. Type the following value in the DSAPI filter file names field, if it is not already there: v On Windows: ndolextn v On AIX or Solaris: libdolextn 6. Save the edited Server document. 7. Stop the Domino server. 8. Navigate to the Domino program directory, and open the Domino servers notes.ini file. 9. Add the two settings indicated in the following table to the notes.ini file:
Table 13-1. Lines to add to the notes.ini file Operating system Windows Settings EXTMGR_ADDINS=nqpextmgr.dll CheckCacheBeforeDSAPI=1
13-1
Table 13-1. Lines to add to the notes.ini file (continued) Operating system AIX Settings EXTMGR_ADDINS=libqpextmgr_r.a CheckCacheBeforeDSAPI=1 Solaris EXTMGR_ADDINS=libqpextmgr.so CheckCacheBeforeDSAPI=1
10. Make sure there is a blank line at the end of the notes.ini file. Press Enter to create a blank line, if necessary. 11. Save the file. 12. Start the Domino server.
Enabling Domino Off-Line Services on i5/OS

If your server runs on the IBM i5/OS operating system, use iSeries Navigator to ensure that Domino Off-Line Services is properly enabled on your IBM Lotus Domino server: 1. Stop the Domino server. 2. Using iSeries Navigator, open the system where your Domino server is located and display the list of Domino servers. v Click Network. v Click Servers. v Click Domino to display the list of Domino servers. 3. If necessary, change the server setting to enable Domino Off-Line Services. v Right-click your Domino server and select Properties. v On the Services tab, select Domino Off-Line Services from the Enable services list. v Click Enable. v Click OK. Tip: You can also use an i5/OS command interface and enter the following command: CHGDOMSVR SERVER(servername) DOLS(*YES) where servername is the name of your Domino server. 4. Edit the notes.ini file for your Domino server: v Right-click your Domino server and select Properties. v On the Initialization File tab, click Edit and add the following settings:
EXTMGR_ADDINS= qpexmgr CheckCacheBeforeDSAPI=1
Note: If these lines begin with a semicolon (;), then these lines are designated as comments, and the semicolon should be removed. v Save and close the notes.ini file. v Click OK on the Properties dialog box. 5. Start the server.
13-2
Creating certifier IDs for offline use

To set up authentication for offline members, you create one or more certifier IDs that can authenticate the members, and then attach each certifier ID to an Offline Security Policy document in the Offline Services database (doladmin.nsf). When members install places offline, the Domino server uses the certifier ID to generate new user IDs, and downloads the IDs to the members computers. These IDs are used to authenticate the members when they synchronize the offline and online versions of places.
Understanding the certifier ID requirements

The following points about certifier IDs are important to keep in mind to ensure offline user authentication works properly. For more information on certifier IDs, see Domino Administrator Help.
New organization certifier required for external users in a different organization from the server
If external offline users are in a different organization hierarchy from the IBM Lotus Domino server on which IBM Lotus Quickr runs, you must create an organization certifier ID for their organization, cross-certify that certifier ID with the Domino servers organization certifier ID, and then attach the cross-certified ID to an Offline Security Policy document. For example, if the Domino server is within the /Org organization, but there are external users within the /Acme organization, create an /Acme organization certifier ID, cross-certify it with the /Org certifier ID, and then create an Offline Security Policy document and attach the cross-certified /Acme certifier ID to it.
Certifiers authenticate one level down

A certifier ID authenticates only users with names at its level and one organizational unit level down in the name hierarchy. For example, the /Acme organization certifier authenticates Alice Brown/Acme, Lee Moutal/Marketing/Acme, and Maryane Burns/Sales/Acme, but not Claudia Basso/East/Sales/Acme. To authenticate Claudia Basso/East/Sales/Acme, you must create an organizational unit certifier ID for /Sales/Acme, and then create an Offline Security Policy document and attach the ID to it.
Separate organizational unit certifier recommended for external users within the same organization as the server
If offline users are within the organization hierarchy of the Domino server on which Lotus Quickr runs, put them under their own organizational unit certifier as a security measure to limit their access to the Domino server.
Distinguished names that do not follow the Domino naming convention require translation
Domino recognizes only the following delimiters in a distinguished name: CN,OU, O, and (optionally) C. If the distinguished names of external member use different delimiters, you must use the name_translation setting in the offline section of the qpconfig.xml file on the server to translate them to the Domino format. When you create an Offline Security Policy document, you use the Domino format when specifying the certifier name.
/QP organizational unit certifier required for local users

For local offline users, create the organizational unit certifier /QP from the Domino servers certifier. For example if the Domino servers certifier is the organization certifier /Org, use the /Org certifier ID to create the organizational unit certifier /QP/Org, and then attach the /QP/Org certifier ID to an Offline Security Policy document. Or if the Domino servers certifier is the organizational unit certifier /Sales/Org, use the /Sales/Org certifier ID to create the organizational unit certifier /QP/Sales/Org, and then attachthe/QP/Sales/Orgcertifier to an Offline Security Policy document.
13-3
Separate Security Policy documents required for local and external users
You must create separate Security Policy documents and IDs for local users (users registered in places) and external users (users registered in a directory). You can attach only one certifier ID to each Security Policy document.
Creating an organization certifier for external members in a different organization

If external offline members are in a different organization hierarchy than the IBM Lotus Domino server on which IBM Lotus Quickr runs, create an organization certifier ID for that organization and then cross-certify that certifier ID with the Domino servers certifier ID. For example, if the Domino server certifier is the /Org certifier, but external users are within the /Acme organization, create an /Acme organization certifier ID and then cross-certify /Acme with /Org. To create the organization certifier: 1. From the Domino Administrator, select your server, for example, ServerA/Org. 2. Click the Configuration tab. 3. On the right pane of the Domino Administrator, click Registration, and then click Organization to open the Register Organization Certifier dialog box. 4. Click Registration Server and choose the Domino servers name, for example, ServerA/Org, and then click OK. 5. In the Organization name field, type the organization name of the external users, for example, Acme. 6. Optional: Type a country code. 7. In the Certifier password field, type a password for the new organization certifier ID. 8. Click Set ID File and specify a file name, for example acme.id, and local path name in which to save the new certifier ID file. Note: For security reasons, back up doladmin.nsf and delete the ID file from your system directory after this ID is attached to an Offline Security Policy document. 9. Optional: Complete additional fields in the Register Organization Certifier dialog box. Click ? for information on these fields. 10. Click Register to create the organization certifier ID locally and to register the certifier in the Domino Directory of the Domino server. 11. Perform the following steps to cross-certify the certifier ID you created with the Domino server certifier: a. If you are using a remote Domino Administrator client, copy the Domino servers certifier ID to the local machine. By default, the servers certifier ID file is called cert.id and is located in the Domino data directory on the server. b. Verify that the Domino server is selected in the Domino Administrator. c. From the Domino Administrator, click Configuration. d. Click Certification, and then click Cross Certify. e. Click Certifier ID and select the Domino server certifier ID, for example, cert.id, and then click OK. f. Type the password for the Domino servers certifier ID. The administrator who set up the Domino server created this password. g. In the Choose ID to be Cross-Certified dialog box, select the organizational certifier ID you created, for example, acme.id, h. In the Issue Cross Certificate dialog box, click Cross Certify to create a cross-certificate in the Domino Directory of the Domino server.
13-4
Creating an organizational unit certifier for external members

If external members are in a different organization from the Lotus Domino server, create an organizational unit certifier ID for these members if their names are more than one organizational unit level down in the name hierarchy from the organization certifier you created in the previous step. For example, to authenticate Claudia Basso/East/Sales/Acme, you must create an organizational unit certifier for /Sales/Acme from the /Acme certifier. However, for the users Alice Brown/Acme, Lee Moutal/Marketing/Acme, and Maryane Burns/Sales/Acme, there is no need to create an organizational unit certifier because the /Acme certifier will authenticate them. If members are in the same organization as the Domino server, creating an organizational unit certifier ID from the server certifier specifically for them is recommended as a way to restrict their access to the server. To create the organizational unit certifier: 1. Make sure the certifier ID from which you will create the organizational unit certifier is stored locally on the machine on which you run the Domino Administrator. 2. From the Domino Administrator, select the Domino server, for example, ServerA/Org. 3. Click Configuration. 4. Click Registration Organizational Unit. 5. Click Server and select the Domino server. 6. Click Certifier ID and choose the certifier ID to use to create the organizational unit certifier, for example, acme.id or cert.id, and then click OK. 7. Type the password for the selected certifier ID and click OK. 8. If the message The certifier ID you have chosen does not contain recovery information is displayed, read the message, and click OK. 9. In the Register Organizational Unit Certifier dialog box, click Registration Server and choose the Domino server, for example, ServerA/Org. 10. Optional: Click Certifier ID to change which certifier ID to use to register the new certifier ID. 11. In the Organizational Unit field, type the name for the organizational unit. For example, if the users are under Sales/Acme, type Sales. 12. In the Certifier Password field, type a password for the new certifier. 13. Click Set ID File and specify the file name and local path name for the new organizational unit certifier ID file. Note: For security reasons, back up doladmin.nsf and delete the ID file from your system directory after this ID is attached to an Offline Security Policy document. 14. Optional: Complete the additional fields in the Register Organizational Unit Certifier dialog box. Click ? for information on these fields. 15. Click Register to create the organizational unit certifier ID file locally and to register the new certifier in the Domino Directory of the Domino server.
Creating a /QP organizational unit certifier for local members

For local offline members, use the Lotus Domino servers certifier to create the organizational unit certifier /QP. For example, if the Domino servers certifier is the organization certifier /Org, use the /Org certifier to create the organizational unit certifier /QP/Org. Or if the Domino servers certifier is /West/Org, use the /West/Org certifier to create the organizational unit certifier /QP/West/Org. To create the /QP organizational unit certifier: 1. Make sure the Domino certifier ID is stored locally on the machine on which you run the Domino Administrator. By default, the Domino server ID is cert.id.
13-5
2. 3. 4. 5. 6. 7. 8. 9. 10. 11.
From the Domino Administrator, select the Domino server, for example, ServerA/Org. Click Configuration. Click Registration Organizational Unit. Click Server and select the Domino server. Click Certifier ID, select the Domino server certifier ID, then click OK. Type the password for the certifier ID and click OK. The administrator who set up the Domino server created this password. If you see the message The certifier ID you have chosen does not contain recovery information, read the message and click OK. In the Register Organizational Unit Certifier dialog box, click Registration Server and choose the Domino server, for example, ServerA/Org. In the Organizational Unit field, type QP. In the Certifier Password field, type a password for the new certifier.
12. Optional: Click Set ID File to specify the file name and local path name in which to store the /QP organizational unit certifier ID file. Note: For security reasons, back up doladmin.nsf and delete the ID file from your system directory after this ID is attached to an Offline Security Policy document. 13. Optional: Complete the additional fields in the Register Organizational Unit Certifier dialog box. Click ? for information on these fields. 14. Click Register at the bottom of the dialog box to create the /QP oganizational unit certifier ID file locally and to register the organizational unit in the Domino Directory on the Domino server.
Creating an Offline Security Policy document

Create an Offline Security Policy document for each certifier you created for offline users. Offline Security Policy documents are stored in the doladmin.nsf database on the Lotus Domino server. Perform the following steps: 1. From the Domino Administrator, select your server, for example, ServerA/Org. 2. Click Configuration. 3. In the left pane, click Offline Services, and then click Security. 4. Click New Security Policy. 5. In the Security domain field, type the hierarchical name of an organization or organizational unit certifier you created for offline users. Remember to type the leading forward slash (/). The following names are examples of certifier names: v /Acme v /Sales/Acme v /QP/Org Note: Specify a country code if the certifier uses one, for example, /Sales/Acme/US.
13-6
6. In the ID deployment policy field, click one of the following options:

Table 13-2. ID deployment policy options Option Prompt for ID during download Description Before offline installation, users are asked to specify where on their computers their user IDs are stored. The administrator must provide the IDs to the users. This is the default ID deployment policy. This option is recommended for and applies only to offline users who are IBM Lotus Notes users registered with Notes IDs in the primary Domino Directory of the Domino server (names.nsf). Automatically generate user IDs Before offline installation, a certifier ID is generated for users automatically. If you select this option, the Automatic tab is displayed. Click this tab and attach the certifier ID to be generated, set the password, and set the ID expiration date. You must select this option if offline users are not registered in the primary Domino Directory of the Domino server. For example, you must select this option if offline users are registered in a remote LDAP directory.
7. Optional: Click Overwrite existing user IDs to cause users offline IDs to be overwritten with a new ID each time they install a place offline. Note: Do not select this option if offline encryption is used. Users whose IDs are overwritten will not be able to open an offline place encrypted with a key from the previous ID. 8. Save the document. For security reasons, after you have created all the Offline Security Policy documents that you require, back up the doladmin.nsf database and then delete any of the new certifier ID files from your system directory.
Translating LDAP distinguished names for offline use

Domino recognizes only distinguished names that contain the traditional Domino CN,OU, O, and (optionally) C components. If the distinguished names of external members in an LDAP directory do not follow this model and you use Domino Off-Line Services with IBM Lotus Quickr, you must use qpconfig.xml settings to translate users names into a format that Domino recognizes, and then translate those names back into their original LDAP format. For example, the distinguished name CN=James Moore, OU=East, O=Acme, C=US does not require translation, but the name UID=James Moore/C=US/OU=East/O=acme.com does. Related information Creating and using the qpconfig.xml file on page 6-3 You use an XML configuration file, qpconfig.xml file, to perform many server configuration tasks. The server comes with a sample file, qpconfig_sample.xml, which is installed in the server data directory and which you use as a template.
How to configure translation

To translate distinguished names, you use the name_translation element in the offline element of the qpconfig.xml file to create name translation rules. Translation rules typically contain text strings with symbols that are used to match text patterns. Translation rules are specified in the <translate> element.
13-7
The following example of translation rules in the qpconfig.xml file translate distinguished names that follow this pattern uid=value/c=value/ou=bluepages/o=ibm.com into the Domino-style name CN=value/OU=bluepages_value/O=ibm_com. The two <translate> elements contain the rules. The from and to attributes within the <translate> elements contain regular expressions, for example, uid=(.+)/c=(.+)/ou=bluepages/o=ibm\.com. The regular expressions contain symbols, for example, (.+) and \:
<server_settings> <offline enabled="true"> <name_translation enabled="true"> <from_directory_name> <translate from="uid=(.+)/c=(.+)/ou=bluepages/o=ibm\.com" to="CN=\1/OU=bluepages_\2/O=ibm_com" /> </from_directory_name> <to_directory_name> <translate from="CN=(.+)/OU=bluepages_(.+)/O=ibm_com" to="uid=\1/c=\2/ou=bluepages/o=ibm.com" /> </to_directory_name> </name_translation> </offline> </server_settings>
You create rules for translating LDAP names to Domino names within the <from_directory_name> elment. You specify each LDAP name attribute in the from attribute, using symbols to account for any possible value the attribute might have. For example, the (.+) symbol means one or more occurrences of any character. In the preceding sample, this accounts for any value the uid and c attributes might have. You also use symbols to translate syntax that otherwise might be interpreted as a special character. For example, the \ symbol turns off the special meaning of the character which follows. Without this symbol in o=ibm\.com, the dot (.) would be interpreted by its special character meaning, which is match any single character. The to attribute specifies Domino attributes using symbols to match values from the LDAP attributes and to arrange them in a way Domino recognizes. For example, the symbol \1 means whatever matched the first regular expression. So, the CN attributes value will match the first regular expression (.+) found in the from attribute. In the same way, the symbol \2 means whatever matched the second regular expression. So, the OU value will be the explicitly stated bluepages_ plus the second regular expression (.+), which in this case is the value of the country, or c, attribute. The O attribute is explicitly stated. You can have up to nine regular expressions in one rule. You create rules for translating Domino names back to LDAP names within the <to_directory_name> element using the same method. The preceding translation rules result in the following example translations:
Table 13-3. Example translations LDAP directory name uid=Joe User/c=us/ou=bluepages/o=ibm.com uid=Nils Nilsen/c=dk/ou=bluepages/o=ibm.com Domino name CN=Joe User/OU=bluepages_us/O=ibm_com CN= Nils Nilsen/OU=bluepages_dk/O=ibm_com
Notice that the regular expressions accommodate the country, or c, code. There is no need to have a separate translation rule for each country code because they can be captured by a (.+) expression, and then inserted anywhere in the translated name with a \[number] expression. Note: The LDAP names specified in from_directory_name and to_directory_name must exactly match the case that is used for the names in the LDAP directory. The attributes of the Domino-style names specified in from_directory_name and to_directory_name (CN, OU, O, or O) must be uppercase.
13-8
Table of expressions
There are many symbols that can be used in regular expressions, but only a few are useful for the purpose of translating a non-conforming LDAP name to a Domino name. The following table lists of these symbols, with examples that show how they match a particular LDAP name. All of the examples shown here will match the LDAP distinguished name uid=Joe User/c=us/ou=People1/o=org.com. The symbols described are in bold text in the examples:
Table 13-4. Table of expressions Symbol (.+) \1, \2, \3, etc. Description Represents one or more occurrences of any character. \1 represents a match with the first regular expression; \2 represents a match with the second regular expression, and so on. Up to 9 regular expressions may be used in one rule. Turns off the meaning of any special character c. Matches any single character. Matches any of the enclosed characters. Matches any character that is not enclosed. Matches any character in this range. Matches any number (zero or more) of the preceding character or bracketed expression. Matches one or more of the preceding character or bracketed expression. Example uid=(.+)/c=(.+)/ou=bluepages/ o=ibm\.com CN=\1/OU=bluepages_\2/ O=ibm_com
\c . [...] [^...] n-n
uid=Joe User/c=us/ou=People1/ o=org\.com uid=Joe User/c=us/ou=People./ o=org uid=Joe User/c=us/ ou=People[123456789]/o=org uid=Joe User/c=us/ou=People[^2-9]/ o=org uid=Joe User/c=us/ou=People[0-9]/ o=org[._]com uid=Joe U.*/c=us/ou=People1/ o=org\.com uid=Joe [A-Za-z]+/c=us/ ou=People1/o=org\.com
* +
(regexp)
Delineates a regular expression so uid=Joe User/c=(.+)/ou=People1/ that it can be used in the replacement o=org\.com string (the to string in <translate>).
Example of translating names that contain the dc attribute

The following settings provide an example of translating names that appear in the LDAP user directory as cn=name,ou=People1,dc=acme,dc=com.
<server_settings> <offline enabled="true"> <name_translation enabled="true"> <from_directory_name> <translate from="cn=(.+)/ou=People1/dc=acme/dc=com" to="CN=\1/OU=People1/O=acme_com" /> </from_directory_name> <to_directory_name> <translate from="CN=(.+)/OU=People1/O=acme_com" to="cn=\1/ou=People1/dc=acme/dc=com" /> </to_directory_name> </name_translation> </offline> </server_settings>
13-9
Configuring offline use for specific environments

Specific configuration steps are required if you use IBM Network Dispatcher, Sun Java System Portal Server, or CA SiteMinder in your IBM Lotus Quickr environment.
Configuring offline use in an environment that uses IBM Network Dispatcher

If you use IBM Network Dispatcher to distribute HTTP requests to clustered IBM Lotus Quickr servers, use the notes.ini setting $DOLS_TCPIPAddress to enable users to take places offline from any server in the cluster. Add the following setting to the notes.ini file on each server in the cluster:
$DOLS_TCPIPAddress=hostname
where hostname is the fully-qualified host name or IP address of one Lotus Quickr server in the cluster. For example, if the servers in a cluster are blue.enterprise.com, green.enterprise.com, and red.enterprise.com, and the network dispatcher is colors.enterprise.com, you could add the following setting to the notes.ini file on blue.enterprise.com, green.enterprise.com, and red.enterprise.com:
$DOLS_TCPIPAddress=blue.enterprise.com
Configuring offline use in an environment that uses Sun Java System Portal Server
If you use Sun Java System Portal Server with IBM Lotus Quickr as a reverse proxy, use the notes.ini setting NoWebFileSystemACLS to prevent users from having to re-authenticate after installing places offline. Add the following setting to the notes.ini file of a Lotus Quickr server:
NoWebFileSystemACLS=1
Configuring offline use in an environment that uses CA SiteMinder

If your environment uses CA SiteMinder for authentication, you must list the Domino Server API (DSAPI) filter for Domino Off-Line Services before the CA SiteMinder filter in the list of DSAPI filters in the servers Server document in the Domino Directory. Note: CA SiteMinder is supported only on IBM Lotus Quickr servers that run on Microsoft Windows. Perform the following steps: 1. Open the Server document in the Domino Directory on the IBM Lotus Quickr server. 2. Click the Internet Protocols - HTTP tab. 3. Make sure the following filter is the first listed in the DSAPI filter file names field in the DSAPI section, and that the path to the CA SiteMinder WebAgent filter is listed on a separate line below it. For example:
ndolextn C:\Program Files\CA\SiteMinder Web Agent\Bin\DOMINOWebAgent.dll
4. If you make a change to the field, restart the server by entering the following command:
restart server
Using a passthru server for offline use

If you want users to connect to a IBM Lotus Quickr server through an intermediary passthru server when installing places offline, use the Site Administration link to specify the name of the passthru server.
13-10
Perform the following steps: 1. Log in to the server as an administrator. 2. Click Site Administration. 3. Click Other Options. 4. Click Edit Options. 5. Below Domino Offline Passthru Server, type the canonical name (for example, Passthru/Acme) and the fully-qualified host name (for example, passthru.acme.com) of the passthru server. 6. Click Next.
Performing optional offline configuration tasks

Optionally you can use an alternate Web server for offline software installation, enable offline place encryption, enable IBM Lotus Quickr sign in passwords for offline use, or hide the work offline link.
Using an alternate Web server for offline downloads

You can copy the Domino Off-Line Services client software to a directory on an alternate Web server, and then use the Site Administration link on the IBM Lotus Quickr server to specify a URL that points to that directory. Then the client software is installed from the alternate server. When users take their first place offline, the Domino Off-Line Services client software is installed on their machines so that they can manage their offline places. Because the software files are relatively large, place performance can be affected when users install their first places offline. To avoid this situation, you can use an alternate Web server for downloads of the Domino Off-Line Services client software. Perform the following steps: 1. Copy the contents of the <server_data_directory>\domino\html\download\filesets directory to any directory used for downloads on the Web server. 2. Log in to the Lotus Quickr server as an administrator. 3. 4. 5. 6. Click Site Administration. Click Other Options. Click Edit Options. Below Alternate Offline Download URL, type an alternate URL that points to the directory with the copied offline files, for example:
http://web.acme.com/download/filesets
7. Click Next.
Using Lotus Quickr login passwords for offline use

Use the qpconfig.xml file to enable users to use their IBM Lotus Quickr login passwords when they log in to any offline places so they do not have to remember a separate password for each offline place. By default, offline users must specify an offline password in the Member Profile for each offline place of which they are a member. Use the use_login_passwords setting in the offline section of the qpconfig.xml file to enable offline users to use their Lotus Quickr login passwords when they log in to any offline place. This feature is supported for both external and local members. This setting applies to all places on the server, although users still can specify place-specific offline passwords through their Member Profiles. If you do not enable this setting server-wide through the qpconfig.xml file, managers of places can enable the feature for places they manage through the Customize - Basics page. Note: If any of a users places is encrypted offline, the users password for all offline places must be the same. This applies to external as well as local users.
13-11
Perform the following steps: 1. Open the qpconfig.xml file in the domino_data_root directory, or create the file if it does not exist already. 2. In the offline section, type true for the use_login_passwords attribute. 3. Save the qpconfig.xml file. 4. Enter the following server console command:
restart task http
The following example shows the qpconfig.xml file when this feature is enabled:
<offline enabled="true" use_login_passwords="true"> </offline>
Hiding the Work Offline link from users

At times you might want to hide the Work Offline link to prevent users from installing places offline, for example, during server maintenance. Perform the following steps: 1. Open the qpconfig.xml file in the domino_data_root directory, or create the file if it does not exist already. 2. In the offline section, type false for the offline enabled attribute. 3. Save the qpconfig.xml file. 4. Enter the following server console command to restart the server:
restart task http
Offline setup FAQs

This topic answers questions frequently asked about offline setup. Question: We do not allow local place members in our organization. All of our members have names in an LDAP directory or a Domino Directory. Do we still need to create an Offline Security Policy document? Answer: Yes, you must create one or more Offline Security Policy documents for users who are registered in a user directory. Question: Our users already have Notes ID files. Do we have to configure the Offline Security Policy document to Automatically generate user IDs? Answer: No. If your users have Notes IDs, you can configure the Offline Security Policy document ID deployment policy to Prompt for ID during download. Users are then prompted to supply their Notes ID files during the installation of the offline place.
13-12
Question: In our organizational hierarchy, our organization (O) is ACME, our organizational unit (OU) is ACMEWEB, and our domain is ACMEWEB. Our IBM Lotus Quickr server is W1SERVER/ACMEWEB/ ACME. Should the certifier for our local members be QP/ACMEWEB/ACME? Answer: Yes, this would be the correct hierarchical name for the certifier ID, which would allow your local members to take places offline. However, for easier management, we recommend that all of your Lotus Quickr place members be external (meaning their information is stored in a user directory). Question: We have a large organization. To set up our external members to take places offline, is it necessary to create a different Offline Security Policy document and certifier ID for each of our organizational units? Answer: The number of different Offline Security Policy documents and certifier IDs you must create depends on your organizations hierarchy. When a user takes a place offline, an ID is automatically generated by the Notes registration API. This ID is based on the certifier ID attached to the Offline Security Policy document. The Notes registration API can only create ID files for users as far as one organizational unit down from the root organizational unit for the certifier ID. For example, the following local members can take places offline with the certifier ID QP/<Organization>: Fred/QP/<Organization> John/MyWorld/QP/<Organization> However, the user Mike/Westford/MyWorld/QP/<Organization> cannot take places offline with this certifier ID. For Mike to take places offline, you must create a new Offline Security Policy document, then create and attach one of the following certifier IDs: Westford/MyWorld/QP/<Organization> or MyWorld/QP/<Organization> If all your external members are in the same hierarchy except for the last organizational unit before their user name, you only need one certifier ID for all of those users. Otherwise, you must create multiple certifier IDs. For example, both of the following external members can take places offline with the certifier ID /ACME: Joe/PHIL/ACME Will/BOS/ACME However, the following members require two separate certifier IDs: Mary/PHIL/PA/ACME Caroline/BOS/MA/ACME Mary can use either PA/ACME or PHIL/PA/ACME. Caroline can use either MA/ACME or BOS/MA/ACME. Question: The documentation says to create an organizational unit (OU)/Organization certifier. Do we need to create duplicate certifier IDs, or can we make copies of the certifier ID files that were used to create the users?
13-13
Answer: For security reasons, we do not recommend using existing Domino certifiers. We recommend that you create new certifiers, even if they are based on existing certifiers, because new certifiers based on existing certifiers are duplicates in name only. If you create new certifiers, you do not have to worry about the original certifiers falling into the wrong hands. You must create ID files for users as far as one organizational unit down from the root organizational unit for the certifier ID. See the previous question for more information. Question: Do the offline certifier ID files need to be stored on the Lotus Quickr server permanently? Answer: Yes, but only in the doladmin.nsf database. You do not need to store these ID files on the servers file system, only in the doladmin.nsf. Please note that you should always back up this database. Question: How exactly are these certifier ID files used by Lotus Quickr? Answer: They are used to generate an offline ID file that maintains secure access between the online and offline versions of a place. When users install a place offline, an ID based on the certifier ID is generated for them and installed on their computer. This offline ID authenticates users when they synchronize the place. The offline ID file password is set by users in the offline password field in their Member page in the online version of the place.
13-14

There are a variety of place configuration options available to you.
Enabling or disabling context menus or document drag-and-drop

You can use the qpconfig.xml file to control the extent to which context menus are enabled in the user interface. Context menus are menus that are available from documents, folders, user names, and My Places by hovering over a drop-down arrow. You can also enable or disable the ability to drag and drop documents in folders. Context menus and document drag-and-drop are enabled by default. Disabling context menus can reduce the time required for pages to load. Perform the following steps: 1. Open the qpconfig.xml file in the domino_data_root directory, or create the file if it does not exist already. 2. Specify values (true or false) in the ui_features element. Note that specifying ui_features enabled=false disables all context menus and document drag-and-drop.
<ui_features enabled="value"> <context_menus enabled="value"> <documents enabled="value"/> <folders enabled="value"/> <user_names enabled=" value"/> <my_places enabled="value"/> </context_menus> <drag_and_drop enabled="value"> </drag_and_drop> </ui_features>
restart task http
For example, to enable all context menus but disable document drag-and-drop, specify the following settings:
<ui_features enabled="true"> <context_menus enabled="true"> <documents enabled="true"/> <folders enabled="true"/> <user_names enabled="true"/> <my_places enabled="true"/> </context_menus> <drag_and_drop enabled="false"> </drag_and_drop> </ui_features>
Related concepts Whats new? on page 4-11 Read about the new features in this release. Related information Creating and using the qpconfig.xml file on page 6-3 You use an XML configuration file, qpconfig.xml file, to perform many server configuration tasks. The server comes with a sample file, qpconfig_sample.xml, which is installed in the server data directory and which you use as a template.
14-1
Displaying user images and user information in user context menus

The Lotus Quickr user interface provides context menus next to member names. You can use the qpconfig.xml file to display images and LDAP directory attributes of external members in these context menus. The images are accessed through a Web service URL that you specify. Perform the following steps: 1. Open the qpconfig.xml file in the domino_data_root directory, or create the file if it does not exist already. 2. Specify the following settings in the file:
<user_photo_source local="false"> <directory> <url> <![CDATA[URL]]> </url> </directory> </user_photo_source>
where URL is the Web service URL location for the images that refers to one or more of the following attributes values from the LDAP directory: v EMAIL={email} v CN={cn} v DN={dn} v DISPLAY_NAME={display_name) 3. Save the modified file. 4. Enter the following command at the server console to restart the HTTP task:
restart task http
The following example pulls images of external members from the URL http://web.acme.com/photos/ api/photo.jsp and displays their LDAP e-mail addresses in context menus:
<user_photo_source local="false"> <directory> <url> <![CDATA[http://web.acme.com/photos/api/photo.jsp?EMAIL={email}]]> </url> </directory> </user_photo_source>
Related concepts Whats new? on page 4-11 Read about the new features in this release. Related information Creating and using the qpconfig.xml file on page 6-3 You use an XML configuration file, qpconfig.xml file, to perform many server configuration tasks. The server comes with a sample file, qpconfig_sample.xml, which is installed in the server data directory and which you use as a template.
Specifying a footer that appears on all pages

You can use the qpconfig.xml file to specify an HTML footer to display on the bottom of all pages in all places on the server. For example you might specify a corporate logo, administrative message, or corporate disclaimer. A footer can be up to 255 characters in length and can include an image. To specify a footer, perform the following steps:
14-2
1. Open the qpconfig.xml file in the domino_data_root directory, or create the file if it does not exist already. 2. Specify the following setting in the file:
<server_settings> <server_messages> <footer> <![CDATA[yourfooter]]> </footer> </server_messages> </server_settings>
where yourfooter is your HTML footer. Note: To insert an image in the footer, put the image file in the ...data\domino\html directory and reference it in the footer setting as <img src=/filename>. Or put the image file in the ...data\domino\icons directory and reference it as <img src=/icons/filename>. 3. Save the modified file. 4. Enter the following command at the server console to restart the HTTP task:
restart task http
For example, to display Acme Corporation in bold text in page footers, specify the following setting:
<server_settings> <server_messages> <footer> <![CDATA[<b>Acme Corporation</b>]]> </footer> </server_messages> </server_settings>
To display the image file logo.gif located in the ....data\domino\html directory, specify the following setting:
<server_settings> <server_messages> <footer> <![CDATA[<img src="/logo.gif">]]> </footer> </server_messages> </server_settings>
Adding and removing graphic text fonts

Use the qptool addgraphicfont command to make any True Type font that is already installed in the servers operating system fonts directory available for use in graphic text in places. Use the removegraphicfont command to make a True Type font unavailable. These commands can be used only with True Type fonts, and they affect only the availability of fonts in graphic text and not in other text. Note: For offline places to display graphic fonts added to the server, the fonts must already be installed in the fonts directory of the client computer. To add or remove one or more graphic fonts, enter the following command at the server console:
load qptool addgraphicfont[removegraphicfont] arguments
14-3
where arguments are arguments described in Table 14-1:

Table 14-1. Arguments for the qptool addgraphicfont and removegraphicfont commands Argument -? -name typefacename Description Prints help on the command. Specifies a typeface name to add or remove, or a space-separated list of typeface names to add or remove. If a typeface name contains spaces, enclose the name in quotation marks (). Adds or removes typeface names specified in an XML input file located in the server program directory. Logs results to a specified XML output file. By default logs results to the file qptool.addgraphicfront[removegraphicfont].xml.
-i inputfile
-o outputfile
Table 14-2 shows the default location of the fonts directory for each supported server operating system.
Table 14-2. Default location of the fonts directory Operating system Windows Solaris AIX i5/OS Fonts directory location C:\WINDOWS\Fonts /usr/openwin/lib/X11/fonts/ /usr/lpp/fonts/ /QIBM/ProdData/Lotus/LotusQuickr/TTFONTS/ GRAPHICFONTS
Table 14-3 provides examples of using these commands.

Table 14-3. Examples of qptool addgraphicfont and removegraphicfont commands Task Add the Comic Sans MS typeface. Add the Comic Sans MS typeface and the BordeauxLight typeface. Command > load qptool addgraphicfont -name "Comic Sans MS" > load qptool addgraphicfont -name "Comic Sans MS" BordeauxLight
14-4
Table 14-3. Examples of qptool addgraphicfont and removegraphicfont commands (continued) Task Use an XML input file named addfont.xml to add the Arial typeface and Times New Roman typeface. Command 1. Create the addfont.xml file in the server program directory with the following XML content: <graphic_fonts> <font action="add"> <name>Arial</name> </font> <font action="add"> <name>Times New Roman</name> </font> </graphic_fonts> 2. Enter the following command: > load qptool addgraphicfont -i addfont.xml
Use an XML input file named removefont.xml to remove the Arial typeface and Times New Roman typeface.
1. Create the removefont.xml file in the server program directory with the following XML content: <graphic_fonts> <font action="remove"> <name>Arial</name> </font> <font action="remove"> <name>Times New Roman</name> </font> </graphic_fonts> 2. Enter the following command: > load qptool removegraphicfont -i removefont.xml
Changing the maximum allowed attachment size

You can change the maximum size allowed for file attachments. By default, attachments can be no larger than 50MB. You can also remove the maximum attachment size restriction, and allow only system limitations, for example, IBM Lotus Domino attachment size limits or available disk space, to restrict attachment size. If you change the maximum allowed attachment size, the default, maximum attachment size of 50MB continues to be in effect for attachments uploaded from a place installed offline. Perform the following steps: 1. Log in to the server as an administrator. 2. Click Site Administration. 3. Click Other Options. 4. Click Edit Options. 5. Change the Maximum Attachment Size value. Specify the value in kilobytes (K). Or, to remove the maximum attachment size limitation, remove the value in this field. 6. Click Next. Related information Using the Site Administration link on page 6-7 When you log in to the server as an IBM Lotus Quickr administrator, you have access to the Site
14-5
Administration link on the home page. From there you can set up a connection to a user directory, control access to the server, as well as specify other configuration options.
Disabling ActiveX
ActiveX controls are enabled by default, providing Internet Explorer users with additional file attachment and file import features. You can disable ActiveX controls. You might want to do this, for example, if you do not allow user installation of ActiveX controls and want to prevent users from seeing the prompt to install them, or if you want to provide a homogenous user experience for all browser users. The ActiveX features are available only to Internet Explorer browser users, and not to Mozilla Firefox or Safari users. Perform the following steps to disable ActiveX controls: 1. Log in to the server as an administrator. 2. Click Site Administration. 3. Click Other Options. 4. Click Edit Options. 5. Clear the Enable ActiveX check box. 6. Click Next. Table 14-4 compares the features available, depending on whether ActiveX is enabled or disabled. Note: T
Table 14-4. Feature comparison with ActiveX enabled or disabled Feature Drag-and-drop file import/export operations File import operations done through file attachment dialog box ActiveX enabled Yes Yes ActiveX disabled No Yes, but limited to one file per publishing cycle Yes No Yes No No Yes, but limited to one attachment per publishing cycle Yes Yes Yes No
Rendering of imported Microsoft Yes Office files (Word, Excel, PowerPoint) Import Microsoft Office files Rendering of imported HTML, JPEG, and GIF files Import of JPEG and GIF files Drag-and-drop file attachment operations File attachment operations done through the attachment dialog box Remove attachments from a page Save attachments to the client file system When opening attachments, load the attachments within their applications Do round-trip edits of imported files Yes Yes Yes Yes Yes Yes Yes Yes Yes
Related information Using the Site Administration link on page 6-7 When you log in to the server as an IBM Lotus Quickr administrator, you have access to the Site
14-6
Administration link on the home page. From there you can set up a connection to a user directory, control access to the server, as well as specify other configuration options.
Disabling Java applets

Java applets, enabled on the server by default, allow users who do not use Internet Explorer to use rich text controls (bold, italic, and so forth) when editing. You can disable Java applets on the server. Internet Explorer users do not require Java applets because Internet Explorer has embedded rich text controls. Perform the following steps to disable Java applets: 1. Log in to the server as an administrator. 2. Click Site Administration. 3. Click Other Options. 4. Click Edit Options. 5. Clear the Enable Java Applets check box. 6. Click Next. Related information Using the Site Administration link on page 6-7 When you log in to the server as an IBM Lotus Quickr administrator, you have access to the Site Administration link on the home page. From there you can set up a connection to a user directory, control access to the server, as well as specify other configuration options.
Displaying CGI variables in HTML source pages

By default, IBM Lotus Quickr HTML source pages viewed through a browser do not display Common Gateway Interface (CGI) variables because they contain potentially sensitive information, for example information about the remote host and its users. However, you can enable the display of CGI variables, for example if you want to copy the variables from the source pages for use in custom applications. To enable the display of CGI variables, perform the following steps: 1. Open the qpconfig.xml file in the domino_data_root directory, or create the file if it does not exist already. 2. Specify the following setting in the file:
<server_settings> <cgi_variables enabled="true"/> </server_settings>
restart task http
Disabling page compression

By default IBM Lotus Quickr compresses the content in HTML pages it transmits to clients if the browser supports compression. If the browsers in your environment do not support page compression, you can use the qpconfig.xml file to disable it.
14-7
The compression reduces the size of HTML transmissions to 30% or less of the uncompressed size, with the result that users can open large pages more quickly. Only HTML and text is compressed, not images or attachments. If the browsers in your environment do not support page compression, perform the following steps to disable it: 1. Open the qpconfig.xml file in the domino_data_root directory, or create the file if it does not exist already. 2. Specify the following setting in the file:
<server_settings> <page_compression enabled="false"> </page_compression> </server_settings>
restart task http
Customizing user notifications settings

Use the qpconfig.xml file and notes.ini file to configure a variety of settings related to user notifications. Note: You configure the underlying Lotus Quickr mail routing through IBM Lotus Domino. For more information, see Lotus Domino Administrator Help.
Configuring where the server routes undeliverable e-mails

When someone replies to an automatic e-mail notification, such as a Whats New notification, or to an e-mail notification sent by someone without a specified e-mail address, by default the server sends the reply to the DeadMailQP.nsf database on the server. The server also routes delivery failure notifications to this database. Use the notes.ini file to change the delivery location to a place. To instead route these types e-mails to the default mail location of the places from which the e-mails come, delete the h_UndelivMail setting from the notes.ini file on the server. Or, to send these types of e-mails to the default mail location of one place, modify these notes.ini settings:
h_UndelivMail=placename $h_MailDomain=domainname
where placename is the name of the place to receive the mail, and domainname is the fully qualified domain name of the server that hosts the place. For example, to send these e-mails to replyplace@quickr.acme.com, specify the following notes.ini settings:
h_UndelivMail=replyplace $h_MailDomain=quickr.acme.com
14-8
Disabling calendar subscriptions

By default, place members have subscriptions to receive e-mails that are integrated with their personal calendars. You can use the Site Administration link to disable these subscriptions. Perform the following steps: 1. Log in to the server as an administrator. 2. Click Site Administration. 3. Click Other Options. 4. Click Edit Options. 5. Clear the Enable calendar subscriptions check box. 6. Click Next. Related information Using the Site Administration link on page 6-7 When you log in to the server as an IBM Lotus Quickr administrator, you have access to the Site Administration link on the home page. From there you can set up a connection to a user directory, control access to the server, as well as specify other configuration options.
Configuring an email URL prefix when using a gateway server

Use the Site Administration link to specify an alternate email URL prefix if the server is accessed through a gateway server. The prefix is used in place links displayed in outgoing e-mail messages. Perform the following steps: 1. Log in to the server as an administrator. 2. Click Site Administration. 3. Click Other Options. 4. Click Edit Options. 5. In the URL prefix field, specify an alternate URL prefix, for example:
http://gatewayserver.acme.com:8080
6. Click Next. Related information Using the Site Administration link on page 6-7 When you log in to the server as an IBM Lotus Quickr administrator, you have access to the Site Administration link on the home page. From there you can set up a connection to a user directory, control access to the server, as well as specify other configuration options.
Using qpconfig.xml settings to configure notifications

Use the qpconfig.xml file to specify a variety of user notification settings. For example use qpconfig.xml settings to specify the text displayed in the password prompt of place invitations or to specify whether notifications sent to groups show the members of the groups. Perform the following steps: 1. Open the qpconfig.xml file in the domino_data_root directory, or create the file if it does not exist already. 2. Modify any of the following settings in the notifications element of the qpconfig.xml file:
<server_settings> <notifications> <place_invitation> <password_message>Your intranet password. </password_message> </place_invitation>
14-9
<calendar> <client_types> <notes5 enabled="true"/> <msoutlook enabled="true"/> </client_types> </calendar> <recipient_rules> <expand_external_groups enabled="true"/> <allow_ambiguous_sendto enabled="false"/> </recipient_rules> </notifications> </server_settings>
restart task http
The following table describes the available settings:

Table 14-5. Notification settings in the qpconfig.xml file Setting password_message Description Specifies the password prompt that appears in external users invitations to visit places. When set to true (default), enables Lotus Notes support for calendar notifications. When set to false, disables this support. When set to true (default), enables Microsoft Windows Outlook support for calendar notifications using icalendar standards specified in RFC 2445. When set to false, disables this support. When set to true (default), when mail is addressed to an external group, the place expands the group and lists each members e-mail address in the notification. When set to false, the notifications do not expand the group members. Instead the mail router is given the group names to resolve. allow_ambiguous_sendto enabled When set to true, allows users to send notifications to ambiguous names from an external directory and have the mail router resolve the names. When set to false (default), users can send notifications only to valid e-mail addresses.
notes5 enabled
msoutlook enabled
expand_external_groups enabled
14-10
Customizing the My Places feature

The My Places feature enables external place members to see a list of links to all the places they belong to, and users with super-user server access to see links to all places on the server. Super users and place managers use My Places to see place statistics and administer places using qptool commands. You can customize the My Places feature.
Enabling DBCS members to use My Places

To enable people who use double-byte character set (DBCS) languages, such as Japanese or Chinese, to use My Places, you must enable single sign-on authentication on the server. In addition, you must use the notes.ini file to configure the DBCS language to use and then re-index the views in the Place Catalog. Perform the following steps to modify the notes.ini file and to re-index the views in the Place Catalog: 1. Open the notes.ini file in the domino_server_root directory with a text editor. 2. Add the following line to the file:
Country_Language=xx[-xx]
where xx is one of the codes in the following table:

Table 15-1. Country_Language setting codes CollationName Japanese Korean Simplified Chinese Traditional Chinese Code ja ko zh-cn zh-tw
3. Make sure to leave a blank line at the end of the file. Press Enter, if necessary, to create one. 4. Close and save the file. 5. Enter the following command at the server console to restart the server so your changes takes effect:
restart server
6. Perform the following steps to re-index the Place Catalog on the server: a. From IBM Lotus Notes, choose File Database Open. b. Select the IBM Lotus Quickr server in the Server field, and then type placecatalog.nsf in the Filename field. Note: The Open Database window does not display the Place Catalog database by default. 7. Click File Database Properties. 8. Click the second tab from the right, and then click Update Index.
Opening places in a new browser window

Places opened through My Places open in the current browser window, by default. Use the qpconfig.xml file to open places accessed through My Places in a new browser window, instead. Perform the following steps: 1. Open the qpconfig.xml file in the domino_data_root directory, or create the file if it does not exist already. 2. Specify the following settings in the file:
15-1
<my_places> <place_links open_new_window="true"/> </my_places>
restart task http
Using a custom application for My Places

Use the qpconfig.xml file to specify a URL to call a custom portal application for displaying My Places. Perform the following steps: 1. Open the qpconfig.xml file in the domino_data_root directory, or create the file if it does not exist already. 2. Specify the following settings in the file:
<my_places> <place_ui enabled="true"> <url>URL</url> </place_ui> </my_places>
where URL is the URL for the application, for example:

https://portal.abc.com/myplaces
restart task http
15-2
Specifying rules for a reverse proxy configuration

If a reverse proxy mediates connections to IBM Lotus Quickr, specify proxy rules for Lotus Quickr. Specify the following rules:
Proxy /qphtml/* Proxy /<label>/* Proxy /<quickrroot>/* <protocol>://<servername>/qphtml/* <protocol>://<servername>/* <protocol>://<servername>/<quickrroot>/*
where: <protocol> is http or https <servername> is the fully-qualified host name of a load balancing server or a Lotus Quickr server <quickrroot> is the Lotus Quickr URL root. This value is lotusquickr unless you have upgraded from Lotus QuickPlace and did not change the URL root, in which case the value is quickplace. For example:
Proxy /qphtml/* Proxy /quickr_services_for_LD/* Proxy /lotusquickr/* https://qk.acme.com/qphtml/* https://qk.acme.com/* https://qk.acme.com/lotusquickr/*
16-1
16-2
Customizing Web page cache settings

Web page caching greatly improves the response time of the IBM Lotus Quickr server. Use the notes.ini file to customize Web page cache settings. Without a cached copy of a Web page, the HTTP server must access the database upon every HTTP request, which results in a slower response time for the Lotus Quickr server. If a Web page is cached, the server only has to pick up the page from the database one time, and then create a user-specific, cached copy of the page at that time. Upon subsequent requests for the page, the server retrieves and provides the cached copy, as long as it is still valid. If the server is brought down, the existing cache is maintained after the server is brought back up. Certain actions cause the cache for a page to become invalid. Once a cached paged is invalid, the next time the page is accessed it is re-cached. Following are some examples of how the entire cache or specific pages within the cache can become invalid: v A change to the server configuration made through the Site Administration link, for example a change to the default maximum attachment size allowed, invalidates all places on the server (the entire cache). v If the Place Catalog is enabled, a change in the Place Catalog database invalidates the entire cache. v A change in qpconfig.xml invalidates the entire cache. v A change to place membership -- a member is added, modified, or deleted -- invalidates the cache for all databases associated with that place -- main.nsf and all the inner rooms. A change to inner room membership invalidates the cache for that particular room and its child rooms. v A change in rooms -- a room is created or deleted -- invalidates the cache for all databases associated with that place. v A page published in the Main room (main.nsf) invalidates the cache for all databases associated with that place. v A page published in a parent room invalidates the cache for the parent room and the child rooms below it. v A page published in a child room invalidates the cache for the child room and for any rooms below it. The cache for the parent room pages remain valid. v A customization to a parent room, for example a theme change or a custom form, invalidates the cache for the parent room and the child rooms below it. Perform the following steps to adjust Web page cache settings: 1. Open the notes.ini file in the domino_server_root directory with a text editor. 2. Specify any settings described in Table 17-1. 3. Make sure to leave a blank line at the end of the file. Press Enter, if necessary, to create one. 4. Close and save the file. 5. Enter the following command at the server console to restart the server so your changes takes effect:
restart server Table 17-1. Web page cache settings in the notes.ini file Setting QuickPlaceWebCacheEnabled=value Description Enables or disables Web page caching. When set to 1 or omitted, enables Web page caching. When set to 0, disables Web page caching.
17-1
Table 17-1. Web page cache settings in the notes.ini file (continued) Setting QuickPlaceWebCacheDir= path Description Specifies the full path to the cache directory on the server. If omitted, the default path is domino_data_root/domino/lotusquickr/cache. Specifies a maximum size, in MB, for the cache. If omitted, or if a negative value is specified, the maximum size is 50 MB. Specifies the time interval, in minutes, for cache cleaning. If omitted, or if a negative value is specified, then the interval is 60 minutes. Enables caching for anonymous users only. If omitted, and by default, caching is enabled for all users. Specifies the level (1, 2, 3), for cache logging. Level 1 is the least detailed and 3 is the most detailed. Logging is written to domino_data_root/log.nsf.
QuickPlaceWebCacheLimitInMB=size
QuickPlaceWebCacheGCIntervalInMIN=interval
QuickPlaceWebCacheUsers=anonymous QuickPlaceWebCacheLogging=level
17-2
Configuring cross-place searching

Configure cross-place searching to enable external place members to use the advanced search feature to search multiple places. A manager of a place enables or disables advanced search within a place. IBM Lotus Quickr provides two types of advanced search features, one of which enables users to search across multiple places. Cross-place searching requires you to configure Domino Domain Search and a Domain Catalog server, a server that has a Domain Catalog and that builds a domain index. The Lotus Quickr server running on the Domain Catalog server handles all cross-place search requests. For more information on advanced search and cross-place searching, see the Help. For more information on Domino Domain Search, see Domino Administrator Help. Note the following points about cross-placing searching: v Cross-place searching respects all access permissions on content, and so users must retain a single identity to be able to search across places. To search across places, authenticated users must be registered in a user directory. Local users can search only within a place. v If room access is controlled by a local group, even if the user has access through the local group, cross-place searches wont be able to find the document from the room. Restrict room access using groups from an external user directory. v If you use more than two Lotus Quickr servers, including the Domain Catalog server, you must configure multi-server session-based authentication (single sign-on). v To remove places when cross-place searching is in use, use qptool remove , which marks the places for deletion, rather than the qptool remove -now, which deletes them immediately. This way, the nightly qptool remove -cleanup command deletes the places after information in the search index is cleared. v Using only Lotus Quickr servers in the Lotus Domino domain is suggested. However if a domain does include Lotus Domino servers that do not run Lotus Quickr, set up one Domain Catalog server for the Lotus Quickr servers and one Domain Catalog server for the Lotus Domino servers, so that the domain index for Lotus Quickr searches is separate from the one used for Lotus Notes searches of the domain. v If you use cross-place searching on a server that is set up for Lotus Domino Off-Line Services, and the servers LDAP directory is not a Lotus Domino directory or is a Lotus Domino directory in a different domain than the Domain Catalog server, use the notes.ini setting QuickPlaceExtensionManagerAllowServers=1 on the offline server. This setting gives the Domain Catalog server access to the Lotus Quickr servers databases. If you dont use this setting, database authorization failures occur during Domain Catalog indexing. To configure cross-place searching, perform the following steps: 1. Install IBM Lotus Domino on each computer that will run Lotus Quickr. 2. Perform the following steps to configure Domain Search: a. From IBM Lotus Notes, open the Domino Directory (names.nsf) for the domain. b. Open the Server document of the Domino server that will index the Domain Catalog. c. Click Server Tasks Domain Catalog, and in the Domain Catalog field select Enabled. Note: This step starts the Catalog task and creates the Domain Catalog. The Catalog task keeps the Database Catalog current. You should run the task on a schedule, for example, by including the task name in the ServerTasksAt1 notes.ini setting. d. For optimum performance, repeat step 2b and step 2c on the other servers in the domain, so that each server creates and manages its portion of the Domain Catalog. That way, the Domain Catalog server can simply copy the entries from each server to its Domain Catalog database.
18-1
e. Wait for the Catalog task to stop on the Domain Catalog server. f. In the Server document of the Domain Catalog server, click Server Tasks Domain Indexer, and in the Schedule field, click Enabled to enable the Domain Indexer task. Specify a schedule for running the Domain Indexer. 3. Install Lotus Quickr on each Lotus Domino server you installed in the first step. 4. Perform the following steps on each server to configure the qpconfig.xml file: a. Open the qpconfig.xml file in domino_data_root or create the file if it does not exist already. b. Specify the following settings, providing values suitable for your environment, and then save the modified file:
<search_places enabled="true" anonymous="true"> <domain_catalog_server ssl="false"> <port>80</port> <domino_server_name>qkdcs/acme</domino_server_name> <path_prefix></path_prefix> <hostname>qkdcs.acme.com</hostname> </domain_catalog_server> </search_places>
Table 18-1 describes the settings. Note: Settings marked with an asterik (*) should be specified on every Lotus Quickr server except the Domain Catalog server. Do not use them on the Domain Catalog server. c. Enter the following command at the server console to restart the HTTP task:
restart task http Table 18-1. qpconfig.xml settings for cross-place searching Setting enabled Description When set to true enables cross-place searches. When set to false, prevents cross-place searching. When set to true allows anonymous users to search across places. When set to false returns an error when anonymous users issue cross-place searches. If you allow anonymous users to search across places, and the manager of a particular place does not want to expose the contents of the place to anonymous users through cross-place searching, the manager should make sure that anonymous access to the place is disabled, and limit the place membership to specified users and groups in the directory. If you allow anonymous access, make sure that anonymous users have the same access as the -Defaultaccess in the ACL for CATALOG.NSF on the Domain Catalog server. SSL* When set to true defines that SSL generates the URL for the domain catalog server (HTTPS). When set to false defines that HTTP generates the URL. Defines the port used in the URL for the Domain Catalog server.
anonymous
port*
18-2
Table 18-1. qpconfig.xml settings for cross-place searching (continued) Setting path_prefix* Description Defines a path prefix for the URL for the Domain Catalog server. Specifies the hostname of the Domain Catalog server. Specifies the Domino server name of the Domain Catalog server for example, ServerCatalog/Acme. Before removing places from this server, the server does a lookup to the Domain Catalog server to verify if the search index is cleared.
hostname* domino_server_name*
Configuring cross-place searching
18-3
18-4
Part 5. Administering services for Lotus Domino

To administer a server, manage places, PlaceTypes, and maintain the server.
Managing place membership

Use qptool commands to manage place membership.
Adding external members to places

You can use the qptool addmember command to add a name from a user directory as a member of a place or places. When you use qptool addmember rather than the user interface, you can add a member to multiple places at once. Keep the following points in mind: v When you use the command, you must use the -reader, -author, -editor, or -manager argument to specify the access the member has to the places main room. Optionally, you can use the -allrooms argument to apply the members main room access to all subrooms. v If you use the user interface to change an existing external members access to the main room in a place, subrooms do not inherit the access change. To change an existing members access to all rooms in a place, use the qptool removemember command to delete the member from the place, and then use qptool addmember -allrooms to add the member again with the new access. v You cannot use the command to add local members. v You cannot use the command to add members to the LotusQuickr/lotusquickr place used for server administration. Enter the following command at the server console to add external members to places:
load qptool addmember arguments
where arguments are arguments described in

Table 19-1. Arguments for the qptool addmember command Argument -? -dn name Description Prints help on the command. Specifies the name of an external user or group to add as a member. If the name contains at least one space, include quotation marks ( ) around it. Specify the name exactly as it is defined in the directory, for example: cn=Connor Jones,ou=Sales,o=Acme Include any spaces in the name. Specify the character case (uppercase or lowercase) correctly. Note: The server does not look up the name in the user directory to verify the name you specify. Be sure the name you specify is valid.
19-1
Table 19-1. Arguments for the qptool addmember command (continued) Argument -g Description Indicates that a name specified for the -dn argument is the name of a group. You must use this argument to add an external group. If you use qptool addmember without the -g argument to add an external group as a member of a place, users who are members of the group cant access the place through the group membership, and the group may not show up in the user interface in some places. -reader -author -editor -manager -allrooms Adds the specified name as a Reader of a place. Adds the specified name as an Author of a place. Adds the specified name as an Editor of a place. Adds the specified name as a Manager of a place. Applies the place access specified for the name to all rooms in a place. If you omit this argument, the names specified access applies only to a places main room. Adds the specified name as a member of all places on the server. Adds the specified name as a member of a specific place or space-separated list of places. XML input file located in the server program directory that specifies the places in which to add an external member. XML output file that logs the results of the command. By default the command logs results to qptool.addmember.xml in the server program directory.
-a
-p place(s)
-i inputfilename
-o outputfilename
Table 19-2 provides examples of the qptool addmember command.

Table 19-2. Examples of the qptool addmember command Task Add the user cn=Connor Jones,ou=Sales,o=Acme as an author of all rooms in Place1 Command load qptool addmember -dn cn=Connor Jones,ou=Sales,o=Acme -author -allrooms -p Place1
Add the group cn=Salesgroup,o=Acme as a reader of the load qptool addmember -dn cn=Salesgroup,o=Acme -g main room in all places -reader -a
19-2
Changing member names in places

Use the qptool changemember command to change the name of a local user member, external user member, or external group member in specified places. For example, if you have changed the name of an external user in the user directory, use qptool changemember to make the change in the places to which the user belongs. The original name is referred to as the source name and the name to which you change, the target name. Using qptool changemember, you can do the following tasks: v Change a user or group name to a new name -- for example, change the name of a user who recently married, so the user can continue to access a place using the new name. In this case, the target name is a new name. v Change the name of a user or group to the name of another existing user or group -- for example, change the name of a user who leaves the company to the name of a remaining user who assumes the original users responsibilities. The access the target name has to places is the higher level of access between the source and target names. For example, if the source name is a manager of a place and the target name is a reader of the place, the target name becomes a manager of the place and has access to all pages previously accessible to the source and target names. The same access control principle applies to room access. v Change the name of a local user to the name of an external user in a user directory -- for example, to move from a pilot deployment that uses local users to a production deployment that uses a corporate directory. You can make these combinations of name changes: v Local user name to local user name v Local user name to external user name v External user name to external user name v External group name to external group name Note: If an external user accesses a place through membership in an external group, the users name is not listed as a member in the places Contacts1.nsf database, but is included in security fields within the place. For example, if the user creates a page, the users name is listed in the pages h_Authors field. If the external users name changes in the user directory, you use the changemember command to change the users name in a place, so that the name is changed in these security fields and the users access to the place continues. You cannot make these combinations of name changes: v External user name to local user name v External group name to local user name v External group name to external user name v Local user name to external group name v External user name to external group name Enter the following command at the server console to rename members in places:
load qptool changemember arguments
where arguments are described in Table 19-3 on page 19-4. Note: Specify names exactly, remembering to include any spaces and to use the exact character case. If a name contains spaces, put quotation marks () around it.
19-3
Table 19-3. Arguments for the qptool changemember command Argument -? -sourcedn name Description Prints help on the command. Specifies the distinguished name of an external user or group member as it currently appears in places, for example, cn=Connor Jones, ou=Sales,o=Acme. Specifies the current name of a local user member, for example, Joe Smith. Indicates that the specified source name is that of an external group. Specifies the new distinguished name of an external user or group member. for example: cn=Representatives,ou=Sales,o=Acme Note: IBM Lotus Quickr does not look up the target name in the user directory to verify it, so be sure that the name is valid. Specifies the new name of a local user, for example, Joe Smith. Indicates that the specified target name is that of an external group. Specifies a place or a space-separated list of places in which to rename the user or group. XML input file located in the server program directory that specifies the places in which to rename the user or group. XML output file that logs the results of the command. By default the command logs results to qptool.changemember.xml in the server program directory.
-sourceu name
-sourceg
-targetdn name
-targetu name
-targetg
-p place(s)
-i inputfilename
-o outputfilename
Table 19-4 provides examples of using the qptool changemember command.

Table 19-4. Examples of qptool changemember Task Change the name of local user name to an external user name. Change an external user name to an external user name. Command >load qptool changemember -p PlaceName -sourceu localuser -targetdn CN=ExternalUser,O=[Organization] >load qptool changemember -p PlaceName -sourcedn CN=External User,O=[Organization] -targetdn CN=New External User,O=[Organization]
19-4
Table 19-4. Examples of qptool changemember (continued) Task Change an external group name in multiple places. Command >load qptool changemember -p PlaceName1 PlaceName2 -sourceg -sourcedn CN=External Group,O=[Organization] -targetg -targetdn CN=New External Group,O=[Organization]
Changing the hierarchy of member names in places

You can use the qptool changehierarchy command to change the hierarchy of external user and group member names in places. For example, if your company name changes, and as a result you change the name hierarchy in the user directory, use qptool changehierarchy to change the names in places. Or if you create a new group with a new hierarchy in your external directory to encompass what was previously two groups, you can change the names of the original group members in places to the name of the new group. The changehierarchy command does not operate on local users. Note: If an external user accesses a place through membership in an external group, the users name is not listed as a member in the places Contacts1.nsf database, but is included in security fields within the place. For example, if the user creates a page, the users name is listed in the pages h_Authors field. If you use the changehierarchy command and the name hierarchy you are changing applies to the users name in a place, the users name is changed in these security fields and the users access to the place continues. To change the hierarchy of names in places, enter the following command at the server console:
load qptool changehierarchy arguments
where arguments are described in Table 19-5 Note: Specify the name hierarchy exactly, remembering to include any spaces and to use the exact character case that is used in the directory. If a name hierarchy contains spaces, put quotation marks () around it.
Table 19-5. Arguments for the qptool changehierarchy command Argument -? -sourceh hierarchy Description Prints help on the command. Specifies the original name hierarchy to change, for example, OU=people,O=group Specifies the new name hierarchy, for example, OU=people2,O=group. The name hierarchy you specify should correspond to a valid name hierarchy in the external directory. Changes the hierarchy of member names in all places that have member names with the original name hierarchy.
-targeth hierarchy
-a
19-5
Table 19-5. Arguments for the qptool changehierarchy command (continued) Argument -p place(s) Description Changes the hierarchy of member names in a place or space-separated list of places. Changes the hierarchy of member names in places specified in an XML input file located in the server program directory. XML output file that logs the results of the command. By default the command logs results to qptool.changehierarchy.xml in the server program directory.
-i inputfilename
-o outputfilename
Table 19-6 provides examples of qptool changehierarchy.

Table 19-6. Examples of qptool changehierarchy Task Change the names of users and groups within the hierarchy OU=boston,O=acme to the hierarchy OU=detroit,O=acme in the place P1 Changes the names of users and groups with the hierarchy OU=boston,O=acme to the hierarchy OU=detroit,O=acme in all places Command >load qptool changehierarchy -sourceh OU=boston,O=acme -targeth OU=detroit,O=acme -p P1
>load qptool changehierarchy -sourceh OU=boston,O=acme -targeth OU=detroit,O=acme -a
Updating external member information in places

When information about an external member, such as an e-mail address, changes in the user directory, use the qptool updatemember command to update the information in places. qptool updatemember updates the following information: v E-mail address (external users) v First name (external users) v Last name (external users) v Phone number (external users) v Display name (external users) v Display name (external groups) qptool updatemember does not operate on local members. Note: The command does not change an external members distinguished name stored internally in places and used for access control. If external members distinguished names change in the user directory, use the qptool changemember or qptool changehierarchy command to update the distinguished names in places. To update external member information in places, enter the following command at the server console:
load qptool updatemember arguments
19-6
where arguments are described in Table 19-7. Note: Specify names exactly, remembering to include any spaces and to use the exact character case. If a name contains spaces, put quotation marks () around it.
Table 19-7. Arguments for the qptool updatemember command Argument -? -dn name Description Prints help on the command. Specifies the name of an external user or group whose member information has changed in the user directory, for example:. cn=Connor Jones,ou=Sales,o=Acme If you use this argument, do not use -allmembers. -allmembers Updates all external member information in the specified place(s). If you use this argument, do not use -dn name. You can run qptool updatemember -allmembers -a on a schedule. How often you should run it depends on how often the contents of your user directory changes. -g Indicates that a name specified for the -dn argument is the name of a group. Updates external member information in all places Updates external member information in a specific place or space-separated list of places. XML input file located in the server program directory that specifies the places in which to update external member information. XML output file that logs the results of the command. By default the command logs results to qptool.updatemember.xml in the server program directory.
-a -p place(s)
-i inputfilename
-o outputfilename
Table 19-8 provides examples of the qptool updatemember command.

Table 19-8. Examples of qptool updatemember Task Update the member information for the user cn=Connor Jones,ou=Sales,o=Acme in all places Use the notes.ini file to update all member information in all places daily at 3 AM. Update the member information for the group cn=Adminstrators,o=Acme in all places Command load qptool updatemember -dn cn=Connor Jones,ou=Sales,o=Acme -a ServerTasksAt3=qptool updatemember -allmembers -a
load qptool updatemember -dn cn=Administrators,o=Acme -g -a
19-7
Removing members from places

Use the qptool removemember command to remove local or external members from places. Enter the following command at the server console::
load qptool removemember arguments

Table 19-9. Arguments for the qptool removemember command Argument -? -dn name Description Prints help on the command. Name of an external user or group to remove. If the name contains a space, include quotation marks around it. Specify the name exactly as it is defined in the external directory, for example: cn=connor jones,ou=sales,o=acme Include any spaces in the name. Specify the character case (uppercase or lowercase) correctly. -g Indicates that a specified distinguished name is that of a group. Name of a local user to remove. If the name contains a space, include quotation marks around it, for example: Jonathan Carter -a -p place(s) Removes the specified name from all places. Removes the specified name from a place or a space-separated list of places. XML input file located in the server program directory that specifies the places from which to remove the specified name. XML output file that logs the results of the command. By default the command logs results to qptool.removemember.xml in the server program directory.
-u name
-i inputfilename
-o outputfilename
Table 19-10 provides examples of the command.

Table 19-10. Examples of the qptool removemember command Task Remove the external user cn=connor jones,ou=sales,o=acme from the place P1 Command >load qptool removemember -dn cn=connor jones,ou=sales,o=acme -p P1
19-8
Table 19-10. Examples of the qptool removemember command (continued) Task Remove the external group cn=managers,ou=groups,o=acme from the place P1 Remove the local user Jonathan Carter from the places P1 and P2 Remove the external user cn=connor jones,ou=sales,o=acme from all places Command >load qptool removemember -g -dn cn=managers,ou=groups,o=acme -p P1 >load qptool removemember -u Jonathan Carter -p P1 P2 >load qptool removemember -dn cn=connor jones,ou=sales,o=acme -a
Remove the external group >load qptool removemember -i qptool.myremmem.xml cn=managers,ou=groups,o=acme from places specified in -g -dn cn=managers,ou-groups,o-acme the XML input file qptool.myremmem.xml Remove the external user cn=connor jones,ou=sales,o=acme from the place P1 and log the command output to the non-default XML output file qptool.myoutfile.xml >load qptool removemember -dn cn=connor jones,ou=sales,o=acme -p P1 -o qptool.myoutfile.xml
Changing local member passwords

Use the qptool password command to change passwords for local members. Note: To change the password for an external member, change the members entry in the user directory. To change local member passwords, enter the following command at the server console:
load qptool password arguments
where arguments are described in Table 19-11

Table 19-11. Arguments for the qptool password command Argument -? -u name Description Prints help on the command. Specifies of the name of the local member whose password you are changing. If the name has spaces, include quotations marks around the name, for example: Joe Smith. -pw password -p place (s) Specifies the new password. Specifies a place or a space-separated list of places on which to change the users password. XML input file located in the server program directory that specifies places on which to change the users password.
-i inputfilename
19-9
Table 19-11. Arguments for the qptool password command (continued) Argument -o outputfilename Description XML output file that logs the results of the command. By default the command logs results to qptool.password.xml in the server program directory.
Table 19-12 provides examples of the command.

Table 19-12. Examples of the qptool password command Task Change the password for a local user whose name has no spaces Change the password for a local user whose name includes spaces Command >load qptool password -p placename -u joeuser -pw newpassword >load qptool password -p placename -u joe user -pw newpassword
Managing expanded membership

Use the qptool membershipmodel to enable expanded membership in places, to recreate expanded membership groups if you change the LDAP directory or base distinguished name used for them, or to resolve problems with expanded membership groups. CAUTION: Do not use the membershipmodel command until you have read about expanded membership and how to set it up.
Enabling expanded membership in places

If you have enabled expanded membership on the server, use the qptool membershipmodel command to enable expanded membership in one place, specific places, or all places. After you have enabled expanded membership in a place, reverting the place to standard membership is not supported. If there are replicas of a place, run the command on one replica only. To enable expanded membership in a place or places, enter the following command at the server console::
load qptool membershipmodel arguments
where arguments are arguments described in Table 11-2 on page 11-13

Table 19-13. Arguments for enabling expanded membership in places Argument -? -toexpanded -a Description Prints help on the command. Converts places to expanded membership. Runs the command on all places that do not currently use expanded membership
19-10
Table 19-13. Arguments for enabling expanded membership in places (continued) Argument -p places Description Runs the command on a place or a space-separated list of places. Runs on places specified in an XML input file. XML output file that logs the results of the command. By default the command logs results to qptool.membershipmodel.xml in the server program directory.
-i inputfilename -o outputfilename
Table 11-3 on page 11-14 provides examples of using the membershipmodel command to enable expanded membership in places.
Table 19-14. Examples of enabling expanded membership in places Task Enable placeofmanymembers to use expanded membership. Enable all places that do not currently use expanded membership to use expanded membership. Command >load qptool membershipmodel -toexpanded -p placeofmanymembers >load qptool membershipmodel -toexpanded -a
Changing the directory server or base distinguished name used for the expanded membership groups
Follow specific steps to change the LDAP directory server or base distinguished name used for expanded membership groups. Perform the following steps in the exact order given: 1. Enter the following command at the server console to remove all of the existing expanded membership groups from the directory server that currently stores them:
load qptool membershipmodel -rmgroups -a
2. Change the host name or base distinguished name specified in the expanded membership model section of the qpconfig.xml file. You can change one or both settings. v To change the directory server in which to store the expanded membership groups, change the hostname setting, and optionally the ssl and port setting. v To change the base distinguished name under which to store the expanded membership groups, change the base _dn setting. Make sure the new base_dn value exists on the directory server. 3. Enter the following command at the server console to restart the HTTP task:
restart task http
4. If the user name and password the IBM Lotus Quickr server will use to manage the groups at the new LDAP directory location are not the ones currently configured, use the Site Administration User Directory page to configure the correct user name and password. Make sure the name you specify has write access to the base distinguished name used for the expanded membership groups. 5. If you changed the base_dn setting, enter the following command at the server console to update the names of the groups in the place ACLs of all the places that use expanded membership:
load qptool membershipmodel -basedn -a
19-11
6. Enter the following command at the server console to generate the groups at the new directory location for each place that uses expanded membership:
load qptool membershipmodel -addgroups -a
Recreating expanded membership groups to resolve problems

If expanded membership is used and My Places or cross-place searching does not work, the expanded membership groups may be corrupt or out of synchronization with their places. Remove and then recreate the groups to correct the problem. Enter the following commands at the server console:
load qptool membershipmodel -rmgroups -p place load qptool membershipmodel -addgroups -p place
where place is the name of one place or a space-separated list of places.
Using expanded membership logging

By default, the server logs errors related to the use of expanded membership to the server console and Lotus Notes log. To help troubleshoot a problem related to expanded membership, use the notes.ini setting QuickPlaceMembershipModelLogging to increase the level of logging. Specify QuickPlaceMembershipModelLogging=1 to log slightly more detail than the default logging level, or specify QuickPlaceMembershipModelLogging=2 to do verbose logging. Because higher logging levels adversely affect server performance, specify QuickPlaceMembershipModelLogging=0 or remove the setting to revert to the default logging level when you are finished using these higher levels.
19-12
Managing places
Use My Places and qptool commands to manage places.
Using My Places for place administration

External members who have at least reader access to places can use My Places to display statistics about the places. External members with manager access can use My Places to perform place administration tasks. Related concepts Whats new? on page 4-11 Read about the new features in this release.
Using My Places to display place statistics

Use My Places to display a variety of statistics about the places that you have access to. Perform these steps: 1. Log in to the server. 2. Click My Places from any page. 3. Click Show Usage Statistics. My Places then shows the following information about each place that you have access to: v Name v Title v Size v Date last accessed v Date last modified v Number of logins since installation or since qptool placecatalog -reset was run on the place. v Number of document reads since installation or since qptool placecatalog -reset was run on the place. v Number of postings since installation or since qptool placecatalog -reset was run on the place. v Number of readers, authors, managers, and editors v Number of documents, draft documents, attachments, and custom forms v Number of offline installs v Largest document size v Number of uses, reads, and writes within the last day, week, and month.
Using My Places to perform place administration tasks

Managers of places can use My Places to lock and unlock places, update and reset place data statistics, and remove places. Perform the following steps 1. Log in to the server. 2. Click My Places from any page. 3. Click Show Usage Statistics. 4. Click the drop-down arrow next to a place that you manage, select Admin Actions, and then select a command described in the following table
20-1
Table 20-1. Administration actions available from My Places Command Lock Place Unlock Place Update Place Data Statistics Description Issues the load qptool lock command on the server to lock and place and prevent users from accessing it. Issues the load qptool unlock command on the server to unlock a locked place. Issues the load qptool placecatalog -push command on the server to update statistics for the place in the place catalog that are not updated automatically in real-time. Issues the load qptool placecatalog -reset command to reset the login, documents reads, and posting counts to 0 in the place catalog, so that you can measure them for a specific time period. Issues the load qptool remove command on the server to mark a place for removal. Users will no longer be able to access a place marked for removal.
Reset Place Data Statistics
Remove Place
Sending mail to place members

Use the qptool sendmail command to broadcast an e-mail message to place managers or to all members of a place. The sendmail command is useful for communicating administration issues. For example, you could send a broadcast e-mail to the managers of places if the places have exceeded a predetermined size limit and will be archived. Enter the following command at the server console to send mail to place members:
load qptool sendmail arguments
where arguments are described in the following table Table 20-2:

Table 20-2. Arguments for qptool sendmail Argument -? -template template -managers Description Prints help on the command. XSL template file that specifies the message. Sends mail to managers only. Without this argument, sends mail to all members, including the managers. A required argument that specifies the places and other data in an XML input file located in the server program directory. If you are using tags for title, size, last_accessed or last_modified, values for those fields must exist in the input file. The qptool sendmail command only looks to the input file for its data; it does not query the places for the tag values. Logs results to a specified XML output file. By default logs results to qptool.sendmail.xml in the program directory.
-i inputfile
-o outputfile
20-2
Sample template file

Customize the following sample template to suit your needs:
<?xml version="1.0"?> <xsl:stylesheet xmlns:xsl="http://www.w3.org/1999/XSL/Transform" version="1.0" xmlns:lsxlt="http://xml.apache.org/xslt" xmlns:java="http://xml.apache.org/xslt/java"> <xsl:template match="place"> <mail> <from>E-mail address here</from> <cc>List of e-mail addresses here</cc> <bcc>List of e-mail addresses here</bcc> <subject>Subject string here</subject> <body>
This mail is sent to members of place <xsl:value-of select=./name/> by qptool sendmail using xsl as a mail template. Some other fields you might want to use are:
TITLE: <xsl:value-of select="./title"/>, SIZE: <xsl:value-of select="./size"/>, LAST_ACCESSED: <xsl:value-of select="./last_accessed"/>, LAST_MODIFIED: <xsl:value-of select="./last_modified"/> </body> </mail> </xsl:template> </xsl:stylesheet>
Note: You can include information about each place in the e-mail to managers or members of that place. The tags used in the template look like: <xsl:value-of select=./fieldname/> where fieldname is the name of a field in the input XML.
Sending newsletters to subscribers

Use the qptool newsletter command to send daily and weekly newsletters to members of places. Members of a place can receive daily newsletters if daily newsletters are enabled for the place in Customize, Basics, and can receive weekly newsletters if weekly newsletters are enabled in Customize, Basics. To receive a newsletter, a member must subscribe to newsletters in the member information page and must have a valid e-mail address. Note: IBM Lotus Quickr cannot mail newsletters to groups. If you want to mail a newsletter to a user who is a member of a group, add the user as an individual member of the place. To send newsletters, enter the following command from the server console:
load qptool newsletter arguments

Table 20-3. Arguments for qptool newsletter Argument -? Description Prints help on the command.
Managing places
20-3
Table 20-3. Arguments for qptool newsletter (continued) Argument -daily Description Sends newsletters in daily format. By default the NOTES.INI file includes the setting ServerTasksAt1=qptool newsletter -daily -a so that daily newsletters are sent at 1 AM for all places. You can change the time when daily newsletters are sent by modifying the notes.ini file or scheduling the command through a Program document. Sends newsletters in weekly format. Using a Program document to schedule the mailing of weekly newsletters for all places is recommended. Weekly newsletters typically take longer to process then daily newsletters, especially if there are many members and places. Server performance can slow during processing. Therefore, schedule the newsletter -weekly command to run during non-business hours, for example Friday evenings or Saturdays. Note: Place members who sign up to receive weekly newsletters only receive them if you create a Program document in the Domino Directory with qptool newsletter -weekly -a and set a time and day for the server to collect and send weekly newsletters. -a -p place(s) Sends newsletters for all places. Sends newsletters for a place or a space-separated list of places. Sends newsletters for places specified in an XML input file located in the server program directory. Logs results to a specified XML output file. By default logs results to qptool.newsletter.xml in the program directory.
-weekly
-i inputfile
-o outputfile
Locking and unlocking places on the server

Use the qptool lock and qptool unlock commands to take places in and out of service without stopping the server. Use the lock command to put places temporarily out of service during maintenance operations and then use the unlock command when the maintenance operations are complete. When you have locked a place, a user trying to access that place receives a message that you specify. Other qptool commands lock places specified in the command automatically before running and then unlock the places when the operations are complete. However, you might want to lock a place before running multiple qptool commands to prevent users from accessing the place until you have finished running the commands. For example, you might want to lock a place while using the qptool changemember command to change several member names within the place to prevent members from accessing the place until all the name changes are complete. When a place is locked, the only qptool command you can run on it is qptool unlock.
20-4
Enter the following command the server console to lock or unlock a place:
load qptool lock[unlock] arguments

Table 20-4. Arguments for qptool lock and qptool unlock Argument -? -a -p place(s) Description Prints help on the command. Locks/unlocks all places. Specifies a place or a space-separated list of places to lock/unlock. Specifies a message to display to users who visit a locked place to indicate it is unavailable. Use quotes if the message contains spaces. XML input file located in the server program directory that specifies the places to lock/unlock. XML output file that logs the results of the command. By default the command logs results to qptool.lock.xml or qptool.unlock.xml in the server program directory. Note: To receive even more information during the lock/unlock process, you can set QuickPlaceLockLogging=1 in the notes.ini file.
-message message
-i inputfile
-o outputfile
Table 20-5 provides examples of the commands.

Table 20-5. Examples of qptool lock and qptool unlock Task Lock a place. Command > load qptool lock -p placename -message Place is undergoing membership changes. Please try back after 4 pm. (where placename is the name of the place being locked). > load qptool unlock -p placename
Unlock a place.
Archiving places
Use the qptool archive command to copy place directories and their contents to a specified archive directory. Use the archive command when you want to: v Back up active places by archiving them to a target directory without deleting them from the server. v Back up active places before moving them to another server. v Back up inactive places before removing them from the server. To archive places, enter the following command from the server console:
Managing places
20-5
load qptool archive arguments
where arguments are described in Table 20-6.

Table 20-6. Arguments for qptool archive Argument -? -dir path directory Description Prints help on the command. Directory in which to archive places. If you specify an archive directory without an explicit path, the specified archive directory is put in the server data directory. If the specified directory does not already exist, it is created. Note: The archive command does not archive a place that already exists in the archive directory. Archive all places. Specifies a place or a space-separated list of places to archive. XML input file located in the server program directory that specifies the places to archive. XML output file that logs the results of the command. By default the command logs results to qptool.archive.xml in the server program directory.
-a -p place(s)
-i inputfilename
-o outputfilename
Table 20-7 provides examples of using the archive command.

Table 20-7. Examples of qptool archive Task Back up all places on the server Archive more than one place to a target directory below c:\ Archive places specified in an XML input file to a directory below c:\ Archive a place to a directory below c:\ and log output to a non-default XML file location. Command >load qptool archive -dir x:\qpbackup -a >load qptool archive -dir c:\threeplaces -p placeone placetwo placethree >load qptool archive -i qptool.archive.xml -dir c:\threeplaces >load qptool archive -p placename -dir c:\placenameback -o c:\qptool.archive.xml
Restoring an archived place that you removed

If you archived a place and removed it from the server but now want to restore the place, use the qptool unlock and qptool register commands. Perform the following steps: 1. Use an operating system copy command to copy the archived place back to the domino_data_root\ LotusQuickr directory. 2. Enter the following commands at the server console:
20-6
load qptool unlock -p place load qptool register -p place -install
For example, suppose you used the following commands to archive placeone and remove it from the server data directory:
load qptool archive -p placeone -dir d:\archivedir load qptool remove -p placeone -now
To restore placeone, perform the following steps: 1. Copy d:\archivedir\placeone\ to the domino_data_root\LotusQuickr\ directory. 2. Enter the following commands at the server console::
load qptool unlock -p placeone load qptool register -p placeone -install
Renaming places
Use the qptool unregister and register commands to rename a place. Perform the following steps: 1. Enter the following commands from the server console:
load qptool unregister -p placename load qptool lock -p placename
where placename is the current name of the place to be renamed. 2. Enter the following command from the server console to release any open database handles to the place:
Dbcache flush
3. Through the file system, rename the places folder in the domino_data_root\LotusQuickr directory. 4. Enter the following commands from the server console:
load qptool unlock -p placename load qptool register -p placename -install
where placename is the new name of the place.
Moving a place from one current-release server to another

You can move a place from one current-release server to another. Perform the following steps: 1. Enter the following command at the server console to make an archive copy of the place before you move it:
load qptool archive -p placename -dir archive_directory
2. Enter the following command at the server console to unregister the place from the Place Catalog:
load qptool unregister -p placename
3. Use a file system command to copy the places directory and contents from the domino_data_root\ LotusQuickr directory on the original server to the same location on the target server. 4. Enter the following command to unlock the place on the target server:
load qptool unlock -p placename
5. Enter the following command on the target server to update place information in the place and in the Place Catalog:
load qptool register -p placename -install
6. Enter the following command to delete the place from the original server:
load qptool remove -p placename
Managing places
20-7
If the original and target servers use different user directories, and the external members of a place have different distinguished names in each directory, use the qptool changemember or changehierarchy command to change the names in the place so these users can continue to access it.
Removing places and PlaceTypes from the server

Use the qptool remove command to remove places or PlaceTypes from the IBM Lotus Quickr server. You might want to remove a place or PlaceType that is no longer used or that hasnt been used for a long time. To remove places or PlaceTypes, enter the following command from the server console:
load qptool remove arguments
The following table describes the arguments for the command.

Argument -? -now Description Prints help on the command. Deletes places or PlaceTypes immediately. If you do not use this argument, places or PlaceTypes are only marked for removal. A place or PlaceType that is marked for removal is inaccessible from a browser but still exists in the file system. Note: Do not use this argument to remove a place in a cluster, as the deletion may not replicate. Deletes places or PlaceTypes that were previously marked for removal through the remove command or that were deleted through the Lotus Quickr user interface. The ServerTasksAt2 NOTES.INI setting includes qptool remove -cleanup, so that the command runs by default at 2 AM. Note that the -cleanup argument does not work on places that are in the database cache. Since QPTool -cleanup typically runs off-hours, places are not in the database cache when the command is run. If you run qptool remove -cleanup at other times, use the dbcache flush command to flush databases from the cache before using -cleanup. For more information on the database cache, see Domino Administrator Help. -a Marks for removal or deletes all places on the server. This argument does not run on PlaceTypes. Specifies a place or a space-separated list of places to mark for removal or to delete. Specifies a PlaceType or a space-separated list of PlaceTypes to mark for removal or to delete. XML input file located in the server program directory that specifies places or PlaceTypes to mark for removal or to delete.
-cleanup
-p place(s)
-pt PlaceTypes
-i inputfilename
20-8
Argument -o outputfilename
Description XML output file that logs the results of the command. By default the command logs results to qptool.remove.xml in the server program directory.
Note: If you use Search Places on the server, do not use the -now argument to remove places. Instead use the remove command without the -now argument and mark the places for removal. After you mark the places for removal, run the Catalog and Domidx tasks on the Domain Catalog server. After the Domidx task has completed, use the remove command with the -cleanup argument to remove the places. Follow this removal procedure to ensure that information in documents from the deleted places is also removed from the search index. The following table provides examples of using the remove command.
Task Mark the place P1 for removal Mark all places on the server for removal Mark PlaceType PT1 for removal Mark places P1, P2, and P3 for removal Mark places for removal that are specified in the XML input file qptool.removeinput.xml Mark the place P1 for removal and log output to the non-default XML file qptool.removeoutput.xml Remove the place P1 immediately Remove all PlaceTypes on the server immediately. Note that you cannot use the -a argument to remove all PlaceTypes. Command >load qptool remove -p P1 >load qptool remove -a >load qptool remove -pt PT1 >load qptool remove -p P1 P2 P3 >load qptool remove -i qptool.removeinput.xml
>load qptool remove -p P1 -o qptool.removeoutput.xml
>load qptool remove -p P1 -now >load qptool remove -pt PT1 PT2 PT3 PT4 PT5 -now
Reactivating a place mistakenly removed using QPTool remove

If you remove a place using qptool remove by mistake, (without the -now argument), you can reinstate the place. To do so, from Notes, edit the database titles of Main.nsf, Contacts1.nsf, and any PageLibraryxxx.nsf files for the place and change them from [delete pending] to the name of the place. You must also use qptool register -p placename to re-create the place document in the Place Catalog.
Completing the deletion of a place mistakenly deleted through the file system
If you mistakenly use a file system command to delete a place, rather than the qptool remove command or the Lotus Quickr user interface, the place still has a Place document in the Place Catalog and is still listed in My Places, although users cant access the place. To remove these references to the place, from Notes, delete the places document from the Place Catalog, and delete the places mail-in database entry from the Domino Directory.
Managing places
20-9
Generating reports about places

Use the qptool report command to pull information from the Place Catalog to generate reports about places. You can use this command on a place created prior to the current version of IBM Lotus Quickr only if you first use the qptool upgrade command to upgrade the place. Using the report command, you can retrieve the following information from the Place Catalog about places: v Name v Title v Server name v Size v Date last accessed v Date last modified v Locked state qptool report can gather information from all servers in a cluster. However, if the results of the report command are supplied as input to another qptool command, the other command only acts immediately on the places on the server from which you issue the command. Note that although the Place Catalog lists the Readers, Authors, and Managers of places you cannot use the report command to generate this information in a report. 1. Make sure the Place Catalog is full-text indexed. For information, see Domino Administrator Help. 2. Enter the following command at the server console to update statistics in the Place Catalog:
load qptool placecatalog -push -a
3. (Cluster environment only) Enter the following command at the server console to synchronize place statistics across place documents:
load qptool placecatalog -update
4. Enter the following command at the server console:

load qptool report arguments

Table 20-8. qptool report arguments for reporting on places Argument -? -a -q query Description Prints help on the command. Generates a report for all places. Generates a report on places that match the criteria specified in a full-text query. In a query, you refine a search by using operators in conjunction with any of the fields in the Place Catalog. For example, you can generate a report on all places last accessed before a specified date. Enclose a field specified in a query within brackets [ ]. For information on using operators to refine a search, see Notes Help.
20-10
Table 20-8. qptool report arguments for reporting on places (continued) Argument -p place(s) Description Generates a report for a specified place or a space-separated list of places. XML output file that logs the results of the command. By default the command logs results to qptool.report.xml in the server program directory.
-o outputfilename
Table 20-9 provides example of using qptool report to report on places:

Table 20-9. Examples of reporting on places Task Report on a specific place Report on all places in the Place Catalog Report on all places whose size is greater than 1000 kilobytes Report on all places last accessed before 5/30/2006 Report on all places last modified after 5/30/2006 Report on all places and log results to a non-default XML output file qptool.myout.xml Command >load qptool report -p placename >load qptool report -a >load qptool report -q [PlaceSize]>1000.
>load qptool report -q [PlaceLastAccessed]<5/30/2006 >load qptool report -q [PlaceLastModified]>5/30/2006 >load qptool report -a -o qptool.myout.xml
Registering and unregistering places

Use the qptool register command to add place documents in the Place Catalog for places created prior to enabling the Place Catalog or for places added from another server, to adjust server-specific information for a place that has been moved from another server or renamed on the same server, or to restore a place that was previously archived. Use the qptool unregister command to remove a places document from the Place Catalog. For example, if the Place Catalog is down for any period of time, unregister all places and then use the register command to register the place again so that the Place Catalog contains up-to-date place information. Note that when you use the remove command to remove a place, you do not have to use the unregister command because the remove command automatically removes the place document. To register or unregister places, enter the following command at the server console:
load qptool register[unregister] arguments

Table 20-10. Arguments for the qptool register and unregister commands for places Argument -? Description Prints help on the command.
Managing places
20-11
Table 20-10. Arguments for the qptool register and unregister commands for places (continued) Argument -placecatalog Description Registers/unregisters specified place(s) in the Place Catalog. Installs and resets server-specific information for places that have been: v Moved to this server from another server v Renamed on this server v Restored from archive . Note: Before you run qptool register -install -a, run qptool remove -cleanup to avoid creating partial entries in the Place Catalog associated with places marked for removal. -a -p place(s) Registers/unregisters all places. Specifies a place or a space-separated list of places to register/unregister. XML input file located in the server program directory that specifies the places to register/unregister. XML output file that logs the results of the command. By default the command logs results to qptool.register.xml or qptool.unregister.xml in the server program directory.
-install
-i inputfilename
-o outputfilename
Table 20-10 on page 20-11 provides examples of using the qptool register and unregister command for places.
Table 20-11. Examples of registering and unregistering places Task Register a place that has been moved from another server, renamed on the current server, or restored from archive Unregister a place Register a place in the Place Catalog only Register multiple places that have been moved from another server Unregister multiple places Command >load qptool register -p placename -install
>load qptool unregister -p placename >load qptool register -p placename -placecatalog >load qptool register -p place1 place2 place3 -install
>load qptool unregister -p place1 place2 place3
Register all places on the server in the Place Catalog after >load qptool register -a -placecatalog upgrading to the current release and enabling the Place Catalog Unregister all places on the server (that is, remove from place catalog) >load qptool unregister -a
20-12
Table 20-11. Examples of registering and unregistering places (continued) Task Register places specified in an input file Unregister places specified in an input file Register a place and log results in a non-default output file Unregister a place and log results in a non-default output file Command >load qptool register -i qptool.myinput.xml >load qptool unregister -i qptool.myinput.xml >load qptool register -p placename -o qptool.myout.xml
>load qptool unregister -p placename -o qptool.myout.xml
Managing places
20-13
20-14

You can perform a variety of PlaceType management tasks.
Reordering the servers PlaceType list

You can change the order of the PlaceTypes list that users see when they create a place. For example, if your list contains 150 PlaceTypes, but MeetingRoom PlaceType is the most popular, you can move MeetingRoom PlaceType to the top of the list. To 1. 2. 3. 4. 5. 6. reorder the PlaceType list: Log in to the server as an administrator. Click Work with Templates. Click Reorder. Click the PlaceType name you want to move. Click the up or down arrow to move the PlaceType. Click Next.
Hiding PlaceTypes in the PlaceTypes list

You can hide the name of a PlaceType in the list of PlaceTypes that users see when they create a place. For example, if you are experimenting with the contents of the PlaceType, you can hide the PlaceType while it is in progress. Administrators see the word hidden next to the name in the list. Perform the following steps: 1. Log in to the server as an administrator. 2. Click Work with Templates. 3. Click Show/Hide. 4. Clear the check mark next to the PlaceType. 5. Click Next.
Refreshing places and PlaceTypes

You can create a PlaceType from a place and a place from a PlaceType. When one is created from the other, the server maintains a parent-child relationship between the two. You can refresh a child place or child PlaceType so the child inherits new and modified elements from its parent. For example, suppose you create the place Sales and give it the look and feel you want to appear in places that members of the Sales team create. You create a PlaceType from it called Sales PlaceType, and then create the place West Coast Sales from Sales PlaceType. You can change the design of Sales, and then refresh Sales PlaceType, and then West Coast Sales to distribute the changes. Note: When you refresh a place or PlaceType in a cluster, do the refresh on one server only and then let the changes replicate to the other servers.
Refreshes
The qptool refresh command refreshes places and PlaceTypes. By default, the command runs daily at 4 AM to refresh all child places on the server, but not PlaceTypes. You can run qptool refresh from the server console or through the Working with Templates link.
21-1
A place manager can control whether qptool refreshes a place.
Place membership
If the place manager allows it, membership of a place can be passed to a PlaceType when the PlaceType is created. That membership is then passed to new places created from the PlaceType. For example, if Annie is a member of Sales with Author access, she can automatically become an Author in Sales PlaceType created from it, and in West Coast Sales created from Sales PlaceType Changes to members and membership are not inherited during a refresh, however. For example, if the manager of Sales changes Annies access to Reader, Annie still has Author access to Sales PlaceType and West Coast Sales after they are refreshed. CAUTION: When a new room is inherited, membership to the room is not inherited, but instead is determined by the rooms parent room in the place. For example, to continue the preceding example, assume that the manager of Sales adds a new room called Finances and gives only herself access to read sensitive information in it. When Sales PlaceType and then West Coast Sales are refreshed, West Coast Sales inherits the room Finances but all West Coast Sales members with Reader access or above to Sales can read Finances unless the West Coast Sales manager restricts the access.
Levels of refresh
There are two levels of refresh available for a place: basic refresh (the default level) or replace. With basic refresh, elements originating from a PlaceType but modified directly in a place are not affected by the refresh. For example, basic refresh does not affect changes a place manager makes to the Welcome page. A replace occurs only when you use qptool refresh command with the -r argument. Use replace with extreme caution because it causes all elements in a place that originated from a PlaceType to be updated, even elements modified directly in the place. Neither basic refresh nor replace modifies elements that were created directly in a place rather than originating from a PlaceType. Because changes to a PlaceType are never made directly in a PlaceType but instead can occur only through a refresh, it makes no difference which level of refresh you use to refresh PlaceTypes.
How basic refresh affects the elements in places

If you do a basic refresh of a child place with its PlaceType, and there are no changes in the PlaceType, the refresh causes no change in the child place. If there are changes in the PlaceType, the child place does not inherit an element change or deletion from the PlaceType if the element was also changed or deleted directly in the child place. The following tables describe this behavior in detail. Table 21-1 describes the effect of a basic place refresh when elements have changed in its PlaceType.
Table 21-1. The effect of basic refresh when elements have changed in a PlaceType Refresh effect on element in place if element not changed in place Updated Updated Refresh effect on element in place if element changed in place No change No change Refresh effect on element in place if element deleted in place No change No change
Element modified in PlaceType Page Folder
21-2
Table 21-1. The effect of basic refresh when elements have changed in a PlaceType (continued) Refresh effect on element in place if element not changed in place Updated Updated Updated Updated Updated Updated Updated No change No change Refresh effect on element in place if element changed in place No change No change No change No change No change No change No change No change No change Refresh effect on element in place if element deleted in place No change No change No change No change No change No change No change No change No change
Element modified in PlaceType Room Form Field Theme PlaceBot Room Setting Aesthetic Settings Member Local group
Table 21-2 describes the effect of a basic place refresh when elements have been deleted in its PlaceType.
Table 21-2. The effect of basic refresh when elements have been deleted in a PlaceType Refresh effect on element in place if element not changed in place Deleted Deleted* Deleted** Deleted Deleted Deleted Deleted N/A N/A No change No change Refresh effect on element in place if element changed in place No change No change No change No change No change No change No change N/A N/A No change No change Refresh effect on element in place if element deleted in place No change No change No change No change No change No change No change N/A N/A No change No change
Element deleted in PlaceType Page Folder Room Form Field Theme PlaceBot Room Setting Aesthetic Settings Member Local group
21-3
*Folders that contain pages originating from a PlaceType but modified directly in the place, or that contain pages created in the place rather than originating from a PlaceType, are not deleted. **Rooms that contain elements originating from a PlaceType but modified directly in the place, or that contain elements created in the place rather than originating from a PlaceType, are not deleted. A task page in a place derived from a PlaceType lists [h_Managers] as editor Note: In a place that is derived from a PlaceType, all task pages display [h_Managers] in Who can edit this task. Since membership is not refreshed, members removed from the place will not be added back during refresh. The [h_Managers] entry ensures that managers of the place can edit the page if all other editors are removed from the place.
How replace affects the elements in places

If you replace a place with its PlaceType -- using qptool refresh -r -- changes made to elements directly in the place that originated in the PlaceType are lost. For this reason you should use replace with extreme caution. The following tables describe the behavior of a replace in detail. Table 21-3 describes the effect of a place replace when elements have not changed in its PlaceType.
Table 21-3. Effect of replace when PlaceType elements are unchanged Replace effect on element in place if element not changed in place No change No change No change No change No change No change No change No change No change No change No change Replace effect on element in place if element changed in place Replaced Replaced Replaced Replaced Replaced Replaced Replaced Replaced Replaced No change No change Replace effect on element in place if element deleted in place Copied back Copied back Copied back Copied back Copied back Copied back Copied back Copied back Copied back No change No change
Element not changed in PlaceType Page Folder Room Form Field Theme PlaceBot Room Setting Aesthetic Settings Member Local group
Table 21-4 on page 21-5 describes the effects of a place replace when elements have been modified in its PlaceType.
21-4
Table 21-4. Effect of replace when PlaceType elements are modified Replace effect on element in place if element not changed in place Updated Updated Updated Updated Updated Updated Updated Updated Updated No change No change Replace effect on element in place if element changed in place Replaced Replaced Replaced Replaced Replaced Replaced Replaced Replaced Replaced No change No change Replace effect on element in place if element deleted in place Copied back Copied back Copied back Copied back Copied back Copied back Copied back Copied back Copied back No change No change
Element modified in PlaceType Page Folder Room Form Field Theme PlaceBot Room Setting Aesthetic Settings Member Local group
Table 21-5 describes what happens as the result of a replace of a place when elements have been deleted in its PlaceType.
Table 21-5. Effect of replace when PlaceType elements are deleted Replace effect on element in place if element not changed in place Deleted Deleted* Deleted** Deleted Deleted Deleted Deleted N/A N/A Replace effect on element in place if element changed in place Deleted Deleted* Deleted** Deleted Deleted Deleted Deleted N/A N/A Replace effect on element in place if element deleted in place No change No change No change No change No change No change No change N/A N/A
Element deleted in PlaceType Page Folder Room Form Field Theme PlaceBot Room Setting Aesthetic Settings
21-5
Table 21-5. Effect of replace when PlaceType elements are deleted (continued) Replace effect on element in place if element not changed in place No change No change Replace effect on element in place if element changed in place No change No change Replace effect on element in place if element deleted in place No change No change
Element deleted in PlaceType Member Local group
*Folders that contain pages created directly in the place rather than originating from the PlaceType are not deleted. **Rooms that contain any element created directly in the place rather than originating in the PlaceType are not deleted.
Refreshing using the qptool refresh command

Use the qptool refresh command to refresh places and PlaceTypes on the server. Enter the following command from the server console:
load qptool refresh arguments
where arguments are arguments described in Table 21-6.

Table 21-6. Arguments for the qptool refresh command Argument -? -r Description Prints help on the command. Replaces the elements of a place with the elements in its parent PlaceType. Use this argument with caution because with the exception of elements created in a place that do not originate from the PlaceType, use of the argument removes all changes to elements made directly in the place. If you do not use this argument, the command refreshes a place with elements from its parent PlaceType, but retains changes to elements made in the place. -a Refreshes the elements of all places on the server created from PlaceTypes with the parent PlaceTypes. Refreshes the elements of a specified place or space-separated list of places with the elements of its parent PlaceType(s). Refreshes the elements of a specified PlaceType or space-separated list of PlaceTypes with design of the parent PlaceType(s). Refreshes the elements of all places (not PlaceTypes) created from the specified PlaceType or space-separated list of PlaceTypes.
-p place(s)
-pt placetype(s)
-d placetypes(s)
21-6
Table 21-6. Arguments for the qptool refresh command (continued) Argument -i Description XML input file located in the server program directory that specifies places and/or PlaceTypes to be refreshed. XML output file that logs the results of the command. By default the command logs results to qptool.refresh.xml in the server program directory.
-o
Table 21-7 provides examples of the refresh command.

Table 21-7. Examples of the qptool refresh command Task Refresh the elements of child PlaceTypes PT1 and PT2 with the design of their parent PlaceTypes Refresh the elements of child places P1 and P2 with the design of their parent PlaceTypes Refresh the elements of all places on the server created from PlaceTypes Command >load qptool refresh -pt PT1 PT2
>load qptool refresh -p P1 P2
>load qptool refresh -a
Replace the elements of child place P1 with the design of >load qptool refresh -p P1 -r its parent PlaceType and delete any design changes made directly to P1
Refreshing PlaceTypes using the Work with Templates link

If a place used to create a PlaceType is modified, you can use the PlaceTypes room in the administration place to initiate the qptool refresh command to do a basic refresh of the PlaceType. If you use this method, at the same time you refresh you can modify the description that users see, the image, and the URL provided to users for more information. Perform the following steps: Log in to the server as an administrator. Click Work with Templates. Click the name of the PlaceType you want to refresh. Click Edit. Select Yes, copy changes and update the information below. Optional: Type or edit a description to display next to the PlaceType in the list of PlaceTypes. Optional: Select an image file that contains a thumbnail sketch of a page in the PlaceType. The image file must be a GIF or JPG file, and the image itself should be no larger than 100 pixels by 80 pixels. The thumbnail sketch appears next to the PlaceType name in the list. 8. Below Optionally, you can provide a URL for users to visit for more information, specify a URL to a Web page containing more information. The PlaceType will display a More info link. 9. Click Next. 1. 2. 3. 4. 5. 6. 7.
21-7
Step 5 starts qptool refresh in the background. If qptool refresh is already running when you click Next, the PlaceType is not refreshed since only one instance of the command can run at a time. Check the server console to determine whether a PlaceType has been refreshed.
Preventing a place from being refreshed

Place managers can prevent a place created from a PlaceType from being refreshed. Perform the following steps: 1. 2. 3. 4. 5. Open the place. Click Customize. Click Basics Change Basics. In the Updates section, clear the check mark next to Receive updates. Click Done.
Copying a PlaceType to another server

You can use operating system commands to copy a PlaceType from one server to another. A PlaceType consists of a set of Notes database files (NSF files) in the AreaTypes subdirectory on the server. For example, if you create a PlaceType called RapidResponse, and IBM Lotus Quickr is installed in the C:\lotus\domino directory, the NSF files for RapidResponse would be stored in the following location: c:\lotus\Domino\data\LotusQuickr\AreaTypes\RapidResponse\ Perform the following steps to copy a PlaceType from one server to another. These steps refer to the server from which you are copying as Server A and the server to which you are copying as Server B. 1. On server B, create a subdirectory for the PlaceType in x:\Lotus\Domino\data\LotusQuickr\ AreaTypes, where x is the drive on which Lotus Quickr installed. Give the subdirectory the name of the PlaceType. 2. Copy the PlaceType files from server A to the subdirectory you created on server B. 3. If the PlaceType has PlaceBots, you must sign the agents in the database using the server ID of the current server, that is, server B. For more information on signing a database, see Domino Designer Help. 4. Perform the following steps to add the copied PlaceType on Server B to the Server B PlaceTypes list: a. Log in to the server as an administrator. b. Click Work with Templates. c. Click Refresh List.
Deleting PlaceTypes
You can delete a PlaceType that you no longer need. Note: You cannot delete the default PlaceType. Perform the following steps: 1. Log in to the server as an administrator. 2. Click Work with Templates. 3. In the list of PlaceTypes, click the one you want to delete. 4. Click Delete.
21-8
5. In a server cluster, perform the following steps on each additional server in the cluster to remove the PlaceType from the Work with Templates link. This step is necessary because changes made through this link do not replicate in a cluster. a. Log in to the server as an administrator. b. Click Work with Templates. c. Click Refresh List. When you follow the steps above or when you use the qptool remove command without the -now argument to mark a PlaceType for deletion on the current server, it is no longer available to users. However, the file and directory are not actually deleted until the qptool remove -cleanup command runs on the server, by default, at 2 AM. You can remove the PlaceType immediately by using the qptool remove -now command.
21-9
21-10
Maintaining servers
You can perform a variety of server maintenance tasks.
Backing up Lotus Quickr data

You should regularly back up the data on your IBM Lotus Quickr server to prevent permanent loss. In particular, back up the data directory, which contains user data. Use the backup and recovery commands and procedures for a IBM Lotus Domino server to back up the data. For more information, see Domino Administrator Help. IBM Lotus Quickr also provides the qptool archive command to use to make copies of places. Lotus Quickr for i5/OS supports the online backup capability provided with Backup, Recovery, and Media Services for iSeries. Online backup means that Lotus Quickr databases on your system can be saved while they are in use. This support works with a tape device, an automated tape library device, save files, and an ADSM server. Detailed procedures for Lotus Domino and Lotus Quickr are available at http://www.ibm.com/eserver/iseries/service/brms/domino.htm.
Determining server status on i5/OS

Use the wrkdomsvr command to determine the status of an IBM Lotus Quickr server on IBM i5/OS. You must have *JOBCTL special authority to perform this task. Tip: You can also perform this task using iSeries Navigator. For more information, see Installing and Managing Domino 7 for i5/OS. Perform the following steps: 1. On any i5/OS command line, enter the following command and press Enter:
wrkdomsvr
2. The Work with Domino Servers display lists all the Domino servers configured on your system. The Domino Status column indicates the status of the Lotus Quickr server:
Table 22-1. Meaning of wrkdomsvr status Status *ENDED *ENDING *STARTED *STARTING *UNKNOWN Meaning All server tasks have ended. The server is not active. The primary server tasks are ending. The server is running. The primary server tasks are starting. The system cannot determine the status of the server.
22-1
Note: To confirm that all components have started, type a 5 in the Opt column to display the Domino console. On the Display Domino Console display, look for the message, Lotus Quickr Server started which indicates that all Lotus Quickr components have started. You may need to press F5 periodically to refresh the screen.
Updating statistics in the Place Catalog

Use the qptool placecatalog command to push statistics that are not updated in real-time to the Place Catalog, to reset the LoginCounts, DocReadCounts, and PostingCounts place statistics to 0 to begin measuring them for a specific time period, or to synchronize statistics in Place documents between a master server and the other servers in a cluster. Enter the following command from the server console:
load qptool placecatalog arguments

Table 22-2. Arguments for the qptool placecatalog command Argument -? -push Description Prints help on the command. Pushes the following statistics, which are not updated in real-time, from the server to the Place Catalog: v PlaceLastModified v PlaceSize v NumberOfReaders v NumberOfAuthors v NumberOfManagers v NumberOfEditors v NumberOfDocs v NumberOfDrafts v NumberOfAttachments v NumberOfCustomForms v NumberOfOfflineInstalls v LargestDocSize v LasyDayUses v LastDayReads v LastDayWrites v LastWeekUses v LastWeekReads v LastWeekWrites v LastMonthUses v LastMonthReads v LastMonthWrites Note: A server includes the following notes.ini file setting by default, to update these statistics for all places daily at 3 A.M. ServerTasksAt3=qptool placecatalog -push -a
22-2
Table 22-2. Arguments for the qptool placecatalog command (continued) Argument -reset Description Resets the following place statistics to 0 so you can measure them for a specific time period: v LoginCounts v DocReadCounts v PostingCounts -update Within a cluster, a places Place document for the master server might contain different statistics than place documents for the other servers. Use the placecatalog command with the -update argument on the Place Catalog server to synchronize a places statistics across all Place documents. Use placecatalog -update, for example, before using the report command in a cluster environment to ensure that the report contains up-to-date statistics. Applies the command to all places on the server. Applies the command to a specified place or space-separated list of places. Applies the command to places specified in an XML input file located in the server program directory. Logs results to a specified XML output file. By default logs results to qptool.placecatalog.xml.
-a -p place(s)
-i inputfile
-o outputfile
Generating reports about servers

Use the qptool report command to pull information from the Place Catalog to generate reports about servers that include these statistics: Name, Access Protocol, Access TCP Port, Access URL Prefix. qptool report can gather information from all servers in a cluster. However, if the results of the report command are supplied as input to another qptool command, the other command only acts immediately on the places on the server from which you issue the command. Perform the following steps to generate reports on servers registered in the Place Catalog: 1. Make sure the Place Catalog is full-text indexed. 2. Enter the following command at the server console:
load qptool report arguments

Table 22-3. qptool arguments for reporting on servers Argument -? -s Description Prints help on the command. Generates a report using information in the PlaceServers view for all servers listed in the Place Catalog.
Maintaining servers
22-3
Table 22-3. qptool arguments for reporting on servers (continued) Argument -o outputfilename Description XML output file that logs the results of the command. By default the command logs results to qptool.report.xml in the server program directory.
Registering and unregistering servers

Use the qptool register command to register a new server in the Place Cataog. Use the qptool unregister and register commands to reregister a server whose port or protocol settings have changed. You can also register a new server by creating a place on it. To register or unregister a server, enter the following command at the server console:
load qptool register[unregister] arguments

Table 22-4. Arguments for the qptool register and unregister commands for servers Argument -? -placecatalog -server Description Prints help on the command. Registers/unregisters the server in the Place Catalog. Registers/unregisters the server on which the command is run in the Place Catalog. The first time you create a place on a server, the server is registered in the Place Catalog automatically if the Place Catalog is set up. XML output file that logs the results of the command. By default the command logs results to qptool.register.xml or qptool.unregister.xml in the server program directory.
-o outputfilename
Table 22-5 provides examples of using the qptool register and unregister commands for servers.
Table 22-5. Examples of using the qptool register and unregister commands for servers Task Register a server with the Place Catalog Unregister a server with the Place Catalog Command >load qptool register -server >load qptool unregister -server
Recovering if the Place Catalog server goes down

If IBM Lotus Quickr servers share a Place Catalog server and the Place Catalog server stops, after the Place Catalog server is back up, use qptool commands to update place statistics that are not recorded in real-time, or to unregister and reregister any places whose membership changed during the server downtime.
22-4
If the Place Catalog server stops, users cannot create new places, but they can continue to work with existing places. While the users work with these existing places, the following fields in the Place Catalog change automatically because of the user activity: v PlaceSize v PlaceLastAccessed v PlaceLastModified v PlaceReaders v Place Authors v PlaceManagers When the Place Catalog server starts again, perform the following steps: 1. To update PlaceSize, PlaceLastAccessed, and PlaceLastModified statistics, enter the following command at the server console command from each server:
load qptool placecatalog -push -a
2. To account for any place membership changes made during the server downtime, enter the following commands at the server console command from each server with a place membership change:
load qptool unregister -placecatalog -p place load qptool register -placecatalog -p place
where place is the name of a place with a membership change.
Tracking the number of active Lotus Quickr users

To track the number of active users of a IBM Lotus Quickr server, you use standard IBM Lotus Domino Web server logging to log user access information to text files. Then you can use available tools to extract the names of each unique user. To retrieve the total number of active users on multiple servers, you must set up each server to generate log files. When you set up the HTTP task to log user access information to text files, the HTTP task creates one log file a day that contains information about each user session with the server. The default name format for the log files is accessdate.log, where date is the date the log file is created in the format MMDDYYYY.
To set up logging of user access

To set up the HTTP task on a server to log user access information to text files, perform the following steps: 1. Open the Server document for the server in the Domino Directory in edit mode. 2. Click the Internet Protocols HTTP tab. 3. In the Log files field, selected Enabled. 4. In the Directory for log files field, specify an existing directory path for the log files. The HTTP task creates log files only if the specified directory path exists. 5. In the Access log field, specify the prefix for the log files. The default prefix is: access. 6. Click Save and Close. For more information on Web server logging and other log settings in the Server document, see Domino Administrator Help.
Maintaining servers
22-5
To extract the names of users from log files on AIX and Solaris
There are many tools available to extract the names of users from the log files and to exclude irrelevant information. One of the simpler methods available is using native operating system commands. Following are some examples of using the tr, grep, and sort commands on a UNIX system to extract user names from log files.
Example of extracting names from one log file

The following commands translate the contents of the file, access03252002.log, to uppercase letters, extract only the lines that contain the character string CN=, eliminate any duplicate names, and write the resulting list to the file, uniquename.log. tr [:lower:] [:upper:] < access03252002.log | grep CN= | sort -u -k 3,3 > uniquename.log
Example of extracting names from multiple log files

The following commands process two log files, access03252002.log and access03262002.log, to produce the unique user list.
tr "[:lower:]" "[:upper:]" < access03252002.log | grep " CN=" | sort -u -k 3,3 >> tempname.log tr "[:lower:]" "[:upper:]" < access03262002.log | grep " CN=" | sort -u -k 3,3 >> tempname.log sort -u -k 3,3 < tempname.log > uniquename.log
The following Korn shell commands process all the log files generated by one server in the month of May to produce the unique user list.
for %f in (access05*.log) do tr "[:lower:]" "[:upper:]" < %f | grep " CN=" | sort -u -k 3,3 >> tempname.log for f in `ls -1 access05*log` do tr "[:lower:]" "[:upper:]" < %f | grep " CN=" | sort -u -k 3,3 >> tempname.log done sort -u -k 3,3 tempname.log > uniquename.log
Example of extracting names from log files on multiple servers

To extract a list of active user names for multiple servers, you run the commands described in the examples above on each server, putting the output into a single network file that all servers can access. You then use that network file to generate the final output. For example, if there are two servers, X and Y, and the network file is n:\log\tempname.log, run Korn shell commands such as the following ones on each server: On server X run:
for %f in (access*.log) do tr "[:lower:]" "[:upper:]" < %f | grep " CN=" | sort -u -k 3,3 >> X_tempname.log for f in `ls -1 access*.log` do tr "[:lower:]" "[:upper:]" < %f | grep " CN=" | sort -u -k 3,3 >> X_tempname.log done sort -u -k 3,3 X_tempname.log > n:log\tempname.log
On server Y run:
for %f in (access*.log) do tr "[:lower:]" "[:upper:]" < %f | grep " CN=" | sort -u -k 3,3 >> Y_tempname.log for f in `access*.log`
22-6
do tr "[:lower:]" "[:upper:]" < %f | grep " CN=" | sort -u -k 3,3 >> Y_tempname.log done sort -u -k 3,3 Y_tempname.log > n:log\tempname.log
Then use the following command to sort and generate the final list of names:
sort -u -k 3,3 < n:\log\tempname.log > uniquename.log
If there are many servers and log files to process, you can automate the steps by programming them in a cmd file (Microsoft Windows) or a script file (UNIX).
To extract the names of users from log files on Windows

The tr, grep, and sort commands mentioned in the preceding topic are not available natively on the Windows operating system. However, you can obtain software that makes the UNIX functionality available on Windows through the following sources: v MKS Toolkits, a commercial software package. For information, see: http://www.mkssoftware.com/ products/. v The GNU Project, sponsored by the Free Software Foundation. GNU provides the source form of the commands for Windows. The binary form of the commands can be obtained from the Internet, one example being http://gnuwin32.sourceforge.net/. Obtain textutils, grep, and their supporting libraries, libintl.dll in gettext package libiconv.dll in libiconv package, and pcre.dll in pcre package. For more information, see http://www.gnu.org/. If you use either of these packages, the commands to use on Windows then are ones described below. Note: Windows has a sort command stored in the \WINNT\System32 directory, but the command does not work for the purpose described here. Make sure to use the sort command provided with the software you obtained, rather than the one provided with Windows.
Example of extracting names from multiple log files on Windows

The following commands process all the log files generated by one server in the month of May to produce the unique user list.
for %f in (access05*.log) do tr "[:lower:]" "[:upper:]" < %f | grep " CN=" | sort -u -k 3,3 >> tempname.log tr "[:lower:]" "[:upper:]" < %f | grep " CN=" | sort -u -k 3,3 >> tempname.log sort -u -k 3,3 tempname.log > uniquename.log
Example of extracting names from log files on multiple servers on Windows

For example, if there are two servers, X, and Y, and the network file is n:\log\tempname.log, run commands such as the following ones on each server: On server X run:
for %f in (access*.log) do tr "[:lower:]" "[:upper:]" < %f | grep " CN=" | sort -u -k 3,3 >> X_tempname.log tr "[:lower:]" "[:upper:]" < %f | grep " CN=" | sort -u -k 3,3 >> X_tempname.log sort -u -k 3,3 X_tempname.log > n:log\tempname.log
On server Y run:
for %f in (access*.log) do tr "[:lower:]" "[:upper:]" < %f | grep " CN=" | sort -u -k 3,3 >> Y_tempname.log tr "[:lower:]" "[:upper:]" < %f | grep " CN=" | sort -u -k 3,3 >> Y_tempname.log
Maintaining servers
22-7
sort -u -k 3,3 Y_tempname.log > n:log\tempname.log
Then use the following command to sort and generate the final list of names:
sort -u -k 3,3 n:\log\tempname.log > uniquename.log
22-8
Maintaining a cluster
You can perform a variety of cluster maintenance tasks.
Creating replica stubs for new places, rooms, and PlaceTypes

After the creation of new places, rooms, and PlaceTypes, use the qptool replicamaker command to create replica stubs for them on other servers in a cluster. Note that after creation of the replica stubs, cluster replication or standard replication must then replicate the new places, rooms, and PlaceTypes to populate them initially and then keep them synchronized. qptool replicamaker does the following: v Creates replica stubs for MAIN.NSF and CONTACTS1.NSF on the local server or another server when a place or PlaceType is created. v Makes a new copy of SEARCH.NSF on the local server or another server when a place is created. v Creates replica stubs on the local server or another server for any new rooms. Table 23-1 describes the arguments for qptool replicamaker.
Table 23-1. Arguments for qptool replicamaker Argument -? -s sourceserver Description Prints help on the command. The name of one server involved with the replication. If not specified, default is the local server. If you dont use -s, you must use -t. The name of another server involved with the replication. If not specified, default is the local server. If you dont use -t, you must use -s. Creates replica stubs for all new places, rooms, and PlaceTypes. Creates replica stubs for a specific new place or stubs for a space-separated list of new places. Creates replica stubs for a specified PlaceType or stubs for a space-separated list of PlaceTypes.
-t targetserver
-a
-p place(s)
-pt placetype(s)
Note: You cannot use XML input and output files with this command. To ensure that replica stubs of new places, rooms and PlaceTypes are created quickly and that replication then populates the places, rooms, and PlaceTypes quickly, do the following: v Create Program documents in the Domino Directory that runs the qptool replicamaker command with the -a argument between the servers in a cluster every 10 minutes. If there are more than two servers in the cluster, you must use more than one Program document to run the qptool replicamaker command to ensure that replica stubs are created on all servers in the cluster.
23-1
v Schedule non-cluster replication between all servers in the cluster to occur at least every 20 minutes, to compensate for any lags in cluster replication. For more information on Program documents and on scheduling replication, see Domino Administrator Help. Note: To configure qptool replicamaker to run in verbose mode, so that all activity and errors are logged to the server console to help identify any problems as they arise, use the notes.ini setting QuickPlaceStubMakerLogging=3. To create replica stubs manually, enter the following command at the server console:
load qptool replicamaker arguments
Table 23-2 provides examples of qptool replicamaker.

Table 23-2. Examples of qptool replicamaker Task Do either of the following: v For the new place P1 on the local server, create replica stubs on the server Server2/Acme. v For the new place P1 on Server2/Acme, create replica stubs on the local server. Command Either of the following: >load qptool replicamaker -p P1 -t Server2/Acme >load qptool replicamaker -p P1 -s Server2/Acme
For all new places, rooms, and PlaceTypes created on the Either of the following: local server, create replica stubs on Server2Acme. And >load qptool replicamaker -t Server2/Acme -a for all new places, rooms, and PlaceTypes on Server2/Acme, create replicate stubs on the local server. >load qptool replicamaker -s Server2/Acme -a
Adding a Lotus Quickr server to a cluster

Before you can use a new Lotus Quickr server in an existing cluster, you must first replicate the place data from another Lotus Quickr server in the cluster. Perform the following steps to replicate place data from another Lotus Quickr server. When you are done, add the new server to the cluster, as described in Domino Administrator Help. 1. Start the new server. 2. Use the Site Administration link to specify user directory, security, and other settings. These settings are specified on each server independently. 3. To prevent the use of this server during the data replication process, shut down the HTTP task by entering the following command at the server console:
tell http quit
4. Enter the following command at the server console to create replica stubs for places in the cluster on the new server:
load qptool replicamaker -s remote_server_name -a
where remote_server_name is the hierarchical name of a server in the cluster, for example, Server2/Acme. 5. Wait for the replicamaker command to finish running successfully. This step may take several minutes. 6. Enter the following command at the server console of the new server to use the Domino Replicator to replicate the data and initialize the replica stubs:
23-2
replicate remote_server_name
where remote_server_name is the hierarchical name of the remote server specified previously, for example, Server2/Acme. 7. Wait for the Domino Replicator to finish. This step may take several hours, depending on the amount of data. 8. Enter the following command at the server console of the new server to start the HTTP task:
load http
9. Optional: Enter the following command at the server console of the new server to create search indexes on the newly replicated places. Creating the indexes can take several hours, and can be done while the server is running. Or, wait for the updall task to run automatically at 2 AM.
load updall
Removing a server from a cluster

To remove a server from a cluster, first ensure that all place and room additions and deletions on the server are replicated. Perform the following steps. When you are done, remove the server from the cluster, as described in Domino Administrator Help. 1. Shut down the HTTP task by entering the following command at the server console:
tell http quit
2. Enter the following command at the server console:

load qptool replicamaker -s remote_server_name -a
where remote_server_name is the hierarchical name of another server in the cluster, for example, Server2/Acme. 3. Wait for the replicamaker command to finish running successfully. 4. Enter the following command at the server console to use the Domino Replicator to replicate the data and initialize the replica stubs:
replicate remote_server_name
where remote_server_name is the hierarchical name of the remote server specified previously, for example, Server2/Acme. 5. Wait for the Domino Replicator to finish. 6. Enter the following command at the server console:
dbcache flush
7. Enter the following command at the server console to remove any places that have been marked for deletion:
load qptool remove -cleanup
8. Shut down the server.
Maintaining a cluster
23-3
23-4
Part 6. Customizing services for Lotus Domino

You can customize IBM Lotus Quickr, for example, create PlaceTypes to use as templates for creating places, write client-side JavaScript to extent place functionality, customize the look and layout of places, and use XML to access the Lotus Quickr Java API.
Place architecture
Before you customize a place, you should have a basic understanding of place architecture. Although IBM Lotus Quickr has its own metaphors and object model independent of IBM Lotus Domino, places are implemented using core Lotus Domino technology and data structures. A place is created using Lotus Notes templates to structure data, and databases to store the data. Information in a place is stored in data notes -- the basic unit of information in an IBM Lotus Notes database. The structure of a place is further defined with objects such as rooms, folders, and pages that correspond to Lotus Domino objects. Because the place objects are based on Lotus Domino objects, you can use the Lotus Notes client and Domino Designer to view, customize, and create new objects in a place. Lotus Quickr also uses a subset of the Lotus Domino and Lotus Notes security and authentication model to manage access to a place. It is helpful if you are familiar with the Lotus Notes security model, in particular with basic access control list (ACL) settings, and the use of Reader and Author fields. For up-to-date information on Lotus Notes application security, see the latest Domino Designer Help at http://www.ibm.com/developerworks/lotus/documentation/dominodesigner/.
Place building blocks

When you create a place, you are actually creating several Lotus Notes databases (NSF files). Databases are created from Lotus Notes templates (NTF files). Templates are like blueprints for databases. Templates contain the forms and fields that define a database built from that template. These forms and fields define the look of the database and how the database processes and stores data. Templates allow for a controlled development environment. A developer can change a template, then push these changes out to any databases on the server that were created from that template. In Lotus Quickr, a template is called a PlaceType. The HaikuCommonForms.ntf template is a central repository for forms used by other templates. This reduces the overhead in a Lotus Quickr service, allowing for smaller databases, faster creation of a place, and better performance resulting from more efficient server caching. For more information on Lotus Notes templates and databases, see the Domino Designer Help, available http://www.ibm.com/developerworks/lotus/documentation/dominodesigner/. Table 24-1 describes the databases that are the building blocks of any place.
Table 24-1. Databases that make up places Database Place database (Main.nsf) Description The parent database in any place, created from the Notes templates, MeetingRoom.ntf. All other databases in the place are children of the place database. Contains data on place members and their access levels and is created from the Notes template, Contacts.ntf.
Members Directory database (Contacts1.nsf)
24-1
Table 24-1. Databases that make up places (continued) Database Room database Description Sructures the contents of a particular room in a place. The default room PlaceType is PageLibrary.ntf, which provides indexing infrastructure for maintaining the pages in a room. This PlaceType also provides security and authentication features so that access to a room can be limited to a subset of team members. The database created from the PageLibrary PlaceType is assigned a unique name by the system to allow for multiple rooms within a place.
When administrators log in to the server and use the Site Administration link, they are actually using a place to administer and secure the server. The administrators place is created from the templates CreateHaiku.ntf and Admin.ntf.
Relationship between Lotus Quickr and Lotus Domino objects

Table 24-2 shows the relationship between Lotus Quickr objects and Lotus Domino objects.
Table 24-2. Relationship between Lotus Quickr and Lotus Domino objects Lotus Quickr Object Place Lotus Domino Object File system directory Description Organizes pages in rooms and folders. The structure and design used to create a particular type of place. For example, the default place is Main.nsf, which is created from the MeetingRoom.ntf template. MeetingRoom.ntf is a PlaceType. A collection of pages with its own security and authentication protection. The structure and design used to create a particular type of room. An organizing structure for collecting and displaying related pages in a site. The basic vehicle for content. You can create content using the Lotus Quickr editor or import content from an external source. A member note contains information about a team member of a place.
PlaceType
A collection of database (.nsf) or Notes template (.ntf) files derived from a parent place.
Room
Notes database (.nsf)
RoomType
Notes template (.ntf)
Folder
Domino folder or view
Page
Domino form + subform + data note
Member
Domino data note
24-2
Table 24-2. Relationship between Lotus Quickr and Lotus Domino objects (continued) Lotus Quickr Object Form Lotus Domino Object Data note of type h_Form Description Manages the display of data notes. A form can contain fields for containing data and employ scripts to process and compute data. Allow for user input of data into data notes.
Field
Data note of type h_Field
File directory structure

Lotus Quickr data is stored within the directory domino_data_root\LotusQuickr. Table 24-3 describes the contents of the LotusQuickr subdirectory.
Table 24-3. Contents of LotusQuickr subdirectory Subdirectory domino_data_root\LotusQuickr\AreaTypes domino_data_root\LotusQuickr\lotusquickr Content Contains the templates used to create places and rooms. Contains administrator place files. All places are created from the administrators place. Contains the files of a particular place. place represents the name of the place.
domino_data_root\LotusQuickr\place
Place architecture
24-3
24-4
Customizing and creating objects with Lotus Notes and Domino Designer
Because IBM Lotus Quickr objects are based on Lotus Domino objects, you can use the Lotus Notes client and Lotus Domino Designer to view, customize, and create new objects in a place. All the data for objects in a place are contained in database notes. To view a places objects, change an existing object, or create a new object, you can open the place in a Lotus Notes client and customize the notes. Note: The Lotus Quickr data schema is subject to change in future versions of Lotus Quickr. Applications written to this data schema may need to be modified in order to work with future versions of the product.
To customize existing objects in Lotus Notes

1. Open the place database in Lotus Notes. 2. Select the System QDK view. 3. Open the objects data note document. 4. Change any values in the document and save it. CAUTION: Place objects are often interdependent. Changing the value of an object may affect other objects in the place.
To create new objects in Lotus Notes

To 1. 2. 3. create a new place object using a form: Open the place database in Lotus Notes. Select the System QDK view. Create a document that corresponds to the object you are creating. For example, create a member document to create a place member. 4. Fill in field values to define the new object . 5. Save the document to create the object.
25-1
25-2
Writing client-side JavaScript to extend place functionality

You can enhance the functionality of a place by using client-side JavaScript in themes, imported HTML forms, imported HTML pages, and any other object within the product that will render its HTML or JavaScript, to extend to your own JavaScript code off of any JavaScript function within the product. This process is similar to extending the product functionality by using the server event interface, but instead of being event driven, these extensions are function-call driven. To enable these JavaScript extensions, define a JavaScript function called qpPreHook( arg ) where ( arg ) is the name of the parent function that is calling qpPreHook. Because this qpPreHook( ) function will be called at the start of execution of every JavaScript function within the product, use care when coding because improper coding can severely degrade performance. In the same manner, you can also define a JavaScript function called qpPostHook( arg ). This function will be called upon exiting every JavaScript function within the product. The following HTML form shows a simple example of adding JavaScript extensions. This example uses the extension points in an HTML imported form.
<html> <body> <script> var h_ConfirmNavigationOffEditMsg = "HEY YOU. var g_PreHookFuncStack=""; var g_PreHookFuncStackCalls = 0;
Save changes?";
function qpPreHook( args ) { if( args == "abPreSubmit") { alert("prehook called " + g_PreHookFuncStackCalls + "times from these functions:\n" + g_PreHookFuncStack); g_PreHookFuncStack = ""; g_PreHookFuncStackCalls=0; } else { g_PreHookFuncStack += args + " "; g_PreHookFuncStackCalls++; } } var g_PostHookFuncStack=""; var g_PostHookFuncStackCalls = 0; function qpPostHook( args ) { if( args == "abPreSubmit") { alert("posthook called " + g_PostHookFuncStackCalls + "times from these functions:\n" + g_PostHookFuncStack); g_PostHookFuncStack = ""; g_PostHookFuncStackCalls=0; } else { g_PostHookFuncStack += args + " "; g_PostHookFuncStackCalls++;
26-1
} } </script> <form name="f1"> Name: <input name="title"> Color: <input name="color"> attachment: <quickplacecontrol type="attachment"> </form> </body> </html>
Related concepts Whats new? on page 4-11 Read about the new features in this release.
26-2
Using XML to access the Lotus Quickr Java API

By using XML to access the IBM Lotus Quickr Java API, you can perform a number of actions, such as searching all places in the service, getting a list of all places on a particular server, creating a new place, or adding a new person or group to a place. First, set up the server for Java API access. Next, create well-formed XML that specifies the objects and the actions you want performed on them. Finally, access the Java API by running your XML against the Lotus Quickr processor on the server. The QPAPI process() method processes the XML, performs the actions, and outputs XML detailing the results. For more information on XML standards, see the World Wide Web Consortium (W3C) web site at http://www.w3.org/.
Setting up the server to access the Java API

To set up the server Java API access, perform the steps appropriate for your server platform.
Setting up the server for Java API access (Windows, AIX, Solaris)
If you run IBM Lotus Quickr on Microsoft Windows, IBM AIX, or Sun Solaris, install the Java Development Kit (JDK) and then modify environment variables. Perform the following steps on the server: 1. Install the Java 2 Platform, Standard Edition (J2SE) Development Kit (JDK), version 1.4.2, available on the Web. 2. Add the directory path and file name for the following files to your CLASSPATH environment variable. All of these files are installed with the Lotus Quickr server. v log4j-118compat.jar v quickplace.jar 3. Add the following directory paths to your PATH environment variable: v Domino server program directory (for example, C: \Lotus\Domino) v Java JDK bin directory
Setting up the server to access the API (i5/OS)

If you run IBM Lotus Quickr on i5/OS, perform the following steps to set up the Lotus Quickr server to access the Java API. In addition to the steps below that describe using the ADDENVVAR command, you can use the SETDOMENV command. For more information on this approach, go to http://www.ibm.com/eserver/iseries/domino/devtools/rundomcmd/setdomenv.htm Note: When using the SETDOMENV command, do not set the USER parameter to *SERVER. If the USER parameter is set to *SERVER, you cannot enter commands. To set up the server environment to use the Java API, follow these steps: 1. Set the CLASSPATH environment variable by entering the following command and pressing Enter:
addenvvar envvar(CLASSPATH)value(/qibm/proddata/lotus/quickplace/quickplace.jar: /qibm/proddata/lotus/quickplace/log4j-l18compat.jar:/qibm/proddata/lotus/domino702/Notes.jar: /qibm/proddata/lotus/domino702/xml4j.jar:/qibm/proddata/lotus/domino702/LotusXSL.jar: /qibm/proddata/lotus/domino702/jsdk.jar:/qibm/proddata/lotus/domino702/dservlet.jar)
27-1
2. Set the PATH environment variable by entering the following command and pressing Enter:
addenvvar envvar(PATH) value(/qibm/proddata/java400/jdk14/bin:/qibm/proddata/lotus/domino702: /qibm/userdata/lotus/domino702:/qibm/proddata/lotus/notes:/qibm/userdata/lotus/notes:/notes/data)
where /notes/data is the actual path for your servers data directory. Note: When using the multi-version capable releases of Domino, the Domino-related directories change with each release. For example, in the directory above, domino702, changes to domino703 with the 7.0.3 release of Domino. Because of this behavior, it is important to avoid hard coding this directory PATH in your applications. For more information about the implications of using multi-version capable releases of Domino, go to http://www.ibm.com/eserver/iseries/domino/mv Note: If you receive an error message stating that the environment variable ServerName is missing, it may be because the command did not include the correct data directory. Verify the data directory path and enter the command again. 3. Set the current directory to the server data directory by typing the following command and pressing Enter:
chgcurdir dir(/notes/data)
where /notes/data is the actual path for your servers data directory. 4. Run the job under the QNOTES user profile, using one of the following procedures: v Inside your application, swap to the QNOTES profile by using the following system APIs: QSYGETPH - get profile handle QWTSETP - set profile v Use the Submit Job command (SBMJOB) to submit the job to run under QNOTES. Current library field is set to *CURRENT Copy environment variables field is set to *YES Allow multiple threads field is set to *YES
Accessing the Java API

There are three ways to access the Java API: create an XML input file and run that file against the IBM Lotus Quickr processor from the command line or Lotus Domino server console; write a Java program that creates the XML and passes it to the Lotus Quickr processor programmatically; use the qptool execute command.
Accessing the API from a command line

You can access the IBM Lotus Quickr Java API by creating a well-formed XML document and running it against the Lotus Quickr processor from the operating system command line or Lotus Domino server console. 1. With a text editor, create a new XML document, add the desired well-formed XML, and save the document as an .xml file. 2. Perform one of the following steps to process the XML: v From an operating system command prompt, navigate to the domino_server_root\jvm\bin directory and enter the following command:
java com.lotus.quickplace.api.QPAPI arguments
v From the Lotus Domino server console, enter the following command:
load java com.lotus.quickplace.api.QPAPI arguments
27-2

Table 27-1. Arguments when accessing API from a command line Argument -i inputfile.xml -o outputfile.xml Description Specifies the XML file to execute. XML output document created by Lotus Quickr which contains processed output and status codes. If you do not specify an output file, the file is stdout.xml. The name of the well-formed XML document used by Lotus Quickr during a search to determine the identity of the user performing the search. This document is required as input when accessing the API to search the Lotus Quickr service. For example, to search for the word SSL in the service, you must specify the user who is performing the search. For example, cn=John Smith,o=IBM. The search returns documents that John Smith has access to that contain the word SSL.
-session searchfile.xml
The command is processed by the Lotus Quickr processor, and the QPAPI.process() method is invoked to process the XML. The Java runtime environment you installed is responsible for executing the QPAPI class.
Accessing the API from a Java program

You can access the IBM Lotus Quickr Java API by programmatically generating XML and running it against the QPAPI class. To run XML from within a Java program, you must perform the following actions: v Call the QPAPI.init() method prior to any other Lotus Quickr processing. v Create either XML DOM tree or one or more XML documents specifying the Lotus Quickr Java API objects and the actions you want taken on them. (If you create an XML document, it is parsed by the Apache Xerces parser and a XML DOM tree is created.) For more information on creating a XML DOM tree for the Lotus Quickr Java API, see the Xerces documentation on the Web at xml.apache.org. v Call some variation of the QPAPI.process() method to initiate the processing of the either an XML DOM tree or XML documents. See additional information in this topic for more information on the variations of QPAPI.process(). v Call the QPAPI.term() method to terminate the Lotus Quickr processing and free up resources. The following sample Java code fragment illustrates the necessary pieces needed to process the XML document:
import com.lotus.quickplace.api.QPAPI; class TestQPAPI { static void run( ) { // this is called once for the process at startup QPAPI.init(); // build and get XML DOM tree for session and XML action script. // the programmer provides the functionality to build the XML properly in the methods below. Node sessionXML = buildQPSessionXML(); Node root = buildQPXML(); // call this entry point to process using the server session QPAPI.process( root);
27-3
// call this entry point to process using a user session (only used when doing search places) // all other actions ignore the session. QPAPI.process( sessionXML, root); // this is called once for the process at shutdown QPAPI.term(); } }
QPAPI.process()
Whether or not you are creating a Java program, the entry point you use to execute your XML is: QPAPI.process() The QPAPI.process() method is responsible for parsing and processing your XML document and executing the supported Lotus Quickr Java API actions it encounters. The QPAPI.process() method can be called from multiple threads, simultaneously. The QPAPI.process() method modifies the input XML DOM tree by modifying, adding, and deleting the necessary nodes. There are several variations of the QPAPI.process() method that you can use:
process( String sessionFilename, String inFilename, String outFilename)

This entry point is called by QPAPI.main(). So if you execute the QPAPI Java class with arguments, this is the entry point that is called. The parameters have the following meanings: v sessionFilename - The pathname of the XML document used by Lotus Quickr during a search to determine the distinguished name of the user performing the search. This document is required as input when accessing the Java API to search the Lotus Quickr service. The document should be properly constructed using the rules and entities specified in the topic search (service) in this chapter. v inFilename - The pathname of the XML document to be processed. The document should be properly constructed using the rules and entities specified in this chapter. v outFilename - The pathname of a document to be created by the Lotus Quickr Java API that will contain the processed output XML This document will be very similar to the input document but will be modified by the Lotus Quickr Java API to show Action Status Codes and output results of the specific actions, if applicable.
process( String inFilename)

This entry point is used when you are not concerned about the output XML. If you use this method, you will not be notified on processing results or error status because they are formatted in the output file. The parameters have the following meanings: inFilename - The pathname of the XML document to be processed. The document should be properly constructed using the rules and entities specified in this chapter.
process( String inFilename, String outFilename)

This entry point is used when you want to supply an XML input file and want all processed output to be captured in an XML output file created by the Lotus Quickr Java API. The parameters have the following meanings: v inFilename - The pathname of the XML document to be processed. The document should be properly constructed using the rules and entities specified in this chapter. v outFilename - The pathname of a file to be created by the Lotus Quickr Java API that will contain the processed output XML. This document will be very similar to the input document but will be modified by the Lotus Quickr Java API to show Action Status Codes and output results of the specific actions if applicable.
27-4
process( Node session, Node root)

This entry point is used when you have an XML DOM tree. It is primarily used in Java programs that build the XML structure dynamically. The parameters have the following meanings: v session - The session Node. If null is specified for a session, the session of the server is used when processing the XML document. This is currently only required when executing the XML search API actions. The session node specifies the distinguished name of the user performing the search. v root - The root node of your XML DOM tree object. The root node is usually obtained from an XML parser in a Java application.
process( Node root)

This entry point is used when you have an XML DOM tree. It is primarily used in Java programs that build the XML structure on the fly. The parameters have the following meanings: root - The root node of your XML DOM tree object. The root node is usually obtained from an XML parser in a Java application.
Accessing the API using qptool execute

You can use the qptool execute command to process an XML file. Enter the following command at the server console:
load qptool execute arguments

Table 27-2. Arguments for the qptool execute command Argument -? -i inputfile Description Prints help on the command Specifies the XML API file to execute. If no path specified, the default location of the file is the domino_server_root directory. Logs results to a specified XML output file. By default logs results to qptool.execute.xml in the domino_server_root directory.
-o outputfile
XML details
The XML you use to access the IBM Lotus Quickr API consists of elements that represent Lotus Quickr objects, such as a service, servers, places, people, and groups. The XML for each Lotus Quickr object has an action attribute associated with it. This action attribute represents the API to be invoked.
How the XML is processed

If you create an XML document, the Lotus Quickr XML processor processes the XML in the order it appears in the document. When the XML is processed, it is converted into an XML DOM tree structure.
27-5
The processor travels down the leftmost branch of the tree, reading each node along the way. If a node contains an action, the processor performs the action, then continues. When it reaches the end of a branch, the processor returns back up the branch to the last node where there was a split and moves down the untravelled branch. As long as an action is successfully completed, the processor continues on its course. However, if there is an error and the action cannot be completed, the processor stops, backs up to the next sibling node, and continues down the branch. When the processor has read the entire file, it outputs XML (either in stdout or in another text file) with the results. The output XML is an edited version of the input XML. If an action was completed successfully, the processor removes the action attribute from the XML. The action attributes are removed when successful so that the problems in the output XML can be fixed and the XML used again. If the action caused an error and was unsuccessful, the action attribute is not removed from the XML. Instead, a <status> and a <message> element are added. The status element contains a number value related to the type of error. The message element contains a text string describing the error. The text string is pulled from the server, and is always in the servers language. Note: All XML must be well-formed, and must start with at least <?xml version=1.0?> as a processing instruction.
Specifying the local server

XML actions only run on the local server. However, you can use the same XML file on different servers and specify which server a particular action is meant to run on. There are two ways to specify which server an action should run on. You can specify that the action should be run on the local server by adding a local=true attribute to the <server> element. For example, <server local=true>. Or you can specify the hostname of the local server. For example, <server><hostname>local servers DNS name</hostname>. The following example uses the <hostname> element to specify the server each action should run on. The XML below runs the remove action on two different places on two different servers. The first action marks MyPlace1 for removal from server1, and the second action marks MyPlace2 for removal from server2. When the XML runs on server1, only the server1 action is processed; when the XML runs on server2, only the server2 action is processed.
<?xml version="1.0"?> <service> <servers> <server> <hostname>server1.enterprise.com</hostname> <places> <place action="remove"> <name>MyPlace1</name> </place> </places> </server> <server> <hostname>server2.enterprise.com</hostname> <places> <place action="remove"> <name>MyPlace2</name> </place> </places> </server> </servers> </service>
27-6
XML example with output

This is an example of properly consructed XML for marking the place MyPlace for removal from the local server:
<?xml version="1.0"?> <service> <servers> <server local="true"> <places> <place action="remove"> <name>MyPlace</name> </place> </places> </server> </servers> </service>
After the remove action is invoked and the action successfully performed, the following XML is returned as output:
<?xml version="1.0"?> <service> <servers> <server local="true"> <places> <place> <name>MyPlace</name> <action_result action="remove"> <status>0</status> </action_result> </place> </places> </server> </servers> </service>
Related information XML nodes and node actions on page 42-1 You can specify actions for the following XML IBM Lotus Quickr objects when using XML to access the Lotus Quickr Java API: service, server, place, placetype, person, group, and member. Each object is represented by an XML node.
27-7
27-8
Creating PlaceTypes
If a manager of a place has allowed a place to be used as a PlaceType, create the PlaceType on the server to make it available for creating new places. Note the following points: v You can only create a PlaceType from a place that is less than 1 GB in size. v You cannot create a PlaceType from a place that uses expanded membership. To create a PlaceType, perform the following steps: 1. Log in to the server as an administrator. 2. Click Work with Templates. 3. Click Create PlaceType. 4. Type a name for the PlaceType. The name you type appears in the list of PlaceTypes available to users for creating places. 5. Select the name of a place from which to create a PlaceType. 6. Click Next. 7. Perform the following steps to provide a description, image, or URL link to a Web page containing more information: a. Click the PlaceType. b. Click Edit. c. Select one of the following options: v To refresh the PlaceType and edit the PlaceType information, select Yes, copy changes and update the information below. v To edit the PlaceType information without refreshing the PlaceType, select No, simply update the information below. d. Optional: Type or edit a description to display next to the PlaceType in the list of PlaceTypes. e. Optional: Select an image file that contains a thumbnail sketch of a page in the PlaceType. The image file must be a GIF or JPG file, and the image itself should be no larger than 100 pixels by 80 pixels. The thumbnail sketch appears next to the PlaceType name in the list. f. Optional: Below Optionally, you can provide a URL for users to visit for more information, specify a URL to a Web page containing more information. The PlaceType will display a More info link. 8. Click Next.
PlaceTypes
As you set up a place to meet the needs of your team or organization, you may want to preserve your customizations for use in other places. You can accomplish this by creating a PlaceType from it, a template from which users can create places. For example, if a manager has created a theme that gives a particular place the look and feel of your corporate Web site, you may want to make that design available for the creation of other places in your organization. When a PlaceType design changes, you can refresh the places created from it (child places) so they includes the changes.
28-1
Creating a PlaceType and making it available to users is a two-step process. First, a user with Manager access to a place customizes a place, allows it to be a PlaceType, and specifies which design elements will be preserved in the PlaceType. For information on completing these steps, see the Help. Second, a server administrator creates the PlaceType on the server so it is available to users, as described here.
Signing a newly inherited scheduled PlaceBot in a place

When a place first inherits a newly inherited scheduled PlaceBot (agent) from a PlaceType, the place manager must sign the PlaceBot in order for it to run. Perform the following steps: 1. Open the place. 2. Click Customize. 3. Click PlaceBots. 4. Select the PlaceBot and click Sign PlaceBot.
Reordering the servers PlaceType list

You can change the order of the PlaceTypes list that users see when they create a place. For example, if your list contains 150 PlaceTypes, but MeetingRoom PlaceType is the most popular, you can move MeetingRoom PlaceType to the top of the list. To 1. 2. 3. 4. 5. reorder the PlaceType list: Log in to the server as an administrator. Click Work with Templates. Click Reorder. Click the PlaceType name you want to move. Click the up or down arrow to move the PlaceType.
6. Click Next.
Hiding PlaceTypes in the PlaceTypes list

You can hide the name of a PlaceType in the list of PlaceTypes that users see when they create a place. For example, if you are experimenting with the contents of the PlaceType, you can hide the PlaceType while it is in progress. Administrators see the word hidden next to the name in the list. Perform the following steps: 1. Log in to the server as an administrator. 2. Click Work with Templates. 3. Click Show/Hide. 4. Clear the check mark next to the PlaceType. 5. Click Next.
28-2

A PlaceBot is an agent, written either in Java or LotusScript, that performs a task. PlaceBots can access, process, and manage the data in a place. For example, you can create a PlaceBot that sends e-mail to members of a place notifying them when a particular document has been edited. You can set PlaceBots to run on a schedule, or run when a particular form is submitted. Or you can set a PlaceBot to run manually. You must have Manager access to the place to create, edit, copy, delete, or run PlaceBots manually. Because of security and performance considerations, some administrators may choose to disable the PlaceBot feature entirely. You create PlaceBots using LotusScript or Java to manipulate the Domino back-end object classes. For complete documentation on the Domino object model and how to work with objects using LotusScript or Java, see the latest Domino Designer Help, available on the Web at http://www.ibm.com/ developerworks/lotus/documentation/dominodesigner/. You can write, debug, and compile Java code for a PlaceBot in a Java development tool, such as Eclipse. You can import the .java file, or compile and import a .class or .jar file. You can also write Java or LotusScript code in any editor and import the resulting files into your place.
Creating a PlaceBot
To create a PlaceBot, name the PlaceBot, specify when it should run, and import the files for the PlaceBot. The files can be either Java or LotusScript files. Perform the following steps: 1. Log in to a place in which to create the PlaceBot, and click Customize PlaceBots. 2. Click New PlaceBot. 3. Type a title for your PlaceBot. 4. Optional: Enter a description of what the PlaceBot does. 5. Perform one of the following actions to specify when the PlaceBot should run: v To run the PlaceBot when any page created from a particular form is published, select When a form is submitted, and then select a form. v To run the PlaceBot at a scheduled time, click Set Schedule, complete the fields in the page as desired, and click Next. 6. Import the Java (.java, .class, .jar, or .zip) or LotusScript (.lss) file or files for the PlaceBot. 7. Click Done. You can run a PlaceBot manually after you have created it by clicking Customize PlaceBots Run PlaceBot.
Java PlaceBot files

You can use a Java PlaceBot file or files to access and process data in your place. IBM Lotus Quickr supports Java version 5.0. A PlaceBot written in Java may consist of one or multiple files. A Java PlaceBot file must contain a class that extends the Lotus Domino Java agent class AgentBase.
29-1
Java PlaceBot files can be of the following types: v .java files containing Java source code. These files are compiled on the Lotus Quickr server when the PlaceBot is submitted through the browser. v .class files are Java object files produced by compiling the .java files. Since these are already compiled, the files do not need to be compiled when they are submitted to the server. To compile your .java source agent files into .class files on your local system, you will need a copy of the Notes.jar files locally. Notes.jar is included with each Lotus Quickr server installation. If you do not have access to this file, ask your server administrator to make it available to you. v .jar files are zipped, or compressed, collections of files. The .jar file generally contains one or more .class files and any other files (for example, graphic files) the PlaceBot requires. A PlaceBot extends the AgentBase class, which extends the NotesThread class. The class that contains the PlaceBot code must be public. The entry point to the functional code must be public void NotesMain(). For more information on Java and Lotus Domino, refer to the Java information in the latest Domino Designer Help, available at http://www.ibm.com/developerworks/lotus/documentation/ dominodesigner/
Example
Add the following Java code to a PlaceBot. The PlaceBot writes the name of each document it processes to the log.
import lotus.domino.*; import java.util.*; public class LogTitles extends AgentBase{ public void NotesMain(){ try{ Session s = this.getSession(); AgentContext ctx = s.getAgentContext(); Database db = ctx.getCurrentDatabase(); // Prepare the agent log Log log = s.createLog("Log"); log.openAgentLog(); log.setLogActions(true); // Get all the unprocessed documents DocumentCollection dc = ctx.getUnprocessedDocuments(); if (dc.getCount() == 0) { return; } // Loop thru the documents and print the title of each document. Document doc = dc.getFirstDocument(); log.logAction("Count of documents = " + dc.getCount()); while (doc != null) { log.logAction(doc.getItemValueString("h_Name")); doc = dc.getNextDocument(); } // Mark all the documents as processed. dc.updateAll(); } catch (Exception e) { e.printStackTrace(); } } }
29-2
LotusScript PlaceBot files

You can use a LotusScript PlaceBot file or files to access and process data in your place. For example, you can use LotusScript to change a value in one document based on values in other documents or to modify a places access control list. LotusScript is an embedded, BASIC scripting language with a powerful set of language extensions that enable object-oriented application development within and across Lotus products. LotusScript and its development tool set provide a common programming environment across Lotus applications on all platforms supported by Lotus. LotusScript offers a wide variety of features. Its interface to Lotus products is through predefined object classes. The products oversee the compilation and loading of user scripts and automatically include class definitions to allow more efficient coding. For more information on LotusScript and Domino, refer to the LotusScript information in the latest Domino Designer Help, available from http://www.ibm.com/developerworks/lotus/documentation/ dominodesigner/. Note: While IBM Lotus Quickr supports LotusScript in PlaceBots, LotusScript and @formulas are not supported in hooks.
Example
Add the following LotusScript to a PlaceBot. The PlaceBot selects the current document and changes the subject line. This example would work best as a form agent.
Sub Initialize This agent gets the document context and changes its subject. Dim session As New NotesSession Dim doc As NotesDocument Dim subj As Variant Dim item As NotesItem Get the page being published Set doc = session.DocumentContext Get the subject subj = doc.GetItemValue( "h_Name" ) Append a prefix string before the subject Note: GetItemValue always returns an array even if there is only a single value Set item = doc.ReplaceItemValue( "h_Name","Form Agent Modified: " + subj(0)) Save the page Call doc.Save(True, False) End Sub
Managing PlaceBots
You can copy, edit, and delete PlaceBots, and display log information about PlaceBots. Perform the following steps: 1. Log in to the place that contains the PlaceBot and click Customize PlaceBots. 2. Click the PlaceBot to edit it, or click any of the following options::
Option Copy PlaceBot Description Copies the PlaceBot to a room you specify. If you are copying a form PlaceBot to a new room, you must associate the PlaceBot with a form in the room. This is not done automatically as part of the copy and paste procedure.
29-3
Option Delete PlaceBot Run PlaceBot PlaceBot Log
Description Deletes the PlaceBot. Runs the PlaceBot manually Opens the PlaceBot log. The log displays information from the last time the PlaceBot ran and any log statements you may have included in your PlaceBot code. Signs the PlaceBot using the current users name.
Sign PlaceBot
Debugging a PlaceBot
As you define and test a PlaceBot, you may need to make some adjustments to make the PlaceBot run successfully. The following are some debugging tips for problems you might encounter.
LotusScript PlaceBots
When you run a LotusScript PlaceBot, the IBM Lotus Quickr server compiles the code before executing it. Thus, the first error you might encounter would be a LotusScript compilation error or warning. The errors and warnings can be difficult to understand. For detailed information, refer to Domino Designer Help. If you get a compilation error, you can click Try Again to reimport the agent file after the compilation error(s) have been fixed.
Java PlaceBots
If you import Java source files (.java), you may get compilation errors when the PlaceBot is submitted to the Lotus Quickr server. For details on Java error messages, refer to the Java documentation. If you get a compilation error, you can click the Back button of your browser to return to your place.
Disabling PlaceBots for tighter security

PlaceBots by their nature can present a security risk. Because a PlaceBot can affect the data contained in a place, managers and server administrators must monitor them carefully. Some administrators may choose to disable PlaceBot functionality. To disable the user interface for creating, running and editing PlaceBots, and to disable existing form PlaceBots, perform the following steps: 1. Log in to the server as an administrator. 2. Click Site Administration. 3. Click Other Options. 4. Click Edit Options. 5. Clear the option Enable Form PlaceBots. 6. Click Next. Note: Disabling PlaceBots does not disable existing scheduled PlaceBots because these are controlled by the Domino Agent Manager. You must shut down the Lotus Domino Agent Manager to disable existing scheduled PlaceBots.
29-4
Running PlaceBots offline

To allow page submission by offline users to trigger PlaceBots, you must set up the Lotus Domino server to allow it. Note that scheduled PlaceBots cannot be run offline. Perform the following steps: 1. Create two groups in your Domino Directory: DOLS_Restricted_Agents and DOLS_Unrestricted_Agents. Use the Domino Directory on the IBM Lotus Quickr server. 2. Make agent signers members of both groups. Agents signers are users who are allowed to make design element changes in the databases (Lotus Quickr rooms) that contain the Placebots. If the PlaceBot has been configured to run as a Web user (Agent Properties Design tab Run as web user) use the full name of its signer. Otherwise, use the full name of the signer who modified it last (for example, NewDevelopment/IBM). 3. Add the two groups (DOLS_Restricted_Agents and DOLS_Unrestricted_Agents) to the Agent Restriction section in the Server document. 4. Edit the Server document and select the Security tab. 5. In the Agent Restrictions section, add the groups to the fields Run restricted LotusScript/Java agents and Run unrestricted LotusScript/Java agents. 6. Cross-certify your Lotus Quickr servers CERT.ID with the DOLCERT.ID that is located in your Lotus Quickr servers Domino Directory. Verify that the cross-certification was successful by going to the Certificates view in your Domino Directory and make sure that there is a cross-certificate for /DOLSCERT. Note: For more information on setting up agents for offline, and on restricted and unrestricted agents, see Domino Administrator Help available at http://www.ibm.com/developerworks/lotus/ documentation/domino/.
29-5
29-6

When you create a place, you can select from a Theme Gallery of predefined themes to customize the look and layout of the place. You can create custom themes to add to the Theme Gallery. A theme controls aspects such as fonts and background colors, how an element looks when it is selected, and where the navigational controls are displayed. By creating a theme, you can give your place a strong brand identity, design it to look like other corporate sites, supply additional functionality, or just give it a unique look. Themes are implemented using the IBM Lotus Quickr skins architecture and are defined using HTML. To customize an existing theme, you edit the HTML and upload the modified files. Lotus Quickr provides a set of custom HTML tags that you can use to define the elements in each layout. When you create custom themes, you can take advantage of all of the power of HTML to add functionality to a place. Here are some ways you might enhance a place using custom themes: v Apply the corporate brand identity to a place or create a custom graphic identity for a collaborative application. v Integrate a place as a collaborative component within a larger corporate Web site. v Provide links from a place to other Web sites such as corporate Web sites, eCommerce sites, or to customer support services. v Make new features available by embedding ActiveX controls, or Java applets in the custom theme. v Use JavaScript to program dynamic effects into the custom theme. Note: After you create a custom theme, you may want to save the place containing it as a PlaceType. Then you can use the custom theme in new places that are created from the PlaceType.
Theme layouts
Each theme is composed of a group of layouts that define the appearance of specific place components. For example, the layout of a page differs from the layout of a folder. But they will probably share some style elements as part of a common theme. A theme is composed of layouts and a style sheet, as described in Table 30-1.
Table 30-1. Theme layouts Layout Page File Type .htm Purpose Defines the appearance of a page being read Defines the appearance of a page being edited Defines the appearance of a List or Response folder Defines the appearance of a Headlines folder
Edit
.htm
List Folder
.htm
Headlines Folder
.htm
30-1
Table 30-1. Theme layouts (continued) Layout Slideshow Folder File Type .htm Purpose Defines the appearance of a Slideshow folder Defines styles such as fonts and colors for all layouts
Stylesheet
.css
Note: In most cases, you can use a single theme to customize the look of a page, list folder, and slideshow folder. Tip: You can perform the following steps to see the stylesheet selectors used in any active page: 1. Right-click in the page for which you want to see the Style Sheet and choose View Source. 2. Search in the HTML source for the first occurrence of <LINK, which will locate the link tag of the prevailing stylesheet 3. Select and copy the relative URL of the stylesheet (the text inside quotes following href= inside the link tag). 4. Construct the absolute URL by prefixing the relative URL with the server domain name. 5. Enter the resulting URL into the browser address/location bar to view the stylesheet.
Customizable components
Table 30-2 lists the components you can customize for each layout. Components marked with an x are ones used in the layouts for the default theme, Quickr.
Table 30-2. Customizable components in layouts Component Name Actions AdvancedSearch x x Note 3 x x x x x x x x x x x
Page
List Folder
Slideshow Folder Headlines Folder Edit
AuthorAndModified x Chat DownloadFile ExpandableFolders ExpandableTOC FolderActions FolderAtomFeed x x x x
x x x
x x x
x x x
FolderAtomFeedUrlx FolderSelector FolderItemsPerPage FolderShowIdeDetails
x x
30-2
Table 30-2. Customizable components in layouts (continued) Component Name
Page
List Folder x x
Slideshow Folder Headlines Folder Edit
FolderShowHideResponses FolderShowingItems HeadlinesFolder Help Jump LearnMoreStart x x Note 3 x x x x x x x x
x x x x x x x x x x x x x x x x x x x x x x Note 2 x x x x Note 2 x x x x x x x
Logo MyPlaces MyStatus Navigation Notify Offline Page content PageCreatedBy PageCreatedOn PageDescription PageStatus PageTitle PageUpdatedOn PageUpdatedBy Path PlaceName PeopleOnLine Print PriorityActions
x x x
x Note 1
x x x
x x x
x x x
x x x x
QuickSearch
30-3
Table 30-2. Customizable components in layouts (continued) Component Name Revision Role RoomActions
Page x
List Folder Note 3
Slideshow Folder Headlines Folder Edit x x x x x x
x x
x x
Search SceneActions x x x x
SearchPlaces SelectTimeZone SignIn SiteMap SiteMapLauncher TOC Tutorial WhatsNew x x x x x x x x x x x x x x x x
Notes v Although you can include the PageTitle component in a Headlines folder, you might want to omit this component and display the page title prominently instead. v Do not use the Navigation and Jump components in the Headlines Folder layout because the Headlines Folder is designed to provide a headlines style of navigation in place of the previous and next navigation used in other folder types. v If you use the Jump component in the Page layout or the AuthorAndModified or Revision components in the List Folder layout, these components will all be displayed as empty, using the HTML parameter emptyFormat. You can import a JPEG or GIF graphic file to represent a theme in the Custom Theme Gallery.
<QuickPlaceSkinComponent> tag in layouts

The HTML tag that controls the style and placement of elements in a place layout is the <QuickPlaceSkinComponent> tag The basic syntax for the <QuickPlaceSkinComponent> tag is as follows: name=<QuickPlaceSkinComponentname> (required) format=<format html> (optional)
30-4
selectedFormat=<format html> (optional) emptyFormat=<html> (optional) delimiter=<html> (optional) prefixHTML=<html> (optional) postfixHTML=<html>(optional) replaceString=<STRING_1=REPLACEMENT_1 && ... && ... (optional) > Table 30-3 describes the attributes for the <QuickPlaceSkinComponent> tag.
Table 30-3. Attributes for the <QuickPlaceSkinComponent> tag Attribute name Description Required. Specifies the name of the theme component you are modifying. Refer to the list of supportd component names In the earlier topic Customizable components. The format HTML. The keyword is replaced for each relevant entry Same as format but it applies to the selected value. For example, the format of the selected TOC entry or the selected headlines folder entry. What is returned when there are no values to iterate. The HTML placed between each of the items in a list of values. The HTML placed in front of each of the values in a list. The HTML placed at the end of each of the values in a list. Finds and replaces one or more strings with replacement strings.
format
selectedFormat
emptyFormat delimiter
prefixHTML postfixHTML
replaceString
<IteratingValue> tag in layouts

Many of the components contain a list of values, such as the items in a table of contents. In these cases, you can use the HTML tag within the tag to iterate through the values in a list. The basic syntax for the <IteratingValue> tag is as follows: attribute=anchor|anchor.href|anchor.text|anchor.selected (optional)
30-5
class=class name (optional)

Table 30-4. <IteratingValue> tag in layouts Attribute attribute Description All or part of a fully qualified HTML link for the iterating value in a list. The name of the class defined in an associated style sheet. The class name is inserted into the anchor information for the iterating value. For example, Lotus.
class
Attribute types
The attribute describing the HTML link can take one of the following forms: v anchor returns all of the HTML that describes the iterating value, including the URL, and associated text. For example, anchor.href returns the URL for the value. For example, www.lotus.com v anchor.text returns text associated with the value, for example lotus. v anchor.selected returns true if the value is selected, false if it is not.
Usage
Use the tag to select a value in a list. The attribute for the value identifies all or part of the HTML link that describes a particular value in a list. Use the class attribute to add styles defined as a class in an associated style sheet.
One HTML file for multiple layouts

Because the Page, ListFolder, and Slideshow layouts share so many common components, you can create one HTML file that applies styles to these three layouts. You create the HTML for the Slideshow folder, which contains the superset of components used in the three layouts. To control how the non-applicable components are displayed for a layout, for example, the Jump component for the Page layout, and the AuthorAndModified and Revision components for the ListFolder, you can set the emptyFormat, prefixHTML, and postfixHTML parameters. For example, if you want the empty components to occupy the same vertical space as they do when in use, set the parameter as follows: emptyFormat = If you place each component in a separate table row, you can have the components row collapse when it is empty, so that it occupies no space. Given that the prefixHTML and postfixHTML parameters are not output when the component is empty, you can use these parameters to provide the following table structure, as follows:
emptyFormat = "" prefixHTML = "" postfixHTML = ""
Creating a new theme

When you create a new theme, it appears in the list of available themes in the Theme Gallery. You must have manager access to a place to create a new theme in it. You can use only Microsoft Internet Explorer to create new themes.
30-6
You can use the files of existing themes as a starting point for a new theme. These files are located on the Domino server, so to use them you must have access to the server file system, or must request an administrator to provide copies.
Table 30-5. File system location of existing themes Theme name in Lotus Quickr interface Quickr Quickr (with classic navigation) QuickPlace Classic Location domino_data_root\domino\html\qphtml\skins\quickr8 domino_data_root\domino\html\qphtml\skins\r8geneva domino_data_root\domino\html\qphtml\skins\ r651expandable
You can use the Generate option to generate theme files based on files you have already supplied. This feature is a shortcut for applying a common look and feel to multiple layouts. For example, suppose you are creating a place called Haiku. You might start by creating the look and layout you want for a page being read. You can then use this file to generate files for the other layouts. You might have only minor modifications to make to the layout for a page being edited, with possibly more extensive modifications for the various folder styles. This feature also lets you develop a custom theme in stages, replacing generated layouts with custom files as the theme progresses. To create a new theme, perform the following steps: 1. Log in to the place to customize. 2. Click Customize Custom Themes Create a Custom Theme. 3. Type a title for the theme. 4. Optional: Type a description for the theme to appear next to it in the Theme Gallery. 5. In the Styles and Basic Layout section, add the following files: v A Style Sheet (.css) file to define the places visual style (fonts, colors, etc.) for all layouts. v A Page Layout (.htm) file to define the layout of pages while they are being read. v An Edit Layout (.htm) file to define the layout of pages while they are being edited. Click Browse to find an existing file on your computer, or click Generate to have IBM Lotus Quickr generate the file based on the other files that you supply. Optional: In the Folder Layouts section, add the following files: v A List Folder Layout (.htm) file to define the layout of list and discussion folders. v A Headlines Folder Layout (.htm) file to define the layout of headlines folders. v A Slideshow Folder Layout (.htm) file to define the layout of slideshow folders. Click Browse to find an existing file on your computer, or click Generate to have IBM Lotus Quickr generate the file based on the other files that you supply. Add an image representing the theme. Click Browse to find an existing file on your computer. The image appears next to the themes entry in the Theme Gallery. Click Next.
6. 7.
8. 9. 10.
If you used the Generate option, edit the generated files as needed, refresh your browser to update the files with your edits, and then click Next.
Editing a custom theme

You can edit a custom theme that you have created. Perform the following steps: 1. Log in to the place with the custom theme. 2. Click Customize Choose a Theme.
30-7
3. Select the custom theme, make the desired changes, and click Next.
30-8
Part 7. Troubleshooting services for Lotus Domino

Use the following topics to assist in problem troubleshooting.
Known issues documented on IBM Support site

Review known issues and workarounds described on the IBM Support Site. See a list of current known issues at: http://www.ibm.com/support/search.wss?rs=3264&tc=SSVGKL &atrn=SWVersion&atrv=8.0. v To see a specific category of known issues only, for example, installation known issues, select the category in the Product Category list. v To see must see information alerts, select Flashes (Alerts) in the Document Type list.
31-1
31-2
Troubleshooting installation problems

Opening the installation log file on i5/OS
Follow these steps to open the IBM Lotus Quickr installation log file on IBM i5/OS. When you add IBM Lotus Quickr to a Domino server, a file called QuickPlaceInstall.log in your server data directory is created or updated to indicate whether the configuration process was successful. You can determine the configuration or upgrade status of Lotus Quickr by viewing this log file. To view the QuickPlaceInstall.log file, follow these steps: 1. Open iSeries Navigator. Open the system where you added Lotus Quickr. Click File Systems. Click Integrated File System. Click Root. Click servername. where servername is the name of your Lotus Quickr server. 7. Click data. 2. 3. 4. 5. 6. Note: The actual path of your servers data directory may be different. Substitute values appropriate for your environment to find your servers data directory. 8. Right-click quickplaceinstall.log and select Edit. The text file will launch in a new window, and provide information on configuration and upgrade status.
32-1
32-2
Troubleshooting connectors
You receive the error The path specified is too long when using connectors to add a document to a place
If you see this error when attempting to use a connector to add a new document to a place, the file name you specified for the document is too long. Specify a file name that is 181 characters or less.
33-1
33-2
Troubleshooting place problems

Imported HTML files with non-English characters not displaying correctly using Safari
HTML files imported using the Safari browser on a Mac should be encoded in UTF-8. Otherwise, portions of the page output may be corrupted.
Option to create or import Microsoft Office pages missing

The option to create or import Microsoft Word, Excel, and PowerPoint pages depends on ActiveX technology that is available only to Internet Explorer browser users. Mozilla Firefox and Safari browser users cannot create or import Microsoft Office pages.
34-1
34-2
Troubleshooting user directory problems

Cant add a member from the user directory
If IBM Lotus Quickr controls directory services and a user entry in the directory does not include an attribute configured for the Lotus Quickr member lookup user interface, the Add Members window does not display the user entry. For example, the default qpconfig.xml member_lookup_ui setting is <column_name> <person>sn, givenname</person></column_name>. If the user entry is missing the givenname attribute, the users name wont display in the Add Members window. Make sure the attributes you configure for the qpconfig.xml member_lookup_ui setting exist in the schema of the external user directory.
Names of external members are missing or displayed as distinguished names

If IBM Lotus Quickr controls directory services, this problem can occur if an attribute mapped to common_name or display_name in qpconfig.xml is not a valid attribute in users directory entries. For example, if display_name is mapped to cn but user entries do not use the cn attribute, the users names display incorrectly in places. Map common_name and display_name to valid attributes.
Mapping dn to display_name causes problems

If IBM Lotus Quickr controls directory services, specifying <display_name>dn</display_name> in the <user directory> <ldap> <schema> section of qpconfig.xml causes problems with workflow, notifications, calendar subscriptions, and access control. Mapping dn to the display_name is not supported. Map another attribute in the schema to display name instead.
You cannot use automatic lookup to add new members if more than one match is found
The automatic lookup feature takes the input string entered and does a wildcard search for all matches in the directory. For example, a search on Joan Smith finds Joan Smith and Joan Smithe. If more than one match is found, the name is not added because IBM Lotus Quickr doesnt know which name is the correct one to add. In this situation, use the directory lookup interface to find the name to add.
Cannot add two members with the same distinguished name

If two users in the user directory have identical distinguished names, you can add only one of the names as a member of a place, even though the users may differ in other attributes, such as uid and password. Since the two users share one distinguished name, both can sign in and are considered the same user. To resolve the problem, add a middle initial or other distinguishing character to one of the distinguished names so they are no longer identical.
35-1
You cannot create a place that has the same name as a user in the directory
If you use Lotus Domino Directory, you see an error if you attempt to create a place that has the same name as a user in the user directory. When creating a place, use a place name that is not that of a user.
Places do not show changes to user information made in directory

When you change user information in the user directory other than user passwords, places do not automatically reflect the changes. For example, if you change a users email address in the user directory, the qptool sendmail command continues to send mail to the old address. Use the qptool updatemember command to update the user information in places, or open the member pages in edit mode and then save them. If user data in the directory changes frequently, consider creating a Program document that runs qptool updatemember monthly in the Domino Directory on the IBM Lotus Quickr server. For information on Program documents, see Domino Administrator Help. qptool updatemember does not change an external members distinguished name that is used for access control and stored internally in places. If external members distinguished names change in the user directory, use qptool changemember or qptool changehierarchy to update the distinguished names in places.
OK with Anonymous access shows rather than OK with credentials when saving user directory settings
If IBM Lotus Quickr controls directory services and you configure the server to present a name and password when connecting, you notice the message OK with Anonymous access instead of OK with credentials. Ignore this message. Lotus Quickr will access the directory using the credentials you specified.
User directory set to localhost or 127.0.0.1 causes server crash

If IBM Lotus Quickr controls directory services and you set the user directory for the server to an LDAP directory using localhost or 127.0.0.1 as the server name, you get random crashes of the server. To correct the problem, set the LDAP directory to the DNS name of the server. Using the string localhost or the address 127.0.0.1 for a directory on the same machine as the server is not supported.
Whats New notification doesnt work for users who access rooms through group membership
Users who access rooms through group membership cannot not receive whats new email notifications. This restriction occurs because members of a group do not have a member profile that allows them to set the preference to receive the notifications.
35-2
Troubleshooting security problems

A second cn component in distinguished name is preventing user authentication
If IBM Lotus Quickr controls directory services and the second component of a users distinguished name in an external directory is cn, by default the server converts the cn component to ou in the ACLs of places. This conversion can prevent a user from signing in to the place. For example, if the distinguished name of a user in an external directory is uid=abrown,cn=users,dc=acme,dc=com, by default the server instead uses this name in place ACLs: uid=abrown,ou=users,dc=acme,dc=com (in the Domino format uid=abrown/ou=users/dc=acme/dc=com). If you experience authentication failures because of this behavior, correct the problem by specifying the following setting in the qpconfig.xml file to retain second cn components found in names:
<user_directory> <ldap> <schema> <secondary_cn_component enabled="true"/> </schema> </ldap> </user_directory>
A user cant log in to a place after a distinguished name change

If you change the distinguished names of external user members in the user directory, the server does not automatically update the distinguished names in places and users will be unable to log in to places using the new names. If external user members distinguished names change in the user directory, use the qptool changemember command or qptool changehierarchy command to update the distinguished names in places.
User cant log in after name change in Domino Directory

If your LDAP directory is Lotus Domino Directory and use the Domino Administrator client to change the last name of a user, the user can no longer log into places using the short name. Use the IBM Lotus Notes client rather than the Domino Administrator client to change user names in a Domino Directory.
In a third-party authentication environment, users with non-standard names are unable to authenticate
If IBM Lotus Quickr controls directory services and a third-party authentication application such as CA SiteMinder finds distinguished names that contain components other than the cn, ou, and o components familiar to IBM Lotus Domino, users can experience authentication failures. To workaround this problem, use the dn_incoming_is_native setting in the qpconfig.xml file. When a third-party authentication application such as CA SiteMinder finds a distinguished name that contains components other than the cn, ou, and o components familiar to Domino, it sends the name to Lotus Quickr without adding the Domino-style forward slash delimiters. For example, if CA SiteMinder
36-1
finds the name uid=sblake,o=acme in the directory, it passes that name, rather than uid=sblake/o=acme, to Lotus Quickr. Because Lotus Quickr uses the forward slash delimiters in the names in places, the naming inconsistency causes authentication failures. This problem is indicated if there are authentication failures and the CA SiteMinder (or other application ) log shows that the names pulled from the directory are in the same format as the ones sent to Lotus Quickr. To correct the problem, use the following qpconfig.xml settings to indicate that Lotus Quickr should convert native names to the Domino format:
<user_directory> <ldap> <schema> <dn_incoming_is_native enabled="true"/> </schema> </ldap> </user_directory>
In a third-party authentication environment, users with multi-character delimiters in their names are unable to authenticate
If IBM Lotus Quickr controls directory services and you use a third-party authentication product such as CA SiteMinder, users with distinguished names that contain multi-character delimiters that include a comma or semicolon can experience user authentication failures. Use the dn_delimiter setting in the user directory section of the qpconfig.xml file to work around this problem. By default, when the server adds an external user name as a member of a place, if the name contains a multi-character delimiter that includes a comma or semicolon, it replaces the comma or semicolon with a forward slash (/) and retains the additional delimiter character(s) in the name. The forward slash is used for compatibility with Lotus Domino name syntax. When some third-party authentication applications, such as CA SiteMinder, pass these names to Lotus Quickr, they replace the entire multi-character delimiter with a forward slash (/). This naming inconsistency between the two applications causes authentication failures. For example, if the name in a user directory is cn=john doe, ou=sales, o=acme (comma space delimiter), the name becomes cn=john doe/ ou=sales/ o=acme in a place (slash space delimiter), but CA SiteMinder passes the name cn=john doe/ou=sales/o=acme to Lotus Quickr (slash delimiter). If you use a third-party authentication application and experience authentication failures due to this inconsistency in the handling of multi-character delimiters containing commas or semicolons, use the dn_delimiter setting in qpconfig.xml to specify that the server replace the entire multi-character delimiter with a forward slash, to be consistent with the authentication application. If the names of all the users in the directory use the same multi-character delimiter, specify that delimiter, terminated by the @ symbol. For example, if all names in the user directory contain the delimiter , (comma space) specify the following:
<user_directory> <ldap> <schema> <dn_delimiter>, @</dn_delimiter> </schema> </ldap> </user_directory>
36-2
If names in the directory do not use the same delimiter, use the following dn_delimiter setting instead to enable Lotus Quickr to replace any single- or multi-delimiter character with a forward slash, if the delimiter conforms to LDAP RFC 3377.
<user_directory> <ldap> <schema> <dn_delimiter robust_compare="true"/> </schema> </ldap> </user_directory>
Users are rechallenged for credentials when publishing and lose their edits
When a user publishes a document after a long editing session, the user can be rechallenged for credentials and lose the edits. When single sign-on is used, there is a set time at which the LTPA cookies expires, by default 30 minutes. To workaround this, set the timeout period to a higher value, for example 10 hours. Or use a different authentication mechanism that is based on user activity rather than absolute time.
If place member and super user have same name, the super user gets member access
When you create a super user, they have manager access to places on the server. But if you then open a place and add the super user (or someone with the same name) as a place member with reader access, the super user will only have reader access to the place. Conversely, if a place has a member with reader access, and you then make the member (or someone with the same name) a super user, the super user will only have reader access to that place.
A user who is a member of a group is not getting the expected access

If you use the standard membership model and add a user name as a member of a place or a room in a place and also add a group the user belongs to as a member, the users access is determined by the access set for the user name rather than the access set for the group name. This is the same security model used in IBM Lotus Domino. If you use expanded membership, the users access is determined by the access set for the group name.
Troubleshooting security problems
36-3
36-4

Changehierarchy command adds entries to the Place Catalog in situations when it shouldnt
If the qptool changehierarchy command puts an entry in the Place Catalog even when the Place Catalog is disabled or when it is run on the lotusquickr place, enter the following qptool command to correct the problem:
load qptool unregister -p placename
Addmember command fails when you mistakenly use the -g argument to add an individual user
If you use the qptool addmember command to add an individual user as a member of a place, and you use the -g argument by mistake, the user is partially added as a group and the command fails. To correct the problem, use qptool unlock -p placename to unlock the place, then delete the partial entry from the Members view. Add the name back correctly using addmember without the -g argument.
Must unlock archived place before moving it back and registering

When you use the qptool archive command to archive a place, and then use qptool remove or qptool remove -now to remove the place, an error is displayed if you copy the place back from the archive directory and then try to use qptool register to register it. To correct the problem, use the qptool unlock command to unlock the place, and then register it.
qptool changemember appears to change a user to a group

Changing a user into a group using the qptool changemember command is not allowed. However, the change will appear to have worked if you omit the -targetg argument required for specifying the target group.
qptool report returns the error Database is not full-text indexed

If you run the qptool report command and the server console displays the error Database is not full-text indexed, the server is using a default local Place Catalog that is not yet populated. To correct the problem, take one of the following steps: v Populate the local Place Catalog and update its full-text index. v Remove the local Place Catalog, specify the name of the local Place Catalog in the qpconfig.xml file, and restart the server. v In the qpconfig.xml file specify a Place Catalog on another server and restart the server.
37-1
Uppercase place names specified in XML input are converted to lowercase

If you use XML as input to a qptool command, any uppercase characters in place names are converted to lowercase. This is equivalent to the behavior when creating a place through the user interface. For example, if the following XML is used as input to the qptool execute command, the resulting place name will be createplace1_3.
<service> <servers> <server local="true"> <places> <place action="create"> <name>CreatePlace1_3</name> <title>John Lennons Create Test Place # 3</title> <members> <person> <dn>cn=John Lennon,ou=People1,o=haiku</dn> </person> </members> </place> </places> </server> </servers> </service>
qptool does not archive a place that already exists in the specified archive directory
If you run qptool archive on a place that already exists in the target archive directory, the archived place is not updated. No error message occurs in this situation. Delete the existing archive or rename the existing archive before running qptool archive, or archive to a different directory.
Cant use qptool commands on a place whose name begins with a hyphen
If you are unable to use qptool commands on a place whose name begins with a hyphen, use an input XML file instead of -p (or -pt) to work around the problem. For example, if you want to archive a place whose name begins with a hyphen, perform the following steps: 1. Enter the following command:
load qptool unlock -p anotherplacewithoutthisproblem
2. Open the qptool.unlock.xml file, and change anotherplacewithoutthisproblem to -placenamethat beginswithhyphen. 3. Save the file. 4. Enter the following command:
load qptool archive -i qptool.unlock.xml -dir d:\archivedirectory
qptool changemember does not change the name in existing page banners
When you use the qptool changemember command to change the name of a user in places, the original user name continues to show in the page banners of pages the user created under the original name. The h_AlternateName field shows the original authors display name. Edit the page and save it to display the new name instead.
37-2
qptool remove -cleanup after qptool remove -p placename not working

If using qptool remove -cleanup after qptool remove -p placename does not remove the place from the file system, perform the following steps to correct the problem: 1. From the server console, enter the following command after entering qptool remove -p placename to clear any connections to the databases that you want to remove:
dbcache flush
2. Run the following command:

load qptool remove -cleanup
In most instances, forcing a flush of the cache is not needed since qptool remove -cleanup runs off hours after the cache has already been cleared.
Problem using nqptool commands on server/program command line

The server/program command line has an 80-character limit. If you are entering an nqptool command longer than 80 characters, it will not execute. Use either the server console or the command prompt, or use an input file and run nqptool execute -i <inputfilename>.
37-3
37-4

New rooms not installing to offline place during synchronization
When users install places offline, DOLS installs any rooms that are part of the place. However, if new rooms are added to the online place, those rooms do not get downloaded offline during subsequent synchronizations. Users should do the following to download the new rooms to the offline place: 1. Open the place offline. 2. Click Work Offline. 3. Click Offline Options. 4. Select the rooms you want to synchronize offline. 5. Re-run synchronization to replicate the rooms offline.
Users are unable to sign in offline

If users are unable to sign in offline, make sure that users have added offline passwords to their Member Profiles or that all places on the server or this particular place are configured to use the IBM Lotus Quickr login passwords for offline use. Also make sure that the setting EXTMGR_ADDINS=value exists in the servers notes.ini file, where value is one of the following v nqpextmgr.dll (Windows) v libqpextmgr_r.a (AIX) v libqpextmgr.so (Solaris) v qpexmgr (i5/OS) Note: Make sure there is a blank line at the end of the notes.ini file.
Users unable to log in offline to a place with many rooms

Users will see errors such as User not authenticated or File does not exist when logging in to a place offline that has many rooms (approximately 115 or more). This is a current known problem, that may be addressed in the future.
User installing offline using Sun ONE Portal Server is prompted to reauthenticate
Make sure that the IBM Lotus Quickr server has the following notes.ini setting: NoWebFileSystemACLS=1
38-1
Users cant install places offline in a CA SiteMinder environment

Make sure the DSAPI filter file names field in the Server document lists the DOLS DSAPI filter first. 1. Open the Server document in the Domino Directory, 2. Click the Internet Protocols HTTP tab. 3. Make sure one of the following values is the first one in the DSAPI filter file names field: 4. On Windows: ndolextn 5. On AIX or Solaris: libdolextn 6. If you make a change to the field, enter the following command at the server console:
restart server
Users see ERROR 500 message when installing offline

If users have problems installing offline and see ERROR 500 messages indicating problems downloading offline configuration data, make sure the value in the DSAPI filter file names field in the Server document is correct. 1. Open the Server document in the Domino Directory. 2. Click the Internet Protocols HTTP tab. 3. Make sure the DSAPI filter file names field includes one of the following values: v On Windows: ndolextn v On AIX or Solaris: libdolextn 4. If you make a change to the field, enter the following command at the server console:
restart server
A PlaceBot does not run offline

Make sure the PlaceBot is not a scheduled agent. DOLS does not support scheduled agents. Check that the groups DOLS_Restricted_Agents and DOLS_Unrestricted_Agents exist and that their security settings are correct. For more information on these groups, see Domino Administrator Help.
Offline users cant edit their member profiles when Sametime is enabled and the place name begins with QuickPlace
If youve enabled Sametime integration features, users cannot see the View Profile link in the Members view needed to set their offline passwords in member profiles if the name of the place begins with the string QuickPlace. To work around this problem, temporarily disable the chat functionality and use the qptool register -install command to rename the place to begin with something other than QuickPlace. Or, leave chat active and add the offline password by clicking on the author link of a page and then clicking the View Profile menu link to bring up the member profile.
Users with flat names cant take places offline

Users with flat names cant take places offline. Flat names are names without distinguishing components, for example, cn=Ellen Brown. To correct the problem, add distinguishing components to flat names. For example, change cn=Ellen Brown to cn=Ellen Brown,o=acme.
38-2
Offline not working for external users after changemember or changehierarchy commands used
Before using the qptool changemember command to change a user or the qptool changehierarchy to change several users, instruct the affected offline external users to synchronize data. After you run changemember or changehierarchy, tell the users to reinstall the offline places.
Offline is not working for a super user

Offline functionality is not supported for a super user.
Offline users cant use places and rooms accessed through group membership
To use a place offline, users must be individual members (external or local) of the place and any rooms. A user who has access to a place or rooms through a group membership (external or local), cannot use the place or rooms offline.
Offline authors or readers see synchronization errors

Offline authors or readers see the following errors when they synchronize with online places: Author sees this error: Last sync status: Sections:2 - Errors:1 - Docs Received:0 - Docs Sent:0 Reader sees this error: Last sync status: Sections:2 - Errors:2 - Docs Received:0 - Docs Sent:0 These errors are expected behavior and are due to the fact that authors and readers have limited write access or no write access to the server. Managers of places do not see these errors because they have full access.
Problem installing places offline on Windows XP

To install places offline on Microsoft Windows XP Professional, a user must have administrative rights to the workstation. Once the place is installed, a user with limited rights or guest rights can use the place.
Cannot install places with the same name from two different servers
If a user installs two offline places from two different servers and the places have the same name, only the most recently installed place will open offline; the other offline place is unusable. This is a known DOLS limitation.
38-3
38-4
Troubleshooting Lotus Sametime problems

Users cant schedule meetings from a place
If users can schedule meetings directly from IBM Lotus Sametime but not from a place, the following situations can be the cause: v The name used for integration with Lotus Sametime and IBM Lotus Quickr in stconfig.nsf is not in the [SametimeAdmin] role. Add the user name to the role. v The password for the user name is mistyped in qpconfig.xml. Correct the password in qpconfig.xml. v Sametime uses the Lotus Domino Directory over NRPC but Lotus Quickr uses an LDAP directory. Correct by using the LDAP directory for both products. v Youve restarted the Lotus Sametime server but havent restarted the Lotus Quickr server. Restart the Lotus Quickr server after restarting the Lotus Sametime server. v The Members can schedule online meetings feature is disabled in the place. To correct the problem, sign into the place, click Customize, click Basics, and click Change Basics. Under the Real-time collaboration heading, check the box next to Members can schedule online meetings.
Lotus Sametime is not working for local users

Only external members registered in a user directory can use IBM Lotus Sametime features in places.
External members with flat names cannot join online meetings that they publish
External members that have flat names, for example cn=Jack Black, cannot join online meetings that they publish. Users who publish online meetings in a place should have names with distinguishing components rather than flat names.
39-1
39-2
Troubleshooting problems with non-English versions

Non-English characters displaying incorrectly
To display non-English characters correctly in places, you must perform the following steps to enable UTF-8 encoding for the IBM Lotus Domino HTTP server: 1. From IBM Lotus Notes or the Domino Administrator, open the Lotus Domino Directory (names.nsf) on the server. 2. 3. 4. 5. Open the Server document for the server and click Edit Server. Click Internet Protocols Domino Web Engine. In the Character Set section, select Yes in the Use UTF-8 for output field. Click Save & Close.
Headlines not working with French version of Internet Explorer

Using the French version of Internet Explorer when adding a headline to a page on an English version of an IBM Lotus Quickr server can cause a JavaScript error. To avoid this problem, switch to the French version of the server or to the English version of Internet Explorer.
40-1
40-2
Part 8. Reference
notes.ini settings
Web page cache settings
The following table describes notes.ini settings used to customize the Web page cache.
Table 41-1. Web page cache notes.ini settings Setting QuickPlaceWebCacheDir QuickPlaceWebCacheEnabled QuickPlaceWebCacheGCIntervalInMIN QuickPlaceWebCacheLimitInMB QuickPlaceWebCacheLogging QuickPlaceWebCacheUsers Description Sets the cache directory Disables or enables the cache Sets the time interval for cache cleaning Sets the cache size limit Enables Web page cache logging Sets the cache for anonymous users only
Offline settings
The following table briefly describes notes.ini settings used to set up IBM Lotus Quickr for users to take places offline.
Table 41-2. offline notes.ini settings Setting $DOLS_TCPIPAddress Description Used to configure a cluster that uses the IBM Network Dispatcher to work with Domino Off-Line Services. Enables authentication to work for offline users. Enables Domino Off-Line Services to work with Lotus Quickr Used to configure a Lotus Quickr server and Sun ONE Portal Server to work with Domino Off-Line Services.
CheckCacheBeforeDSAPI EXTMGR_ADDINS
NoWebFileSystemACLS
Server logging settings

You can use notes.ini settings to log a variety of IBM Lotus Quickr server activities. Output is logged to the server console and to the log file (log.nsf). Logging can be useful for troubleshooting problems. Since logging degrades server performance, enable it on a temporary basis only. To enable a specific type of logging, add the following line to the notes.ini file on the IBM Lotus Quickr server:
41-1
setting=level where setting is a logging setting listed in the following table and level is the desired level of logging. For example: QuickPlaceAuthenticationLogging=5 The following table describes the logging settings and the highest level of logging available for each. The higher the level of logging you specify, the more verbose the output. The default and lowest logging level, 0, logs only errors.
Table 41-3. notes.ini server logging settings Logging setting QuickPlaceArchiveLogging QuickPlaceAuthenticationLogging Levels 1 5 Description Archive tool logging. Authentication logging for authentication events, failures, successes, group expansion, and names list generation. Calendar event logging; 0 indicates this is always on. Page compression logging. Server command performance logging. Offline place installation logging. Lotus Quickr and IBM Lotus Domino HTTP interaction logging. It is useful primarily as a first step toward isolating user authentication problems or problems related to the interaction between Lotus Quickr and Lotus Domino. Use with other logging settings, for example, QuickPlaceAuthenticationLogging, it provides a clearer picture of URL processing. Java Debug logging. Java Server logging. Java Native Interface (JNI) to C++ layer logging. Java Virtual Machine logging. Large uploads logging.
QuickPlaceCalendarSubscriptionLogging 0
QuickPlaceCompressionLogging
QuickPlaceDbCommandPerformanceLogging 3
QuickPlaceExtensionManagerIfLogging 2 QuickPlaceHTTPInterfaceLogging 2
QuickPlaceJavaLogging QuickPlaceJavaServerLogging QuickPlaceJniLogging
5 3 1
QuickPlaceJvmLogging QuickPlaceLargePOSTLogging
1 1
41-2
Table 41-3. notes.ini server logging settings (continued) Logging setting QuickPlaceLockLogging QuickpPlaceLtpaLogging Levels 1 1 Description Place Lock tool logging. LTPA logging when Lotus Domino controls directory services. Lotus Quickr e-mail process logging. Expanded membership logging. My Places logging. Object model logging. ObjectPool Memory management for PlaceCatalog logging. Performance data collector logging. Place Catalog logging. Queries into Place Catalog logging; use level 4 to include more details on My Places queries and qptool report command queries. Place type refresh logging. Search across places logging. Spell checker engine logging. Style sheet processing logging. Stub creator logging for Lotus Quickr cluster support. qptool logging. Upgrade logging (upgrade places). User cache parameter logging. User directory logging (applicable only when Lotus Quickr controls directory services) . Web caching logging (caches pages sent to browser).
QuickPlaceMailLogging
QuickPlaceMembershipModelLogging 2 QuickPlaceMyPlacesLogging QuickPlaceQOMLogging QuickPlaceObjectPoolLogging 3 4 2
QuickPlacePerformanceLogging QuickPlacePlaceCatalogLogging
1 4
QuickPlacePlaceCatalogQueryLogging 4
QuickPlacePlaceTypeCentralRefreshLogging 4 QuickPlaceSearchPlacesLogging QuickPlaceSpellCheckEngineLogging 2 1
QuickPlaceStyleSheetAttributeCmdLogging 2 QuickPlaceStubMakerLogging 3
QuickPlaceToolLogging QuickPlaceUpgradeLogging QuickPlaceUserCacheLogging QuickPlaceUserDirectoryLogging
1 4 1 1
QuickPlaceWebCacheLogging
notes.ini settings
41-3
Client logging settings

Use the following notes.ini settings on the IBM Lotus Quickr server to enable client logging. To use a specific setting, add the following line to the notes.ini file: Setting=level The table shows the highest level of logging available for each setting. The higher the level of logging you specify, the more verbose the output. The default and lowest logging level, 0, logs only errors.
Logging setting $h_Debug Levels 1<nozeros> Description Enables the browser to display detailed messages about JavaScript errors that occur on the client, rather than the general Lotus Quickr message, Unable to process your request at this time. Displays a console log on all clients that access the Lotus Quickr server. For Internet Explorer, the console log is an additional browser window, and for other browsers the console log is the JRE Java log console. Use this setting on a temporary basis to help IBM Support troubleshoot specific client-side problems. Adds the source code name and line number from which errors and warnings are generated to the error and warning messages that the server sends to the browser. Use this setting on a temporary basis to help IBM Support troubleshoot a problem.
$h_ClientDebugConsole
5<nozeros>
h_ExceptionDetail=1
1<nozeros>
Logging degrades performance, so enable it on a temporary basis only.
Attachment and file import logging

If you encounter attachment or file import problems from the client, you can enable upload control logging on the client to help troubleshoot the problem. Create an environment variable called QPCTRLLOG whose value is the path and filename of the log file to use. Whenever the browser engages the upload control, the upload control appends a log sequence to the log file. Do not leave logging enabled because the log file will continue to grow and can cause the client to run out of disk space.
Other settings
The following table lists miscellaneous notes.ini settings not described in the other tables.
41-4
Table 41-4. Miscellaneous notes.ini settings Setting $h_MailDomain Description Specifies the domain of the server that hosts the place to which IBM Lotus Quickr routes replies to e-mail generated from places. Enables image caching in environments that do not use single sign-on authentication. Specifies the place to which Lotus Quickr routes replies to e-mail generated from places. Prevents anonymous access to files in the html directory and is part of setting up single sign-on authentication. Required on UNIX servers to support names in a user directory that contain accented characters. Specifies the length of time user entries remain in the user cache. Gives a Domain Catalog server the access to index the places on a Lotus Quickr server that uses the Search Places feature and Off-Line Services. Specifies the maximum number of users allowed in the user cache. Allows searches of nested groups in the user directory. Controls whether a server is upgraded on startup. Used to schedule qptool commands -- such as refresh, deadmail, placecatalog, and newsletter -- to run daily.
h_ScopeURLinQP
h_UndelivMail
NoWebFileSystemACLs
PLATFORM_CSID
QuickPlaceExpireCachedUsers
QuickPlaceExtensionManagerAllowServers
QuickPlaceMaxCachedUsers
QuickPlaceNestedGroupLimit QuickPlaceUpgradeServerOnStartup ServerTasksAt
notes.ini settings
41-5
41-6
XML nodes and node actions

You can specify actions for the following XML IBM Lotus Quickr objects when using XML to access the Lotus Quickr Java API: service, server, place, placetype, person, group, and member. Each object is represented by an XML node. Related information XML details on page 27-5
The service node

The <service> node represents a container for one or more servers that make up the IBM Lotus Quickr service. Servers that are part of a service can be manipulated with certain actions, such as a search of all places on all servers in the service.
Hierarchy
<?xml version="1.0"?> <service> ..... </service>
Supported actions
The <service> node supports the following named actions: v query v search
query (service)
The query action searches the Place Catalog to find places of that a specified person is a member of. The action returns a list of places that the specified person is a member of. For the query action to work, the Place Catalog must be configured in your service.
Syntax
<?xml version="1.0"?> <service action="query"> <query type="get_member_places"> <members> <person> <dn>distinguished name of person</dn> </person> </members> </query> </service>
Supported attributes
The <query> node supports the following attributes: type Values: get_member_places - Given a member name, retrieves all places in the service of which the specified name is a member. Member places are listed by server name. Server names are listed by service, which means all servers listed in the Place Catalog.
42-1
Results
The results of the search are updated in the XML input tree. The <servers> node is added as a child to the <service> node. For each of the above query types, the results of the query are returned in the following format:
<?xml version="1.0"?> <service> <servers> <server> <name>server1</name> <place> <name>place1</name> </place> </server> <server> <name>server2</name> <place> <name>place2</name> </place> </server> </servers> </service>
search (service)
The search action performs a full-text search on all places on all IBM Lotus Quickr servers in the Lotus Quickr service. To use it you must first configure servers for cross-place searching. To access the search API, two input files are required: one specifying the search query, and another specifying the distinguished name of the user performing the search. The first file is run using the -i argument, the second is run using the -session argument. For example, you can create an input file specifying the query called input.xml, and another file specifying the user called session.xml. To run the search, enter the following command on the command line:
java com.lotus.quickplace.api.QPAPI -i input.xml -session session.xml
An error action status is returned if the local servers Lotus Quickr configuration specifies that the cross-place searching (Search Places) feature is disabled altogether, or disabled for anonymous users and the user performing the search is anonymous. You can also access the search functionality through the QPAPI.process( String sessionFileName, String inFileName, String outFileName) method via a JAVA program. Lotus Quickr API actions are always performed on the local server (the server executing the XML). Therefore, in order to perform a domain search, the search action must be run on the server that is configured for Domain Search and contains the Domain Index. The session file is needed to provide the identity of the user executing the search so that only documents the user has access to are returned.
Syntax for the input file

<?xml version="1.0"?> <service action="search"> <query order="score | asc | desc" start="n" count="n"> <![CDATA[Properly formatted full-text query string]]> </query> </service>
42-2
Required syntax for the input file

<?xml version="1.0"?> <service action="search"> <query order="score | asc | desc"> <![CDATA[Properly formatted full-text query string]]> </query> </service>
Syntax for the session file

<?xml version="1.0"?> <session> <person> <dn>distinguished name of user performing search</dn> </person> </session>
Supported elements for the input file

<query> Attributes: v order - A value that specifies the search return sort order. The following values are supported: score - Return results sorted by relevance asc- Return results sorted with oldest occurrences first desc- Return results sorted with newest occurrences first v start - Specifies the starting position of the search results to be returned. A value of zero is used if this attribute is not specified. A starting position of zero specifies that results starting with the first match should be returned. v count - Specifies the maximum number of search match hits to be returned. A value of 15 is used if this attribute is not specified. A value of -1 specifies that all hits should be returned. Example query:
<?xml version="1.0"?> <service action="search"> <query start="0" count="100" order="score"> <![CDATA["quickr"]]> </query> </service>
Supported elements for the session file

<session> Session represents the connection to the server. Because Search Places only returns results according to the users access to places, rooms, and documents when searching for a document, Search Places must know who is requesting the search. This information is contained in the session node. <person> Specifies the distinguished name of the user performing the search. For example: <dn>CN=Jane Doe,OU=Sales,O=ACME</dn>
Results
Below is an example of the XML returned by performing a search for the word: Lotus Quickr.
42-3
<?xml version="1.0"?> <service> <search_results> <search_result seqnum="1"> <document> <title> <![CDATA[Features]]> </title> <author local="false"> <dn>CN=Jane Doe,OU=Sales,O=ACME</dn> <name>Jane Doe</name> </author> <url>https://acmeteam.acme.com:443/LotusQuickr/acmeteam/ PageLibrary85256AAF005EC7BB.nsf/ 1E24BC021C381AE985256AB8004E035B/ 4CB455BB81C721AD85256C1300636F10/?OpenDocument</url> <abstract> <![CDATA[ This document describes the features that are new in Lotus Quickr]]> </abstract> <last_modified>20020812T140737,57-04</last_modified> </document> <place> <name>ACMETeam</name> </place> <relevance>100</relevance> </search_result> <search_result seqnum="2"> <document> <title> <![CDATA[Release 3 Sales Forecast]]> </title> <author local="false"> <dn>CN=John Swift,OU=Sales,O=ACME</dn> <name>John Swift</name> </author> <url>https://acmeteam.acme.com:443/LotusQuickr/acmeteam/ PageLibrary85256AAF005EC7BB.nsf/ h_Index/09A910C51A6818DA85256C0F00829ADD/ ?OpenDocument</url> <abstract> <![CDATA[ Lotus Quickr Sales Forecast Sales Staff: Please review this document for accuracy and make edits and corrections as necessary. This document is used by the ACME Global Sales staff to determine the impact of Lotus Quickr.]]> </abstract> <last_modified>20020812T140521,04-04</last_modified> </document> <place> <name>ACMETeam</name> </place> <relevance>100</relevance> </search_result> </search_results> <action_status action="search"> <code>0</code> </action_status> </service>
Full-text query syntax

When using the search action you can find information in a domain by forming queries with search operators. Search operators are words and characters which IBM Lotus Domino reads as instructions to search for combinations of words, fields, dates and numbers.
42-4
Full-text queries work the same way most Web search engines do (based on Boolean logic), with some very powerful enhancements. For example, you can not only search for two words which appear in the same document, but specify how close they should be to each other, what field they must be in, by their exact case, and that one should be judged as more important. Using wildcards you can also search on just a fragment of a word and Lotus Domino returns every word containing that fragment. Operators are reserved words in Lotus Domino. If you want to search for an operator as you would normal text, for example in a phrase such as Gene and Joan, you must put the phrase in quotes.
Table 42-1. Full-text query operators Operator field FIELD [fieldname] (brackets) Description and examples These mean search this field. Lotus Domino then expects you to specify the field to search. In this release of IBM Lotus Quickr field operators only to find text in the $Updatedby and _RevisionDate fields. There should be spaces between FIELD and words surrounding it. Example: FIELD $Updatedby CONTAINS Simpson finds documents whose $Updatedby field contains the word Simpson. () [parentheses] These determine the order in which Lotus Domino processes sections of your query. A part of the query enclosed in parentheses will be processed before parts outside the parentheses. These find documents containing all the conditions or words linked by AND. Example: cat AND dog AND fish finds documents containing all three of these words. These find documents containing either of the conditions or words and returns them ranked by number of appearances in the document.
and AND & or OR | ACCRUE , (comma) NOT not !
These make the query negative. You can put NOT between words: cat AND NOT dog finds documents containing the word cat, but not the word dog.You can put NOT before any field name: NOT[author] CONTAINS Simpson finds documents whose author field does not contain the word Simpson.You can use NOT after CONTAINS, and before a word: [author] CONTAINS NOT Simpson finds documents whose author field does not contain the word Simpson.You cannot put NOT after =, <, >, <=, or >= and before a date or number: [date1] = NOT 12/25/98 does not work.
42-5
Table 42-1. Full-text query operators (continued) Operator Description and examples Placing quotes around operators (like AND, OR, CONTAINS etc.) allows Lotus Domino to read them as normal words. Example: rock and roll finds documents containing the phrase, intact. PARAGRAPH paragraph This finds documents in which the words surrounding PARAGRAPH are in the same paragraph, and ranks them by how close they are. Example: car PARAGRAPH wheels finds documents in which car and wheels appear in the same paragraph and ranks them by how close the words are within the paragraph. SENTENCE sentence This finds documents in which the words surrounding SENTENCE are in the same sentence, and ranks them by how close they are. Example: car SENTENCE wheels finds documents in which car and wheels appear in the same sentence and ranks them by how close the words are within the sentence. ? This is a wildcard. It represents any single letter. It does not work with dates or numbers. Example: ?one finds documents containing bone, cone, done, gone (and any other four-letter words that end with one)???ck finds documents containing stack, clock, stick, truck; rack, rick, rock * This is a wildcard. It represents any extension of letters. It does not work with dates or numbers. This gives importance, or weight, to search words. You can use any value from 0 through 65537 to assign weight. This tells Lotus Domino to search for the exact case of the word following. Example: exactcase Apple finds documents containing Apple, but not APPLE or apple. CONTAINS contains This is tells Lotus Domino that the field before it must contain the text after it. There should be spaces between CONTAINS and words surrounding it.
TERMWEIGHT termweight
EXACTCASE exactcase
42-6
Table 42-1. Full-text query operators (continued) Operator = < > <= >= - (hyphen) This tells Lotus Domino to find the hyphenated word pair. Description and examples These help you search for numbers or dates in numeric or date fields only.
The server node

The <server> node represents an installed server in the IBM Lotus Quickr service. All actions performed on a server are executed from within the server node hierarchy. The server node is contained within the <service> node. Note: You cannot perform actions on any server other than the server from where the XML is executing. If you want to perform actions on other servers in the service, you must execute the XML on each of the other servers.
Hierarchy
<?xml version="1.0"?> <service> <servers> <server> ..... </server> </servers> </service>
The server node supports the following attributes: local Syntax: <server local=true> </server> Values: true | false - Specifies whether or not the server is local to the executing XML script. XML must run on the local server. You must use either this attribute or the <hostname> element to specify the server that the XML will run on.
Supported elements
The <server> node supports the following named elements: <hostname>
42-7
The <hostname> element is used by the server node to specify the host name that the script is executing on. The name used should be an IP address or DNS resolvable host name. The name must be the name of the local server the script is being executed on. Syntax:
<?xml version="1.0"?> <service> <server> <hostname>qkserver.acme.com</hostname> </server> </service>
Required: Required if <local=true> attribute is not specified or equals false
Supported actions
The <server> node supports the following named actions: v getPlaceTypes
getPlaceTypes (server)
The getPlaceTypes action retrieves specified attributes from all PlaceTypes on a server. The standard PlaceType is h_StdPlaceType.
Syntax
<?xml version="1.0"?> <service> <server action="getPlaceTypes"> </server> </service>
The getPlaceTypes action supports the following attributes in the results: id Unique ID to identify the PlaceType. This value is guaranteed to be unique.
Supported elements
The getPlaceTypes action supports the following elements in the results: <name> Specifies the name of the PlaceType. <description> Provides a description of the PlaceType. This value is set in the IBM Lotus Quickr UI. It is displayed during the creation of a place. <addition_information_url> Provides an addition information url. This value is set in theLotus Quickr UI. It is displayed during the creation of a place.
42-8
Results
PlaceTypes are listed by server name. The following example demonstrates the results of the getPlaceTypes action:
<?xml version="1.0"?> <service> <server local="true"> <placetypes> <placetype id="8912471890219238"> <name>ACMETeamPlacetype</name> <description>The ACME Teams Placetype</description> <additional_information_url> http://www.acme.com/acmeteaminfo </additional_information_url> </placetype> <placetype> ...... </placetype> </placetypes> </server> </service>
The place node

The <place> node represents a place on a server. All actions performed on a place are executed from within the <server> node hierarchy.
Hierarchy
<?xml version="1.0"?> <service> <servers> <server> <places> <place> ..... </place> </places> </server> </servers> </service>
Supported elements
The <place> node supports the following named elements: <name> The <name> element is used by the place node to specify the name of the place being serviced. This name refers to a place on the local server executing the script. Syntax:
<?xml version="1.0"?> <service> <servers> <server local="true"> <places> <place> <name>ACMETeam</name> </place>
42-9
</places> </server> </servers> </service>
Required: Required for all supported place actions. <placetype> The <placetype> element is used by the place node to specify the PlaceType that is associated with the place being serviced. The placetype element is primarily used when creating places. When performing operations involving a PlaceType, you must first identify the PlaceType within the <placetypes> node and assign it an id. Then in the <place> node, define a <placetype> node that contains a <link> element. The link element refers to the PlaceType identified earlier. The following example identifies an existing PlaceType and assigns it an id. Then the XML instructs that a new place be created using the PlaceType.
?xml version="1.0"?> <service> <servers> <server local="true"> <placetypes> <placetype id="ACMETeamPlacetypelink"> <name>ACMETeamPlaceType</name> </placetype> </placetypes> <places> <place action="create"> <name>MyPlace</name> <member> <person action="add" id="ExternalMember"> <dn>cn=John Doe,ou=Sales,o=ACME</dn> </person> </member> <placetype> <link idref="ACMETeamPlacetypelink"> </placetype> </place> </places> </server> </servers> </service>
Supported actions
The <place> node supports the following named actions: v create v remove v forceRemove v update
create (place)
The create action creates the place specified, using the PlaceType specified (optional), on the server specified. You must also specify a manager of the place, who will be the first member of the place when it is created. When you create a place, the place manager is always a person. Place creation occurs on the local server executing the script. The place must not previously exist on the server at the time of place creation or an error action status code is returned.
42-10
Syntax
<?xml version="1.0"?> <service> <servers> <server> <place action="create"> <name></name> <member> <person><person> </member> </place> </server> </servers> </service>
Optional syntax
<?xml version="1.0"?> <service> <servers> <server> <placetypes> <placetype id="ACMETeamPlacetypelink"> <name>ACMETeamPlaceType</name> </placetype> </placetypes> <places> <place action="create"> <name></name> <member> <person></person> </member> <placetype> <link idref="ACMETeamPlacetypelink"> </placetype> </place> </places> </server> </servers> </service>
Example
<?xml version="1.0"?> <service> <servers> <server local="true"> <places> <place action="create"> <name>ACME_Team</name> <title>ACME Team Place</title> <members> <person local="true" action="add" id="LocalOwner"> <username>JCool</username> <password>snoopy</password> <first_name>Joe</first_name> <last_name>Cool</last_name> </person> <person action="add" id="ExternalMember"> <dn>cn=John Doe,ou=Sales,o=ACME</dn> </person> <group action="add" id="ExternalGroup"> <dn>cn=Sales,ou=East,o=ACME</dn> </group> </members> </place>
42-11
</places> </server> </servers> </service>
remove (place)
The remove action marks the specified place for removal from the specified server. Removal of the place is performed when the qptool remove -cleanup command runs on the server.
Syntax
<?xml version="1.0"?> <service> <servers> <server> <places> <place action="remove"> <name></name> </place> </places> </server> </servers> </service>
Example
<?xml version="1.0"?> <service> <servers> <server local="true"> <places> <place action="remove"> <name>AcmeTeam</name> </place> </places> </server> </servers> </service>
forceRemove (place)
The forceRemove action marks the specified place for removal from the specified server and attempts to delete the files immediately. If the files are being used by another process, the files are left marked for later removal.
Syntax
<?xml version="1.0"?> <service> <servers> <server> <places> <place action="forceRemove"> <name></name> </place> </places> </server> </servers> </service>
Example
<?xml version="1.0"?> <service> <servers> <server local="true">
42-12
<places> <place action="forceRemove"> <name>AcmeTeam</name> </place> </places> </server> </servers> </service>
update (place)
The update action updates the specified information in the specified place.
Syntax
<?xml version="1.0"?> service> <servers> <server> <places> <place action="update"> <name></name> </place> </places> </server> </servers> </service>
Supported elements
The update action supports the following elements: <title>
Syntax: <title>The ACME Team Place</title>
Supported Values: Any string that represents the title of the place. <meta_data> Syntax:
<meta_data> <name1>value1</name1> <name2>value2</name2> <name3>value3</name3> </meta_data>
Supported Values: Name/Value pairs are specified and are user-defined. The metadata Name/Value pairs are stored in the specified place as well as the Place Catalog.
Example
<?xml version="1.0"?> <service> <servers> <server local="true"> <places> <place action="update"> <name>AcmeTeam</name> <title>The ACME Team Place</title> <meta_data> <name1>value1</name1> <name2>value2</name2> <name3>value3</name3> </meta_data>
42-13
</place> </places> </server> </servers> </service>
The placetype node

The placetype node represents a PlaceType on a IBM Lotus Quickr server. In this release, the placetype node is primarily used when creating places. It supports no actions. When performing operations involving a PlaceType, you must give the PlaceType an id, then reference it in other sections of the XML. First, identify and give the PlaceType an id, then reference the id in other sections of the XML. For example, to create a place from the ACMETeamPlaceType, use the following syntax:
<?xml version="1.0"?> <service> <servers> <server local="true"> <placetypes> <placetype id="ACMETeamPlacetypelink"> <name>ACMETeamPlaceType</name> </placetype> </placetypes> <places> <place action="create"> <placetype> <link idref="ACMETeamPlacetypelink"> </placetype> <name>ACME_Team</name> <title>ACME Team Place</title> <members> <person action="add" id="ExternalMember"> <dn>cn=Charles Brown,ou=Sales,o=ACME</dn> </person> </members> </place> </places> </server> </servers> </service>
The placetype node supports the following attributes: id Unique ID to identify the PlaceType.
Supported elements
The <placetype> node supports the following named elements: <name> The name element is used by the placetype node to specify the name of the placetype being serviced. This name refers to a placetype on the local server executing the script. The name element is required for all placetype actions. Syntax:
42-14
<name>ACMETeamPlaceType</name>
<description> The description elements provides an optional description of the PlaceType. This value is set in the Lotus Quickr UI. It is displayed during the creation of a place. Syntax:
<description>The ACME Teams Placetype</description>
<addition_information_url> Provides an optional additional information url. This value is set in the Lotus Quickr UI. It is displayed during the creation of a place. Syntax:
<additional_information_url>http://www.acme.com/acmeteaminfo</additional_information_url>
The person node

The <person> node represents a person on the IBM Lotus Quickr server in the Lotus Quickr service. All actions performed on a person are executed from within the <place> node hierarchy.
Hierarchy
<?xml version="1.0"?> <service> <servers> <server> <places> <place> <members> <person></person> </members> </place> </places> </server> </servers> </service>
The person node supports the following attributes: id Syntax:
<person id="personid"></person> <person idref="personid"></person>
Assigning a person an id allows you to reference them in other sections of the XML. For example, if you want to create two places and add the same user as a member of both, you define and give the user an id within the first <place> node, then reference them in the second <place> node. For example:
<?xml version="1.0"?> <service> <servers> <server local="true"> <places> <place action="create">
42-15
<name>ACME_Team_Blue</name> <title>ACME Team Place Blue</title> <members> <person local="true" id="person1"> <username>jdoe</username> </person> <person id="person2"> <dn>cn=Charles Brown,ou=Sales,o=ACME</dn> </person> </members> </place> <place action="create"> <name>ACME_Team_Red</name> <title>ACME Team Place Red</title> <rooms> <room> <name>Main.nsf</name> <access> <managers> <member action="add"> <link idref="person1"/> </member> </managers> <authors> <member action="remove"> <link idref="person2"/> </member> </authors> </access> </room> </rooms> </place> </places> </server> </servers> </service>
local Syntax:
<person local="true"></person>
Supported Values: true | false - Specifies whether or not the person is local to the specified place. A value of true indicates that the person exists only in the specified place. A value of false indicates that the person exists in a user directory, outside the specified place. subscribed_to_newsletter Syntax:
<person subscribed_to_newsletter="true"></person>
Supported Values: true | false - Specifies whether or not the person subscribed to the places newsletter. A value of true indicates that the person is subscribed. A value of false indicates that the person is not subscribed. subscribed_to_calendar_events Syntax:
<person subscribed_to_calendar_events="true"></person>
42-16
Supported Values: true | false - Specifies whether or not the person subscribed to the calendar events in the specified place. A value of true indicates that the person is subscribed. A value of false indicates that the person is not subscribed. using_accessible_ui Syntax:
<person using_accessible_ui="true"></person>
Supported Values: true | false - Specifies whether or not the person is using an accessibility user interface in the specified place. A value of true indicates that the person is is using an accessibility user interface. A value of false indicates that the person is not is using an accessibility user interface. email_client Syntax:
<person email_client="notes5"></person>
Supported Values: notes5 | outlook | - Specifies which e-mail client the person uses. Notes5 means the person uses a IBM Lotus Notes mail client. Outlook means the person uses a Microsoft Outlook mail client.
Supported elements
The person node supports the following named elements: <dn> The <dn> element is used by the person node to specify the external name of the person being serviced. This name refers to a person in a directory external to Lotus Quickr. The format of the dn must be an LDAP distinguished name. You do not need to specify this element (nor should you) if you are operating on a person that is local to the specified place Syntax:
<dn>cn=Jane Doe,ou=Sales,o=ACME</dn>
Required: Required for all supported place actions if operating on an external user. <username> The <username> element is used by the person node to specify the person that is associated with the operation being performed. The value specified by this element represents a local user of the specified place. A local user is one that exists purely in the place and not in an external entity such as a directory. If you want to specify an external user then use the <dn> element described above. Syntax:
<username>jdoe</username>
Required: Person attribute local=true must be specified. <first_name>
42-17
The <first_name> element is used by the person node to specify the first name of the person that is associated with the operation being performed. The value specified by this element represents the first name of a local user of the specified place. This element is not applicable when the <dn> element is specified. Syntax:
<first_name>jane</first_name>
Required: Person attribute local=true must be specified. <last_name> The <last_name> element is used by the person node to specify the last name of the person that is associated with the operation being performed. The value specified by this element represents the last name of a local user of the specified place. This element is not applicable when the <dn> element is specified. Syntax:
<last_name>Doe</last_name>
Required: Person attribute local=true must be specified. <password> The <password> element is used by the person node to specify the password of the person that is associated with the operation being performed. The value specified by this element represents the password of a local user of the specified place. This password will be required when the specified user authenticates with the place. This element is not applicable when the <dn> element is specified. Syntax:
<password>BigSecret</password>
Required: Person attribute local=true must be specified. <phone_number> The <phone_number> element is used by the person node to specify the phone number of the person that is associated with the operation being performed. The value specified by this element represents the phone number of a local user of the specified place. This element is not applicable when the <dn> element is specified. Syntax:
<phone_number>978-555-1212</phone_number>
Required: Person attribute local=true must be specified. <offline_password> The <offline_password> element is used by the person node to specify the offline password of the person that is associated with the operation being performed. This password is used when the person authenticates with the place in offline mode. The value specified by this element can be used with either a local person or an external person. Syntax:
<offline_password>BigSecret</offline_password>
42-18
Required: N/A <description> Syntax:

<description>Million Dollar Sales Manager</description>
Required: N/A The <description> element is used by the person node to specify a description of the person that is associated with the operation being performed. The value specified by this element can be used with either a local person or an external person. <email> The <email> element is used by the person node to specify the e-mail address of the person that is associated with the operation being performed. The value specified by this element can be used with either a local person or an external person. This element is not applicable when the <dn> element is specified. Syntax:
<email>jdoe@acme.com</email>
Required: Person attribute local=true must be specified. <theme> The <theme> element is used by the person node to specify the name of the theme associated with the operation being performed. The value specified by this element can be used with either a local person or an external person. Syntax:
<theme>h_DefaultSkin</theme>
Required: N/A
Supported actions
The person node supports the following named actions: v add v remove v update
add (person)
The add action adds a person to the specified place. The person can exist in the place or can exist outside the place in an external directory, depending upon which attribute you specify for them. When adding an external person to a place, the external user directory is not consulted for existence or name correctness. You can specify any supported attributes or elements of the person when the add action is performed since the specified person is updated immediately following this add operation. Note: This action is performed to initially add a person to the specified place but it does not give that person any rights to access elements of the place. That action is performed by the <member> node within a room.
42-19
Syntax
<?xml version="1.0"?> <service> <servers> <server local="true"> <places> <place> <name></name> <members> <person local="true" action="add"> <username></username> </person> </members> </place> </places> </server> </servers> </service>
- or <?xml version="1.0"?> <service> <servers> <server local="true"> <places> <place> <members> <person action="add"> <dn></dn> </person> </members> </place> </places> </server> </servers> </service>
Optional attributes
subscribed_to_newsletter using_accessible_ui subscribed_to_calendar_events email_client
Optional elements
<password> <first_name> <last_name> <phone_number> <email> <offline_password> <theme> <description>
Example
<?xml version="1.0"?> <service> <servers> <server local="true"> <places> <place> <name>ACME_Team</name> <members> <person local="true" action="add">
42-20
<username>Jane Doe</username> <password>BigSecret</password> <first_name>Jane</first_name> <last_name>Doe</last_name> </person> <person action="add"> <dn>cn=Charles Brown,ou=Sales,o=ACME</dn> </person> </members> </place> </places> </server> </servers> </service>
remove (person)
The remove action removes a person from the specified place. The person can exist in the place or can exist outside the place in an external directory, depending upon which attribute you specify for them. If you remove a local person, that person is removed from the specified place. If you remove an external person, that person is removed from the place but is not removed from the external directory. When a person is removed from a place, the persons membership to all rooms in the place is also removed.
Syntax
<?xml version="1.0"?> <service> <servers> <server> <places> <place> <name></name> </place> </places> </server> </servers> </service>
- and <?xml version="1.0"?> <service> <servers> <server> <places> <place> <members> <person local="true" action="remove"> <username></username> </person> </members> </place> </places> </server> </servers> </service>
- or <?xml version="1.0"?> <service> <servers> <server>

42-21
<places> <place> <members> <person action="remove"> <dn></dn> </person> </members> </place> </places> </server> </servers> </service>
Example
<?xml version="1.0"?> <service> <servers> <server> <hostname>qk.acme.com</hostname> <places> <place> <name>ACME_Team</name> <members> <person local="true" action="remove"> <username>JDoe</username> </person> <person action="remove"> <dn>cn=Charles Brown,ou=Sales,o=ACME</dn> </person> </members> </place> </places> </server> </servers> </service>
update (person)
The update action updates a person in the specified place. When this action is called, the specified person is updated using the attributes and values you specify. You can specify any supported attributes or elements of the person when the update action is performed. No updates are performed in the external directory if the person being updated is not local.
Syntax
<?xml version="1.0"?> <service> <servers> <server> <places> <place> <name></name> </place> </places> </server> </servers> </service>
- and <?xml version="1.0"?> <service> <servers> <server> <places>
42-22
<place> <members> <person local="true" action="update"> <username></username> </person> </members> </place> </places> </server> </servers> </service>
- or <?xml version="1.0"?> <service> <servers> <server> <places> <place> <members> <person action="update"> <dn></dn> </person> </members> </place> </places> </server> </servers> </service>
Optional attributes
subscribed_to_newsletter using_accessible_ui subscribed_to_calendar_events email_client
Optional elements
<password> <first_name> <last_name> <phone_number> <email> <offline_password> <theme> <description>
Example
<?xml version="1.0"?> <service> <servers> <server> <hostname>qk.acme.com</hostname> <places> <place> <name>ACME_Team</name> <members> <person local="true" action="update"> <username>JDoe</username> <password>BiggerSecret</password> </person> <person action="update"> <dn>cn=Charles Brown,ou=Sales,o=ACME</dn> <offline_password>Drats</offline_password> <phone_number>978-555-1212</phone_number>
42-23
</person> </members> </place> </places> </server> </servers> </service>
The group node

The <group> node represents a group on the IBM Lotus Quickr server in the Lotus Quickr service. All actions performed on a group are executed from within the <place> node hierarchy. Group actions are performed on external groups only.
Hierarchy
<?xml version="1.0"?> <service> <servers> <server> <places> <place> <members> <group></group> </members> </place> </places> </server> </servers> </service>
Supported elements
The group node supports the following named elements: <dn> The <dn> element is used by the group node to specify the external name of the group being serviced. This name refers to a group in a directory. Syntax:
<dn>cn=Sales,ou=Corporate,o=ACME</dn>
Required: Required for all supported place actions. <description> The <description> element is used by the group node to specify a description of the group that is associated with the operation being performed. The value specified by this element must be an external group that exists in an external directory. Syntax:
<description>The ACME Sales Team</description>
Required: N/A
42-24
Supported actions
The <group> node supports the following named actions: v add v remove v update
add (group)
The add action adds a group to the specified place. The group must exist outside the place in an external directory. When adding a group to a place, the external directory is not consulted for existence or name correctness. You can specify any supported attributes or elements of the group when the add action is performed since the specified group is updated immediately following this add operation. Note: This action is performed to initially add a group to the specified place but it does not give that group any rights to access elements of the place. That action is performed by the <member> node.
Syntax
<?xml version="1.0"?> <service> <servers> <server> <places> <place> <members> <group action="add"> <dn></dn> </group> </members> </place> </places> </server> </servers> </service>
Optional attributes
The following optional attributes are supported the group node: subscribed_to_newsletter Specifies whether the members of the group subscribe to the places newsletter.
Optional elements
The following optional elements are supported in the group node: <description> Describes the group.
Example
<?xml version="1.0"?> <service> <servers> <server> <hostname>qk.acme.com</hostname>
42-25
<places> <place> <name>ACME_Team</name> <members> <group action="add"> <dn>cn=Sales,ou=Corporate,o=ACME</dn> </group> </members> </place> </places> </server> </servers> </service>
remove (group)
The remove action removes a group from the specified place. The group is removed from the place but is not removed from the external directory. When a group is removed from a place, group membership to all rooms in the place is also removed.
Syntax
<?xml version="1.0"?> <service> <servers> <server> <places> <place> <members> <group action="remove"> <dn></dn> </group> </members> </place> </places> </server> </servers> </service>
Example
<?xml version="1.0"?> <service> <servers> <server> <hostname>qk.acme.com</hostname> <places> <place> <name>ACME_Team</name> <members> <group action="remove"> <dn>cn=Sales,ou=Corporate,o=ACME</dn> </group> </members> </place> </places> </server> </servers> </service>
update (group)
The update action updates a group in the specified place. When this action is called, the specified group is updated using the attributes and values you specify.
42-26
You can specify any supported attributes or elements of the group when the update action is performed. No updates are performed in the external directory.
Syntax
<?xml version="1.0"?> <service> <servers> <server> <places> <place> <members> <group action="update"> <dn></dn> </group> </members> </place> </places> </server> </servers> </service>
Optional elements
The following optional elements are supported in the group node: <description> Describes the group.
Example
<?xml version="1.0"?> <service> <servers> <server local="true"> <hostname>qk.acme.com</hostname> <places> <place> <name>ACME_Team</name> <members> <group action="update"> <dn>cn=Sales,ou=All,o=ACME</dn> <description>Global Sales Team</description> </group> </members> </place> </places> </server> </servers> </service>
The member node

The <member> node represents a member of one or more rooms in the specified place on the IBM Lotus Quickr server in the Lotus Quickr service. All actions performed on a member are executed from within the <room> node hierarchy. The member node is primarily used to define, modify, or remove membership access to one or more rooms in the place. Note: The main distinction between a <person> or <group> and a <member> is that a <person> or <group> represents an entity that the place has information about. A <member> represents a <person> or <group> nodes access or membership to a particular room.
42-27
When you perform actions on a member, you must define a <person> or <group> that represents the member you are processing. Operations on a member node are performed using an idref link to the <person> or <group> nodes previously defined in the script. An idref link relationship is demonstrated by the following XML. Notice that the <person> node is defined first with a corresponding link ID value. That ID value is referenced through the <link idref> element to determine which <person> the <member> node should operate on.
<?xml version="1.0"?> <service> <servers> <server local="true"> <places> <place> <members> <person local="true" id="person1"> <username>jdoe</username> </person> <person id="person2"> <dn>cn=Charles Brown,ou=Sales,o=ACME</dn> </person> </members> . . . <rooms> <room> <name>Main.nsf</name> <access> <managers> <member action="add"> <link idref="person1"/> </member> </managers> <authors> <member action="remove"> <link idref="person2"/> </member> </authors> </access> </room> </rooms> </place> </places> </server> </servers> </service>
Supported elements
The member node supports the following named elements: <link> The <link> element is used by the member node to provide a reference link by ID to a previously defined <person> or <group> node. The idref attribute is specified when <link> is used to reference the entity defined previously with the same value. The value specified by idref must match the value defined for the entity it is used to reference. For example: <person id=person1/> and <link idref=person1/> Syntax:<link idref=person1/> Required: Required for all supported <member> actions being performed on a <person> or <group>.
42-28
Supported actions
The member node supports the following named actions: v add v remove
add (member)
The add member action adds a person or group with the specified access level to the specified room of the specified place. The person or group must previously exist as a entity in the place (handled by the <person> or <group> nodes) before a membership operation can be performed. When a membership action is performed, the specified entity will have immediate access to the specified room at the specified level of access.
Syntax
<?xml version="1.0"?> <service> <servers> <server> <places> <place> <name></name> <members> <person | group id="refValue"> </person | /group> </members> <room> <name></name> <access> <managers | editors | authors | readers> <member action="add"> <link idref="refValue"/> </member> </managers | /editors| /authors | /readers> </access> </room> </place> </places> </server> </servers> </service>
Supported elements
Membership access level is controlled by the following elements: <managers> The <managers> element is used by the <room> node to specify manager access level to the room for the names specified within. Syntax:
<managers> <member action="add"> <link idref="refValue"/> </member> </managers>
Required: The name of a local or external person or group that exists in the place.
42-29
<editors> The <editors> element is used by the <room> node to specify editor access level to the room for the names specified within. Syntax:
<editors> <member action="add"> <link idref="refValue"/> </member> </editors>
<authors> The <authors> element is used by the <room> node to specify author access level to the room for the names specified within. Syntax:
<authors> <member action="add"> <link idref="refValue"/> </member> </authors>
Required: The name of a local or external person or group that exists in the place. <readers> The <readers> element is used by the <room> node to specify reader access level to the room for the names specified within. Syntax:
<readers> <member action="add"> <link idref="refValue"/> </member> </readers>
Required: The name of a local or external person or group that exists in the place.
Example
<?xml version="1.0"?> <service> <servers> <server local="true"> <places> <place> <name>ACMETeam</name> <members> <person local="true" id="person1"> <username>cbrown</username> </person> <person id="person2"> <dn>cn=Jane Doe,ou=Sales,o=ACME</dn> </person> </members> <rooms> <room> <name>Main.nsf</name> <access>
42-30
<managers> <member action="add"> <link idref="person1"/> </member> </managers> <authors> <member action="remove"> <link idref="person2"/> </member> </authors> </access> </room> </rooms> </place> </places> </server> </servers> </service>
remove (member)
The remove action removes a person or group access to the specified room of the specified place. The person or group must previously exist as a entity in the place (handled by the <person> or <group> nodes) before a membership operation can be performed. When a membership action is performed, the specified entitys access will be immediately removed from the specified room
Syntax
<?xml version="1.0"?> <service> <servers> <server local="true"> <places> <place> <name></name> <members> <person | group id="refValue"> </person | /group> </members> <room> <name></name> <member action="remove"> <link idref="refValue"/> </member> </room> </place> </places> </server> </servers> </service>
Example
<?xml version="1.0"?> <service> <servers> <server local="true"> <places> <place> <name>ACMETeam</name> <members> <person local="true" id="person1"> <username>cbrown</username> </person> <person id="person2"> <dn>cn=Jane Doe,ou=Sales,o=ACME</dn> </person>
42-31
</members> <rooms> <room> <name>Main.nsf</name> <access> <members> <member action="remove"> <link idref="person1"/> </member> <member action="remove"> <link idref="person2"/> </member> </members> </access> </room> </rooms> </place> </places> </server> </servers> </service>
42-32
Part 9. Appendixes
Notices
This information was developed for products and services offered in the U.S.A. IBM may not offer the products, services, or features discussed in this document in other countries. Consult your local IBM representative for information on the products and services currently available in your area. Any reference to an IBM product, program, or service is not intended to state or imply that only that IBM product, program, or service may be used. Any functionally equivalent product, program, or service that does not infringe any IBM intellectual property right may be used instead. However, it is the users responsibility to evaluate and verify the operation of any non-IBM product, program, or service. IBM may have patents or pending patent applications covering subject matter described in this document. The furnishing of this document does not grant you any license to these patents. You can send license inquiries, in writing, to: IBM Director of Licensing IBM Corporation North Castle Drive Armonk, NY 10504-1785 U.S.A. For license inquiries regarding double-byte (DBCS) information, contact the IBM Intellectual Property Department in your country or send inquiries, in writing, to: IBM World Trade Asia Corporation Licensing 2-31 Roppongi 3-chome, Minato-ku Tokyo 106-0032, Japan The following paragraph does not apply to the United Kingdom or any other country where such provisions are inconsistent with local law: INTERNATIONAL BUSINESS MACHINES CORPORATION PROVIDES THIS PUBLICATION AS IS WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESS OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF NON-INFRINGEMENT, MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. Some states do not allow disclaimer of express or implied warranties in certain transactions, therefore, this statement may not apply to you. This information could include technical inaccuracies or typographical errors. Changes are periodically made to the information herein; these changes will be incorporated in new editions of the publication. IBM may make improvements and/or changes in the product(s) and/or the program(s) described in this publication at any time without notice. Any references in this information to non-IBM Web sites are provided for convenience only and do not in any manner serve as an endorsement of those Web sites. The materials at those Web sites are not part of the materials for this IBM product and use of those Web sites is at your own risk. IBM may use or distribute any of the information you supply in any way it believes appropriate without incurring any obligation to you. Licensees of this program who wish to have information about it for the purpose of enabling: (i) the exchange of information between independently created programs and other programs (including this one) and (ii) the mutual use of the information which has been exchanged, should contact:
A-1
IBM Director of Licensing IBM Corporation North Castle Drive Armonk, NY 10504-1785 U.S.A. Such information may be available, subject to appropriate terms and conditions, including in some cases, payment of a fee. The licensed program described in this information and all licensed material available for it are provided by IBM under terms of the IBM Customer Agreement, IBM International Program License Agreement, or any equivalent agreement between us. Any performance data contained herein was determined in a controlled environment. Therefore, the results obtained in other operating environments may vary significantly. Some measurements may have been made on development-level systems and there is no guarantee that these measurements will be the same on generally available systems. Furthermore, some measurements may have been estimated through extrapolation. Actual results may vary. Users of this document should verify the applicable data for their specific environment. Information concerning non-IBM products was obtained from the suppliers of those products, their published announcements or other publicly available sources. IBM has not tested those products and cannot confirm the accuracy of performance, compatibility or any other claims related to non-IBM products. Questions on the capabilities of non-IBM products should be addressed to the suppliers of those products. All statements regarding IBMs future direction or intent are subject to change or withdrawal without notice, and represent goals and objectives only. All IBM prices shown are IBMs suggested retail prices, are current and are subject to change without notice. Dealer prices may vary. This information is for planning purposes only. The information herein is subject to change before the products described become available. This information contains examples of data and reports used in daily business operations. To illustrate them as completely as possible, the examples include the names of individuals, companies, brands, and products. All of these names are fictitious and any similarity to the names and addresses used by an actual business enterprise is entirely coincidental. COPYRIGHT LICENSE: This information contains sample application programs in source language, which illustrate programming techniques on various operating platforms. You may copy, modify, and distribute these sample programs in any form without payment to IBM, for the purposes of developing, using, marketing or distributing application programs conforming to the application programming interface for the operating platform for which the sample programs are written. These examples have not been thoroughly tested under all conditions. IBM, therefore, cannot guarantee or imply reliability, serviceability, or function of these programs. Each copy or any portion of these sample programs or any derivative work, must include a copyright notice as follows: (your company name) (year). Portions of this code are derived from IBM Corp. Sample Programs. Copyright IBM Corp. _enter the year or years_. All rights reserved.
A-2
If you are viewing this information softcopy, the photographs and color illustrations may not appear.
Trademarks
The following terms are trademarks of International Business Machines Corporation in the United States, other countries, or both: AIX AIX 5L DB2 DB2 Universal Database developerWorks Domino Domino Designer i5/OS IBM Lotus Lotus Notes Notes QuickPlace Sametime Tivoli WebSphere Adobe, Acrobat, Portable Document Format (PDF), and PostScript are either registered trademarks or trademarks of Adobe Systems Incorporated in the United States, other countries, or both. Intel, Intel logo, Intel Inside, Intel Inside logo, Intel Centrino, Intel Centrino logo, Celeron, Intel Xeon, Intel SpeedStep, Itanium, and Pentium are trademarks or registered trademarks of Intel Corporation or its subsidiaries in the United States and other countries. Microsoft, Windows, Windows NT, and the Windows logo are trademarks of Microsoft Corporation in the United States, other countries, or both. Java and all Java-based trademarks are trademarks of Sun Microsystems, Inc. in the United States, other countries, or both. Linux is a trademark of Linus Torvalds in the United States, other countries, or both. UNIX is a registered trademark of The Open Group in the United States and other countries. Other company, product, or service names may be trademarks or service marks of others.
Notices
A-3
A-4
Printed in USA

LotusQuickr80 Domino Admin

Uploaded by

Document Information

Original Description:

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

LotusQuickr80 Domino Admin

Uploaded by

Copyright:

Available Formats

Lotus IBM Lotus Quickr Version 8.

Administrators Guide: Services for Lotus Domino

Lotus IBM Lotus Quickr Version 8.0

Administrators Guide: Services for Lotus Domino

Part 4. Configuring services for Lotus Domino

Checking for known issues before installation . . . . . . . . . . . . . 3-1

Part 2. Planning services for Lotus Domino Part 3. Installing

Performing i5/OS-specific configuration tasks . . . . . . . . . 7-1

Connecting to a user directory . . . . 8-1

Configuring the Place Catalog . . . . 9-1

Installing connectors . . . . . . . . 5-1

Configuring clustered servers . . . . 10-1 iii

. 10-1 . 10-2 . 10-2 . 10-3 . 10-3 . 10-3

Configuring security . . . . . . . . 11-1

Configuring place options

Integrating with other applications

Customizing the My Places feature

Setting up Lotus Quickr for offline use . . . . . . . . . . . . . . . 13-1

Part 5. Administering services for Lotus Domino

Lotus Quickr: Administrators Guide: Services for Lotus Domino

Managing place membership . . . . 19-1

22-6 22-6 22-6 22-6 22-7 22-7 22-7

Maintaining a cluster . . . . . . . . 23-1

Part 6. Customizing services for Lotus Domino

Managing templates (PlaceTypes)

Creating PlaceTypes . . . . . . . . 28-1

Maintaining servers . . . . . . . . 22-1

Automating tasks with PlaceBots

29-4 29-4 29-4 29-4 29-5

Creating custom place themes

Part 7. Troubleshooting services for Lotus Domino

36-1 36-1 36-1

36-2 36-3 36-3 36-3

Troubleshooting qptool problems

Troubleshooting place problems . . . 34-1

Troubleshooting user directory problems . . . . . . . . . . . . . 35-1

Troubleshooting offline problems

35-2 35-2 35-2

Troubleshooting security problems vi

Lotus Quickr: Administrators Guide: Services for Lotus Domino

XML nodes and node actions . . . . 42-1

Troubleshooting Lotus Sametime problems . . . . . . . . . . . . . 39-1

Troubleshooting problems with non-English versions . . . . . . . . 40-1

Lotus Quickr: Administrators Guide: Services for Lotus Domino

Copyright IBM Corp. 2007

Lotus Quickr: Administrators Guide: Services for Lotus Domino

Deciding on the services to use

Copyright IBM Corp. 2007

Lotus Quickr: Administrators Guide: Services for Lotus Domino

Supported hardware and software

Copyright IBM Corp. 2007

Lotus Quickr: Administrators Guide: Services for Lotus Domino

Checking for known issues before installation

Copyright IBM Corp. 2007

Lotus Quickr: Administrators Guide: Services for Lotus Domino

Part 2. Planning services for Lotus Domino

The Lotus Quickr services for Lotus Domino environment

Copyright IBM Corp. 2007

Directory services planning

Lotus Quickr: Administrators Guide: Services for Lotus Domino

Lotus Quickr: Administrators Guide: Services for Lotus Domino

Copyright IBM Corp. 2007

Lotus Quickr: Administrators Guide: Services for Lotus Domino