IBM is hosting an Open Mic conference call with Lotus Development and Support Engineering to discuss Security Configuration of the Domino HTTP Server (versions 6, 7 & 8)
The Open Mic call will be held on Thursday, August 14, 2008. This call will take place in one session at 10:00 AM EDT. The call will last 60 minutes. Please dial into the call 5 minutes before the scheduled start. This conference call is designed to be an open question & answer format, so bring your questions.
You may find it helpful to review the following resource prior to the conference call:
Securing a Lotus Domino Web Server
We also encourage you to share your experiences and perspectives about security and other Notes/Domino topics in the Notes/Domino Best Practices Wiki.
Please refer to the Open Mic Tech Flash (to be published shortly) for details about the conference call numbers. Please post any advanced questions within the ND8 forum by creating a response to this document. This Open Mic call will be recorded for future use, and will be made available via the Flash after the call.
A consultant is telling us that we need to change the “Allow HTTP clients to browse databases” property to “yes” to allow IBM’s Omnifind search engine for our WebSphere Portal to work.
These two documents both say to turn it off:
Years ago, we had incorporated this advice into our standard installation procedure, and as an admin, I am hesitant to open this up. Is there a better way to allow Omnifind access without compromising the security of my Domino servers?
During the Open Mic call, the panel said an ansewr would be posted here for this question. Any progress on how I can address this issue of keeping my Domino servers secure?
R7 Win32 platform.What would be the preferred security topology to allow for the registration of web users within a public facing web site, ensuring all users are unique across groups (creating groups if necessary) and directories and ensuring users can change own passwords and details.
In previous versions/environments, one or more of the following would have been used:
a) NAMES= line in notes.ini for secondary NABs
b) NoAmbiguousWebNames to prevent multiple web users having same name
c) LDAP using Directory Assistance
d) DOMREG taken from sandbox (is there an R7/updated domreg?)
e) Creating fictitious hierachical names for web users, such that each user is unique
f) Ensuring groups in secondary NABs are usable.
Any pointers on how Notes.net or large scale R7 public sites would be helpful
How does domino webmail prevent spreading of virus/malicious code from one mail box to another mailbox (on the same domino server) if the domino server does not have any antivirus (like eg Groupshield) installed, cq what security does webmail provide towards such threads. And is there any difference on the security provided between different versions /templates (from 6.5.1-8.02/8.5)