Subject: From IBM: We are considering this (Forward/Reply indicators) for a furture release of Traveler. Plans not yet confirmed <>
Subject: Security
Hi,
What is the security of emails when they are configured via notes traveler to a mobile handset. As for blackberry routing the security aspect is taken care by the BES. Can you please elaborate on the security aspect.
Subject: RE: Security
All of the messages are transferred via HTTPS, so it is whatever SSL you have setup for HTTPS that is being used for messages in transit.
Once the data gets to the device, it is up to the device whether or not the data is encrypted or not. Some devices have hardware encryption and some do not. There is more detail in the 8.5.2 documentation.
Subject: New function
HiI would like to see
1-to be able configure a security policy to allow only one device per user.
2- Pushmail time policy settings
ex, Pushmail working hour (8-17) and after that to allow only manuall sync.
3- More Device management options to be able push new updates setting from apple.xml (iphone)
3- Get photo from global directory (iphone)
4- Control attachment and max mail size for (iphone)
5- CPU spik problem at traveler start
//Aram
Subject: RE: New function
1-to be able configure a security policy to allow only one device per user.
There is already a requirement for this as it has been asked for before.
2- Pushmail time policy settings
ex, Pushmail working hour (8-17) and after that to allow only manually sync.
WM and Nokia already have this feature on the clients. You can set the times as you indicate. If you are asking about being able to configure/change those settings from policies form the server, there is already a requirement for this for WM and Nokia.
Apple push is controlled by the device, so there is no way to control this from the server. The user has complete control over these settings.
3- More Device management options to be able push new updates setting from apple.xml (iphone)
Apple decided to put the Apple profile installation/updates in control of the users, not the admins. Thus, there is no way to push updates to Apple devices - the users have to manually request the new profiles.
3- Get photo from global directory (iphone)
The ActiveSync spec does not include photo in the request for name lookup, so that is not going to happen unless the ActiveSync spec changes and Apple picks it up.
4- Control attachment and max mail size for (iphone)
There is already a requirement for this as it has been asked for before.
5- CPU spike problem at traveler start
I am not sure what you are referring to here. You should open a PMR for this so that we can get logs and debug it. The only thought I would have at this point is to make sure your /traveler/logs directory is under IBM_TECHNICAL_SUPPORT or outside of the /data directory tree (such as on another disk) so that Domino does not look through the files on startup. 8.5.2 has the default log directory under IBM_TECHNICAL_SUPPORT.
Subject: Proxy configuration - How to?
We are using Traveler 8.5.2 in a DMZ network configuration, supporting 12 users. We would like to move to a proxy configuration (using our current Apache proxy)We have seen where it’s been tested for Apache. There doesn’t seem to be any How To regarding a proxy config ie what needs to have access. Do we need to configure a redirection URL on the Domino side etc?
Subject: RE: Proxy configuration - How to?
There is some information here including which protocols/ports are being used where:http://www-10.lotus.com/ldd/dominowiki.nsf/dx/Using_a_reverse_proxy_LNT852
Basically, Traveler is using all HTTP/HTTPS to/from the mobile devices, so it should be a simple setup. The only thing to remember to set is the External URL on the Lotus Traveler tab in the server document so that Traveler sends links to the proxy address and not the Traveler server itself.
Some devices (mainly Apple) do not like HTTP 302 redirects, so try not to use them. And do not redirect HTTP to HTTPS - if you want HTTPS, configure it that way to start with.
Subject: Schedule/Invite users to Meetings from Traveler
Will you be able to schedule meetings at some point, particularly from an iPhone?
Subject: Note: We are on 8.5.1 with We are on Domino 8.5.1 using Lotus Notes Traveler 8.5.1.2 Build 201003232022
Subject: You will need to upgrade to 8.5.2 to get full (chair/invitee) calendar invitation support on the iPhone/iPad <>
Subject: Meeting invitations are supported on the iPhone/iPad in 8.5.2
New in the Lotus Notes Traveler 8.5.2 release, which shipped Aug 2010, is support for calendar invitations on the iPhone/iPad. With 8.5.2 you can schedule meetings (as a chair person) or accept/decline meeting (as an invitee)
Subject: RE: Schedule/Invite users to Meetings from Traveler
Yes. That is part of 8.5.2. If you upgrade to 8.5.2, you will have that feature.
Subject: Traveler Lookup for custom directories
Are there any plans to publish/update the documentation for customization of Traveler Lookup? The available documents seem not to apply for 8.5.2 version.I am particualary interested in:
-
How to customize the fields being transfered from the standard Domino Direcotory and how to possibly change the mapping between Domino fields and the mobile device.
-
How to set up fields that are being returned by Traveler Lookup when custom directory is used (e.g. different form is used with different field names comparing to the standard template).
Subject: RE: Traveler Lookup for custom directories
Customizing the name lookup is included in the 8.5.2 documentation:http://www-10.lotus.com/ldd/dominowiki.nsf/dx/Configuring_corporate_look_up_for_devices_LNT852
If that doesn’t meet your needs, it is available in the Wiki now and can be updated by anybody, but if you need to ask questions, you can still do that here. But the intent was that the documentation would have everything.
Subject: 2 Travelers for 2 Domino mail servers
I want to install the Traveler service on 2 Domino mail servers located in two far geo locations, but part of the same Domino org and domain (e.g. USA mail server, Rome mail server).
Each Traveler should only poll mail from the Domino server where it is installed on, without polling the other distant and slow-responding Domino server.
eg The USA employee will connect the smartphone to the USA server Traveler, whilst the Italian employee will connect to the Italian server Traveler…
Is it possible? How to implement it?
Thanks
Subject: 2 Travelers for 2 Domino mail servers
Traveler looks up the home server in the Domino directory, so lets say you create 2 hosts
The US user browses to the US Traveler server to do the Install and Config and the Italian user browsers to it.traveler.acme.com to do his installation.
Thus each user is registerd to the correct server
Subject: RE: 2 Travelers for 2 Domino mail servers
Pointing the user to the correct Traveler server will take care of the devices. The do not roam between Traveler servers.
The only question is whether the user’s mail databases are replicated both near and far. If the mail database is only on the near Domino server, it will only use that user’s mail database. If the user has a mail database replica both near and far, Traveler would fail over to the far server if the near server went down. As long as the near server is up and is listed as the primary mail server, Traveler should use that one.
Subject: Password Change causes a device sync lockout
Every 90 days we require our users to change their passwords. They never remember that the change of the HTTP password is not picked up within the cached Active Sync profile on the device, so it’s always a Help Desk call that their device won’t sync.
Is there a way within Traveler to have that failed sync attempt captured (like by upping a log file detail level) so that we can set up an Event Monitor that generates an email when a sync failure occurs?
(we’d send the Monitor Alert to a mail-in db and create an agent to pull the userinfo from the alert, and send them a “We noticed you had a password change, don’t forget to update your device” reminder)
Subject: RE: Password Change causes a device sync lockout
There is nothing you can do at the Traveler level. Domino HTTP (or whatever proxy you might have in front of that), is authenticating the incoming requests, so you would need to do something at that level. Once locked out, the requests are not even getting to Traveler as HTTP is returning them first.
If your password is stored elsewhere (such as a company LDAP), you could setup the Domino HTTP lookout to be fewer attempts than the corporate level so that you only get locked out from Domino and not your corporate one. If it is the same password store, then that won’t help you as that is what is locking you out.
If you are using a proxy, you could setup the proxy to not actually retry requests that are using the same password. Internally at IBM, that is what we have setup to prevent this same problem. If the proxy sees that the device is trying the same password, it just discards the request and returns a 401 response to the client.
Note: the Apple device will retry failed authentication requests 3 times, so each time the user tries, if it is wrong, it really tries 3 times. This will make it even easier to hit the lockout.
Subject: Android Support
We have many customers asking about this? It was originally set to be in the 8.5.2 version. What happened? Please tell me it’s this month.
Thanks,
Michael