Category: security

Mai 12th, 2018 by dominoteam
  1. Example for the Cisco Ironport ESA – SMTP Authentication Query used in the LDAP Server Profile:

 

(|(mail={a})(uid={a})(mailaddress={a})(cn={a}))

 

2. Example: The Allowance Query String can be used for Mail Relay SMTP Authentication Profile

 

more Infos about the cisco ironport Mail ESA Box config:

https://www.cisco.com/c/en/us/td/docs/security/ces/user_guide/esa_user_guide_11-1/b_ESA_Admin_Guide_ces_11_1.html

 

Posted in internet, Mail, security Tagged with: , ,

Mai 11th, 2018 by dominoteam

Important: your need the latest Fixpack to get the ldap/s working with z-scaler -> 9.0.1 SP3 If 1

change the notes.ini: SSL_ENABLE_INSECURE_SSLV2_HELLO=1

Because zscaler has some problems with the TLS1.0 implmentation of the IBM Domino Server

—-

The z-scaler Cloud Proxy Service can be connected with Lotus Domino LDAP for:

– configuration Groups
– User authentication

Connection Parameter openLDAP Setting for zscaler

Tip: For full Domino LDAP read access you need a Notes User (e.g. „Ldap User“)

Tip: for security Reasons use LDAP/S

LDAP Atribute Fields (Lotus Notes Form Field Mapping)

Posted in domino, Mail, security Tagged with: ,

Mai 11th, 2018 by dominoteam

How does IBM Connections support removing personal information when requested by users?

More Information in the IBM Technote:

http://www-01.ibm.com/support/docview.wss?uid=swg22016061&myns=swglotus&mynp=OCSSYGQH&mync=E&cm_sp=swglotus-_-OCSSYGQH-_-E

 

Add. Information:

https://www.ibm.com/support/knowledgecenter/SSYGQH_6.0.0/admin/admin/c_common_manage_personal_data_for_gdpr.html

Posted in Connection, security Tagged with: ,

Mai 10th, 2018 by dominoteam
    To disable the old TLS 1.0 protocol on your domino server you can use the following notes.ini setting:
    SSL_DISABLE_TLS_10=1
    You neet to restart the HTTP Taks to activate this setting. You can test your server SSL Setting with the SSLLabs free security Test

 

Posted in domino, security, server Tagged with: , , ,

Mai 13th, 2017 by dominoteam

SAML
http://www-01.ibm.com/support/docview.wss?uid=swg27041524

ADFS Setup
http://www-10.lotus.com/ldd/dominowiki.nsf/dx/Cookbookcol_Setting_up_ADFS_for_integrated_Windows_authentication_lprIWArpr_

technote 1614543: Index of SAML cookbooks – http://ibm.co/19QwDEG
wiki article: „Upgrading from Notes client single logon to Notes shared login“ – http://bit.ly/1rwK4Dc
More Infos http://www-10.lotus.com/ldd/dominowiki.nsf/xpViewCategories.xsp?lookupName=Domino%20security
http://www-10.lotus.com/ldd/ndsebetaforum.nsf/topicThread.xsp?documentId=F7DF398B8B9DF82885257AD30049A00E&action=openDocument

Posted in domino, security, server