IBM Lotus Connector
Installation and Configuration
Mindbreeze GmbH, A-4020 Linz, 2021.
All rights reserved. All hardware and software names used are registered trade names and/or registered trademarks of the respective manufacturers.
These documents are highly confidential. No rights to our software or our professional services, or results of our professional services, or other protected rights can be based on the handing over and presentation of these documents. Distribution, publication or duplication is not permitted.
The IBM Domino server must run a service that provides the DIIOP file for external applications.
IBM Documentation: https://www-10.lotus.com/ldd/dominowiki.nsf/dx/DIIOP_Usage_and_Troubleshooting_Guide
Before installing the IBM Lotus Connector ensure that the Mindbreeze Server is already installed and this connector is also included in the Mindbreeze license.
Configuration of Mindbreeze
Configuration of IBM Lotus Data Source
To connect to the Lotus Domino server and crawl the data source, the following information must be provided:
- Lotus Domino Server: DNS or IP address.
- Lotus Domino Port: TCP Port. (Port where you can reach the DIIOP file (e.g.: http://YOURSERVER/diiop_ior.txt))
- Privileged Logon Account: User account with appropriate rights to crawl.
After configuring the Lotus Domino Server connection, the next step is to specify the databases to be crawled. This can be done by:
- Searching databases through address books, or
- Providing database names directly
Both databases and address books through which databases are found can be configured.
For configuring databases and address books check Advanced Setting on top-right corner of the Indices tab.
Configuration of Address Books
Click on Add Property on the bottom right to add a new address book.
For configuring an address book, provide the following information:
- File: A valid .nsf file (for example, names.nsf).
- Server Key: Mailserver item key (for example, MailServer).
- Name of the column containing the name of the server on which the actual database files are located (reference)
- Server Item: Mailfile item key (such as MailFile).
- Crawl Mailbox of Users (map users via address book): If certain users' mailboxes are to be included in the address book.
- If this option is active, the principals (users/groups) from the first address book are transferred in the configuration
- To do this, the column/field ShortName has to be in the address book:
- The CN properties are removed from the principal so that group/user name is left
- Example: firstname.lastname@example.org jane.doe
- The principal of the address book must be the same as the user/group currently logged on (SAML, Kerberos, etc.), in order for the ACLs to work
Configuration of Databases
Click on Add Property on the bottom right to add a new database and configure it as follows.
- File: Database file name (e.g. mail/johndoe.nsf).
- Server: DNS or IP address of Lotus Domino Server
By clicking the Save-button on the top right the settings will be persisted.
Databases and Metadata
By default, only a small amount of metadata is taken from the user-specific databases. A mapping file must be created in order to transfer all required metadata.
With the option "Custom Form Configuration File Path" you can configure a file path that contains a form configuration file.
There are two ways to edit the forms.xml file:
Automatically Generating the Mapping File
Use the tool (forms_tool.zip) from the directory: IBM Lotus as follows:
java -jar ibm-domino-dbinfo.jar <servername[:port]> <username> <password> <database.nsf> [form regex] [field regex]
The alias can be viewed in IBM Domino/Lotus as shown in the screenshot below.
- If Regex is empty, all forms and their metadata are taken, otherwise only those forms that match the forms regex and those fields/metadata that match the field regex are taken.
Then copy the output into the forms.xml file.
Manually Creating the Mapping File
Open the forms.xml file and add your own mapping.
<Form lotusName="content" categoryclass="blog">
<Metadatum lotusName="technorati" name="breadcrumbs"/>
<Metadatum lotusName="$UpdatedBy" name="updatedby">
<PostProcessing type="CNExtract" />
<!--CNExtract ==> CN properties are removed, so that e.g. username remains</!--CNExtract>-->
<Metadatum lotusName="OriginalModTime" name="mes:date">
<PostProcessing type="ParseDateTime" format="dd.MM.yyyy HH:mm:ss z" locale="en"/>
<!--So that Mindbreeze can interpret the date-->
<Metadatum lotusName="safesubject" name="content" fulltext="true" />
This configuration means that all objects with the name content are crawled, stored in the database blog and their metadata is mapped as in the example.
<Metadatum lotusName="technorati" name="breadcrumbs"/>
The lotus metadatum technorati is mapped to the metadata breadcrumbs in Mindbreeze.
To find out the lotusName of the form, you can use the IBM Domino Administrator:
With default settings, Lotus documents index only those attachments embedded in rich text fields.
If the "Index Not Embedded Attachments" option is enabled, all attachments are extracted and indexed.
Document Selection Patterns
It is possible to narrow sources to be crawled. In the following example, only mailboxes of users whose names begin with john are crawled.
Configuring User Mapping
By selecting Map Users via Address Book the ShortName property of the special address book “names.nsf” will be used to transform the identity (the ShortName) of the user to a IBM Lotus account (the FullName).
If you want to provide your own user account to username mapping, enter a file in the “Map Users via File” field.
The file is constructed like a Java-Properties file.
<sso username (SAML,Kerberos,..)> = <Lotus username/FullName aus names.nsf>
Lotus username==Im names.nsf im Feld/Spalte “FullName“
Configuration IBM Lotus Principal Resolution Cache
The IBM Lotus Principal Resolution Cache has the following specific settings:
- „IBM Lotus Domino Server Host“: IBM Lotus Domino FQDN of IP address
- „IBM Lotus Domino Server Port“: TCP Port with which one you can reach the DIIOP-file
- „IBM Lotus Domino Login Credential“: username/password credential with read access to the configurated domain catalog and directory databases.
- „Directory Database“: The Directory Database (typically names.nsf where users and groups are saved)
- „Domain Catalog Database“: The IBM Lotus Domain Catalog Datenbase (Default: catalog.nsf)
Includes the database, ACLs and roles for all available databases in the domain.
- „Database For Role Resolving“: A list of databases its locally defined roles are taken into account.
- „Additional User ID Properties“: A list of Documents Properties which should be used as User ID. For example, MailAddress or employeeNumber
The other parameters usually do not need to be changed. A more detailed description can be found here: Installation & Configuration - Caching Principal Resolution Service
Um den Caching Principal Resolution Service zu testen, können Sie die Principal Resolution Service REST API verwenden.
Troubleshooting and Recovery
If no data can be found, there are different possible reasons:
- The crawler cannot connect to the Lotus Domino Server or the authentication collapses.
- Log-File log-ibmlotuscrawler_*.txt gives information about possible problems. Typically the log file resides in this directory:
On Linux you can find the filein /var/opt/mindbreeze/log/log-ibmlotuscrawler_*.txt.
- Tracing can be activated in the Fabasoft Mindbreeze Enterprise Configuration. You can find more details regarding the configuration of the log level in the Whitepaper for Fabasoft Mindbreeze Enterprise.
- Problems during Filtering/Indexing of data.
- Warnings and errors can be found in the Applications event log (eventvwr.exe) on Windows systems or in the syslog on Linux systems.