HCL Factory Tour – Email roundtable

As part of the HCL Digital week, that starts today, on Nov 11-12-13 there will be the Factory Tour, and during that HCL will host four round tables for all participants to attend.
Topics are “Domino Security”, “Nomad Web”, “Domino Email”, “Open Source: Why bother?”. All the round tables are scheduled for Nov 12 at 12.00 ET (18.00 CET).

If you are interested in shaping the future of Domino email, join the Email round table, the topic is: “Mail serves as the backbone for enterprise communication but what’s next? Come join us and bring your questions. Let’s take a glimpse of it and define the future for Domino Mail together.
I will be a panelist in my role of HCL Ambassador in that round table, and I can’t wait to hear what HCL has in plan for the future.

Remember, despite the numerous announcements of its death, email is still thriving and is going the be there for a while more, just like mainframes 🙂 So join me there and talk about what you want from email in the future.


I will speak at CollabSphere 2020

CollabSphere 2020 is another community event that had to turn from in-person to online due to Covid-19. The bad side of this you already know, the good side is that being online now you can attend all these events without the need to travel, is always nice to save money, and also attendance is free.

I encourage you to register ( here ) and attend CollabSphere 2020, the agenda is very interesting as you can see here

I will have a session about the installation of Sametime Meeting 11.5, is Wednesday 28 October at 3 p.m. CET.
If you are interested and plan to attend my session, I strongly encourage you to attend Luis Guirigay session, DevOps for Sametime Administrators – A Sametime Meetings Deployment Overview, that is Tuesday Oct 27 at 9 p.m. CET. I know is a bit late for us in Europe, but Luis session will give you the background needed for the things I will speak about.


Do you know Collaboration Today ?

If you are reading my blog, it means you are probably an IT professional working with, or interested in, HCL products. So I have a question for you: to keep up to date with what is happening in this space, what do you do ? Where do you get your news from ( I hope not Fox News…..☺) ?

Maybe you have created a list of sites/blogs that you follow with a feed reader, or maybe you go to the rightly famous website PlanetLotus that does this kind of work for you.

But do you know the website Collaboration Today ? Is managed by OpenNTF and present you a list of articles that are hopefully interesting for you.

At this point you may ask: what is the difference between do-it-yourself, PlanetLotus and Collaboration Today ?

Well, lists of feeds are hard to maintain, some blogs you were reading may not exist anymore, or maybe the author has changed focus and now you find posts about Teams or Sharepoint, which may not be relevant for you. Also there is the problem of finding new sites that may have arrived since when you started collecting the feeds. In short, keeping this way of doing is time consuming.

Planet Lotus, which is a excellent website, and the community will never thank enough Yancy Lent for creating and managing it, suffer from the same kind of problems if you want. There are lots of blogs listed there that have nothing to do with HCL products anymore. This is the problem of automatic listing, if the list of blogs is not maintained up to date, it becomes less useful. But since Yancy is doing this on his spare time ( we all have a job to do ) no one can ask him to spend his time scanning the list of blogs and discard the not useful ones.

Collaboration Today is different. Is does not list automatically blog posts, but it is curated. There is a group of people who voluntarily spend some of their time looking for interesting articles and publish them on the website. In this way you can be sure that the content is always relevant for you. You can see who they are here

If you do not already know Collaboration Today, I encourage you to have a look at it and let me know your thoughts.
I am both a curator for Collaboration Today and a member of the OpenNTF Board of Directors, so I am in the right position to do something to improve the website if you think there is something you want us to do. I can collect your thoughts and ideas, then present it at the Board.

My email is r (at) robertoboccadoro.com or roberto.boccadoro (at) eldeng.it


I have been elected in the OpenNTF Board of Directors

OpenNTF has elected the new boards of Directors, you can see the details here.

Why have I decided to put forward my candidature, which has been accepted somewhat to my surprise ?
OpenNTF has a strong focus, obviously, on the Development side of Domino and I thought that having a person who has always worked on the Admin side could give a different perspective. I believe that there are resources for Admins out there in the world and OpenNTF could collect them and make it easily available. A first step in this direction are the OpenNTF Guides but I believe that more can be done.

I need your help: if you have any ideas about how can OpenNTF help you Admins, get in touch with me and I will do my best to work with the Board to make things happen. My email is r (at) robertoboccadoro.com or roberto.boccadoro (at) eldeng.it

I am honored to be in the Board of Directors, is a privilege to be esteemed to be worth of this position and I will do my best to try to give a useful contribution.


Sametime Meeting 11.5 installation on Docker

My good friend and HCL Lifetime Ambassador Daniel Nashed already wrote a post about this topic, here.

Since in my test environment I do not have a proper domain name I had to tweak a bit some configuration settings in order to make the installation work; this can be useful if you want to setup a Meeting server inside your network using a domain like .local instead of your company real domain and hosts file instead of DNS.

The instructions in Daniel’s post are very clear, if you follow them the installation will go fine. The next step is to enable Sametime Community for Meetings
One critical thing to be aware of is this part:

Enable Windows Sametime Community server to support Meetings
Contact HCL Support for instructions to receive a required patch to allow JWT Configuration. Do not continue on Windows until this patch is in place.


Obviously I tried to configure ST Meetings without the patch, (what is a geek doing test installations expected to do ?) and it did not work. So open a case with Support and obtain that patch before setting up the Meeting server integration with Community server.

UPDATE: As per the comment from Tony Payne, the needed patch is now available on Flexnet when you download the product

What you need to do to make it work with hosts file instead of DNS is this:
Edit the file docker-compose.yml and in the sections ‘auth’ and ‘nginx’ add an “extra hosts” entry and put there the name of your community and meeting servers, like this

This is a yaml file, so be careful to use spaces and not tabs and align text correctly as in the images.
Then run the commands
docker-compose down
docker-compose up -d

to restart the server

Many thanks to the Sametime Wizard, Tony Payne from HCL ,for helping me with this.


Andrea Fontana 1964 – 2020

This is a post I would have never wanted to write.

As many of you know by now, our friend Andrea Fontana tragically passed away in an accident with his motorcycle last saturday, Aug 15.

I have been knowing him since the mid 90’s, when I was working in Lotus and he was working for a Business Partner. What started as a professional relationship soon turned out in a friendship and later in the 10’s when I left IBM we worked together quite a lot. He moved near Milano and we met often with the families.

In 25 years we made a lot of things together, so I could tell you lots of stories about him, but I simply can’t right now; I am still devastated by the loss of Andrea and can’t put my thoughts together. In any case I don’t think is necessary, anyone in our community that got to know him knows well the kind of person he was. He was appreciated and loved by anyone that had the opportunity of knowing him, not for his technical skills, which were excellent, but for his humanity.

This picture was taken at the Ice Bar in Stockholm, when we went to Social Connections 7; it was the first community event he spoke at and the beginning of his friendship with many members of our community.


I will be speaking at DNUG47ONLINE

My session is “Setting up Jitsi authentication and customization”. July 2 at 16.30.
You can find the agenda of all the sessions here


Use a SSL certificate for the Sametime Proxy – a very easy way

By default when you install Sametime Proxy 11 it will use self signed certificates. My peer HCL Ambassador Ales Lichtenberg has written a blog post, here, about how to use a CA issued certificate. In his article he uses the .pem format for the certificates; I found there is another way to do this using the pfx format for certificates.

Once you have the pfx file, and the relative password, is very easy to configure Tomcat to use it. Open the server.xml file in the sametimeproxy\conf directory, edit it and change the connector stanza from this:

<Connector
protocol=”org.apache.coyote.http11.Http11NioProtocol”
port=”8443″ maxThreads=”200″
scheme=”https” secure=”true” SSLEnabled=”true”
keystoreFile=”conf/stproxy.keystore” keystorePass=”samet1me”
clientAuth=”false” sslProtocol=”TLS”/>

to this

<Connector
protocol=”org.apache.coyote.http11.Http11NioProtocol”
port=”8443″ maxThreads=”200″
scheme=”https” secure=”true” SSLEnabled=”true”
keystoreFile=”YOURCERT.pfx” keystorePass=”YOURPASS” keystoretype=”PKCS12/”
clientAuth=”false” sslProtocol=”TLS”/>

Using certificate in pfx format makes the configuration much easier, as you see; there is no need to import anything, just modify the server.xml



Sametime 11 commonly faced issues

HCL had a webinar on Sametime 11 and they talked about some of the most commonly faced issues. If you have not attended the webinar, here is the presentation, the last slides are referring to the issues.


Sametime 11 integration with Jitsi – allow guest access

In my previous post here I described how to set up a Jitsi server using the Domino directory as LDAP. That setup required all the users to authenticate before joining a room.

A customer of mine wanted a different thing, he wants to do video meetings with people external to his organization, that obviously are not listed in the Domino directory. I did some research and in the Jitsi forums I saw some other people have done something on that topic, so in the end I came up with a solution.

The idea is this, an user need to log in to create a new room while a guest has only to click on the room link to access it without any authentication.

NOTE: to make this work you should do a apt update and apt upgrade to receive the latest version of the packages used. At first for me this was not working but after the upgrade it did.

1) Go in /etc/prosody/conf.avail, you will see a file with your hostname and the extension.lua. In my case the server is named meeting.eld.it
Edit it and at the end of the file add this

VirtualHost "guest.meeting.eld.it"
        authentication = "anonymous"
        allow_empty_token = true
        c2s_require_encryption = false

2) Then edit the file /etc/jitsi/meet/meeting.eld.it-config.js and add a domin for anonymous.

hosts: {
        // XMPP domain.
        domain: 'meeting.eld.it',
        anonymousdomain: 'guest.meeting.eld.it',

3) Add this line in the /etc/jitsi/jicofo/sip-communicator.properties file

org.jitsi.jicofo.auth.URL=XMPP:meeting.eld.it

Now when a user access the server and create a room he is asked for credentials


All the other users can then join without being asked for credentials once the room is created.

If you set up two Jitsi servers, you can easily use both the solutions I described if you want to have internal users to authenticate and at the same time allow guest access. Use a server for internal meetings and the other for external ones. The Sametime web client can be configured with more than one external service provider. Unfortunately the Sametime connect client can not, you can define only one provider.