fighting for truth, justice, and a kick-butt lotus notes experience.


Detlev Poettgen


Traveler & iOS 8 - Why should you have to update your servers?

 15 September 2014 20:08:37
As I posted this morning (Details  here), IBM released a new Interims Fix for Traveler. This Interim Fix for 9.0.1 / / 8.53 UP2 will prepare Traveler for iOS8 and it is important that you update your servers as soon as possible. Apple will release iOS8 in two days and there are some issues that will be get fixed with this IF.

The reason is simple:

The iOS integrated native Apple Mail App, which is used via ActiveSync by Traveler, is submiting up to now a unique Device ID to the ActiveSync Server. Traveler is using this Device ID together with the User name to "define" and "find" the Device record in Traveler. The IBM Companion and IBM Todo App are using this Device ID for matching the Traveler Device with the App installed on these device.
This Device ID can be viewed by the User on the Device under Settings / General / Info / Device ID and it is the ID that is printed on the back of any iPhone or iPad.

A Device ID looks like this:
Submitted via ActiveSync it looks like this: ApplF4KJQ456F19J

The Device ID is device specific and can be used to track a Device. That's the reason why Apple decided last year with iOS7 to define a new so called EAS Identifier, which will be a random generated number, which should be used in a future release instead of the Device ID. This EAS Identifier will only be used for ActiveSync and cannot be viewed by the user.

Starting last week with the iOS8 Gold Master release the iOS ActiveSync client is sending the EAS Identifier and no longer the Device ID to the Traveler server.  

The EAS Identifier is looking like this: KUSTI1BCOD06VCNOF10EQGNV2G

IBM had to do some fixes on the server backend and the related Companion and ToDo App to handle this new EAS Identifier.

So what will happen when you update your already configured iOS device from 7 to 8?

What I could already test: Nothing - because Apple takes care, that when under iOS 7 there had been already a Traveler profile; the EAS Identifier was set equal to the Device ID. So all will be fine.

But when you setup a new iOS 8 device without restoring a backup, Apple will create a new EAS Identifier and will use it from then on. Without updating to the new Interims Fix Companion and the ToDo App will no longer work and you will find an additional Device document in your Traveler inventory, which you may be have to approve.

If you are using a MDM solution like our midpoints mobile.profiler, you will be able to query, collect and view the EAS Identifier together with other device information.  

To sum it: To prevent any trouble - update to the Interims Fix until iOS 8 will be in the wild in your environment.

IBM published so far this information:

With Apple changing the iOS8 DeviceId to no longer start with

"Appl", some Companion and To Do flows are not functioning

properly as the device is not longer recognized as an iOS8

device in the Companion and To Do flows with the new DeviceId.

This causes issues in handling prevent copy mails, attachments

being limited to the max admin setting when they should not be,

out of office not being recognized as supported, and possibly

other issues.  This change will fix the recognition of iOS8 with

the new DeviceId such that the existing functions work as they

did before.


IBM Notes Traveler 9.0.1 IF6 and IF7 available

 15 September 2014 10:18:03
Admins start your engines to be prepared for iOS8:

IBM shipped today a new Interim Fix for Traveler 9.0.1 IF6 and for older versions ( IF7 / 8.5.3 UP2 IF7) too.

If you are already on 9.0.1 feel free to update and as always keep your Traveler server up-to-date!

APAR List for 9.0.1 IF6:
APAR # Component Abstract
LO81050 Server Too many instances of a calendar event may prevent Notes Client from displaying the event.
LO81078 Server Reply to meeting notice may get delivery failure if lookup fails for canonical name.
LO81115 Android Rotating device during corporate lookup may result in two progress bars.
LO81121 Android Compose mail on Android may display as double spaced for the recipient.
LO81174 Android Corporate lookup from Contacts app not showing all fields available.
LO81208 Android Auto sync may be disabled after upgrade of Android client.
LO81358 Android Wipe command for Android shows as pending even though it was executed on device.
LO81446 Server Newly registered user may fail to sync all folders with Apple device.
LO81493 Server Very large plain text e-mail could impact server performance.
LO81514 Server Some attachments may not download to Mobile device.
LO81546 Server Approval pending devices may not show up in the device security view of web administrator.
LO81574 Server Drifting OS Clock could result in one or more Traveler HA servers being marked as offline.
LO81611 Server Device may resync data if sync requests received out of order.
LO81640 Android Sound notification on Android for new mail may play more then necessary.
LO81602 Android Device approval for Android device may not be sent in the device language.
LO81628 Server Defrag of derby database should rebuild constraint indexes.
LO81659 Server Attachment may not download when name includes iso-2002-jp encoded special characters.
LO81719 Server iOS8: Support Out of Office departure and returning dates for ActiveSync devices.
LO81732 Server Cleanup orphan user and device entries from web administration views.
LO81743 Server Attachment may not download when has Ampersand in the name.
LO81748 Server Apple device may get stuck in a Calendar sync loop.
LO81757 Server User listener registration may fail if Traveler database is not reachable.
LO81815 Server Send mail from older Windows Phone device may have corrupt UTF-8 characters.
LO81842 Server iOS8: Support registering new Traveler Companion and ToDo applications on Apple iOS 8.x devices.
LO81898 Server Update the Apple Push Network (APNs) certificates.
LO81908 Server Device may stop receiving updates if MIME parse error encountered.
LO81909 Server iOS8: Accepting an unprocessed reschedule on Apple device may result in two copies of event on the device.
LO81910 Server iOS8: Delete instance of a repeating event on Apple device may send recipients multiple update notices.
LO81913 Server iOS8: Traveler Companion and ToDo applications may not be able to utilize full capabilities on Apple iOS 8.x devices.
LO81914 Server Send mail cache could miss a duplicate mail send instance in an HA environment.
LO81916 Server Call to getLocalHost could impact sync performance.
LO81919 Server Send e-mail to self may not sync to Inbox on mobile device.

Goto to Fix Central to download the Fixes: Fix Central  

IBM Notes Traveler and Apple iOS8

 9 September 2014 10:59:57
Today IBM published a Technote regarding a statement, if IBM Notes Traveler will work and will be supported together with iOS8.

UPDATE 15.08.2014: You should update your Traveler Servers to 9.0.1 IF6 / IF7 / 8.5.3 UP IF7 details here

To sum it up, if you are running Traveler with the latest Traveler Interim Fix (9.0.1 IF5 or IF6 or 8.5.3 UP2 IF6 ) you are save. But it looks like, that there will be a new Interims Fix available in near future after the final release of iOS8.

The good use for customers still running 8.5.3 UP2, you will get iOS8 support, too.

There is one new iOS8 feature that you should be aware of and may be force IBM to provide a new Interims Fix for the Traveler Server.

iOS8 will support to enable and disable the Out of Office Service from within the Active Sync Account Settings. So far I tested it, it works together with Traveler 9.0.1 IF5 and iOS8 Beta. But Apple lets the User to enable Out of Office without a set End Date. So that OoO runs forever.
It works, but in that case the generated Out of Office notification send out to the sender will contain "I am out of office until NULL"

IBM should handle this Null value and will have to ship a new Interim Fix.

From the Technote:

Q1. Is support for Apple iOS 8.x devices planned for Notes Traveler?

Yes. Notes Traveler 8.5.3 Upgrade Pack 2 and later versions will support iOS 8.x devices when they become available.


Q3. Will Notes Traveler Companion & To Do applications support iOS 8.x?

Yes, we are expecting to very soon push to iTunes new versions of Notes Traveler Companion and To Do applications that will support iOS 8.x devices. This Technote will be updated with specific version information once the new versions are posted.

Q4. What Notes Traveler functionality will be supported on devices running iOS 8.x?
Functionality and features comparable with those in previously supported releases. New features added in iOS 8.x will not immediately be supported with Notes Traveler; however, support for new features may be introduced over time. This technote will be updated to reflect any new feature limitations or statements of support.

Q5. Should I upgrade my Notes Traveler server now in preparation for iOS 8.x devices?

Notes Traveler server versions 9.0.1 Interim Fix 5 and Interim Fix 6 include an update to correctly recognize and handle iOS 8.x devices (per APAR LO81825). Prior to this update, iOS 8.x devices may not have been able to connect to the Notes Traveler server if security settings prohibit unsecure devices or if restricting access by device type or user agent. For additional information on these releases, see the Index of Recommended Maintenance.

Q6. Will there be any Notes Traveler server updates for iOS 8x?

Yes, most likely. We are currently testing Notes Traveler with iOS 8 devices. And although most functions should work without issue from day one, closely after the release of iOS 8 it is very likely that we will release a Notes Traveler Interim Fix to address any issues that we find during testing. This technote will updated to indicate any recommended Interim Fixes should and when they become available.

Details can be found here: Q&A about IBM Notes Traveler support for Apple iOS 8.x

If you want SHA-2 Support for Domino HTTP add yourself to Enhancement Request ABAI7SASE6

 22 August 2014 20:41:23
"IBM Domino support has received several questions and PMRs recently regarding SHA-2 support within Domino. SHA-2 is currently supported with x.509 certificate for s/mime in the Domino environment.
At this time, the Domino kyr file does not provide native support for SHA-2 certificates for protocols such as LDAPS, HTTPS, DIIOPS, etc.

We are aware that Certificate Authorities are no longer offering SHA1 certs by default, and many browsers will soon depreciate their trust of SHA1.

For HTTP requests (on the Windows server platform), we currently recommend using the IHS proxy server, available starting with Domino 9.0:

*Link to presentation on Implementing TLS support with IBM Domino 9.x and IBM HTTP Server (IHS)
*Link to IHS reference:

At this time, the request to provide full native support for SHA-2 is currently under investigation by the Domino Development team:

Enhancement Request Number: ABAI7SASE6

Technote reference:  
APAR reference:  

If you also desire this functionality in your environment, we encourage you to open a PMR and add your company to the enhancement request . This alerts our development team to the continued interest for this feature, which is not a guarantee of a solution or fix, just an inclusion to this existing enhancement request for this feature to be considered for a future release."

Please add yourself to the Enhancement Request or participate in the discussion started by Amy Knox (IBM):

IBM Notes Domino 9.0.1 FP2 available

 19 August 2014 21:58:41
Admins prepare your engines: IBM released IBM Notes Domino 9.0.1 Fixpack 2 today.

The Fixlist can be found here

Go to Fix Central to download it here

IBM Notes Traveler 9.0.1 IF5 available

 29 Juli 2014 09:05:29
IBM shipped today a new Interim Fix for Traveler 9.0.1 and for older versions too.

If you are already on 9.0.1 feel free to update and as always keep your Traveler server up-to-date!

APAR List for 9.0.1 IF5:

APAR # Component Abstract
LO78514 Server Accepting meeting reschedule or update on iOS 7 device may not update the server copy.
LO79236 Server Exception thrown processing repeating event with empty date time stamp.
LO79453 Server Reschedule from BlackBerry device may not show correctly for attendees.
LO79507 Server Some calendar entries may be missing on device after issues Traveler reset.
LO79517 Server Extra reply notice may be generated for non-repeating event.
LO79965 Server Import of Notes Calendar may generate duplicate events.
LO79714 Android LED notification not working on some Android devices.
LO79747 Android Unable to reply to or forward e-mail to user name that contains an ampersand.
LO79754 Android Uncommon file extension may not launch when selected from Notes Traveler client on Android.
LO79796 Android Field used to edit Out of Office message doesn't scroll in Notes Traveler client for Android devices.
LO79811 Server ActiveSync provision loop may cause resync of all data.
LO79824 Server Traveler tracking field may grow to large in mail document.
LO79933 Server Device security view may not display all devices in Traveler HA Pool.
LO79952 Server BlackBerry device may send incorrect date for event instance.
LO79960 Server Third e-mail address for contact created on mobile device may get replaced by first e-mail address when edited by Notes Web.
LO79975 Server Plain test mail from Android should use UTF-8 encoding.
LO79999 Server Return receipt message not consistent with Notes Client.
LO80087 Server Create contact on Apple device and IM Address field may appear unexpectedly.
LO80092 Server Event summary data may be too large for document processing.
LO80163 Android German translation for ToDo not correct on Android client.
LO80183 Server Send mail from Apple device with no text and an image may loose the image.
LO80296 Android Tablet view instead of phone view displayed on Sony Xperia T2 Ultra Phone.
LO80340 Server Apple devices running iOS 7.1.x may periodically resync folders and other content.
LO80343 Server Out of Office formatting error being logged by Traveler Server.
LO80373 Server BB 10 device may get stuck in Calendar event sync loop.
LO80415 Server Double incompatible with String error message on Traveler server.
LO80422 Server Too many unsupported start date warning messages on Traveler server.
LO80423 Server Cleanup does not always cleanup all users.
LO80425 Server May see field too large to save document error due to presence of BlackBerry fields.
LO80522 Android Samsung Galaxy S5 fingerprint scanner is not recognized as valid option when password type is unrestricted.
LO80595 Server Deadlock on mail server table.
LO80777 Server Change read statice for Calendar notices when processing from mobile device.
LO80925 Server Support confirmation notice on Apple devices when changes are included.
LO81006 Android Calendar alarm may not dismiss on some Android devices.
LO81091 Server Improve event fixup Traveler command.
LO81158 Server Handle NTS_BODY_THRESHOLD like normal truncation scenario

Goto to Fix Central to download the Fixes: Fix Central  

Apple plus IBM

 16 Juli 2014 09:02:07
IBM is partnering with Apple! That is a great news. I can't remember that Apple did such an big announcement together with another big company in the last years.

This spot is showing, that Apple is not blind regarding the enterprise market and you should watch it.

I hope that the mentioned topics (read here), where and how they want to team up, are getting filled with details quickly. At the moment it is "only" marketing.

    to my swiss friends - Apple expands Volume Purchase Program to 16 additional countries including CH

     11 Juli 2014 12:34:10
    Apple to expand Volume Purchase Program to 16 new regions, pushes into Middle East

    Image:to my swiss friends - Apple expands Volume Purchase Program to 16 additional countries including CH
    Added to the Volume Purchase Program webpages for business and education, the announcement notes upcoming availability in Belgium, Denmark, Finland, Greece, Hong Kong, Ireland, Luxembourg, Mexico, Netherlands, Norway, Singapore, Sweden, Switzerland, Taiwan, Turkey, and the United Arab Emirates.

    New Version of Traveler Client for Android available - bringing big changes

     11 Juli 2014 11:20:21
    Yesterday IBM released a new version 9.01.1 of the IBM Notes Traveler app for Android. The app is already available in the Google Play Store.

    Keep in mind, that at the moment only the new Android client is released. Currently there is no new server release available. The client will work with server releases starting with Traveler

    Image:New Version of Traveler Client for Android available - bringing big changes

    This release is a  complete redesign of the UI and brings big new features:
    • New gesture driven interface, including: action bar, navigation drawer, persona pictures, revised multi-select, right to left swipe on individual e-mails in inbox, mail response indicator
    • New IBM Notes Traveler Contacts app, including: ability to export Traveler contacts (setting), show local device contacts (setting)
    • IBM Sametime presence and chat integration (dependent on the use of IBM Sametime mobile application)
    • Easy access to IBM Connections profile (dependent on use of IBM Connections mobile application)
    • View other calendars (color coded) within the Traveler calendar views (Show Local Calendar setting)
    • Create Calendar events from e-mail (auto populates subject, description, attendees)
    • Edit e-mail history when replying (Respond Inline)
    • Improved experience for phone users, with no hard menu button (action bar)
    • Improved Status screen with icons to launch Mail, Calendar, Contacts, and ToDo

    You can find a more detailed list here

    Kill your webadmin.NSF if you still have one

     30 Juni 2014 09:44:42
    If you have still webadmin.nsf databases and webadmin.ntf templates located on your IBM Domino servers, it is time to delete them.

    There is an serious issue out there since end of 2012:

    CVE-2013-0489: Cross-site request forgery (CSR>F) vulnerability in webadmin.nsf (aka the Web Administrator client) in IBM Domino 8.5.x allows remote authenticated users to hijack the authentication of administrators.

    IBM will not fix this one but had published in Nov. 2013 the following Technote:

    No fixes are planned. IBM Domino Web Administrator is deprecated. Customers are advised to move to the fully functional Domino Administrator client.

    Don't argue, but just do it:

    Delete the webadmin.nsf and the webadmin.ntf on all of your servers, if you still have them.

    (Don't forget to delete the NTF, too. If the HTTP-Task will finds a webadmin.ntf during start, it will recreate a webadmin.nsf.)