Din molntjänst kommer vara en hybrid.

Posted by:

Till att börja med några av argumenten för molnbaserade tjänster:

  • Säker mobil access (“Vi kunde omöjligt hänga med takten på nya mobila enheter och förändringar i webbläsare med vår egen IT-personal.”).
  • Enhetliga tjänster – funktionell symmetri.
  • Efterlevnad av lagar och regler samt säkerhet.
  • Servicegrad, högre SLA i molnet.
  • Ingen geografisk närvaro, tjänster som lämpar sig för moln, t.ex. filhantering över geografiskt spridda platser.
  • Kostnadsbesparingar såsom infrastruktur och underhåll.

Vad det gäller Notes Domino tjänster finns det saker att funderar på när du överväger fördelarna med molntjänster. Det som gör det annorlunda från organisationer som använder Exchange, Novell Groupwise eller Oracle är ett antal skäl:

Den mest betydelsefulla skillnaden är att Notes Domino handlar inte enbart om e-post och kalender, det har det aldrig gjort. Visst är de viktiga tjänster men dessa funktioner är underordnade Dominos egentliga värde och det är.

De flesta verksamheter som har investerat i Domino har åtminstone något beroende till Domino/Lotus Notes-applikationer (databaser). Även i organisationer som inte anser sig tunga Domino Apps konsumenter finns det nästan alltid ett par kritiska applikationer.

En annan viktig omständighet är att Domino tenderar att fungera som en länk mellan flera viktiga system i en organisation tack vare dess enkelhet att driftsätta och schemaläggning av kod.

Tyvärr för de flesta (läs: alla) som tänker sig övergången från Domino appar kommer de att upptäcka att de program som var lätta och billigt att bygga på Domino plattformen tenderar att vara dyra och svåra att återskapa på andra plattformar.

Allt detta innebär oavsett molnplattform som du väljer kommer Domino-servrar och eventuellt Notes-klienter förbli en del av din miljö för en lång tid framöver.

Den molnlösning du väljer kommer sannolikt att vara en hybrid av andra anledningar:
Antag att din organisation är mer än ett par hundra användare så kommer allt inte existerar helt och hållet i molnet – exempel:

  • Producenter av innehåll <-> Konsumenter.
  • Heltidsanställda <-> säsongs/timanställda, entreprenör, ombud, konsulter, agenter.
  • Mobil (+BYOD) <-> kontor.

Åtminstone kommer du att ha infrastruktur för användarkatalogen, provisionering, autentisering och SMTP (för t.ex. relay) på plats och förmodligen mycket mer.
Mer än troligt att du kommer fortfarande att ha applikationer, mottagande e-post och andra verktyg kvar hemma.

För att inte nämna ta vara på redan gjorda investeringar. För Notes Domino (8.5.1) kunder finns möjligheten att behålla delar av infrastrukturen intakt hemma och samtidigt blanda med IBMs molnbaserade tjänster – bland annat m.h.a. pass thru.

Tips: testa IBM SmartCloud Engage Advanced gratis i 60 dagar  (+ gratis externa konton).

Image

0

Moving to the cloud and migrating e-mail in general.

Posted by:

If you are in the progress of moving your IT services to the cloud – or just want know more about the activities involved in migration and getting co-existence to work with the focus on Notes e-mail, I want to share/recycle some information and experiences.

First – I can really recommend reading the articles by Marie L. Scott – they are very useful:

Chasing the Cloud, Part 1 – What Domino Administrators and Managers Need to Know

Chasing the Cloud, Part 2 — Plan and Prepare for Moving Your Domino Environment to the Cloud

Chasing the Cloud, Part 3 — Migrating Your Users and Data

As the articles above are really helpful, they give a comprehensive description of steps involved in moving to Cloud services, links to others sources of information and overall activities – my additions are a bit more detailed regarding activities and in the form of statements – can be used as a checklist in complement with “Chasing the Cloud”.

Co-existence

As migration will not move all Personal Information Manager tools overnight there is a period when users are using a mix of PIM services – maybe a very long time.

  • Plan for co-existence and for believable length of time.
    • Calendar, example
      • Free/Busy Time look-up.
    • Applications, example:
      • Determine how sending Notes links in e-mail should be handled/solved.

Network services and mail routing topology

  • Decide which mail system “owns” the Internet domain, i.e. how mail flow and e-mail addresses are affected.
  • Identify Firewall changes.
  • Identify DNS (MX) changes.
  • Identify AntiSPAM changes.
  • Identify AntiVirus changes.
  • Match current max mail size with changes.
  • Identify TLS and SSL certificates changes or supplementary.

Global Address lists in sync.

  • Identify existing directory integration – example LDAP look-up, directory Export/Import.
    • Match directory integration and risk of duplicate name entries.
      • Example a mobile condensed directory.
  • Decide how central distribution lists should be managed.

Need for migrating, synchronizing or integrate directories – there’s a really good Lotusphere presentation on Mary’s blog.

Workstation

Moving to a new mail solution requires some thought regarding the clients – example:

  • Study you default associations for different activities and how it will affect users, example:
    • Default action on Mailto:-links, calendar, contact/business cards activities etc.
    • Notes links (in mail).
  • Identify how authentication and authorization is affected. Example:
    • Passwords, policies
    • Single or Shared logon.
    • Changes in ID files.
    • Web authentication (used by Traveler – i.e. maybe need to update passwords on devices).

Mobile service

  • Identify how the existing mobile service will be affected, example:
    • BES
    • Traveler

Personal Address Book

  • Decide the overall plan, example
    • User initiated migration – example addresses not synced to iNotes.
    • If Notes client still be used, i.e. for Notes apps – what about the addresses after the migration, need to eliminate risk of confusion.
  • Is it good or not to migrate personal distribution lists.

Delegated rights

  • Is delegated rights on mailboxes/calendars really supported in the migration, most likely not – at least inform about this.

Personal e-mail

  • Size of mail boxes, matching new mail system – been too generous maybe.
    • Quotas/Warnings.
  • Encrypted mail (must be user-migrated).
  • Mail archives.
  • What is the plan with the migrated mail files.
    • OK to send mail from (is the sender/reply address OK)?
  • What happens to different forms, if they are used?
  • Identify if reply on old letters from the new mail system is a problem.
  • Is read/unread status migrated.
  • Status (icon) on “replayed” letters – probably not migrated.
  • Follow up flags.
  • And find out if there are issues with Rich Text/Plain text migration.

Team mail boxes

  • Identify the usage of Team mail boxes and what service the new mail system offers.
    • Functionality as the existing solution – example today you are using OpenNTF TeamBox.

Meeting invitations

Calendar services is most likely to give you the most headaches, especially regarding rooms and resources reservation, i.e. offer a complete service of reserving you physical conference rooms correctly across the different calendar systems. Other items to study:

  • Identify how participants in meetings are handled.
    • And events not yet responded to.
    • Updates
    • Repeated meetings.
    • Rooms and Resources.

Tasks/To-do

  • Delegation.

Personal Journal

OOO

  • What happens with users and Out of Office turned on?

Language

  • Are several languages supported – will they be in the new system.
    • Study how the migration/on-boarding tool(s) supports languages

Tools in personal e-mail

  • What happens to the rules in the mailbox?
  • Stationary.

Features/applications that send email

Overall Plan. Is the inventory of systems that has e-mail integrated known?

  • Sends email and text-only.
  • Sends e-mail with Lotus Notes links.
  • Sends forms.
  • Receives e-mail, example
    • Team boxes.

Focus above is e-mail, it’s still a work horse – due to the robust transport – and therefore critical for the business, still.

0

Moving Lotus Notes Traveler using new host name.

Posted by:

Scenario: you wanted to test Lotus Traveler so Traveler was set up to an existing Domino server at the time, or even the only server you had. Now you want to move it out to another server, as the Traveler workload is heavy, better performance is the goal and/or to eliminate the risk of Traveler issues* affecting your other service(s) on the machine, example it’s your iNotes server as well.

The need is to minimize user intervention on mobile devices moving to new dedicated Traveler server.

*) Heads up: Banned documents and Repeated Crash Protection for Lotus Notes Traveler: “By default the repeated crash protection is enabled and set to detect and ban a document after the second crash.

Ok – so if you can keep your host name and IP address for Traveler you are good to go ahead to do a machine swap, refer to “Moving Traveler to a new server” on the Notes/Domino wiki for more information.

But what if you can’t keep IP address/hostname – reason being host name that ended up in Traveler profile is the same name as your iNotes server, it is home server for Notes users and you did not use another virtual web server host name for Traveler. So basically you have a lot of dependencies to your host (might even have the same host name as Windows computer name) – some examples:

  • Thru iNotes redirect application and Mail server redirect setting web mail users need to end up on “server1.acme.com” (and that’s the same as in the Traveler profile) – evens if it’s thru “webmail.acme.com”.
  • You have other Notes applications and services on the server besides Notes/iNotes mail.
  • Integration to other systems.

Okay – so changing host name of Traveler server is it possible to do this without touching all existing devices – yes, if you have a reverse proxy it is. The proxy would use the existing host name and then pass (not redirect back to the device via 302) the request to the right server. This would avoid having to change the host name on the devices. It does add another component into the system for Traveler and iNotes so maybe this is not possible (due to the extra expense and administration etc.) – but it also is very useful, and a requirement if you want to have high availability for Traveler.

But is there another solution using redirects, modified IWAREDIR.NSF and/or “External URL” Traveler setting?

For the sake of argument, let’s say creating a redirection rule as if the resource requested by the URL had moved to another location (which it has – right). Even if it works – do you really want the dependency for Traveler users to the old server plus the extra load on HTTP crunching all the Traveler requests? I would not recommend it.

I checked with Traveler development team and they also responded:

The Apple iOS devices will not tolerate the HTTP 302 redirect that is proposed.  Most of the requests are POST, and the device will respond to a 302 redirect by repeating it as a GET which means the body of the POST is missing. This goes down error paths on the device and tends to cause odd device behavior noticed by the device user.” And “The devices will be making extra requests with all the redirections and that will affect battery life.

Alright – so these are some of the reasons you read in a lot of places that don’t change host name and IP address on Traveler installations.

Say you have a management solution for mobile devices so you could update profiles on devices centrally, how would that work. I have not tested this but if it’s even possible (note: I assume it is not recommended you should re-configure devices from scratch) – again for sake of discussion I suppose it’s like a server replacement from the device perspective – you should (must) stick to the same version so if upgrade was in the plan you have to do that later. Again from the Traveler wiki “There is no problem for the clients if the server must be replaced (e.g. double entries on the mobile device). The mobile device will not receive duplicate entries on the server or device. The one downside to this situation is that if a user had made changes on the device that were pending synchronization, then these changes will be lost when the server is restored. This is because when the server comes back up, the synchronization anchors are no longer accurate between the server and device, so the data must be refreshed on the device with the server version.”

And what about timing and testing this change – do all devices at one go – seems uncertain to me.

Convinced that changing host name on Traveler is too much hassle and still not want to have to touch the devices – maybe do the other way around, vice versa, change host name and IP address for the Domino mail server.

You could do that but that also requires careful planning. If you have Notes clients their location profile needs to be updated with the new home server – you could do a “Move to another Server”. But what about Notes applications shortcuts (i.e. Bookmark and/or workspace). You could set up a Domino cluster and Internet Cluster Manager as a work around/complement, maybe even letting ICM handle redirects (not my recommendation however). As mentioned earlier, you might have integrations points to this server with other services that could break.

If you choose to set up a parallel Traveler server and reconfigure devices you have the possibility to use the newest version and even to improve how the Domino topology is set up using a different Domino domain but keeping certificates so you have no need for cross certification. So when new devices and updates to Traveler arrives you can easier upgrade without impact on your other Domino domain (as long as you break replication of NTF:s – use “Surely Template” from OpenNTF  (love to see similar functionality in DomainPatrol PRO 😉 )

Summary: There is no simple way to change the Traveler host name. The only way for everything to work is for the devices to get reconfigured over time (pick your length of time or all at once) or use a reverse proxy solution.

0