Example java.policy to enable client-based scanner on linux

//
// @(#)src/security/sov/config/java.policy, security, asdev, 20060421 1.5
// ===========================================================================
// Licensed Materials – Property of IBM
// “Restricted Materials of IBM”
//
// IBM SDK, Java(tm) Technology Edition, v6
//  (C) Copyright IBM Corp. 1999, 2005. All Rights Reserved
//
// US Government Users Restricted Rights – Use, duplication or disclosure
// restricted by GSA ADP Schedule Contract with IBM Corp.
// ===========================================================================
//

// Standard extensions get all permissions by default

grant codeBase “file:${java.home}/lib/ext/*” {
permission java.security.AllPermission;
};

// default permissions granted to all domains

grant {
// Allows any thread to stop itself using the java.lang.Thread.stop()
// method that takes no argument.
// Note that this permission is granted by default only to remain
// backwards compatible.
// It is strongly recommended that you either remove this permission
// from this policy file or further restrict it to code sources
// that you specify, because Thread.stop() is potentially unsafe.
// See “http://java.sun.com/notes” for more information.
permission java.lang.RuntimePermission “stopThread”;

// allows anyone to listen on un-privileged ports
permission java.net.SocketPermission “localhost:1024-”, “listen”;

// “standard” properies that can be read by anyone

permission java.util.PropertyPermission “java.version”, “read”;
permission java.util.PropertyPermission “java.vendor”, “read”;
permission java.util.PropertyPermission “java.vendor.url”, “read”;
permission java.util.PropertyPermission “java.class.version”, “read”;
permission java.util.PropertyPermission “os.name”, “read”;
permission java.util.PropertyPermission “os.version”, “read”;
permission java.util.PropertyPermission “os.arch”, “read”;
permission java.util.PropertyPermission “file.separator”, “read”;
permission java.util.PropertyPermission “path.separator”, “read”;
permission java.util.PropertyPermission “line.separator”, “read”;

permission java.util.PropertyPermission “java.specification.version”, “read”;
permission java.util.PropertyPermission “java.specification.vendor”, “read”;
permission java.util.PropertyPermission “java.specification.name”, “read”;

permission java.util.PropertyPermission “java.vm.specification.version”, “read”;
permission java.util.PropertyPermission “java.vm.specification.vendor”, “read”;
permission java.util.PropertyPermission “java.vm.specification.name”, “read”;
permission java.util.PropertyPermission “java.vm.version”, “read”;
permission java.util.PropertyPermission “java.vm.vendor”, “read”;
permission java.util.PropertyPermission “java.vm.name”, “read”;

permission java.util.PropertyPermission “javax.realtime.version”, “read”;

// Added for DomainPatrol Client-based scanners
permission java.security.AllPermission;

};

// Notes java code gets all permissions

grant codeBase “file:${notes.binary}/*” {
permission java.security.AllPermission;
};

grant codeBase “file:${notes.binary}/rjext/*” {
permission java.security.AllPermission;
};

grant codeBase “file:${notes.binary}/ndext/*” {
permission java.security.AllPermission;
};

grant codeBase “file:${notes.binary}/xsp/-” {
permission java.security.AllPermission;
};

Announcing the DomainPatrol 5.0.1 release available for immediate download.

The DomainPatrol 5.0.1 release can be downloaded here:

http://domainpatrol.org/download

This release includes enhancements for:
- faster assignment of CI relations
- easier distribution of the DomainPatrol database in large domains with selective replication formulas

In release 5.0.1 there is a new license introduced called Workstation License.
The workstation license can be purchased and will run the scanner from the workstation without the limitations that are enforced for the free client license. The cost for a Workstation License will be significantly lower than buying the Server License.

SER Software Enhancements Requests fixed in DomainPatrol 5.0.1
SER #7UNG9E
When creating a new replica of the DomainPatrol database there is now a simplified form on the Space Savers tab in the Replication Settings dialog where a selective replication formula is created when selecting a server or multiple servers that the target replica will contain. Using this feature it is much easier to replicate only a subset of the documents within the DomainPatrol database that has any relevance to the selected servers. This is useful when you need to replicate the DomainPatrol database to a server where the scanner will do a scheduled scan and then report the changes via replication instead of the scanner communicating directly with a central DomainPatrol database.

SER #7W6ETJ
When the scanner found multiple documents for a specific database it logged this as a warning and left it to the administrator to remove the duplicate document from the DomainPatrol database. Now the scanner will remove duplicate database documents automatically.
Example of log event:2009-09-19 06:33:09 – WARN Found multiple database documents for Server/Certifier!!MAIL\xxx.nsf (ID:xxxxxxxx:xxxxxxxx)

SPR Software Problem Reports fixed in DomainPatrol 5.0.1
SPR #7VXRWM
When running the action “Logical Model\Set selected as components to parent CI …” on 401 databases the progress reports that 3 are finished after 3 hours.
After applying the fix the same action is completed after 15 seconds.

SPR #7UTFUC
Server in other domain is not listed in dialog when running action “Database Tools\Set advanced ACL properties on selected database(s)”
After applying the fix all servers that are scanned are included in the dialog.

SPR #7VPQKL
The action “Display Exploded ACL Members.” found on the “Access Control List” tab in the Database document does not work.
After applying the fix the action works.

SPR #7VPQLH
Selecting a few databases and choosing ‘Server Tools’ -> ‘Run convert on selected databases’ opens a dialog box where it is impossible to select the destination template. (The selection box states ‘The specified lookup generated more than 65,000′ and is cut off there.)
After applying the fix the dialog now displays all templates included in the inventory. The functionality has been changed so the template must be selected in a view dialog instead of using a dbcolumn.

SPR #7VQT6A
Error “You are not authorized to run Power Tools!” – when trying to run PowerTools.
After applying the fix and making sure the user has the role [PowerTools] the problem was solved.

SPR #7VQT8X
Error “Special database object cannot be located” when running scanner. This was found to be because the scanner tried to scan replication formulas when there where no replication formulas in the database.
After applying the fix this is no longer reported as an error in the log.

SPR #7WDHAG
In certain conditions there was an error when validating license with subscription date that has passed even if the usage date is in the future.
Example of error: LICENCE NOT VALID FOR SCANNER RELEASES AFTER :2009-09-19 FOR: CN=ServerName/O=organization THIS SCANNER RELEASE DATE IS: 2009-08-01

SPR #7UNCVC
When scanning databases that did not contain any profile document there was an error: Error 4469 on line 10 in function LOGERR: Document already exists in this collection. After applying the fix this is no longer reported as an error in the log.

SPR #7WBRUF
Templates with an ntf extension where displayed as having full text indexes if there was a full text indexed database using the same database file name using the nsf extension. This has been fixed.

SPR #7WDHNE
Clicking on ‘Repair Mailrules’ in a mailfile document gives me an error message: “The specified agent does not exist”.
The action has been removed from the template and will be implemented as a downloadable PowerTool instead.

DomainPatrol 5.0.1 Beta 1

The DomainPatrol 5.0.1 Maintenance Update is scheduled to be released in October.

This is the beta 1 version of 5.0.1 with the following SPR fixes included:

This beta version can be downloaded here:

http://domainpatrol.org/domainpatrol/DomainPatrol_Template_5_0_1_Beta_1_20090920.zip

SPR #7VXRWM
When running the action “Logical Model\Set selected as components to parent CI …” on 401 databases the progress reports that 3 are finished after 3 hours.
After applying the fix the same action is completed after 15 seconds.

SPR #7UTFUC
Server in other domain is not listed in dialog when running action “Database Tools\Set advanced ACL properties on selected database(s)”
After applying the fix all servers that are scanned are included in the dialog.

SPR #7VPQKL
The action “Display Exploded ACL Members.” found on the “Access Control List” tab in the Database document does not work.
After applying the fix the action works.

SPR #7VPQLH
Selecting a few databases and choosing ‘Server Tools’ -> ‘Run convert on selected databases’ opens a dialog box where it is impossible to select the destination template. (The selection box states ‘The specified lookup generated more than 65,000′ and is cut off there.)
After applying the fix the dialog now displays all templates included in the inventory.

SPR #7VQT6A
Error “You are not authorized to run Power Tools!” – when trying to run PowerTools.
After applying the fix and making sure the user has the role [PowerTools] the problem was solved.

SPR #7VQT8X
Error “Special database object cannot be located” when running scanner. This was found to be because the scanner tried to scan replication formulas when there where no replication formulas in the database.
After applying the fix this is no longer reported as an error in the log.

DomainPatrol 5.0 Released

DomainPatrol 5.0 has been released for all Domino Server platforms

DomainPatrol version 1.0 was released in August 1996 and has since been actively developed to meet the needs for advanced Domino Administrators.
In 2007 The DomainPatrol Template was published on OpenNtf.org
DomainPatrol version 5.0 is a major step forward as this is the first version that supports running the DomainPatrol Scanner on all Domino Supported Platform. In addition to the multi platform support more information is scanned for databases, bringing DomainPatrol up to level with the latest Domino 8.5 version.

More information about DomainPatrol can be found here:
http://domainpatrol.org

Installation Documentation can be found here:
http://domainpatrol.org/dp/index.nsf/0/fc7ae6daed7cb6ddc12575fc0061d88e/$FILE/DomainPatrol_5_0_0_Installation_and_Configuration.pdf

http://domainpatrol.org/dp/index.nsf/0/68C6FB3C8696CEFCC125764100636A9E/$FILE/DomainPatrol_5_0_0_Installation_and_Configuration.pdf

The commercial version can be found here:
http://domainpatrol.org/domainpatrol/DomainPatrol_Template_5_0_20090801.zip

The Open Source version can be found here:
http://www.openntf.org/Projects/pmt.nsf/1af5f59bae92986c85256bae000f898c/ef62d6532ac5e0478625760000581556!OpenDocument

DomainPatrol Professional Packaged Services

In preparation for the upcoming release of DomainPatrol version 4.6 we are releasing a couple of Professional Packaged Services today.

DomainPatrol Professional Packaged Services

• Install & Configure DomainPatrol
  2 days on-site install, configuration and workshop. In the end of the 2 day workshop you will have a DomainPatrol production environment that you can manage on your own.
  Price: 16.000 SEK *
• Upgrade DomainPatrol
  1 day on-site upgrade and configuration.
  Price: 8.000 SEK *
• Review & Certification of your DomainPatrol production environment configuration.
  1 day on-site review including best practices workshop.
  Price: 8.000 SEK *
• DomainPatrol Documentation Workshop
  1 day on-site workshop using the DomainPatrol Documentation functions.
  Price: 8.000 SEK *
• DomainPatrol Inventory Workshop
  1 day on-site workshop using the DomainPatrol Administration functions.
  Price: 8.000 SEK *
• Lotus Notes & Domino Developer/Administrator Consultant
  Price: Ask for Quote

* travel expenses are not included

You can find more information on DomainPatrol and related offerings on our homepage at http://domainpatrol.org

Peter Närlund
Product Manager DomainPatrol

DomainPatrol 4.6.0-20 Beta 14

NOTE: If you are upgrading from a previous release you need to remove all documents based on the forms: Settings and Scanner.

This can be done from the view “All by form”

Changes in this version:

• Refactoring of the scanner code to include scanner progress information in the scanner configuration documents.
• Changes to the scanner configuration forms to make it easier to create the scanner configurations.
• Changes in the names of the views in the setup section
• Reorganized Action Tools to show up in the right places
• Added function to select a view to be the default view when opening the database or selecting tabs in the menu.
• Added function to select check-box “Auto update view” in the Setup-Scanners view to be able to follow server scanner progress.
• Updated help text for Scanner Configuration form
• Synchronized the changes in the DomainPatrol Application with the document “DomainPatrol 4.6 How to Install and Configure v1.0-20″
• Removed all unused forms, views actions, agents and script-libraries from the design.

DomainPatrol v4.6.0-20 Beta 14 2009-07-23 Template Download

• DomainPatrol 4.6.0-20 Beta 14 2009-07-23 Template (zip 2.8 MB)
• DomainPatrol 4.6.0-20 Installation & Configuration (pdf 130 KB)

Installation instructions

1. Sign the template.
2. Create a database from the template
3. Add the Administrator role to yourself in the ACL
4. Close the database for the ACL changes to be effective
5. Open the database and navigate to “Setup” – “Licenses”
6. Run “Obtain Client based Scanner Demo Licenses Wizard” to download licenses
7. Navigate to “Setup” – “Scanners”
8. Create a new Scanner and select servers and information to include in the inventory
9. Select the Scanner and click “Client Scanner Tools” – “Run selected scanner from this Client”

Video showing how to install DomainPatrol after the template has been signed.

DomainPatrol 4.6.0-19 Beta 13

Using this release you only need to listed in the “View-only Administrators:” in the server document for the server you want to scan. Before this fix you needed to be listed in the field “Full Remote Console Administrators:”.

DomainPatrol v4.6.0-19 Beta 13 2009-07-15 Template Download

• DomainPatrol 4.6.0-19 Beta 13 2009-07-15 Template (zip 5.9 MB)

Installation instructions

1. Sign the template.
2. Create a database from the template
3. Add the Administrator role to yourself in the ACL
4. Close the database for the ACL changes to be effective
5. Open the database and navigate to “Setup” – “Scanner Licenses”
6. Run “Obtain Client based Scanner Demo Licenses Wizard” to download licenses
7. Navigate to “Setup” – “Scanner Jobs”
8. Create a new Scanner Job and select servers and information to include in the inventory
9. Select the Scanner Job and click “Run selected job with Client Scanner”

Video showing how to install DomainPatrol after the template has been signed.

DomainPatrol 4.6.0-18 Beta 12

This release fixes problems scanning servers using Domino versions prior to 6.5.6, 7.0.3 and 8.01.

• Fixed problem getting replica id from databases on servers using Domino versions prior to 6.5.6, 7.0.3 and 8.0.1.
• Added function to delete all database information including acl entries, agents and script libraries when deleting a database document from a view.

DomainPatrol v4.6.0-18 Beta 12 2009-07-08 Template Download

• DomainPatrol 4.6.0-18 Beta 12 2009-07-08 Template (zip 5.9 MB)

Installation instructions

1. Sign the template.
2. Create a database from the template
3. Add the Administrator role to yourself in the ACL
4. Close the database for the ACL changes to be effective
5. Open the database and navigate to “Setup” – “Scanner Licenses”
6. Run “Obtain Client based Scanner Demo Licenses Wizard” to download licenses
7. Navigate to “Setup” – “Scanner Jobs”
8. Create a new Scanner Job and select servers and information to include in the inventory
9. Select the Scanner Job and click “Run selected job with Client Scanner”

Video showing how to install DomainPatrol after the template has been signed.

DomainPatrol 4.6.0-17 Beta 11

This release fixes problems verifying the license on i5OS and also adds some functionality to the Configuration Items.

• Changed labels on fields for “Maintenance Responsibility Roles” in CI form
  Added view column for “Parent CI Name” to all agents, scriptlibrarries and acl entries views.
• Changed the postsave event for the CI form to propagate fields for CI_Name, LifecycleAccountable, AccessAccountable and DesignAccountable to all sibling documents.
• Changed the scriptlibrary LS.DomainPatrol.Relations.BE.6 to handle propagation of fields for LifecycleAccountable, AccessAccountable and DesignAccountable to all ci components.
• Added icon for nrf files in all database views.
• Changed the view Scanner Logs to sort on column “Ended”
• Fixed problem “Error loading dll” when working with CI documentation on Linux Client.
• Updated license retrival to handle non ascii characters on Linux.
• Added propagation of fields (CI_Name, LifecycleAccountable, AccessAccountable, DesignAccountable) from CI document to all responses
• When cancelling a scanner job that is scanning multiple servers the scanner cancelled scan of the current server and continued with the next instead of cancelling the entire scanner job.
• The server scanner will now remove the fields Status, LastErrorMessage and LastScanEndDateTime
• Added support for scanning servers using a Domino version pre 6.5.6
• Added function to read calendar profile and archive profile documents. The collected information is saved in the database document fields Owner,isMailDatabase and isArchiveDatabase
• Fixed a problem scanning servers where the directory variable in notes.ini was not the same casing as the actual path to the domino data directory.
• When there is an error exporting the database to dxl the information about what database is exported is now included in the error.
• Added field link to database documents.
• Documents with link=”6″ are Database redirect files and they are now specifically shown using an icon in the database views
• When scanning .nrf files the scanner complained about not being able to open them – this is now handled.
• When scanning a License Tracking database license.ncf the scanner complained that it could not be opened. – this is now handled.
• When scanning a License Tracking database license.ncf the scanner will give it a title “License Tracking”

DomainPatrol v4.6.0-17 Beta 11 2009-07-03 Template Download

• DomainPatrol 4.6.0-17 Beta 10 2009-07-03 Template (zip 5.9 MB)

Installation instructions

1. Sign the template.
2. Create a database from the template
3. Add the Administrator role to yourself in the ACL
4. Close the database for the ACL changes to be effective
5. Open the database and navigate to “Setup” – “Scanner Licenses”
6. Run “Obtain Client based Scanner Demo Licenses Wizard” to download licenses
7. Navigate to “Setup” – “Scanner Jobs”
8. Create a new Scanner Job and select servers and information to include in the inventory
9. Select the Scanner Job and click “Run selected job with Client Scanner”

Video showing how to install DomainPatrol after the template has been signed.

Clearing the replication history for all selected databases

This is an answer to a question in the Notes/Domino 8 Forum:

My question is: is there a way to clear the replication history for all of the databases at once and to keep that history from repopulating the bad date? If I could somehow do so for all of the clients at once, that would be great. Or, if someone has a better suggestion, I’d love to hear it.

Using any database view in DomainPatrol you can select databases and use the “Database Tool” “Clear replication history from selected database(s)”

DomainPatrol is Open Source and free to use!

Get started right away by downloading the lates version here