Managing the All Domino® (Webmail 5.x/6.x/7.x and iNotes™) Interfaces application in IAG SP2

  • Article

Applies To: Intelligent Application Gateway (IAG)

The application-specific settings for Lotus® Domino Web Access applications include the following options:

  • Preventing users from sending email attachments unless their computer meets the defined security policy requirements, while blocking attachment sending at the client-side, as described in “Client-Side Attachment Blocking” This option is applicable for Lotus Domino Web Access version 6.5 and higher.

  • Preventing users from forwarding email attachments or replying with an attachment, as described in “Blocking Attachment Forwarding". This option is applicable for Lotus Domino Web Access version 6.5 and higher.

  • Enabling Domino Offline Services (DOLS) via the application, as described in “Enabling Domino Offline Services". This option is applicable for Lotus Domino Web Access version 7.0, accessed via a portal trunk.

  • Running Sametime® Instant Messaging from within the Lotus Domino Web Access Interface, as described in “Sametime Instant Messaging”. This option is applicable for Lotus Domino Web Access version 6.5.x, accessed via a portal trunk.

Client-Side Attachment Blocking

For Lotus Domino Web Access version 6.5 and higher, you can enhance the application’s Upload policy, so that when end-users cannot send email attachments because their computer does not meet the security policy requirements, attachment sending is blocked at the client-side. When this option is used, a notification is displayed in the “Attachments” area of the Lotus Domino Web Access interface, and users cannot add attachments. It is recommended to use this option in order to apply attachment blocking to the application. If you use the Default Web application Upload policy, attachment blocking at the server-side may cause problems on the endpoint computer. For example: the browser might stop functioning.

In order to enable this option, once you finish adding the application to the trunk, you need to assign a unique Upload policy to the application.

To block attachment sending at the client-side

  1. In the Configuration console, access the Application Properties dialog box.

  2. In the General tab, in the Endpoint Policies area, in the Upload drop-down list, select the Domino Web Access 6 5 and 7 Upload policy.

  3. By default, the value of the policy is as follows:

    • The value of the Windows platform-specific policy is True, and it does not prevent uploads from endpoint computers running Windows operating systems.

    • The value of the MAC OS, Linux, and Other platform-specific policies is False, and they prevent uploads from operating systems other than Windows or MAC OS.

    If you want to define the prerequisites that endpoint computers must meet in order to enable attachment sending at the client-side, remove the default values from the relevant platform-specific policies, and assign the appropriate values. For details, see Managing IAG client endpoint policies.

  4. On the toolbar of the Configuration console, click the Activate Configuration icon, and then on the Activate Configuration dialog box, click Activate.

    When the configuration is activated, the message "IAG configuration activated successfully" appears.

    Attachments cannot be sent from endpoint computers that do not comply with the prerequisites that you define here.

Blocking Attachment Forwarding

For Lotus Domino Web Access version 6.5 and higher, you can enhance the application’s Upload policy, so that end-users cannot forward email attachments or reply with an attachment. Blocking can be defined so that it is activated as follows:

  • If the endpoint computer does not comply with security policy requirements you define. For example if the required antivirus or anti-spyware software, or the Attachment Wiper, are not installed on the computer.

  • Alternatively it can be activated at all times.

To block attachment forwarding

  1. In the Configuration console, open the Application Properties dialog box, and then, in the General tab, click Manage Policies.

  2. In the Manage Policies and Expressions dialog box, click the + sign to expand the Expressions group, select the Enable Domino Web Access Forward and Reply with Attachments expression, and then click Edit Expression.

  3. By default, the value of the expression is as follows:

    • The value of the Windows platform-specific expression is "True", and attachment forwarding is not blocked from endpoint computers running Windows operating systems.

    • The value of the MAC OS, Linux, and Other platform-specific expressions is "Never", and attachment forwarding is blocked from operating systems other than Windows.

    If you want to define the prerequisites that endpoint computers must meet in order to enable attachment forwarding, remove the default values from the relevant platform-specific policies, and assign the appropriate values. For details, see Managing IAG client endpoint policies.

  4. On the toolbar of the Configuration console, click the Activate Configuration icon, and then on the Activate Configuration dialog box, click Activate.

    When the configuration is activated, the message "IAG configuration activated successfully" appears.

    When addressing incoming email messages, end-users whose computers do not meet the prerequisites that you define here cannot use the following functions: forward; reply to sender with history; reply to all with history. Users are notified accordingly.

Enabling Domino Offline Services

This section describes the steps you need to take at the IAG in order to enable users to run DOLS from within the Domino interface. This option is applicable for Lotus Domino Web Access version 7.0 accessed via a portal trunk.

To enable DOLS

  1. In the Configuration console, use the Add Application Wizard to add the Domino Offline Services 7.0 (Single/Multi Servers) application to the trunk (from the “Client/Server and Legacy Applications” group).

  2. Define the application you added in step 1 as a prerequisite application to the All Domino application.

  3. Access the Application Properties dialog box of the All Domino application.

  4. In the General tab, in the Prerequisite Applications list, select the box next to the Sametime Domino Offline Services application, and then click OK.

  5. On the toolbar of the Configuration console, click the Activate Configuration icon, and then on the Activate Configuration dialog box, click Activate.

    When the configuration is activated, the message "IAG configuration activated successfully" appears.

    Whenever users launch the All Domino application, the prerequisite Domino Offline Services application is launched, as well. Launching this application opens a relay from the endpoint computer to the DOLS server. Users can then run DOLS from within the Domino interface.

Sametime Instant Messaging

For Lotus Domino Web Access version 6.5.x, the IAG enables users to run Sametime Instant Messaging from within the Lotus Domino Web Access interface. This option is applicable if you are using Sametime Instant Messaging from within the Lotus Domino Web Access interface. Some of the Sametime Instant Messaging tools require that the IAG’s SSL Wrapper client component be installed on the endpoint computer, as follows:

  • The Sametime Instant Messaging “Chat” tool, which is HTTP-based, does not require the SSL Wrapper client component.

  • The Sametime Instant Messaging “Meeting Tools” require that the SSL Wrapper client component be installed.

In order to enable Sametime Instant Messaging to run from within the Lotus Domino Web Access interface, in the Configuration program, use the Add Application Wizard to add the Sametime Plugin application to the trunk (from the Browser-Embedded Applications group). Note that if you are enabling the Sametime Plugin application only from within the Lotus Domino Web Access application, you do not need to add a link on the portal homepage for the Sametime Plugin application. In this case, in the

Add Application Wizard, in the Portal Link step, uncheck the option “Add Link on Whale Portal and Toolbar”.

Cleaning Application-Specific Temporary Files

When the option “Attachment Wiper Cleans Application-Specific Temporary Files” is activated, the Attachment Wiper deletes attachments from certain locations on the endpoint computer. This option is activated in the Session tab of the Advanced Trunk Configuration window. The locations from which attachments are deleted, including all files and subfolders, are:

  • %temp%\iNotes Web Access

  • %temp%\Domino Web Access (Lotus Domino Web Access 6.5 and higher)

Where %temp% is the temp environment variable’s value, as defined on the endpoint computer.