Home
IBM® Domino 10.0.1 Documentation
Welcome to the IBM® Domino 10.0.1 Administrator Help.
What's new in IBM® Domino® 10?
Learn about all of the new features for administrators in IBM® Domino® 10.
What's new in IBM Domino 10.0?
The following features are new in IBM Domino 10.0.
Security features
SAML federated identity provider configuration enhancements
Active Directory Federation Services (ADFS) 4.0 and the industry-standard SAML 2.0 AuthnRequest are now supported. In addition, the IdP Catalog (idpcat.nsf) design has been improved to simplify the steps to configure Domino® to use a SAML federated identity provider. To take advantage of these enhancements, replace the design of your IdP Catalog with the Domino 10 idpcat.ntf template.

IBM® Domino 10.0.1 Documentation
Welcome to the IBM® Domino 10.0.1 Administrator Help.
- What's new in IBM® Domino® 10?
  Learn about all of the new features for administrators in IBM® Domino® 10.
  - What's new in IBM Domino 10.0.1 Fix Pack 2?
    In Domino 10.0.1 Fix Pack 2, you can configure cross-origin resource sharing (CORS) to allow a web application from another origin to access resources on a Domino web server.
  - What's new in IBM® Domino® 10.0.1?
    The following features are new in IBM® Domino® 10.0.1.
  - What's new in IBM Domino 10.0?
    The following features are new in IBM Domino 10.0.
    - Publishing statistics to external services
      You can set up IBM® Domino® to publish Domino statistics to an external monitoring service. The service must be able to accept time series data via HTTP POST requests. A Domino server is preconfigured to publish Domino statistics to the New Relic service using the New Relic Plugin API; all you need to do in this case, is create a New Relic account and then add a setting to the server notes.ini file to enable the server to report its statistics. You can also configure Domino yourself to publish to Domino statistics to another service, for example, Hosted Graphite.
    - Features that save you time
      The following new Domino features are designed to save you time and make you more productive.
    - Security features
      - SAML federated identity provider configuration enhancements
        Active Directory Federation Services (ADFS) 4.0 and the industry-standard SAML 2.0 AuthnRequest are now supported. In addition, the IdP Catalog (idpcat.nsf) design has been improved to simplify the steps to configure Domino® to use a SAML federated identity provider. To take advantage of these enhancements, replace the design of your IdP Catalog with the Domino 10 idpcat.ntf template.
      - Maintaining ID file synchronization with the vault
        When passwords on Notes® client IDs become different from the passwords on the IDs in the ID vault, synchronization of ID information between clients and the ID vault stops. In this release, you can enable automatic restarting of synchronization when the passwords get out of sync. You can also use the Query Vault console command or the Domino Administrator to monitor and manage ID synchronization.
      - Whitelist Active Content Filter
        You can enable a whitelist filter as the Active Content Filter (ACF) in Domino®. The ACF is used to remove potentially harmful active content from HTML messages such as JavaScript™, Java™, and ActiveX. A whitelist filter removes all entities except those in the whitelist. A blacklist filter (used in previous releases and still the default in this release) retains all entities except those in the blacklist.
    - Apache Tika conversion filter used for attachment searches
      The Domino® server and Notes® standard client use Apache Tika 1.18 open source conversion filters to extract text for full-text searches of attachments. Tika replaces the KeyView conversion filter used in previous releases.
    - ODS 53 supports larger databases and folders
      The maximum size of databases allowed in IBM Domino 10 has increased to 256 GB; previously it was 64 GB. In addition, the maximum size of folders has increased significantly. Although the precise maximum size is difficult to quantify, users can expect at least a 10-fold increase in folder size capacity.
    - ODS 52 is the default ODS level
      The default On-Disk Structure (ODS) for databases is now ODS 52, the ODS for IBM Domino and Notes 9.0.1. Unless there is a Create_Rx_Databases=1 notes.ini setting on server or client that specifies another ODS (for example, Create_R10_Databases=1), ODS 52 is automatically used with new databases or databases that are compacted using copy-style compacting.
    - Improvements to Web Site rule documents for HTTP response headers
      When you create a Web Site rule document for HTTP response headers, you can now include up to 20 custom headers; previously you were restricted to three. In addition, you can designate each for HTTP, HTTPS, or both HTTP and HTTPS requests.
    - New features to push to Notes® clients
      The following new features can be pushed down to IBM® Notes® clients.
    - Component packages that are upgraded in Release 10
      The following component versions are upgraded in this release:
    - Components no longer included
      The following components are no long part of Notes® and Domino® 10.
- Overview
  Welcome to IBM® Domino® Administrator Help.
- Installing
  Use this documentation to install the IBM® Domino® server and subsequently deploy the IBM Notes® client.
- Planning
  Use this topic as an overview of planning task.
- Configuring
  Use this information to configure an IBM® Domino® network, users, servers (including Web servers), directory services, security, messaging, widgets and live text, and server clusters. Also use this information to set up IBM iNotes® on a server using Domino Off-Line Services (DOLS).
- Securing
  This section describes IBM® Domino® security features, including execution control lists, IDs, and SSL.
- Administering
  This documentation provides information about the administration tools for managing and monitoring IBM Domino® servers and databases.
- Tuning
  Use this information to improve IBM® Domino® server, Domino Web server, and messaging performance through the use of resource balancing and activity trends, Server.Load commands, advanced database properties, cluster statistics, and the Server Health Monitor.
- Troubleshooting
  This section describes how to find and solve problems with IBM® Domino® server and Administrator client.
- Glossary

SAML federated identity provider configuration enhancements

Active Directory Federation Services (ADFS) 4.0 and the industry-standard SAML 2.0 AuthnRequest are now supported. In addition, the IdP Catalog (idpcat.nsf) design has been improved to simplify the steps to configure Domino® to use a SAML federated identity provider. To take advantage of these enhancements, replace the design of your IdP Catalog with the Domino® 10 idpcat.ntf template.

The Import XML button in the IdP Catalog configuration document that you use to import your identity provider metadata file is more obvious. And data about your identify provider is taken from the imported file to populate the following fields automatically:

Protocol version
Federation product. If your identity provider is ADFS 4.0, this value is set to AuthnRequest SAML 2.0 compatible.

New Import XML file button

The Host names or addresses mapped to this site field is populated from the HTTP host names in the Domino® directory Server document or Web site document, when possible. A drop-down arrow is also available for you to open the Domino® directory.

The buttons that you use to create and export a Domino® certificate are better named and both are located on the Certificate Management tab of the configuration document. Initially only the Create SP Certificate button is shown. After you create the certificate, the Export SP XML option is shown to export the certificate and save it as the attachment ServiceProvider.xml in the Exported certificate field. Note that in this release this option also exports the encryption certificate. Details are available by clicking Examine SP Certificate but the information can't be edited. Examine SP Certificate and Export SP XML options

Examine SP Certificate and Export SP XML options

The identity provider uses the Domino® certificate for two purposes in this release: to encrypt SAML assertions that it sends to Domino® and to sign AuthnRequests that it receives from Domino® if it support AuthnRequests.

For more information, see Using Security Assertion Markup Language (SAML) to configure federated-identity authentication.