Configuring Sametime Integration (Nomad for web browsers)

Modifying Content-Security-Policy header

The Content-Security-Policy header in Nomad server must be updated to include the fully qualified domain name (FQDN) of the Sametime server as part of the directives:

• img-src

• connect-src

• frame-src

httpHeaders:
  Content-Security-Policy: "default-src 'self'; script-src 'self' 'wasm-unsafe-eval'; style-src'self' 'unsafe-inline'; 
img-src 'self' blob: data: https://sametime.example.com; font-src 'self' data:; frame-src 'self' 
https://sametime.example.com; connect-src 'self' data: https://sametime.example.com"

For more information about modifying the Content-Security-Policy header, see the documentation page Configuration options for the Nomad server on Domino. If running on SafeLinx, see its documentation page: Hosting the Nomad for web browsers static web files.

Setting HCL Sametime server in Location document in names.nsf

Log in to Nomad and open up the local names.nsf. Go to Advanced > Locations, and edit the Online location document.

Under the Servers tab, modify the HCL Sametime server field and set it to the hostname of the Sametime server. For example, if the origin URL of Sametime is https://sametime.example.com, set the value to sametime.example.com.

Administrators of Domino can push the HCL Sametime server value to end-users via a desktop policy. See Domino documentation Specifying Basic settings for a desktop policy.

Including Nomad server in cross-origin whitelist in HCL Sametime server configuration

The Sametime server needs to allow cross-origin requests from Nomad. See Sametime documentation at Configuring CORS to configure Sametime server-side response headers.

Disabling the Sametime Integration feature

Sametime Integration is enabled by default in Nomad for web browsers 1.0.15. Users can disable the feature by clearing out the HCL Sametime server field in the Location document in names.nsf. Administrators can also clear the HCL Sametime server field via the desktop policy.