HCL Domino Ideas Portal

Welcome to the #dominoforever Product Ideas Forum! The place where you can submit product ideas and enhancement request. We encourage you to participate by voting on, commenting on, and creating new ideas. All new ideas will be evaluated by HCL Product Management & Engineering teams, and the next steps will be communicated. While not all submitted ideas will be executed upon, community feedback will play a key role in influencing which ideas are and when they will be implemented.

For more information and upcoming events around #dominoforever, please visit our Destination Domino Page

ADD A NEW IDEA

Security

Showing 318

Warning message and access restriction after cross certificate between Org is expired.

In the Notes/Domino would like to achieve below when this happens. 1. The end user/servers should be restricted to access cross domain servers and databases along with the message for the restriction to access. 2. When cross domain certificate is ...
over 2 years ago in Domino / Security 0 Assessment

Create authentication exclusion certains users / groups

Domino 11.0 introduced web authentication via IDVault (and / or Directory) Customers noticed large growing DDM databases and also flooding of console messages with error messages: [0594:0013-1CE8] 10.08.2022 07:00:01 Event: Error adding event docu...
over 2 years ago in Domino / Security 2 Needs Clarification

list of users registered in the Domino Directory cannot be referenced by end users

In recent years, privacy protection has become increasingly strict. In ACL of the Domino Directory, the "Author" privilege is granted for "-Defaut-", and a list of all users registered in the Domino Directory can be viewed by opening the Domino D...
over 2 years ago in Domino / Security 3 Needs Clarification

public key repository

Just had a thought. What if Domino has a feature where anyone (with registration) can deposit their public keys into a repository, that, if anyone wants to communicate securely, just do a quick look and grab the public key here, and bam, it's done...
over 2 years ago in Domino / Security 1 Under Consideration

Consider removing configure ID Vault for TOTP

It's domino 12 one new feature that support TOTP, and HCL Traveler server also support TOTP authentication, but it requires to configure ID Vault, we could not skip or ignore this step. https://help.hcltechsw.com/domino/12.0.0/admin/wn_security.ht...
almost 3 years ago in Domino / Security 2 No Plans to Implement

Cookie consent functionallity built in

It would be good to have a configurable cookie consent functionallity inside Domino built in from start. Like the one presented on https://help.hcltechsw.com And the configurable option could be accessable using @formula, Lotusscript and Java so y...
almost 3 years ago in Domino / Security 0 Under Consideration

SMTP Inbound Certificate validation

Today Domino accepts mail from hosts with any x.509 certificate. there is no verification. It's difficult to only allow mails from trusted certificates. But it would be important to have the information if the connection was coming from a connecti...
over 3 years ago in Domino / Security 0 Under Consideration

Ability to change MAIL FROM when using forwarding address of user document

We need the ability to change the MAIL FROM when forwarding in user documents. If the original user name is used, the SPF check will result in an error. You can find this feature in the server configuration document or in Notes.ini (RouterUserRu...
almost 4 years ago in Domino / Security 2 No Plans to Implement

Limit web users access with a rule

Create a rule for the Domino web server so that "If (IP address IS NOT 10.1.1.*) AND (User IS John Smith) THEN PROHIBIT ACCESS". Presently, it is only possible by restricting the IP address (by configuring a blacklist on the server) and user restr...
about 5 years ago in Domino / Security 1 No Plans to Implement

Provide an SDK cal to validate HTTP passwords against the new HTTP ID Vault implementation

Now that we can use Vault for HTTP authentication, the existing C-API calls don't work any more. It makes sense to have a central call to be leveraged in back-end applications.
about 5 years ago in Domino / Security 0 Under Consideration
                                    Copyright © 2025 HCLSoftware Limited