Skip to Main Content
HCL Domino Ideas Portal

Welcome to the #dominoforever Product Ideas Forum! The place where you can submit product ideas and enhancement request. We encourage you to participate by voting on, commenting on, and creating new ideas. All new ideas will be evaluated by HCL Product Management & Engineering teams, and the next steps will be communicated. While not all submitted ideas will be executed upon, community feedback will play a key role in influencing which ideas are and when they will be implemented.

For more information and upcoming events around #dominoforever, please visit our Destination Domino Page

ADD A NEW IDEA

Security

Showing 36

Create authentication exclusion certains users / groups

Domino 11.0 introduced web authentication via IDVault (and / or Directory) Customers noticed large growing DDM databases and also flooding of console messages with error messages: [0594:0013-1CE8] 10.08.2022 07:00:01 Event: Error adding event docu...
almost 2 years ago in Domino / Security 2 Needs Clarification

Option to relocate ../data/cacert.pem outside Domino data

We added several certificates into cacert.pem when using NotesHTTPrequest call in LotusScript. After a update or upgrade, this file is renewed. Please introduce a notes.ini parameter to relocate this file to ( example ) /local/cacerts/cacert.pem
6 months ago in Domino / Security 3 Needs Clarification

list of users registered in the Domino Directory cannot be referenced by end users

In recent years, privacy protection has become increasingly strict. In ACL of the Domino Directory, the "Author" privilege is granted for "-Defaut-", and a list of all users registered in the Domino Directory can be viewed by opening the Domino D...
almost 2 years ago in Domino / Security 3 Needs Clarification

Prevent Off-Site Redirects

To have a configuration option that prevents off-site redirects, enhancing security against potential threats. This option could be implemented as an .ini setting or a field in the server document or Internet site document for "Do not allow off-si...
7 months ago in Domino / Security 1 Needs Clarification

Disable core REST API

If Rest API are disabled on the server, this Core API - hostname/api/core/nonce should not be accessible or not available when a user generated the request from browser.
over 4 years ago in Domino / Security 4 Needs Clarification

Error with the return path in the email header

The Mail-In database has the sending domain "acme24.com". The user that sends the mail has the sending domain "acme-online.com". So the From address is "user.n24@acme24.de" and the return-path domain is "acme-online.de". This behaviour seem...
8 months ago in Domino / Security 2 Needs Clarification

Configure at least 3 SMTP ports for Domino

Recent Internet providers are OP25B and cannot connect to port 25. Domino allows you to set up additional ports for SSL, but you can only set up to two ports for SMTP, and you cannot use port 25, 465, and a submission port (587) together. https:...
over 1 year ago in Domino / Security 2 Needs Clarification

Limit the number of concurrent sessions per user

Domino allows the possibility to set the maximum number of users on a server. However, it does not allow limiting the number of concurrent sessions per user on the server.
10 months ago in Domino / Security 1 Needs Clarification

TOTP (MFA) Scratch code - set expiry date and limit number of codes generated

When Scratch codes are generated for TOTP setup there are 10 codes generated with no expiry date and I have the following suggestions : 1) Add an "Scratch Code Expiry Time (hrs)" so administrators can set the code to expire for example after 48 ho...
over 3 years ago in Domino / Security 1 Needs Clarification

Possibility to log in via certificate AND password

Currently you can set Domino to authenticate users via password OR certificate. It would increase security when login using certificate is selected and additionaly user is asked for his notes/internet password (as second factor). Then the security...
11 months ago in Domino / Security 2 Needs Clarification