Welcome to the #dominoforever Product Ideas Forum! The place where you can submit product ideas and enhancement request. We encourage you to participate by voting on, commenting on, and creating new ideas. All new ideas will be evaluated by HCL Product Management & Engineering teams, and the next steps will be communicated. While not all submitted ideas will be executed upon, community feedback will play a key role in influencing which ideas are and when they will be implemented.
For more information and upcoming events around #dominoforever, please visit our Destination Domino Page
Database/dictionary for storing bad common passwords
Currently, customer does use custom password policy settings. But is requesting to have the ability to create a dictionary/database or a feature for storing bad Notes ID passwords and prevent users to use it as their Notes ID passwords. The purpos...
users locked out due to wrong password or wrong password strikes have their own Statistics in Domino, so later they can be monitored.
Another idea on Domino.ideas.aha.io is to log per protocol strikes and locks.
If we can create new statistics this would help to monitor security with DDM or external solution
Security.POP3.Strikes.Total = 30
Create a rule for the Domino web server so that "If (IP address IS NOT 10.1.1.*) AND (User IS John Smith) THEN PROHIBIT ACCESS". Presently, it is only possible by restricting the IP address (by configuring a blacklist on the server) and user restr...
Http task should Identify the user status active/blocked before proceed for password authentication
Currently http behavior are like this : In case you blocked (added in deny group) the user in domino server and and HTTP task is configured to obey this setting, (in server document - ports internet ports web- Enforce server access settings: Yes) ...
It could be useful to specify minimum allowed notes client version to access Domino server. It could be specified by Domino configuration document and be overrideable by security policy (for particular users). It's implemented in V12 configuration...
When user is trying to POST data (like an email or a form) to Domino and
an SSO timeout occurs, before that the user is redirected to login and POST data is lost.
Customer requests that the POST data be saved.