Skip to Main Content
HCL Domino Ideas Portal

Welcome to the #dominoforever Product Ideas Forum! The place where you can submit product ideas and enhancement request. We encourage you to participate by voting on, commenting on, and creating new ideas. All new ideas will be evaluated by HCL Product Management & Engineering teams, and the next steps will be communicated. While not all submitted ideas will be executed upon, community feedback will play a key role in influencing which ideas are and when they will be implemented.

For more information and upcoming events around #dominoforever, please visit our Destination Domino Page

ADD A NEW IDEA

Security

Showing 28

Enhance CA Profile access and configuration options

There is an option to change the certificate duration for CA enabled certifiers, but this setting cannot be enforced, so that it cannot be overwritten by the registration authority (RA). The CA profile shows this option, but it is not possible to ...
about 1 month ago in Domino / Security 0 Needs Review

Password policy functioning improvements with "Check vault first then directory"

ID vault is implemented on the server and in configuration document "Check vault first then directory" is enabled. All users authenticate to the server through ID vault successfully. Use case: The web user is able to login even though the warning ...
about 2 months ago in Domino / Security 0 Needs Review

Domino should support modern SMTP related protocols DANE, MTA-STS and TLS-RPT

Domino is a bit behind in implementing e-mail security protocols. While DMARC is waiting for implementation, new protocols are already around: DANE, MTA-STS and TLS-RPT. 1. DANE (DNS-Based Authentication of Named Entities) RFC 6698: The DNS-Based ...
2 months ago in Domino / Security 0 Needs Review

Document that describes Domino HTTP security settings

There's a document created years ago: https://www.caicorp.com/2017/11/22/adding-security-http-response-headers-to-ibm-lotus-domino-server-to-get-an-a-rating/ HCL should have a similar document with more security settings.
2 months ago in Domino / Security 1 Needs Review

Add logout endpoint to DRAPI's oauth system

The .well-known/openid-configuration in DRAPI does not show a logout endpoint. A client web application can use the /oauth/authorization and /oauth/token endpoints to authenticate and refresh the authorization token. A logout is currently only pos...
3 months ago in Domino / Security 0 Needs Review

Server.id protection should not be a problem when creating ServiceProvider.xml in idpcat.nsf

You cannot create the ServiceProvider.xml when your server.id has protection. A see a popup "You are not authorized to perform that operation". This leads usto the server.id protection. When we disable it, we can create the ServiceProvider.xml in ...
5 months ago in Domino / Security 3 Needs Review

Server-Rules for E-Mail-Header

Our provider uses anti-spam software that writes the SPAM probability in the email header. Example: X-Spam-Level: ***** There should be a central way to evaluate the email header in Domino, for example to add a keyword to the subject line of affec...
6 months ago in Domino / Security 2 Needs Review

Allow to distinguish between HTTP requests without database access privileges

When summarizing database web access, we count requests in domlog.nsf or access log (text), but we cannot distinguish between requests from users without access privileges and those with privileges. Please be able to distinguish requests from user...
6 months ago in Domino / Security 0 Needs Review

Internet Lockout - Option to mark or manually lock out User or Addresses

I'm currently missing an option to mark locked out users and/or IP-Adresses in Internet-Lockout DB to prevent them from beeing deleted accidentally. Let's asume in Domino Serverconfigurationdocument the Internet Lockout feature is configured to au...
6 months ago in Domino / Security 1 Needs Review

Expand functionality of certstore.nsf

It would be helpful to have the option to either move special files like cacert, jvm.properties files of other customer dedicated files either to a "special" destination and make them available via an entry in the NOTES.INI ( LocationSpecialFiles=...
7 months ago in Domino / Security 1 Needs Review