Welcome to the #dominoforever Product Ideas Lab! The place where you can submit product ideas and enhancement request. We encourage you to participate by voting on, commenting on, and creating new ideas. All new ideas will be evaluated jointly by the IBM & HCL Product Management & Engineering teams, and the next steps will be communicated. While not all submitted ideas will be executed upon, community feedback will play a key role in influencing which ideas are and when they will be implemented.

For more information and upcoming events around #dominoforever, please visit our Destination Domino page.


Add lockout options for ldap and other protocols

now there is only a internet lockout option for http protocol. But when using ldap authentication there is no option to lockout a user when giving too many bad passwords. Same counts for other protocols like smtp and pop

  • Avatar32.5fb70cce7410889e661286fd7f1897de Guest
  • Jul 18 2018
  • Attach files
  • Avatar40.8f183f721a2c86cd98fddbbe6dc46ec9
    Guest commented
    July 28, 2018 15:53

    This is already supported in Domino 9.0.1 FP6 or later.

    https://www.stoeps.de/securing-domino-protocols-against-brute-force-attacks/

  • Avatar40.8f183f721a2c86cd98fddbbe6dc46ec9
    Guest commented
    September 25, 2018 06:36

    Already built in, but still not completely documented

  • Avatar40.8f183f721a2c86cd98fddbbe6dc46ec9
    Guest commented
    12 Feb 07:16

    It never has been documented! But yes it's in the product.

    I have discovered it quite a while ago. The initial implementation was for HTTP only and my initial feedback was, that we need it for all protocols.

    A fix for another issue moved the code to a different place in the authentication stack which made it work for all protocols :-)

    But that was never documented and is not described as a feature. At the time I found the developer who made the fix in the developer labs at Lotusphere. And I tried to get it officially documented.

    So what is missing is an documentation update to make it a supported feature.

    Daniel Nashed [ http://blog.nashcom.de ]