In 2009, Lotus Domino 8.x became certified on Windows Server 2008. But many Domino administrators continue to use...
Windows Server 2003 as their operating system. Windows Server 2003 is extremely stable, and administrators have years of experience setting it up and trust it as a Domino platform. I have done so myself for many of my customers.
Since IBM has blessed Windows Server 2008 as a Domino option; it's helpful to understand any special considerations about running Domino on the platform. I recently installed Windows Server 2008 Standard Edition on a virtual machine in my lab, then added Lotus Domino 8.5.2, looking for any gotchas. I was surprised to find that there were several. After accounting for these gotchas, everything worked fine. I plan to use Windows Server 2008 for new installations at customer sites.
Most of the Domino installation process is identical to installing Domino 8.x on Windows Server 2003. The unexpected items fell into three categories: deciding which version of Standard Edition to install, opening necessary ports in the Windows firewall and seeing the Domino console on the Windows desktop.
Which version of Windows Server 2008?
Windows Server 2008 Standard comes in four versions: 32-bit versus 64-bit and regular versus core. The bit flavors are obvious. The regular/core distinction refers to how much extra software is included on top of the OS kernel.
Microsoft recommends installing the core version when the server will run largely unattended or when security is especially important. However, the problem with the core version is that it does not include the Windows GUI desktop. So, unless you are a Windows Server admin guru and feel comfortable doing your system operations from the command line, I recommend installing the regular version of Standard Edition.
Manually enabling firewall ports
Windows Server 2008 enables the Windows firewall by default and sets up the firewall settings tightly to help with security. Two of the ports that are initially blocked are Port 1352 and Port 80. This is obviously a problem for a Domino, since 1352 is the Lotus Notes protocol port and 80 is the Web browser port.
A plain installation of Domino on Windows Server 2008 results in a server that's invisible to the Lotus Notes client and Web browsers. To solve this problem, follow the steps below to manually enable the required ports in the Windows firewall.
- Start the Windows Server 2008 Server Manager program.
- Go to Configuration -> Windows Firewall -> Inbound Rules -> New Rule.
- Set Type = Port, TCP/UDP = TCP, Specific Port = 1352, Allow the Connection, When = Domain+Private+Public (or set as you want for tighter security), Name = Lotus Notes.
- Press Finish to save and enable the new rule.
- Create another new rule for Port 80, and name it Lotus Domino Web.
- Find the built-in rule named "File and Printer Sharing Echo Request ICMPv4". Enable this rule. (This step is not required but it allows the server to respond to a standard PING request, which is often helpful.)
If you're using Domino for other services, such as NNTP, POP or LDAP, know that you may have to enable their ports in a similar manner.
Uncovering the Domino console
Windows Server 2008 is stricter than Windows Server 2003 about protecting system services from human error. By default, system services do not interact with the Windows desktop. This can be a problem for Domino administrators because Domino is usually run as a system service. This causes Windows Server 2008 to hide the Domino I/O console. This may surprise administrators who might wonder if Domino is really running, since the normal I/O console does not appear.
There are two solutions: You can administer Domino remotely from another computer, using the standard Domino Administration client. Or you may also run the special Domino Console program supplied with the Domino server installation. This program should be visible on the Windows Server 2008 desktop. Starting it will mimic the familiar Domino I/O console and automatically attach to the Domino system service on that computer. It is similar to the Server/Console option within the Administrator client.
In my testing, I found the Windows Server 2008 system service I/O behavior inconsistent. When starting Domino as a system service, I was usually forced to launch Domino Console to see the Domino I/O box. On other occasions, I started Domino as a system service, but Windows immediately displayed the Domino I/O box anyway and allowed me to interact with it.
Chuck Connell is president of CHC-3 Consulting, which helps organizations with all aspects of Domino, Notes and Sametime.