This year, HCL Digital Solutions has delivered a modern, per user, licensing model for Domino – HCL Domino Complete Collaboration Business Edition (a.k.a. “CCB”). CCB has helped facilitate the growth in the Domino customer base and new user adoption and we’re proud to announce the completion of CCB licensing with the introduction of an eXternal user entitlement – the “CCX” Authorized User. 

CCB: Simplifying HCL Domino Licensing 

CCB is a key step in our journey to provide one license model for HCL Domino, eliminating the uncertainty of server capacity and sub-capacity (PVU) licensing.

  • A simple “Per User everything model” – use any client and any protocol for any server capacity to run all applications – including enterprise e-mail (HCL Verse).
  • Transparent license compliance management by simple user counting.
  • Adding additional capabilities to the core Domino environment under CCB entitlements – like HCL SafeLinx 1.1 which is now entitled for all CCB users.
  • We recently added a Guest user entitlement to permit web applications to run on CCB licensed servers – vastly improving the value of CCB. (This blog post contains updates to the announcement, “HCL Complete Collaboration (CCB) Guest Licensing” from July 29, 2020)

More capabilities will be provided using a simple “add-on” scheme for CCB licensing, which now includes:

  • Domino Volt: can be licensed to all CCB users at renewal or new CCB license sale
  • Sametime Premium v11.5: special price add-on to all CCB users , as soon as Sametime 11.5 goes eGA in November. (Sametime Premium stand-alone will also be available at full price.)
  • CCX: per user add-on for external users, from the end of September.

Introducing CCX  

CCX is an add-on to a CCB entitled Domino environment extending applications to external users at an attractive per user price. We now distinguish between internal users – who must be licensed under CCB – and CCX entitled external users.

Employees or contractors must be CCB users. You must have CCB licenses to enable all code install/download & product support. Where Domino Volt has been added to the CCB entitlement, the Domino Volt entitlement is also extended to any CCX users at no additional cost.

CCX users are functionally restricted to using Domino or Domino Volt applications and workflows but cannot create applications themselves. CCX users do not have a personal mailbox but can use task/functional mail for workflow routing or applications generating mail.

CCB Guest Users: What’s New 

Since the announcement in July 2020, we have thoroughly analyzed and discussed many customers’ use cases and now enhanced the value of authenticated/logged-in web users to permit a predefined maximum level of Domino application access (ACL) as “Reader.”

Counting Users for License Compliance  

CCB/CCX require Authorized User entitlements for any user who has credentials to access the system.  For both CCB and CCX, the required license volume for compliance is determined by counting directory entries in the Domino directories and accessible LDAP directories permitting users to log-in. Simple mail routing entries or credentials on the Domino Denied Access list are not included in the counts.

As of now, you simply count the entries in the Domino Directories/linked LDAPs permitting users to log-in. Any entry or LDAP tagged as “External” will be counted as a CCX user and all other credentials make up the CCB count.  If Guest user log-in credentials are in the same directories/LDAP they must be tagged as “Guest” and excluded from the count.

No employee or contractor in the Enterprise can be CCX or Guest but must be licensed as a CCB user. It is our intention to automate the counting for Domino v12 by enhancing the included Domino License Tracker to produce an internal license compliance report. The report is not automatically shared with HCL but can be used to assist with license compliance.

CCB/CCX Users’ Rights and Capabilities

Access to Domino Servers Licensed under CCB Authorized User Entitlement

Effectively immediately, customers with HCL Domino Servers deployed under CCB Authorized User entitlements can be accessed by Licensee’s entitled CCB Authorized Users and Guest Users as well as CCX Authorized Users.

In addition, HCL Domino Servers deployed under CCB Authorized User entitlements may participate in mail routing (SMTP), directory lookup and authentication (LDAP) for non-HCL Domino programs and permit access to free/busy time calendar information.

More Information 

HCL has made the following changes to the CCB license based on customer and partner requests to facilitate:

  • A read-only external website for Guest Users.
  • A simple way of providing tailored content to specific Guest Users.
  • Eliminating the need for server capacity (PVU) based licensing through the introduction of a specific External User license.
  • Permitting External Users in the Enterprise B2B value chain to participate in Domino based applications and workflows.
  • Using Domino Volt for External Users in general, as well as for data collection through surveys for anonymous Guest users.
  • Clarifying licensing for mail and calendar interoperability in multi-vendor scenarios involving our partners’ solutions.  

HCL plans to update the formal CCB/CCX V11.0.1 License Information that can be found here when CCX becomes available later in September 2020.

This announcement reinforces CCB/CCX as the licensing platform for Domino customers, allowing more customers to upgrade to CCB and as the model for all new customers.

If you have any questions about this announcement or have any licensing questions, please contact your HCL product specialist or Business Partner.

Useful Links:  

Related Blog Posts: 

Frequently Asked Questions

Q: How are CCB/CCX users counted?

A: You simply count the entries in the Domino Directories/linked LDAPs permitting users to log-in. Count entries/LDAP tagged as “external” as the CCX user count and deduct this number from the total number of entries which becomes the CCB count. The Denied Access List is excluded from the counts.

CCB and CCX can reside on same server or as administrator decides – counting is always across all Domino Directories in Licensee’s enterprise.  CCB includes an unlimited entitlement for Guest users. If logged-in Guest user credentials are included in the Domino Directories tagged as “guest” they are excluded from CCB/CCX counts. No employee or contractor in Licensee’s Enterprise can be CCX or Guest. 
(The current Domino License Tracker for v12 will produce an internal report to assist you with license compliance, but it is not automatically shared with HCL.)

Q: I am using an earlier Domino license model. How do I switch to CCB/CCX?

A: CCB licensing is a superset of prior Domino licensing. When CCB licensing is established replacing active Domino licensing, CCB can provide the entitlements that were in place for the Domino Servers and various clients. To support the user constituents, you may need both CCB/Guest and CCX entitlements to match your current use cases, but you can continue to use deployed software.

Q: I just need a Domino server for apps, no need for mail or other features.

A: Mail routing is intrinsic to Domino and to many apps that run on the platform. For simplicity, full mail functionality is included with CCB and functional/workflow mail is included with CCX. You don’t have to use the mail functionality but it is part of your entitlement.

Q: Can I still just license mail?

A: The mail-only licensing of Messaging CAL/PVU, Messaging Express will remain as such. However, you can fully replace your mail entitlements with CCB and include Domino Volt to gain significant additional value for your users.

Q: What is included with CCB and what are add-ons?

A: CCB licensing includes entitlement to HCL SafeLinx 1.1 for all CCB servers and CCB/CCX users as well as limited use Sametime and Connections Files & Profiles for all CCB users. 
Add-ons include:  

  • Sametime Premium when v11.5 becomes available around November 2020
  • Domino Volt for all CCB users at a simple uplift (also extend to all CCX users for no additional charge).  Domino Volt includes HCL Enterprise Integrator and HCL SAP Connector which is entitled for all CCB servers when upgraded with Domino Volt !
  • CCX on a per External User basis

Q: What is a CCB user permitted to do?

A: CCB users are entitled to all aspects of Domino applications and enterprise e-mail and purchased add-ons per above, without license restrictions on what users are permitted to do. CCB users can create and participate in apps and workflows to any level set by Domino Administrators.

Q: How do you restrict CCX and Guest users’ access to applications?

A: We use the Domino “Access Control List” (ACL) – all Domino databases/applications has an ACL which map access levels to users. The access level is a classification limiting which tasks a user can perform in the database  – Manager, Editor, Author, Reader, Depositor, No Access – these classes are just labels, not verbatim. To fully understand permitted use cases, refer to the product documentation of ACL.
Learn about Domino Access Control Lists (ACL)
(Note: Existing applications and standard templates may need customisation to fully support Guest users.)

Q: Why is a CCX user permitted ACL level up through Author?

A: CCX users can fully participate in, and use (not create) Domino apps and workflows (including Domino Volt if added to CCB.)  Hence, maximum ACL level is “Author” access, which is typically assigned to users who need to contribute documents to a Domino database – and authenticated users can edit their own or other designated content.
CCX is for authenticated, external users only and not permitted for any employee or contractor in the Licensee’s Enterprise!

Q: Why is an anonymous Guest permitted ACL level up through Author?

A: Anonymous Guests are web users, who beyond browsing a web site are permitted actions like submitting a contact form, participating in a web survey, posting anonymous blog content, etc. “Author” access is typically assigned to users who need to contribute documents to a Domino database just like CCX users, however, being anonymous they cannot edit any content, nor access individualised content.

Q: Why is a logged-in Guest permitted ACL level up through Reader?

A: Under ACL control, “Reader” access allows controlled creation of documents by using public access forms. Logged-in Guests authenticating with HTTP/LDAP are typically a dynamic, ever increasing volume of users visiting your web site, registering to gain access to community content, special interest forums, initiating workflows, etc.  “Reader” access is typically assigned to users who are only permitted to read documents in a database and/or using public forms to create documents. This case is for authenticated, external, limited use only, and not permitted for any Employee or contractor in the Licensee’s Enterprise!
For external users needing any higher level of access, you must purchase CCX entitlements.

Disclaimer – HCL’s statements regarding its plans, directions, and intent are subject to change or withdrawal without notice at HCL’s sole discretion. Information regarding potential future products is intended to outline our general product direction and it should not be relied on in making a purchasing decision. The information mentioned regarding potential future products is not a commitment, promise, or legal obligation to deliver any material, code or functionality. Information about potential future products may not be incorporated into any contract. The development, release, and timing of any future features or functionality described for our products remains at our sole discretion. Performance is based on measurements and projections using standard HCL benchmarks in a controlled environment. The actual throughput or performance that any user will experience will vary depending upon many factors, including considerations such as the amount of multi programming in the user’s job stream, the I/O configuration, the storage configuration, and the workload processed. Therefore, no assurance can be given that an individual user will achieve results similar to those stated here.

Comment wrap
Further Reading
article-img
Digital Solutions | April 15, 2021
The Countdown to the Newest HCL Domino and Sametime Begins! Join Us for Our Global Launch.
[et_pb_section admin_label="section"] [et_pb_row admin_label="row"] [et_pb_column type="4_4"][et_pb_text admin_label="Text"]I am thrilled to announce that registration is now live for what will surely be a true, blockbuster event on June 7. This exclusive virtual event celebrates our latest versions of HCL Domino v12 and HCL Sametime. The first 1200 registrants got a free gift (we blew past that number in a couple of days!). I personally love the amazing video that helps capture the excitement as we could down the days to these “breakaway” releases. (An agenda will be released soon. Follow us on Twitter to get the latest.)  The launch event will include thought-leading sessions, demos, customer speakers, and more. And, it kicks off an exciting collection of Domino content delivered in a series we are calling the “Domino Dozen” (once you’ve registered for the launch, you will have access to this program). Each day, for 12 days following the launch, we will drop a new, essential Domino-related treasure. These pieces will include webinars, panel discussions, and technical deep dives, early access to special programs, thought leadership pieces, and more.   Also, join us for the closing keynote and happy hour on June 23 — we are calling it “Nerdi Gras” as a hat tip to the days of Lotus past. We will be releasing a party kit soon, with downloadable favors, so you can join in the fun. For those of us who’ve been on this Domino journey with us for so many years — and for those of you who we will be welcoming as new customers — we can’t wait to celebrate. Join us.[/et_pb_text][/et_pb_column] [/et_pb_row] [/et_pb_section]
article-img
Digital Solutions | April 2, 2021
HCL Domino v12 Beta 3 Has Arrived
What a blast! In our webinar hosted this week, we announced Beta 3 is now available for download on Flexnet for all Domino customers. Watch the replay here.  This will be the last beta drop before the v12 release so don’t miss your chance to participate and help us shape the future of Domino! In this third iteration, we are unleashing another set of great features. See the full list here or read highlights below. We’ve also included a Q&A received during our webinar and a special shoutout to all our customers and partners who covered our beta in blogs and tweets below! Notes Client Highlights New 64bit Notes Basic Client For the first time ever, we are releasing a 64-bit Notes Basic client for beta testing. Many of our customers have been voting for this and we’re pleased to deliver. (See this idea from Cormac.) Our main intent for this release is to engage customers, business partners, and third-party vendors to try out 64-bit Windows Basic version and test existing extension integrations. Our plan is to provide several iterations of this 64-bit client in beta and once we feel that we have addressed most of the known and reported issues, we will release the Standard 64-bit client. More Improvements for the Workspace In Beta 2, we introduced a new Notes client user interface for the workspace. Thanks to all your feedback, we have addressed several improvement requests such as reducing excessive spacing between icons and adding the ability to change the font color of workspace database icon (which is also policy controlled). Now you can also partially or completely collapse the workspace navigator and easily identify multiple replicas with the added a visual indicator. Read more here:  Updates to the new Notes V12 workspace design  Collapsible workspace sidebar  Apple M1 Support Good news for customers planning to use Apple’s new M1 hardware with HCL Notes. Beta 3 now also supports those type of CPUs. Domino Server Password Synchronization A new secure method to synchronize password changes from Active Directory to Domino allows customers to reduce the number of passwords that users have to remember. Password changes from Active...
article-img
Digital Solutions | March 16, 2021
HCL Domino v12: The 4 New Security Features You’ve Been Waiting for
While no platform is immune to the possibility of hacking, the question I would pose is: Has your Domino infrastructure ever been hacked?  Didn’t think so. It’s probably boring to say that the most straight forward answer is HCL Domino is rock solid on security.   When set up correctly and optimised, HCL Domino is the most secure platform of its type.  It’s true though.  Reliable and secure is a good thing. A very good thing.  The HCL Domino v12 beta is out now.  If you haven't already tried it, it's free for all existing licensed Domino customers.  It's waiting there in flexnet for you to download and try it out!  It's the first time a beta of this type is in existence and it has multiple interactions (we're currently on beta 2; beta 3 is scheduled for the end of March. Register here to join us for the beta 3 webinar. What I really love about it is the almost instantaneous feedback from the beta forum, from those in charge of development.  Domino v12 is scheduled for full release in Q2 of this year.  (June 2021 timeframe is given at the moment). Read an overview of what’s coming here. Here's is a list of all the NEW NATIVE security features coming in Domino v12 and there's a whole host of them: Automating certificate management  Time-based one-time password (TOTP) authentication  Enforce internet password lockout based on IP address  TLS 1.0 is disabled by default  Support for PEM-formatted TLS host keys and certificates  Two new curves supported for TLS 1.2 ciphers that use ECDHE for forward secrecy New template signing ID uses 2048-bit keys NRPC port encryption supports forward secrecy using X25519 Import internet certificates that contain unsupported critical extensions Suppress key rollover alerts during ID vault synchronization New Query Vault command options Support for SameSite cookie  Also note native support for DKIM is planned in the 12.0.x timeline. (Again natively, you can achieve DKIM with third party mail gateways). We could argue about which are the best and more important ones here, but I'm going to concentrate on the 4 new security features in Domino v12 that...
Close