After logging in to the Lotus Notes Client, you are prompted for a password in DOS-like window (Viru

Environment

IBM Lotus Notes R8

IBM Lotus Notes R7
IBM Lotus Notes R6

Problem 1

After logging on to Lotus Notes, you are prompted for password in DOS-like window:

<UserName>/<OrgName>: NCDAEMON.EXE

The ID file being used is: ...\Lotus\Notes\Data\<UserName>.id

Enter Password (Press the Esc key to abort):

NOTE:

Closing the window can cause the Notes Client to stop responding, but generally not immediately.
Passwords are not shown when typing, but you are prompted if unsuccessful.

Cause

An Application Programming Interface (API) used by the Lotus Scanner can cause this prompt to appear in response to authentication challenges. Lotus Notes can invoke authentication challenges at any time during your Notes session.

Solution

The authentication issue cannot be completely resolved because VirusScan Enterprise must use the Lotus Notes password manager and if VirusScan Enterprise were designed to manage the Lotus Notes password security issues would be introduced. If encryption or
signing is used, the Lotus option Don't prompt for a password from another Notes-based programs must be enabled.

This issue is documented in the VirusScan Enterprise Release Notes:

LOTUS NOTES



3. Prompting for a password from other Notes-based

programs reduces security. When accessing a

local database on Windows 2000 Server, Windows

2003 Server, or Windows XP, the user is prompted

for a password. When the user types the

password, the text search dialog is initiated

and the password is inserted into the text

search dialog instead of being inserted into the

password dialog. The password dialog box is not

completely modal. Selecting the dialog box again

allows the user to input the password.

we recommend that you prevent prompts for passwords as follows:

a. From Lotus Notes, select File | Preferences | Security | User Security | Dialog.

b. Select "Dont prompt for a password from other Notes-based programs (reduces security)."

NOTE: For more details, see the Workaround section.

IMPORTANT:

Lotus Notes R8 is not supported for use with VirusScan Enterprise (VSE) 8.5i. For supported environments with VSE, see KB51111.
To use Lotus Notes R8 with VirusScan Enterprise (VSE), upgrade to VSE 8.7i before implementing any of the workarounds.

To download McAfee products, updates, and documentation, visit the Downloads page at http://www.mcafee.com/us/downloads/downloads.aspx.

For instructions on downloading, see: KB56057.

Workaround 1

Enable the Don't prompt for a password from another Notes-based programs setting as stated in the VirusScan Enterprise readme. This setting is a required for use of the Notes Scanner in VirusScan Enterprise 8.5i:

Launch Lotus Notes client.

Click File, Security, User security.

Type your password and click OK.

Select the Security Basics view.

Select Dont prompt for a password from other Notes-based programs.

IMPORTANT: This solution potentially reduces security. Therefore, you do so at your own risk.

Click OK.

Workaround 2

Minimize the prompt window and do not type a password. Alternatively, click the Notes Client to bring it to the foreground.

IMPORTANT: Do not close the prompt window. It can be safely minimized and will close when the Notes Client is closed.

Workaround 3

Ensure the Domino server is protected by a mail scanner, such as McAfee GroupShield for Lotus Domino. The server-based anti-virus solution means the client-based protection is redundant and can be disabled.

IMPORTANT: This workaround can potentially reduce security. Therefore, you do so at your own risk.

Workaround 4

Continue to type the password when prompted during the Lotus Notes session.

Related Information

McAfee recommends implementing one of the previous solutions, based on the following information:

Related article for IBM Tivoli software

http://publib.boulder.ibm.com/infocenter/tiv2help/index.jsp?topic=/com.ibm.IBMDI.doc/referenceguide122.htm

The relevant excerpt:

When the Session Type is Local client, you can start your Notes or Designer client and permit other applications to use its connection by setting a flag in the file->Tools->UserID panel. The check box is labeled Don't prompt for a password from other Notes-based
programs. (Share this user ID password with these Notes add-ins).



Related article from other vendors:

http://www.dominopower.com/issuesprint/issue200201/productive.html

The relevant excerpt:

When researching Notes Minder on Notes.net, I read that some people did experience problems using the program, but for me it's worked great and saved me valuable time as well. Also, to avoid being prompted twice for your password, go to choose Tools->User ID
from the File menu. Then, at the bottom of the Basics section, check the box that says, "Don't prompt for a password from other Notes-based programs."

Related McAfee article:

KB55400 - After logging in to the Lotus Notes Client, the user is prompted for a password in DOS-like window (VirusScan
Enterprise 8.0i)

IMPORTANT:

VirusScan Enterprise (VSE) 8.0i is End of Life (EOL) on March 31, 2010. The V1 DAT files are EOL at the same time.
VSE 8.0i cannot use V2 DAT files for signature updates. Therefore, McAfee recommends that you upgrade to the latest supported version.
If you run VSE 8.0i after 31 March 2010, your DAT file updates will fail and you will not be fully protected against new threats.

Also see:

McAfee EOL List and EOL Policy at: http://www.mcafee.com/us/enterprise/support/customer_service/end_life.html
KB52201 - End of Life for VirusScan Enterprise 8.0i
KB60404 - End of Life for products using version 1 DAT files (Names.dat, Scan.dat, Clean.dat)
KB60992 - Information on V2 incremental (.GEM) DAT files and End of Life for V1 DAT files on 31 March 2010

Previous Document ID

612653