I’ve started dedicating more and more time to Software Testing since Q3-2014. Talking about Software Testing is like swimming in the Ocean, there are so many many aspects that we can discuss: understanding the context, the actors, the trends, the approaches, methodologies, tools, levels, standards, certifications and so on… I strongly suggest to look at The Foundation Level Syllabus which forms the basis for the International Software Testing Qualification: follow that link

So, I will talk about Software Testing in that post, what it is basically and how it should, even must, be integrated in the SDLC. Very soon, I will try to publish more about Software Testing tools, software testing and related processes, the terminology used in Software testing, standards, terms like TCoE, APM, APDEX, the different testing types, levels, functional and non-functional testing, etc. Let’s go…

A few words about the SDLC

Everybody knows what SDLC is; it stands for “Software Development Life Cycle” aka “Systems Development Life Cycle” and this is basically the process which consists in several phases, defined by engineers and architects, in order to analyze, plan, build and deliver applications.


Model of the SDLC from Wikipedia


This said, there are many SDLC models that have been established in order to achieve distinctive objectives and Software Testing is being carried out differently in these models:

  • Waterfall model: Each phase must be completed fully before the next phase can begin. Testing starts only after the development is complete.
  • V-Model: Verification and Validation model. Testing is planned in parallel with a corresponding phase of development.
  • Incremental model: Whole requirement is divided into various builds with multiple development cycles including a Testing phase.
  • RAD / Rapid Application Model: Components are developed in parallel as if they were mini projects and each project contains with phases like Business Modeling, Data Modeling, Process Modeling, Application Build and finally Testing & Turnover.
  • Spiral: Similar to the incremental model but with more importance placed on risk analysis. It’s divided into 4 phases, Planning, Risk Analysis, Engineering (Coding + Testing) and Evaluation.
  • Agile: Small incremental releases being built on previous functionality and every release is thoroughly being tested to ensure software quality.

Naturally, development models have evolved over time as shown below:


What about Software Testing?

According to IEEE standard, Software Testing can be defined as “A process of analyzing a software item to detect the differences between existing and required conditions (that is defects/errors/bugs) and to evaluate the features of the software item”.

James Bach’s definition of testing: “Testing is questioning a product in order to evaluate it”.

Cem Kaner’s definition of testing too: “Testing is an Empirical technical investigation done to provide stakeholders, information about quality of a product or a service.

Who is performing Tests?

Software testing is not a “one person” job. It takes a Team with a Tester, Testing Coordinator, Test Analyst, Test Manager… In our current culture of IT, a Testing Team should be different than the Development Team.

Why should we Test?

A clever person solves a problem. A wise person avoids it.” – Albert Einstein

Software Testing is a challenge of real-world businesses because all organizations depend on Software. Nowadays, applications are indeed the engine that drives businesses by engaging customers, enabling partners and employees. Once upon a time, a business was built on a product and customers were installing those products on single computers. Today, organizations are deploying solutions that consist in myriads of products and these products operate across many servers in complex and distributed environments. In other words, what we mean by “application” today is very different than what we meant 10-20 years ago. On the other hand, applications are under massive stress from increasing volumes of data (Big Data), from accesses all around the world, at any time and from anywhere (Mobility). So, applications must perform for all devices, platforms, with quadrupled connection speeds and survive with major usage spikes (IoT).

Crashes of applications, web platforms becoming either too slow or completely unavailable can cause frustrated users and cost millions in lost revenue mainly for e-business companies. In these cases, the value of performance testing becomes vital but a little too late. As a consequence, Testing when implemented properly throughout the development cycle significantly reduces this risk. Including performance testing very early in your development life cycle supervises by adding significant value to the project and it reduces considerably the costs.




Software testing is an important part of the Software Development Life Cycle today but it is a rigorous work and also accounts for nearly half of the cost of the system development. No one really wants to open the Pandora’s box of Testing: quoted “It’s expensive. It’s time consuming”. Nevertheless, it’s fundamental to ensure that customers have a positive experience and that applications are reliable all time. Choosing speed and quantity over quality has never been a good long-term business strategy. By testing applications, I confirm that benefits are fully maximised.

Recent studies are demonstrating that still less than half of organizations have well-defined mobile strategies in place.

Hopefully, more and more are realizing that the Entreprise Mobility Strategies are no longer optional, it has become now vital to establish a winning direction for business. Creating a wishlist is a good start but might not be enough…

When talking about Mobile Strategy, it’s not about the choice of an MDM Solution or deciding or not to adopt BYOD; a mobile is not a strategy, an app neither! A mobile Strategy is over this mobile mind-shift; basically a mobile strategy is built on:

Enterprise Mobility Strategy


Indeed, defining a mobile strategy roadmap is not easy and I would say “hopefully” there is no “one-size fits all” mobile strategy. This said, building a mobile strategy very exciting! Exciting because it gives you the opportunity to transform, in some cases to revolutionize the way you interact with your employees, your partners and of course how you engage with your customers. However, don’t expect that your Mobile Strategy will allow you a Big-Bang, envisage a gradual adoption instead.

In addition, organisations should also keep in mind that a Mobile Strategy is not a basic document condemned to remain in a drawer: blocks on which the Entreprise Mobile Strategy is built are evolving at great speed. “Working Styles” have to be analyzed regularly, new resources and processes may be needed, governance policies have to be updated and a continuous training process should be maintained. You must understand your existing needs and remain forward-thinking to scale for the future. How things looked yesterday? BlackBerry. How things look today? iOS and Android. How the future will look like? A bigger device fragmentation, exponential mobile data, IoT, predictive mobile analytics, mobile security challenges…

Companies with mobile deployments, for their part, are struggling to strengthen their deployments as more and more attacks are focusing on mobile infrastructures and assets. It will be vital for organizations to ensure that their security approach covers the weaknesses which remain in many many deployments. The key consideration for mobile security is that taking more or new security initiatives should not break the end-user experience. The problem is not that the technology doesn’t exist, it’s just a matter of time to embrace it:
– App Reputation Services
– Mobile Threat Prevention Solutions
– Mobile App Containerization or App Wrapping
– Certificate-based authentication
– Single Sign On solutions
– Strong authentication
– Geolocalisation
– P2PE (Point to Point Encryption) for Mobile EMV payments

Managing a device is one thing, but managing the mobile data is everything! To be the most competitive, companies must learn to use the mobile data being generated by their users, mobile devices and other environmental assets in order to:

  • make their business processes more efficient
  • identify areas of improvement
  • maximise success in the market
  • improve the end-user experience
  • enhance the infrastructure
  • introduce real-time targeted promotions

As a conclusion, adopting a winning mobile strategy is a challenging task for companies. This lets them gain confidence in the direction they’re heading. The more complete the Entreprise Mobile Strategy is, the more competitive the company will become!

Until approximately mid of last year MobileIron was not allowing IBM Notes Traveler Companion applications to be used for email, to do, calendar and contacts synchronization on mobile devices. This was a challenge for companies to find an alternative mainly for their Android device fleet. Solutions which are available do not provide all features of IBM Notes Traveler Companion: most important issues were how to deal with encrypted emails and how to synchronize “To Dos”. Finally, IBM and MobileIron started to work together and they announced a partnership.
Featured Literature: “IBM and MobileIron: Leverage mobility to outperform competitors”

Now, MDM Administrators can have a MobileIron architecture within their company and start to push on their users device, Lotus Traveler Companion applications through AppConnect! In other words, IBM and MobileIron “customized” the IBM Notes Traveler Companion applications so that each app becomes a secure container whose data is encrypted, protected from unauthorized access. This, by the way, preserves user privacy and drives user adoption (

mi_acAfter upgrading a test environment, VSP to version 5.9.2 and Sentry to version 4.8.0, I could start enabling IBM Notes Traveler Companion with AppConnect. I’m describing below how I proceed.
First, AppTunnel and AppConnect (you can also add Docs@Work and Web@Work) features have to be enabled in VSP and Sentry Configuration.

1Then, you have to get one certificate signed by a CA: you need in fact a certificate for AppTunnel because Authentication with “Pass Through” is not permitted.

2This said, you can also use a self-signed certificate but in that case you must import the Sentry Root Certificate: something you may not be able to do without the assistance of MobileIron partners (I would like to thank Nomasis AG engineers for their support,

After that, you have to update any existing “Exchange” setting  you may have setup previously set to non-AppConnect devices: You should in fact add the Identity certificate else those devices will stop synchronizing data.


What is important here is the label management: you must ensure that you are not assigning an Exchange Settings to an AppConnect device when using IBM Notes Traveler Companion (and vice-versa). In other words, be careful when you use labels based on the OS (label iOS, label Android)…you should put more granularity.

Finally, you have to import in the VSP the applications you have to download from these apps are IBM Notes Traveler, File Manager, ThinkFree Viewer, Secure Apps Manager and Web@Work.

4At the end, you can setup the AppConfig setting for IBM Notes Traveler.











Let’s see how it looks like on the mobile device (tested on a Samsung S3, S4 and S5):

1. Application are marked as “Secured” with a green key icon at the bottom-right corner

2. When opening Mail application the first time, the end-user has to enter only the password

a b c










I strongly suggest that you have a look at the document, published and kept up-to-date in the IBM Notes and Domino Wiki, called “Using MobileIron with IBM Notes Traveler for Android devices” available following that link

Some Key Benefits of using IBM Notes Traveler within AppConnect in a MobileIron environment:
a. Handling automatic provisioning of the Application
b. Secured connection between devices and Traveler servers through Sentry
c. Data loss prevention settings (unsecured browser access, data sharing, screen capture, passcode, etc)
d. Data encryption

This is a “HOT” topic I wanted to post about since a very long time: Is it possible to restrict the access to a Sametime Proxy Server to certain group(s) of the Domino Directory instead of the hole Directory which includes all person documents? This is something lots of customers want to do when putting a Sametime Proxy Server in a DMZ that will be accessed from the internet and that was in fact a very good challenge I had already almost 2 years ago at a customer.

So, first thing I did, of course, was to raise a PMR and get in touch with IBM Support. Answer: “No, this is not supported”.

So, I started to play with the LDAP configuration in the Sametime System Console, tried to change several parameters, tried to change the configuration on the Domino LDAP itself. No success!

Finally, I got in touch with a friend who is THE WebSphere Expert and a very very good developer; he told me that maybe customizing a bit the stproxyservlet.war module, changing some functions in order to put more granularity in the user selection code could help. This was in fact what we did and by the way the Key Factor of our success!

To work with the stproxyservlet.war, you have to export it from the Sanetime WebSphere Console, edit it with Eclipse, and import it again in the Sametime WebSphere Console.

Once done, you can see this:




After the server has restarted, here is below what I started to get in the SystemOut.log for each user trying to access Sametime on a mobile device:

User found: CN= Orhan COSKUN, OU=Geneva, O=CoskunCorp

Member of authorized group


User found: CN= Client851, OU=Lausanne, O=CoskunCorp

Not member of authorized group



This solution was put in place in July 2012, on a Sametime Environment version 8.5.2. IFR1 CF2 and no issue so far: no server crash, no performance impact, no side effect.

I will check this on Sametime 9, unfortunately I could not spend time on it so far.

Beginning of January this year, I got for testing during a few days a Nokia Lumia 920 based on Windows Phone 8.

For being using a Samsung S3 and iPhone 5 for many months, first impression when I took it in hands was it’ size: it is substantially larger and heavier than the iPhone 5.

Screen Shot 2014-03-09 at 01.08.06

But I stopped focusing on the physical aspects when I started to use it: what I found very impressive first, is the quality of the touchscreen. The super Sensitive touch is awesome and even more impressive than the experience with a Samsung S3 or iPhone 5.

Regarding the Windows Phone 8: I like the “new” design of the Windows Phone UI. It’s alive, smooth, easy to use and looks really different than Android or iOS: thanks a lot to Windows Phone 8 Designers!

Screen Shot 2014-03-09 at 01.09.16

Let’s talk about now the configuration of the Device with a MobileIron Platform and Lotus Notes Traveler servers for the email / contacts / calendar sync.

So, beginning of January, I was struggling when trying to register and activate this Windows Phone 8 through MobileIron. As far as I knew, the MobileIron platform I had was supposed to support this device: so I started to register it…

Note: I had VSP 5.7.1 Build 74 and Sentry 4.7.2 Build 27

But I could get the device in VSP only in the state “Verified”: So, I could not complete the whole setup and get it in the Status “Active” with MobileIron Mobile App installed on the device etc.

Screen Shot 2014-03-09 at 00.45.50

I started to check all configuration of the platform (certificates, profiles, settings), the settings of the device (network, data, etc), reviewed the Admin guides several times: no success!!!

So, last thing to do was to get in touch with MobileIron support: they told me that registration of a Windows Phone 8 is possible with the the 5.9 version (at least) of the VSP. I was relieved to hear that but still a little disappointed not to have known this earlier, anyway…

As a conclusion, I upgraded with MobileIron experts the VSP to 5.9.0 build 337 and Sentry to 4.8.0 build 92 and first thing I did even before ensuring that registered devices were still up & running was to start to register a Windows Phone 8 device: it worked like a charm!

Screen Shot 2014-03-09 at 00.43.24

At the end, I could have a Windows Phone 8 registered and active in MobileIron platform and email, calendar and contacts synchronized on the device through Lotus Notes Traveler Servers (8.5.3)….

There are still lots of challenges with devices running on Windows Phone 8: first, I am convinced that a “lifting” will persuade more users. Then, let’s see if the Windows Mobile Application Store will provide so many applications than what we can find in the App Store or Google Play, to configure VPN, IM, Social apps etc.

A couple of weeks ago, I had Traveler servers, at a customer, which were not switching to secondary mail servers when primary was down for off-line backup. This was perfectly working then suddenly started to be a bigger problem as more and more people are using mobile devices during week-ends.

Details about the Architecture:

  • a cluster of 2 Lotus Notes Traveler servers version 8.5.3 Upgrade Pack 2 FixPack 3 in High Availability with SQL Server database behind
  • cluster of Domino mail servers 8.5.3

I started to check server status, CPU Usage, SQL connectivity, Memory percentage, network timing etc, basic checks…nothing particularly abnormal.

Then, I started to customize some settings, like increasing the number of HTTP threads, the maximum allowed cached users, adding additional CPU: That did not help.

Traveler servers were able to see Primary mail server down but somehow they could not find the secondary mail server in the cluster. The workaround was to restart Traveler servers when primary was down: a temporary solution which was not brilliant to my mind.

Then, I got in touch with my Lovely IBM Support by raising a PMR: automatic answer🙂 “Thanks to install latest FixPack 5”. “OK, guys, we did it” => it didn’t help.

This time, IBM development Team requested some logs and I prepared a dump of the logs on the Traveler servers.

That PMR let me know and run a very useful command -tell traveler pmr “1234,567,890” that I didn’t know before. This command collects the logs and upload to an existing PMR through FTP: Awesome!

Be aware that this command may fail if you don’t have proper ports opened on your firewalls (just a reminder).

Note: I hope that very soon we will be able to use such a command on a Domino Server.

So, after 2 weeks of deep and hard investigation, IBM Level 3 Dev team created a new fix for APAR LO78404. Again, I installed it on Traveler servers and that solved our issue. No problem so far and most important is for sure the satisfaction of the customer.

As a conclusion, if you are facing same problem with similar version of servers, raise a ticket at IBM and request the FIX BUILD LEVEL 20140104_2138.

PREREQUISITES: Lotus Notes Traveler version 8.5.3 Upgrade Pack 2 ( Interim Fix 5 already installed.

Estimated Installation Time: 15 minutes which consists in replacing some DLL, EXE and JAR files.

Using the “Name conversion utility” to handle name changes in Sametime @#!=:(

I guess lots of Domino/Sametime Admins have the same opinion on that tool! Lots of things to do, like stopping the hole server for a person being renamed! Something that was not acceptable for many of us. Anyway…

I had a request recently, at a customer, a Sametime user who was renamed wanted his several hundreds contacts’ buddylist back: which is his right!

A few words about the contact list: The Sametime contact lists are stored on the Sametime server, in the vpuserinfo.nsf database and the Domino Administration Process (AdminP) does not update the user entry in the Sametime databases (vpuserinfo.nsf). When AdminP completes, so user is renamed and that user logs into Sametime, a new BUT empty contact list is created in that vpuserinfo.nsf.

So before 8.5.1, we had to run that Conversion utility tool. Now, hopefully we don’t need it anymore!

What you have to do is to:

  • Delete the newly created entry for the user in the view “Storage” of vpuserinfo.nsf
  • Edit the initial entry and rename it with the new name (in canonical format)
  • Tell the user to restart Lotus Notes (that’s the most difficult🙂 )

Once the user will connect to Sametime, he should see, by default, a pop-up regarding the buddylist – At that point, he must select the option “Replace local copy by the server copy” and click OK. That will immediately populate his Sametime buddylist. Wonderful! Last thing to do, find the user in his own buddylist, remove his record and re-add the user: that’ because it’s his old name and you should him “offline”.

Now, I could not find any information on the internet formalizing that method, maybe I’m wrong.

That’s it.