Lotus Connections 3 - IBM - United States · Web viewThe host name is either an IP address or a...
Transcript of Lotus Connections 3 - IBM - United States · Web viewThe host name is either an IP address or a...
IBM Connections 5.5install
These were the steps I followed to install IBM Connections 5.0. Everything was installed on a single server.
IBM Connections 5.5install.............................................................................................................11. Software...................................................................................................................................2
1.1. Post Install Fixes...............................................................................................................32. Install WebSphere 8.5.5.6........................................................................................................7
2.1. Install IBM Install Manager..............................................................................................72.2. Install WAS Cell.............................................................................................................102.3. Create the WebSphere Application Server cell...............................................................17
3. Enable security with LDAP...................................................................................................233.1. Start the DMGR and nodeagent......................................................................................233.2. Enable security with an LDAP Directory.......................................................................23
4. Install DB2 10.5 fixpack 6.....................................................................................................374.1. Install DB2 10.1 Enterprise Server.................................................................................384.2. Install DB2 10.5 fp6........................................................................................................45
5. Create the Connections Databases.........................................................................................495.1. Create a dedicated db2 user for IBM Connections.........................................................495.2. Create Connections databases with wizard.....................................................................54
6. Install and configure Tivoli Directory Integrator 7.1.1 fp3...................................................586.1. Install Tivoli Directory Integrator 7.1.1..........................................................................586.2. Install TDI 10.1.1 fixpack 3............................................................................................666.3. Configure TDI.................................................................................................................67
7. Populate the profiles database using wizard..........................................................................687.1. Copy tdisol directory to keep profiles and LDAP in sync..............................................747.2. Update profiles_tdi.properties.........................................................................................74
8. Install and Configure IBM HTTP Server 8.5.5.7..................................................................758.1. Install IBM HTTP Server 8.5.5.7....................................................................................768.2. Configure Plug-In with WebSphere Customization toolbox..........................................82
9. Configure SSL on IBM HTTP Server...................................................................................919.1. Create the SSL key file for IHS......................................................................................919.2. Configure httpd.conf to listen over ssl............................................................................949.3. Add the HTTP Server certificate to WebSphere trust store............................................95
10. Install IBM Connections 5.5...............................................................................................9910.1. Set the JVM heap size...............................................................................................11410.2. Configure HTTP Server plugin with Connections....................................................11610.3. Start IBM Connections..............................................................................................118
11. Configure additional IBM HTTP Server settings.............................................................11811.1. Configure HTTP Server to compress some files.......................................................11911.2. Configure Connections to use IHS to download files...............................................12011.3. Conifgure Connections to use IHS to upload files....................................................120
12. Configure IBM Connections Content Manager Libraries................................................12012.1. Create Filenet Global Configuration Domain (GCD)...............................................120
12.2. Create FileNet ObjectStore.......................................................................................12213. Apply Connections 5.5 Recommended updates...............................................................123
13.1. Install the Day1 ifixes................................................................................................123
1. SoftwareI downloaded the following files prior to installing:
The following document has more details: http://www-01.ibm.com/support/docview.wss?uid=swg24041291
IBM Connections V5.5 for IBM Connections Suite V5.5 Multiplatform Multilingual eAssembly (CRY8MML)
IBM Connections V5.5 for Windows Multilingual (CN808ML ) IBM Connections V5.5 Wizard for Windows Multilingual (CN80DML )
NOTE: DO NOT download the wizard directory from the eAssembly, use the one from the day 1 fixes instead http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=Collaboration%2BSolutions&product=ibm/Lotus/Lotus+Connections&release=5.5.0.0&platform=All&function=all
IBM DB2 Server V10.5 for Windows on AMD64 and Intel EM64T systems (x64) Multilingual (CIW3YML )
IBM Tivoli Directory Integrator Identity Edition V7.1.1 for Windows - x86-64, Multilingual (CZUF7ML )NOTE: wrong one showing in eAssembly
IBM WebSphere Application Server Network Deployment V8.5.5 (1 of 3) for Multiplatform Multilingual (CIK2HML )
IBM WebSphere Application Server Network Deployment V8.5.5 (2 of 3) for Multiplatform Multilingual (CIK2IML )
IBM WebSphere Application Server Network Deployment V8.5.5 (3 of 3) for Multiplatform Multilingual (CIK2JML )
IBM WebSphere Application Server V8.5.5 Supplements (1 of 3) for Multiplatform Multilingual (CIK1VML )
IBM WebSphere Application Server V8.5.5 Supplements (2 of 3) for Multiplatform Multilingual (CIK1WML )
IBM WebSphere Application Server V8.5.5 Supplements (3 of 3) for Multiplatform Multilingual (CIK1XML )
IBM Connections Content Manager V5.5 for IBM Connections Suite V5.5 Multiplatform Multilingual eAssembly (CRY8NML)
IBM FileNet Content Engine V5.2.1 Windows Multilingual (CN216ML ) IBM FileNet Content Engine Client V5.2.1 Windows English (CN225EN )
IBM Content Navigator V2.0.3 for IBM Connections Enterprise Content Edition (CECE) V5.2 Multiplatform Multilingual eAssembly (CRVX7ML)
IBM Content Navigator V2.0.3 Windows Multilingual (CN0PVML )
Additional optional components that are not used during this install
IBM Connections V5.5 for IBM Connections Suite V5.5 Multiplatform Multilingual eAssembly (CRY8MML)
IBM Connections V5.5 Cognos Wizard for Windows Multilingual (CN80GML ) IBM Cognos Business Intelligence Server 64-bit 10.2.2 Microsoft Windows
Multilingual (CN1YPML ) IBM Cognos Business Intelligence Transformer 10.2.2 Microsoft Windows
Multilingual (CN1Z0ML )
Ephox Editors V3.0.1 for IBM Connections V5.5 Multiplatform Multilingual (CN80QML )
IBM Connections Community Surveys V5.5 Windows Multilingual (CN80KML )
1.1. Post Install FixesNOTE: These are what I downloaded on 23 December 2015. Check the following location for the latest supported releases:
http://www-01.ibm.com/support/docview.wss?uid=swg27047297
IBM Connections Day 1 fixes:http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=Collaboration%2BSolutions&product=ibm/Lotus/Lotus+Connections&release=5.5.0.0&platform=All&function=all
interim fix: 5.5.0.0-IC-Multi-IFLO87330 interim fix: 5.5.0.0-IC-Common-IFLO87469 interim fix: 5.5.0.0-IC-D1-DBWizard-LO87408-Windows refresh pack: 5.5.0.0-IC-Multi-UPDI-20151218
Optional components in Day 1 fixes not used in this part of the install
interim fix: 5.5.0.0-IC-D1-CognosWizard-LO87407-Windows refresh pack: 5.5.0.0-IC-D1-MigTool 5.5.0.0-TypeAhead-20151218
NOTE: This requires being installed on a Linux machine, so is not done in this environment.
WebSphere Application Server, IBM HTTP Server and plug-ins 8.5.5 fixpack 7 - http://www-01.ibm.com/support/docview.wss?uid=swg24040533
TDI 7.1.1 - fixpack 3: http://www-01.ibm.com/support/docview.wss?uid=swg27010509
NOTE: The fix central link on this page did not work for me, so I used http://www.ibm.com/support/fixcentral/swg/quickorder?product=ibm/Tivoli/Tivoli+Directory+Integrator&release=7.1.1&platform=Windows&function=fixId&fixids=7.1.1-TIV-TDI-FP0003&includeRequisites=1&includeSupersedes=0&downloadMethod=ddp&source=fc
DB2 10.6 - Fixpack 6: http://www-01.ibm.com/support/docview.wss?uid=swg27007053
DB2 Universal Fix pack and DB2 Data Server Client
FileNet Components
FileNet Content Engine 5.2.1 FP2 and Content Engine Client 5.2.1 FP2 - http://www.ibm.com/support/fixcentral/swg/quickorder?parent=FileNet%2BProduct%2BFamily&product=ibm/Information+Management/FileNet+Content+Engine&release=5.2.1.2&platform=All&function=all&useReleaseAsTarget=true&source=fc
fix pack: 5.2.1.2-P8CPE-WIN-FP002
fix pack: 5.2.1.2-P8CPE-CLIENT-WIN-FP002
IBM Content Navigator 2.0.3 FP5 - http://www.ibm.com/support/fixcentral/swg/quickorder?parent=Enterprise%2BContent%2BManagement&product=ibm/Other+software/Content+Navigator&release=2.0.3&platform=All&function=all&source=fc
Make sure to get the 2.0.3-ICN fixpack for your OS: fix pack: 2.0.3-ICN-FP005-WIN
2. Install WebSphere 8.5.5.6This step involves setting up a DMGR server, 1 managed node (in this case I installed everything on 1 system, so I installed a cell).
Software Needed for this step:IBM Connections V5.5 for IBM Connections Suite V5.5 Multiplatform Multilingual eAssembly (CRY8MML)
IBM Connections V5.5 for Windows Multilingual (CN808ML )extracted to C:\Downloads\ic55\IBM_Connections_Install
IBM WebSphere Application Server Network Deployment V8.5.5 (1 of 3) for Multiplatform Multilingual (CIK2HML )
IBM WebSphere Application Server Network Deployment V8.5.5 (2 of 3) for Multiplatform Multilingual (CIK2IML )
IBM WebSphere Application Server Network Deployment V8.5.5 (3 of 3) for Multiplatform Multilingual (CIK2JML )
each extracted into the same directory C:\Downloads\ic55\WAS855
WebSphere Application Server fixpack 7 - http://www-01.ibm.com/support/docview.wss?uid=swg24040533
both parts extracted into the same directory C:\Downloads\ic55\WAS855fp7
2.1. Install IBM Install ManagerExtract the IBM Connections V5.5 for Windows Multilingual (CN808ML ) download and run C:\Downloads\ic55\IBM_Connections_Install\IM\windows\install.exe
1.
2.
3.
4.
5.
2.2. Install WAS Cell
First, make sure you have extracted the following downloads:
IBM Connections V5.5 for IBM Connections Suite V5.5 Multiplatform Multilingual eAssembly (CRY8MML)
IBM WebSphere Application Server Network Deployment V8.5.5 (1 of 3) for Multiplatform Multilingual (CIK2HML )
IBM WebSphere Application Server Network Deployment V8.5.5 (2 of 3) for Multiplatform Multilingual (CIK2IML )
IBM WebSphere Application Server Network Deployment V8.5.5 (3 of 3) for Multiplatform Multilingual (CIK2JML )
each extracted into the same directory C:\Downloads\ic55\WAS855
WebSphere Application Server fixpack 7 - http://www-01.ibm.com/support/docview.wss?uid=swg24040533
both parts extracted into the same directory C:\Downloads\ic55\WAS855fp7
To install we will use the Install Manager we just installed. If it's not running, go to Start - Apps - IBM Installation Manager - IBM Installation Manager
1. Go to File Preferences .... to add the WebSphere repository to IBM Install Manager
2.
3.
4. Now do the same for the 8.5.5 fix pack 7
5. Uncheck Search service repositories during installation and update and click Ok
6. Click Install
7.
8.
9. NOTE: It's best to provide a path without spaces, so I removed Program Files (86)
10. NOTE: Again, make sure to provide a path without spaces, I again removed Program Files (86)
11.
12.
13.
14.
2.3. Create the WebSphere Application Server cell
Now that the install is complete we will create a cell because all services are installed on a single machine.
NOTE: If you did not Start the Profile Management Tool in the last step, you can do that now by going to Start - Apps - IBM WebSphere - Profile Management Tool
15.
16. Again, I chose cell here because everything is installed on a single machine. A more likely scenario would be the DMGR and Connections Node(s) are on different machines. In which case you would install the DMGR first (choosing Management here) then install the primary node second (choosing Application server here) then federated the node with the DMGR using the addNode.bat command.
17.
18. People typically chose wasadmin here, I like to use localadmin to remind myself that this is a user created in the local WAS filestore. Either way is fine, just make sure this user does not exist in LDAP.
19.
20.
21.
WebSphere Application Server is now installed on the machine
3. Enable security with LDAPIn this process we will start WAS and enable security
3.1. Start the DMGR and nodeagent
1. Start the DMGR by running: C:\IBM\WebSphere\AppServer\profiles\Dmgr01\bin>startManager.bat
2. Start the nodeagent by running C:\IBM\WebSphere\AppServer\profiles\AppSrv01\bin>startNode.bat
3.2. Enable security with an LDAP Directory1. Open a browser to the DMGR Integrated Solutions Console
(http://cprice55.swg.usma.ibm.com:9060/ibm/console) Because security is enabled, you will be redirected to the ssl port to login - if necessary accept the certificate
2. Login with the user created during the WebSphere Application Server install
3. Open Security – Global Security4. Select Federated Repositories from the Available realm definitions field, and then click
Configure.
5. Click Add Repositories
6. and then, on the Repository reference page, click New Repository - LDAP repository
7. On the New page, type a repository identifier, such as myFavoriteRepository (I used icldap IDSinto the Repository identifier field.
Specify the LDAP directory that you are using in the Directory type field.
Type the host name of the primary LDAP directory server in the Primary host name field.
The host name is either an IP address or a domain name service (DNS) name.
Provide values for the Bind distinguished name and Bind password fields.
Specify the login attribute or attributes that you want to use for authentication in the Login properties field. Separate multiple attributes with a semicolon. For example: uid;mail. NOTE: I would recommend having the first attribute uid, if you use something other than uid as the first attribute, there are a number of post install steps that will need to be completed, it's just easiest if you keep uid as the first attribute in the login settings.
Click Apply
8. and then Save
9. Set the base entry fields, and click OK
NOTE: If this was Domino LDAP, set the first entry to root, and leave the second blank. 'root' is a special setting for WebSphere that tells it not to use a base. This will allow domino customer to find the user in the primary directory and all secondary directories, as well as all flat groups.
All other LDAP directories, set the entry to the base of your directory. My LDAP directory is IBM Directory Server, so I set the base to dc=ibm,dc=com
10. and then Save
11. In the Repository Identifier column, click the link for the repository or repositories that you just added.
12. In the Additional Properties area, click the Federated repositories entity types to LDAP object classes mapping link.
13. Click the Group entity type and modify the object classes mapping.
14. Set the objectClass to the group objectClass for you directory, and add the search base for groups, Click Apply,NOTE: For IDS this is typically groupOfUniqueNames,ActiveDirectory this is typically Group
Domino this is typically dominoGroup
15. and then click Save to save this setting.
16. You can do the same for PersonAccount, in my LDAP, we use inetOrgPerson, so I did not change anythingIDS it typically inetOrgPersonActive Directory is typically personDomino is typically dominoPerson
17. In the navigation links at the top of the page, click the name of the repository that you have just modified to return to the Repository page.
18. Complete the following steps for group membershipa. Click the Group attribute definition link in the Additional Properties area,
b. and then click the Member attributes link.
c. Click New to create a group attribute definition.
d. Enter group membership values in the Name of member attribute and Object class fields. Click OkIDS typically would be uniquemember : groupOfUniqueNamesActive Directory typically would be member : group
Domino typically would be member : dominoGroup
e. and then click Save to save this setting.
19. Set the memberOf attribute to help with login performancea. Click on Group attribute definition to go back 1 level
b. set the Name of group membership attribute to the attribute in the person record that contains the groups a user is a member of.IDS this is ibm-allgroups with scope of nestedActive Directory this is memberOf with scope of direct
Domino this is dominoAccessGroups with scope of nested
For IDS and Domino set the scope to Nested, for AD use Direct, otherwise nested groups will not work correctly in AD
Click OK
c. Click Save
20. Enable Application security:a. Click Global Security in the navigation links at the top of the page.
b. Select the Enable administrative security under Administrative Security and Enable application security under Application Security check boxes. Make sure the Java 2 security check box is unchecked and click Apply
c. and then click Save to save this configuration.
21. Finally Enable Single Sign On settings.
a. open Web and SIP security and select Single sign-on (SSO)
b. Set the domain name to the hostname you use to access connections (.ibm.com), you can enable Interoperability mode if you want - if you do set LTPA V1 cookie name to LtpaToken (case is important) -- I did not enable this for my environmentset LTPA V2 cookie name to LtpaToken2 (case is important)
I recommend you uncheck Web inbound security attribute propagation and Set security cookies to HTTPOnly (this one must be unchecked if you want to enable Sametime awareness with an STProxy server)
Click OK
c. Save the configuration
22. Log out of the WebSphere Application Server Integrated Solutions Console and restart WebSphere Application Servera. Run C:\IBM\WebSphere\AppServer\profiles\Dmgr01\bin>stopManager.bat -username
localadmin -password passwordb. Then C:\IBM\WebSphere\AppServer\profiles\Dmgr01\bin>startManager.bat
23. Verify that users in the LDAP directory have been successfully added to the repository:a. From the WebSphere Application Server Integrated Solutions Console, select Users and
Groups > Manage Users.b. In the Search by field, enter a user name that you know to be in the LDAP directory and
click Search. If the search succeeds the user exists in your LDAP directory.c. Click on the user, then click the Groups tab, you should see a list of groups the user
belongs to
24. Once the DMGR is finding users correctly from LDAP, restart the nodeagent to pick up the changes by runninga. C:\IBM\WebSphere\AppServer\profiles\AppSrv01\bin>stopNode.bat -username
localadmin -password password
b. C:\IBM\WebSphere\AppServer\profiles\AppSrv01\bin>startNode.bat
4. Install DB2 10.5 fixpack 6In this step we will Install DB2.
Software needed for this step:
IBM Connections V5.5 for IBM Connections Suite V5.5 Multiplatform Multilingual eAssembly (CRY8MML)
IBM DB2 Server V10.5 for Windows on AMD64 and Intel EM64T systems (x64) Multilingual (CIW3YML )
I extracted this to C:\Downloads\ic55\DB2105
DB2 10.6 - Fixpack 6: http://www-01.ibm.com/support/docview.wss?uid=swg27007053
DB2 Universal Fix pack 6
I extracted this to C:\Downloads\ic55\DB2105fp6
4.1. Install DB2 10.1 Enterprise Server
1. Run C C:\Downloads\ic55\DB2105\SERVER\image\setup.exe
2.
3.
4.
5.
6.
7.
8.
9.
10.
11.
12.
13.
14.
15.
4.2. Install DB2 10.5 fp6In this step we will apply the DB2 10.5 fixpack 6.
1. Run C:\Downloads\ic55\DB2105fp6\UNIVERSAL\setup.exeScroll down and click Work with Existing under DB2 Version 10.5 Fix Pack 6 Workgroup, Enterprise and Advanced Editions
2.
3.
4.
5.
6.
7.
5. Create the Connections Databases
5.1. Create a dedicated db2 user for IBM Connections1. Click Start >Administrative Tools
2. Double click on Computer Management.
3. From the Computer Management console, select System Tools > Local Users and Groups.4. Right-click Users and select New User.
5. Add a user named lcuser. Enter the required details, including the password. Clear the User must change password at next logon check box. Click Create.
6. Click Close.7. Open the Users object, right-click lcuser, and select Properties from the context menu.
8. Click the Member Of tab and then click the Add button.
9. Type DB2USERS in the Enter the object names to select field, and click Check Names.
10. This should resolve to the local DB2USERS group, Click OK.
11. Click OK again to save your changes and Close the Computer Management console
5.2. Create Connections databases with wizardSoftware needed for this step:
IBM Connections Day 1 fixes:http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=Collaboration%2BSolutions&product=ibm/Lotus/Lotus+Connections&release=5.5.0.0&platform=All&function=all
interim fix: 5.5.0.0-IC-D1-DBWizard-LO87408-Windows
Make sure to extract interim fix: 5.5.0.0-IC-D1-DBWizard-LO87408-Windows to a location on the DB2 Server. I extracted to C:\Downloads\ic55\WizardsNOTE: The download zip will extract an exe file (IBM_Connections_5.5_wizards_win.exe) then run the exe file which will extract the Wizard directory.
1. Log into the machine as the db2 administrator (db2admin)2. Run C:\Downloads\ic55\Wizards\dbWizard.bat
3.
4.
5.
6.
7.
8.
9.
6. Install and configure Tivoli Directory Integrator 7.1.1 fp3Software needed for this step:
IBM Tivoli Directory Integrator Identity Edition V7.1.1 for Windows - x86-64, Multilingual (CZUF7ML )
TDI 7.1.1 - fixpack 3: http://www-01.ibm.com/support/docview.wss?uid=swg27010509
In this step, we will install TDI 7.1.1and apply fix pack 3.
6.1. Install Tivoli Directory Integrator 7.1.1Extract IBM Tivoli Directory Integrator Identity Edition V7.1.1 for Windows - x86-64, Multilingual (CZUF7ML ) (I used C:\DownloadDirector\ic5\TDI711\TDI711)
Because I am using Windows 2012, I have to launch the install a bit differently, the following technote has details on the first steps I going through to run the install of TDI. If this was Windows 2008, I could simply use launchpad.exe
http://www-01.ibm.com/support/docview.wss?uid=swg21634336
1. Go to C:\Downloads\ic55\TDI711\windows_x86_64, right click on install_tdiv711_win_x86_64.exe and chose properties
2. Under the Compatibility mode section, set the check box to true for "Run this program in compatibility mode for"Under the drop down select Windows 7 .Click on OK to apply the compatibility mode.
3. Run install_tdiv711_win_x86_64.exe
4.
5.
6.
7.
8.
9.
10.
11.
12.
13.
14.
15.
16. Uncheck Start Configuration Editor and click Done
6.2. Install TDI 10.1.1 fixpack 3Download and extract FP3 on the server. (I extracted to C:\Downloads\ic55\TDI711\TDI711pf3)
1. Copy UpdateInstaller.jar from C:\Downloads\ic55\TDI711\TDI711pf3\7.1.1-TIV-TDI-FP0003to C:\IBM\TDI\V7.1.1\maintenance
overwriting the existing file
2. Copy amc.jar from C:\DownloadDirector\ic5\TDI711\TDI711pf3\7.1.1-TIV-TDI-FP0003to C:\IBM\TDI\V7.1.1\lwi\runtime\isc\eclipse\plugins\AMC_7.1.1.0\WEB-INF\lib
overwriting the existing file
3. RunC:\IBM\TDI\V7.1.1\bin>applyUpdates.bat -update " C:\Downloads\ic55\TDI711fp3\7.1.1-TIV-TDI-FP0003\TDI-7.1.1-FP0003.zip"
4. After the fix pack is installed, verify the Tivoli Directory Integrator fix pack version installed on your system by running
C:\IBM\TDI\V7.1.1\bin\applyUpdates.bat -queryreg
Information from .registry file in: C:\IBM\TDI\V7.1.1Edition: IdentityLevel: 7.1.1.3License: None
Fixes Applied=-=-=-=-=-=-=TDI-7.1.1-FP0003(7.1.1.0)
Components Installed=-=-=-=-=-=-=-=-=-=BASESERVER -TDI-7.1.1-FP0003CE -TDI-7.1.1-FP0003JAVADOCS -TDI-7.1.1-FP0003EXAMPLESEMBEDDED WEB PLATFORMAMC Deferred: false
6.3. Configure TDI1. Copy the db2jcc.jar and db2jcc_license_cu.jar files from the java subdirectory of the
directory where you installed DB2 (C:\IBM\SQLLIB\java).Paste the files into the jvm/jre/lib/ext subdirectory of Tivoli Directory Integrator. (C:\IBM\TDI\V7.1.1\jvm\jre\lib\ext)
2. Increase the runtime memory for TDI and disable the JIT compilera. Edit C:\IBM\TDI\V7.1.1\ ibmdisrv.batb. At the bottom of the file look for
"%TDI_JAVA_PROGRAM%" -classpath "%TDI_HOME_DIR%\IDILoader.jar" %ENV_VARIABLES% com.ibm.di.loader.ServerLauncher %*
change this to
"%TDI_JAVA_PROGRAM%" -Xms256M -Xmx1024M -Xnojit -classpath "%TDI_HOME_DIR%\IDILoader.jar" %ENV_VARIABLES% com.ibm.di.loader.ServerLauncher %*
c. Save and Close the file
7. Populate the profiles database using wizard
Software needed for this step:
IBM Connections Day 1 fixes:http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=Collaboration%2BSolutions&product=ibm/Lotus/Lotus+Connections&release=5.5.0.0&platform=All&function=all
• interim fix: 5.5.0.0-IC-D1-DBWizard-LO87408-Windows
1. Copy the Wizards directory from the IBM Connections day 1 fixes download (interim fix: 5.5.0.0-IC-D1-DBWizard-LO87408-Windows) to the system where Tivoli Directory Integrator is installed.
2. Run C:\Downloads\ic55\Wizards\populationWizard.bat
3.
4.
5.
6.
7.
8. Set the base to match the case in the LDAP directory.
9. Update the mapping of any attributes in LDAP you want to sync over to the profiles database. The most important one is guid. By default this maps to an attribute in LDAP that
is controlled by the LDAP directory and will never change for a user. This attribute is used the internal ID of the user in Connections and should never change. the default guid is typically the best attribute to use, however if your organization has a policy where when a user is modified in LDAP you remove them from the directory and re-add them, then another attribute may be best for you. Ideally you want to have an attribute that will never change for a specific user.NOTE: If you change this from the default mapping additional changes will need to be made in Connections after the install. I will discuss those changes when appropriate.
10.
11.
12.
7.1. Copy tdisol directory to keep profiles and LDAP in sync
1. Go to C:\IBM\TDI\V7.1.1 and create a tdisol directory2. Copy the TDI directory from C:\Downloads\ic55\IC_55\Wizards\TDIPopulation\win to C:\
IBM\TDI\V7.1.1\tdisol3. This directory has the settings from when you populated the profiles database. Periodically
as users are added, removed or updated in LDAP you need to run the sync_all_dns.bat from this directory to keep the profiles database and LDAP directory in sync
NOTE: You may want to go ahead and create a windows task run the “sync_all_dns.bat” command nightly to keep the LDAP directory in sync with profiles database.
7.2. Update profiles_tdi.properties
When you run the sync_all_dns.bat TDI will get a list of all the users in LDAP and in the profiles database, then will compare the users to determine if a user in LDAP and profiles is the same user. By default we use the uid attribute for that comparison. This should be an attribute that will never change in LDAP or the profiles database. In many cases the uid attribute works well, but if in your organization, if a users name changes, their uid changes, this may not be the best choice for you. If you already updated the guid when populating the profiles database to an attribute that will never change, or if the default guid will never change I would recommend updating the hash key to guid for the sync command as well.
1. Open C:\IBM\TDI\V7.1.1\tdisol\TDI\profiles_tdi.properties2. update sync_updates_hash_field and set it to guid
sync_updates_hash_field=guid
NOTE: You can set this setting to guid, uid or mail
8. Install and Configure IBM HTTP Server 8.5.5.7
Software needed for this step:
IBM Connections V5.5 for IBM Connections Suite V5.5 Multiplatform Multilingual eAssembly (CRY8MML)
IBM WebSphere Application Server V8.5.5 Supplements (1 of 3) for Multiplatform Multilingual (CIK1VML )
IBM WebSphere Application Server V8.5.5 Supplements (2 of 3) for Multiplatform Multilingual (CIK1WML )
IBM WebSphere Application Server V8.5.5 Supplements (3 of 3) for Multiplatform Multilingual (CIK1XML )
NOTE: Extract all files to the same directory. I used C:\Downloads\ic55\WASsupp855
WebSphere Application Server Supplements 8.5.5 fixpack 7 - http://www-01.ibm.com/support/docview.wss?uid=swg24040533
NOTE: Extract both parts to the same directory. I used C:\Downloads\ic55\WASsupp855fp7
In this step we willInstall IBM HTTP Server 8.5.5.6Install the plugin for the HTTP ServerConfigure IHS with the DMGRConfigure SSL on IHS
Typically I do this step after the install of Connections, however in the 5.5 installer there is an option to map the HTTP Server with the Connections web modules, so I went ahead and
installed the IBM HTTP Server here and configured SSL. Now the install of Connections will complete the integration of Connections and the IBM HTTP Server.
8.1. Install IBM HTTP Server 8.5.5.7
1. Run IBM Installation Manager by going to Start - All Apps - IBM Installation Manager - IBM Installation Manager
2. Go to File --> Preferences
3.
4. Browse to the location of the WAS 8.5.5 Supplements files and supplements fp7 filesUncheck Search service repositories during installation and update and click Ok
5.
6. Select IBM HTTP Server v8.5.5.5, Plug-ins v8.5.5.5 and WebSphere Customization Toolbox click Next>
7.
8. Make sure to select IBM HTTP Server, Web Server Plug-ins for IBM WebSphere Application Server and WebSphere Customization Toolbox and change the Install path:
9.
10.
11.
12.
8.2. Configure Plug-In with WebSphere Customization toolbox1. If the Web Server Plug-in Customization Toolbox is not running start it by going to Start --
Apps - IBM WebSphere - Web Server Plug-in Configuration Toolbox
2.
3.
4. Set Name to Plugin Location, and browse to where you installed the plugin in the previous step
5.
6.
7.
8. Add anIHS administrator name. This user should NOT exist in LDAP
9.
10.
11. I am installing everything on the same machine, so I chose Local:
12. Make sure to select the Application Server profile, NOT the DMGR
13.
14.
15.
16. Copy configurewebserver1.bat from C:\IBM\WebSphere\Plugins\bin to C:\IBM\WebSphere\AppServer\bin
17. From a command prompt run C:\IBM\WebSphere\AppServer\bin>configurewebserver1.bat -user localadmin -password password
18. At this point if you log into the IBM Integrated Solution Console, go to Servers - Server Types - Web Servers, you should see the webserver1 that was just created
9. Configure SSL on IBM HTTP Server
When using connections, all communication between components occurs over SSL, also, when you click login, we send the user to an ssl address, so you must configure SSL on the IBM HTTP Server that will run in front of Connections.
Setting up SSL on the http server is a 5 step process.
Create the SSL key file for IHSConfigure httpd.conf to listen over ssl
9.1. Create the SSL key file for IHS1. Start - Apps - IBM HTTP Server V8.5 - Start Key Management Utility
2. Click Key Database File - New
3. Set Key database type to CMSselect a filename and locationNOTE: make sure all folders in the path are already created. I had to create the ssl folder under IBM\HTTPServer
4. Set password and Stash the password to a file
5. While in Personal Certificates, click New Self-Signed…
6. Set the Key Label and Common name to the hostname of the IHS Server, and set validity period to the length of time you want this certificate to be valid, I chose 10 years because it's just a test environment and I don't want to have to update it:
NOTE: If you want to use a key size larger than 2048, you will need to update to the to the unrestricted policy files in WebSphere. The following technote has details: http://www-01.ibm.com/support/docview.wss?uid=swg21663373
7. Close the Key Management utility
9.2. Configure httpd.conf to listen over ssl1. Open C:\IBM\HTTPServer\conf\httpd.conf2. Add the following lines just above the was_ap22_module module
LoadModule ibm_ssl_module modules/mod_ibm_ssl.so<IfModule mod_ibm_ssl.c> Listen 0.0.0.0:443<VirtualHost *:443>ServerName cprice55.swg.usma.ibm.com #DocumentRoot C:\IBM\HTTPServer\htdocsSSLEnableSSLProtocolDisable SSLv3 SSLv2</VirtualHost></IfModule>SSLDisableKeyfile "C:\IBM\HTTPServer\ssl\ihskey.kdb"SSLStashFile "C:\IBM\HTTPServer\ssl\ihskey.sth"
LoadModule was_ap22_module "C:\IBM\WebSphere\Plugins\bin\32bits\mod_was_ap22_http.dll"WebSpherePluginConfig……
3. Save and Close httpd.conf
4. Restart the IBM HTTP Server service
5. At this point you will be able to access https://cprice55.swg.usma.ibm.com
9.3. Add the HTTP Server certificate to WebSphere trust store
1. Open the WAS Admin console (https://cprice55.swg.usma.ibm.com:9043/ibm/console) and login
2. Open Security – SSL certificate and key managementUnder Related Items, select Key stores and certificates
3. Click on CellDefaultTrustStore
4. Click on Signer Certificates
5. Click on Retrieve from port
6. Enter a host, port and alias of the HTTP Server and click Retrieve signer information
7. Click OK
8. Click Save
9. Close the Integrated Solutions Console
10. Install IBM Connections 5.5Software needed for this step:
Extract the following downloadsIBM Connections V5.5 for IBM Connections Suite V5.5 Multiplatform Multilingual eAssembly (CRY8MML)
IBM Connections V5.5 for Windows Multilingual (CN808ML ) I extracted to C:\Downloads\ic55\IBM_Connections_Install\
As well as the FileNet download files:
IBM Connections Content Manager V5.5 for IBM Connections Suite V5.5 Multiplatform Multilingual eAssembly (CRY8NML)
IBM FileNet Content Engine V5.2.1 Windows Multilingual (CN216ML ) IBM FileNet Content Engine Client V5.2.1 Windows English (CN225EN )
IBM Content Navigator V2.0.3 for IBM Connections Enterprise Content Edition (CECE) V5.2 Multiplatform Multilingual eAssembly (CRVX7ML)
IBM Content Navigator V2.0.3 Windows Multilingual (CN0PVML )
FileNet Components
FileNet Content Engine 5.2.1 FP2 and Content Engine Client 5.2.1 FP2 - http://www.ibm.com/support/fixcentral/swg/quickorder?parent=FileNet%2BProduct%2BFamily&product=ibm/Information+Management/FileNet+Content+Engine&release=5.2.1.2&platform=All&function=all&useReleaseAsTarget=true&source=fc
fix pack: 5.2.1.2-P8CPE-WIN-FP002
fix pack: 5.2.1.2-P8CPE-CLIENT-WIN-FP002
IBM Content Navigator 2.0.3 FP5 - http://www.ibm.com/support/fixcentral/swg/quickorder?parent=Enterprise%2BContent%2BManagement&product=ibm/Other+software/Content+Navigator&release=2.0.3&platform=All&function=all&source=fc
Make sure to get the 2.0.3-ICN fixpack for your OS:fix pack: 2.0.3-ICN-FP005-WIN
The FileNet files are all extracted into their own directory I used C:\Downloads\ic55\FileNet
I extracted the downloads in the following order, simply overwriting any existing files:
FileNet Content Engine 5.2.1 - FN_CE_5.2.1_WINDOWS_ML.zip IBM Content Navigator 2.0.3 - IBM_CTNT_NAVI_2.0.3_WIN_ML.zip FileNet Content Engine 5.2.1 FP2 - 5.2.1.2-P8CPE-WIN-FP002.zip FileNet Content Engine Client 5.2.1 FP2 - 5.2.1.2-P8CPE-CLIENT-WIN-FP002.zip IBM Content Navigator 2.0.3 FP5 - 2.0.3-ICN-FP005-WIN.zip
NOTE: Before you start the install. If you installed WebSphere Application Server in a non-English locale, you should review the following technote to ensure the FileNet componets will install correctly
http://www-01.ibm.com/support/docview.wss?uid=swg21968883
1. Make sure to restart the DMGR and nodeagents just before starting the install.a. Stop nodeagent:
C:\IBM\WebSphere\AppServer\profiles\AppSrv01\bin>stopNode.bat -username localadmin -password password
b. Stop DMGR:C:\IBM\WebSphere\AppServer\profiles\Dmgr01\bin>stopManager.bat -username localadmin -password password
c. Start DMGR:C:\IBM\WebSphere\AppServer\profiles\Dmgr01\bin>startManager.bat
d. Start nodeagent:C:\IBM\WebSphere\AppServer\profiles\AppSrv01\bin>startNode.bat
2. Run C:\Downloads\ic55\IBM_Connections_Install\IM\install.bat, Click Install IBM Connections 5.0.0, and click Launch the IBM Connections 5.0 install wizard
3.
4. I removed Program Files from the path:
5. Scroll down and selected IBM Connections Content Manager if you want
6.
7.
8.
9. The user fnanon is a system user in my LDAP directory that will only be used for anonymous access to FileNet
10. Scroll down to enter the location of the FileNet installs you downloaded and extracted before starting the install, and click Validate
11.
12.
13.
14. Enter the information, then scroll down and click Validate
15.
16.
17.
18.
19.
20.
21.
22.
23.
24.
25.
NOTE: My install took about 2 hours to complete.
Once the install finishes, look in the nodeagent systemout.log log located at C:\IBM\WebSphere\AppServer\profiles\AppSrv01\logs\nodeagent for the following line:
ADMA7021I: Distribution of application <connections_app> completed successfully.
You will see the following applications get synced:
ADMA7021I: Distribution of application commsvc completed successfully.ADMA7021I: Distribution of application ibmasyncrsp completed successfully.ADMA7021I: Distribution of application Activities completed successfully.ADMA7021I: Distribution of application Mobile completed successfully.ADMA7021I: Distribution of application FileNetEngine completed successfully.ADMA7021I: Distribution of application navigator completed successfully.ADMA7021I: Distribution of application Files completed successfully.ADMA7021I: Distribution of application Forums completed successfully.ADMA7021I: Distribution of application News completed successfully.ADMA7021I: Distribution of application PushNotification completed successfully.ADMA7021I: Distribution of application RichTextEditors completed successfully.ADMA7021I: Distribution of application Search completed successfully.ADMA7021I: Distribution of application Profiles completed successfully.ADMA7021I: Distribution of application WidgetContainer completed successfully.ADMA7021I: Distribution of application Moderation completed successfully.ADMA7021I: Distribution of application Dogear completed successfully.ADMA7021I: Distribution of application Wikis completed successfully.ADMA7021I: Distribution of application Common completed successfully.ADMA7021I: Distribution of application WebSphereOauth20SP completed successfully.ADMA7021I: Distribution of application Blogs completed successfully.ADMA7021I: Distribution of application Metrics completed successfully.ADMA7021I: Distribution of application Homepage completed successfully.ADMA7021I: Distribution of application URLPreview completed successfully.ADMA7021I: Distribution of application Help completed successfully.ADMA7021I: Distribution of application ConnectionsProxy completed successfully.ADMA7021I: Distribution of application Mobile Administration completed successfully.ADMA7021I: Distribution of application Communities completed successfully.ADMA7021I: Distribution of application Extensions completed successfully.
10.1. Set the JVM heap size
1. Open the Integrated Solution Console and logina. Open a browser to http://cprice55.swg.usma.ibm.com:9060/ibm/console and login as
localadmin : password
1. Go to Servers > Server Types > WebSphere application servers and click on the connections cluster server
2. on the right hand side, scroll down to Server Infrastructure, open Java and Process Management and click on Process definition
3. Click on Java Virtual Machine
4. Make sure the install setInitial heap size: 512Maximum heap size: 2560
5. If you change these, click OK and Save
6. Synchronize the Nodes
a. Go to System administration > Nodesb. If the nodes are out of sync, Select the Connections node, and click Full Resynchronize
10.2. Configure HTTP Server plugin with Connections
Because I chose to configure the Web Server during the install, the settings and configuration for Connections will use the IBM HTTP Server url for communication. So before I start the server for the first time, I need to make sure the HTTP Server plugin is configured to access the different Connections components.
1. If it's not already open, open a browser to the Integrated Solutions Console and login (http://cprice55.swg.usma.ibm.com:9060/ibm/console)
2. Click on Servers – Server Types – Web servers
3. Select the webserver and click Generate Plug-in
4. Select the webserver and click Propagate Plug-in
5. Open C:\IBM\HTTPServer\conf\httpd.conf in notepad6. at the bottom of the file find the following line:
LoadModule was_ap22_module "C:\IBM\WebSphere\Plugins\bin\32bits\mod_was_ap22_http.dll"WebSpherePluginConfig "C:\IBM\WebSphere\Plugins\config\webserver1\plugin-cfg.xml"
Make sure the value for WebSpherePluginConfig matches where the plugin-cfg.xml was propagated to
7. Close the httpd.conf
8. Restart the IBM HTTP Server 8.5 service
10.3. Start IBM Connections
1. Start IBM Connections, wait for the node to completely sync, then run the following commands to start the environmenta. Stop the nodeagent:
C:\IBM\WebSphere\AppServer\profiles\AppSrv01\bin>stopNode.bat -username localadmin -password password
b. Stop the DMGR:C:\IBM\WebSphere\AppServer\profiles\Dmgr01\bin>stopManager.bat -username localadmin -password password
c. Start the DMGRC:\IBM\WebSphere\AppServer\profiles\Dmgr01\bin>startManager.bat
d. Start the nodeagent:C:\IBM\WebSphere\AppServer\profiles\AppSrv01\bin>startNode.bat
e. Start the Connections node(s):C:\IBM\WebSphere\AppServer\profiles\AppSrv01\bin>startServer.bat iccluster_server1
Once you get the successfully started message, you are ready to access Connections over the http server address
11. Configure additional IBM HTTP Server settingsHere are some post install steps to help with performance
11.1. Configure HTTP Server to compress some files
1. Open httpd.conf (c:\IBM\HTTPServer\conf)
2. Find the following entries in the configuration file:LoadModule headers_module modules/mod_headers.soLoadModule deflate_module modules/mod_deflate.so
and uncomment them
3. Add the following after all the LoadModule's
#Only the specified MIME types will be compressed.
AddOutputFilterByType DEFLATE application/atom+xmlAddOutputFilterByType DEFLATE application/atomcat+xmlAddOutputFilterByType DEFLATE application/javascriptAddOutputFilterByType DEFLATE application/jsonAddOutputFilterByType DEFLATE application/octet-streamAddOutputFilterByType DEFLATE application/x-javascriptAddOutputFilterByType DEFLATE application/xhtml+xmlAddOutputFilterByType DEFLATE application/xmlAddOutputFilterByType DEFLATE text/cssAddOutputFilterByType DEFLATE text/htmlAddOutputFilterByType DEFLATE text/javascriptAddOutputFilterByType DEFLATE text/plainAddOutputFilterByType DEFLATE text/xmlAddOutputFilterByType DEFLATE text/xsl
4. Add the following statement to specifically indicate that image files and binaries must not be compressed to prevent web browser hangs:
# Ensures that images and executable binaries are not compressedSetEnvIfNoCaseRequest_URI \\.(?:gif|jpe?g|png|exe)$ no-gzip dont-vary
5. Add the following statement to ensure that proxy servers do not modify the User Agent header needed by the previous statements:
# Ensure that proxies do not deliver the wrong contentHeader append Vary User-Agent env=!dont-vary
6. Add the following statement to ensure you can access the acce tool (admin client for FileNet)SetEnvIf Request_URI ^/acce(.*) no-gzip dont-vary
11.2. Configure Connections to use IHS to download files
This is an optional step, but recommended in the infocenter. See the following section for details. http://www-01.ibm.com/support/knowledgecenter/SSYGQH_5.5.0/admin/install/t_install_post_files_downloads.dita
11.3. Conifgure Connections to use IHS to upload filesThis is again an option step, but recommended in the infocenter. See the following section for details.http://www-01.ibm.com/support/knowledgecenter/SSYGQH_5.5.0/admin/install/t_install_post_files_uploads.dita
12. Configure IBM Connections Content Manager Libraries
During the install of Connections Filenet was deployed on the system. Post install we need to configure the FileNet global configuration domain and objectstore. There are 2 batch files we will use to automatically create these.
12.1. Create Filenet Global Configuration Domain (GCD)
1. If not running, start IBM Connections by running:C:\IBM\WebSphere\AppServer\profiles\Dmgr01\bin\startManager.batC:\IBM\WebSphere\AppServer\profiles\AppSrv01\bin\startnode.batC:\IBM\WebSphere\AppServer\profiles\AppSrv01\bin\startserver.bat iccluster_server1
2. Run C:\IBM\Connections\ccmDomainTool\createGCD.bat3. First it will ask you for the DMGR admin ID (localadmin for my environment), then the
password
4. Enter Y to regenerate the dminfo.properties file
5. Next I added an administrator group from my LDAP directory
6.
12.2. Create FileNet ObjectStore
7. Run C:\IBM\Connections\ccmDomainTool\createObjectStore.bat
8. First enter the WebSphere admin username and password
9. I chose Y to regenerate the dminfo.properties file
10. Same as I did with the GCD, I set the administrator group from my LDAP directory
11. Next enter the url used to access Connections (https://cprice55.swg.usma.ibm.com) NOTE: It must be the SSL url
12.
13. Restart Connections
13. Apply Connections 5.5 Recommended updatesAs of December 29, 2015 the recommended updates were the Day1 ifixes and Type-ahead search. See the following technote for latest recommended updates:
http://www-01.ibm.com/support/docview.wss?uid=swg21972646
Software used in this step:
IBM Connections Day 1 fixes:http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=Collaboration%2BSolutions&product=ibm/Lotus/Lotus+Connections&release=5.5.0.0&platform=All&function=all
interim fix: 5.5.0.0-IC-Multi-IFLO87330 interim fix: 5.5.0.0-IC-Common-IFLO87469 refresh pack: 5.5.0.0-IC-Multi-UPDI-20151218 5.5.0.0-TypeAhead-20151218
13.1. Install the Day1 ifixes
1. Extract the refresh pack: 5.5.0.0-IC-Multi-UPDI-20151218, this will create an AIX-Linux and Windows directory. Under the Windows directory is UpdateInstaller.zip
Extract UpdateInstaller to C:\IBM\Connections
2. Copy the following jar files to C:\IBM\Connections\updateinstaller\fixesinterim fix: 5.5.0.0-IC-Multi-IFLO87330 (5.5.0.0-IC-Multi-IFLO87330.jar)interim fix: 5.5.0.0-IC-Common-IFLO87469 (5.5.0.0-IC-Common-IFLO87469.jar)
3. Open a command prompt and run C:\IBM\WebSphere\AppServer\profiles\Dmgr01\bin>setupCmdLine.bat
4. In the same command prompt, start the update installer by running C:\IBM\Connections\updateInstaller>updateWizard.bat
5.
6.
7.
8.
9.
10.
11.
12.
13. After the fix has been applied, shut Connectiosn down. Delete the contents of C:\IBM\WebSphere\AppServer\profiles\AppSrv01\temp -
NOTE: If this step is missed when you access connections again, you will see the theme from Connectons 5.0
14. Restart Connections and it should be ready to use.