IBM Connections 4 Part 1: Overview, Planning, Installing, Migrating
IBM Connections 4 Documentation Part 1: Overview, Planning, Installing, Migrating
Product overview
Learn how to deploy, customize, and administer the IBM® Connections social networking product.
What is IBM Connections?
IBM Connections is social networking software that consists of these applications: Activities, Blogs, Bookmarks, Communities, Files, Forums, Home page, Metrics, Profiles, and Wikis.
Use the IBM Connections applications to accomplish the following goals:
- Activities
- Collaboration tool for collecting, organizing, sharing, and reusing work that is related to a project goal.
- Blogs
- Online journals that you can use to deliver timely information with a personal touch. You can use a blog to present your ideas and get feedback from others or learn from the expertise of others who blog.
- Bookmarks
- Social bookmarking tool for saving, organizing, and sharing Internet
and intranet bookmarks. Discover bookmarks that have been created
by others with similar interests and expertise.Note: The application was previously named Dogear.
- Communities
- A website where people who share a common interest can interact with one another, share information, and exchange ideas. Community members can participate in community-specific activities and forums, and can share blogs, bookmarks, feeds, and files.
- Files
- A common repository in which you can upload files and share them with others. Store versions of a file, view who has downloaded a file or commented on it, and see highly recommended files.
- Forums
- A place to brainstorm and collect feedback on topics that are relevant to you and your colleagues. Statements and comments are collected in a format that captures the exchange of ideas and presents them as an ongoing conversation.
- Home page
- A central location that provides a snapshot of the latest updates collected from IBM Connections. Perform in-context actions on entries in your activity stream, check the latest updates from the content and people that you are following, stay up to date with the latest notifications and updates that require a response from you, or post your own status updates.
- Profiles
- Directory of the people in your organization, including the information you need to form and encourage effective networks across your organization.
- Metrics
- Statistics tool that collects and displays information about how people use Connections applications. Community metrics show details on a particular community while global metrics show information across all of Connections.
- Wikis
- A tool for creating wikis that individuals, groups, and communities can use to capture, share, and coauthor information. View page changes, recommendations, and comments.
Together, these tools will help you and your colleagues interact with one another more effectively.
What's new in IBM Connections 4?
Find out what has changed or been added with this release of IBM Connections.
What's new in using?
IBM Connections:
- Share a status update or file from anywhere in IBM Connections. Log in and then click the Share link in the header.
- The activity stream displays an aggregated view of the latest updates from people or events that you are following and people in your network. To view more information about an update, repost it, or like it, click the entry to launch the embedded experience.
- IBM Connections now introduces an enhanced Metrics application. Metrics employs the analytic capabilities of the IBM Cognos® Business Intelligence server, which is provided as part of the IBM Connections installation to support the collection of metrics data. Administrators and designated users can work with interactive displays of global metrics by clicking Server Metrics in the footer. Community owners can view non-interactive reports for their communities by clicking Metrics in the navigation pane.
- The rich text editor, which is used across the IBM Connections applications, has been upgraded to CKEditor 3.6.3 in this release. There are a number of new features in the Wikis editor.
- Profiles has been updated to include the activity stream, which shows the profile owner's latest updates from across IBM Connections.
- When viewing your search results, you can filter the results from Profiles to exclude inactive profiles by selecting Exclude Inactive People from the Show menu on the Profiles Search Results page.
- The social analytic widgets now recommend private as well as public content, based on your existing relationships with public and private content in IBM Connections.
- The Trending widget displays a list of the hot topics that are trending in your organization. The widget displays when you filter your search results using the Status Updates option.
- Status updates and microblogging content are now included in the analysis of the relationships that are used to recommend content and people in the social analytics widgets.
Activities:
- Activity members are now displayed in a Members view within the activity instead of in a Members section in the navigation pane.
- Standard activity owners can go to the Members view to make an activity public.
- Titles and descriptions in activity entries are automatically saved so that if you are unexpectedly disconnected from the application, you do not lose your latest changes.
- In an activity entry, you can link to files and folders in the Files application.
- Activity owners can convert an entry into a to do item.
Blogs:
User interface improvements make it easier for you to go directly to your blogs.
Bookmarks:
- A new user interface makes it easier for you to access and manage bookmarks.
- When you install the Add Bookmark browser button, you also have the option to install a Discuss This and Related Community browser buttons for posting web pages to an IBM Connections forum or linking together related communities.
Communities:
- The Events widget allows community owners to share information about upcoming events with the rest of the community.
- For deployments that make use of owner moderation of communities, owners can disable content approval and content flagging on individual communities.
- Use the Related Communities widget to suggest communities for colleagues to join.
- Share status with members of your community.
- The Recent Updates view provides a centralized place to see what is new in a community.
- You can add more information to the community description and it is collapsible.
- LDAP groups can now be added as members of a community.
Files:
- Files now enables you to do the following actions:
- Upload multiple files at the same time.
- Download all of the files in a view.
- Add files to a folder during upload.
- Select and perform actions on multiple files at one time.
- Delete a file version.
- Share folders with communities.
- Give community members access to edit files you own.
- Move files uploaded to a community to trash; from trash you and others can restore or delete the files.
- Stop sharing a file in one action, including removing the file from any shared folders and communities.
- Stop sharing files that were shared with you. For example, if someone shared a file with you, and then you shared the file with a community, you can stop sharing with the community.
- A file’s owners and editors can lock and unlock the file.
- The file lock icon displays a red key in the owner’s view when the file is locked by another user. The file owner can unlock the file at any time.
- A graphic Like option is now available on the file page; the Recommend file option has been changed to a Like file option.
- For files that you are adding or have added to a folder, you can give access to those files to anyone who has access to the folder.
- The files summary page and tabs have been redesigned to provide more information, such as in which folders the file resides and whether the file is referenced by status updates.
- The Communities application contains an option for displaying files that are shared through the community.
- Files that are referenced in one or more status updates are noted as such.
Forums:
- When a user is notified by email that someone has added a topic to a forum, the user can click a Reply to this topic link in the email. This creates a response email the user can add content to and send. This create a new forum topic as a response to the topic they were notified about in the email. Attachments in the email are added to the response topic.
- You can add content from any web page or IBM Connections source to a forum topic by clicking a button in your browser tool bar. Click Bookmark or Discuss This, and then follow the steps for installing the Discuss This button. Then navigate to any web or IBM Connections page, click Discuss This, and select a forum to post the content to.
Home page:
- The Home page user interface has been updated so that it is easier to find information that is important to you. The Updates tab and the Widgets tab have been replaced by a single page with different views available from the navigation sidebar. Use these views to filter the display and check for your latest updates and notifications. For example, you can check the Action Required view for items that require a response from you. The My Notifications view now includes responses to topics in addition to notifications that you have sent and received. For more information about the different views, see Home page views.
- The improved microblogging experience allows you to gather information in a meaningful way and act on it in context. You can now attach files to your status updates, and use hashtags to tag your updates and make them easier for other users to find. You can repost status updates to share information with the people who are following you, or click Like to recommend an update. You can also preview images and download files to work on them locally.
- The steps for following tags from the Home page have changed.
- The Events widget helps you to keep track of upcoming community events that you are attending and that you are following. The widget is available from the activity stream views.
Profiles:
- The The Board tab has been replaced with the Recent Updates tab on the user’s profiles page. The Recent Updates list of posts is similar to the board in that it displays status messages and responses. It also includes information about other actions performed by the profile owner, such as sharing a file or adding a post to a blog. The message posting area itself is essentially identical to the earlier version, enabling you and others to view and post messages to a user’s wall.
- The Recent Posts tab on the Profiles page has been removed. Recent posts appear under the profile owner’s Recent Updates tab.
- Use the Recent Updates area on your profile page to post a status message.
- The business card has been redesigned for improved layout and access.
- On the Invite to My Network page, the Also Follow option is enabled by default.
- You can now accept a network invitation from the inviter's profile page.
- The Network Contact or Pending Invitation indicator label now displays next to the person’s name on their profile page.
- You can now accept an invitation to join a person’s network from that person’s profile page.
Wikis:
- There are no longer My Wikis and Public Wikis tabs. All views are together in the same list.
- See wikis you are following by clicking I'm Following.
- Pages can be removed from a wiki by moving them to the trash. From the trash, pages can be deleted or restored to the wiki.
- You can now download a version of a page from the page comparison view, as an HTML file.
- The wiki editor has been updated. Administrators can divide toolbars into multiple toolbars. You can navigate between toolbars with the Tab key. Also, toolbars now include a button for adding and editing iFrames.
- The wiki editor has two new features: the editor area expands downward as you add content. As your editing space expands, a toolbar displays even if scrolling is required.
What's new in installing?
- The installation wizard is based on IBM Installation Manager 1.4.4.
- You can install and configure IBM Cognos Business Intelligence, obtained separately, by using the scripts, models, and specifications that are included with IBM Connections.
- Console Mode is available. Use this character-based interface to install, modify, or uninstall the product when you do not have access to the graphical interface.
- Silent installation has been extended so that you can install both IBM Connections and IBM Installation Manager in silent mode.
- The initial configuration of administrators for Home page and Blogs is now handled automatically during installation. However, to configure widgets, you still need to assign a Home page administrator.
What's new in administering?
- You can run Profiles synchronization commands in preview mode. See Synchronizing user data using administrative commands.
- There is an entirely new interface for viewing metrics. The Metrics application uses IBM Cognos Business Intelligence to collect and display statistics that show how people use Connections. With the new Metrics application, community owners can view metrics for their own communities, and system administrators plus designated users can view and interact with server-level metrics that show information across all of Connections.
- All of the applications now use Freemarker templates for notifications. This has no effect on email notifications.
- There are several changes to the configuration of IBM Sametime® awareness through the Sametime server. See Adding Sametime awareness through the Sametime server
- You can remove microblogging functionality from your deployment by disabling the microblogging service reference in the LotusConnections-config.xml file.
- The underlying implementation of the Activities content store is changing with release 4. If you are installing Activities for the first time, the new implementation is used to store resources associated with Activities automatically. If you are upgrading from a previous version of Activities, Activities data continues to be stored in the existing content store, which uses the old implementation. If you want to gain the benefits of the new implementation, you can create an additional content store which uses it. See Defining multiple content stores for Activities for more details.
- The Blogs frontpage blog is now created for you by default when you install the Blogs service.
- A new configuration property, connections.blogs.feed.return401_fornopermission_toviewblog, lets you change the error page returned when a user cannot access a blog page from 401 to 403.
- A new configuration property, connections.blogs.onlymembercanvote lets you limit voting in an Ideation blog to community members.
- A new configuration property, connections.blogs.lastModifierDisabled, controls whether or not to display the last modifier information in blogs entries.
- Blogs notification is simplified so that you have fewer notification templates to configure.
- Administrators can control whether Bookmarks links are redirected from the Bookmarks application or whether external links directly access external web pages.
- You can create an administrator who can edit the content of all communities, public and restricted. For more information, see Administering community content.
- You can configure Linked Library widgets (formerly named Custom Library widgets) in communities by editing a new library-config.xml file. Properties in that file control functionality such as whether to display the person card for the ECM users, whether to download files through a proxy or directly from the ECM server, and whether to display the Views dropdown on the main document list. For more information, see Managing Linked Libraries.
- New administrative command options have been made available. See Files administrative commands for details.
- Use the ForumsService.filterInput command to retrieve a subset of forums on which you want to perform an operation.
- You can now manually recalculate the count of forums and forum topics in your organization using administrative commands.
- You can enable and disable a that allows users to click a button to add the contents of a current web or IBM Connections page to a forum. When enabled, users can click Bookmark or Discuss This in the footer of any IBM Connections page and add a Discuss This button to their browser tool bar. When they click it, then select a forum they have posting access to, the current content of the page is added to a new forum topic.
- There is a new command, ForumsTrashService.filterForumsByName(), to help you restore forums from the trash by filtering on forum names.
- You can ensure that only a topic or replay creator can edit their topic or reply.
- The Home page administrative user interface has been updated to include options for adding custom widgets that are based on the OpenSocial gadget specification.
- New database clean-up tasks for the News repository allow you to purge the system of reply-to ID records that have expired and also remove any reply-to attachments that were not properly removed from the shared data store.
- You can use NewsMailinService commands to delete compromised reply-to IDs from the system and ensure that mail-in replies are received from secure IDs only.
- You can control the size of microblog data in your deployment by configuring settings in the news-config.xml file.
- A new administrative command allows you to generate a report of all the communities that the News repository has interacted with.
- In the event of a database failure, you can use the NewsMicrobloggingService.deleteMicroblogs command to delete microblog and associated data for a community from the News repository.
- To enable the display of third-party applications in the activity stream filter list, you must register the applications in the news-config.xml file. For more information, see Registering third-party applications.
- The activity stream search service, which is bundled with the News application, provides an indexing and search infrastructure that enables search capabilities over the activity stream. Administrators can manage the service from a user interface that is accessed using a URL.
- New configuration properties allow you to control how you want the events generated by Profiles to be handled for your deployment.
- The Profiles population wizard now uses JVM version 1.6.
- The configuration model for customizing profiles has been enhanced to clearly separate the definition of the profile data model and the presentation of profile records in the user interface. Much of the process for customizing your profiles deployment has changed. See Customizing Profiles for information on the new methods.
- Most of the profile customization present in your previous release
is migrated to new files provided in this release. However, when migrating
profile data to this release, the following manual tasks are required:
- Profile types used in the widgets-config.xml or profiles-policy.xml must be added to the new profile-types.xml file after migration. See Post-migration step for profile types for details.
- String bundles referenced as resources in the LotusConnections-config.xml file must be copied to the new Connections 4 deployment.
- New TDI properties have been added to the profiles_tdi.properties file to control debug information. See Tivoli® Directory Integrator properties for details.
- New samples have been supplied for reference when creating custom TDI assembly lines. See the following topics for where to find these samples and examples of how to use them:
- Profiles now supplies more standardized modes and attribute configuration options in the TDI Connectors. See Developing custom Tivoli Directory Integrator assembly lines for Profiles for details. For examples see topics such as Using the ProfileConnector and Using the PhotoConnector.
- Error messages and their descriptions have been improved to better convey why errors and warnings occur and what you can do to resolve a particular issue. See Profiles error messages for details.
http://www-10.lotus.com/ldd/appdevwiki.nsf/xpViewCategories.xsp?lookupName=Product%20Documentation
- This release of IBM Connections introduces a new folder structure in which each application has its own index folder. The Search application also uses new folders to contain backup indexes, provide a staging location for the index, store the XML files that are created after an application is crawled, and store the content extracted from files.
- The crawling and indexing processes are now carried out in separate phases so that the process of crawling an application is completed before indexing for that application begins. This update to the two-stage indexing process results in improved reliability and performance.
- When you build the index for the first time, you no longer need to manually copy the index to each node that is running the Search application. This process is now automated.
- The resumption of interrupted or failed crawling and file content extraction now takes place automatically, and is always enabled for both initial and incremental indexing.
- The Search application now has much faster file content extraction due to direct access to the file system used by Files and Wikis to store file content.
- A reduced need for server restarts means that you can now build a new Search index using the background indexing SearchService commands and switch over a production deployment to the new index without a server restart. Similarly, you can update Search configuration options and apply them without a server restart using the reloadSearchConfiguration command.
- Status updates and community events are now included in the content that is indexed by the Search application.
- A new facet known as trending is applied to search results that are specific to status updates. Using this facet, keywords are extracted from recent status updates and weighted based on frequency of use.
- Language guessing has been improved for field-level searches to ensure more accurate search results.
- The command for creating a stand-alone index has been extended to include two additional parameters. These parameters allow you to persist application seedlists to a specified location and also to specify a file content extraction location if you have already extracted file content using the SearchService.startBackgroundFileContentExtraction command or during a previous run of the SearchService.startBackgroundIndex command.
- If you are experiencing problems with crawling, use the SearchService.startBackgroundCrawl command to run a background crawl and verify that the process is completing successfully.
- The SearchService.startBackgroundFileContentExtraction command allows you to extract file content outside of the indexing process.
- By updating a configuration setting in the search-config.xml file, you can specify that interrupted or failed indexing tasks are automatically resumed..
- Additional globalization settings are available for Search. In addition to configuring accent-insensitive searching, you can enable settings to ignore punctuation in search terms and perform a one-to-two mapping in search terms.
- You can perform a number of steps to verify that the Search is working as expected.
- Verbose logging can help you to monitor the progress of the Search crawling and indexing operations. For more information, see Configuring verbose logging.
- The following commands that were previously used for enabling and disabling
indexing tasks according to task type have been replaced. Use
the SearchService.enableTask(String taskName) and SearchService.disableTask(String
taskName) to enable and disable indexing tasks instead.
- SearchService.enableFileContentTask(String taskName)
- SearchService.enableIndexingTask(String taskName)
- SearchService.disableFileContentTask(String taskName)
- SearchService.disableIndexingTask(String taskName)
- A new SearchService command enables you to get a list of the tasks that are currently running for the Search application.
- You can delete all scheduled tasks for Search using the SearchService.deleteAllTasks() command. For more information, see Deleting scheduled tasks for Search.
- If you want to delete all scheduled tasks from the Home page database and restore the default tasks that are automatically configured when you first install the product, use the SearchService.resetAllTasks() command.
- Use the SearchService.retryIndexing command when you want to reindex content that was not indexed successfully during initial or incremental indexing.
- A new administrative command allows you to free up disk space by deleting persisted seedlist data from your system.
- Use the SearchService.listIndexingNodes() command to verify the names of the Search indexing nodes in your deployment. For more information, see Listing indexing nodes.
- When restoring the Search index, the steps that you perform depend on what type of environment you are using. For more information, see Restoring the Search index.
- You can edit settings in the search-config.xml file to specify the maximum number of seedlist threads used when indexing.
- When you add a new node to your deployment after installing IBM Connections, you need to manually create Search work managers for the newly-added node.
- New commands are available to allow you to reload the Search index and configuration without having to restart the Search application.
- You can edit settings for persisted data to specify whether the data is deleted after a successful incremental index and also specify the maximum age for persisted pages.
- Update the seedlistSettings.maximumIncrementalQuerySpanInDays property when you want to avoid performance hits by avoiding unnecessary full search crawls.
- The seedlistSettings.maximumPageSize property allows you to specify the maximum number of items on a search results page.
- You can specify the default timeout for seedlist requests by creating an IBM WebSphere Application Server environment variable named SEARCH_SEEDLIST_TIMEOUT and setting the required value of the timeout.
- You can change your deployment settings so that search results related to inactive users are automatically included in search results.
- A new SearchService administrative command enables you to list the indexing tasks defined for the social analytics service.
- The SearchCellConfig.setSandIndexerTuningcommand lets you tune the social analytics indexing process by configuring the number of iterations used by the indexing jobs. For more information, see Tuning social analytics indexing.
- You can now configure dynamic, global properties for the social analytics service using SearchService commands.
- There are no Wikis administrative updates in this release.
What's new in customizing?
- Review the customization tips and best practices provided to help you to implement and manage customizations in your IBM Connections deployment.
- Many of the customization paths have changed since the previous release of IBM Connections. For more information, refer to the individual task topics in the Customizing section of the product documentation.
- You can customize sprited images by modifying the images and copying them to the appropriate customization directory.
- When you want to completely change the behavior of a Dojo module and you need the change to take effect as soon as the module is loaded, you can override the JavaScript files used by IBM Connections.
- You can extend the user interface by packaging your JavaScript, HTML, and CSS resources as an OSGi bundle when you want to add new functionality, widgets, or scripts to the product.
- In this release of the product, you can extend your deployment by adding custom JSTL tags. For more information, see Extending JSP files with custom tags.
- Customize notifications by modifying existing template files or by replacing files with custom templates created by you. You can also edit the text strings and images used in notifications.
What's new in security?
- OAuth support – You can now use OAuth to support API access to IBM Connections. See Allowing third-party applications access to data and the API Reference and Open Authorization sections of the IBM Social Business Development wiki for details.
- Users can allow applications access to their Connections data without sharing credentials, and revoke that access at any time.
- Also, users can report a malicious application to an administrator who can remove it from the list of applications enabled for OAuth.
What's new in mobile?
- Starting with the IBM Connections 3.0.1 July 2011 Mobile release, you can access IBM Connections from a mobile device using an app designed specifically for that device. With the Connections 4 release, these native apps have been enhanced. To support the enhancements, there is now a database associated with the Mobile application and a configuration file that administrators can edit to customize the native applications.
What's new in developing?
The Connections API documentation has been moved to the API Reference section of the IBM Social Business Development wiki.
What's new in troubleshooting and support?
- Browse the list of frequently-asked troubleshooting questions about the Search application to find solutions to common problems.
- To help you troubleshoot problems with the email digest feature, you can access specific URLs to trigger email digests to be sent to the currently logged-in user or to the next available tranche of users.
- Various error message description tables have been updated in the product documentation, including those for Profiles error messages.
Supported languages
The IBM Connections user interface is available in multiple languages.
- Arabic
- Catalan
- Chinese - simplified and traditional
- Czech
- Danish
- Dutch
- Finnish
- French
- German
- Greek
- Hebrew
- Hungarian
- Italian
- Japanese
- Kazakh
- Korean
- Norwegian
- Polish
- Portuguese -- Brazilian and traditional
- Russian
- Slovenian
- Spanish
- Swedish
- Thai
- Turkish
- Brazilian Portuguese
- Chinese - simplified and traditional
- Czech
- Danish
- English
- French
- German
- Greek
- Hungarian
- Italian
- Japanese
- Korean
- Polish
- Russian
- Spanish
- Turkish
Administrators: Deploying a preview guide to your users
The IBM Connections 4 preview guide is available for you to distribute to your users for new installations and upgrades to IBM Connections 4. This guide is designed to help your users become productive on the new software quickly, and to provide them with links to documentation resources for further help.
About this task
- Overview of several new applications
- Important changes from the previous release
- Familiar applications that remain the same
- Links to product tours, reference cards, and product documentation
- A few key productivity tips
- An Adobe PDF file, ready for emailing, printing, or distributing to your organization.
- An IBM Symphony™ ODT file that can be customized
for your organization; for example, you can add contact information
for your Help Desk. Note: This file includes instructions in blue text for customizing information. Remember to remove these instructions before rolling out the file to your organization.
It is recommended that you distribute the guide to your users before their new IBM Connections software is installed or updated.
Accessibility
Accessibility applications help users who have a disability, such as restricted mobility or limited vision, to use information technology products successfully.
IBM strives to provide products with usable access for everyone, regardless of age or ability.
- Use assistive technologies, such as screen-reader software and digital speech synthesizer, to hear what is displayed on the screen. Consult the product documentation of the assistive technology for details about using those technologies with this product.
- Operate specific or equivalent features using only the keyboard.
- Customize display attributes such as color, contrast, and font size.
- Magnify what is displayed on the screen.
- All documentation is available in HTML formats to give the maximum opportunity for users to apply screen-reader software technology.
- All images in the documentation are provided with alternative text so that users with vision impairments can understand the contents of the images.
IBM Connections user interface
This product uses standard Windows navigation keys. Refer to the Product accessibility topic in the Using section of this product documentation for information about any unique keys that are used by the individual applications.To display the business card, hover over a person's name, and then press Ctrl + Enter to open the business card. Press Tab to set focus to the first element in the business card
For JAWS users: To activate buttons in the user interface, press the Enter key, even when JAWS announces to use the space bar.
For administrators installing the product
For optimal accessibility when installing IBM Connections, follow the instructions to install the product in console mode. See Accessibility applications for installing IBM Connections for more details.
IBM and accessibility
See the IBM Human Ability and Accessibility Center for more information about the commitment that IBM has to accessibility:
Planning
Before installing IBM Connections, study the system requirements, deployment options, and documentation conventions.
Audience
This Installation Guide assumes that you have prior experience with products that support enterprise web applications.
- Install, configure, secure, and administer IBM WebSphere Application Server.
- Install IBM Tivoli Directory Server, Microsoft Active Directory, Sun Java™ System Directory Server, or IBM Lotus Domino® LDAP directory, and then configure WebSphere Application Server to use that LDAP directory with federated repositories.
- Create, manage, and drop IBM DB2®, Oracle, or Microsoft SQL Server databases.
- Install IBM HTTP Server, and then configure it to interact with IBM WebSphere Application Server over HTTP and HTTPS.
Directory path conventions
Directory variables are abbreviations for the default installation paths for IBM AIX®, Linux, and Microsoft Windows. This topic defines the directory variable and its matching default installation directory for each supported operating system.
- The term Linux in this documentation includes the Linux for System z® platform, unless otherwise specified.
- Many examples of directory and file paths in this documentation use the UNIX '/' separator to denote AIX, Linux, and Windows path separators, even though the Windows convention is to use the '\' separator. Where applicable, substitute the '\' separator for the '/' separator.
| Directory variable | Default installation root |
|---|---|
| app_server_root IBM WebSphere Application Server installation directory |
AIX: /usr/IBM/WebSphere/AppServer Linux:/opt/IBM/WebSphere/AppServer Windows:drive:\Program Files\IBM\WebSphere\AppServer where drive is the system drive on which the file directory is stored. For example: C or D. |
| profile_root WebSphere Application Server installation directory |
AIX: /usr/IBM/WebSphere/AppServer/profiles/profile_name Linux:/opt/IBM/WebSphere/AppServer/profiles/profile_name Windows:drive:\Program Files\IBM\WebSphere\AppServer\profiles\profile_name where profile_name is the name of the profile on which the application is installed or the profile name of the deployment manager. drive is the system drive on which the file directory is stored. For example: C or D. |
| ibm_http_server_root IBM HTTP Server installation directory |
AIX: /usr/IBM/HTTPServer Linux:/opt/IBM/HTTPServer Windows:drive:\Program Files\IBM\HTTPServer where drive is the system drive on which the file directory is stored. For example: C or D. |
| connections_root IBM Connections installation directory |
AIX or Linux: /opt/IBM/Connections Windows:drive:\Program Files\IBM\Connections where drive is the system drive on which the file directory is stored. For example: C or D. |
| local_data_directory_root Local content stores |
AIX or Linux: /opt/IBM/Connections/data/local Windows:drive:\Program Files\IBM\Connections\data\local where drive is the system drive on which the directory is stored. For example: C or D. |
| shared_data_directory_root Shared content stores |
AIX or Linux: /opt/IBM/Connections/data/shared Windows:drive:\Program Files\IBM\Connections\data\shared\ where drive is the system drive on which the directory is stored. For example: C or D. |
| IM_root IBM Installation Manager installation directory |
AIX: /opt/IBM/InstallationManager Linux:/var/IBM/InstallationManager Windows:drive:\Program Files \IBM\Installation Manager where drive is the system drive on which the file directory is stored. For example: C or D. |
| shared_resources_root Shared resources directory |
AIX or Linux: /opt/IBM/SSPShared Windows:drive:\Program Files\IBM\SSPShared where drive is the system drive on which the file directory is stored. For example: C or D. |
| db2_root DB2 database installation directory |
AIX or Linux: /usr/IBM/db2/version Linux:/opt/ibm/db2/version Windows:drive:\Program Files\IBM\SQLLIB\version where drive is the system drive on which the file directory is stored, for example: C or D, and version is the version of DB2 installed, for example: V9.5 or V9.7. |
| oracle_root Oracle database installation directory |
AIX or Linux: /home/oracle/oracle/product/version/db_1 Windows:drive:\oracle\product\version\db_1 where version is the supported Oracle number and drive is the system drive on which the file directory is stored. For example: C or D. |
| sql_server_root Microsoft SQL Server database installation directory |
Windows: drive:\Program Files\Microsoft SQL Server where drive is the system drive on which the file directory is stored, for example: C or D. |
| Cognos_BI_install_path IBM Cognos BI Server installation directory |
AIX or Linux: /opt/IBM/Cognos64 Windows:drive:\Program Files\IBM\Cognos64 where drive is the system drive on which the file directory is stored. For example: C or D.Note: You specify the installation
directory in the cognos-setup.properties file
during installation.
|
| Cognos_Transformer_install_path Cognos Transformer installation directory |
AIX or Linux: /opt/IBM/Cognos Windows:drive:\Program Files\IBM\Cognos where drive is the system drive on which the file directory is stored. For example: C or D.Note: You can specify the
installation directory in the cognos-setup.properties file during installation.
|
Deployment options
Install IBM Connections in one of three deployment topologies to achieve optimum scaling, load balancing, and failover.
A network deployment can consist of a single server that hosts all IBM Connections applications or two or more sets of clustered servers that share the workload. You must configure an additional system with WebSphere Application Server Network Deployment Manager.
IBM Cognos Business Intelligence is an optional component in the deployment. If used, Cognos must be federated to the same Deployment Manager as the IBM Connections servers. However, Cognos servers cannot be configured within an IBM Connections cluster.
A network deployment provides the administrator with a central management facility and it ensures that users have constant access to data. It balances the workload between servers, improves server performance, and facilitates the maintenance of performance when the number of users increases. The added reliability also requires a larger number of systems and the experienced administrative personnel who can manage them.
- Small deployment
- Install all IBM Connections applications on a single node in a
single cluster. This option is the simplest deployment but has limited
flexibility and does not allow individual applications to be scaled
up. All the applications run within a single Java Virtual Machine (JVM). Note: The diagram depicts a topology with up to 8 servers. If you install the servers on shared systems, you do not need to deploy 8 separate systems.Figure 1. Small deployment topology
- Medium deployment
- Install a subset of applications in separate clusters. IBM Connections provides three predefined
cluster names shared among all of its applications. Use this option
to distribute applications according to your usage expectations. For
instance, you might anticipate higher loads for the Profiles application
and install it in its own cluster, while other applications could
be installed in a different cluster. This option allows you to maximize
the use of available hardware and system resources to suit your needs.Figure 2. Medium deployment topology
- Large deployment
- Install each application in its own cluster. IBM Connections provides a predefined cluster
name for each application. This option provides the best performance
in terms of scalability and availability options but also requires
more system resources. In most cases, you should install the News
and Home page applications in the same cluster.Figure 3. Large deployment topology
- In a multi-node cluster, you must configure network share directories as shared content stores. When using NFS, use NFS v4 because NFS v3 lacks advanced locking capability. When using Microsoft SMB Protocol for file-sharing, use the UNC file-naming convention; for example: \\machine-name\share-name.
- You can assign various combinations of applications to clusters in many different ways, depending on your usage and expectations. For more information, visit the IBM Connections wiki to read articles about deployment.
- The number of JVMs that you need for each cluster depends on the user population and workload. For failover, you must have two JVMs per application, or two nodes for each cluster, scaled horizontally. Horizontal scaling refers to having multiple JVMs per application with each JVM running on a WebSphere Application Server instance. Vertical scaling refers to running multiple JVMs for the same application on a single WebSphere Application Server instance. Vertical scaling is not officially supported in IBM Connections. However, it is typically not needed unless your server has several CPUs.
- For performance and security reasons, consider using a proxy server in your deployment.
- IBM Cognos Business Intelligence does not have to be deployed before you install the Metrics application. Even if you do not plan to deploy Cognos now, you should install the Metrics application so that events are recorded in the Metrics database for use when Cognos is available to provide reports.
- For added security when you are planning to run 3rd party OpenSocial
gadgets, such as those from iGoogle, you must configure locked domains.
Locked domains are required to isolate these gadgets from access
to your intranet and SSO information. The basic configuration of
locked domains is as follows:
- A second top-level domain that is not in your SSO domain. For example, if you organization's SSO domain is example.com, you will require a distinct top level domain, such as example-modules.com.
- A wild card SSL certificate for this domain name.
No additional server instances are required for the basic configuration. See the Configuring locked domains topic under the section for more details.
IBM Connections system requirements
A variety of hardware and software is required to run IBM Connections.
To view the hardware and software requirements, go to the Detailed system requirements for IBM Connections web page.
IBM Connections support statement
The statement proposes revisions to the definition of "supported" and "unsupported" with respect to the various products on which IBM Connections depends for proper operation.
To view the support statement, go to the IBM Connections support statements web page.
Worksheet for installing IBM Connections
Record your installation and configuration data.
Recording installation data
While installing and configuring IBM Connections, it can be difficult to remember all the user IDs, passwords, server names, and other information that you need during and after installation. Print out and use this worksheet to record that data.LDAP server details
| LDAP data type | Details |
|---|---|
| LDAP server type and version For example: Lotus Domino 8.5 |
|
| Primary host name For example: domino_ldap.example.com |
|
| Port For example: 389 |
|
| Bind distinguished name For example: cn=lcadmin,ou=People,dc=example,dc=com |
|
| Bind password | |
| Certificate mapping | |
| Certificate filter | |
| Login attribute For example: mail or uid |
WebSphere Application Server details
| WebSphere Application Server item | Details |
|---|---|
| WebSphere Application Server version For example: V7.0 fix pack 21 |
|
| Installation location For example: C:\IBM\WebSphere\AppServer |
|
| Update installer location For example: C:\IBM\WebSphere\UpdateInstaller |
|
| Administrator ID For example: wsadmin |
|
| Administrator password | |
| WebSphere Application Server URL For example: http://was.example.com:9060/ibm/console |
|
| WebSphere Application Server secure URL For example: https://was.example.com:9043/ibm/console |
|
| WebSphere Application Server host name | |
| HTTP transport port | |
| HTTPS transport port | |
| SOAP connector port | |
| Run application server as a service? (True/False) |
Database details
| Database item | Details |
|---|---|
| Database type and version For example: Oracle Database 10g Enterprise Edition Release 2 10.2.0.4 |
|
| Database instance or service name | |
| Database server host name For example: database.example.com |
|
| Port The default values are: DB2=50000; Oracle=1433; MS SQL Server=1523. |
|
| JDBC driver fully qualified
file path For example: C:\IBM\SQLLIB |
|
| Database client name and version For example: MS SQL Server Management Studio Express® v9.0.2 |
|
| Database client user ID The default is db2admin. |
|
| Database client user password | |
| DB2 administrators group (Windows only) The default is DB2ADMNS. |
|
| DB2 users group (Windows only) The default is DB2USERS. |
|
| Activities database server host name | |
| Activities database server port number | |
| Activities database name. The default name is OPNACT. |
|
| Activities database application user ID | |
| Activities database application user password | |
| Blogs database server host name | |
| Blogs database server port number | |
| Blogs database name. The default name is BLOGS. |
|
| Blogs database application user ID | |
| Blogs database application user password | |
| Cognos database server host name | |
| Cognos database server port number | |
| Cognos database name. The default name is COGNOS. |
|
| Cognos database application user ID | |
| Cognos database application user password | |
| Communities database server host name | |
| Communities database server port number | |
| Communities database name The default name is SNCOMM. |
|
| Communities database application user ID | |
| Communities database application user password | |
| Dogear database server host name | |
| Dogear database server port number | |
| Dogear database name. The default name is DOGEAR. |
|
| Dogear database application user ID | |
| Dogear database application user password | |
| Files database server host name | |
| Files database server port number | |
| Files database name. The default name is FILES. |
|
| Files database application user ID | |
| Files database application user password | |
| Forums database server host name | |
| Forums database server port number | |
| Forums database name. The default name is FORUM. |
|
| Forums database application user ID | |
| Forums database application user password | |
| Home page database server host name | |
| Home page database server port number | |
| Home page database name. The default name is HOMEPAGE. |
|
| Home page database application user ID | |
| Home page database application user password | |
| Metrics database server host name | |
| Metrics database server port number | |
| Metrics database name. The default name is METRICS. |
|
| Metrics database application user ID | |
| Metrics database application user password | |
| Mobile database server host name | |
| Mobile database server port number | |
| Mobile database name. The default name is MOBILE. |
|
| Mobile database application user ID | |
| Mobile database application user password | |
| Profiles database server host name | |
| Profiles database server port number | |
| Profiles database name. The default name is PEOPLEDB. |
|
| Profiles database application user ID | |
| Profiles database application user password | |
| Wikis database server host name | |
| Wikis database server port number | |
| Wikis database name. The default name is WIKIS. |
|
| Wikis database application user ID | |
| Wikis database application user password |
Tivoli Directory Integrator details
| Tivoli Directory Integrator item | Details |
|---|---|
| Tivoli Directory Integrator installation location For example: C:\IBM\TDI\ |
|
| Tivoli Directory Integrator version. For example: 7.1 fix pack 2. |
|
| Solutions Directory path For example: C:\IBM\TDISOL\TDI |
LDAP-Profiles mapping details
| Profiles database attribute | LDAP attribute (example) | Profiles database column |
|---|---|---|
| alternateLastname | null | PROF_ALTERNATE_LAST_NAME |
| bldgId | null | PROF_BUILDING_IDENTIFIER |
| blogUrl | null | PROF_BLOG_URL |
| calendarUrl | null | PROF_CALENDAR_URL |
| countryCode | c | PROF_ISO_COUNTRY_CODE |
| courtesyTitle | null | PROF_COURTESY_TITLE |
| deptNumber | null | PROF_DEPARTMENT_NUMBER |
| description | description | PROF_DESCRIPTION |
| displayName | cn | PROF_DISPLAY_NAME |
| distinguishedName | $dn | PROF_SOURCE_UID |
| PROF_MAIL | ||
| employeeNumber | employeenumber | PROF_EMPLOYEE_NUMBER |
| employeeTypeCode | employeetype | PROF_EMPLOYEE_TYPE |
| experience | null | PROF_EXPERIENCE |
| faxNumber | facsimiletelephonenumber | PROF_FAX_TELEPHONE_NUMBER |
| floor | null | PROF_FLOOR |
| freeBusyUrl | null | PROF_FREEBUSY_URL |
| givenName | givenName | PROF_GIVEN_NAME |
| givenNames | givenName | |
| groupwareEmail | null | PROF_GROUPWARE_EMAIL |
| guid | (Javascript function: {func_map_from_GUID}) | PROF_GUID |
| ipTelephoneNumber | null | PROF_IP_TELEPHONE_NUMBER |
| isManager | null | PROF_IS_MANAGER |
| jobResp | null | PROF_JOBRESPONSIBILITIES |
| loginId | employeenumber | PROF_LOGIN and PROF_LOGIN_LOWER |
| logins | PROF_LOGIN | |
| managerUid | $manager_uid Note: This attribute represents
a lookup of the UID of a manager using DN in the manager field.
|
PROF_MANAGER_UID |
| mobileNumber | mobile | PROF_MOBILE |
| nativeFirstName | null | PROF_NATIVE_FIRST_NAME |
| nativeLastName | null | PROF_NATIVE_LAST_NAME |
| officeName | physicaldeliveryofficename | PROF_PHYSICAL_DELIVERY_OFFICE |
| orgId | ou | PROF_ORGANIZATION_IDENTIFIER |
| pagerId | null | PROF_PAGER_ID |
| pagerNumber | null | PROF_PAGER |
| pagerServiceProvider | null | PROF_PAGER_SERVICE_PROVIDER |
| pagerType | null | PROF_PAGER_TYPE |
| preferredFirstName | null | PROF_PREFERRED_FIRST_NAME |
| preferredLanguage | preferredlanguage | PROF_PREFERRED_LANGUAGE |
| preferredLastName | null | PROF_PROF_PREFERRED_LAST_NAME |
| profileType | null | PROF_TYPE |
| secretaryUid | $secretaryUid Note: This attribute represents
a lookup of the UID of a secretary using DN in the secretary field.
|
PROF_SECRETARY_UID |
| shift | null | PROF_SHIFT |
| surname | sn | PROF_SURNAME |
| surnames | sn | PROF_SURNAME |
| telephoneNumber | telephonenumber | PROF_TELEPHONE_NUMBER |
| timezone | null | PROF_TIMEZONE |
| title | null | PROF_TITLE |
| uid | (Javascript function - {func_map_to_db_UID}) | PROF_UID |
| workLocationCode | postallocation | PROF_WORK_LOCATION |
IBM Connections details
| IBM Connections item | Details |
|---|---|
| IBM Connections installation location For example: C:\IBM\Connections |
|
| Response file directory path. For example: C:\IBM\Connections\InstallResponse.txt |
|
| DNS host name For example: connections.example.com |
|
| Choose: DNS MX Records or Java Mail Session? | |
| DNS MX Records only: Local mail
domain For example: example.com |
|
| Java Mail Session only: DNS server name or SMTP relay host For example: dns.example.com; relayhost.example.com |
|
| Domain name for Reply-to email address | |
| Suffix or prefix for Reply-to email address | |
| Server that receives Reply-to emails | |
| User name and password for that server | |
| URL and ports for admin and
user access Note: You can look up the URLs for each application in
the text files that the installation wizard generates. These files
are located under the connections_root directory.
|
|
| Activities server name | |
| Activities cluster member name | |
| Activities URL For example: http://www.example.com:9080/activities |
|
| Activities secure URL For example: https://www.example.com:9446/activities |
|
| Activities statistics files directory path | |
| Activities content files directory path | |
| Blogs server name | |
| Blogs cluster member name | |
| Blogs URL For example: http://www.example.com:9080/blogs |
|
| Blogs secure URL For example: https://www.example.com:9446/blogs |
|
| Blogs upload files directory path | |
| Bookmarks server name | |
| Bookmarks cluster member name | |
| Bookmarks URL For example: http://www.example.com:9080/dogear |
|
| Bookmarks secure URL For example: https://www.example.com:9446/dogear |
|
| Bookmarks favicon files directory path | |
| Communities server name | |
| Communities cluster member name | |
| Communities URL For example: http://www.example.com:9080/communities |
|
| Communities secure URL For example: https://www.example.com:9446/communities |
|
| Communities statistics files directory path | |
| Communities discussion forum content directory path | |
| Files server name | |
| Files cluster member name | |
| Files URL For example: http://www.example.com:9080/files |
|
| Files secure URL For example: https://www.example.com:9446/files |
|
| Files content store directory path | |
| Forums server name | |
| Forums cluster member name | |
| Forums URL For example: http://www.example.com:9080/forums |
|
| Forums secure URL For example: https://www.example.com:9446/forums |
|
| Forums content store directory path | |
| Home page server name | |
| Home page cluster member name | |
| Home page URL For example: http://www.example.com:9080/homepage |
|
| Home page secure URL For example: https://www.example.com:9446/homepage |
|
| Home page content store directory path | |
| Metrics server name | |
| Metrics cluster member name | |
| Moderation server name | |
| Moderation cluster member name | |
| Moderation URL For example: http://www.example.com:9080/moderation |
|
| Moderation secure URL For example: https://www.example.com:9446/moderation |
|
| Profiles server name | |
| Profiles cluster member name | |
| Profiles URL For example: http://www.example.com:9080/profiles |
|
| Profiles secure URL For example: https://www.example.com:9446/profiles |
|
| Profiles statistics files directory path | |
| Profiles cache directory path | |
| Search server name | |
| Search cluster member name | |
| Search dictionary directory path | |
| Search index directory path | |
| Wikis server name | |
| Wikis cluster member name | |
| Wikis URL For example: http://www.example.com:9080/wikis |
|
| Wikis secure URL For example: https://www.example.com:9446/wikis |
|
| Wikis content directory path |
IBM HTTP Server
| IBM HTTP Server item | Details |
|---|---|
| IBM HTTP Server installation location For example: C:\IBM\HTTPServer\ |
|
| IBM HTTP Server version For example: V7.0 fix pack 21. |
|
| IBM HTTP Server httpd.conf file directory path For example: C:\IBM\HTTPServer\conf\ |
|
| web server definition name For example: webserver1 |
|
| web server plugin-cfg.xml file
directory path For example: C:\IBM\HTTPServer\Plugins\config\webserver1\ |
|
| IBM HTTP Server host name | |
| IBM HTTP Server fully qualified host name | |
| IBM HTTP Server IP address | |
| IBM HTTP Server communication port For example: 80 |
|
| IBM HTTP Server administration port For example: 8008 |
|
| Run IBM HTTP Server as a service? (Y/N) | |
| Run IBM HTTP administration as a service? (Y/N) | |
| IBM HTTP Server administrator ID | |
| IBM HTTP Server administrator password |
Cognos BI Server and Transformer
| Cognos BI Server and Transformer item | Details |
|---|---|
| Cognos BI Server and Transformer | Refer to the cognos-setup.properties file. |
IBM Connections release notes
The release notes for IBM Connections 4 explain compatibility, installation, and other getting-started issues.
Description
IBM Connections 4 introduces metrics for Communities. Metrics data is available for the entire product as well as for individual communities. Metrics employs the analytic capabilities of the IBM Cognos® Business Intelligence server, which is provided as part of the IBM Connections installation to support the collection of metrics data.
Announcement
- Detailed product description, including a description of new function
- Product-positioning statement
- Packaging and ordering details
- International compatibility information
System requirements
For information about hardware and software compatibility, see the IBM Connections system requirements topic.
Installing IBM Connections 4
Known problems
Known problems are documented in the form of individual technotes in the Support Portal at http://www-947.ibm.com/support/entry/portal/Overview/Software/Lotus/Lotus_Connections. As problems are discovered and resolved, the IBM Support team updates the knowledge base. By searching the knowledge base, you can quickly find workarounds or solutions to problems.
- All known problems for IBM Connections 4.0
- Activities
- Blogs
- Bookmarks
- Communities
- Files
- Forums
- Home page
- Mobile
- News
- Profiles
- Search
- Wikis
- Installation
- IBM Connections Plugin for Lotus Notes®
- IBM Connections Plugin for Microsoft Office
- IBM Connections Plugin for Microsoft Outlook
- IBM Connections Plugin for Microsoft Windows Explorer
- IBM Connections Plugin for WebSphere Portal
- IBM Connections APIs
Installing
To install IBM Connections, you need to follow a detailed series of procedures.
What's new
Find out what's new and what's been updated.
IBM Connections 4.0
- The installation wizard is based on IBM Installation Manager 1.4.4.
- You can install and configure IBM Cognos Business Intelligence, obtained separately, by using the scripts, models, and specifications that are included with IBM Connections.
- Console Mode is available. Use this character-based interface to install, modify, or uninstall the product when you do not have access to the graphical interface.
- Silent installation has been extended so that you can install both IBM Connections and IBM Installation Manager in silent mode.
- The initial configuration of administrators for Home page and Blogs is now handled automatically during installation. However, to configure widgets, you still need to assign a Home page administrator.
Migrating to this release
- After migration to IBM Connections 4.0, you can reuse content stores from 3.0.1.
- In Profiles, the data model for profile-type definitions has been moved into a dedicated profiles-types.xml file and the rules for presentation of a profile have been moved into a set of FreeMarker template files. For details, see Post-migration steps for profile types and profile policies.
- During the database migration process, data from the Profiles database is copied to the Home page database.
- The migration tool no longer migrates content stores, which must be manually migrated.
The installation process
Review the steps that are required to install IBM Connections.
About this task
Procedure
Accessibility applications for installing IBM Connections
Learn about the accessibility applications for installing IBM Connections.
Using the wizards
IBM Connections wizards provide non-graphical console modes for installation and other tasks. You can use accessibility applications in the following wizards:- IBM Connections installation
- Database creation
- Profiles population
- Connector installation
- Update installation
See the related topics for more information about accessing the wizards.
IBM and accessibility
Go to the IBM Human Ability and Accessibility Center for more information about the commitment that IBM has to accessibility.
Pre-installation tasks
Complete the following tasks before installing IBM Connections.
If you are migrating from IBM Connections version 3.0.1, do not complete the tasks for creating databases or populating the Profiles database. The migration process handles those tasks automatically.
Preparing to configure the LDAP directory
Determine which Lightweight Directory Access Protocol (LDAP) attributes you want to use as the identifiers for IBM Connections users.
Before you begin
About this task
To prepare to configure your LDAP directory with IBM WebSphere Application Server, complete the following steps:
Procedure
Creating the Cognos administrator account
Create a new user, or select an existing user in the LDAP directory to serve as the administrator of the IBM Cognos BI Server component (you will add the administrator credentials to a configuration script when you deploy Cognos Business Intelligence).
About this task
If you will use an existing LDAP account, take note of the user name and password. For example, if your organization already has a Cognos deployment, you might choose to use the same administrator account with Connections.
If an acceptable account does not exist already, create it now; again, note the credentials for use later.
For more information on using an LDAP directory with Cognos, see Configuring IBM Cognos Components to Use an Authentication Provider in the Cognos information center.
Installing IBM WebSphere Application Server
Install IBM WebSphere Application Server .
Before you begin
WebSphere Application Server Network Deployment is provided with IBM Connections.
To establish an environment with one Deployment Manager and one or more managed nodes, use the following table to determine the installation option that you should choose. The IBM Connections installation wizard creates server instances that require each node to have an application server. Choose one of these options when installing WebSphere Application Server to ensure that each node has an application server.
| IBM Connections deployment |
|---|
| Deployment Manager and one node on the same system |
| Deployment Manager and nodes on separate
systems Note: You can deploy one node on the same system as the DM
but you must use separate systems for all other nodes in a cluster.
|
About this task
Procedure
Setting up federated repositories
Use federated repositories with IBM WebSphere Application Server to manage and secure user and group identities.
Before you begin
Ensure that you have completed the steps described in the Preparing to configure the LDAP directory topic.
You can configure the user directory for IBM Connections to be populated with users from more than one LDAP directory.
- If you are using IBM Tivoli Directory Server, decide whether your deployment will rely on the LDAP groupOfNames or groupOfUniqueNames object class for group entities. WebSphere Application Server uses groupOfNames by default. In most cases, you need to delete this default mapping and create a new mapping for group entities using the LDAP groupOfUniqueNames object class.
- If you are using the groupOfUniqueNames object class for group entities, use the uniqueMember attribute for the group member attribute.
- If you are using the groupOfNames object class group entities, use the member attribute for the group member attribute.
Configure the LDAP for Cognos separately. For more information, see the Configuring support for LDAP authentication for Cognos Business Intelligence topic.
About this task
Procedure
Results
Choosing login values
Determine which LDAP attribute or attributes you want to use to log in to IBM Connections.
- Single LDAP attribute with a single value
- For example: uid=jsmith.
- Multiple LDAP attributes, each with a single value
- To specify multiple attributes, separate them with a semicolon when you enter them in the Login properties field (while adding the repository to IBM WebSphere Application Server). For example, where uid=jsmith and mail=jsmith@example.com, you would enter: uid; mail.
- Single LDAP attribute with multiple values
- For example, mail is the login attribute and it accepts two different email addresses: an intranet address and an extranet address. For example: mail=jsmith@myCompany.com or mail=jsmith@example.com.
- Multiple LDAP attributes, each with multiple values
- For example: uid=jsmith or uid=john_smith and mail=jsmith@example.com or mail=john_smith@example.com or mail=jsmith@MyCompany.com.
- Multiple LDAP directories
- For example: One LDAP directory uses uid as the login attribute and the other uses mail. You must repeat the steps in Setting up federated repositories for each LDAP directory.
Multi-valued attributes
You can map multiple values to common attributes such as uid or mail.
- mail=suser@example.com
- mail=sample_user@example.com
- mail=user_sample@example.com
- uid=suser
- uid=sampleuser
- uid=user_sample
By default, the population wizard only allows you to choose one attribute for logins, so you can't select mail and uid. You can, however, write a custom function to union multiple attributes.
Custom attributes
The Profiles population wizard populates uid and mail during the population process but maps the loginID attribute to null. You can specify a custom attribute if your directory uses a unique login attribute other than, for example, uid, mail, or cn. The login value can be based on any attribute that you have defined in your repository. You can specify that attribute by setting loginID=attribute when you populate the Profiles database.
The following sample extract from the profiles-config.xml file shows the standard login attributes:
<loginAttributes>
<loginAttribute>uid</loginAttribute>
<loginAttribute>email</loginAttribute>
<loginAttribute>loginId</loginAttribute>
</loginAttributes> The value for the loginID attribute is stored in the Prof_Login column of the Employee table in the Profiles database. For more information, see the Mapping fields manually topic.
Using Profiles or LDAP as the repository
The default login attributes that are defined in the profiles-config.xml file are uid, email, or loginID
If you change the default IBM Connections configuration to use the LDAP directory as the user repository, WebSphere Application Server maps uid as the login default.
Specifying the global ID attribute for users and groups
Determine which attribute to use as the unique identifier of each person and group in the organization. This identifier must be unique across the organization.
- IBM Tivoli Directory Server:
ibm-entryUUID
- Microsoft Active Directory:
objectGUID
If you are using Active Directory, remember that the samAccountName attribute has a 20-character limit; other IDs used by IBM Connections have a 256-character limit.
- IBM Domino Enterprise Server:
dominoUNID
Note: If the bind ID for the Domino LDAP does not have sufficient manager access to the Domino directory, the Virtual Member Manager (VMM) does not return the correct attribute type for the Domino schema query; DN is returned as the VMM ID. To override VMM's default ID setting, add the following line to the <config:attributeConfiguration> section of the wimconfig.xml file:<config:externalIdAttributes
name="dominoUNID"/>
- Sun Java System Directory
Server:
nsuniqueid
- eNovell Directory Server:
GUID
- Custom ID:
If your organization already uses a unique identifier for each user and group, you can configure IBM Connections to use that identifier. For more information, see the Specifying a custom ID attribute for users or groups topic.
- AIX
- /usr/IBM/WebSphere/AppServer/profiles/<profile_name>/config/cells/<cell_name>/wim/config
- Linux
- /opt/IBM/WebSphere/AppServer/profiles/<profile_name>/config/cells/<cell_name>/wim/config
- Microsoft Windows
- <drive>:\IBM\WebSphere\AppServer\profiles\<profile_name>\config\cells\<cell_name>\wim\config
To allow deletes and adds, or migration across various LDAP servers (for example, from staging to production), use an LDAP attribute that is fixed across various directories or when entries are recreated.
Specifying a custom ID attribute for users or groups
Specify custom global unique ID attributes to identify users and groups in the LDAP directory.
Before you begin
This is an optional task.
By default, IBM Connections looks for LDAP attributes to use as the global unique IDs (guids) to identify users and groups in the LDAP directory. The identifiers assigned by LDAP directory servers are usually unique for any LDAP entry instance. If the user information is deleted and re-added, or exported and imported into another LDAP directory, the guid changes. Changes like this are usually implemented when employees change status, a directory record is deleted and added again, or when user data is ported across directories.
When the guid of a user changes, you must synchronize the LDAP with the Profiles database before that user logs in again. Otherwise, the user will have two accounts in IBM Connections and the user's previous content will appear to be lost as it is associated with the previous guid. If you assign a fixed attribute to each record, you can minimize the possibility of accidentally introducing dual accounts for a user in IBM Connections.
The wimconfig.xml file governs a single ID attribute for all supported objects such as users, groups, and organizations in WebSphere Application Server. You can use the LotusConnections-config.xml file to override the ID attribute in the wimconfig.xml file. For example, you could use the wimconfig.xml file to specify the ibm-entryUUID attribute as the ID Key attribute for users and groups in all applications running on WebSphere Application Server, and then modify the LotusConnections-config.xml file to specify the employeeID as the ID Key attribute for IBM Connections applications.
About this task
You can change the default setting to use a custom ID to identify users and groups in the directory.
- The ID must be static and unique. It must not be reassigned across users and groups in the directory.
- The ID must not exceed
256 characters in length. To achieve faster search results, use a
fixed-length attribute for the ID.Note: If you are planning to install the Files or Wikis application, the ID cannot exceed 252 characters in length.
- The ID must have a one-to-one mapping per directory object. You cannot use an attribute with multiple values as a unique ID.
To specify a custom attribute as the unique ID for users or groups, complete the following steps:
Procedure
What to do next
If you specified different ID attributes for users and groups, complete the steps in the Configuring the custom ID attribute for users or groups topic in the Post-installation tasks section of the product documentation. The steps in that task configure IBM Connections to use the custom ID attributes that you specified in this task.
When you map fields in the Profiles database, ensure that you add the custom ID attribute to the PROF_GUID field in the EMPLOYEE table. See the Mapping fields manually topic.
Creating databases
Create databases for the applications that you plan to install. You can use the database wizard or run the SQL scripts that are provided with IBM Connections.
- Cognos
- Metrics
- Mobile
Each IBM Connections application requires its own database, except Moderation, News, and Search. The Moderation application does not have an associated database or content store, while the News and Search applications share the Home page database.
The database wizard automates the process of creating databases for the applications that you plan to install. It is a more reliable method for creating databases because it validates the databases as you create them.
Complete the procedures that are appropriate for your deployment:
Creating multiple database instances
Create multiple instances of a database for a more versatile database environment.
Before you begin
- Create a new user and add it to the Administrators group.Note: If you are using DB2, add the new user to the DB2ADMNS group as well.
- Remove the user account from the Users group.
- In the Local Security Policy utility, add these rights to the
new user:
- Act as part of the operating system
- Adjust memory quotas|Increase quotas for a process
- Create a token object
- Debug programs
- Lock pages in memory
- Log on as a service
- Replace a process level token
About this task
- the ability to use different instances for development and production.
- restricted access to sensitive information.
- an optimized configuration for each instance.
For example, if you need to make changes to one of the instances, you can restart just that instance instead of restarting the whole system. Similarly, if you need to take an instance offline, only the databases that are hosted on that instance are unavailable during the outage, while your other databases are unaffected.
Multiple instances require additional system resources.
To create multiple instances of a database, complete the following steps:
Procedure
- DB2Notes:
- For each instance that you want to create, log in as the instance owner before creating the instance.
- Use the DB2 Command Line Processor to enter commands.
- After creating the instance, add the instance to the user environment variable. The instance is then visible in the DB2 Control Center.
- AIX:
An instance called db2inst1 is created during DB2 installation.
- Create a group for DB2:
mkgroup db2iadm1 - Create a user for DB2:
mkuser groups=db2iadm1 db2instNwhere db2instN is the name of a user. DB2 prompts you to enter a password for the user. Repeat this step to create enough users to match the number of database instances.
- Create DB2 instances:
Login with root user and go to /opt/IBM/db2/V9.5/instance.
where db2instN is the name of a user and also the name of an instance. Repeat this step to create enough instances to match the number of databases../db2icrt -u db2instN db2instN - Set the port number of the instance:
Edit the/etc/services file and add the following line:
db2c_instance_name instance_port/tcpwhere instance_name is the name of the instance and instance_port is the port number of that instance. Repeat this step for each instance.
- Set the communication protocols for the instance:
Repeat this step for each instance.db2 update database manager configuration using svcename db2c_instance_name db2set DB2COMM=tcpip db2stop db2start - Edit your firewall configuration to allow the new instances to communicate through their listening ports.
- Create a group for DB2:
- Linux:
An instance called db2inst1 is created during DB2 installation, along with three users: db2inst1, db2fenc1, and dasusr1.
- Create groups for DB2:
groupadd -g 999 db2iadm1 groupadd -g 998 db2fadm1 groupadd -g 997 dasadm1 - Create users for DB2 in
the db2iadm1 group:
useradd -u 1100 -g db2iadm1 -m -d /home/db2instN db2instN -p db2instXwhere db2instN is the name of a user and db2instX is the password for that user. Create enough users to match the number of database instances.
- Create the db2fenc1 user for DB2 in the db2fadm1 group:
useradd -u 1101 -g db2fadm1 -m -d /home/db2fenc1 db2fenc1 -p db2instX
- Create the dasusr1 user for DB2 in the dasadm1 group:
useradd -u 1102 -g dasadm1 -m -d /home/dasadm1 dasusr1 -p db2instX
- Create new DB2 instances:
Login with root user and go to /opt/ibm/db2/V9.5/instance.
./db2icrt -u db2fenc1 db2instN
Create enough instances to match the number of databases.
- Set the port number of the instance:
Edit the /etc/services file and add the following line:
db2c_<instance_name> <instance_port>/tcp
where instance_name is the name of the instance and instance_port is the port number of that instance. Repeat this step for each instance. - Log in as the database instance and set the communication protocols
for the instance:Repeat this step for each instance.
su - db2instN db2 update database manager configuration using svcename db2c_instance_name db2set DB2COMM=tcpip db2stop db2start - Edit your firewall configuration to allow the new instances to communicate through their listening ports.
- Create groups for DB2:
- Microsoft Windows:
- Create an instance by running the following command:
db2icrt instance_name -s ese -u db2_admin_user
where instance_name is the name of the instance and db2_admin_user is the user account for that instance.
- Set the port number of the instance:
Edit the C:\WINDOWS\system32\drivers\etc\services file and add the following line:
db2c_instance_name instance_port/tcp
- Set the current instance parameter:
set DB2INSTANCE=instance_name - Set the communication protocols for the instance:
db2 update database manager configuration using svcename db2c_instance_name db2set DB2COMM=npipe,tcpip db2stop db2start - Edit your firewall configuration to allow the new instances to communicate through their listening ports.
- Create an instance by running the following command:
- Oracle:
Each database is a database instance.
Use the Oracle Database Configuration Assistant (DBCA) to create Oracle a new database:- Open the DBCA tool:
- AIX or Linux:
- Change login user to oracle
- $ export [[ORACLE_HOME]]=...
- $ export PATH=$PATH:$ORACLE_HOME/bin
- $ export DISPLAY=hostname:displaynumber.screennumber Note: where hostname:displaynumber.screennumber represents the client system, monitor number, and window number. For example: localhost:0.0
- $ dbca &
- Windows:
- Click Start
- Select .
where Oracle_home_name is the Oracle home on your system. For example: OraDB10g_Home1.
- AIX or Linux:
- On the Operations page, accept the default option to Create a database and click Next.
- On the Database Templates page, accept the General Purpose default option and click Next.
- On the Database Identification page, enter LSCONN in the Global Database Name and SID fields and click Next.
- On the Management Options page, accept the default option to Configure the database with Enterprise Manager and click Next.
- On the Database Credentials page, enter the database password and click Next.
- On the Storage Options page, accept the File System storage option and click Next.
- On the Database File Locations page, accept the Database File Locations from Template default option and click Next.
- On the Recovery Configuration page, accept the Specify Flash Recovery Area default option and click Next.
- On the Database Content page, accept the defaults and click Next.
- On the Initialization Parameters page, click the Character Sets tab and select the Use Unicode (AL32UTF8) option. Click Next.
- On the Database Content page, accept the defaults and click Next.
- On the Creation Options page, accept the Create Database default option and click Next.
- Open the DBCA tool:
- SQL Server
- Run the SQL Server installation wizard. On the Instance Name panel of the installation wizard, select Named instance, and then specify a new instance name in the field.
- Edit your firewall configuration to allow the new instances to communicate through their listening ports.
Ensure that Named Pipes is enabled in the SQL Server Network Configuration for all instances. For more information, refer to your SQL Server documentation.
Notes:For more information, go to the Microsoft SQL Server Developer Center web site to view the SQL Server documentation:- Use the same collation that you are using for the application databases; that is: Latin1_General_BIN. Ensure that the ancillary databases, such as the master, model, tempdb, and msdb databases, use that collation.
- For Authentication mode, use Mixed Mode (Windows Authentication and SQL Server Authentication).
- If you receive any warnings or errors from the System Configuration Check dialog, correct them from the SQL Server 2005 instance installation.
What to do next
Registering the DB2 product license key
Register the DB2 product license key for the version of DB2 that is included with IBM Connections.
Before you begin
If you used DB2 with an earlier version of IBM Connections, your installation of DB2 is already registered and you can skip this task.
About this task
Procedure
What to do next
Creating a dedicated DB2 user
Create a dedicated IBM DB2 database user named lcuser with restricted privileges.
About this task
To create a dedicated DB2 database user named lcuser, complete the following steps:
Procedure
- AIX or Linux:
- Log into the DB2 server
as the root user, and then type the following command to create a
new user:
useradd -u 1004 -g db2iadm1 -m -d /db2home/lcuser lcuser -p password
where password is new password for the new user. The command assumes that your DB2 users group is db2iadm1 and that your home directory for DB2 is db2home. If these values are different in your environment, modify the command accordingly.
- Log into the DB2 server
as the root user, and then type the following command to create a
new user:
- Windows
- Click and select .
- From the Computer Management console, select .
- Right-click Users and select New User.
- Add a user named lcuser. Enter the required details, including the password. Clear the User must change password at next logon check box. Click Create.
- Click Close.
- Open the Users object, right-click lcuser, and select Properties from the context menu.
- Click the Member Of tab and then click the Add button.
- Type DB2USERS in the Enter the
object names to select field, and click OK. Click OK again to save your changes.Note: If the DB2USERS group is not found, extended security for DB2 on Windows might not be enabled. See the DB2 documentation for information about Extended Windows security using DB2ADMNS and DB2USERS groups.
What to do next
For more information about granting privileges to users, go to the DB2 information center.
Configuring the DB2 databases for unicode
You must configure each DB2 database used in the IBM Connections deployment for unicode.
About this task
Configuring the DB2 databases for unicode ensures that DB2 tools like export and import do not corrupt unicode data.
Procedure
You must perform the following steps on each DB2 instance in the deployment:
Creating databases with the database wizard
Use the database wizard to create databases for the IBM Connections applications. You must be logged in with the database administrator account.
Preparing the database wizard
Before you can use the wizard to create databases for your IBM Connections deployment, prepare the database server.
Before you begin
Ensure that you have given the necessary permissions to the user IDs that need to log in to the database system and access the IBM Connections Wizards directory.
- If you are planning to create multiple database instances, prepare and run the database wizard once for each instance.
(DB2 only) Create a dedicated IBM DB2 database user named lcuser. For more information, see the Creating a dedicated DB2 user topic.
(Oracle only) Ensure that the Statement cache size for the data sources on WebSphere Application Server is no larger than 50. A higher value could lead to Out Of Memory errors on the application server instance.
(AIX only) If you are downloading the wizard, the TAR program available by default with AIX does not handle path lengths longer than 100 characters. To overcome this restriction, use the GNU file archiving program instead. This program is an open source package that IBM distributes through the AIX Toolbox for Linux Applications at the IBM AIX Toolbox web site. Download and install the GNU-compatible TAR package. You do not need to install the RPM Package Manager because it is provided with AIX.
After you have installed the GNU-compatible TAR program, change to the directory where you downloaded the IBM Connections TAR file, and enter the following command to extract the files from it:
gtar -xvf Lotus_Connections_wizard_aix.tar
This command creates a directory named after the wizard.
(AIX only) Download and install the following packages from the AIX Toolbox for Linux Applications webpage:
gtk2-2.10.6, pango-1.14.5, fontconfig-2.4.2, pkg-config-0.19, libjpeg-6b, freetype2-2.3.9, expat-2.0.1, zlib-1.2.3, xft-2.1.6, xcursor-1.1.7, glib-1.2.10, glib2-2.12.4, atk-1.12.3, gettext-0.10.40, libpng-1.2.32, and libtiff-3.8.2
Note: Some of these packages have dependencies on other packages. The AIX package installer alerts you to any additional packages that might be required.
About this task
To prepare the database wizard, complete the following steps:
Procedure
Using the database wizard
Use the database wizard to create databases for the IBM Connections applications that you plan to install.
Before you begin
When you are creating a database either with the database wizard or SQL scripts, you must log into the system where the database is hosted with the database administrator account. The default values for DB2 are db2admin on Microsoft Windows, and db2inst1 on Linux and AIX. For Oracle, the default value on AIX and Linux is oracle, and system administrator on Windows. For SQL Server, the default value is the system administrator.
Oracle and SQL Server connect to IBM Connections databases with the user accounts that are configured during database creation. The passwords of those user accounts are defined later in this task.
(Oracle only) Ensure that the Statement cache size for the data sources on WebSphere Application Server is no larger than 50. A higher value could lead to Out Of Memory errors on the application server instance.
- If you migrated from IBM Connections 3.0.1, the numdb parameter was set to 12, the maximum number of IBM Connections 4.0 databases. If the instance has additional databases, increase the value of the numdb parameter to match the total number of databases on the instance.
- You can use the following command to change the parameter:
db2 UPDATE DBM CFG USING NUMDB nn
where nn is a number of databases.
DB2 uses a user account called lcuser. If you are creating a DB2 database with SQL scripts, you must manually create the lcuser account on your operating system and then run the appGrants.sql script to grant the appropriate privileges to the lcuser account. When you use the database wizard, this script runs automatically. For more information, see the Creating a dedicated DB2 user topic.
- If you are using Linux on IBM System z with the DASD driver, the SQL scripts are located in the connections.s390.sql/application_subdirectory directory of the IBM Connections set-up directory or installation media.
- If you are using Linux on IBM System z with the SCSI driver, back up the connections.s390.sql directory and rename the connections.sql directory to connections.s390.sql.
(AIX only) Download and install the following packages from the AIX Toolbox for Linux Applications webpage:
gtk2-2.10.6, pango-1.14.5, fontconfig-2.4.2, pkg-config-0.19, libjpeg-6b, freetype2-2.3.9, expat-2.0.1, zlib-1.2.3, xft-2.1.6, xcursor-1.1.7, glib-1.2.10, glib2-2.12.4, atk-1.12.3, gettext-0.10.40, libpng-1.2.32, and libtiff-3.8.2
Note: Some of these packages have dependencies on other packages. The AIX package installer alerts you to any additional packages that might be required.
About this task
You can review the scripts that the wizard executes by looking in the connections.sql directory in the installation media. On DB2, the commands are shown in the log that the wizard creates. On Oracle and SQL Server, the log shows the results of the commands.
To create databases with the wizard, complete the following steps:
Procedure
What to do next
(DB2 for Linux on System z only.) To improve database performance, enable the NO FILE SYSTEM CACHING option. For more information, see the Enabling NO FILE SYSTEM CACHING for DB2 on System z topic.
Using the database wizard in silent mode
Run the database wizard in silent mode when you need an identical installation on multiple servers.
Before you begin
Ensure that the wizard has created the response.properties file in the user_settings/lcWizard/response/dbWizard directory.
To create a response file, run the wizard in standard mode and specify that you would like to create a response file. You can modify the existing response file or create your own, using a text editor. For more information, see the Database wizard response file topic.
- If you migrated from IBM Connections 3.0.1, the numdb parameter was set to 12, the maximum number of IBM Connections 4.0 databases. If the instance has additional databases, increase the value of the numdb parameter to match the total number of databases on the instance.
- You can use the following command to change the parameter:
db2 UPDATE DBM CFG USING NUMDB nn
where nn is a number of databases.
(Oracle only) Ensure that the Statement cache size for the data sources on WebSphere Application Server is no larger than 50. A higher value could lead to Out Of Memory errors on the application server instance.
About this task
Procedure
What to do next
The database wizard response file
The IBM Connections database wizard can record your input in a response file that you can use for silent installations.
When you want to run the database wizard in silent mode, use the response file to duplicate the settings that you selected when you ran the wizard in interactive mode. You can start the wizard from a command prompt and then pass the response file in as a parameter. The wizard uses the values in the response file rather than requiring you to interact with it.
There is a sample response file called dbWizard_response.properties in the Wizards/samples directory on the IBM Connections set-up directory or installation media.
The response.properties file collects a specific set of values. Those values are described in the following table:
| Property | Value | Description |
|---|---|---|
| dbtype | db2 | oracle | sqlserver | The database system that you want to use. Choose from IBM DB2, Oracle, or Microsoft SQL Server. |
| dbInstance | database_instance_name | The instance name of the database that you
want to use. For example:
|
| dbHome | database_location | File path to the database. Note: If you encounter
an Invalid database instance error, the file path to the database
might be incorrect.
If the dbHome value is, for example, /home/oracle/oracle/product/10.2.0/db_1/, then you must remove the final / character. This limitation applies only on Oracle databases. On Windows, you need to add an escape character '\'. For example, activities.filepath=C\:\\SQLSERVER. |
| action | create | delete | upgrade | The action performed by the wizard. The options are create, delete, or upgrade. |
| dbVersion | DB2: 9 | Oracle: 10 or 11| SQL Server 2005:9 SQL Server 2008: 10 | The major version number of the database
type. For example, if you use SQL Server 2005, enter 9. If you use SQL Server 2008, enter 10. |
| applications | activities, blogs, cognos, communities, dogear, files, forum, homepage, metrics, mobile, profiles, wikis | IBM Connections applications for which the wizard creates databases. Use a comma (,) character to separate multiple applications. |
| Property | Value | Description |
|---|---|---|
| <application>.password | Password for application databases | Password for the applications. Note: The
passwords will be removed from the response file after the wizard
has finished processing.
|
| <application>.filepath | File path to the directory where database files are stored | (SQL Server only) File path to the database
file location. Note: On Windows, you must add an escape character '\'. For example, activities.filepath=C\:\\SQLSERVER.
|
| Property | Recommended value | Description |
|---|---|---|
| port |
|
Database server port for starting JDBC |
| administrator |
|
Database administrator account for starting JDBC |
| adminPassword | Database administrator password for starting JDBC | |
| storyLifetimeInDays | The Home page upgrade requires this parameter. It should be the same as the value in the news-config.xml file. | |
| profiles.db.name profiles.db.hostname profiles.db.port profiles.db.admin profiles.db.adminPassword | The Home page migration process copies data from the Profiles database. For this reason, you must update the Home page database before updating the Profiles database. The migration process supports the use of different instances to host the Home page and Profiles databases. | |
| jdbcLibPath | (SQL Server only) JDBC library path for
starting JDBC. Note: On Windows, you must add an escape character '\'. For example, jdbcLibPath=C\:\\sqljdbc4.jar
|
Creating databases with SQL scripts
Create IBM Connections databases using the SQL scripts that are provided on the installation media.
About this task
Creating IBM DB2 databases manually
Create IBM DB2 databases with SQL scripts instead of using the IBM Connections database wizard.
Before you begin
The SQL scripts are located in a compressed file called connections.sql.zip|tar, located in the IBM_Connections_Install/IBMConnections/connections.sql directory of the IBM Connections set-up directory or installation media. Extract this file before proceeding. When extracted, the SQL scripts are located in the IBMConnections/connections.sql/application_subdirectory directory of the IBM Connections set-up directory or installation media, where application_subdirectory is the directory that contains the SQL scripts for each application.
If you are using AIX, see the note in the Preparing the database wizard topic about decompressing TAR files.
- If you are using Linux on IBM System z with the DASD driver, the SQL scripts are located in the Lotus_Connections_Install_s390/LotusConnections/connections.s390.sql directory.
- If you are using Linux on IBM System z with the SCSI driver, back up the connections.s390.sql directory and rename the connections.sql directory to connections.s390.sql.
If the database server and IBM Connections are installed on different systems, copy the SQL scripts to the system that hosts the database server.
- In the SMIT tool, select System Storage Management>File System>Add/Change/Show/Delete File Systems
- Select the file system type you want to use and specify other characteristics as wanted. If you use a Journaled File System, set the Large File Enabled setting to true.
When you are creating a database either with the database wizard or SQL scripts, you must log into the system where the database is hosted with the database administrator account. The default values for DB2 are db2admin on Microsoft Windows, and db2inst1 on Linux and AIX. For Oracle, the default value on AIX and Linux is oracle, and system administrator on Windows. For SQL Server, the default value is the system administrator.
About this task
where file_path is the full path to the log file and application is the name of the log file. For example:
db2 -tvf createDb.sql >> /home/db2inst1/db_activities.log
Ensure that you have write permissions for the directories and log files.
To create the application databases, complete the following steps:
Procedure
What to do next
(DB2 for Linux on System z only.) To improve database performance, enable the NO FILE SYSTEM CACHING option. For more information, see the Enabling NO FILE SYSTEM CACHING for DB2 on System z topic.
Creating Oracle databases manually
Create Oracle databases with SQL scripts instead of using the IBM Connections database wizard.
Before you begin
Follow this procedure if you do not want to use the database wizard to create your databases.
The SQL scripts are located in a compressed file called connections.sql.zip|tar, located in the IBM_Connections_Install/IBMConnections/connections.sql directory of the IBM Connections set-up directory or installation media. Extract this file before proceeding. When extracted, the SQL scripts are located in the IBMConnections/connections.sql/application_subdirectory directory of the IBM Connections set-up directory or installation media, where application_subdirectory is the directory that contains the SQL scripts for each application.
If the database server and IBM Connections are installed on different systems, copy the SQL scripts to the system that hosts the database server.
You must specify the Unicode AL32UTF8 character set.
About this task
This task describes how to use SQL scripts to create Oracle databases for IBM Connections applications. Complete this task only if you do not want to use the database wizard.
sql> spool on
sql> spool output_file
where output_file is the full path and name of the file where the output is captured.
When you have completed this task, run the following command: sql> spool off
To manually create the application database tables, complete the following steps:
Procedure
Creating SQL Server databases manually
Create Microsoft SQL Server databases with SQL scripts instead of using the IBM Connections database wizard.
Before you begin
Follow this procedure if you do not want to use the database wizard to create your databases.
The SQL scripts are located in a compressed file called connections.sql.zip|tar, located in the IBM_Connections_Install/IBMConnections/connections.sql directory of the IBM Connections set-up directory or installation media. Extract this file before proceeding. When extracted, the SQL scripts are located in the IBMConnections/connections.sql/application_subdirectory directory of the IBM Connections set-up directory or installation media, where application_subdirectory is the directory that contains the SQL scripts for each application.
If the database server and IBM Connections are installed on different systems, copy the SQL scripts to the system that hosts the database server.
Before beginning the task, decide whether to use SQL Server with or without an instance name, and with or without an A-Record Alias.
- The name of the server is ServerA.
- You configured the default instance when setting up SQL Server.
- Use only the server name.
- ServerB is the name of the server
- You configured the instancename as Connections when setting up SQL Server.
- Use the ServerB\Connections naming format.
- ServerC is the name of the server
- You configured the default instance when setting up SQL Server.
- You created an A-Record to use as an alias for a new SQL Server called ServerC.
- Use the name of the new A-Record. For example, use A-Record-Name\sqlserver_server_instance_name>
About this task
This task describes how to use SQL scripts to create SQL Server databases for IBM Connections applications.
Download the SQL Server JDBC 2 driver from the Microsoft web site and follow the instructions to extract the driver files. IBM Connections uses the sqljdbc4.jar file.
IBM recommends that you obtain this Microsoft hotfix for the JDBC 2 driver for production deployments.
>> \file_path\db_application.log
where file_path is the full path to the log file and application is the name of the log file.
For example:
sqlcmd >> \home\admin_user\lc_logs\db_activities.log
where sqlcmd is a command with parameters and admin_user is the logged-in user. Ensure that you have write permissions for the directories and log files.
Procedure
What to do next
Enabling NO FILE SYSTEM CACHING for DB2 on System z
When your operating system is Linux on System z, enable the NO FILE SYSTEM CACHING option for IBM DB2 databases to improve performance.
Before you begin
- Important: Enabling the NO FILE SYSTEM CACHING option on an unsupported device could cause your database to become inaccessible. Ensure that your file system supports the NO FILE SYSTEM CACHING option and that it meets the requirements for creating table spaces without file system caching.
- Create a backup copy of the DB2 database using native database tools.
- If the database server and IBM Connections are installed on different systems, copy the SQL scripts to the system that hosts the database server.
- The SQL scripts for DB2 for Linux on System z are located in the connections.s390.sqlapplication_subdirectory directory of the IBM Connections set-up directory or installation media, where application_subdirectory is the directory that contains the SQL scripts for each application.
- You can enable the NO FILE SYSTEM CACHING option for the Activities, Communities, and Profiles databases only.
About this task
When you create DB2 databases for IBM Connections under Linux on System z, the IBM Connections database wizard and the createDb.sql script create table spaces with the FILE SYSTEM CACHING option enabled. If you are storing DB2 table spaces on devices where Direct I/O (DIO) is enabled, such as Small Computer System Interface (SCSI) disks that use Fibre Channel Protocol (FCP), you can improve database performance by enabling the NO FILE SYSTEM CACHING option.
To enable the NO FILE SYSTEM CACHING option, complete the following steps:
Procedure
Populating the Profiles database
Populate the Profiles database with data from the LDAP directory.
Before you begin
- Spend time planning your Profiles population, integration, and customization.
- Involve all the relevant stakeholders at an early stage of the planning process.
- If possible, phase the Profiles rollout and get feedback from pilot users.
- Prepopulate Profiles photos.
- Plan for business card use and for Sametime presence awareness.
- Ensure that Tivoli Directory Integrator is correctly configured.
- Consider using Tivoli Directory Integrator to populate the LDAP and then to populate the Profiles database.
If you are migrating from IBM Connections version 3.0.1 or 3.0.1.1, do not complete the tasks for populating the Profiles database. The migration process handles those tasks separately.
Configuring Tivoli Directory Integrator
Configure IBM Tivoli Directory Integrator (TDI) to synchronize and exchange information between the Profiles database and your LDAP directory.
Before you begin
The internal name of the Profiles database is PEOPLEDB.
About this task
Use Tivoli Directory Integrator to populate the Profiles database repository from an LDAP directory.
You can manually run various Profiles tasks by using the appropriate scripts in the TDI Solution directory. For more information about these tasks, see the Batch files for processing Profiles data topic.
To configure Tivoli Directory Integrator, complete the following steps:
Procedure
Introduction to IBM Tivoli Directory Integrator
IBM Connections uses IBM Tivoli Directory Integrator to transform, move, and synchronize data from your LDAP directories to the Profiles database.
AssemblyLines
The main tool within Tivoli Directory Integrator is the AssemblyLine. An AssemblyLine processes data such as entries, records, items, and objects from an LDAP directory, transforms it, and outputs it to the Profiles database. When you import data from multiple LDAP directories, the AssemblyLine processes, transforms, and combines all the source data before outputting it.
How data is organized can differ greatly from system to system. For example, databases usually store information in records with a fixed number of fields. Directories usually work with variable objects called entries, and other systems use messages or key-value pairs.
Connectors
Connectors are the components that you need to build an AssemblyLine. Connectors are designed so that you do not need to deal with the technical details of working with various data stores, systems, services, or transports. Each type of connector uses a specific protocol or API to handle the details of data source access. You can create your own connectors to support different functions or use the connectors that are provided with IBM Connections.
For more information about creating connectors, see the Developing custom Tivoli Directory Integrator assembly lines for Profiles topic.
work Entries
Tivoli Directory Integrator collects and stores all types of information in a Java data container called a work Entry. The data values are kept in objects called Attributes that the work Entry holds and manages. AssemblyLine components process the information in the work Entry by joining in additional data, verifying content, computing new attributes and values, as well as changing existing ones, until the data is ready for delivery to the Profiles database.
Tivoli Directory Integrator internal attribute mapping, business rules, and transformation logic do not need to deal with type conflicts.
Attribute mapping
Attribute Maps are your instructions on which attributes are brought into the AssemblyLine during input, or included in output operations. An AssemblyLine is designed and optimized for working with one item at a time, such as one data record, one directory entry or one registry key. If you want to perform multiple updates or multiple deletes, then you must write AssemblyLine scripts.
Adding source data to the Profiles database
Populate the Profiles database with information from the source server by using the Profiles population wizard or by populating the database manually.
About this task
Procedure
- Run the Profiles population wizard on the server where Tivoli Directory Integrator is installed. For more information, see Using the Profiles population wizard.
- Populate the Profiles database manually by updating the property values relevant to your configuration in the profiles_tdi.properties file. For more information, see Manually populating the Profiles database.
Using the Profiles population wizard
Use the Profiles population wizard to populate the IBM Connections Profiles database with data from the LDAP directory.
Before you begin
You can populate the Profiles database with the help of the population wizard, as described here, or manually as described in the Manually populating the Profiles database topic. You might choose to use the population wizard to simplify the properties mapping process from your source to the target Profiles database.
- Run the population wizard on the system where Tivoli Directory Integrator is installed.
- If you need to configure multiple systems with Profiles data, you can run the wizard in silent mode. For more information, see the Using the Profiles population wizard in silent mode topic.
- The population wizard populates only those entries where the value for surname is not null.
- You can run the population wizard before, during, or after installing IBM Connections.
About this task
Procedure
Results
Using the Profiles population wizard in silent mode
You can run the Profiles population wizard in silent mode to populate the Profiles database.
Before you begin
When you run the Profiles population wizard in silent mode, it creates the map_dbrepos_from_source.properties file, located in the Wizards\TDIPopulation\platform\TDI directory, and updates this file with data from the mappings.properties file.
If you need to configure multiple systems with Profiles data, you can run the wizard in silent mode.
You can also modify the mappings files manually. For more information, see the Mapping fields manually topic.
(AIX only) If you are downloading the wizard, the TAR program available by default with AIX does not handle path lengths longer than 100 characters. To overcome this restriction, use the GNU file archiving program instead. This program is an open source package that IBM distributes through the AIX Toolbox for Linux Applications at the IBM AIX Toolbox web site. Download and install the GNU-compatible TAR package. You do not need to install the RPM Package Manager because it is provided with AIX.
After you have installed the GNU-compatible TAR program, change to the directory where you downloaded the IBM Connections TAR file, and enter the following command to extract the files from it:
gtar -xvf Lotus_Connections_wizard_aix.tar
This command creates a directory named after the wizard.
About this task
To run the Profiles population wizard in silent mode, complete the following steps:
Procedure
Results
The tdisettings.properties file
When you run the Profiles population wizard, you can record your selections in two response files: a tdisettings.properties file and a mapping file.
After running the Profiles population wizard in interactive mode, you can repeat the same configuration in silent mode by starting the wizard from the command line and passing the response files in as an argument. The wizard uses the values in the response files rather than requiring you to interact with it.
The tdisettings.properties file collects the values that are described in the following table.
| Property | Description | Value |
|---|---|---|
| db.hostname | Host name of the database server. | |
| db.jdbcdriver | Location of the JDBC driver. | Example: C\:\\IBM\\SQLLIB\\java Note: The
extra "\" symbol is an escape character.
|
| db.name | Name of the Profiles database. | Default: PEOPLEDB |
| db.password | Password for connecting to the database. The property is required if you do not specify -dbPassword as a command parameter. |
|
| db.port | Database server port for invoking JDBC. |
|
| db.type | DB2, Oracle, or SQL Server. | db2 | oracle | sqlserver |
| db.user | Name of the database user, such as lcuser. | Example: lcuser |
| ldap.dn.base | LDAP distinguished name search base. | Example: dc=example, dc=com |
| ldap.enable.ssl | Boolean value that determines if SSL is enabled. If the value of this property is yes, you must also provide values for the ssl.keystore, ssl.password, and ssl.type properties. | yes | no |
| ldap.filter | Filter for the LDAP. | Example: (&(uid=*)(objectclass=inetOrgPerson)) |
| ldap.hostname | Host name of the LDAP server. | |
| ldap.password | Password for connecting to the LDAP directory. | Default: 389 or 663 (SSL) |
| ldap.port | Communications port of the LDAP server. | Default: 389 or 663 (SSL) |
| ldap.user | Distinguished name of the LDAP administrative user. | |
| ssl.keyStore | File path to the keystore. Required only if the ldap.enable.ssl property is set to yes. | |
| ssl.password | SSL password. Required only if the ldap.enable.ssl property is set to yes. | |
| ssl.type | SSL standard. Required only if the ldap.enable.ssl property is set to yes. | JKS | PKCS12 |
| task.list | Tasks that the Profiles population wizard
can perform. You can choose from the following options: LDAP_OPTIONAL_TASK_MARK_MANAGER,
LDAP_OPTIONAL_TASK_FILL_COUNTRIES, LDAP_OPTIONAL_TASK_FILL_DEPARTMENT,
LDAP_OPTIONAL_TASK_FILL_ORGANIZATION, LDAP_OPTIONAL_TASK_FILL_EMPLOYEE,
and LDAP_OPTIONAL_TASK_FILL_WORK_LOCATION To execute multiple tasks, separate the tasks with the comma symbol. |
Example: LDAP_OPTIONAL_TASK_MARK _MANAGER,LDAP_OPTIONAL _TASK_FILL_COUNTRIES |
| task.country.csv | File path to the isocc.csv file. Required if you specify LDAP_OPTIONAL_TASK_FILL_COUNTRIES in the task.list property. | Example: C\:\\build\\isocc.csv Note: The
extra "\" symbol is an escape character.
|
| task.department.csv | File path to the deptinfo.csv file. Required if you specify LDAP_OPTIONAL_TASK_FILL_DEPARTMENT in the task.list property. | Example: C\:\\build\\deptinfo.csv Note: The
extra "\" symbol is an escape character.
|
| task.empoyeetype.csv | File path to the emptype.csv file. Required if you specify LDAP_OPTIONAL_TASK_FILL_EMPLOYEE in the task.list property. | Example: C\:\\build\\emptype.csv Note: The
extra "\" symbol is an escape character.
|
| task.organization.csv | File path to the orginfo.csv file. Required if you specify LDAP_OPTIONAL_TASK_FILL_ORGANIZATION in the task.list property. | Example: C\:\\build\\orginfo.csv Note: The
extra "\" symbol is an escape character.
|
| task.worklocation.csv | File path to the workloc.csv file. Required if you specify LDAP_OPTIONAL_TASK_FILL_ORGANIZATION in the task.list property. | Example: C\:\\build\\workloc.csv Note: The
extra "\" symbol is an escape character.
|
| TDI.dir | Installation location of Tivoli Directory Integrator. | Example: C\:\\IBM\\TDI\\V7.1 Note: The
extra "\" symbol is an escape character.
|
Manually populating the Profiles database
Instead of using the Profiles population wizard, you can manually populate the database.
Before you begin
You can populate the Profiles database manually, as described here, or with the help of the population wizard as described in the Using the Profiles population wizard topic. You might choose to manually populate the database to take advantage of functionality not provided by the wizard, such as anonymous LDAP access, large data sets, and property configuration other than what is provided by the wizard, for example alternate source options.
Before starting this task, you must complete the steps in the Mapping fields manually topic. You must set up the mapping file before starting this task.
(AIX only). An AIX limitation causes a file naming error when you extract the tdisol.tar archive. The system renames the profile-links.xsd to profile-links.xs. To resolve this issue, use the GNU Tar program, version 1.14 or higher, to extract the archive. Download the program from ftp://ftp.gnu.org/gnu/tar/ and install it as the default tar utility in the path. The default location for GNU Tar is /usr/local/bin.
The internal name of the Profiles database is PEOPLEDB.
About this task
Procedure
Tivoli Directory Integrator solution properties for Profiles
IBM Connections maps LDAP, database, and other properties with Tivoli Directory Integrator configuration parameters.
The properties described in this topic are found in the supplied profiles_tdi.properties file.
The TDI parameter column in the tables contains the name of the parameter in the LDAP connector. See the Tivoli Directory Integrator product documentation for more information.
You can find additional information about LDAP properties at ibm.com® and other sites.
The following properties are associated in an LDAP directory that will be used as the source for the data. If you wish to use a source other than LDAP, see Manually populating the Profiles database.
| Property | TDI parameter | Definition |
|---|---|---|
| source_ldap_url | LDAP URL hostname and LDAP URL Port | Required. The LDAP web address used to access the source LDAP system. The port is required and is typically 389 for non-SSL connections. Express this value in the form of ldap://host:port. For example: ldap://myservername.com:389. If using the population wizard, this property is configured using the LDAP server name and LDAP server port on the LDAP server connection page. Note: The LDAP query constructed
from the source URL, search base, and search filter are stored in
a source url property, which can be used to segment the Profiles database
user set during synchronization. Using different values for this property,
which may be equivalent (for example referencing the LDAP server by
IP address or DNS name) is not advised.
The default value is ldap://localhost:389. |
| source_ldap_use_ssl | LDAP URL Use SSL connection | Required if you are using SSL to authenticate. Set to either true or false. Set to true if you are using SSL (for example if you are using port 636 in the LDAP URL). The default value is false. If using the population wizard, this property is configured with the Use SSL communication checkbox on the LDAP server connection page. |
| source_ldap_user_login | Login user name | Login user name used for authentication. You can leave this blank if no authentication is required. If using the population wizard, this property is configured in the Bind distinguished name (DN) field on the LDAP authentication properties page. |
| source_ldap_user_password | Login password | Login password used for authentication. Leave this blank if no authentication is required. The value will be encrypted in the file the next time it is loaded. If using the population wizard, this property is configured in the Bind password field on the LDAP authentication properties page. |
| source_ldap_search_base or source_ldap_user_search_base | Search Base | The search base (the location from where
the search begins) of the iterating directory. The search begins at
this point in the ldap directory structure and searches all records
underneath. This should be a distinguished name.
Note: Most directories
require a search base, and as such it must be a valid distinguished
name. Some directory services allow you to specify a blank string
which defaults to whatever the server is configured to do.
A default value is not specified. If using the population wizard, this property is configured in the LDAP user search base field on the LDAP page. |
| source_ldap_search_filter or source_ldap_user_search_filter | Search Filter | Search filter used when iterating the directory. This determines which objects are included or excluded in the search. If using the search base and the specified search filter properties do not allow you to adequately construct your search set, use the source_ldap_required_dn_regex property. Note: Search
filters are used by those directories to select entries from which
data is retrieved from a search operation. Care should be taken when
specifying search filters as they can affect performance of the directory
being searched. The directory server schema being queried can impact
performance.
A default value is not specified. If using the population wizard, this is the LDAP user search filter field on the LDAP authentication properties page. |
| source_ldap_sort_page_size | Page size | If specified, the LDAP Connector tries to use paged mode search. Paged mode causes the directory server to return a specific number of entries (called pages) instead of all entries in one chunk. Not all directory servers support this option. The default value is 0, which indicates that paged mode is disabled. The default value is 0. This parameter is not configurable when using the population wizard. |
| source_ldap_authentication_method | Authentication Method | Options include the following:
This parameter is not configurable when using the population wizard. |
| source_ldap_collect_dns_file | Name of the file used to collect distinguished names (DNs) by the collect_dns.bat/sh process from the source, and then used during population by the populate_from_dn_file.bat/sh processes to look up entries to add to the database repository. This file can also be constructed by hand to populate an explicit set of users. The default value is collect.dns. This parameter is not configurable when using the population wizard. |
|
| source_ldap_escape_dns | Indicates that special characters have not been escaped properly and identifies them so the processor can find those characters and escape them. Special characters are:
The backslash is used to escape special characters. A plus sign is represented by \+ and a backslash is represented by \\. if your distinguished names contains these special characters and you receive errors when running the collect_dns/populate_from_dn_file process, set this property to true so that the characters are escaped. The default value is false. This parameter is not configurable when using the population wizard. |
|
| source_ldap_required_dn_regex | Allows a regular expression to be used to limit the distinguished names (DNs) which are processed by providing a regular expression which must be matched. If the regular expression is not matched, that particular record is skipped. Although the search filter property gives some flexibility, in case this is not sufficient, you can use a more powerful regular expression. A default value is not specified. This parameter is not configurable when using the population wizard. |
|
| source_ldap_sort_attribute | Sort Attribute | Specifies server-side sorting. This parameter instructs the LDAP server to sort entries matching the search base on the specified field name. Server-side sorting is an LDAP extension. The iterating directory must be able to support this sorting extension. A default value is not specified. This parameter is not configurable when using the population wizard. |
| source_ldap_iterate_with_filter | This property should be used if the size of the data to be retrieved from LDAP exceeds the search limit from the LDAP. For example, if your search parameters would return 250K records but your LDAP only allows 100K to be returned at a time, this parameter must be used. If the data is too large, an LDAP size limit exceeded error message is generated. To configure this mechanism, see the Populating a large user set topic. When set to true, this specifies that the default iteration assembly line use the collect_ldap_dns_generator.js file to iterate over a set of LDAP search bases and filters. The cconfig setting replaces the sync_all_dns_forLarge and collect_dns_iterate scripts used in earlier releases. This parameter is not configurable when using the population wizard. The default value is false. |
|
| source_ldap_binary_attributes | Binary Attributes | By default, this property is set internally to GUID, objectGUID, objectSid, sourceObjectGUID. Any additional values specified in the property are appended to the list. This parameter is not configurable when using the population wizard. The default value is GUID. |
| source_ldap_time_limit_seconds | Time Limit | Specifies the maximum number of seconds that can be used when searching for entries; 0 = no limit. This parameter is not configurable when using the population wizard. The default value is 0. |
| source_ldap_map_functions_file | Specifies the location of any referenced function mappings. When using the population wizard, the functions shown in the mapping dialog are read from and written to this file. The default value is profiles_functions.js. |
|
| source_ldap_logfile | In addition to the standard logs/ibmdi.log file, output from the populate_from_dn_file.bat or populate_from_dn_file.sh task is written to this file. This parameter is not configurable when using the population wizard. The default value is logs/PopulateDBFromSource.log. |
|
| source_ldap_compute_function_for_givenName | Connections allows Javascript functions for setting values of common LDAP fields such as cn, sn, givenName to execute before Connections performs its mapping. For example, sn and/or givenName can be parsed from cn (common name). This parameter is not configurable when using the population wizard. A default value is not specified. |
|
| source_ldap_compute_function_for_sn | Connections allows Javascript functions for setting values of common LDAP fields such as cn, sn, givenName to execute before Connections performs its mapping. For example, sn and/or givenName can be parsed from cn (common name). This parameter is not configurable when using the population wizard. A default value is not specified. |
|
| source_ldap_collect_updates_file | This property is no longer used. |
|
| source_ldap_manager_lookup_field | This property is no longer used. |
|
| source_ldap_secretary_lookup_field | This property is no longer used. |
Many properties in the TDI LDAP connector are not mapped to Profiles TDI properties. To configure properties other than those listed here, consider using an alternate source repository and creating your own specialized configuration. Use the LDAP iterator and connectors provided with the TDI solution directory as a starting point, see Using a custom source repository connector for more information.
| Property | TDI parameter | Definition |
|---|---|---|
| dbrepos_jdbc_driver | JDBC Driver | Required. The JDBC driver implementation class name used to access the Profiles database repository. For
DB2, the default is com.ibm.db2.jcc.DB2Driver. For
example:
For
Oracle, the default is oracle.jdbc.driver.OracleDriver.
For example:
If
you are using a Microsoft SQL Server database, change the value to
reference a SQL Server driver, for example:
This corresponds to the JDBC driver path in the population wizard. If not using the wizard, this library must be present in the CLASSPATH of Tivoli Directory Integrator, or Tivoli Directory Integrator cannot load the library when initializing the Connector and cannot communicate with the Relational Database (RDBMS). To install a JDBC driver library so that Tivoli Directory Integrator can use it, copy it into the TDI_install_dir/jars directory, or a subdirectory such as TDI_install_dir/jars/local. |
| dbrepos_jdbc_url | JDBC URL | Required. JDBC web address used to access the Profiles database repository. You must modify the
hostname portion and port number to reference your server information.
Note: You
can find this information by accessing the WebSphere Application Server Administration
Console (http://yourhost:9060),
and then selecting .
The default syntax is for DB2, unless using the wizard, but the default uses a local host. If the DB2 is not on the same system as the TDI solution directory, update the URL with the host name. If you are using
an Oracle database, use the following syntax:
If
you are using a SQL Server database, use the following syntax:
|
| dbrepos_username | User name | Required. User name under which the database tables, which are part of the Profiles database repository, are accessed. |
| dbrepos_password | Password | Required. Password associated with the username under which the database tables, which are part of the Profiles database repository, are accessed. |
| dbrepos_mark_manger_if_referenced | This property is no longer used. |
| Property | TDI parameter | Definition |
|---|---|---|
| monitor_changes_dsml_server_authentication | Type of authentication used by the DSML server update requests. Options include the following:
|
|
| monitor_changes_dsml_server_url | Required if you are transmitting
user changes back to the source repository. Web address of the DSML server to which the DSML update requests should be sent. |
|
| monitor_changes_dsml_server_username | Required if you are transmitting
user changes back to the source repository. User name used for authentication to the DSML server. |
|
| monitor_changes_dsml_server_password | Required if you are transmitting
user changes back to the source repository. Password used for authentication to DSML server that the DSML update requests should be sent to. |
|
| monitor_changes_map_functions_file | Path to the file containing mapping functions for mapping from a changed database field to a source. for example LDAP field. This is only needed if changes made to the source based on database repository field changes are not mapped one-to-one. You can use the same file you use to map from source to database repository fields, assuming the functions are named appropriately. |
|
| monitor_changes_sleep_interval | Polling interval, in seconds, between checks for additional changes when no changes exist. |
| Property | TDI parameter | Definition |
|---|---|---|
| ad_changelog_ldap_url | LDAP web address used to access the LDAP
system that was updated. For example:
|
|
| ad_changelog_ldap_user_login | Login user name to use to authenticate with an LDAP system that has been updated. You can leave this blank if no authentication is needed. |
|
| ad_changelog_ldap_user_password | Login user name to use to authenticate with an LDAP that has been updated. You can leave this blank if no authentication is needed. The value will be encrypted in the file the next time it is loaded. |
|
| ad_changelog_ldap_search_base | ||
| ad_changelog_ldap_use_ssl | Defines whether or not to use SSL in authenticating with an LDAP system that was updated. The options are true and false. |
|
| ad_changelog_timeout | ||
| ad_changelog_sleep_interval | Polling interval, in seconds, between checks for additional changes when no changes exist. |
|
| ad_changelog_use_notifications | Indicates whether to use changelog notifications rather than polling. If true, the tds_changelog_sleep_interval is not applicable since polling is not used. The options are true and false. |
|
| ad_changelog_ldap_page_size | ||
| ad_changelog_start_at | Change number in the Active Directory changelog to start at. Typically this is an integer, while the special value EOD means start at the end of the changelog. |
|
| ad_changelog_ldap_required_dn_regex. | ||
| tds_changelog_ldap_authentication_method | Authentication Method | Authentication method used to connect to LDAP to read records. Options include the following:
|
| tds_changelog_ldap_changelog_base | ChangelogBase | Changelog base to use when iterating through the changes. This is typically cn=changelog. |
| tds_changelog_ldap_time_limit_seconds | Time Limit | Searching for entries must take no more than this number of seconds; 0 = no limit. |
| tds_changelog_ldap_url | LDAP URL | LDAP web address used to access the LDAP
system that was updated. For example:
|
| tds_changelog_ldap_use_ssl | Use SSL | Defines whether or not to use SSL in authenticating with an LDAP system that was updated. The options are true and false. |
| tds_changelog_ldap_user_login | Login user name | Login user name to use to authenticate with an LDAP system that has been updated. You can leave this blank if no authentication is needed. |
| tds_changelog_ldap_user_password | Login password | Login user name to use to authenticate with an LDAP that has been updated. You can leave this blank if no authentication is needed. The value will be encrypted in the file the next time it is loaded. |
| tds_changelog_sleep_interval | Polling interval, in seconds, between checks for additional changes when no changes exist. |
|
| tds_changelog_start_at_changenumber | Change number in the Tivoli Directory Server changelog to start at. Typically this is an integer, while the special EOD value means start at the end of the changelog. |
|
| tds_changelog_use_notifications | Indicates whether to use changelog notifications rather than polling. If true, the tds_changelog_sleep_interval is not applicable since polling is not used. The options are true and false. |
- log4j.logger.com.ibm.lconn.profiles.api.tdi=ALL
- log4j.logger.com.ibm.lconn.profiles.internal.service=ALL
- log4j.logger.java.sql=ALL
| Property | TDI parameter | Definition |
|---|---|---|
| sync_all_dns | For information about sync_all_dns, see Understanding how the sync_all_dns process works. | |
| debug_managers | Flag that instructs TDI to log additional debug information for the following command(s). The options are true and false. To enable, set as debug_managers=true. This
property maps as follows:
The default setting is false. |
|
| debug_photos | Flag that instructs TDI to log additional debug information for the following command(s). The options are true and false. This property maps as follows:
The default setting is false. |
|
| debug_pronounce | Flag that instructs TDI to log additional debug information for the following command(s). The options are true and false. This property applies to the following
command(s):
The default setting is false. |
|
| debug_fill_codes | Flag that instructs TDI to log additional debug information for the following command(s). The options are true and false. This property applies to the following
command(s):
The default setting is false. |
|
| debug_draft | Flag that instructs TDI to log additional debug information for the following command(s). The options are true and false. This property applies to the following
command(s):
The default setting is false. |
|
| debug_update_profile | Flag that instructs TDI to log additional debug information for the following command(s). The options are true and false. This property applies to the following
command(s):
The default setting is false. |
|
| debug_collect | Flag that instructs TDI to log additional debug information for the following command(s). The options are true and false. This property applies to the following
command(s):
The default setting is false. |
|
| debug_special | Flag that instructs TDI to log additional debug information for the following command(s). The options are true and false. This property applies to the following
command(s):
The default setting is false. |
|
| trace_profile_tdi_javascript | Enables generation of an internal Javascript trace file. Options are OFF, FATAL, ERROR, WARN, INFO, DEBUG, TRACE, ALL ( values are not case-sensitive). The default setting is OFF. |
Batch files for processing Profiles data
IBM Connections provides several batch files that automate the collection and processing of LDAP data for the Profiles database.
Batch file functions
The following list describes each batch file and its functions. You can search for more information about these files in the help topics.
- clearLock
- Delete the lock file that is generated by the sync_all_dns batch file.
- collect_dns
- Create a file called collect.dns that contains the distinguished names from the LDAP directory. This batch file is used in the first step of the process to populate the Profiles database.
- delete_or_inactivate_employees
- Deactivate
employee records in the Profiles database. The records
are not removed from the Profiles database but are set to an inactive
state and the employee login and mail address values are removed.
These changes are propagated to the member and login tables in the
databases of installed applications. The records to be deactivated
are defined in the delete_or_inactivate_employees.in file.
To remove users from only the Profiles database, change the
value of the sync_delete_or_inactivate property in the profiles_tdi.properties file
to delete.Note: You must manually create the delete_or_inactivate_employees.in file. Use the following format for adding entries:
$dn:cn=Any User3,cn=Users,l=WestfordFVT,st=Massachusetts,c=US,ou=Lotus,o=Software Group,dc=ibm,dc=com uid:Any User3
- dump_photos_to_files
- Copy all the photos from the PHOTO table in the Profiles database to a folder on the local system called dump_photos. This batch file also creates a local file called collect_photos.in that contains the UID and URL of each photo.
- dump_pronounce_to_files
- Copy all the pronunciation files from the PRONUNCIATION table in the Profiles database to a folder on the local system called dump_pronounce. the local files. This batch file also creates a local file called collect_pronounce.in that contains the UID and URL of each pronunciation file.
- fill_country
- Populate the COUNTRY table in the Profiles database from the isocc.csv file.
- fill_department
- Populate the DEPARTMENT table in the Profiles database from the deptinfo.csv file.
- fill_emp_type
- Populate the EMP_TYPE table in the Profiles database from the emptype.csv file.
- fill_organization
- Populate the ORGANIZATION table in the Profiles database from the orginfo.csv file.
- fill_workloc
- Populate the WORKLOC table in the Profiles database from the workloc.csv file.
- load_photos_from_files
- Load all the photos from the dump_photos folder on the local system to the PHOTO table in the Profiles database. This batch file reads the collect_photos.in file and the dump_photos folder that you created with the dump_photos_to_files batch file. This batch file loads photos only for people who are already recorded in the database.
- load_pronounce_from_files
- Load all the pronunciation files from the dump_pronounce folder on the local system to the PRONUNCIATION table in the Profiles database. This batch file reads the collect_pronounce.in file and the dump_pronounce folder that you created with the dump_pronounce_to_files batch file. This batch file loads pronunciation files only for people who are already recorded in the database.
- mark_managers
- Set the PROF_IS_MANAGER field in the Profiles database, based on the value of the PROF_MANAGER_UID field in the employee records.
- populate_from_dn_file
- Populate the Profiles database from the source LDAP directory. This batch file reads the collect.dns data file that you created with the collect_dns batch file. The batch file also updates existing employee records in the Profiles database.
- process_ad_changes
- Synchronize
LDAP directory changes with the Profiles database
when your LDAP directory type is Microsoft Active
Directory. This batch file is stored in the solution-dir/Samples directory.
For
more information, go to the Active Directory Change Detection Connector topic
in the Tivoli Directory
Integrator information center. For information about permissions,
go to the How
to poll for object attribute changes topic on the Microsoft Support website.Note: The sync_all_dns script is recommended when you want to synchronize changes in the LDAP directory with the Profiles database.
- process_draft_updates
- Synchronize changes from the Profiles database back to the LDAP directory.
- process_tds_changes
- Synchronize
LDAP directory changes with the Profiles database
when your LDAP directory type is IBM Tivoli Directory
Server. This batch file is stored in the solution-dir/Samples directory.Note: The sync_all_dns script is recommended when you want to synchronize changes in the LDAP directory with the Profiles database.
- sync_all_dns
- Update the Profiles database to capture changes to the LDAP directory. This synchronization process includes updates to employee records and additions and deletions of records.
- tdienv
- Set the correct environment for IBM Tivoli Directory Integrator. This batch file sets the path to the Tivoli Directory Integrator program, the Tivoli Directory Integrator host, and the Tivoli Directory Integrator port. If you installed Tivoli Directory Integrator to a custom location, modify the path to that location before using this batch file.
Populating a large user set
Populate the Profiles database from an LDAP directory with a large user population.
In very large organizations, the number of users in the LDAP directory exceeds the capacity of the Tivoli Directory Integrator assembly lines for Profiles. To overcome this restriction, you can populate the database by using manual TDI assembly lines. You cannot use the Profiles population wizard.
For related information and details, see Tivoli Directory Integrator help.
Limits with large user sets
source_ldap_page_size=1000 LDAP: error code 4 - Sizelimit ExceededIf neither of these alternatives is successful, use a special set of assembly lines to populate your Profiles database from your LDAP directory.
Alternative population process
If you have a very large set of data, set the source_ldap_iterate_with_filter property in the profiles_tdi.properties file to true. This uses the collect_ldap_dns_generator.js file to retrieve search criteria for a batch of records. The batch is always smaller than the limit of the LDAP retrieval.
The collect_ldap_dns_generator.js file constructs a search filter with a portion of UIDs but does not modify the search base. It is data-specific so you need to modify it for your own deployment. Modify suppliesSearchBase() or suppliesSearchBase(), depending on which filter is used in the LDAP retrieval.
If one of the filters is changed to return true (in the supplied file, suppliesSearchBase returns true), the corresponding function, either getNextSearchBase() or getNextSearchFilter(), is called in iterations. Each time the function is called it returns a string with the next search base or filter to use. When it reaches the end of the batch, it returns null.
In the sample file, the UID is examined over a range of its first characters. The process first uses some special characters and then examines the first two characters of the UID string, or example aa*, ab*, and so on. After it reaches zz* it returns null and the collect_dns assembly line stops processing. You can then run populate_from_dn_file.
Mapping fields manually
To populate the Profiles database with data from the enterprise LDAP directory, map the content of the fields in the database to the fields in the LDAP directory.
About this task
Edit the map_dbrepos_from_source.properties file to map fields between the Profiles database and the LDAP directory. Open the profiles_functions.js file to see the options for the different mapping functions. You can add your own functions if necessary.
The internal name of the Profiles database is PEOPLEDB.
To map fields, complete the following steps:
Procedure
What to do next
The properties in the map_dbrepos_from_source.properties file have the default values defined in the following table. Many of them are null. You must determine which LDAP properties to map to your database fields and edit this file to specify values that apply to your configuration. Any values that you omit or set to null are not populated in the database.
| TDI property | Default LDAP attribute mapping |
|---|---|
| alternateLastname | null |
| bldgId | null |
| blogUrl | null |
| calendarUrl | null |
| countryCode | c |
| courtesyTitle | null |
| deptNumber | null |
| description | null |
| displayName | cn Required. |
| distinguishedName | $dn Required. |
| employeeNumber | employeenumber |
| employeeTypeCode | employeetype |
| experience | null |
| faxNumber | facsimiletelephonenumber |
| floor | null |
| freeBusyUrl | null |
| givenName | givenName |
| givenNames | gn |
| groupwareEmail | null |
| guid | See the note at the foot of this table about
mapping the guid, uid, and loginId. Required |
| ipTelephoneNumber | null |
| isManager | null |
| jobResp | null |
| loginId | See the note at the foot of this table about mapping the guid, uid, and loginId. |
| logins | null |
| managerUid | $manager_uid This property represents a lookup of the UID of the manager using the Distinguished Name in the manager field. |
| mobileNumber | mobile |
| nativeFirstName | null |
| nativeLastName | null |
| officeName | physicaldeliveryofficename |
| orgId | ou |
| pagerId | null |
| pagerNumber | null |
| pagerServiceProvider | null |
| pagerType | null |
| preferredFirstName | null |
| preferredLanguage | preferredlanguage |
| preferredLastName | null |
| secretaryUid | null |
| shift | null |
| surname | sn You must provide this field because the Search application expects to find it in the Profiles database. Required. |
| surnames | sn |
| telephoneNumber | telephonenumber |
| timezone | null |
| title | null |
| uid | See the note at the foot of this table about
mapping the guid, uid, and loginId. Required. |
| workLocationCode | postallocation |
- Microsoft Active Directory
guid={function_map_from_objectGUID}
You must use a JavaScript function to define the value for Active Directory because objectGUID is stored in Active Directory as a binary value, but is mapped to guid, which is stored as a string in the Profiles database. Also, the samAccountName property used by Active Directory has a 20 character limit, as opposed to the 256 character limit of the other IDs used by IBM Connections. - IBM Lotus Domino
guid={function_map_from_dominoUNID}
- IBM Directory Server
guid=ibm-entryUuid
- Sun Java System Directory
Server
guid=nsUniqueID
- Novell eDirectory
guid={function_map_from_GUID}
- It must be present in every entry that is to be added to the database.
- It must be unique.
- In a multi-LDAP environment, it must be unique across LDAP directories.
- It must be 256 characters or fewer in length.
- If you are mapping the uid from an LDAP field,
specify the name of the field. However, if you need to parse it from
the distinguished name and it is in the DN in the form of uid=value,
use the following mapping function:
{func_map_to_db_UID}
- Use the isManager and managerUid properties to set up the organizational structure of the organization. The isManager field determines whether the current person is a manager or not. You must assign a Y (Yes) or N (No) value to this property for each entry. Y identifies the person as a manager. The managerUid identifies the UID of the current person's manager. By default, managerUid is mapped to $manager_uid, which represents a lookup of the UID of the manager (using the Distinguished Name contained in the LDAP manager field). If a user's manager information is not contained in the $manager_uid field, you should adjust the mapping accordingly. These two properties work together to identify manager/employee relationships and create a report-to chain out of individual user entries.
- If users intend to log into Profiles using a single-valued user
name other than the value specified in the uid or email properties,
you must map that user name value to the loginId property.
To do so, complete the following step:
- Set the loginId property in the map_dbrepos_from_source.propeties file
equal to the LDAP property that you want to use as the login ID. For
example, if you want to use employeeNumber as the
login property, edit the property value as follows:
loginId=employeeNumber
If you have more than one additional login ID (such as with a long and short form user ID) and you want to allow users to login with either of their login IDs, you can populate multiple additional login IDs by using one of the following settings:
logins=multiValuedLdapAttribute
or
logins={function_to_get_multiple_ldap_values}
- Set the loginId property in the map_dbrepos_from_source.propeties file
equal to the LDAP property that you want to use as the login ID. For
example, if you want to use employeeNumber as the
login property, edit the property value as follows:
For more information, see the Tivoli Directory Integrator product documentation.
IBM Connections supports the ability to classify a profile using a profile type. The profile type allows the application to provide the set of properties that are intended for a given profile object. For more information, see Profile-types.
Example complex mapping of Profiles data
This example illustrates a sample complex mapping using Javascript functions to define mapping between the LDAP directory and the Profiles database.
When manually mapping Profiles fields you can perform 1:1 or complex mapping as described in the Mapping fields manually topic.
In this example, the mapping pertains to the surnames list. The primary CRUD functions (create, retrieve, update and delete) are illustrated context. The example is intended for illustrative purposes only.
surname=sn
surnames={func_surNames_basic}function func_surNames_basic( fieldName) {
var fieldName str = fieldName.toString(); // be cautious, make sure it is a string.
var result = work.getAttribute("sn"); // get the list
if(result == null) {
result = "no sn work element"; // return bogus value. See the function
// func_compute_givenName() in profiles_functions.js
// for a more realistic approach.
}
else
{
result = result.clone();
var len = result.size();
for (var i = 0; i <len; i++) {
var val = result.getValue(i);
if (!(val instanceof java.lang.String)) {
val = java.lang.String.valueOf(val);
val = val + " Esq // append ‘Esq.
result.setValue(i, val); // update value
}
}
}
result.setValue(len, fieldNamestr);
return result;
}In the first line the fieldName value is the name of the property, in this example the surnames property. This makes it possible to use the same function for a number of items.
In the third line the sn list is a variable named result. The argument of the getAttribute() must be the value of a property, in this example the sn property value.
A test for sn not being available occurs at the fourth line in the result = "no sn work element" statement.
Given that the list is available, we clone it to avoid changing the entry list. We next iterate through the list testing to verify that each value is a string. This is a best practice even though in this case it may seem unnecessary. The line containing “result.getValue(i);” gets the next item in the list; this represents the R element of CRUD. The result.setValue(i, val); line shows how to modify a value; this represents the U element of CRUD. After the iteration we add the fieldname to the list in the result.setValue(len, fieldNamestr); statement; this represents the C element of CRUD. The example uses the same setValue method for both the create and update functions.
if (i > 4)
{
result.removeValue(i);
len--; i--;
continue;
}Attribute mapping for Profiles
When the Profiles directory service is enabled, IBM Connections relies on the Profiles database to provide user data such as user name, ID, and email.
The internal name of the Profiles database is PEOPLEDB.
The following table shows the mapping relationships between Profiles, the Profiles directory service, Virtual Member Manager, and LDAP.
| Profiles database column | Profiles Directory Service | Virtual Member Manager | LDAP |
|---|---|---|---|
| PROF_GUID | ID | uniqueId | UUID/GUID/UNID (defined in RFC4122) |
| PROF_DISPLAY_NAME | Name | cn/displayName | cn/displayName |
| PROF_MAIL | mail/ibm-primaryEmail | mail/ibm-primaryEmail | |
| PROF_SOURCE_UID | DN | uniqueName | DN |
| PROF_UID | UID | UID | UID or samAccountName (in MS AD/ADAM only) |
| PROF_LOGIN | LOGIN | Login attributes other than UID and mail | LDAP login attributes other than UID and mail |
The following table shows the population functions that are used in TDI scripts to populate ID into PROF_GUID.
| LDAP implementations | LDAP attribute type names | LDAP syntax | TDI scripts with functions |
|---|---|---|---|
| IBM Lotus Domino Server | dominoUNID | Directory String (in Byte String Format) | {function_map_from_dominoUNID} |
| Novell eDirectory Server | GUID | Octet String (in Binary Format) | {function_map_from_GUID} |
| Microsoft AD/ADAM Server/Service | objectGUID | Octet String (in Binary Format) | {function_map_from_objectGUID} |
| Microsoft AD/ADAM Server/Service | objectSID | Octet String (in Binary Format) | {function_map_from_objectSID} |
| IBM Tivoli Directory Server | ibm-entryUUID | Directory String (in Canonical Format) | n/a |
| Sun Java Directory Server | nsuniqueid | Directory String (in Canonical Format) | n/a |
Configuring the Manager designation in user profiles
When you map manager data in the Profiles database, you can mark manager profiles and also create report-to chains.
Each profile contains a manager_uid field which stores the uid value of that person's manager. This information is used to build the Reports To display widget in the Profiles user interface. For information about the manager_uid field, see Mapping fields manually.
Additionally, the isManager field (which equates to the Mark manager mapping task in the Profiles population wizard) is used to mark the user profile as being a manager. This information is used to build the People Managed display widget in the Profiles user interface. A Y or N attribute is assigned to an employee to indicate whether the employee is listed as a manager of other employees.
You can set the isManager field as described in the Mapping fields manually topic (using either 1:1 mapping or function mapping) or by running the Mark manager task (using the population wizard or by running the mark_manager.bat or mark_manager.sh script). For more information about these options see Using the Profiles population wizard and Manually populating the Profiles database.
PROF_IS_MANAGER=ismanagerIf the manager information is supplied directly from the source, the Mark manager task is not necessary.
The Mark manager task will iterate through the profiles, and see if that particular profile is referenced as the manager for any other profiles. If yes, it will mark that profile as a manager. If that profile is not referenced as anyone else's manager, it will be marked as not a manager.
For information about configuring the display of the Reports To and People Managed widgets for your organization, see Enabling the display of organizational structure information.
Supplemental user data for Profiles
You can supplement user profiles data using a mapping table, the profiles_tdi.properties file, and CSV files.
Mapping user data
You can map additional user data to supplemental tables within the Profiles database and then display that data in a user's profile.
When the LDAP directory provides a code or abbreviation for a particular setting, the supplemental table can provide extra data. For example, an employeeType of P in the LDAP directory might correspond to Permanent. If the employee-type table is populated with data such as p;permanent, this extra data can be displayed in the profile.
- Fill countries
- Add country data to each profile.
- Fill departments
- Add department data to each profile.
- Fill organization
- Add organization data to each profile.
- Fill employee types
- Add employee-type data to each profile.
- Fill work locations
- Add location data to each profile.
CSV files
A CSV (comma separated value) file is required as input for each of these tasks.
country_table_csv_separator=;
country_table_csv_file=isocc.csv
department_table_csv_separator=;
department_table_csv_file=deptinfo.csv
emp_type_table_csv_separator=;
emp_type_table_csv_file=emptype.csv
organization_table_csv_separator=;
organization_table_csv_file=orginfo.csv
workloc_table_csv_separator=;
workloc_table_csv_file=workloc.csvThe separator character separates the different tokens in each line. The second property is the name of the file, relative to the solution directory.
The first token is the code. The next attributes are read in order for each additional field. No other fields are required.
The data that can be populated in these tables is usually provided as two values per line: code;description.
For the workloc code, the values can be code;addr1;addr2;city;state;zip. For example: WSF;FIVE TECHNOLOGY PARK DR;;WESTFORD;MA;01886-3141.Fields that you do not require in your mapping can be omitted from the file; this example uses only one addr field.
- countryCode
- isocc.csv
- deptNumber
- deptinfo.csv
- orgId
- orginfo.csv
- employeeTypeCode
- emptype.csv
- workLocationCode
- workloc.csv
Sample CSV file
This sample shows some lines from the isocc.csv file, which can be used to fill countries data:
ad;Andorra, Principality of ae;United Arab Emirates af;Afghanistan, Islamic State of ag;Antigua and Barbuda ai;Anguilla al;Albania am;Armenia an;Netherlands Antilles ao;Angola aq;Antarctica ar;Argentina
You can find more sample CSV files in the wizard_files_directory/TDIPopulation/TDISOL/aix|lin|win/samples directory, where the wizard_files_directory is the location of the various Wizard files that you downloaded or received on disk, and aix|lin|win is the AIX, Linux, or Microsoft Windows version of the directory.
Installing Cognos Business Intelligence
IBM Cognos Business Intelligence collects, manages, and displays statistical information for the Metrics application in IBM Connections. Installing Cognos Business Intelligence involves installing IBM WebSphere Application Server Network Deployment, plus a database client, in addition to the Cognos components.
Before you begin
This documentation assumes you are deploying Cognos Business Intelligence before you install IBM Connections. If you choose to deploy Cognos later, you can ignore any Cognos-related validation errors during the Connections installation process and then return to this section later for instructions on deploying the Cognos components. Even if you are not deploying Cognos now, you can create the raw Metrics database and install the Metrics application so that Connections can immediately begin capturing event data for later use.
About this task
IBM Connections requires a customized version of Cognos Business Intelligence, which is installed using the provided script. You cannot use previously deployed Cognos Business Intelligence components with the Metrics application. For best performance, use a separate computer for the customized version of Cognos Business Intelligence.
To install the Cognos Business Intelligence and its supporting software, complete these tasks:
Installing required patches on the Cognos BI Server system
Before installing IBM Cognos Business Intelligence and its related software, prepare the server environment by applying required patches to the operating system and other third-party components.
About this task
Any required patches must be installed before you attempt to deploy the Cognos server.
Procedure
Installing WebSphere Application Server for Cognos Business Intelligence
Install IBM WebSphere Application Server Network Deployment on the computer that will host IBM Cognos Business Intelligence, so that the server can be managed by the Deployment Manager used with IBM Connections.
About this task
The WebSphere node hosting the Cognos BI server will be federated to the same dedicated Deployment Manager as your IBM Connections deployment. Do not use a WebSphere node that has already been federated to a different Deployment Manager.
Procedure
Installing Cognos Business Intelligence components
Install IBM Cognos Business Intelligence on the computer where you previously installed IBM WebSphere Application Server Network Deployment and the database client. The Cognos product consists of two components (Cognos BI Server and Cognos Transformer); you must install both components as part of this deployment.
Before you begin
- The Cognos Content Store database must have been created on the database server, and that database server must be running (see Creating databases
- The Deployment Manager must be running.
- The database client must have been installed on the current server, but does not have to be running.
- The current server must reside within the same domain as the IBM Connections servers so you can enable SSO (Single Sign-On) as required for generating reports.
- The user running the Cognos installation script must have permissions to use the database client.
About this task
Installing Cognos Business Intelligence requires two Cognos packages (BI Server and Transformer) in addition to the scripts provided in the IBM Connections kit.
| Operating System | Cognos BI Server package name | Cognos Transformer package name |
|---|---|---|
| IBM AIX | IBM Cognos Business Intelligence Server 64-bit 10.1.1 AIX Multilingual | IBM Cognos Business Intelligence Transformer 10.1.1 AIX Multilingual |
| Linux | IBM Cognos Business Intelligence Server 64-bit 10.1.1 Linux x86 Multilingual | IBM Cognos Business Intelligence Transformer 10.1.1 Linux x86 Multilingual |
| Microsoft Windows | IBM Cognos Business Intelligence Server 64-bit 10.1.1 Windows Multilingual | IBM Cognos Business Intelligence Transformer 10.1.1 Windows Multilingual |
| zLinux (System z) | IBM Cognos Business Intelligence Server 64-bit 10.1.1 Linux on System z Multilingual (CI5W5ML | IBM Cognos Business Intelligence Transformer 10.1.1 Linux on System z Multilingual (CI2QHML) |
Procedure
Results
- Cognos BI Server: cognos.biserver.install.path
- AIX or Linux: /opt/IBM/Cognos64
- Windows: C:\Program Files\IBM\Cognos
- Cognos Transformer: cognos.transformer.install.path
- AIX or Linux: /opt/IBM/Cognos
- Windows: C:\Program Files (x86)\IBM\Cognos
<date><time> : daily refresh success
<date><time> : rebuild <year><month> success
- Cognos BI Server installation
log: Cognos_BI_install_path/logs/cogserver.log
- AIX or Linux: /opt/IBM/Cognos64/logs/cogserver.log
- Windows: C:\Program Files\IBM\Cognos\logs\cogserver.log
- Cognos Transformer installation
log: Cognos_Transformer_install_path/logs/cogserver.log:
- AIX or Linux: /opt/IBM/Cognos/logs/cogserver.log
- Windows: C:\Program Files (x86)\IBM\Cognos\logs\cogserver.log
Installing the database client for Cognos Transformer
Install a database client on the computer where you will host IBM Cognos Business Intelligence. The Cognos Transformer component requires the use of a database client to ensure proper access to the database server for PowerCube generation and reporting.
Installing the DB2 database client for Cognos Transformer
Install the IBM DB2 database client on the computer where you will host IBM Cognos Business Intelligence.
Before you begin
Before you install the database client, the database server must be installed and running, and you must have created the Metrics database and the Cognos Content Store database.
Procedure
Installing the Oracle database client for Cognos Transformer
Install the Oracle database client on the computer where you will host IBM Cognos Business Intelligence.
Before you begin
Before you install the database client, the database server must be installed and running, and you must have created the Metrics database and the Cognos Content Store database.
For troubleshooting information on configuring the Oracle database client for use with Cognos, see the IBM technote, Resolving Oracle connection errors.
Procedure
Federating the Cognos server to the Deployment Manager
The computer hosting the IBM Cognos Business Intelligence server must be federated to the same dedicated Deployment Manager used by IBM Connections.
Before you begin
- The Deployment Manager is running.
- The Cognos server is stopped (if you started it after installation, stop it now by stopping the IBM WebSphere Application Server hosting it).
- The system clock on the Cognos server is set to within 1 minute of the time (and time zone) of the system clock on the Deployment Manager.
- The Deployment Manager and the Cognos server are either both registered in the DNS or are referenced in each other’s etc/hosts file.
About this task
This task involves working on the newly installed Cognos Business Intelligence server to add the node to the Deployment Manager, and then working on the Deployment Manager to create virtual ports for the new node.
Procedure
Validating the Cognos BI server installation
Verify that the IBM Cognos Business Information server is correctly installed by viewing its content manager and dispatcher pages.
Before you begin
Make sure the Cognos server is running.
About this task
For configuration tips and information on troubleshooting the Cognos Business Intelligence installation, see Troubleshooting Cognos Business Intelligence.
Procedure
What to do next
If you deployed Cognos Business Intelligence as a prerequisite step to installing IBM Connections, continue the next section, Installing IBM Connections. You will complete the Cognos configuration tasks after you install the Connections applications.
If you originally installed IBM Connections without first deploying Cognos Business Intelligence and are now deploying the Cognos server, skip the Connections installation topics (which you have already completed) and instead go directly to Configuring Cognos Business Intelligence.
Installing IBM Connections
Select the IBM Connections applications that you plan to use and install them in a clustered deployment.
- WebSphere Application
Server nodes:
- One node with IBM WebSphere Application Server Network Deployment Manager (DM) installed.
- One or more WebSphere Application Server nodes that can be federated into the DM cell. These nodes are hosts for cluster members.
- A system with a database server installed.
- An LDAP server.
- A system with IBM HTTP Server installed.
Before installing
Verify that all necessary prerequisite conditions are complete before installing IBM Connections.
Prerequisites
- Check the Release notes for late-breaking issues.
- If you previously installed IBM Installation Manager, update it to V1.4.4 or higher. For more information,
go to the IBM Installation
Manager updates webpage.Note: Use the same user account to install IBM Installation Manager and IBM Connections.
- IBM Installation Manager presents three options for the type of deployment that you can install. For more information about these options, see the Deployment options topic.
- The IBM Connections installation process supports the creation of new server instances and clusters. Do not use existing clusters to deploy IBM Connections.
- You can install IBM Connections with either root or non-root accounts on AIX and Linux, or administrator or non-administrator accounts on Microsoft Windows. For more information, see the Installing as a non-root user topic.
- Complete the Pre-installation tasks.Note: If you are migrating from IBM Connections 3.0.1, you need to complete only the following tasks:
- Preparing to configure the LDAP directory
- Installing IBM WebSphere Application Server if you are installing on the same host as 3.0.1.
- Setting up federated repositories
- Do not complete the Pre-installation tasks for creating databases or populating the Profiles database. The migration process handles those tasks separately.
- Install IBM WebSphere Application Server Network Deployment (Application Server option) on each node. IBM Connections is installed on the system where WebSphere Application Server Deployment Manager is installed. For more information, see the Installing IBM WebSphere Application Server topic.
- Back up the profile_root/Dmgr01 directory.
- Configure WebSphere Application Server to communicate with the LDAP directory. For more information, see the Setting up federated repositories topic.
- Prepare directories to use as content stores. You need to provide shared content stores on network share devices and local content stores on each node. Both shared and local content stores must be accessible using the same path from all nodes and from the Deployment Manager.
- Set the system clocks on the Deployment Manager and the nodes to within 1 minute of each other. If these system clocks are further than 1 minute apart, you might experience synchronization errors.
- Copy the JDBC files for your database type to the Deployment Manager
(DM) and then from the DM to each node. Place the copied files in
the same location on each node as their locations on the DM. If, for
example, you copied the db2jcc.jar file from
the C:\IBM\SQLLIB directory on the DM, place
the copy in the C:\IBM\SQLLIB directory on each
node. See the following table to determine which files to copy:
Table 28. JDBC files Database type JDBC files DB2 db2jcc.jar
db2jcc_license_cu.jar
Oracle ojdbc6.jarNote: Ensure that you are using the latest version of the ojdbc6.jar file.SQL Server sqljdbc4.jar
- If you are going to use a trusted SSL certificate, ensure that is available before you begin the installation.
- If you do not plan to deploy IBM Cognos Business Intelligence now to support metrics, you can still install the Metrics application along with the other IBM Connections applications. This enables Connections to begin collecting event data immediately and store it in the Metrics database for use when Cognos is available to provide reports.
- (Microsoft Windows) You must use an administrator account to install IBM Connections on Windows. If you are installing on Windows Server 2008, you must use a local administrator account. If you use a domain administrator account, the installation might fail.
- (Linux only) If you receive an error message after attempting to start IBM Installation Manager, you might need to install additional 32-bit libraries. For more information about required Linux libraries, see the Linux libraries topic. For more information about IBM Installation Manager errors, go to the Unable to install Installation Manager on RHEL 6.0/6.1 (64-bit) webpage.
- (AIX and Linux) Ensure that the directory paths that you enter contain no spaces.
- (AIX and Linux) Ensure that the Open File Descriptor limit is 8192. For information about setting the file limit, go to the Installation error messages topic and search for error code CLFRP0042E.
- (AIX only) IBM Installation Manager requires additional libraries for the AIX operating system. For more information, go to the Required filesets on AIX for Installation Manager webpage.
- (AIX only) If IBM Installation Manager hangs while being installed on your system, you might need to update your version of the software. For more information, read the IBM Installation Manager hangs on 64-bit AIX systems technote.
- (AIX only) If you are downloading IBM Installation Manager, the TAR
program available by default with AIX does not handle path lengths longer than 100 characters.
To overcome this restriction, use the GNU file archiving program instead.
This program is an open source package that IBM distributes through the AIX Toolbox for Linux Applications at the IBM AIX Toolbox website. Download
and install the GNU-compatible TAR package. You do not need to install
the RPM Package Manager because it is provided with AIX.
After installing the GNU-compatible compression program, change to the directory where you downloaded the IBM Connections tar file. Enter the following command to extract the files from the file:
gtar -xvf Lotus_Connections_wizard_aix.tar
This command creates a directory named after IBM Installation Manager.
- Establish naming conventions for nodes, servers, clusters, and web servers.
- Use a worksheet to record the user IDs, passwords, server names, and other information that you need during and after installation. For more information, see the Worksheet for installing IBM Connections topic.
- Installing and configuring IBM Connections is a complex process; not only should you read the instructions but you must also pay attention to the Before you begin prerequisites in each topic.
Linux libraries
The complete list of Linux libraries required for deploying IBM Connections 4.0.
Linux
Ensure that you have installed the following Linux packages and libraries:compat-libstdc++-33.x86_64
libcanberra-gtk2.i686
PackageKit-gtk-module
gtk2.i686
compat-libstdc++-33.i686
compat-libstdc++-296
compat-libstdc++
libXtst.i686
Cognos
Installing as a non-root user
Grant permissions to a non-root user to install IBM Connections.
Before you begin
Ensure that you complete all the prerequisite tasks that are relevant for your environment. For more information, see the Before installing topic.
About this task
By default, only root users have the necessary permissions to install an IBM Connections deployment. On the AIX and Linux operating systems, you can permit non-root users to install the product by changing their permissions to access certain data directories. On the Windows operating system, the user must be a member of the administrator group.
To grant the necessary permissions to a non-root user, complete the following steps:
Procedure
Example
Grant permissions to a non-root user who wants to install an IBM Connections deployment on Linux.
- The app_server_root directory is /opt/IBM/Websphere/Appserver.
- The IBM_Connections_set-up_directory directory is /opt/ConnectionsSetup.
- The connections_root, IM_root, and shared_resources_root directories are subdirectories of the /opt/ConnectionsInstallation directory.
- The non-root user account is a member of the ConnectionsInstallers group.
Procedure:
- Create a non-root user account called ConnectionsInstaller.
- Create a home directory for the new user account.
- Add the new user account to the ConnectionsInstallers group.
- Open a command prompt and enter the following commands:
- chgrp -R ConnectionsInstallers /opt/IBM/Websphere/Appserver chmod -R g+wrx /opt/IBM/Websphere/Appserver chown -R ConnectionInstaller:ConnectionsInstallers /opt/IBM/Websphere/Appserver
- chgrp -R ConnectionsInstallers /opt/ConnectionsSetup chmod -R g+wrx /opt/ConnectionsSetup chown -R ConnectionInstaller:ConnectionsInstallers /opt/IBM/Websphere/Appserver
- chgrp -R ConnectionsInstallers /opt/ConnectionsInstallation chmod -R g+wrx /opt/ConnectionsInstallation chown -R ConnectionInstaller:ConnectionsInstallers /opt/IBM/Websphere/Appserver
Installing IBM Connections 4.0
Install IBM Connections.
Before you begin
Ensure that you complete all the prerequisite tasks that are relevant for your environment. For more information, see the Before installing topic.
About this task
To install IBM Connections, run the IBM Installation Manager wizard on the system where the Deployment Manager is installed.
- Identify and resolve the error that caused the cancellation. After canceling the installation, IBM Installation Manager displays an error message with an error code. You can look up the error code in the Installation error messages topic or check the log files.
- Restore the Deployment Manager profile from your backup.
- Delete the connections_root directory.
- Start this task again.
To install IBM Connections, complete the following steps:
Procedure
Results
The installation wizard has installed IBM Connections in a network deployment.
To confirm that the installation was successful, open the log files in the connections_root/logs directory. Each IBM Connections application that you installed has a log file, using the following naming format: application_nameInstall.log, where application_name is the name of an IBM Connections application. Search for the words error or exception to check whether any errors or exceptions occurred during installation.
- AIX or Linux (root user): /var/ibm/InstallationManager/logs
- AIX or Linux (non-root user): /home/user/var/ibm/Installation Manager/logs where user is the non-root user name
- Windows Server 2008 64-bit: C:\ProgramData\IBM\Installation Manager\logs
What to do next
Complete the post-installation tasks that are relevant to your installation. For more information, see the Post-installation tasks topic.
Accessing network shares:
If you installed WebSphere Application Server on Microsoft Windows and configured it to run as a service, ensure that you can access network shares. For more information, see the Accessing Windows network shares topic.
Installing in console mode
Install IBM Connections in console mode. This method is convenient if you cannot or do not want to use the graphical mode.
Before you begin
Ensure that you complete all the prerequisite tasks that are relevant for your environment. For more information, see the Before installing topic.
About this task
In steps where you enter custom information, such as server details, you can type P at any time to return to the previous input choice in that step. However, you cannot type P to return to a previous step.
To install IBM Connections, you need to use IBM Installation Manager, which manages the installation process.
To install IBM Connections in console mode, complete the following steps:
Procedure
Results
The installation wizard has installed IBM Connections in a network deployment.
To confirm that the installation was successful, open the log files in the connections_root/logs directory. Each IBM Connections application that you installed has a log file, using the following naming format: application_nameInstall.log, where application_name is the name of an IBM Connections application. Search for the words error or exception to check whether any errors or exceptions occurred during installation.
- AIX or Linux (root user): /var/ibm/InstallationManager/logs
- AIX or Linux (non-root user): /home/user/var/ibm/Installation Manager/logs where user is the non-root user name
- Windows Server 2008 64-bit: C:\ProgramData\IBM\Installation Manager\logs
What to do next
Complete the post-installation tasks that are relevant to your installation. For more information, see the Post-installation tasks topic.
Accessing network shares:
If you installed WebSphere Application Server on Microsoft Windows and configured it to run as a service, ensure that you can access network shares. For more information, see the Accessing Windows network shares topic.
Installing silently
Silent installation is a tool for installing the same IBM Connections profile on multiple computers without using the IBM Installation Manager. This simplifies the installation process in enterprises that need multiple, identical instances of IBM Connections.
Silent installation uses installation parameters in a response file to install identical IBM Connections profiles on different computers. To specify silent installation parameters you can edit the default response file provided with IBM Connections, or create a new file.
In addition to silently installing IBM Connections, you can use the silent installation process to modify, update, or uninstall IBM Connections.
Installing IBM Connections in silent mode (with an existing IBM Installation Manager)
Use a silent installation to perform an identical installation of IBM Connections on multiple systems.
Before you begin
Ensure that you complete all the prerequisite tasks that are relevant for your environment. For more information, see the Before installing topic.
<offering id='com.ibm.cic.agent' version='1.4.4000.20110525_1254' profile='IBM Installation Manager' features='agent_core,agent_jre' installFixes='none'/>To create a customized version of the default response file, run the installation wizard in interactive mode. For more information, see the Creating a response file topic.
About this task
Using a response file for your intended deployment, install IBM Connections on multiple systems without needing to interact with the installation wizard.
To perform a silent installation, complete the following steps:
Procedure
Results
IBM Installation Manager writes the result of the installation command to the log file that you specified with the -log parameter.
To check the complete details of the installation, open each of the log files in the connections_root/logs directory. Each IBM Connections application that you installed has a log file, using the following naming format: applicationInstallog.txt, where application is the name of an IBM Connections application.
<?xml version="1.0" encoding="UTF-8"?>
<result>
</result>- AIX or Linux (root user): /var/ibm/InstallationManager/logs
- AIX or Linux (non-root user): user_home/var/ibm/InstallationManager/logs where user_home is the non-root user account directory
- Windows (administrator): C:\ProgramData\IBM\Installation Manager\logs
- Windows (non-administrator): C:\Documents and Settings\user\Application Data\IBM\Installation Manager\logs where user is the non-administrator user account
What to do next
Complete any applicable post-installation tasks. For more information, see the Post-installation tasks topic.
Installing IBM Connections and IBM Installation Manager in silent mode
Use a silent installation to perform an identical installation of IBM Connections and IBM Installation Manager on multiple systems.
Before you begin
This task assumes that IBM Installation Manager is not installed on your system.
Ensure that you complete all the prerequisite tasks that are relevant for your environment. For more information, see the Before installing topic.
Edit the default response file to suit your environment. For more information, see the Using the default response file topic.
About this task
Using a response file for your intended deployment, install IBM Connections on multiple systems without needing to interact with the installation wizard.
To perform a silent installation, complete the following steps:
Procedure
Results
IBM Installation Manager writes the result of the installation command to the log file that you specified with the -log parameter.
To check the complete details of the installation, open each of the log files in the connections_root/logs directory. Each IBM Connections application that you installed has a log file, using the following naming format: applicationInstallog.txt, where application is the name of an IBM Connections application.
<?xml version="1.0" encoding="UTF-8"?>
<result>
</result>- AIX or Linux (root user): /var/ibm/InstallationManager/logs
- AIX or Linux (non-root user): user_home/var/ibm/InstallationManager/logs where user_home is the non-root user account directory
- Windows (administrator): C:\ProgramData\IBM\Installation Manager\logs
- Windows (non-administrator): C:\Documents and Settings\user\Application Data\IBM\Installation Manager\logs where user is the non-administrator user account
What to do next
Complete any applicable post-installation tasks. For more information, see the Post-installation tasks topic.
The default response file
Response files provide input parameters for silent installations of IBM Connections.
Instead of generating a new response file, you can edit the default response file that is provided with the product. However, if you edit the default response file, you need to add encrypted passwords to the file. For more information, see the Creating encrypted passwords for a response file topic.
Using the default response file
Use the default response file to specify silent installation parameters for your environment.
Before you begin
About this task
Silent installation uses the parameters in a response file to install the same IBM Connections profile on multiple computers.
If you are silently installing IBM Connections as a non-root user in an AIX or Linux environment, you must specify that parameter in the silent-install.ini file.
Procedure
Creating a response file
Use a response file to install, modify, update, or uninstall IBM Connections without user interaction.
Before you begin
You can create a response file by using IBM Installation Manager or by editing the file that is provided with the product. For more information about editing the file, see the Default response file topic.
Ensure that IBM Installation Manager is installed. For more information, see the Installing IBM Connections 4.0 topic.
To ensure that the response file captures the details of your SSL certificates, start IBM WebSphere Application Server.
The default location of a response file that you generate is the connections_root/silentResponseFile directory. To specify a different location, edit the generate_install_responsefile.bat|sh file or generate_other_responsefile.bat|sh file, depending on the task that you want to carry out.
Instead of creating your own response file, you can edit the file that is provided with the product. The file is in the IBM_Connections_set-up/IBM_Connections_install/IBMConnections directory. However, this default file is applicable only for installation. The response files for modifying, updating, rolling back, and uninstalling the product are based on the response file for installation. Before you create a response file for any of those procedures, you must first run the silent installation procedure.
For more information about creating response files with IBM Installation Manager, go to the Recording a response file with Installation Manager webpage.
About this task
- Installing IBM Connections
- Modifying an existing installation by adding or removing IBM Connections applications
- Updating an existing installation by installing a fix pack
- Rolling back an update
- Uninstalling IBM Connections
For each procedure, run a simulated instance of the IBM Installation Manager and record your input to a response file. Later, you can run a silent command that uses this response file as an input parameter.
- Install
- LC.rsp
- Modify - Add
- LC_modify_add.rsp
- Modify - Remove
- LC_modify_remove.rsp
- Update
- LC_update.rsp
- Roll back
- LC_rollback.rsp
- Uninstall
- LC_uninstall.rsp
To create a response file, complete the following steps:
Procedure
What to do next
If you are running IBM Installation Manager as a non-administrator and plan to use the response file to install the product on another user's system, you must change the file paths in your response file from absolute paths to relative paths.
Creating encrypted passwords for a response file
Add encrypted passwords to your edited version of the default response file.
Before you begin
You can create a response file using IBM Installation Manager or by editing the file that is provided with the product. For more information about editing the file, see the Default response file topic.
About this task
When you edit the default response file to suit your own environment, you must create encrypted passwords and add them to the file. Create encrypted passwords for both WebSphere Application Sever and your databases.
To create encrypted passwords for a response file, complete the following steps:
Procedure
What to do next
Directory paths for IBM Installation Manager
IBM Installation Manager uses default directory paths for its installation files.
Purpose
This topic describes the default directory paths for IBM Installation Manager.IBM Installation Manager
Each instance of Installation Manager must have its own installation directory and agent data directory.
The directories where IBM Installation Manager is installed are determined by the type of user account that you used to install the product.
Any changes that you make to an installation of IBM Installation Manager that you installed with a root user or non-administrator account do not affect an installation of IBM Installation Manager that you installed with a non-root user or non-administrator account. The reverse is also true.
The following table indicates the location of the relevant directories.
| Directory | Root/Administrator | Non-root/non-administrator |
|---|---|---|
| Default installation directory | AIX or Linux: /opt/IBM/InstallationManager/eclipse Windows: C:\Program Files\IBM\Installation Manager\eclipse |
AIX or Linux: /<user/IBM/InstallationManager/eclipse Windows XP Professional, Windows Server 2003: C:\Documents and Settings\<user>\IBM\Installation Manager\eclipse Windows Vista, Windows Server 2008, Windows 7: C:\Users\<user>\IBM\Installation Manager\eclipse |
| Eclipse log file | AIX or Linux: /var/ibm/InstallationManager/pluginState/.metadata Windows Server 2008: C:\ProgramData\IBM\Installation Manager\pluginState\.metadata |
AIX or Linux: /<user/var/ibm/InstallationManager/pluginState/.metadata Windows Server 2008: C:\Users\<user\IBM\Installation ManagerInstaller\pluginState\.metadata |
| Default agent data location. For more information about agent data, go to the Agent data location page in the IBM Installation Manager information center. |
AIX or Linux: /var/ibm/InstallationManager Windows Server 2008: C:\ProgramData\IBM\Installation Manager |
AIX or Linux: /<user>/var/ibm/InstallationManager Windows Server 2008: C:\Users\<user>\AppData\Roaming\IBM\Installation Manager |
- AIX or Linux:
- Open the /etc/.ibm/registry/InstallationManager.dat file.
- Examine the location entry. For example, location=/var/ibm/InstallationManager.
- Windows:
- Open the Windows Registry.
- Search for the following registry key: HKLM\SOFTWARE\Wow6432Node\IBM\Installation Manager\location.
- Open the key and examine its value.
Modifying the installation in interactive mode
Modify your deployment of IBM Connections by adding or removing applications.
About this task
To modify your installation, complete the following steps:
Procedure
Modifying the installation in silent mode
Modify your deployment of IBM Connections by adding or removing applications in silent mode.
About this task
To modify your installation in silent mode, complete one of the following tasks:
Adding applications in silent mode
Add applications to your deployment of IBM Connections without using the installation wizard.
Before you begin
Create a response file for this task by running a simulated modification. For more information, see the Creating a response file topic.
Instead of generating a new response file, you can edit the default response file that is provided with the product. However, if you edit the default response file, you need to add encrypted passwords to the file. For more information, see the Creating encrypted passwords for a response file topic.
About this task
A silent modification uses a response file to automate the addition of applications to your deployment.
To perform a silent modification, complete the following steps:
Procedure
Results
IBM Installation Manager writes the result of the installation command to the log file that you specified with the -log parameter.
To check the complete details of the installation, open each of the log files in the connections_root/logs directory. Each IBM Connections application that you installed has a log file, using the following naming format: applicationInstallog.txt, where application is the name of an IBM Connections application.
<?xml version="1.0" encoding="UTF-8"?>
<result>
</result>- AIX or Linux (root user): /var/ibm/InstallationManager/logs
- AIX or Linux (non-root user): user_home/var/ibm/InstallationManager/logs where user_home is the non-root user account directory
- Windows (administrator): C:\ProgramData\IBM\Installation Manager\logs
- Windows (non-administrator): C:\Documents and Settings\user\Application Data\IBM\Installation Manager\logs where user is the non-administrator user account
Removing applications in silent mode
Silently remove applications from your deployment of IBM Connections.
Before you begin
Create a response file for this task by running a simulated modification. For more information, see the Creating a response file topic.
Instead of generating a new response file, you can edit the default response file that is provided with the product. However, if you edit the default response file, you need to add encrypted passwords to the file. For more information, see the Creating encrypted passwords for a response file topic.
About this task
A silent modification uses a response file to automate the removal of applications from your deployment.
To perform a silent modification, complete the following steps:
Procedure
Results
IBM Installation Manager writes the result of the installation command to the log file that you specified with the -log parameter.
To check the complete details of the installation, open each of the log files in the connections_root/logs directory. Each IBM Connections application that you installed has a log file, using the following naming format: applicationInstallog.txt, where application is the name of an IBM Connections application.
<?xml version="1.0" encoding="UTF-8"?>
<result>
</result>- AIX or Linux (root user): /var/ibm/InstallationManager/logs
- AIX or Linux (non-root user): user_home/var/ibm/InstallationManager/logs where user_home is the non-root user account directory
- Windows (administrator): C:\ProgramData\IBM\Installation Manager\logs
- Windows (non-administrator): C:\Documents and Settings\user\Application Data\IBM\Installation Manager\logs where user is the non-administrator user account
Modifying the installation in console mode
Using console mode, modify your deployment of IBM Connections by adding or removing applications.
About this task
To modify your installation, complete the following steps:
Procedure
Post-installation tasks
After installation, you need to perform further tasks to ensure an efficient deployment.
Tasks to be completed
Some post-installation tasks are mandatory while others are optional and depend on your deployment choices.
Each post-installation task is described in separate topics:
Mandatory post-installation tasks
Complete the following post-installation tasks.
Reviewing the JVM heap size
Review the size of the Java Virtual Machine heap and adjust it, if necessary, to avoid out-of-memory errors or to suit your hardware capabilities.
About this task
If you selected the Small or Medium deployment option when you installed IBM Connections, IBM Installation Manager set the Maximum Heap Size of the Java Virtual Machine (JVM) on each application server. This setting is designed to avoid out-of-memory errors.
Review the heap size on each server to ensure that you are allocating enough memory for IBM Connections but also to ensure that you are not allocating more memory than the physical capabilities of the systems where the JVMs are deployed.
Whether you installed a Small, Medium, or Large deployment of IBM Connections, you should review the JVM heap sizes in your deployment and make adjustments, if necessary.
To review the JVM heap size, complete the following steps:
Procedure
Configuring IBM HTTP Server
Configure IBM HTTP Server to manage web requests to IBM Connections.
When you have successfully installed IBM Connections to run on WebSphere Application Server, you can configure IBM HTTP Server to handle web traffic by completing the following tasks:
Defining IBM HTTP Server
Define IBM HTTP Server to manage web connections.
Before you begin
Install web server plug-ins for IBM HTTP Server, if they are not already installed. For more information, go to the Installing web server plug-ins web site.
About this task
IBM Connections uses a web server as the entry point for all the applications.
This procedure describes how to create a web server using the Integrated Solutions Console. There are other ways to create the web server. See the IBM WebSphere Application Server information center for more information.
To define IBM HTTP Server, complete the following steps:
Procedure
What to do next
Complete the steps in the Configuring IBM HTTP Server for SSL topic.
Configure IBM HTTP Server to handle file downloads from the Files and Wikis applications. For information on this configuration, see the Configuring Files and Wikis downloads topic.
Configuring IBM HTTP Server for SSL
Configure IBM HTTP Server to use the SSL protocol.
About this task
To support SSL, create a self-signed certificate and then configure IBM HTTP Server for SSL traffic. If you use this certificate in production, users might receiver warning messages from their browsers. In a typical production deployment, you would use a certificate from a trusted certificate authority.
To configure IBM HTTP Server for SSL, complete the following steps:
Procedure
Results
What to do next
For more information about securing web communications, go to the IBM WebSphere Application Server Information Center or read the IBM WebSphere Application Server V7.0 Security Handbook.
For more information about the key store and setting up the IBM HTTP Server, see the Securing communications topic in the WebSphere Application Server Information Center.
The key file can be shared between two webservers, thus providing failover capability.Mapping applications to IBM HTTP Server
Map IBM Connections applications to IBM HTTP Server.
Before you begin
Complete this task if you installed and configured IBM HTTP Server before installing IBM Connections.
If you plan to configure a reverse proxy, see the Configuring a reverse caching proxy topic.
About this task
If you installed and configured IBM HTTP Server after installing IBM Connections, your IBM Connections applications are automatically mapped to the web server. However, if you installed and configured IBM HTTP Server before installing IBM Connections, you must manually map the applications.
To map your IBM Connections applications to IBM HTTP Server and regenerate the plugin, complete the following steps:
Procedure
What to do next
To verify that the mappings are correct, complete the steps in the Verifying application mappings topic.
Test the mappings: open a web browser and try to access each of the applications by specifying the web address using the following syntax:
http://hostname/application_name
where hostname is the host name of the web server to which you mapped the application and application_name is the name of the application. Do not specify the port number.
Verifying application mappings
Verify that IBM Connections applications are mapped to your webserver.
About this task
If you installed and configured IBM HTTP Server after installing IBM Connections, your IBM Connections applications are automatically mapped to the web server. However, if you installed and configured IBM HTTP Server before installing IBM Connections, you must manually map the applications.
To verify whether the mappings exist, complete the following steps:Procedure
Adding certificates to the WebSphere trust store
Import a self-signed IBM HTTP Server certificate into the default trust store of IBM WebSphere Application Server.
Before you begin
This topic describes the procedure to configure certificates in a deployment with one webserver.
About this task
To establish trusted server to server communication for IBM Connections, import signer certificates from IBM HTTP Server into the WebSphere Application Server default trust store.
There are different types of certificates that you can use. This procedure describes how to import a self-signed certificate. You can also import a certificate that you purchased from a third-party Certificate Authority. To help decide a key file strategy for your environment, go the IBM HTTP Server information center.
To import a public certificate from IBM HTTP Server to the default trust store in IBM WebSphere Application Server, complete the following steps:
Procedure
- Log into the IBM WebSphere Application Server Integrated Solutions Console and select .
- Click CellDefaultTrustStore.
- Click Signer Certificates.
- Click Retrieve from port.
- Enter the Host name, SSL Port, and Alias of the webserver.
- Click Retrieve Signer Information and then click OK. The root certificate is added to the list of signer certificates.
Results
If your configuration changes aren't successful, ensure that you have applied the instructions to configure a default personal certificate.
What to do next
Verify that users can create a private community and add other widgets, such as Activities, Blogs, Dogear, and so on, to it. Ensure that there are no errors when these widgets are added. If problems are reported, consult the Communities SystemOut.log file.
The proxy-config.tpl file allows a proxy to work with self-signed certificates. This is true for an out-of-the-box deployment but for improved security you should set the value of the unsigned_ssl_certificate_support property to false when your deployment is ready for production.
Ensure that you are ready to renew your certificate before it expires. WebSphere Application Server provides a utility for monitoring certificates. For more information, go to the Configuring certificate expiration monitoring topic in the WebSphere Application Server information center.
Adding certificates to IBM HTTP Server
Add signer certificates to an IBM HTTP Server plug-in.
Before you begin
About this task
There are different types of certificates that you can use. This procedure describes how to import the self-signed certificate that is shipped with WebSphere Application Server. You can also import a certificate that you purchased from a third-party Certificate Authority, or create a new self-signed certificate.
Procedure
Results
If your configuration changes are not successful, ensure that you have applied the instructions to configure a default personal certificate.
What to do next
The proxy-config.tpl file allows the proxy to work with self-signed certificates. For improved security, set the value of the unsigned_ssl_certificate_support property to false when your deployment is ready for production.
Determining which files to compress
If you are not compressing content with the IBM WebSphere Application Server Edge components or a similar device, configure the IBM HTTP Server to compress certain types of content to improve browser performance.
Before you begin
About this task
To specify which types of files to compress, complete the following steps:
Procedure
Updating web addresses in IBM HTTP Server
Update the web addresses that IBM HTTP Server uses to access IBM Connections applications.
Before you begin
If you installed and configured IBM HTTP Server after installing IBM Connections, your IBM Connections applications are automatically mapped to the web server. However, if you installed and configured IBM HTTP Server before installing IBM Connections, you must manually map the applications.
Before continuing with this task, map the application modules to IBM HTTP Server. For more information, see the Mapping applications to IBM HTTP Server topic.
If you are using the Files or Wikis applications, configure IBM HTTP Server to handle file downloads from those applications. For more information, see the Configuring Files and Wikis downloading topic.
If you choose to let the WebSphere Application Server redirect servlet manage file downloading, you must configure the server to transfer data synchronously instead of asynchronously. This configuration helps avoid errors caused by using too much memory. See the Excessive native memory use in IBM WebSphere Application Server technote for instructions.
About this task
If you do not install a web server such as IBM HTTP Server, users must include the correct port number in the web address that they use to access the application. When you use a webserver, users can access the applications without using port numbers.
By default, the web address that you enter to access IBM Connections applications includes the port number for each application. To avoid using port numbers, update the web addresses by editing the LotusConnections-config.xml file. IBM HTTP Server can then redirect requests to the appropriate port for each application.
For more information about editing configuration files, see the Editing configuration files topic.
To update the web addresses to your IBM Connections applications, complete the following steps:
Procedure
Results
Configuring the Home page administrator
Create an administrator for Home page so that you can make changes to the application such as adding and removing widgets.
Before you begin
IBM Connections administrators must be dedicated users. Their only purpose should be application administration.
About this task
To configure administrative access to the Home page application, complete the following steps:
Procedure
- Log in to the WebSphere Application Server Integrated Solutions Console on the Deployment Manager.
- Select .
- Click the link to the Home page application.
- Click the Security role to user/group mapping link.
- Select the check box beside the admin role and then click Map Users.
- In the Search String box, type the name of the person whom you would like to set as an administrator, and then click Search. If the user name exists in the LDAP directory, it is found and displayed in the Available box.
- Select the name from the Available box and then move it into the Selected column by clicking the right arrow button.
- Repeat Steps 4 and 5 to add more users to the administrative role.
- Click OK.
- From the page, click OK and then click Save.
- Synchronize and restart all your WebSphere Application Server instances.
Enabling Search dictionaries
During installation, only the English language dictionary is enabled by default. When your organization spans multiple geographies and multiple languages, you need to enable the relevant language dictionaries for your deployment to ensure that Search returns optimum results for your users.
For non-English deployments, enabling multilingual support for Search is a mandatory post-installation step that needs to be performed before you start your IBM Connections Search server for the first time. Without multiple dictionary support, for languages other than English, Search only returns results where there is an exact match between the search term and content term. Enabling multiple dictionaries ensures better quality search results when your user base is multilingual.
For information about how to enable multilingual support, see Configuring dictionaries for Search.
Creating the initial Search index
When you install IBM Connections, Search indexing is automatically configured. To create the initial Search index, all you need to do is wait for one of the default indexing tasks to run.
Before you begin
About this task
The Search index directory is defined by the IBM WebSphere Application Server variable SEARCH_INDEX_DIR. You can change the location of the index by editing this variable. For more information, see Changing the location of the Search index.
You can change the location of the Search index staging folder by editing the WebSphere Application Server variable, SEARCH_INDEX_SHARED_COPY_LOCATION.
Copying Search conversion tools to local nodes
To enable full indexing of data, copy the Search conversion tools to local nodes.
Before you begin
Perform this task only on nodes in the Search cluster. If you added a node to an existing cluster, as described in the Adding a node to a cluster topic, complete this task only if the new node is a member of the Search cluster. References to nodes in the steps of this task apply only to nodes in the Search cluster.
Steps 1-3 and 6-7 are required for all supported operating systems. However, if your deployment has only one node, skip steps 1-3. Steps 4-5 are required only if you are using the AIX or Linux operating system.
About this task
The Search conversion tools index Files and Wiki attachments. The tools work best when they are available locally on each node. However, when IBM Connections was installed, the conversion tools were deployed on a network share. Therefore, you must copy the tools to each node in the Search cluster.
To copy Search conversion tools to local nodes, complete the following steps:
Procedure
Configuring Moderation
Configure moderation so that moderators can review content for blogs, forums, and community files from a central interface.
- Blog entries and comments. These can be in stand-alone blogs or community blogs.
- Forum posts and replies. These can be in stand-alone forums or community forums.
- Files and comments within a community.
- Install the Moderation application as part of the Connections installation or migration.
- Assign users to the role of global moderator so they can moderate content from a central interface.
- Configure moderation in the contentreview-config.xml file if you want to enable moderation features such as owner moderation or assign content reviewers for flagged content.
Designating global moderators
Assign users to the role of global-moderator so they can moderate content for blogs, forums, and community files from a central interface.
About this task
In order for a user to moderate content, they must be assigned the global-moderator role for the Moderation application and for the applications you want moderated, which can be Blogs, Forums, Files, and Communities.
Procedure
To map users to a global moderator role, complete the following steps:
Configuring J2C Aliases for the moderation proxy service
Configure J2C Aliases so that community owners can moderate their community Blogs, Forums, and Files applications.
About this task
Moderation actions are performed by a moderation API. Community owners cannot access that API, so IBM Connections handles their moderation requests through a proxy service. The proxy service uses J2C Aliases to pass the requests. Proxy service alias users must be in the global-moderator roles of the appropriate applications, and they must be able to log in to IBM Connections.
- For Blogs create an alias called moderationBlogsAlias.
- For Files create an alias called moderationFilesAlias.
- For Forums create an alias called moderationForumAlias.
The different applications recognize these specific aliases. You can map any users to these aliases, but all users must be in the global-moderator roles of the appropriate application, and they must be able to log into IBM Connections. For example, the moderationBlogsAlias user must be in the global-moderator role for Blogs. See Roles.
The proxy service logs its actions, so if the users (other than the connectionAdmin user) are only used for this purpose, it will make reading the log more clear.
Procedure
To create moderation aliases and then map them to a global moderator role, complete the following steps:
Synchronizing files shared with communities
After upgrading, you must synchronize files that have been shared with communities.
About this task
Procedure
Configuring Cognos Business Intelligence
Configure your IBM Cognos Business Intelligence environment to work with IBM Connections.
After you have installed Cognos Business Intelligence, configure the environment by completing the following tasks:
Applying fix packs to update the Cognos server
Apply available fix packs to the Cognos Business Intelligence server to provide important product corrections. These fixes must be applied after Cognos Business Intelligence has been installed.
Before you begin
Install Cognos Business Intelligence and federate the server to the IBM Connections Deployment Manager as explained in Installing Cognos Business Intelligence in the Pre-installation section of this documentation.
For additional information on updating Cognos Business Intelligence with fix packs, see Installing Fix Packs in the Cognos information center.
About this task
Download the latest fix pack and apply it to the Cognos server. At a minimum, you will need to apply the fix pack listed below, but you should check with IBM Fix Central in case additional fix packs were made available after this documentation was published. Fix packs are cumulative; when you install the latest fix pack, it includes updates from all previous fix packs.
Procedure
Configuring support for LDAP authentication for Cognos Business Intelligence
Configure the IBM Cognos Business Intelligence server to support the use of an LDAP directory for user authentication.
About this task
Configure Cognos Business Intelligence to use the same LDAP directory that IBM Connections uses for authentication. Configuring LDAP authentication involves disabling anonymous access and restricting access to the namespace. Be sure to use the namespace specified by the cognos.namespace property in the cognos-setup.properties file; by default, that namespace is called IBMConnections.
Procedure
Set the values for the LDAP properties as shown in this example, which configures Cognos for IBM Directory Server. For detailed instructions, see Configure LDAP support in the Cognos information center.
What to do next
After you have configured LDAP authentication for Cognos Business Intelligence, you must add users to the IBMConnectionsMetricsAdmin within the Cognos deployment as described in Configuring the IBMConnectionsMetricsAdmin role on Cognos.
Configuring LDAP settings manually
If your IBM Cognos Business Intelligence server runs on IBM AIX or Linux and does not provide a graphical user interface, you can configure LDAP authentication settings manually.
About this task
You can configure the use of the LDAP directory by adding a component to the Cognos server’s cogstartup.xml file and then customizing it for your deployment.
Procedure
What to do next
After you have configured LDAP authentication for Cognos Business Intelligence, you must add users to the IBMConnectionsMetricsAdmin within the Cognos deployment as described in Configuring the IBMConnectionsMetricsAdmin role on Cognos.
Granting access to global metrics
Configure the metrics-report-run security role to grant users the authority to view and interact with global metrics.
About this task
Other than administrators, only the users assigned to the metrics-report-run role can access global metrics. Whenever a user with this authorization level views the global metrics, the report information is updated automatically.
Procedure
Configure the metrics-report-run security role in IBM WebSphere Application Server.
Granting access to community metrics
Configure the community-metrics-run security role to grant users the authority to view community metrics using static reports.
About this task
Other than administrators and community owners, only the users assigned to the community-metrics-run role can access community metrics. Users with this level of access see static reports, which can be refreshed by clicking the Update button in the Metrics user interface. You can map this role to everyone, or to subset of the user population. For example, you can gradually provide the community metrics feature to the user population by mapping this role to small group first, and then adding more users to the role over time.
Procedure
Configure the community-metrics-run security role in IBM WebSphere Application Server.
Configuring the IBMConnectionsMetricsAdmin role on Cognos
Configure the IBMConnectionsMetricsAdmin in Cognos Business Intelligence to ensure that the Metrics administrator has access to features and reports.
About this task
- The user assigned to the Cognos administrator account
The Cognos administrator is the primary person responsible for configuring Cognos features and reports.
- All users who have been assigned to the admin role for Connections
Anyone tasked with administering the Connections deployment should have access to Cognos features to ensure they can manage the full deployment as needed.
- All users who have been assigned to the metrics-report-run role
Users who have been authorized to run global metrics reports require access to Cognos before they can work with the reports.
Procedure
- Add users to the IBMConnectionsMetricsAdmin role:
- With the IBMConnectionsMetricsAdmin role
selected, click the Set properties
icon.
- With the IBMConnectionsMetricsAdmin role
selected, click the Set properties
- Back in the users list, select the System Administrators role
and limit access to the role by removing Everyone from
the members list:
- With the System Administrators role
selected, click the Set properties icon.
- In the properties window, click the Members tab.
- In the Members window, select Everyone, and then click Remove to delete it from the list of members.
- Click OK to save the change.
- Save the change to the master configuration by clicking Save in the "Messages" box.
- With the System Administrators role
selected, click the Set properties
Configuring PowerCube refresh schedules
By default, IBM Cognos Transformer refreshes each PowerCube with incremental updates once each day, and replaces the cube’s data for the current month once a week. These jobs are scheduled by default but you might need to modify the schedules to avoid conflicts with other activities.
About this task
- These jobs should run at times when the Cognos system usage is relatively low, to minimize the impact on normal usage. You should adjust these times based on your system's usage pattern.
- The weekly refresh should run only once every week; since it will take longer to complete, you should schedule it for the time when system usage is lowest (for example, on the weekend).
- The daily refresh should run early in the morning (for example, just after midnight), so users can see the latest metrics for the previous day.
Procedure
- AIX or Linux:
Edit the cron jobs in the system crontab.
- Windows:
Edit the MetricsCubeDailyRefresh job to ensure it does not collide with the weekly refresh. You can modify the job’s properties in the Task Scheduler Library; for more information see the next topic.
Configuring the job scheduler for Cognos Transformer on Windows
Rather than store administrative credentials in a script, you can add them to the job properties of the IBM Cognos Transformer to enable scheduled tasks on Microsoft Windows.
About this task
Finish configuring the job scheduler to run the Transformer periodically by adding the Windows Administrator credentials to the MetricsCubeDailyRefresh scheduler job.
Procedure
Configuring Cognos Business Intelligence to use IBM HTTP Server
IBM Cognos Business Intelligence uses the same IBM HTTP Server as IBM Connections, but you must configure Cognos Business Intelligence to work with that server.
About this task
After you have configured IBM HTTP Server as described in the section Configuring IBM HTTP Server, complete these tasks to configure the Cognos BI Server and the Cognos Transformer components to use HTTP:
Configuring Cognos BI Server to use HTTP
Configure the Cognos BI Server to use the IBM HTTP Server that operates with the IBM Connections deployment.
About this task
Use the Cognos Configuration tool to specify settings that enable Cognos BI Server to operate with IBM HTTP Server.
Procedure
Configuring HTTP manually for Cognos BI Server
If your IBM Cognos Business Intelligence server runs on IBM AIX or Linux and does not provide a graphical user interface, you can configure HTTP settings manually.
About this task
You can configure HTTP by adding a component to the Cognos BI Server’s cogstartup.xml file and then customizing it for your deployment.
For more information, see the Cognos information center.
Procedure
Configuring Cognos Transformer to use HTTP
Configure the Cognos Transformer to use the IBM HTTP Server that operates with the IBM Connections deployment.
About this task
Use the Cognos Configuration tool to specify settings that enable Cognos Transformer to operate with IBM HTTP Server.
Procedure
Configuring HTTP manually for Cognos Transformer
If your IBM Cognos Business Intelligence server runs on IBM AIX or Linux and does not provide a graphical user interface, you can configure HTTP settings manually.
About this task
You can configure HTTP by adding a component to the Cognos Transformer’s cogstartup.xml file and then customizing it for your deployment.
For more information, see the Cognos information center.
Procedure
Optional post-installation tasks
Complete the post-installation tasks that are relevant to your deployment.
Adding a node to a cluster
Add a node to an existing cluster.
Before you begin
Ensure that you installed IBM WebSphere Application Server Network Deployment (Application Server option) on the new node.
If you are adding a node to a Search cluster, do not use these instructions. Instead, use the instructions in the Adding an additional Search node to a cluster topic.
Although the IBM Cognos Business Intelligence server is managed by the same Deployment Manager as IBM Connections, you cannot add that node to the Connections cluster.
About this task
To add a node to a cluster, complete the following steps:
Procedure
What to do next
Configure IBM HTTP Server to connect to this node. For more information, see the Configuring IBM HTTP Server and Defining IBM HTTP Server for a node topics.
Repeat this task for each new node that you want to add to a cluster.
(AIX or Linux only) If you installed the Search application on the new node, configure the path variables to point to that application. For more information, see the Copying Search conversion tools to local nodes topic.
If you experience interoperability failure, you might be running two servers on the same host with the same name. This problem can cause the Search and News applications to fail. For more information, go to the NameNotFoundException from JNDI lookup operation web page.
Configuring a reverse caching proxy
Configure a reverse proxy that directs all traffic to your IBM Connections deployment to a single server.
Before you begin
Ensure that you have installed IBM WebSphere Edge Components which is supplied with WebSphere Application Server Network Deployment. For more information, go to the WebSphere Edge Components information center.
You must also have completed the basic configuration of WebSphere Edge Components, set up a target backend server, and created an administrator account.
About this task
The IBM WebSphere Application Server Edge components provide a caching proxy that you can use to optimize your deployment. Edge components are provided with the WebSphere Application Server Network Deployment software.
A reverse proxy configuration intercepts browser requests, forwards them to the appropriate content host, caches the returned data, and delivers that data to the browser. The proxy delivers requests for the same content directly from the cache, which is much quicker than retrieving it again from the content host. Information can be cached depending on when it will expire, how large the cache should be, and when the information should be updated.
This topic describes how to configure the Edge components to optimize the performance of IBM Connections.
Procedure
Enabling locked domains
Assuming that you have completed the server setup previously described, to enable locked domains in IBM Connections, specify an additional atrribute in the LotusConnections-config.xml to ensure that only ConnectionsOpensocial application is mapped to the locked domain host.
- Add the new attribute to the LotusConnections-config.xml file
by completing the following steps:
- Start the wsadmin tool.
- Use the following command to access the Connections configuration
file:
If you are prompted to specify which server to connect to, enter 1. This information is not used by the wsadmin client when you are making configuration changes.execfile("<$WAS_HOME>/profiles/<DMGR>/config/bin_lc_admin/ connectionsConfig.py") - Check out the Connections configuration files using the following
command:
where:LCConfigService.checkOutConfig("/working_directory", "cell_name")- working_directory is the temporary working directory where the configuration XML and XSD files are copied to. The files are kept in this working directory while you change them.
- cell_name is the name of the WebSphere Application Server cell hosting
the Connections application. This argument is case sensitive. If you
do not know the cell name, you can determine it by entering the following
command in the wsadmin command processor: print AdminControl.getCell(),
for example:
LCConfigService.checkOutConfig("/temp","foo01Cell01")
- From the temporary directory where you checked out the Connections configuration files to, open the LotusConnections-config.xml file in a text editor.
- Add this attribute to the LotusConnections-config.xml file.
<sloc:serviceReference bootstrapHost="{locked.host.name}" bootstrapPort="2809" clusterName="" enabled="true" serviceName="opensocialLocked" ssl_enabled="true"> <sloc:href> <sloc:hrefPathPrefix>/connections/opensocial</sloc:hrefPathPrefix> <sloc:static href="http://{locked.host.name.authority/http}" ssl_href="https://{locked.host.name.authority/https}"/> <sloc:interService href="https://{locked.host.name.authority/https}"/> </sloc:href> </sloc:serviceReference> - Save the LotusConnections-config.xml file.
- Check in the changed configuration property files using the following command: LCConfigService.checkInConfig()
- After making updates, enter the following command to deploy the changes: synchAllNodes()
- Restart your Connections server.
<sloc:serviceReference bootstrapHost="hern120w.dyn.webahead.renovations.com" bootstrapPort="2809" clusterName="" enabled="true" serviceName="opensocialLocked" ssl_enabled="true">
<sloc:href>
<sloc:hrefPathPrefix>/connections/opensocial</sloc:hrefPathPrefix>
<sloc:static href="http://hern120w.locked.com:9080" ssl_href="https://hernw120.locked.com:9443"/>
<sloc:interService href="https://hern120w.dyn.webahead.renovations.com:9443"/>
</sloc:href>
</sloc:serviceReference>Separating Common and Widget Container applications from the News cluster
Run the ConfigEngine script to configure IBM® Connections to separate critical user interface components to a new cluster. Doing so provides high availability and failover capability for the Connections Web user interface features.
Before you begin
About this task
- The Common application is responsible for serving up static content, including images, css, and javascript to all IBM Connections applications. Additionally as an OSGi container, it is the component that enables Social Mail.
- The WidgetContainer application provides the ability to render gadgets, proxies requests to remote services, and handles REST requests. With the requirement to proxy requests, it has the potential to be very resource intensive.
- After installation, if the cluster fails, not all Web user interface elements will render.
Procedure
Configuring the custom ID attribute for users or groups
Configure IBM Connections to use custom ID attributes to identify users and groups in the LDAP directory.
Before you begin
- If you specified a single ID attribute for both users and groups, you don't need to complete this task. This task is required only if you specified a custom ID attribute for users or groups in the Specifying a custom ID for users or groups topic.
- Ensure that you have completed the steps to specify different ID attributes for users and groups in the Specifying a custom ID for users or groups topic.
About this task
You can change the default setting to use a custom ID to identify users and groups in the directory.
To configure IBM Connections to use the custom ID attribute that you specified earlier, complete the following steps:Procedure
Configuring Files and Wikis downloading
You can make downloading files from the Files and Wikis applications much more efficient by configuring an IBM HTTP Server to handle most of the download instead of the WebSphere Application Server. It is strongly recommended that you configure production deployments this way.
Before you begin
Install an IBM HTTP Server in your WebSphere Application Server environment. See the topic Configuring IBM HTTP Server for information.
In network deployments, Files and Wikis data must be stored on a shared file system, as described in the topic Deployment options. All IBM HTTP Servers in the deployment must have read access to the files, and all WebSphere Application Servers must have write access.
If you choose not to configure the IBM HTTP Server to download files, you must configure the WebSphere Application Server to transfer data synchronously instead of asynchronously in order to avoid errors related to using too much memory. See the tech note Excessive native memory use in IBM WebSphere Application Server for instructions.
About this task
In the default deployment with an IBM HTTP Server, file download requests are passed from the IBM HTTP Server to the WebSphere Application Server. The WebSphere Application Server accesses the binary files in a data directory on the file system and returns them to the IBM HTTP Server, which passes them to the browser.
This is inefficient in deployments where large numbers of users are downloading files, partly because WebSphere Application Server has a limited thread pool that is tuned for short-lived transactions, and optimized for J2EE applications and not file downloads. In this environment it is possible that you would need to create a cluster to handle downloads, especially if you have slow transfer rates, for example caused by people in different geographies downloading 2MB at 2KB per second. This would cause problems, such as making it impractical to properly tune the thread pool.
Configuring the IBM HTTP Server to download the binary files instead makes downloading far more efficient, since IBM HTTP Server is designed specifically for serving files. This leaves WebSphere Application Server to perform tasks such as security checking and cache validation while leaving downloading to the IBM HTTP Server.
To configure this environment, you install an add-on module to the IBM HTTP Server. As in typical deployments, download requests are passed from the IBM HTTP Server to the WebSphere Application Server. But instead of responding with the binary data, the WebSphere Application Server only adds a special header to its response. The add-on module recognizes the header and directs the IBM HTTP Server to download the binary data.
This configuration requires making the Files and Wikis data directories available to the IBM HTTP Server using an alias. This creates a security concern, so you must configure the access control at the IBM HTTP Server level. After you configure security, access to the Files and Wikis data directories is denied unless a specific environment variable is set. Requests to the Files and Wikis applications on WebSphere Application Server are then configured to set the variable. In other words, only requests passing through WebSphere Application Server are able to access the data directory, with WebSphere Application Server acting as the authorizer.
If you use the add-on module you must use an IBM HTTP Server address for the IBM Connections "inter-service" URL. See the topic Troubleshooting inter-server communication for information on setting an inter-service URL.
Do the following tasks to configure IBM HTTP Server downloading:
Procedure
What to do next
- If you get a permission denied error trying to download a file, IBM HTTP Server might not have access to the content. You can temporarily disable security on the directory, and ensure you can access it directly first, then re-enable security. Note that you can tell if WebSphere or IBM HTTP Server is encountering an issue by the error page displayed, and by the path. If IBM HTTP Server is having a problem with the module invoked, the path will include /<alias>.
- If you get log errors about loading the module, make sure that it is only loaded once, that you have selected the correct binary, and that you are on a supported platform.
- If it works for HTTP but not HTTPS (or vice versa), make sure that the configuration lines are in a global context or in each virtual host, depending on your setup.
Uninstalling IBM Connections
Uninstall IBM Connections.
Removing applications
Remove selected applications from IBM Connections.
About this task
If you no longer need to keep certain applications, you can remove them from your deployment. You cannot remove core applications such as Home page, News, and Search.
To remove selected applications from IBM Connections, complete the following steps: