Clustered-server Deployment Guide

Clustered-server Deployment Guide
Workplace Collaboration Services
Version 2.6
for AIX, i5/OS, Linux, Solaris, and Windows
Clustered-server Deployment Guide
G210-2230-02
Workplace Collaboration Services
Version 2.6
for AIX, i5/OS, Linux, Solaris, and Windows
Clustered-server Deployment Guide
G210-2230-02
Note
Before using this information and the product it supports, read the information in “Notices” on page 497.
Third Edition (June 2006)
This edition applies to version 2.6 of IBM Workplace Collaboration Services (product number L-KBIM-6DK38C) and
to all subsequent releases and modifications until otherwise indicated in new editions.
G210-2230-02
© Copyright International Business Machines Corporation 2002, 2006. All rights reserved.
US Government Users Restricted Rights – Use, duplication or disclosure restricted by GSA ADP Schedule Contract
with IBM Corp.
Contents
Chapter 1 Planning a Deployment . . . 1
Phase 1: Planning an IBM Workplace Collaboration
Services deployment . . . . . . . . . . . . 1
Installation . . . . . . . . . . . . . . 1
Clustered-server deployment . . . . . . . . 2
Release Notes available . . . . . . . . . . 2
Installation overview . . . . . . . . . . 2
AIX, Linux, Solaris, and Windows: Requirements 5
i5/OS: Requirements . . . . . . . . . . 13
Workplace Collaboration Services software
components . . . . . . . . . . . . . 25
Administrator names and passwords worksheet 31
Pre-installation checklist . . . . . . . . . 39
Clustered-server deployment overview . . . . 39
Chapter 2 Preparing the Environment
63
Phase 2: Setting up the environment . . . . .
Setting up a clustered environment . . . .
Preparing external Web servers for a clustered
environment . . . . . . . . . . . .
Setting up an i5/OS environment . . . . .
Setting up a Database Management System . .
. 63
. 63
. 79
. 93
. 97
Chapter 3 Installing IBM Workplace
Collaboration Services . . . . . . . 107
Phase 3: Installing Workplace Collaboration
Services . . . . . . . . . . . . . . .
AIX, Linux, and Solaris: Installing in a clustered
environment . . . . . . . . . . . . .
Windows: Installing in a clustered environment
i5/OS: Installing in a clustered environment . .
Opening the IBM WebSphere Administrative
Console . . . . . . . . . . . . . .
Starting and stopping IBM Workplace
Collaboration Services servers . . . . . . .
Accessing IBM Workplace Collaboration
Services after installation . . . . . . . .
Other ways to install IBM Workplace
Collaboration Services . . . . . . . . .
107
107
120
131
144
145
148
148
Chapter 4 Connecting to an LDAP
Directory Server . . . . . . . . . . 157
Phase 4: Connecting to an LDAP directory server
Connecting to IBM Tivoli Directory Server . .
Connecting to Domino Directory . . . . . .
Connecting to Active Directory . . . . . .
Connecting to Sun Java System Directory Server
Connecting to Novell eDirectory . . . . . .
157
157
168
182
193
205
Chapter 5 Connecting to a DBMS
Server . . . . . . . . . . . . . . 217
Phase 5: Transferring data to an external database 217
Transferring data from Cloudscape to another
database . . . . . . . . . . . . . . 217
© Copyright IBM Corp. 2002, 2006
Connecting Network Deployment nodes to a
remote database . . . . . . . . . .
. 265
Chapter 6 Connecting to an External
Web Server . . . . . . . . . . . . 287
Phase 6: Connecting to an external HTTP server
Connecting to external Web servers in a
clustered environment . . . . . . . .
Accessing IBM Workplace Collaboration
Services through an external Web server . .
287
. 287
. 300
Chapter 7 Completing setup of
Workplace Collaboration Services . . 301
Phase 7: Completing setup of Workplace
Collaboration Services components . . . . .
Completing Learning setup in a clustered
environment . . . . . . . . . . . .
Completing Workplace Designer setup in a
clustered environment . . . . . . . .
. 301
. 301
. 309
Chapter 8 IBM Workplace Managed
Client Installation and Configuration . 317
Phase 8: IBM Workplace Managed Client
installation and configuration . . . . . . . .
IBM Workplace Managed Client installation and
configuration checklist for a clustered
environment . . . . . . . . . . . . .
Installing the provisioning server . . . . . .
Configuring for optimal Workplace Managed
Client performance . . . . . . . . . .
Setting Workplace Managed Client installation
program defaults . . . . . . . . . . .
Creating an IBM productivity tools installation
CD or site . . . . . . . . . . . . .
Installing the Workplace Managed Client from a
server . . . . . . . . . . . . . . .
Installing the Workplace Managed Client
framework and productivity tools from
CD-ROM . . . . . . . . . . . . . .
Installing the Workplace Managed Client
framework and productivity tools from an
HTTP server . . . . . . . . . . . . .
IBM Workplace Managed Client Version 2.6
Trial evaluation readme . . . . . . . . .
Implementing credential store and password
recovery capabilities . . . . . . . . . .
Provisioning Workplace Managed Client and
productivity tools updates . . . . . . . .
Creating provisioning and update preferences
Upgrading the Workplace Managed Client from
one release to another . . . . . . . . .
Updating the Workplace Managed Client using
WebSphere Everyplace Device Manager . . .
317
317
320
340
351
354
358
361
362
364
366
371
372
378
384
iii
Uninstalling the Workplace Managed
from the user desktop . . . . .
Uninstalling the Workplace Managed
provisioning server . . . . . .
Changing the search bar appearance.
Client
. . .
Client
. . .
. . .
. 388
. 390
. 392
Chapter 9 Completing Setup in a
Clustered Environment . . . . . . . 395
Phase 9: Completing setup in a clustered
environment . . . . . . . . . . . . .
Updating Workplace Managed Client user
interface files on Node 1. . . . . . . .
Federating and clustering network nodes . .
Connecting nodes to an external HTTP server
Configuring the Network Dispatcher . . .
Completing Web server setup . . . . . .
Completing setup of Node 1 . . . . . .
Completing setup of the Deployment Manager
Completing setup of Node 2 and subsequent
nodes . . . . . . . . . . . . . .
Unfederating a node from a cell . . . . .
. 395
. 395
. 398
428
. 438
. 441
. 444
446
. 451
. 453
Appendix A Upgrading to IBM
Workplace Collaboration Services 2.6 . 457
Upgrade .
iv
.
.
.
.
.
.
.
.
.
Clustered-server Deployment Guide
.
.
.
.
. 457
Upgrading to IBM Workplace Collaboration
Services 2.6 . . . . . . . . . . . .
. 457
Appendix B Completing
Post-installation Tasks . . . . . . . 481
Optional post-installation tasks . . . . . .
Customizing attributes . . . . . . . .
Multiple LDAP directories . . . . . . .
Changing the LDAP host name or port number
after configuration . . . . . . . . . .
Changing the installed context root . . . .
i5/OS: Setting up instance autostart . . . .
Removing the signup and profile links from
Welcome screen . . . . . . . . . .
Appendix C Reference Information
Reference information
Installation logs .
Installed folders .
Port assignments on
. . .
. . .
. . .
i5/OS .
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
. 481
. 481
. 483
. 483
. 484
. 486
. 487
489
.
.
.
.
.
.
.
.
.
.
.
.
489
490
491
492
Notices . . . . . . . . . . . . . . 497
Trademarks .
.
.
.
.
.
.
.
.
.
.
.
.
. 498
Chapter 1 Planning a Deployment
This chapter provides information for planning the installation of IBM®
Workplace™ Collaboration Services.
Phase 1: Planning an IBM Workplace Collaboration Services
deployment
Planning is crucial. The decisions you make when initially installing IBM
Workplace Collaboration Services might be difficult, or impossible, to change after
the system is in use. It is important to understand what is involved in deploying
Workplace Collaboration Services and its related components, and to complete
installation tasks in the proper sequence.
Before you install Workplace Collaboration Services, consider the number of people
who will use it, the amount of data you expect to manage, the types of servers you
will be hosting the product on, and the third-party components you plan to use
with Workplace Collaboration Services. You must make a series of decisions
regarding components and configuration, including (but not limited to):
1. Will this be a pilot installation, or will it be used in a clustered deployment?
2. Will you use an LDAP directory to store user records?
3. Which database management system (DBMS) will you use for storing
Workplace Collaboration Services data?
4. Will you use an external Web server rather than the built-in one that comes
with Workplace Collaboration Services?
Sometimes, the answer to one question affects the answer to another. For example,
while the default IBM Cloudscape™ DBMS may be a good choice for a
single-server deployment with a small number of users, it is not sufficiently robust
for use in a large-scale production environment. If you answer question 1 with
″clustered deployment″, you should not answer question 3 with ″Cloudscape.″
The topics in this section provide an overview of Workplace Collaboration Services
installation that explains the sequence of operations, describes the tasks you will
need to perform, and supplies a worksheet and a checklist to help you prepare for
installation.
Related concepts
“Installation overview” on page 2
Related reference
“Administrator names and passwords worksheet” on page 31
“Pre-installation checklist” on page 39
Installation
IBM Workplace Collaboration Services can be deployed on multiple Workplace
software servers, clustered with WebSphere Application Server Network
Deployment software. In this case, separate Web and DBMS servers are required,
and a separate LDAP directory is recommended for better performance.
© Copyright IBM Corp. 2002, 2006
1
Important: Before installing Workplace Collaboration Services with these
instructions, go to the IBM Support site to check for any software
updates that occurred after this documentation was released:
http://www.ibm.com/software/lotus/support/wcs/
Related concepts
“Clustered-server deployment”
“Optional post-installation tasks” on page 481
“Reference information” on page 489
Clustered-server deployment
A clustered-server deployment has multiple Workplace software servers, clustered
with WebSphere Application Server Network Deployment software. In this case,
separate Web servers and DBMS servers are required, and a separate LDAP
directory is highly recommended. To prepare for installation, read this topic and its
related topics before you start the installation program. Also review the
information on hardware and software requirements, supported hardware and
software versions, and capacity planning.
Use the installation program to install the IBM Workplace Collaboration Services
products. The installation program also installs some of the other required software
components; others you must install separately, using the vendor’s documentation.
Use the IBM Workplace Managed Client™ provisioning server installation program
to install a downloadable copy of the Workplace Managed Client where users can
access it.
Related concepts
“AIX, Linux, Solaris, and Windows: Requirements” on page 5
“i5/OS: Requirements” on page 13
“Phase 1: Planning an IBM Workplace Collaboration Services deployment” on
page 1
“Clustered-server deployment overview” on page 39
Release Notes available
For the latest information on installing and configuringIBM Workplace
Collaboration Services, see the Release Notes. You can access the Release Notes by
pointing your browser at the following Web address and clicking the link for
Workplace Collaboration Services:
http://www.ibm.com/developerworks/workplace/documentation
Installation overview
You install IBM Workplace Collaboration Services in phases; each phase consists of
one or more tasks.
Planning a Workplace Collaboration Services deployment
Before installing anything, read through all the planning topics and make sure that
you understand what software you will install on various servers, and how you
will configure your Workplace Collaboration Services deployment. Completing the
Administrator names and passwords worksheet helps you to collect information
about the different user accounts that you will use while installing Workplace
2
Clustered-server Deployment Guide
Collaboration Services and related software. The Pre-installation checklist, which
you fill out at the end of Phase 1, ensures that you complete preliminary tasks in
the proper order before you install Workplace Collaboration Services products.
This phase is described in ″“Phase 1: Planning an IBM Workplace Collaboration
Services deployment” on page 1.″
Preparing the Workplace Collaboration Services environment
For an IBM WebSphere® Application Server Network Deployment (a clustered
deployment) on AIX®, Linux®, Solaris, Microsoft® Windows®, or i5/OS®, you must
install some additional components before you can set up the actual cluster and
federate Workplace Collaboration Services servers to it. Begin by creating shared
directories that will be accessed by all Workplace Collaboration Services servers in
the deployment, then install and set up the Deployment Manager. At this time, you
also install the WebSphere Application Server Edge components to set up load
balancing for the deployment.
In an i5/OS environment, install WebSphere Application Server V5.0 Enterprise
Enablement before installing Workplace Collaboration Services.
In any environment where a remote DBMS server will be used, install the DBMS
server software on the DBMS server and install a DBMS client on every Workplace
software server. The Workplace Collaboration Services installation program always
installs with IBM Cloudscape as its default DBMS product, and immediately
creates its own databases. Although Cloudscape may be sufficient for a small-scale
deployment, you should connect Workplace Collaboration Services to a more
robust DBMS product for large-scale use, even if you are working with a
single-server deployment.
In any deployment where a remote Web server will be used, install the Web server
plug-in and perform other tasks to prepare for Workplace Collaboration Services
installation.
This phase is described in ″Setting up the environment.″
Installing Workplace Collaboration Services
After the basic requirements have been met and preparations are made, you can
install the Workplace Collaboration Services software, selecting the licensed
products you need.
If you are setting up a clustered deployment and intend to use the Workplace
Managed Client provisioning server, you must also install the provisioning server
at this time – before federating the node – as explained in the Sequence of
operations for a clustered deployment for AIX, Linux, and Solaris, for Windows,
and for i5/OS..
If you are installing on i5/OS and choose not to use the Create Workplace
Collaboration Services wizard, you must configure an HTML rendering server
before proceeding to the Phase 4.
This phase is described in ″Installing Workplace Collaboration Services.″
Chapter 1 Planning a Deployment
3
Connecting to an LDAP directory
The Workplace Collaboration Services installation program sets up IBM WebSphere
Member Manager as the default user directory. If you connect to an LDAP
directory, you first establish mappings between the LDAP directory and Workplace
Collaboration Services to ensure both proper access for users and proper security
levels to protect data. In addition, you must create LDAP administrator accounts
for use with Workplace Collaboration Services, and then run the Configuration
Wizard to connect to the LDAP directory.
This phase is described in ″Connecting to an LDAP directory.″
Transferring data to another database
By default, Workplace Collaboration Services installs with the IBM Cloudscape
database set up and ready for use.
Review the topic, ″“Database management system considerations” on page 30,″ to
help decide whether to store your data in Cloudscape or another database product.
You can transfer to another database product after the initial installation of
Workplace Collaboration Services, by running the Configuration Wizard to create
and configure a new database before transferring data to it. (See the
″Requirements″ topics for a list of supported database products.) You do not need
to remove the Cloudscape database or its server software after the data transfer.
This phase is described in the topic, ″Transferring data to an external database.″
Connecting to an external Web server
After installation, you may install and set up an external Web server for the
Workplace Managed Client provisioning server or for use in a clustered Workplace
Collaboration Services deployment. To improve performance, you may also use an
external Web server with IBM Workplace Collaborative Learning™ and the other
Workplace Collaboration Services products.
The external Web server is not built into the Workplace Collaboration Services
software, but is installed separately. It can be hosted locally on the Workplace
software server, or remotely on a different server. If it is hosted on a remote server,
the Web server must reside in the same Internet DNS domain as the Workplace
software server.
This phase is described in ″Connecting to an external Web server.″
Setting up Workplace Collaboration Services components
After installation, complete some final setup tasks for components, such as
Workplace Collaborative Learning and Workplace Designer, to ensure they are
ready for use.
This phase is described in ″“Phase 7: Completing setup of Workplace Collaboration
Services components” on page 301.″
4
Clustered-server Deployment Guide
Installing and distributing the IBM Workplace Managed Client
The provisioning server provides the Workplace Collaboration Services applications
to the user workstation during managed client desktop installation. Every time a
user logs in to the client, the system checks the provisioning server to determine if
there are updates or new components available. If there are, the user is prompted
to update the Workplace Managed Client.
Note: If you are setting up a clustered environment, you install the provisioning
server earlier in the overall task sequence before federating network nodes.
For more information, see ″Installation and upgrade in a clustered
environment.″
Customers or business partners who are interested in the Workplace Collaboration
Services Client technology should contact their IBM representative for more details.
This phase is described in ″Workplace Managed Client installation and
configuration.″
Completing setup in a clustered-server deployment
If you are installing Workplace Collaboration Services in a clustered-server
deployment, you must complete the setup before anyone starts using Workplace
Collaboration Services. Tasks include updating Workplace Managed Client files,
federating nodes and adding them to a cluster, connecting nodes to the database,
setting up dynamic caching and messaging, distributing various files to ensure that
all nodes have a copy, and setting up load balancing for instant messaging and
Web conferences.
This phase is described in ″Completing setup in a clustered environment.″
Related concepts
“Workplace Collaboration Services software components” on page 25
“Clustered-server deployment” on page 2
“AIX, Linux, Solaris, and Windows: Requirements”
“i5/OS: Requirements” on page 13
“Optional post-installation tasks” on page 481
“Reference information” on page 489
AIX, Linux, Solaris, and Windows: Requirements
This topic describes requirements for running IBM Workplace Collaboration
Services on IBM AIX, Linux, Sun Solaris, and Microsoft Windows servers.
Unless specified otherwise, the requirements in this topic also apply to the
individual Workplace Collaboration Services products, including Workplace
Messaging®, IBM Workplace Team Collaboration, IBM Workplace Documents, and
IBM Workplace Collaborative Learning . Also note:
v Any information that specifically addresses the messaging capabilities of
Workplace Collaboration Services also applies to IBM Workplace Messaging.
v Any information that specifically addresses the collaborative learning capabilities
of Workplace Collaboration Services also applies to Workplace Collaborative
Learning.
Chapter 1 Planning a Deployment
5
v Any information that specifically addresses the Web content management
capabilities of Workplace Collaboration Services also applies to IBM Workplace
Web Content Management.
This topic contains the following requirements:
v Installation program
v Server hardware
v Network connectivity
v Server software and operating system
v Workplace Managed Client hardware and software
v Client software and operating system
Note: For the system requirements for the Web content management capabilities of
Workplace Collaboration Services, see the documentation at
http://www.ibm.com/developerworks/workplace/documentation.
Installation program requirements
(AIX and Solaris) The Workplace Collaboration Services installation program uses
the GNU tar archiver to extract files during installation. Before running the
installation program on AIX or Solaris, you must install GNU tar, version 1.14 or
later. The GNU tar can be downloaded from the Free Software Directory on
www.gnu.org. It must be installed as the default tar utility on the path (the default
install location for GNU tar is /usr/local/bin). To verify the version number of the
default tar utility, use the command ″tar --version″ (typed with two hyphens, not a
dash). If the default tar utility is not the latest version, upgrade to version 1.14 or
later.
Server hardware requirements
This section describes the server hardware requirements.
Server processor and memory requirements
The following table lists the minimum server processor and memory requirements.
The requirements provided are for the default configuration where no external
LDAP directories and databases are being used. Contact your IBM representative
to determine capacity requirements for your organization’s deployment.
Server platform
Minimum processor
Minimum RAM
AIX
1.2 GHz IBM POWER4+ or
higher processor
4 GB
Linux
2.0 GHz Intel Pentium 4 or
equivalent processor
4 GB
Solaris
1.28 GHz UltraSparc IIIi or
equivalent processor
4 GB
Windows
2.0 GHz Intel Pentium 4 or
equivalent processor
4 GB
Using the NTFS file system is recommended for Windows systems.
6
Clustered-server Deployment Guide
Server disk space requirements
Installing Workplace Collaboration Services requires a minimum of 10 GB of free
disk space. This amount does not include the disk space required to install
database software if you use an external database server. Installation of the
Workplace Managed Client provisioning server requires an additional 1.5 GB.
If you use a two-server deployment or a multiple-server Network Deployment, the
Workplace Collaboration Services server requires a minimum of 17 GB of free disk
space. If you also install the Workplace Managed Client provisioning server on the
same machine, the server needs 18.5 GB of free disk space.
Note: For AIX installations, the /usr directory and /tmp directory each require a
minimum of 2 GB of free disk space. For Linux or Solaris installation, the
/opt directory and /tmp directory each require a minimum of 2 GB of free
disk space.
Estimating disk space requirements for the messaging
capabilities of Workplace Collaboration Services
Before you install the messaging capabilities of Workplace Collaboration Services,
refer to the following table to estimate the disk space needed for the mail data. For
example, if you have 1000 users and each user uses the default disk space of 60
MB, you need approximately 73 GB of disk space. The numbers in the table are
based on an average message size of 50 KB and 90 day message stub retention. It
is also important to note that these estimates are for messaging only. Additional
database storage is required for archiving, if you implement an archiving solution.
Maximum storage per user (MB)
Number of
Users
5
10
15
20
25
30
35
40
45
50
55
60
10
0.49
0.51
0.53
0.55
0.58
0.60
0.62
0.64
0.67
0.69
0.71
0.73
50
2.44
2.55
2.66
2.77
2.89
3.00
3.11
3.22
3.34
3.45
3.56
3.67
100
4.87
5.1
5.32
5.55
5.77
6.00
6.22
6.45
6.67
6.90
7.12
7.35
500
24.37
25.49
26.62
27.74
28.87
30.00
31.12
32.24
33.37
34.50
35.62
36.75
1000
48.73
50.98
53.23
55.48
57.74
60.00
62.24
64.49
66.74
68.99
71.24
73.49
5000
243.66
254.91
266.17
277.42
288.68
30.00
311.19
322.44
333.70
344.95
356.21
367.46
10000
487.32
509.83
532.34
554.85
577.35
600.00
Estimating disk space requirements for the collaborative learning
capabilities of Workplace Collaboration Services
Before you install the collaborative learning capabilities of Workplace Collaboration
Services, refer to the following information to estimate the amount of disk space
required for the learning data and indexes. The amount depends on the following
factors:
v Number of courses
v Number of registered users
v Average courses per user
v Average nodes (course elements) per course
Use the following formulas to estimate the size of the learning data and indexes:
To estimate the data size (in kilobytes), use this formula:
number_of_courses *(57 + average_nodes_per_course * 30.4) +
number_of_users *(10 + average_courses_per_user * (3.8 + average_nodes_per_course
* 1.1))
Chapter 1 Planning a Deployment
7
To estimate the index size (in kilobytes), use this formula:
number_of_courses * (12.3 + average_nodes_per_course * 1.4) +
number_of_users * (1.5 + average_courses_per_user *(1.6 + average_nodes_per_course
* 0.14))
To calculate the required disk space, add the data size to the index size. Multiply
the result of this calculation by 2 to determine the required disk space.
Network connectivity requirements
The network connectivity requirements for a Workplace Collaboration Services
server are as follows:
v Network adapter and connection to a physical network that can carry IP packets.
For example, Ethernet, token ring, ATM, and so on.
v Static IP address with an entry in DNS.
v Configured fully qualified host name. Workplace Collaboration Services must be
able to resolve an IP address from its fully qualified host name.
To ensure that the host name is correctly configured in DNS, type one of these
commands at the command line of another server on the network:
v ping hostname.yourco.com
v (Windows) nslookup hostname.yourco.com
v (Linux) dig hostname.yourco.com
Server software and operating system requirements
This section describes the server software and operating system requirements.
Supported server operating systems
One of the following operating systems is required on the server where Workplace
Collaboration Services will be installed:
v IBM AIX 5.2 with Maintenance Level 6
v IBM AIX 5.3
v Microsoft Windows 2000 Server with Service Pack 4
v Microsoft Windows Advanced Server with Service Pack 4
v Microsoft Windows Server 2003 Standard Edition with Service Pack 1
v Microsoft Windows Server 2003 Enterprise Edition with Service Pack 1
v Red Hat Enterprise AS for Linux (x86)
– 2.1: Full support for both single-server and clustered deployments
– 3.0: Full support for single-server deployment; in clustered deployments, the
Deployment Manager is not supported although all other servers are
supported (you can use version 2.1 on the Deployment Manager even when
the nodes use version 3.0)
v SuSE Linux Enterprise Server 8, 2.4 Kernel for Intel x86
v Sun Solaris 9 Fix Level 12-2002; Fix Level 112951-08
Components of WebSphere Application Server Enterprise 5.0.2.6 and WebSphere
Portal Enable for Multiplatforms 5.0.2.2 are installed automatically with Workplace
Collaboration Services. It is not possible to install Workplace Collaboration Services
on top of an existing WebSphere Application Server or WebSphere Portal Server
installation.
8
Clustered-server Deployment Guide
Supported databases
Workplace Collaboration Services installs Cloudscape by default; any of the
supported databases can then be substituted instead ofCloudscape. The following
databases are supported:
v +IBM Cloudscape 5.1.60.18
v +IBM DB2 Universal Database™ Workgroup Server Edition 8 with FixPak 9a (all
platforms)
v +IBM DB2 Universal Database Enterprise Server Edition 8 with FixPak 9a (all
platforms)
Note: DB2 8 FixPak 9a is equivalent to DB2 8.2 FixPak 2a.
FixPaks for DB2 are available from:http://www-306.ibm.com/software/data/
db2/udb/support/downloadv8_windows32bit.html
v Microsoft SQL Server 2000 with Service Pack 3 and Service Pack 3a
v Oracle Enterprise Edition 9i Release 2 (9.2.0.4)
+Software marked with a plus sign (+) is shipped with Workplace Collaboration
Services and is only licensed for use with Workplace Collaboration Services.
Supported Web servers
Workplace Collaboration Services comes with an internal Web server provided
with IBM WebSphere Application Server, but using an optional separate Web
server can improve performance. An external Web server is also required for the
Workplace Managed Client provisioning server. Workplace Collaboration Services
does not include an external Web server, but the following Web servers are
supported:
v Apache Server 1.3.26 and 1.3.28
v IBM HTTP Server 6.0.2.1 with the 6.0.2 plug-in
v IBM Lotus® Domino® Enterprise Server (as Web server) 6.5.1, 6.5.4, and 7.0
v Microsoft IIS 5.0 and 6.0 (Windows 2003 supports only IIS 6.0)
v Sun ONE Web Server, Enterprise Edition 6.0 (formerly iPlanet), with Service
Pack 4
Supported LDAP directory servers
Workplace Collaboration Services installs with a default WebSphere Member
Manager user directory, but can be configured to run with the following LDAP
directory servers:
v +IBM Tivoli® Directory Server 5.2
v IBM Lotus Domino Enterprise Server (as LDAP server) 6.5.1, 6.5.4, and 7.0
v Microsoft Active Directory 2000
v Microsoft Active Directory 2003
v Novell eDirectory 8.7.3
v Sun Java™ System Directory Server 5.2 with Fix Pack 3
Note: If the LDAP server is Lotus Domino 6.5.1, Workplace Collaboration Services
supports searches of secondary Domino directories that are designated as
″Domain type: Notes″ in a directory assistance database on the server.
Chapter 1 Planning a Deployment
9
+Software marked with a plus sign (+) is shipped with Workplace Collaboration
Services and is only licensed for use with Workplace Collaboration Services.
Supported directory integration product
The following application supports the import of users from other mail systems
and provides directory integration for Workplace Collaboration Services:
v +IBM Tivoli Directory Integrator 6.0
+Software marked with a plus sign (+) is shipped with Workplace Collaboration
Services and is only licensed for use with Workplace Collaboration Services.
Supported server Java Development Kits
v JDK 1.3.1
v JDK 1.4.2 (non-programmable embedded components)
v IBM Java2 JRE v1.4.2
Supported third-party single sign-on (SSO) products for the
browser client
v IBM Tivoli Access Manager 4.1
v IBM Tivoli Access Manager 5.1
v Netegrity Policy Server 6.0
Attention: The Workplace Managed Client and provisioning server cannot be
used in an environment that uses Netegrity Policy Server because of limitations
with Netegrity Policy Server authentication protocols. However, Netegrity Policy
Server can be used by browser clients who use Workplace Collaboration
Services.
Supported public key infrastructure (PKI) products
v IBM Lotus Domino 6.5 (Domino certificate authority provided on a Domino
6.5.2, or later, server)
v Microsoft Certificate Services provided with Windows 2000 server
v VeriSign 6.0
Supported proxy servers
v
WebSphere Application Server Edge Components Version 5.0 Fixpack 2
Note: When clustering Workplace server, bootstrapping using the Edge
Components address and routing the requests to the node agents in the
cluster is supported. Bootstrapping from the Network Deployment
Manager is not supported and will not be tested.
v Tivoli Access Manager 5.1
Forward, Reverse, and Transparent proxy servers are now supported by Workplace
Collaboration Services and its components, except the Workplace Managed Client.
Additional requirements for the collaborative learning
capabilities of Workplace Collaboration Services
To support complete functionality for live classroom sessions, you need to install
IBM Lotus Virtual Classroom 1.1.1 or later.
10
Clustered-server Deployment Guide
Workplace Managed Client hardware and software requirements
The Workplace Managed Client processor and memory requirements are as
follows:
v Intel Pentium 3 processor, 800 MHz
v 512 MB RAM minimum, 1 GB RAM is recommended
The recommended memory requirement for the Workplace Managed Client is 1
GB. The additional memory reduces client startup time and increases performance
and reliability.
Disk space recommendations are described in the following table.
Installation scenario
Recommended disk space
IBM productivity tools not installed
350 MB
IBM productivity tools installed without
language pack
600 MB
IBM productivity tools installed with
language pack
700 MB
Supported platforms for the Workplace Managed Client
The following platforms are supported for the Workplace Managed Client:
v IBM Lotus Notes 7
v Microsoft Windows 2000 Professional with Service Pack 4
v Microsoft Windows XP with Service Pack 2
v Red Hat Enterprise Linux WS 3.0 with Update 4; Kernel: 2.4.2.21-27.0.2″;
Compiler: gcc 3.2, glibc 2.3.2; desktop environment: GNOME
Client software and operating system requirements
This section describes the client software and operating system requirements for
this release.
Supported operating systems for the browser client
The following operating systems are supported for browser clients:
v Mac 8.0 with Netscape 8.2 (only to access the collaborative learning capabilities
through the non-Portal-based interface)
v Microsoft Windows 2000 Professional with Service Pack 4
v Microsoft Windows XP with Service Pack 2
v Red Hat Enterprise Linux WS 3.0 with Update 4
v SuSE Linux Desktop 1.0
Note: The Learning Authoring Tool and Offline Learning client support Windows
2000 and Windows XP only.
Supported browsers
The following browsers are supported:
Chapter 1 Planning a Deployment
11
v Microsoft Internet Explorer 6.0 on Windows 2000 Service Pack 2 and Windows
XP Service Pack 4 with the Sun Java Runtime Environment (JRE) 1.4.2 or with
Microsoft Java Virtual Machine (JVM) 1.1
v Mozilla 1.4 on Linux with Sun Java Runtime Environment (JRE) 1.4.2
v Mozilla 1.4 on Windows with Sun Java Runtime Environment (JRE) 1.4.2
v Mozilla Firefox 1.0.6 on Windows with Sun Java Runtime Environment (JRE)
1.4.2
v Mozilla Firefox 1.0.6 on Linux with Sun Java Runtime Environment (JRE) 1.4.2
v Netscape 6.2 (collaborative learning only)
Web conference browser requirements
Before you join a Web conference, make sure that you are using a supported
browser. Note also that if you are using the Firefox browser, you must be sure to
use it only with the Sun plug-in version of Java Virtual Machine (JVM) 1.4.2, not
1.5, or your computer may crash after you join a Web conference.
In addition, there are different browser requirements for those who share their
screen and for attendees who view shared screens during a Web conference, as
outlined below:
v Sharing your screen
Sun Java 1.4 Virtual Machine (Sun plug-in version of Java Virtual Machine (JVM)
1.4.2 and Microsoft Internal Explorer 6.0 with Service Pack 1, Mozilla 1.4, or
Firefox 1.0
v Viewing screen share
Sun plug-in version of Java Virtual Machine (JVM) 1.4.2 and Microsoft Internet
Explorer 6 with Service Pack 1 as well as Microsoft Internet Explorer 5.5 with
Service Pack 2 and Microsoft Java Virtual Machine 1.1.
Note: All Web conference participants must have JavaScript enabled in their
browsers.
Supported mail clients
In addition to the browser client and Workplace Managed Client, the messaging
capabilities of Workplace Collaboration Services support the following mail clients.
POP3 clients on Microsoft Windows 2000 and Microsoft Windows
XP
The messaging capabilities of Workplace Collaboration Services support the
following POP3 clients:
v IBM Lotus Notes 6.5.1 and 6.5.4
v Microsoft Outlook Express 6
v Microsoft Outlook for Windows XP and Windows 2003
v WebSphere Portal Internet Mailbox 5.0
IMAP clients on Microsoft Windows 2000 and Microsoft Windows
XP
The messaging capabilities of Workplace Collaboration Services support the
following IMAP clients as a technical preview only:
12
Clustered-server Deployment Guide
v IBM Lotus Notes 6.5.1 and 6.5.4
v Microsoft Outlook Express 6
v Microsoft Outlook on Windows XP and Windows 2003
Supported client Java Development Kit (JDK)
JDK 1.4.2
Related concepts
“i5/OS: Requirements”
“Clustered-server deployment” on page 2
i5/OS: Requirements
This topic describes requirements for running IBM Workplace Collaboration
Services on IBM i5/OS.
Unless specified otherwise, the requirements in this topic also apply to the
individual Workplace Collaboration Services products, including Workplace
Messaging, IBM Workplace Team Collaboration, IBM Workplace Documents, and
IBM Workplace Collaborative Learning Also note:
v Any information that specifically addresses the messaging capabilities of
Workplace Collaboration Services also applies to IBM Workplace Messaging.
v Any information that specifically addresses the collaborative learning capabilities
of Workplace Collaboration Services also applies to Workplace Collaborative
Learning.
v Any information that specifically addresses the web content management
capabilities of Workplace Collaboration Services also applies to IBM Workplace
Web Content Management.
This topic contains the following requirements:
v Hardware requirements
v
v
v
v
Required software and Program Temporary Fixes (PTFs)
Server software and operating system requirements
Workplace Managed Client hardware and software requirements
Client software and operating system requirements
For the system requirements for the web content management capabilities of
Workplace Collaboration Services, refer to the document at
http://www.ibm.com/developerworks/workplace/documentation/
webcontentmanagement.
Hardware requirements for i5/OS
This section describes the server hardware requirements.
Server hardware
The following are the minimum server processor and memory requirements for
new IBM System i™ servers. For existing systems, contact your IBM representative
to determine capacity requirements for your organization’s deployment.
v IBM eServer i5 520 1-way (2400 CPW)
v 4 GB main storage
Chapter 1 Planning a Deployment
13
v 15 GB of disk space for installation of Workplace Collaboration Services and
WebSphere Application Server V5.0.2 Enterprise Enablement
v 4 GB of disk space for each WebSphere Application Server instance configured
for use with Workplace Collaboration Services
Estimating disk space requirements for the messaging capabilities of Workplace
Collaboration Services
Before you install the messaging capabilities of Workplace Collaboration Services,
refer to the following table to estimate the disk space needed for the mail data. For
example, if you have 1000 users and each user uses the default disk space of 60
MB, you need approximately 73 GB of disk space. The numbers in the table are
based on an average message size of 50 KB and 90 day message stub retention. It
is also important to note that these estimates are for Messaging only. Additional
database storage is required for archiving, if you implement an archiving solution.
Maximum storage per user (MB)
Number of
Users
5
10
15
20
25
30
35
40
45
50
55
60
10
0.49
0.51
0.53
0.55
0.58
0.60
0.62
0.64
0.67
0.69
0.71
0.73
50
2.44
2.55
2.66
2.77
2.89
3.00
3.11
3.22
3.34
3.45
3.56
3.67
100
4.87
5.1
5.32
5.55
5.77
6.00
6.22
6.45
6.67
6.90
7.12
7.35
500
24.37
25.49
26.62
27.74
28.87
30.00
31.12
32.24
33.37
34.50
35.62
36.75
1000
48.73
50.98
53.23
55.48
57.74
60.00
62.24
64.49
66.74
68.99
71.24
73.49
5000
243.66
254.91
266.17
277.42
288.68
30.00
311.19
322.44
333.70
344.95
356.21
367.46
10000
487.32
509.83
532.34
554.85
577.35
600.00
Note: IBM DB2 Universal Database for iSeries has a size limit of 1.7 TB per table.
Network connectivity requirements
The network connectivity requirements for a Workplace Collaboration Services
server are as follows:
v Network adapter and connection to a physical network that can carry IP packets.
For example, Ethernet, token ring, ATM, and so on.
v Static IP address with an entry in DNS.
v Configured fully qualified host name. Workplace Collaboration Services must be
able to resolve an IP address from its fully qualified host name.
To ensure that the host name is correctly configured in DNS, enter the following
command at the command line of another server on the network:
ping hostname.yourco.com
i5/OS user profiles
To install and configure Workplace Collaboration Services on i5/OS, you must
have a user profile with the following special authorities:
v *ALLOBJ
v *IOSYSCFG
v *JOBCTL
Setting the time on i5/OS
14
Clustered-server Deployment Guide
Before installing the Workplace Collaboration Services, ensure that the UTC offset
system value is set correctly by running the following command from an i5/OS
command line (example below is for Central Standard Time):
CHGSYSVAL SYSVAL(QTIMZON) VALUE(QN0600CST)
Workstation requirements
In order to install the Workplace Collaboration Services using the graphical
interface, you must be connected to your IBM System i server from a remote
workstation. The requirements for that workstation are as follows:
v Windows 2000 or Windows XP
v DVD-ROM drive
To view performance statistics on your Workplace instance using Tivoli
Performance Viewer, you will also need to install workstation tools for WebSphere
Application Server on your workstation.
Required software and PTFs
The software and Program Temporary Fix (PTF) requirements for IBM WebSphere
Portal for Multiplatforms vary depending on which version of i5/OS you are
using. To review software requirements for the version of i5/OS you are using, see
one of the following topics:
v V5R3 software and PTF requirements
v V5R4 software and PTF requirements
Supported databases
Workplace Collaboration Services runs on i5/OS with the following DBMS server:
v IBM DB2 Universal Database for iSeries V5R3
Supported Web servers
A separate, external Web server is required for instant messaging, presence, and
Web conferencing activities and for the Workplace Managed Client provisioning
server. Workplace Collaboration Services comes with an internal Web server
provided with WebSphere Application Server, but using an external Web server can
improve performance.
Workplace Collaboration Services runs on i5/OS with the following local or remote
Web servers:
v IBM HTTP Server for iSeries 2.0.52
v IBM Lotus Domino Server for iSeries Release 5.0.12 or later
Workplace Collaboration Services also runs with the following remote Web servers:
v Apache Server 1.3.26 and 1.3.28
v IBM HTTP Server 6.0.2.1
v IBM Lotus Domino Enterprise Server (as Web server) 6.5.1, 6.5.4, and 7.0
v Microsoft IIS 5.0 and 6.0 (Windows 2003 supports only IIS 6.0)
v Sun ONE Web Server, Enterprise Edition 6.0 (formerly iPlanet), with Service
Pack 4
Chapter 1 Planning a Deployment
15
Supported LDAP directory servers
Workplace Collaboration Services installs with a default WebSphere Member
Manager user directory, but can be configured to run with the following LDAP
directory servers:
v IBM Tivoli Directory Server for iSeries 5.1 (with i5/OS V5R3)
v IBM Tivoli Directory Server 5.2
v IBM Lotus Domino Enterprise Server (as LDAP server) 6.5.1, 6.5.4, and 7.0
v Microsoft Active Directory 2000
v Microsoft Active Directory 2003
v Novell eDirectory 8.7.3
v Sun Java System Directory Server 5.2 with Fix Pack 3
Supported directory integration product
The following application supports the import of users from other mail systems
and provides directory integration for Workplace Collaboration Services:
v +IBM Tivoli Directory Integrator 5.2
+Software marked with a plus sign (+) is shipped with Workplace Collaboration
Services and is only licensed for use with Workplace Collaboration Services.
Supported third-party single sign-on products for the browser
client
v IBM Tivoli Access Manager 4.1
v IBM Tivoli Access Manager 5.1
v Netegrity Policy Server 5.5
Supported third-party public key infrastructure products
v VeriSign 6.0
Supported proxy servers
v IBM WebSphere Edge Server 2.0.2 with eFix 49, PTF-1
v Tivoli Access Manager 5.1
Workplace Managed Client hardware and software requirements
The Workplace Managed Client processor and memory requirements are as
follows:
v Intel Pentium 3 processor, 800 MHz
v 512 MB RAM minimum, 1 GB recommended
The recommended memory requirement for the Workplace Managed Client is 1
GB. The additional memory reduces client startup time and increases performance
and reliability.
Disk space recommendations are described in the following table.
16
Installation scenario
Recommended disk space
IBM productivity tools not installed
350 MB
Clustered-server Deployment Guide
Installation scenario
Recommended disk space
IBM productivity tools installed without
language pack
600 MB
IBM productivity tools installed with
language pack
700 MB
Supported platforms for the Workplace Managed Client
The following platforms are supported for the Workplace Managed Client:
v IBM Lotus Notes 7
v Microsoft Windows 2000 Professional with Service Pack 4
v Microsoft Windows XP with Service Pack 2
v Red Hat Enterprise Linux WS 3.0 with Update 4; Kernel: 2.4.2.21-27.0.2″;
Compiler: gcc 3.2, glibc 2.3.2; desktop environment: GNOME
Browser client software and operating system requirements
This section describes the client software and operating system requirements for
this release.
Supported operating systems for the browser client
The following operating systems are supported for browser clients:
v Mac 8.0 with Netscape 8.2 only to access the collaborative learning capabilities
through the non-Portal-based interface)
v Microsoft Windows 2000 Professional with Service Pack 4
v Microsoft Windows XP with Service Pack 2
v Red Hat Enterprise Linux WS 3.0 with Update 4
v SuSE Linux Desktop 1.0
Note: The Learning Authoring Tool and Offline Learning client support Windows
2000 and Windows XP only.
Supported browsers
The following browsers are supported:
v Microsoft Internet Explorer 6.0 on Windows 2000 Service Pack 4 and Windows
XP Service Pack 2 with the Sun Java Runtime Environment (JRE) 1.4.2 or with
Microsoft Java Virtual Machine (JVM) 1.1
v Mozilla 1.4 on Linux with Sun Java Runtime Environment (JRE) 1.4.2
v Mozilla 1.4 on Windows with Sun Java Runtime Environment (JRE) 1.4.2
v Mozilla Firefox 1.0.6 on Windows with Sun Java Runtime Environment (JRE)
1.4.2
v Mozilla Firefox 1.0.6 on Linux with Sun Java Runtime Environment (JRE) 1.4.2
v Netscape 6.2 (Collaborative Learning only)
Web conference browser requirements
Before you join a Web conference, make sure that you are using a supported
browser. Note also that if you are using the Firefox browser, you must be sure to
Chapter 1 Planning a Deployment
17
use it only with the Sun plug-in version of Java Virtual Machine (JVM) 1.4.2, not
1.5, or you may crash after joining a Web conference.
In addition, there are different browser requirements for those who share their
screen and for attendees who view shared screens during a Web conference, as
outlined below:
v Sharing your screen
Sun Java 1.4 Virtual Machine (Sun plug-in version of Java Virtual Machine (JVM)
1.4.2 and Microsoft Internal Explorer 6.0 with Service Pack 1, Mozilla 1.4, or
Firefox 1.0
v Viewing screen share
Sun plug-in version of Java Virtual Machine (JVM) 1.4.2 and Microsoft Internet
Explorer 6 with Service Pack 1 as well as Microsoft Internet Explorer 5.5 with
Service Pack 2 and Microsoft Java Virtual Machine 1.1.
Note: All Web conference participants must have JavaScript enabled in their
browsers.
Supported mail clients
In addition to the browser client and Workplace Managed Client, the messaging
capabilities of Workplace Collaboration Services support the following mail clients.
POP3 clients on Microsoft Windows 2000 and Microsoft Windows
XP
The messaging capabilities of Workplace Collaboration Services support the
following POP3 clients:
v IBM Lotus Notes 6.5.1 and 6.5.4
v Microsoft Outlook Express 6
v Microsoft Outlook for Windows XP and Windows 2003
v WebSphere Portal Internet Mailbox 5.0
IMAP clients on Microsoft Windows 2000 and Microsoft Windows
XP
The messaging capabilities of Workplace Collaboration Services support the
following IMAP clients:
v IBM Lotus Notes 6.5.1 and 6.5.4
v Microsoft Outlook Express 6
v Microsoft Outlook on Windows XP and Windows 2003
Supported client Java Development Kit (JDK)
JDK 1.4.2
Related concepts
“V5R3 software and PTF requirements” on page 19
This topic lists software and Program Temporary Fix (PTF) requirements for
installing IBM WebSphere Portal for Multiplatforms on IBM i5/OS version
V5R3. If you are installing on i5/OS V5R4, see ″V5R4 software and PTF
requirements.″
18
Clustered-server Deployment Guide
“V5R4 software and PTF requirements” on page 22
This topic lists software and Program Temporary Fix (PTF) requirements for
installing IBM WebSphere Portal for Multiplatforms on IBM i5/OS version
V5R4. If you are installing on i5/OS V5R3, see ″V5R3 software and PTF
requirements.″
“AIX, Linux, Solaris, and Windows: Requirements” on page 5
“Clustered-server deployment” on page 2
V5R3 software and PTF requirements
This topic lists software and Program Temporary Fix (PTF) requirements for
installing IBM WebSphere Portal for Multiplatforms on IBM i5/OS version V5R3. If
you are installing on i5/OS V5R4, see ″V5R4 software and PTF requirements.″
i5/OS V5/R3 software products
The following software products are required for Workplace Collaboration Services
on i5/OS:
Program
Option
5722SS1
Description
i5/OS V5R3
5722SS1
12
Host Servers
5722SS1
30
QShell Interpreter
5722SS1
33
Portable Application Solution
Environment (PASE)
5722SS1
43
OS/400 - Additional Fonts
5722SS1
34
Digital Certificate Manager1
5722AC3
Crypto Access Provider
128-bit
5722DG1
IBM HTTP Server
5722JV1
*BASE
IBM Developer Kit for Java
5722JV1
5
IBM 32-bit SDK, Java 2
Technology Edition, v1.4.2
SR1w
5722JV1
6
Dev Toolkit for Java (Version
1.4)
5722TC1
*BASE
TCP/IP Utilities
5733WS5
*BASE
WebSphere Application
Server V5.0
5733WS5
1
WAS V5.0 Client
development and runtime
5733WS5
2
WAS V5.0 Application server
runtime
5733WS5
5
WebSphere Application
Server V5.0 Network
Deployment2
5733WS5
10
WAS V5.0 Enterprise
Enablement3
5733WS5
11
WAS V5.0 Enterprise
Enablement, Network
Deployment Edition2, 3
Chapter 1 Planning a Deployment
19
1
Required for configuration of Secure Sockets Layer (SSL).
2
Required on the Deployment Manager system if deploying in a clustered
environment. For more information, see ″i5/OS: Sequence of operations for a
clustered environment″ in the IBM Workplace Collaboration Services Information
Center.
3
For information on installing WebSphere Application Server V5.0 Enterprise
Enablement, see ″i5/OS: Installing WebSphere Application Server V5.0 Enterprise
Enablement″ in the IBM Workplace Collaboration Services Information Center.
WAS V5.0 Enterprise Enablement, Network Deployment Edition is required only
for the Deployment Manager system if deploying in a clustered environment.
To determine which software is installed on your system, enter DSPSFWRSC on an
i5/OS command line. The Display Software Resources screen shows all installed
software.
i5/OS V5/R3 PTFs
This section describes the group and individual program temporary fixes (PTFs)
that must be installed on your system prior to Workplace Collaboration Services
installation. For instructions on ordering PTFs, go to http://www-912.ibm.com/
supporthome.nsf/document/10000069.
Required group PTFs
Ensure that the following group PTFs are installed. Apply these PTFs after
installing all required software, and before applying the individual PTFs.
Group Number
Description
Minimum Level
SF99530
Cumulative PTF package
5298
SF99282
WebSphere Portal
4
Express/Express Plus Service
Pack
SF99503
DB2 UDB for iSeries1
8
SF99288
WebSphere App Server ND
V5.01
11
SF99287
WebSphere App Server V5.0
(Base Edition)1
15
SF99269
Java1
SF99099
IBM HTTP Server for iSeries
9
1
8
1
PTF should automatically be applied at the proper level when SF99282 is
installed. It is listed here for verification purposes.
Verifying which group PTFs are installed
To determine if the correct group PTF packages are installed, perform the
following steps:
1. Sign on to your server.
2. Enter the Work with PTF Groups command on an i5/OS command line:
WRKPTFGRP
20
Clustered-server Deployment Guide
The Work with PTF Groups status screen lists the PTF group level and what
group PTFs have been applied to your server.
Required individual PTFs
After installing all required group PTFs, ensure that the following individual PTFs
are installed:
Note: Some individual PTFs may be included with the group PTFs listed above.
PTF Number
Product
Description
SI15323
5722DG1
HTTPSVR-INCORROUT DEFAULT PAGE
IS GENERATED INCORRECTLY
SI21023
5722DG1
HTTPSVR-MSGMCH3601 ERROR IN
APACHE SERVER
SI21469
5722DG1
HTTPSVR - Admin GUI Updates for WCS
2.6 Support
SI14875
5722SS1
JTOpen/Toolbox 4.1 vs. 4.4 mismatch
SI14668
5722SS1
JVA-RUN-INCORROUT
JDBC-DB2RSGetColumns.getObject() Errors
SI14360
5722SS1
OSP-DB-MSGCPF4327-RC2 SQL request
during websphere
SI15608
5722SS1
SI15032
5722SS1
SI15974
5722SS1
SI16999
5722SS1
OSP-DB Orphaned lock after legacy cursor
closed during NTS
SI16692
5722SS1
OSP-DB-MSGSQL0203 MSGSQL0203 FOR
COLUMN OF DERIVED TABLE IF
SI17063
5722SS1
OSP-DB-MSGMCH3402 Not handled for
SQL hard close
SI17276
5722SS1
OSP-DB-MSGSQL0514 PREPARED STMT
NOT USED FOR 2ND OPEN
SI17277
5722SS1
OSP-DB-MSGSQL0514 PREPARED STMT
NOT USED FOR 2ND OPEN
SI17314
5722SS1
OSP-DB-MSGSQL0501 switching between
NTS transactions
SI17480
5722SS1
OSP-DB msgCPD0013 f/QCANPARS
t/QDBOPEN per msgCPF32A4
SI17274
5722SS1
OSP-DB-MSGSQL0514 PREPARED STMT
NOT USED FOR 2ND OPEN
SI17551
5722SS1
OSP-DB MSGSQL0804 on Binding of LOB
field
SI18367
5722SS1
JVA-RUN-INCORROUT Update IBM JSSE
for JDK 1.4.2
SI18345
5722SS1
OSP Update JCE jar files
SI18796
5722SS1
JVA-RUN MIFunctions object in use during
restore
SI17684
5722SS1
JVA-INCORROUT Java CLASSPATH
Precedence
Chapter 1 Planning a Deployment
21
SI17308
Extended Base Directory Support
MF34851
5722999
LIC-DB-MSGMCH3203 error X’1202’
w/concurrent xa transactions
MF34853
5722999
LIC-DB-MSGMCH3203 error X’1202’
w/concurrent xa transactions
MF34854
5722999
LIC-DB-MSGMCH3203 error X’1202’
w/concurrent xa transactions
MF34855
5722999
LIC-DB-MSGMCH3203 error X’1202’
w/concurrent xa transactions
MF34856
5722999
LIC-DB-MSGMCH3203 error X’1202’
w/concurrent xa transactions
MF34923
5722999
JVA-RUN-INCORROUT Method returns
wrong value
SI18370
5722AC3
JVA-RUN-INCORROUT Update IBM JSSE
Optional individual PTFs
The following individual PTFs are optional. Install individual PTFs after installing
all group PTFs.
PTF Number
Product
Description
SI21414
5722SS1
NFS Server Performance (clustered
deployments only)
Verifying which individual PTFs are installed
To determine whether the correct individual PTF packages are installed, perform
the following steps:
1. Sign on to your server.
2. Enter the Display PTF Status command on an i5/OS command line.
DSPPTF LICPGM(product)
The Display PTF Status screen is displayed. This screen lists the PTFs that have
been applied to your server.
Related concepts
“i5/OS: Requirements” on page 13
V5R4 software and PTF requirements
This topic lists software and Program Temporary Fix (PTF) requirements for
installing IBM WebSphere Portal for Multiplatforms on IBM i5/OS version V5R4. If
you are installing on i5/OS V5R3, see ″V5R3 software and PTF requirements.″
Required i5/OS V5R4 software products
The following software products are required for IBM WebSphere Portal for
Multiplatforms on i5/OS V5R4:
Program
Option
5722SS1
22
Description
i5/OS V5R4
5722SS1
12
Host Servers
5722SS1
30
QShell Interpreter
Clustered-server Deployment Guide
5722SS1
33
Portable Application Solution
Environment (PASE)
5722SS1
43
OS/400 - Additional Fonts
5722SS1
34
Digital Certificate Manager1
5722SS1
35
CCA Cryptographic Services
Provider
5722DG1
IBM HTTP Server
5722JV1
*BASE
IBM Developer Kit for Java
5722JV1
5
IBM 32-bit SDK, Java 2
Technology Edition, v1.4.2
SR1w
5722JV1
6
Dev Toolkit for Java (Version
1.4)
5722TC1
TCP/IP Utilities
5733WS5
*BASE
WebSphere Application
Server V5.0
5733WS5
1
WAS V5.0 Client
development and runtime
5733WS5
2
WAS V5.0 Application server
runtime
5733WS5
5
WebSphere Application
Server V5.0 Network
Deployment2
5733WS5
10
WAS V5.0 Enterprise
Enablement3
5733WS5
11
WAS V5.0 Enterprise
Enablement, Network
Deployment Edition2, 3
For information on installing WebSphere Application Server V5.0, see ″Installing
WebSphere Application Server on i5/OS V5R4″ in the IBM WebSphere Portal for
Multiplatforms Information Center.
1
2
For information on installing WebSphere Application Server V5.0 Enterprise
Enablement, see ″Installing WebSphere Application Server V5.0 Enterprise
Enablement (i5/OS only)″ in the IBM WebSphere Portal for Multiplatforms
Information Center.
To determine which software is installed on your system, enter DSPSFWRSC on an
i5/OS command line. The Display Software Resources screen shows all installed
software.
Required i5/OS V5R4 PTFs
This section describes the group and individual program temporary fixes (PTFs)
that must be installed on your system prior to IBM WebSphere Portal for
Multiplatforms installation on V5R4. For instructions on ordering PTFs, go to
http://www-912.ibm.com/supporthome.nsf/document/10000069.
Group PTFs
Chapter 1 Planning a Deployment
23
Ensure that the following group PTFs are installed. Apply these PTFs after
installing all required software, and before applying the individual PTFs.
Group Number
Description
Minimum Level
SF99504
DB2 UDB for iSeries
2
SF99317
WebSphere App Server V5.0
(Base Edition)
1
SF99318
WebSphere Application
Server Network Deployment
Version 5.0 for iSeries on
V5R4
1
SF99321
WebSphere Portal
1
Express/Express Plus Service
Pack
SF99282
WebSphere Portal
4
Express/Express Plus Service
Pack1
SF99291
Java
2
SF99114
IBM HTTP Server
1
1
As an alternative to applying PTF SF99282, you may apply iFix LO13316. To
obtain this iFix, contact IBM Software Support. For more information, see
″Contacting IBM Software Support.″
Verifying which group PTFs are installed
To determine if the correct group PTF packages are installed, perform the
following steps:
1. Sign on to your server.
2. Enter the Work with PTF Groups command on an i5/OS command line:
WRKPTFGRP
The Work with PTF Groups status screen lists the PTF group level and what
group PTFs have been applied to your server.
Individual PTFs
After installing all required group PTFs, ensure that the following individual PTFs
are installed:
PTF Number
Product
Description
SI17024
5733WS5
APPSERV WAS Enterprise
Enablement Post 5.0.2.7
SI23479
5722DG1
Verifying which individual PTFs are installed
To determine whether the correct individual PTF packages are installed, perform
the following steps:
1. Sign on to your server.
2. Enter the Display PTF Status command on an i5/OS command line.
DSPPTF LICPGM(product)
24
Clustered-server Deployment Guide
The Display PTF Status screen is displayed. This screen lists the PTFs that have
been applied to your server.
Related concepts
“i5/OS: Requirements” on page 13
Workplace Collaboration Services software components
The following components are part of an IBM Workplace Collaboration Services
environment. The Workplace Collaboration Services installation program installs
some of these components; others you must install separately, using the vendor’s
documentation.
For details on specific versions of support products, see the Requirements topic.
Database Management System
A database management system (DBMS) hosts the database that stores
Workplace Collaboration Services data and manages access to them.
By default, Workplace Collaboration Services uses a local IBM Cloudscape
database to store data. For better performance, you can configure
Workplace Collaboration Services to use DB2 Universal Database
Enterprise Edition, Oracle Enterprise Edition, or Microsoft SQL Server
Enterprise Edition. If you prefer to use one of these DBMS servers instead,
use the Configuration Wizard after installation to transfer Workplace
Collaboration Services data from the Cloudscape database to the preferred
DBMS server.
If the DBMS server is not installed on the Workplace software server, you
must install the appropriate DBMS client software on the Workplace server
to ensure that it can access the databases.
Cloudscape Network Server Edition and DB2 Universal Database
Enterprise Edition are included with Workplace Collaboration Services;
however, you can only use Cloudscape when it is hosted directly on the
Workplace software server.
Deployment Manager
A Network Deployment cell is a clustered environment, in which a group
of servers (known as nodes) are managed by a special IBM WebSphere
Application Server called the Deployment Manager. Unlike the nodes in a
Workplace Collaboration Services installation, the Deployment Manager
does not use IBM WebSphere Portal Server software.
In a clustered environment, you designate one server as the Deployment
Manager, which should be a dedicated system. It hosts the WebSphere
Administrative Console and provides a single point of administrative
control for all elements in the WebSphere Application Server cell.
Web server
A Web server handles client HTTP requests across an intranet or the
Internet. Workplace Collaboration Services uses an internal Web server
built into IBM WebSphere Application Server. However, you may need to,
or want to, install an external Web server and configure it to handle
Workplace Collaborative Learning client requests. For example, an external
Web server is required for IBM Workplace SIP services (used for instant
messaging, awareness, and Web conference activity). It is also required for
the Workplace Managed Client provisioning server. Also, for busy
production environments, setting up an external Web server provides
Chapter 1 Planning a Deployment
25
optimal performance for IBM Workplace Collaborative Learning and other
Workplace Collaborative Learning products.
Workplace Collaboration Services supports many Web servers, including:
Apache Server, IBM HTTP Server, IBM Lotus Domino Enterprise Server,
Microsoft Internet Information Server, and Sun ONE Web Server,
Enterprise Edition.
IBM WebSphere Application Server
WebSphere Application Server is installed automatically with Workplace
Collaboration Services. WebSphere Application Server Enterprise Version
provides the WebSphere Administrative Console, from which you can
configure and administer the WebSphere Application Server and Workplace
Collaboration Services products. WebSphere Application Server also
provides the technology for Workplace Collaboration Services to be
installed as part of a clustered Network Deployment environment.
IBM WebSphere Application Server Edge Components
In a clustered environment, you must install WebSphere Application Server
Edge components to set up load balancing for instant messaging and Web
conferences. The standalone machine you use as the load balancer is called
a Network Dispatcher. You should also use the Network Dispatcher to
load-balance HTTP requests across the network.
IBM WebSphere Portal Server
WebSphere Portal Server is automatically installed with Workplace
Collaboration Services and provides the infrastructure for its products.
The Workplace Collaboration Services installation also includes the
following software as appropriate for your configuration: Lotus
Collaborative component Version 5.0, Odyssey browser framework, IBM
WebSphere Member Manager (WMM) Version 5.0, IBM Cloudscape Version
5.1.60.18, IBM WebSphere Studio Site Developer Version 5.1.1, and
WebSphere Portal content publishing Version 5.0.
IBM Workplace Collaborative Learning Servers
Workplace Collaborative Learning requires three servers: a Learning Server,
a Learning Delivery Server, and a course content server.
A Learning Server contains the functions and capabilities for configuring
and coordinating the other Workplace Collaborative Learning features. It is
installed automatically with the Workplace Collaborative Learning product.
A Learning Delivery Server is a Workplace Collaborative Learning feature
that launches course content, provides course navigation features, tracks
student progress, and sends tracking information to the Learning Server. It
is installed automatically with the Workplace Collaborative Learning
product.
A course content server is any file server (usually a Web server) that
contains content for Workplace Collaborative Learning courses. The
Learning Delivery Server accesses the course content from the course
content server. Before installing Workplace Collaborative Learning, you
must know which protocol (usually FTP) the Learning Delivery Server will
use to access the course content server. You must also configure the course
content server to use the protocol you have chosen. You can populate the
course content server at any time before or after installing Workplace
Collaborative Learning. Depending on your environment, you can
maintain a course content server on its own computer, or install it on a
computer that hosts other features and products.
26
Clustered-server Deployment Guide
IBM Workplace Managed Client
The IBM Workplace Managed Client is a desktop environment that lets
users work with IBM Workplace Messaging and IBM Workplace
Documents. The client installation comprises two procedures: the
administrator installs a provisioning server for use with Workplace
Collaboration Services, and users install the client on their desktops from
the provisioning server.
IBM Workplace Managed Client provisioning server
The provisioning server provides the Workplace Collaboration Services
client applications to the user workstation during client desktop
installation. It also provides updates. Every time a user logs in to the
client, the system checks the provisioning server to determine if there are
updates or new components available. If there are, the user is prompted to
update the Workplace Managed Client.
Customers or business partners who are interested in the Workplace
Managed Client technology should contact their IBM representative for
more details.
User registry
A user registry is the repository for the user credentials that are required
for authentication, such as names and passwords, and for other user
attributes that Workplace Collaboration Services uses. Workplace
Collaboration Services supports two types of user registry: a database-only
user registry (also known as a WebSphere Member Manager database-only
user registry), or a Lightweight Directory Access Protocol (LDAP) directory
with lookaside database. With a database-only user registry, all user
credentials and other user attributes are stored in the DBMS. With an
LDAP directory and lookaside database, authentication credentials and
commonly used attributes such as e-mail addresses are stored in a
directory on an LDAP directory server; other attributes, for example ones
that are unique to Workplace Collaboration Services, are stored in a
lookaside database in the DBMS.
By default, Workplace Collaboration Services uses a database-only user
registry with Cloudscape. However most production environments will
want to switch to using an LDAP directory.
Mail Service
The Mail Service allows browser and Workplace Managed Client access to
mail on a Workplace software server. The Mail Service also supports
Internet Message Access Protocol (IMAP), and Post Office Protocol version
3 (POP3) clients from other mail systems, and includes the following
services:
v Simple Mail Transfer Protocol (SMTP) Inbound
v SMTP Outbound/Local Delivery
v Message Handler
v POP3
v IMAP
The Mail Service works with the message queue, the queue directory, and
the message store to receive, process, and send e-mail. Depending on your
environment, you can install the Mail Service on its own computer, or
install it on a computer with other Workplace Collaboration Services
products.
Chapter 1 Planning a Deployment
27
You must use the Mail Service installed by the Workplace Collaboration
Services installation program, but you can use other SMTP servers within a
deployed infrastructure as routing or relay hubs.
The Mail Service is required if you are installing Workplace Messaging.
The POP3 and IMAP services are not required.
Licensing Workplace Collaboration Services products
You must purchase a license for Workplace Collaboration Services products before
you install them. To purchase product licenses, contact your IBM representative or
point your browser at www.ibm.com.
After installation, click Workplace → Licenses in the WebSphere Administrative
Console to access the Licenses page, which displays the licenses you purchased.
To enable a license for an additional Workplace Collaboration Services product, or
to disable a product’s license, be sure to contact your IBM representative first to
make the appropriate business arrangements, and then use the Licenses page to
enable (License) or disable (Unlicense) the product.
Related concepts
“Installation overview” on page 2
“AIX, Linux, Solaris, and Windows: Requirements” on page 5
“i5/OS: Requirements” on page 13
User registry considerations
A user registry is the repository for the user credentials that are required for
authentication, such as names and passwords, and for other user attributes that
IBM Workplace Collaboration Services uses. Workplace Collaboration Services
supports two types of user registry: a database-only user registry (also known as a
WebSphere Member Manager database-only user registry), or a Lightweight
Directory Access Protocol (LDAP) directory with lookaside database. With a
database-only user registry, all user credentials and other user attributes are stored
in the DBMS. With an LDAP directory and lookaside database, authentication
credentials and commonly used attributes such as e-mail addresses are stored in a
directory on an LDAP directory server; other attributes, for example ones that are
unique to Workplace Collaboration Services, are stored in a lookaside database in
the DBMS.
By default, Workplace Collaboration Services uses a database-only user registry
with IBM Cloudscape. Users register themselves through the sign-up link on the
WebSphere Portal Server page and no additional configuration is required. You can
switch to a database-only configuration that uses a different DBMS. Or you can
switch to using an LDAP directory with lookaside database.
Note: Cloudscape is sufficient for demonstration environments and small
deployments, but is not sufficiently robust to support large-scale
deployments. If you plan to use Workplace Collaboration Services in a
large-scale production environment, you should use a different DBMS,
regardless of your choice of user registry configuration.
LDAP directories
Most environments will want to take advantage of the benefits offered by use of an
LDAP directory. These include the ability to:
28
Clustered-server Deployment Guide
v use a directory that already exists in an enterprise
v use a directory that multiple applications in the enterprise can access
v create and manage user accounts using administration tools provided with the
directory server
v more easily populate user attributes that are not available through
self-registration
v use directory server performance tuning features.
You use the Configuration Wizard after installation of Workplace Collaboration
Services to configure a connection to an LDAP directory server. For a non-clustered
deployment on IBM i5/OS you also have the option of using the Create IBM
Workplace Collaboration Services wizard. An LDAP directory is required if you
use a clustered server deployment of Workplace Collaboration Services.
Workplace Collaboration Services supports the following LDAP directory servers:
v IBM Tivoli Directory Server (version 5.2 provided with Workplace Collaboration
Services)
v IBM Lotus Domino Enterprise Server
v Microsoft Active Directory
v Novell eDirectory
v Sun Java System Directory Server
For information on the versions supported, see the requirements topic appropriate
for your operating system.
Note the following points about use of an LDAP directory:
v It is helpful if someone with advanced knowledge of LDAP concepts and
administration who is familiar with your directory environment is responsible
for connecting to an LDAP directory server.
v Any data users create, including authentication credentials, while the default
database-only user registry is in place are no longer valid after connecting to an
LDAP directory server. Therefore in a production environment, connect to an
LDAP directory server before users begin using Workplace Collaboration
Services products.
v An LDAP directory is required if you install Workplace Collaboration Services in
a clustered server deployment.
v In a production environment, install Workplace Collaboration Services on a
different server from the LDAP directory server for better performance.
v You can use the Configuration Wizard to transfer to a different DBMS as well as
to connect to an LDAP directory server. If you plan to complete both tasks,
connect to the LDAP directory server before transferring to another DBMS.
v Workplace Collaboration Services performance issues may arise when you use
IBM Tivoli Directory Server 5.1 for iSeries and the directory contains more than
10,000 user accounts. For better performance, use a different LDAP directory
server if there are a large number of user accounts in the directory.
Related concepts
“AIX, Linux, Solaris, and Windows: Requirements” on page 5
“i5/OS: Requirements” on page 13
“Phase 4: Connecting to an LDAP directory server” on page 157
Chapter 1 Planning a Deployment
29
Database management system considerations
By default, IBM Workplace Collaboration Services installs with an IBM Cloudscape
database management system (DBMS) set up and ready for use. However,
Cloudscape is subject to the following limitations, which should be taken into
consideration when deciding whether to transfer to another database product:
v If you use the Cloudscape database as your user registry, when the registry
reaches approximately the 800-user level, People Finder and Directory Search
performance degrades. When the registry reaches approximately the 2000-user
level, People Finder and Directory Search stop working.
v Cloudscape supports only a limited number of language locales:
– de_DE
– es
– fr
– it
– ja_JP
– ko_KR
– pt_BR
– zn_CN
– zn_TW
All other locales will default to en_US.
v Cloudscape does not properly support the reporting function in IBM Workplace
Collaborative Learning . Only Progress reports (except for the Curriculum
Progress report) can be generated.
For better performance, you can configure Workplace Collaboration Services to use
one of the following DBMS products:
v IBM DB2 Universal Database Enterprise Edition
v IBM DB2 Universal Database for iSeries™ (i5/OS only)
v Oracle Enterprise Edition
v Microsoft SQL Server Enterprise Edition (Windows only)
You can transfer data to the new DBMS product after the initial installation of
Workplace Collaboration Services, by running the Configuration Wizard to create
and configure a new database before transferring data to it. (See the “AIX, Linux,
Solaris, and Windows: Requirements” on page 5 and “i5/OS: Requirements” on
page 13 topics for a list of supported database products.)
Web server considerations
By default IBM Workplace Collaboration Services uses the internal HTTP transport
on port 9081, which requires no additional setup after installation. The default is
sufficient for demonstration servers, but most business environments need an
external Web server to boost performance. External Web servers are required for a
clustered-server deployment and for any environment that includes an IBM
Workplace Managed Client provisioning server.
Types of HTTP services
External Web servers provide HTTP transport services for the following types of
servers:
v Workplace Collaboration Services products, including Workplace Collaborative
Learning and products that use SIP services.
30
Clustered-server Deployment Guide
v The Workplace Collaborative Learning content server (where courses are stored).
v The IBM Workplace Managed Client provisioning server.
These installation instructions use the term ″Web server″ to refer to any of these
uses. Depending on your deployment, you may be able to use one machine as the
external Web server for all these functions or may want to maintain separate
machines to distribute the server load.
External Web servers in a clustered-server deployment
A clustered-server deployment requires external Web servers. To balance HTTP
requests, create a cluster of Web servers and manage them with a Network
Dispatcher Edge Server. Windows environments require two clusters, one for
HTTP requests and one to route SIP traffic.
Related concepts
“Preparing external Web servers for a clustered environment” on page 79
“Phase 6: Connecting to an external HTTP server” on page 287
“Clustered-server deployment overview” on page 39
Related tasks
“Connecting to external Web servers in a clustered environment” on page 287
“Installing WebSphere Application Server Edge components” on page 78
Administrator names and passwords worksheet
Before you install and configure IBM Workplace Collaboration Services, use this
worksheet to write down the user names and passwords for the administrators
and groups at your site. During the installation phases, you will be prompted to
enter several different user names and passwords, and can use this worksheet as a
reference.
User
Information needed
Description
Name and password
for your site
Before installing
Workplace
Collaboration
Services
Chapter 1 Planning a Deployment
31
User
Information needed
Description
1
IBM AIX, Linux, or
Sun Solaris
administrator’s user
name and password
Create a user with
administrative
privileges who can
install software on
this server. Log in as
this user when you
are ready to install
Workplace
Collaboration
Services.
To launch the
Configuration
Wizard, the installing
user must be logged
into the X session,
and not using telnet,
ssh, or su. To use
console modes, any
type of shell session
is acceptable.
32
2
Microsoft Windows
administrator’s user
name and password
Create a user with
administrative
privileges who can
install software on
this server. Log in as
this user when you
are ready to install
Workplace
Collaboration
Services.
3
IBM i5/OS
administrator’s user
name and password
Create a user with
administrative
privileges who can
install software on
this server. The user
must have at least
*ALLOBJ,
*IOSYSCFG, and
*JOBCTL special
authorities. Log in as
this user when you
are ready to install
Workplace
Collaboration
Services.
Clustered-server Deployment Guide
Name and password
for your site
User
Information needed
Description
4
Workplace
Collaboration
Services
administrator’s user
name and password
Decide on a name
and password for the
Workplace
Collaboration
Services
administrator. If you
will connect
Workplace
Collaboration
Services to an
existing LDAP
directory, this user
name and password
must already exist in
your user directory.
Name and password
for your site
You will be
prompted for this
administrator name
during Workplace
Collaboration
Services installation.
This user is the same
name that you will
specify for User 13,
and must be added
to the WebSphere
Portal Server
administrator’s
group.
Before connecting a
database to
Workplace
Collaboration
Services
Chapter 1 Planning a Deployment
33
User
Information needed
Description
5
Database
administrator’s user
name and password
A user name and
password with
administrator access
to the database
server; typically you
will use the account
created during
database-server
installation.
In IBM DB2
Universal Database,
the standard
database
administrator account
is called db2admin
in Microsoft
Windows and
db2inst1 in IBM AIX,
Linux, and Solaris. In
Oracle Enterprise
Edition it is called
system and in
Microsoft SQL Server
Enterprise Edition it
is called SA. Any
account with
administrative
privileges can be
used.
This user does not
have to be listed in
the LDAP directory.
Attention: The
database
administrator user
name cannot be
changed after
installation. Use an
ID associated with
the role of database
administrator and
not one associated
with a specific user.
34
Clustered-server Deployment Guide
Name and password
for your site
User
Information needed
Description
6
Database client user
name and password
A user name and
password with
authority to
administer remote
databases on the
database server;
normally you will
use the account
created during client
installation (typically
this account receives
the same user name
that is used on the
database server).
Name and password
for your site
This user does not
have to be listed in
the LDAP directory.
7
Workplace
Collaboration
Services application
data source’s user
name and password
DB2® only
If you do not want
Workplace
Collaboration
Services using the
DB2 database
administrator account
to access the data
source, create a
separate DB2 user
account for this
purpose.
This user is not
needed for Oracle
and SQL Server
because
authentication is
handled differently.
8
IBM WebSphere
Portal Server
database user name
and password
The user ID and
password for the
administrator of the
WebSphere Portal
Server database
schema (called
″wps50″ in this
documentation).
For DB2, this user
can be the DB2
administrator or
instance owner. For
Oracle and SQL
Server, create a user
with the name
WPSDBUSR, and
assign a password.
Chapter 1 Planning a Deployment
35
User
Information needed
Description
9
WMM WebSphere
Portal Serverdatabase
user name and
password
The additional user
ID and password for
the administrator of
the WebSphere Portal
Server database
schema.
For DB2, this should
be the same user as
User 8. For Oracle
and SQL Server,
create a user with the
name WMMDBUSR,
and assign a
password.
10
WebSphere Portal
content publishing
database user name
and password
The user ID and
password for the
administrator of the
WebSphere Portal
Server database
schema.
For DB2, this should
be the same user as
User 8.
For Oracle and SQL
Server, create three
users with the
following names, and
assign a password to
each (you may want
to assign the same
password to all of
them):
v EJB
v PZNADMIN
v WCMDBADM
11
WebSphere Portal
Server feedback
database user name
and password
The user ID and
password for the
administrator of the
WebSphere Portal
Server database
schema (fdbk50) .
For DB2, this user
should be the same
as User 8. For Oracle
and SQL Server, the
recommended user
name is FEEDBACK.
Before connecting an
LDAP directory to
Workplace
Collaboration
Services
36
Clustered-server Deployment Guide
Name and password
for your site
User
Information needed
Description
12
IBM WebSphere
Application Server
administrator’s user
name and password
Create a user name
and password to
allow access to
WebSphere
Application Server
with administrator
privileges. If this user
name is not in the
user directory, you
must create an entry
for it and add to the
WebSphere Portal
Server administrators
group. This user is
usually the same as
User 13.
Name and password
for your site
This user requires at
least Read access to
the LDAP directory.
13
WebSphere Portal
Server
administrator’s user
name and password
Create a user name
and password to
allow access to
WebSphere Portal
Server with
administrator
authority. If this user
name is not in the
user directory, you
must create an entry
for it and add it to
the WebSphere Portal
Server administrators
group. This user
name is used for
WebSphere Portal
Server access and is
not related to any
users who have
access to the
operating system
itself.
This user is the same
as User 4 and is
usually the same as
User 12.
This user requires at
least Read access to
the LDAP directory.
Chapter 1 Planning a Deployment
37
User
Information needed
Description
14
WebSphere Portal
Server administrator
group’s user name
This group must
include the name of
the WebSphere Portal
Server administrator
you created for Users
4 and 13, as well as
the WebSphere
Application Server
administrator.
This user requires at
least Read access to
the LDAP directory.
15
LDAP administrator’s Name that
user name and
WebSphere Member
password
Manager uses to
access the LDAP
directory.
This user requires at
least Read access to
the LDAP directory.
16
LDAP Bind ID user
name and password
Name used to bind
to the LDAP
directory in order to
look up Users 13, 14,
and 15.
Before connecting an
HTTP Server to IBM
Workplace
Collaborative
Learning
17
Content Server FTP
user name and
password
If you want to use
the FTP method of
course content
delivery, create a user
name and password
with sufficient rights
to access the FTP
server and upload
content.
Testing Workplace
Collaboration
Services
18
38
Clustered-server Deployment Guide
Workplace
Collaboration
Services user name
and password
This is the short
name of User 13.
To test whether
Workplace
Collaboration
Services has been
installed successfully,
log in as this user.
Name and password
for your site
Pre-installation checklist
Before installing and configuring IBM Workplace Collaboration Services, use this
checklist to ensure that you have completed all necessary preparations.
Complete
Pre-installation tasks
Make sure that you have purchased licenses for any Workplace
Collaboration Services products you plan to install. To purchase
product licenses, contact your IBM representative or point your
browser at www.ibm.com.
Decide how many servers will be used for your deployment. Read
the topic ″Phase 1: Planning a deployment″ for guidelines.
Choose whether you will use the default IBM Cloudscape database
or transfer data to IBM DB2 Universal Database, IBM DB2
Universal Database for iSeries, Oracle Enterprise Edition, or
Microsoft SQL Server Enterprise Edition.
Decide whether you will use an LDAP directory as the user
directory rather than the IBM WebSphere Member Manager
directory that is provided for you.
Determine if your environment needs an external HTTP server.
If you are installing IBM Workplace Collaborative Learning ,
determine where you will store course content and which method
(FTP or local file system) the Learning Delivery Server will use to
access the content.
Verify that you have the necessary hardware and software and
their required versions.
For IBM i5/OS environments, this includes installing IBM
WebSphere Application Server V5.0 Enterprise Enablement.
If you are installing IBM Workplace Messaging, disable any mail
server that is already running in order to avoid port conflicts, as
described in the mail server’s documentation.
Fill out the ″Administrator names and passwords worksheet″ and
have the information available during installation. Verify that the
administrators exist in the user directory and that they are
members of the appropriate administrator groups.
Read the Workplace Collaboration Services Release Notes for the
latest information on installation issues and workarounds. The
release notes are available on the Web at
http://www.ibm.com/developerworks/workplace/documentation.
If you will be configuring Workplace Collaboration Services in an
IBM WebSphere Application Server Network Deployment,
complete preparations for the deployment.
Clustered-server deployment overview
A IBM WebSphere Application Server Network Deployment is the only
configuration suitable for an enterprise deployment of IBM Workplace
Collaboration Services because it is scalable and eliminates single points of failure.
The Network Deployment is comprised of multiple WebSphere Application Server
managed as a single domain, called a cell. Cells are managed by the Deployment
Manager, which usually resides on its own server. In this deployment, you install
Chapter 1 Planning a Deployment
39
the various software components required for Workplace Collaboration Services on
separate servers, and use WebSphere Application Server Network Deployment
technology to group and manage the Workplace software servers. External HTTP
servers direct HTTP requests as needed from clients and act as Workplace
Managed Client provisioning servers and Learning content servers. A Network
Dispatcher Edge Server is required for balancing HTTP requests and SIP services
(used for instant messaging and Web conferences) among the nodes.
The following figure illustrates how software could be distributed in a clustered
environment.
Note: In this deployment, the remote HTTP servers must be in the same Internet
DNS domain as the Workplace software server. In addition, for effective load
balancing, the nodes, the HTTP servers, the Network Dispatcher, and the
Deployment Manager must all be in the same subnet.
Related tasks
“AIX, Linux, and Solaris: Clustered-server deployment overview”
“AIX, Linux, and Solaris: Sequence of operations for a clustered-server
deployment” on page 44
“Windows: Clustered-server deployment overview” on page 48
“Windows: Sequence of operations for a clustered-server deployment” on page
52
“i5/OS: Clustered-server deployment overview” on page 55
“i5/OS: Sequence of operations for a clustered-server deployment” on page 58
AIX, Linux, and Solaris: Clustered-server deployment overview
Use the following table to help you organize your work as you set up IBM
Workplace Collaboration Services in a clustered-server deployment. The order in
which you complete tasks is critical. Complete all items in a row before working
on items in a subsequent row. Tasks on the same row can be done simultaneously
for faster setup. Time estimates are based on an AIX deployment.
40
Clustered-server Deployment Guide
Other servers (such as DBMS, Web, LDAP, and load-balancing servers) also
comprise a clustered-server deployment. For more information, see the ″Sequence
of operations for a clustered-server deployment.″
Task
Baseline
Deployment
Manager
Node 1
Install DM
Install
and necessary operating
fixes
system and
necessary
fixes
Node 2
Node 3
Node 4
Install
operating
system and
necessary
fixes
Install
operating
system and
necessary
fixes
Install
operating
system and
necessary
fixes
Install
DBMS client
(nodes)
Install DBMS
client
Install DBMS
client
Install DBMS
client
Install DBMS
client
Install
external Web
server (local
or remote)
“Preparing
external Web
servers for a
clustered
environment”
on page 79
“Preparing
external Web
servers for a
clustered
environment”
on page 79
“Preparing
external Web
servers for a
clustered
environment”
on page 79
“Preparing
external Web
servers for a
clustered
environment”
on page 79
Install
Workplace
Collaboration
Services
(~ 2 hours)
Install
Workplace
Collaboration
Services
(~ 2 hours)
Install
Workplace
Collaboration
Services
(~ 2 hours)
Install
Workplace
Collaboration
Services
(~ 2 hours)
Install
Workplace
Collaboration
Services
Perform
backup
Perform
backup
Perform
backup
Perform
backup
(~ 1 hour, 40
minutes)
Enable LDAP
security
(connect to a
directory)
(~ 1 hour, 40
minutes)
Enable LDAP
security
(connect to a
directory)
(~ 1 hour, 40
minutes)
Enable LDAP
security
(connect to a
directory)
(~ 1 hour, 40
minutes)
Enable LDAP
security
(connect to a
directory)
(~ 45
minutes)
Connect to
database
(~ 45
minutes)
Connect to
database
(~ 45
minutes)
Connect to
database
Perform
backup
Perform
backup
Enable LDAP
security
(nodes)
Enable LDAP Enable LDAP
security
security if not
(DM)
done during
WebSphere
Application
Server setup
Perform
database
transfer
(Node 1)
(~ 1 hour, 30
minutes)
Perform
database
transfer
Connect to
database
(Nodes 2 and
above)
DO NOT
TOUCH until
specified
since you
could cause
database
corruption
Install
DBMS client
(DM)
Install DBMS
client
Chapter 1 Planning a Deployment
41
Task
42
Deployment
Manager
Product
installation
on DM
Install IBM
Workplace
Collaboration
Services.
(Choose
Deployment
Manager
option. This
also connects
to database.)
At this point
DO NOT
TOUCH
ANY NODE
BUT NODE
1
DO NOT
TOUCH until
specified
since you
could cause
database
corruption
Node 1
Configure
Web Server
Configure
Web server
for plug-in
and verify
product
installation
Test
Test Web
server plug-in
Install
provisioning
server on
Web servers
and
Workplace
servers
Note:
Optional -Only if you
will be
deploying the
IBM
Workplace
Managed
Client for
users
(~ 1 hour)
Install and
configure the
provisioning
server
Complete
Workplace
Collaborative
Learning
setup
Complete
Workplace
Collaborative
Learning
setup (if
installed)
Configure
policies
Configure
policies to
determine
who has
access to
server
Clustered-server Deployment Guide
Node 2
Node 3
Node 4
DO NOT
TOUCH until
specified
since you
could cause
database
corruption
DO NOT
TOUCH until
specified
since you
could cause
database
corruption
DO NOT
TOUCH until
specified
since you
could cause
database
corruption
Task
Deployment
Manager
Node 1
Node 2
Node 3
Node 4
Perform
backup
Perform
backup
Perform
backup
Copy files
from Node 1
Copy files
from Node 1
Copy files
from Node 1
Copy files
from Node 1
Federate
Federate
Node 2
Configure
mail
Determine
domains for
mail routing.
Deploy
themes and
skins for rich
client
Update
WebSphere
Portal Server
EAR file
Test (recommended)
At this point,
you should
be able to log
in and use all
features.
Debug any
problems
before
moving on.
Perform
backup
Perform
backup
Perform
backup
Federate
Node 1
Federate
Create cluster Add Node 1
to the
WebSphere
Portal Server
cluster and
the Mail
Server cluster
Connect node
to external
Web servers
Connect
nodes to
external Web
servers
Test
(optional)
Add to
cluster
Start Node 1
Start Node
Agent
Add Node 2
to WebSphere
Portal Server
cluster and
Mail Server
cluster
Connect node
to external
Web servers
Connect
nodes to
external Web
servers
Test
(optional)
Stop Node 1
and start
Node 2
Stop Node
Agent
Start Node
Agent
Test
(optional)
Start all
nodes
Start Node
Agent
Start Node
Agent
Chapter 1 Planning a Deployment
43
Task
Deployment
Manager
Node 1
Node 2
Add Node 3
to WebSphere
Portal Server
cluster and
Mail Server
cluster
Connect node
to external
Web servers
Connect
nodes to
external Web
servers
Test
(optional)
Stop Nodes 1 Stop Node
and 2; start
Agent
Node 3
Stop Node
Agent
Start Node
Agent
Test
(optional)
Start all
nodes
Start Node
Agent
Start Node
Agent
Start Node
Agent
Federate
Node 4
Federate
Add to
cluster
Node 4
Federate
Node 3
Federate
Add to
cluster
Node 3
Add Node 4
to WebSphere
Portal Server
cluster and
Mail Server
cluster
Connect node
to external
Web servers
Connect
nodes to
external Web
servers
Test
(optional)
Stop Nodes 1, Stop Node
2, and 3; start Agent
Node 4
Stop Node
Agent
Stop Node
Agent
Start Node
Agent
Test
(optional)
Start all
nodes
Start Node
Agent
Start Node
Agent
Start Node
Agent
Start Node
Agent
Finish setting Finish
up
configuring
Deployment the clusters.
Manager
Enable
Search
Enable Search Enable Search Enable Search Enable Search
Enable
notifications
Enable
notifications
Enable
notifications
Enable
notifications
Enable
notifications
Related concepts
“Clustered-server deployment” on page 2
Related tasks
“AIX, Linux, and Solaris: Sequence of operations for a clustered-server
deployment”
AIX, Linux, and Solaris: Sequence of operations for a clustered-server
deployment:
44
Clustered-server Deployment Guide
To set up a cluster of servers on IBM AIX, Linux, or Sun Solaris, you run the IBM
Workplace Collaboration Services installation program on every server that will
host Workplace Collaboration Services, including the Deployment Manager. You
then join each Workplace software server to the cell to create a Workplace
Collaboration Services cluster. The instructions assume that you are setting up the
recommended configuration that connects Workplace Collaboration Services to
separate DBMS, LDAP, and Web servers.
You cannot install Workplace Collaboration Services on a WebSphere Application
Server node that is already part of a Network Deployment. You must instead
install and configure Workplace Collaboration Services on multiple standalone
servers, and then add (or ″federate″) each of these servers to the deployment.
Sequence of operations:
Follow this sequence of steps, rather than following the numbered phases, to
install Workplace Collaboration Services in a clustered environment. The steps
assume the recommended configuration that connects Workplace Collaboration
Services to separate DBMS, LDAP, and Web servers. Pay close attention to the
order in which to complete each task and ensure that you have fulfilled any
prerequisite tasks on another server before continuing.
Note: In a clustered environment, you must install the rich client provisioning
server on Node 1 in the middle of Phase 3 (Installing IBM Workplace
Collaboration Services) as shown in the following procedure. Do not wait
until Phase 9 to perform this step. If you are installing the provisioning
server in a clustered environment, you MUST install on the first node (Node
1) that is going to be federated into the cluster. Provisioning server
installation must be performed prior to federating. The provisioning server
cannot be installed on any other node in the cluster, only on the first node
(Node 1) to be federated.
Note: Nodes must be in the same Internet DNS domain as the external Web
servers.
1. Verify that you have planned your installation (Phase 1).
Refer to the Administrator Names and Passwords worksheet if you filled it
out.
2. On the server that will be the Deployment Manager, create shared directories
for Workplace servers to use (Phase 2).
3. Install the Deployment Manager software (Phase 2).
v AIX
v Linux
v Sun Solaris
4. Install the WebSphere Application Server Edge components (Phase 2).
5. Install the DBMS server (DB2, SQL, or Oracle) (Phase 2).
6. Prepare the environment for a remote Web server (Phase 2) Repeat this step
for every Web server in the cluster.
7. Start setting up Node 1.
Note: Nodes must be in the same Internet DNS domain as the external Web
servers.
a. Install the DBMS client (Phase 2).
b. Prepare to run the installation program (Phase 3).
Chapter 1 Planning a Deployment
45
Install Workplace Collaboration Services (Phase 3).
Enable document conversion services for Web Conferencing.
(AIX, Solaris) Configure the PowerPoint viewer for Web Conferencing.
Configure Node 1 to work with an LDAP directory (Phase 4).
Set up the Workplace Collaboration Services database for DB2, Oracle, or
SQL Server (Phase 5).
h. Transfer data from IBM Cloudscape to a new database by running the
Configuration Wizard (Phase 5).
8. If you installed IBM HTTP Server 6 on the external Web servers, proceed to
the next step. Otherwise, configure other Web servers. (Phase 6)
9. Create a course directory on the Learning content server (Phase 6).
c.
d.
e.
f.
g.
10. (Optional) Install the IBM Workplace Managed Client provisioning server on
Node 1.
Attention: The Workplace Managed Client provisioning server must only be
installed on Node 1; do not install the provisioning server on the second or
subsequent nodes. The installation on Node 1 must take place before you
federate the node or the installation will fail.
Note: When you install the provisioning server that will be used with an
external Web server, select a Custom installation with only these
features selected: WebSphere Portal content, IBM WebSphere
Everyplace Device Manager, and IBM Workplace Collaboration
Services contents.
Instructions for an external Web server apply even if the Web server is a local
external Web server (meaning it has been installed on the same machine as
Workplace Collaboration Services).
11. (Optional) Install the IBM Workplace Managed Client provisioning server on
the Web servers.
Note: When you install the provisioning server on an external Web server,
select a Custom installation with only these features selected: Update
bundles, Installation files, and CD script to create installation disks.
12. If you installed IBM Workplace Collaborative Learning ,finish setting it up on
Node 1.
13. If you installed IBM Lotus Workplace Designer, finish setting it up on Node 1.
14. Continue setting up the Deployment Manager server.
15.
16.
17.
18.
19.
46
a. Install the DBMS client (Phase 2).
b. If LDAP security was already enabled during IBM WebSphere Application
Server setup for this machine, proceed to the next step.
Otherwise, enable LDAP security on the Deployment Manager by copying
values from Node 1 (Phase 3).
c. (SQL Server only) Copy SQL Server files from Node 1.
d. Install Workplace Collaboration Services (Phase 3).
Before federating nodes, update the WebSphere Portal EAR file (Phase 9).
Update the DeploymentService.properties file (Phase 9).
Federate Node 1 to the Network Deployment cell (Phase 9).
Create the WebSphere Portal Server cluster and add Node 1 to the cluster.
Save the cluster information (Phase 9).
Create the Mail Server cluster and add Node 1 to the cluster. Save the cluster
information (Phase 9).
Clustered-server Deployment Guide
20. Connect Node 1 to the external Web servers (Phase 9).
21. On the WebSphere Edge Server (the Network Dispatcher), configure load
balancing for SIP services and HTTP (Phase 9).
22. Finish setting up the Web servers (Phase 9).
a. Update Workplace Managed Client configuration files.
b. Modify the mime.types file to allow Workplace Managed Client .props
files.
c. Regenerate the plug-in and copy it to the Web servers.
23. Finish setting up Node 1 (Phase 9).
a. Enable Search in the cluster.
b. Enable notifications in the cluster.
24. Finish setting up the Deployment Manager after creating the clusters (Phase
9).
Edit URL resources for Workplace Collaborative Learning.
Check Mail cell-wide settings.
Distribute extended messaging files.
Ensure that sessions persist when a node is shut down.
Edit URL resources for the provisioning server.
Create URL resources for the Workplace Managed Client.
Update Workplace Managed Client user interface files on the Deployment
Manager.
25. Set up Node 2.
a. Install the DBMS client (Phase 2).
b. Install Workplace Collaboration Services (Phase 3).
a.
b.
c.
d.
e.
f.
g.
Enable document conversion services for Web Conferencing.
(AIX, Solaris) Configure the PowerPoint viewer for Web Conferencing.
Configure Node 2 to work with an LDAP directory (Phase 4).
Connect Node 2 to the remote database by running the Configuration
Wizard (Phase 5).
g. Copy files and directories from Node 1 to the new node (Phase 9).
c.
d.
e.
f.
h.
i.
j.
k.
l.
Update the DeploymentService.properties file. (Phase 9).
Federate the node to the cell (Phase 9).
Add the node to the WebSphere Portal Server cluster (Phase 9)
Add the node to the Mail Server cluster (Phase 9)
Connect Node 2 to the external Web servers (Phase 9).
m. Enable reporting on IBM AIX, Linux, and Sun Solaris (Phase 7).
n. Enable Search in the cluster (Phase 9).
o. Enable notifications in the cluster (Phase 9).
26. Repeat the previous step for each additional node.
Related concepts
“Clustered-server deployment overview” on page 39
Related tasks
“AIX, Linux, and Solaris: Clustered-server deployment overview” on page 40
Chapter 1 Planning a Deployment
47
Windows: Clustered-server deployment overview
Use the following table to help you organize your work as you set up IBM
Workplace Collaboration Services in a clustered-server deployment. The order in
which you complete tasks is critical. Complete all items in a row before working
on items in a subsequent row. Tasks on the same row can be done simultaneously
for faster setup. Time estimates are based on an AIX deployment.
Other servers (such as DBMS, Web, LDAP, and load-balancing servers) are
required. For more information, see the ″Sequence of operations for a
clustered-server deployment.″
Task
Baseline
Deployment
Manager
Node 1
Install DM
Install
and necessary operating
fixes
system and
necessary
fixes
Node 3
Node 4
Install
operating
system and
necessary
fixes
Install
operating
system and
necessary
fixes
Install
operating
system and
necessary
fixes
Install
DBMS client
(nodes)
Install DBMS
client
Install DBMS
client
Install DBMS
client
Install DBMS
client
Install
external Web
server (local
or remote)
Preparing
Web servers
for a
clustered
environment
“Preparing
external Web
servers for a
clustered
environment”
on page 79
“Preparing
external Web
servers for a
clustered
environment”
on page 79
“Preparing
external Web
servers for a
clustered
environment”
on page 79
Install
Workplace
Collaboration
Services
(~ 2 hours)
Install
Workplace
Collaboration
Services
(~ 2 hours)
Install
Workplace
Collaboration
Services
(~ 2 hours)
Install
Workplace
Collaboration
Services
(~ 2 hours)
Install
Workplace
Collaboration
Services
Perform
backup
Perform
backup
Perform
backup
Perform
backup
(~ 1 hour, 40
minutes)
Enable LDAP
security
(connect to a
directory)
(~ 1 hour, 40
minutes)
Enable LDAP
security
(connect to a
directory)
(~ 1 hour, 40
minutes)
Enable LDAP
security
(connect to a
directory)
(~ 1 hour, 40
minutes)
Enable LDAP
security
(connect to a
directory)
Perform
backup
Perform
backup
Enable LDAP
security
(nodes)
Enable LDAP Enable LDAP
security
security if not
(DM)
done during
WebSphere
Application
Server setup
Perform
database
transfer
(Node 1)
48
Node 2
Clustered-server Deployment Guide
(~ 1 hour, 30
minutes)
Perform
database
transfer
Task
Deployment
Manager
Connect to
database
(Nodes 2 and
above)
Install
DBMS client
(DM)
Install DBMS
client
Product
installation
on DM
Install IBM
Workplace
Collaboration
Services.
(Choose
Deployment
Manager
option. This
also connects
to database.)
At this point
DO NOT
TOUCH
ANY NODE
BUT NODE
1
DO NOT
TOUCH until
specified
since you
could cause
database
corruption
Node 1
Node 2
Node 3
Node 4
DO NOT
TOUCH until
specified
since you
could cause
database
corruption
(~ 45
minutes)
Connect to
database
(~ 45
minutes)
Connect to
database
(~ 45
minutes)
Connect to
database
DO NOT
TOUCH until
specified
since you
could cause
database
corruption
DO NOT
TOUCH until
specified
since you
could cause
database
corruption
DO NOT
TOUCH until
specified
since you
could cause
database
corruption
Configure
Web server
Configure
Web server
for plug-in
and verify
product
installation
Test
Test Web
server plug-in
Install
provisioning
server on
Web servers
and
Workplace
servers
Note:
Optional -Only if you
will be
deploying the
IBM
Workplace
Managed
Client for
users
(~ 1 hour)
Install and
configure the
provisioning
server
Chapter 1 Planning a Deployment
49
Task
Deployment
Manager
Node 1
Node 2
Node 3
Node 4
Perform
backup
Perform
backup
Perform
backup
Copy files
from Node 1
Copy files
from Node 1
Copy files
from Node 1
Copy files
from Node 1
Federate
Federate
Node 2
Complete
Workplace
Collaborative
Learning
setup
Complete
Workplace
Collaborative
Learning
setup (if
installed)
Configure
policies
Configure
policies to
determine
who has
access to
server
Configure
mail
Determine
domains for
mail routing.
Deploy
themes and
skins for rich
client
Update
WebSphere
Portal Server
EAR file
Test (recommended)
At this point,
you should
be able to log
in and use all
features.
Debug any
problems
before
moving on.
Perform
backup
Perform
backup
Perform
backup
Federate
Node 1
Federate
Create cluster Add Node 1
to the
WebSphere
Portal Server
cluster and
the Mail
Server cluster
Connect node
to external
Web servers
Connect
nodes to
external Web
servers
Test
(optional)
50
Clustered-server Deployment Guide
Start Node 1
Start Node
Agent
Task
Add to
cluster
Deployment
Manager
Node 1
Node 2
Node 3
Add Node 2
to WebSphere
Portal Server
cluster and
Mail Server
cluster
Connect node
to external
Web servers
Connect
nodes to
external Web
servers
Test
(optional)
Stop Node 1
and start
Node 2
Stop Node
Agent
Start Node
Agent
Test
(optional)
Start all
nodes
Start Node
Agent
Start Node
Agent
Federate
Node 3
Federate
Add to
cluster
Add Node 3
to WebSphere
Portal Server
cluster and
Mail Server
cluster
Connect node
to external
Web servers
Connect
nodes to
external Web
servers
Test
(optional)
Stop Nodes 1 Stop Node
and 2; start
Agent
Node 3
Stop Node
Agent
Start Node
Agent
Test
(optional)
Start all
nodes
Start Node
Agent
Start Node
Agent
Start Node
Agent
Federate
Node 4
Federate
Add to
cluster
Node 4
Add Node 4
to WebSphere
Portal Server
cluster and
Mail Server
cluster
Connect node
to external
Web servers
Connect
nodes to
external Web
servers
Test
(optional)
Stop Nodes 1, Stop Node
2, and 3; start Agent
Node 4
Stop Node
Agent
Stop Node
Agent
Start Node
Agent
Test
(optional)
Start all
nodes
Start Node
Agent
Start Node
Agent
Start Node
Agent
Start Node
Agent
Chapter 1 Planning a Deployment
51
Task
Deployment
Manager
Node 1
Node 2
Node 3
Node 4
Finish setting Finish
up
configuring
Deployment the clusters.
Manager
Enable
Search
Enable Search Enable Search Enable Search Enable Search
Enable
notifications
Enable
notifications
Enable
notifications
Enable
notifications
Enable
notifications
Related concepts
“Clustered-server deployment” on page 2
Related tasks
“Windows: Sequence of operations for a clustered-server deployment”
Windows: Sequence of operations for a clustered-server deployment:
To set up a cluster of servers on Microsoft Windows, you run the IBM Workplace
Collaboration Services installation program on every server that will host
Workplace Collaboration Services, including the Deployment Manager. You then
join each Workplace software server to the cell to create a Workplace Collaboration
Services cluster. The instructions assume that you are setting up the recommended
configuration that connects Workplace Collaboration Services to separate DBMS,
LDAP, and Web servers.
You cannot install Workplace Collaboration Services on a WebSphere Application
Server node that is already part of a Network Deployment. You must instead
install and configure Workplace Collaboration Services on multiple standalone
servers, and then add (or ″federate″) each of these servers to the deployment.
Sequence of operations:
Follow this sequence of steps, rather than following the numbered phases, to
install Workplace Collaboration Services in a clustered environment. The steps
assume the recommended configuration that connects Workplace Collaboration
Services to separate DBMS, LDAP, and Web servers. Pay close attention to the
order in which to complete each task and ensure that you have fulfilled any
prerequisite tasks on another server before continuing.
Note: In a clustered environment, you must install the rich client provisioning
server on Node 1 in the middle of Phase 3 (Installing IBM Workplace
Collaboration Services) as shown in the following procedure. Do not wait
until Phase 9 to perform this step. If you are installing the provisioning
server in a clustered environment, you MUST install on the first node (Node
1) that is going to be federated into the cluster. Provisioning server
installation must be performed prior to federating. The provisioning server
cannot be installed on any other node in the cluster, only on the first node
(Node 1) to be federated.
Note: Nodes must be in the same Internet DNS domain as the external Web
servers.
1. Verify that you have planned your installation (Phase 1).
52
Clustered-server Deployment Guide
2.
3.
4.
5.
6.
7.
Refer to the Administrator Names and Passwords worksheet if you filled it
out.
On the server that will be the Deployment Manager, create shared directories
for Workplace servers to use (Phase 2).
Install the Deployment Manager software (Phase 2).
Install the WebSphere Application Server Edge components (Phase 2).
Install the DBMS server (DB2, SQL, or Oracle) (Phase 2).
Prepare the environment for a remote Web server (Phase 2) Repeat this step
for every Web server in the cluster.
Start setting up Node 1.
Note: Nodes must be in the same Internet DNS domain as the external Web
servers.
a. Install the DBMS client (Phase 2).
b. Prepare to run the installation program (Phase 3).
c. Install Workplace Collaboration Services (Phase 3).
d. Configure Node 1 to work with an LDAP directory (Phase 4).
e. Set up the Workplace Collaboration Services database for DB2, Oracle, or
SQL Server (Phase 5).
f. Transfer data from IBM Cloudscape to a new database by running the
Configuration Wizard (Phase 5).
8. If you installed IBM HTTP Server 6 on the external Web servers, proceed to
the next step. Otherwise, configure other Web servers. (Phase 6)
9. Create a course directory on the Learning content server (Phase 6).
10. (Optional) Install the IBM Workplace Managed Client provisioning server on
Node 1.
Attention: The Workplace Managed Client provisioning server must only be
installed on Node 1; do not install the provisioning server on the second or
subsequent nodes. The installation on Node 1 must take place before you
federate the node or the installation will fail.
Note: When you install the provisioning server that will be used with an
external Web server, select a Custom installation with only these
features selected: WebSphere Portal content, IBM WebSphere
Everyplace Device Manager, and IBM Workplace Collaboration
Services contents.
11. (Optional) Install the IBM Workplace Managed Client provisioning server on
the Web servers.
Note: When you install the provisioning server on an external Web server,
select a Custom installation with only these features selected: Update
bundles, Installation files, and CD script to create installation disks.
Instructions for an external Web server apply even if the Web server is a local
external Web server (meaning it has been installed on the same machine as
Workplace Collaboration Services).
12. If you installed IBM Workplace Collaborative Learning ,finish setting it up on
Node 1.
13. If you installed IBM Lotus Workplace Designer, finish setting it up on Node 1.
14. Continue setting up the Deployment Manager server.
a. Install the DBMS client (Phase 2).
Chapter 1 Planning a Deployment
53
15.
16.
17.
18.
19.
20.
21.
b. If LDAP security was already enabled during IBM WebSphere Application
Server setup for this machine, proceed to the next step.
Otherwise, enable LDAP security on the Deployment Manager by copying
values from Node 1 (Phase 3).
c. (SQL Server only) Copy SQL Server files from Node 1.
d. Install Workplace Collaboration Services (Phase 3).
Before federating nodes, update the WebSphere Portal EAR file (Phase 9).
Federate Node 1 to the Network Deployment cell. (Phase 9).
Create the WebSphere Portal Server cluster and add Node 1 to the cluster.
Save the cluster information (Phase 9).
Create the Mail Server cluster and add Node 1 to the cluster. Save the cluster
information (Phase 9).
Connect Node 1 to the external Web servers (Phase 9).
On the WebSphere Edge Server (the Network Dispatcher), configure load
balancing for SIP services and HTTP (Phase 9).
Finish setting up the Web servers (Phase 9).
a. Update Workplace Managed Client configuration files.
b. Modify the mime.types file to allow Workplace Managed Client .props
files.
c. Regenerate the plug-in and copy it to the Web servers.
22. Finish setting up Node 1 (Phase 9).
a. Enable Search in the cluster.
b. Enable notifications in the cluster.
23. Finish setting up the Deployment Manager after creating the clusters (Phase
9).
a. Edit URL resources for Workplace Collaborative Learning.
Check Mail cell-wide settings.
Distribute extended messaging files.
Ensure that sessions persist when a node is shut down.
Edit URL resources for the provisioning server.
Create URL resources for the Workplace Managed Client.
Update Workplace Managed Client user interface files on the Deployment
Manager.
24. Set up Node 2.
a. Install the DBMS client (Phase 2).
b.
c.
d.
e.
f.
g.
b. Install Workplace Collaboration Services (Phase 3).
c. Configure Node 2 to work with an LDAP directory (Phase 4).
d. Connect Node 2 to the remote database by running the Configuration
Wizard (Phase 5).
e. Copy files and directories from Node 1 to the new node (Phase 9).
f. Update the DeploymentService.properties file. (Phase 9).
g. Federate the node to the cell (Phase 9).
h. Add the node to the WebSphere Portal Server cluster (Phase 9)
i.
j.
k.
l.
54
Add the node to the Mail Server cluster (Phase 9)
Connect Node 2 to the external Web servers (Phase 9).
Enable reporting on IBM AIX, Linux, and Sun Solaris (Phase 7).
Enable Search in the cluster (Phase 9).
Clustered-server Deployment Guide
m. Enable notifications in the cluster (Phase 9).
25. Repeat the previous step for each additional node.
Related concepts
“Clustered-server deployment overview” on page 39
Related tasks
“Windows: Clustered-server deployment overview” on page 48
i5/OS: Clustered-server deployment overview
Use the following table to help you organize your work as you set up IBM
Workplace Collaboration Services in a clustered-server deployment. The order in
which you complete tasks is critical. Complete all items in a row before working
on items in a subsequent row. Tasks on the same row can be done simultaneously
for faster setup. Time estimates are based on an AIX deployment.
Other servers (such as DBMS, HTTP, LDAP, and load-balancing servers) are
required. For more information, see the ″Sequence of operations for a
clustered-server deployment.″
Task
Deployment
Manager
Node 1
Node 2+
Install WebSphere
Application Server
V5.0 Enterprise
Enablement, Base
Edition
Install WebSphere
Application Server
V5.0 Enterprise
Enablement, Base
Edition
Install external
HTTP server (local
or remote)
“Preparing external
Web servers for a
clustered
environment” on
page 79
“Preparing external
Web servers for a
clustered
environment” on
page 79
Install Workplace
Collaboration
Services
(~ 2 hours) Install
Workplace
Collaboration
Services
(~ 2 hours) Install
Workplace
Collaboration
Services
Perform backup
Perform backup
Enable LDAP
security (nodes)
(~ 1 hour, 40
minutes) Enable
LDAP security
(connect to a
directory)
(~ 1 hour, 40
minutes) Enable
LDAP security
(connect to a
directory)
Perform database
transfer (Node 1)
(~ 1 hour, 30
minutes) Perform
database transfer
Connect to database
(Nodes 2 and above)
DO NOT TOUCH
until specified since
you could cause
database corruption
Baseline
Perform backup
Install WebSphere
Application Server
Network Deployment
for iSeries and WAS
V5.0 Enterprise
Enablement, and
create a new DM
instance
Perform backup
(~ 45 minutes)
Connect to database
Chapter 1 Planning a Deployment
55
Task
Deployment
Manager
Enable LDAP
security (DM)
Enable LDAP
security if not done
during WebSphere
Application Server
setup
Product installation
on DM
Install IBM
Workplace
Collaboration
Services. (Choose
Deployment Manager
option. This also
connects to database.)
Node 1
Node 2+
DO NOT TOUCH
until specified since
you could cause
database corruption
At this point DO
DO NOT TOUCH
NOT TOUCH ANY until specified since
NODE BUT NODE 1 you could cause
database corruption
Configure HTTP
Configure HTTP for
plug-in and verify
product installation
Test
Test HTTP plug-in
Install provisioning
server on HTTP
servers and
Workplace servers
Note: Optional -Only if you will be
deploying the IBM
Workplace Managed
Client for users
(~ 1 hour) Install and
configure the
provisioning server
Complete Workplace
Collaborative
Learning setup
Complete Workplace
Collaborative
Learning setup (if
installed)
Configure policies
Configure policies to
determine who has
access to server
Configure mail
Determine domains
for mail routing.
Deploy themes and
skins for the
Workplace Managed
Client
Update WebSphere
Portal Server EAR
file
Test (recommended)
At this point, you
should be able to log
in and use all
features. Debug any
problems before
moving on.
Perform backup
Federate
56
Clustered-server Deployment Guide
Perform backup
Perform backup
Federate Node 1
Perform backup
Task
Create cluster
Deployment
Manager
Node 2+
Add Node 1 to the
WebSphere Portal
Server cluster and
the Mail Server
cluster
Connect node to
external HTTP
servers
Connect nodes to
external HTTP
servers
Test (optional)
Node 1
Start Node 1
Start Node Agent
Copy files from
Node 1
Copy files from Node
1
Federate
Federate Node 2
Add to cluster
Add Node 2 to
WebSphere Portal
Server cluster and
Mail Server cluster
Connect node to
external HTTP
servers
Connect nodes to
external HTTP
servers
Test (optional)
Stop Node 1 and
start Node 2
Stop Node Agent
Start Node Agent
Test (optional)
Start all nodes
Start Node Agent
Start Node Agent
Federate
Add to cluster
Add Node 3 to
WebSphere Portal
Server cluster and
Mail Server cluster
Test (optional)
Stop Nodes 1 and 2;
start Node 3
Stop Node Agent
Stop Node Agent
Test (optional)
Start all nodes
Start Node Agent
Start Node Agent
Federate
Add to cluster
Add Node 4 to
WebSphere Portal
Server cluster and
Mail Server cluster
Test (optional)
Stop Nodes 1, 2, and
3; start Node 4
Stop Node Agent
Stop Node Agent
Test (optional)
Start all nodes
Start Node Agent
Start Node Agent
Finish setting up
Deployment
Manager
Finish configuring
the clusters.
Enable Search
Enable Search
Enable Search
Enable notifications
Enable notifications
Enable notifications
Related concepts
“Clustered-server deployment” on page 2
Related tasks
“i5/OS: Sequence of operations for a clustered-server deployment” on page 58
Chapter 1 Planning a Deployment
57
i5/OS: Sequence of operations for a clustered-server deployment:
To set up a cluster of servers on IBM i5/OS, you run the IBM Workplace
Collaboration Services installation program on every server that will host
Workplace Collaboration Services, including the Deployment Manager. You then
join each Workplace software server to the cell to create a Workplace Collaboration
Services cluster. The instructions assume that you are setting up the recommended
configuration.
You cannot install Workplace Collaboration Services on a WebSphere Application
Server node that is already part of a Network Deployment. You must instead
install and configure Workplace Collaboration Services on multiple standalone
servers, and then add (or ″federate″) each of these servers to the deployment.
Sequence of operations:
Follow this sequence of steps, rather than following the numbered phases, to
install Workplace Collaboration Services in a clustered environment on i5/OS. The
steps assume the recommended configuration that connects Workplace
Collaboration Services to separate DBMS, LDAP, and Web servers. Pay close
attention to the order in which to complete each task and ensure that you have
fulfilled any prerequisite tasks on another server before continuing.
Note: In a clustered environment, you must install the rich client provisioning
server on Node 1 in the middle of Phase 3 (Installing IBM Workplace
Collaboration Services) as shown in the following procedure. Do not wait
until Phase 9 to perform this step. If you are installing the provisioning
server in a clustered environment, you MUST install on the first node (Node
1) that is going to be federated into the cluster. Provisioning server
installation must be performed prior to federating. The provisioning server
cannot be installed on any other node in the cluster, only on the first node
(Node 1) to be federated.
Note: Nodes must be in the same Internet DNS domain as the external Web
servers.
1. Verify that you have planned your installation (Phase 1).
Refer to the Administrator Names and Passwords worksheet if you filled it
out.
2. On the system that will be the Deployment Manager, create shared directories
for Workplace servers to use (Phase 2).
3. Set up the Deployment Manager (Phase 2).
a. If you are deploying on i5/OS V5R4, follow these instructions to install
WebSphere Application Server.
b. On the Deployment Manager system, install WebSphere Application Server
Network Deployment for iSeries.
c. Install WebSphere Application Server V5.0 Enterprise Enablement,
Network Deployment Edition.
d. Create a new Deployment Manager instance.
4. (Optional) Install the WebSphere Application Server Edge components if using
the IBM Workplace Managed Client (Phase 2).
Note: WebSphere Application Server Edge components are not supported on
i5/OS. You must install WebSphere Application Server Edge
components on a supported operating system.
58
Clustered-server Deployment Guide
5. Prepare the environment for an external Web server (Phase 2). Repeat this step
for every Web server in the cluster.
6. Start setting up Node 1.
Note: Nodes must be in the same Internet DNS domain as the external Web
servers.
a. If you are deploying on i5/OS V5R4, follow these instructions to install
WebSphere Application Server.
b. Install WebSphere Application Server V5.0 Enterprise Enablement, Base
Edition.
c. Prepare to run the installation program (Phase 3).
d. Install Workplace Collaboration Services (Phase 3).
e. Configure an HTML rendering server.
f. Configure Node 1 to work with an LDAP directory (Phase 4).
g. Transfer data from IBM Cloudscape to DB2 for iSeries by running the
Configuration Wizard (Phase 5).
7. If you installed IBM HTTP Server 6 on the external Web servers, proceed to
the next step. Otherwise, configure other Web servers. (Phase 6)
8. Create a course directory on the Learning content server (Phase 6).
9. (Optional) Install the IBM Workplace Managed Client provisioning server on
Node 1.
Attention: The Workplace Managed Client provisioning server must only be
installed on Node 1; do not install the provisioning server on the second or
subsequent nodes. The installation on Node 1 must take place before you
federate the node or the installation will fail.
Note: When you install the provisioning server that will be used with an
external Web server, select a Custom installation with only these
features selected: WebSphere Portal content, IBM WebSphere
Everyplace Device Manager, and IBM Workplace Collaboration
Services contents.
Instructions for an external Web server apply even if the Web server is a local
external Web server (meaning it has been installed on the same machine as
Workplace Collaboration Services).
10. (Optional) Install the IBM Workplace Managed Client provisioning server on
the Web servers.
11.
12.
13.
14.
15.
16.
Note: When you install the provisioning server on an external Web server,
select a Custom installation with only these features selected: Update
bundles, Installation files, and CD script to create installation disks.
If you installed IBM Workplace Collaborative Learning ,finish setting it up on
Node 1.
If you installed IBM Lotus Workplace Designer, finish setting it up on Node 1.
Continue setting up the Deployment Manager.
a. Enable LDAP security on the Deployment Manager (Phase 3).
b. Install Workplace Collaboration Services (Phase 3).
Before federating nodes, update the WebSphere Portal EAR file (Phase 9).
Update the DeploymentService.properties file (Phase 9).
Federate Node 1 to the Network Deployment cell (Phase 9).
Chapter 1 Planning a Deployment
59
17. Create the WebSphere Portal Server cluster and add Node 1 to the cluster.
Save the cluster information (Phase 9).
18. Create the Mail Server cluster and add Node 1 to the cluster. Save the cluster
information (Phase 9).
19. Connect Node 1 to the external Web servers (Phase 9).
20. (Optional) On the WebSphere Edge Server (the Network Dispatcher),
configure load balancing for SIP services and HTTP (Phase 9).
21. Finish setting up the Web servers (Phase 9).
a. Update Workplace Managed Client configuration files.
b. Modify the mime.types file to allow Workplace Managed Client .props
files.
c. Regenerate the plug-in and copy it to the Web servers.
22. Finish setting up Node 1 (Phase 9).
a. Enable Search in the cluster.
b. Enable notifications in the cluster.
23. Finish setting up the Deployment Manager after creating the clusters (Phase
9).
a. Edit URL resources for Workplace Collaborative Learning.
b. Check Mail cell-wide settings.
c.
d.
e.
f.
Distribute extended messaging files.
Ensure that sessions persist when a node is shut down.
Edit URL resources for the provisioning server.
Create URL resources for the Workplace Managed Client.
g. Update Workplace Managed Client user interface files on the Deployment
Manager.
24. Set up Node 2.
a. If you are deploying on i5/OS V5R4, follow these instructions to install
WebSphere Application Server.
b. Install WebSphere Application Server V5.0 Enterprise Enablement, Base
Edition.
c. Prepare to run the installation program (Phase 3).
d. Install Workplace Collaboration Services (Phase 3).
e. Configure an HTML rendering server.
f. Configure Node 2 to work with an LDAP directory (Phase 4).
g. Connect Node 2 to the remote database by running the Configuration
Wizard (Phase 5).
h. Copy files and directories from Node 1 to the new node (Phase 9).
i. Update the DeploymentService.properties file. (Phase 9).
j. Federate the node to the cell (Phase 9).
k. Add the node to the WebSphere Portal Server cluster (Phase 9)
l. Add the node to the Mail Server cluster (Phase 9)
m. Connect Node 2 to the external Web servers (Phase 9).
n. Enable Search in the cluster (Phase 9).
o. Enable notifications in the cluster (Phase 9).
25. Repeat the previous step for each additional node.
Related concepts
“Clustered-server deployment overview” on page 39
60
Clustered-server Deployment Guide
Related tasks
“i5/OS: Clustered-server deployment overview” on page 55
Chapter 1 Planning a Deployment
61
62
Clustered-server Deployment Guide
Chapter 2 Preparing the Environment
This chapter describes how to set up prerequisite software and servers needed for
the IBM Workplace Collaboration Services installation.
Phase 2: Setting up the environment
Follow the steps needed to prepare your environment for installation.
Clustered deployment
v Create shared directories, prepare the Deployment Manager, and install
WebSphere Application Server Edge components for load balancing.
v Install the DBMS server and the DBMS client.
v Install and configure multiple Web servers.
Related tasks
“Phase 3: Installing Workplace Collaboration Services” on page 107
Setting up a clustered environment
Make these preparations before installing IBM Workplace Collaboration Services:
v Read about guidelines and limitations for setting up Workplace Collaboration
Services in a clustered environment.
v Create shared Workplace Collaboration Services directories.
v Install the Deployment Manager.
v Install WebSphere Application Server Edge components.
A clustered environment also uses a Database Management System and external
HTTP servers.
Related concepts
“Phase 2: Setting up the environment”
Guidelines and limitations in a clustered environment
Before installing IBM Workplace Collaboration Services, ensure that you
understand the guidelines and limitations for installing in a clustered environment.
All system clocks on the Deployment Manager, nodes in the cluster, and the DBMS
server must be synchronized, even if they reside in different time zones. The
computers should be set to synchronize their clocks at least once daily, using a
single time source. (This is not necessary for the LDAP server, the Web servers, or
the Network Dispatcher.)
All nodes in the cluster must be running on the same platform. Workplace
Collaboration Services does not run in a mixed-platform environment.
All systems IPs should resolve against a valid static IP address and be registered
with the DHCP servers. This ensures that all IP level addresses and hostnames are
valid. Localhost is NOT a valid hostname for any system in the cluster and should
not be used to reference anything.
© Copyright IBM Corp. 2002, 2006
63
If you are building a Red Hat cluster, remember that the Deployment Manager
does not support Red Hat Enterprise AS 3.0 for Linux (x86). This is a known
limitation. You need to use Red Hat Enterprise AS for Linux (x86) v2.1 on your
Deployment Manager. All other systems in the cluster can be used at the Red Hat
Enterprise AS 3.0 for Linux (x86) level.
When installing in a clustered environment on Windows platform, use a shorter
file path for the Deployment Manager install to maximize the available path
length. When federating a node into a Network Deployment environment with
-includeapps option, or when deploying additional applications, if the paths of the
application files are longer than Windows path limit of 259 characters, such
applications will not be uploaded and an error message will be reported.
When creating a cluster or a cluster member, do not use spaces in the cluster name
or the cluster member name.
Deployment Manager must be configured with the same security settings as
Workplace before adding a secured Workplace node to the cell. Also, the
Workplace users and groups you wish to authorize for portlet deployment must be
added as Console users and groups and have administrative role. This action can
be performed using the Deployment Manager Administration under System
Administration. Note: Ensure that you enable Global Security but not Java2
security. Java2 security is automatically set when you check the Enabled box. Make
sure that the checkbox for Java2 security is unmarked before saving your changes.
The global settings portlet modifies configuration properties of the local Workplace
node. These changes are not reflected on every node in the cluster unless the
affected property is copied to the the appropriate location on each node. To
understand what server is affected by a change made through this portlet, the
node’s name is given in the portlet’s view.
Because of the size of Workplace and the number of enterprise applications it
contains, addNode and removeNode script or batch files should be updated to
increase the maximum heap size for the Java commands used in processing these
commands. These scripts are located in the app_server_root/bin directory. It is
recommended that the maximum heap size be increased to 512MB by adding the
-Xmx512m option to the Java command. Note: Do not put ″ ″ around -Xmx512m.
If you attempt to update a node’s Workplace configuration once it is part of the
cell, many of the configuration may fail. Once a node is added to the cell, you
must remove the node from the cell if you wish to add any additional
customizations to that node. Once your changes have been made, you can add the
node back into the cell. WebSphere Application Server-specific customizations, such
as virtual host and port settings, data source configurations, dynamic caching, and
session persistence settings are made using Deployment Manager administration
and do not rquire you to unfederate the node.
If you add a node to a cell or change a node’s configuration after it has been
federated to deployment manager, synchronize the node’s configuration. In the
administrative console for the deployment manager, select System Administration
> Nodes, select the node from the list, and click Full Resynchronize. This helps
ensure that there is no mismatch between node and cell configuration after the
synchronization is complete.
If you are planning to configure an external security manager to perform
authentication or authorization for Workplace in a cluster environment, install and
64
Clustered-server Deployment Guide
configure the Workplace cluster first. Verify that the Workplace cluster is working
properly before proceeding with the configuration of any external security
managers.
Related concepts
“Phase 2: Setting up the environment” on page 63
Creating shared directories in a clustered environment
To allow IBM Workplace Collaboration Services to function properly, several
directories must be accessible to all nodes in the deployment. To create the shared
directories, follow the instructions for your operating system.
AIX, Linux, and Solaris: Creating shared directories:
Follow these steps to create shared directories on the Deployment Manager or on a
separate file server that all nodes can access.
1. Create the main shared directory.
2. Create the following directories under the main shared directory:
v qfilestore
v lms_courses
v lms_juru
v content (required for IBM Workplace Collaborative Learning if you do not
use the FTP method for course transfer)
v WPCPIndex
3. On every system in the deployment other than the file server system, create the
shared directory and mount it to the file server system.
Next, continue preparing the environment by installing the Deployment Manager
software.
Windows: Creating shared directories:
Follow these steps to create shared directories on the Deployment Manager or on a
separate file server that all nodes can access.
1. Create the main shared directory, for example, q:\NDShares.
2. Create the following directories under the main shared directory:
v qfilestore
v lms_courses
v lms_juru
v content (required for IBM Workplace Collaborative Learning if you do not
use the FTP method for course transfer)
v WPCPIndex
3. Map a drive letter to the shared folder on Node 1 and all subsequent nodes.
Next, continue preparing the environment by installing the Deployment Manager
software.
i5/OS: Creating shared directories:
Follow these steps to create shared directories on the Deployment Manager or on a
separate file server that all nodes can access.
1. Create the main shared directory, for example, q:\NDShares.
Chapter 2 Preparing the Environment
65
2. Create the following directories under the main shared directory:
v qfilestore
v lms_courses
v lms_juru
v content (required for IBM Workplace Collaborative Learning if you do not
use the FTP method for course transfer)
v WPCPIndex
3. Verify that the User ID number of the QEJBSVR user profile is identical on all
nodes. To check the User ID number of the QEJBSVR user profile, enter the
following on an i5/OS command line:
DSPUSRPRF QEJBSVR
4. Change the owner of the shared directory to QEJBSVR by entering the
following on an i5/OS command line:
CHOWN -R QEJBSVR SHARED_DIRECTORY
where SHARED_DIRECTORY is the shared directory, for example, /NDShares.
5. Use the Network File System (NFS) to share the directory.
a. Export the directory to the NFS clients by entering the following command
on an i5/OS command line:
EXPORTFS OPTIONS(’-I’) DIR(’SHARED_DIRECTORY’)
where SHARED_DIRECTORY is the shared directory, for example,
/NDShares.
b. Use the Add Directory Entry (ADDDIRE) command to add the current user
to the system distribution directory. For more information on the ADDDIRE
command, including a complete listing of parameters, see the IBM eServer
iSeries Information Center.
c. Start the NFS server by entering the following on an i5/OS command line:
STRNFSSVR SERVER(*ALL)
6. On every system in the deployment other than the file server system, create the
shared directory and mount it to the file server system.
a. Use the Work with Directory Entries (WRKDIRE) command to enroll the
current user profile, QEJBSVR, and QSYS. For more information on the
WRKDIRE command, including a complete listing of parameters, see the
IBM eServer iSeries Information Center.
b. Mount the shared main directory by entering the following on an i5/OS
command line (enter command on one line):
MOUNT TYPE(*NFS) MFS(’FILE_SERVER_SYSTEM:SHARED_DIRECTORY’)
MNTOVRDIR(’SHARED_DIRECTORY’)
where FILE_SERVER_SYSTEM is the name of the file server system and
SHARED_DIRECTORY is the shared directory (for example, /NDShares).
c. Repeat the previous steps for each system in the deployment (other than the
file server system).
7. For additional security, you may wish to limit access to the file server using the
Change NFS Export (CHGNFSEXP) command. For complete instructions on the
CHGNFSEXP command, see the IBM eServer iSeries Information Center.
Note: For additional information on NFS security, see the book OS/400 Network
File System Support (SC41-5714) .
Next, continue preparing the environment by installing the Deployment Manager
software.
66
Clustered-server Deployment Guide
Related tasks
“Installing the Deployment Manager software”
Related reference
“Learning settings in the dbbuild properties file” on page 434
Installing the Deployment Manager software
This section describes how to install the prerequisite software and fixes for the
Deployment Manager.
Install the Deployment Manager software.
v AIX
v Linux
v Sun Solaris
v Microsoft Windows
v IBM i5/OS
Related tasks
“Setting up a clustered environment” on page 63
AIX: Installing the Deployment Manager software:
This topic describes how to install the Deployment Manager software on IBM AIX
by following these steps:
1. Install the Network Deployment product (base version of the Deployment
Manager).
2. Install the WebSphere Application Server Enterprise product (Enterprise
Application Server).
3. Install upgrades and fixes on the Deployment Manager.
4. Verify installation.
For more information about installing software for a Network Deployment cluster,
see the WebSphere Portal Server Information Center on the Web at
http://publib.boulder.ibm.com/pvc/wp/502/ent/en/InfoCenter/index.html.
Installing the Network Deployment product:
To install the Network Deployment product on the Deployment Manager machine,
perform the following steps.
1. Log in to the server as a user with administrative privileges.
2. Locate CD 1-17 for WebSphere Application Server Network Deployment.
3. Run the installation program.
./cd_root/wasnd/aix/aix/install
cd_root represents the root directory of the CD.
Tip: Make a note of the location you chose for installation. Configuration steps
you take later assume you know the product’s root directory. The default
locations are shown in Directory conventions.
4. When selecting the features for the ″IBM WebSphere Application Server
Network Deployment Version 5,″ select Deployment Manager.
Deselect the Web Services, UDDI, Web Services Gateway, and Embedded
Messaging Client. Do not install these features.
Chapter 2 Preparing the Environment
67
5. When typing the node, host, and cell names, the host name is the name of the
server on which you are installing the Network Deployment Edition. To form
the node and cell names, append the words ″Manager″ and ″Network″
respectively, to the host name. For example:
Node name: acmeManager
Host name: acme
Cell name: acmeNetwork
6. Complete the installation as directed.
Installing the Enterprise product:
To install WebSphere Application Server Enterprise on the Deployment Manager,
perform the following steps.
1. Locate CD 1-5 for WebSphere Application Server Version 5.0 Enterprise.
2. Run the installation program.
./cd_root/was/aix/install
The WebSphere Application Server Enterprise installation program
automatically detects the existing Network Deployment installation and
provides the option to extend it with the Enterprise extensions.
3. Complete the installation as directed.
4. Make a “backup” image of your system at this point so you can revert to it if
needed during the fix packs’ installation.
Installing upgrades and fixes on the Deployment Manager:
Now use the Update Installer wizard to apply the following updates and fixes to
bring the software to the level required for IBM Workplace Collaboration Services
installation. The WebSphere Application Server Update Installer can be
downloaded from the IBM Support site at http://www.ibm.com/software/
webservers/appserv/was/support/. Perform the updates in the sequence listed
below.
1. Update Network Deployment from 5.0 to 5.0.2.
Download the update from the WebSphere Application Server Deployment
Manager Fix Pack CD, under the ndfp2 directory for your platform. Use the
CD for your platform; there is one for AIX and Solaris (CD 1-18) and another
for Linux and Windows (CD 1-19).
2. Update Enterprise from 5.0 to 5.0.2.
Download the update from the WebSphere Application Server Deployment
Manager Fix Pack CD, under the pmefp2 directory for your platform. Use the
CD for your platform: AIX (CD 1-10), Linux (CD 1-8), or Solaris (CD 1-11).
3. Update Network Deployment from 5.0.2 to 5.0.2.6.
Download the update from the WebSphere Application Server Deployment
Manager Fix Pack CD, under the ndcfp6 directory for your platform. Use the
CD for your platform; there is one for AIX and Solaris (CD 1-18) and another
for Linux and Windows (CD 1-19).
4. Update Enterprise from 5.0.2 to 5.0.2.6.
Download the update from WebSphere Application Server PME CF6 CD.
5. Update Network Deployment from 5.0.2.6 to 5.0.2.12.
Download the update from http://www-1.ibm.com/support/
docview.wss?rs=180&uid=swg24010054.
6. Update JDK to SR8.
68
Clustered-server Deployment Guide
Download the update from http://www.ibm.com/support/docview.wss?rs=180
&uid=swg24011652.
7. Install fixes.
Use the Version 5.0.2.12 Update Installer wizard to install these fixes. The fixes
are available on the WebSphere Application Server PME CF6 CD in the fixes
directory.
v PK04318
v
v
v
v
PK04465
PK08259
PK09929
PK10828
v PK15035
v PK15353
v
v
v
v
v
v
PK15437
PK15773
PQ87768
PQ88539_502
PQ90368_502
WLMCUMLATV
Verifying installation:
When you are done, verify that you can open the WebSphere Administrative
Console, then make a “backup” image of your system at this point so you can
revert to it if needed.
Next steps
Set up the LDAP, DBMS, HTTP servers and install Workplace Collaboration
Services on the first node. You will then enable LDAP security on the Deployment
Manager before installing Workplace Collaboration Services on the Deployment
Manager.
Related tasks
“Opening the IBM WebSphere Administrative Console” on page 144
“Setting up a clustered environment” on page 63
Linux: Installing the Deployment Manager software:
This topic describes how to install the Deployment Manager software on Linux by
following these steps:
1. Install the Network Deployment product (base version of the Deployment
Manager).
2. Install the WebSphere Application Server Enterprise product (Enterprise
Application Server).
3. Install upgrades and fixes on the Deployment Manager.
4. Verify installation.
For more information about installing software for a Network Deployment cluster,
see the WebSphere Portal Server Information Center on the Web at
http://publib.boulder.ibm.com/pvc/wp/502/ent/en/InfoCenter/index.html.
Installing the Network Deployment product:
Chapter 2 Preparing the Environment
69
To install the Network Deployment product on the Deployment Manager machine,
perform the following steps.
1. Log in to the server as a user with administrative privileges.
2. Locate CD 1-14 for WebSphere Application Server Network Deployment.
3. Run the installation program.
./cd_root/wasnd/linux/linuxi386/install
cd_root represents the root directory of the CD.
Tip: Make a note of the location you chose for installation. Configuration steps
you take later assume you know the product’s root directory. The default
locations are shown in Directory conventions.
4. When selecting the features for the ″IBM WebSphere Application Server
Network Deployment Version 5,″ select Deployment Manager.
Deselect the Web Services, UDDI, Web Services Gateway, and Embedded
Messaging Client. Do not install these features.
5. When typing the node, host, and cell names, the host name is the name of the
server on which you are installing the Network Deployment Edition. To form
the node and cell names, append the words ″Manager″ and ″Network″
respectively, to the host name. For example:
Node name: acmeManager
Host name: acme
Cell name: acmeNetwork
6. Complete the installation as directed.
Installing the Enterprise product:
To install WebSphere Application Server Enterprise on the Deployment Manager,
perform the following steps.
1. Locate CD 1-3 for WebSphere Application Server Version 5.0 Enterprise.
2. Run the installation program.
./cd_root/was/linux/install
The WebSphere Application Server Enterprise installation program
automatically detects the existing Network Deployment installation and
provides the option to extend it with the Enterprise extensions.
3. Complete the installation as directed.
4. Make a “backup” image of your system at this point so you can revert to it if
needed during the fix packs’ installation.
Installing upgrades and fixes on the Deployment Manager:
Now use the Update Installer wizard to apply the following updates and fixes to
bring the software to the level required for IBM Workplace Collaboration Services
installation. The WebSphere Application Server Update Installer can be
downloaded from the IBM Support site at http://www.ibm.com/software/
webservers/appserv/was/support/. Perform the updates in the sequence listed
below.
1. Update Network Deployment from 5.0 to 5.0.2.
Download the update from the WebSphere Application Server Deployment
Manager Fix Pack CD, under the ndfp2 directory for your platform. Use the
CD for your platform; there is one for AIX and Solaris (CD 1-18) and another
for Linux and Windows (CD 1-19).
2. Update Enterprise from 5.0 to 5.0.2.
70
Clustered-server Deployment Guide
3.
4.
5.
6.
7.
Download the update from the WebSphere Application Server Deployment
Manager Fix Pack CD, under the pmefp2 directory for your platform. Use the
CD for your platform: AIX (CD 1-10), Linux (CD 1-8), or Solaris (CD 1-11).
Update Network Deployment from 5.0.2 to 5.0.2.6.
Download the update from the WebSphere Application Server Deployment
Manager Fix Pack CD, under the ndcfp6 directory for your platform. Use the
CD for your platform; there is one for AIX and Solaris (CD 1-18) and another
for Linux and Windows (CD 1-19).
Update Enterprise from 5.0.2 to 5.0.2.6.
Download the update from WebSphere Application Server PME CF6 CD.
Update Network Deployment from 5.0.2.6 to 5.0.2.12.
Download the update from http://www-1.ibm.com/support/
docview.wss?rs=180&uid=swg24010054.
Update JDK to SR8.
Download the update from http://www.ibm.com/support/docview.wss?rs=180
&uid=swg24011652.
Install fixes.
Use the Version 5.0.2.12 Update Installer wizard to install these fixes. The fixes
are available on the WebSphere Application Server PME CF6 CD in the fixes
directory.
v PK04318
v
v
v
v
PK04465
PK08259
PK09929
PK10828
v
v
v
v
v
v
v
PK15035
PK15353
PK15437
PK15773
PQ87768
PQ88539_502
PQ90368_502
v WLMCUMLATV
Verifying installation:
When you are done, verify that you can open the WebSphere Administrative
Console, then make a “backup” image of your system at this point so you can
revert to it if needed.
Next steps
Set up the LDAP, DBMS, HTTP servers and install Workplace Collaboration
Services on the first node. You will then enable LDAP security on the Deployment
Manager before installing Workplace Collaboration Services on the Deployment
Manager.
Related tasks
“Opening the IBM WebSphere Administrative Console” on page 144
“Setting up a clustered environment” on page 63
Solaris: Installing the Deployment Manager software:
Chapter 2 Preparing the Environment
71
This topic describes how to install the Deployment Manager software on Sun
Solaris by following these steps:
1. Install the Network Deployment product (base version of the Deployment
Manager).
2. Install the WebSphere Application Server Enterprise product (Enterprise
Application Server).
3. Install upgrades and fixes on the Deployment Manager.
4. Verify installation.
For more information about installing software for a Network Deployment cluster,
see the WebSphere Portal Server Information Center on the Web at
http://publib.boulder.ibm.com/pvc/wp/502/ent/en/InfoCenter/index.html.
Installing the Network Deployment product:
To install the Network Deployment product on the Deployment Manager machine,
perform the following steps.
1. Log in to the server as a user with administrative privileges.
2. Locate CD 1-12 for WebSphere Application Server Network Deployment.
3. Run the installation program.
./cd_root/wasnd/sun/sun/install
cd_root represents the root directory of the CD.
Tip: Make a note of the location you chose for installation. Configuration steps
you take later assume you know the product’s root directory. The default
locations are shown in Directory conventions.
4. When selecting the features for the ″IBM WebSphere Application Server
Network Deployment Version 5,″ select Deployment Manager.
Deselect the Web Services, UDDI, Web Services Gateway, and Embedded
Messaging Client. Do not install these features.
5. When typing the node, host, and cell names, the host name is the name of the
server on which you are installing the Network Deployment Edition. To form
the node and cell names, append the words ″Manager″ and ″Network″
respectively, to the host name. For example:
Node name: acmeManager
Host name: acme
Cell name: acmeNetwork
6. Complete the installation as directed.
Installing the Enterprise product:
To install WebSphere Application Server Enterprise on the Deployment Manager,
perform the following steps.
1. Locate CD 1-6 for WebSphere Application Server Version 5.0 Enterprise Edition.
2. Run the installation program.
./cd_root/was/solaris/install
The WebSphere Application Server Enterprise installation program
automatically detects the existing Network Deployment installation and
provides the option to extend it with the Enterprise extensions.
3. Complete the installation as directed.
4. Make a “backup” image of your system at this point so you can revert to it if
needed during the fix packs’ installation.
72
Clustered-server Deployment Guide
Installing upgrades and fixes on the Deployment Manager:
Now use the Update Installer wizard to apply the following updates and fixes to
bring the software to the level required for IBM Workplace Collaboration Services
installation. The WebSphere Application Server Update Installer can be
downloaded from the IBM Support site at http://www.ibm.com/software/
webservers/appserv/was/support/. Perform the updates in the sequence listed
below.
1. Update Network Deployment from 5.0 to 5.0.2.
Download the update from the WebSphere Application Server Deployment
Manager Fix Pack CD, under the ndfp2 directory for your platform. Use the
CD for your platform; there is one for AIX and Solaris (CD 1-18) and another
for Linux and Windows (CD 1-19).
2. Update Enterprise from 5.0 to 5.0.2.
Download the update from the WebSphere Application Server Deployment
Manager Fix Pack CD, under the pmefp2 directory for your platform. Use the
CD for your platform: AIX (CD 1-10), Linux (CD 1-8), or Solaris (CD 1-11).
3. Update Network Deployment from 5.0.2 to 5.0.2.6.
Download the update from the WebSphere Application Server Deployment
Manager Fix Pack CD, under the ndcfp6 directory for your platform. Use the
CD for your platform; there is one for AIX and Solaris (CD 1-18) and another
for Linux and Windows (CD 1-19).
4. Update Enterprise from 5.0.2 to 5.0.2.6.
Download the update from WebSphere Application Server PME CF6 CD.
5. Update Network Deployment from 5.0.2.6 to 5.0.2.12.
Download the update from http://www-1.ibm.com/support/
docview.wss?rs=180&uid=swg24010054.
6. Update JDK to SR8.
Download the update from http://www.ibm.com/support/docview.wss?rs=180
&uid=swg24011652.
7. Install fixes.
Use the Version 5.0.2.12 Update Installer wizard to install these fixes. The fixes
are available on the WebSphere Application Server PME CF6 CD in the fixes
directory.
v
v
v
v
v
v
v
v
v
v
v
PK04318
PK04465
PK08259
PK09929
PK10828
PK15035
PK15353
PK15437
PK15773
PQ87768
PQ88539_502
v PQ90368_502
v WLMCUMLATV
Verifying installation:
Chapter 2 Preparing the Environment
73
When you are done, verify that you can open the WebSphere Administrative
Console, then make a “backup” image of your system at this point so you can
revert to it if needed.
Next steps
Set up the LDAP, DBMS, HTTP servers and install Workplace Collaboration
Services on the first node. You will then enable LDAP security on the Deployment
Manager before installing Workplace Collaboration Services on the Deployment
Manager.
Related tasks
“Opening the IBM WebSphere Administrative Console” on page 144
“Setting up a clustered environment” on page 63
Windows: Installing the Deployment Manager software:
This topic describes how to install the Deployment Manager software on Microsoft
Windows by following these steps:
1. Install the Network Deployment product (base version of the Deployment
Manager).
2. Install the WebSphere Application Server Enterprise product (Enterprise
Application Server).
3. Install upgrades and fixes on the Deployment Manager.
4. Verify installation.
For more information about installing software for a Network Deployment cluster,
see the WebSphere Portal Server Information Center on the Web at
http://publib.boulder.ibm.com/pvc/wp/502/ent/en/InfoCenter/index.html.
Installing the Network Deployment product:
To install the Network Deployment product on the Deployment Manager machine,
perform the following steps.
1. Log in to the server as a user with administrative privileges.
2. Locate the CD for WebSphere Application Server Network Deployment.
Windows 2000
CD 1-13
Windows 2003
CD 1-15
3. Run the installation program.
Windows 2000
cd_root\wasnd\win\nt\install.exe
Windows 2003
cd_root\wasnd\win2003\windows2003\install.exe
cd_root represents the root directory of the CD.
Tip: Make a note of the location you chose for installation. Configuration steps
you take later assume you know the product’s root directory. The default
locations are shown in Directory conventions.
4. When selecting the features for the ″IBM WebSphere Application Server
Network Deployment Version 5,″ select Deployment Manager.
74
Clustered-server Deployment Guide
Deselect the Web Services, UDDI, Web Services Gateway, and Embedded
Messaging Client. Do not install these features.
5. When typing the node, host, and cell names, the host name is the name of the
server on which you are installing the Network Deployment Edition. To form
the node and cell names, append the words ″Manager″ and ″Network″
respectively, to the host name. For example:
Node name: acmeManager
Host name: acme
Cell name: acmeNetwork
6. Complete the installation as directed.
Installing the Enterprise product:
To install WebSphere Application Server Enterprise on the Deployment Manager,
perform the following steps.
1. Locate the CD for WebSphere Application Server Enterprise.
Windows 2000
CD 1-1 (Version 5.0)
Windows 2003
CD 1-2 (Version 5.0.2)
2. Run the installation program.
Windows 2000
cd_root\was\win\install.exeWindows
cd_root\was\win2003\windows2003\install.exe
The WebSphere Application Server Enterprise installation program
automatically detects the existing Network Deployment installation and
provides the option to extend it with the Enterprise extensions.
3. Complete the installation as directed.
4. Make a “backup” image of your system at this point so you can revert to it if
needed during the fix packs’ installation.
Installing upgrades and fixes on the Deployment Manager:
Now use the Update Installer wizard to apply the following updates and fixes to
bring the software to the level required for IBM Workplace Collaboration Services
installation. The WebSphere Application Server Update Installer can be
downloaded from the IBM Support site at http://www.ibm.com/software/
webservers/appserv/was/support/. Perform the updates in the sequence listed
below.
1. (Windows 2000 only) Update Network Deployment from 5.0 to 5.0.2.
Download the update from the WebSphere Application Server Deployment
Manager Fix Pack CD, under the ndfp2 directory for your platform. Use the
CD for Linux and Windows (CD 1-19). Do not perform this step on Windows
2003; the version installed previously is 5.0.2; installation will fail if you
attempt to update the installation.
2. (Windows 2000 only) Update Enterprise from 5.0 to 5.0.2.
Download the update from the WebSphere Application Server Deployment
Manager Fix Pack CD, under the pmefp2 directory for your platform. Use the
CD for Windows 2000 (CD 1-7). Do not perform this step on Windows 2003;
the version installed previously is 5.0.2; installation will fail if you attempt to
update the installation.
3. Update Network Deployment from 5.0.2 to 5.0.2.6.
Chapter 2 Preparing the Environment
75
4.
5.
6.
7.
Download the update from the WebSphere Application Server Deployment
Manager Fix Pack CD, under the ndcfp6 directory for your platform. Use the
CD for Linux and Windows (CD 1-19).
Update Enterprise from 5.0.2 to 5.0.2.6.
Download the update from WebSphere Application Server PME CF6 CD.
Update Network Deployment from 5.0.2.6 to 5.0.2.12.
Download the update from http://www-1.ibm.com/support/
docview.wss?rs=180&uid=swg24010054.
Update JDK to SR8.
Download the update from http://www-1.ibm.com/support/
docview.wss?rs=180&uid=swg24011652.
Install fixes.
Use the Version 5.0.2.12 Update Installer wizard to install these fixes. The fixes
are available on the WebSphere Application Server PME CF6 CD in the fixes
directory.
v PK04318
v PK04465
v PK08259
v PK09929
v PK10828
v PK15035
v PK15353
v PK15437
v
v
v
v
PK15773
PQ87768
PQ88539_502
PQ90368_502
v WLMCUMLATV
Verifying installation:
When you are done, verify that you can open the WebSphere Administrative
Console, then make a “backup” image of your system at this point so you can
revert to it if needed.
Next steps
Set up the LDAP, DBMS, HTTP servers and install Workplace Collaboration
Services on the first node. You will then enable LDAP security on the Deployment
Manager before installing Workplace Collaboration Services on the Deployment
Manager.
Related tasks
“Opening the IBM WebSphere Administrative Console” on page 144
“Setting up a clustered environment” on page 63
i5/OS: Installing the Deployment Manager software:
Follow these instructions to install WebSphere Application Server Network
Deployment for iSeries on your Deployment Manager server. Before starting this
procedure, you should have installed all prerequisite software on the system,
including WebSphere Application Server.
76
Clustered-server Deployment Guide
The instructions describe how to install the software using a graphical interface on
a workstation connected to your server. For more information on installing
WebSphere Application Server Network Deployment for iSeries, including
instructions on local and silent mode installation, see the WebSphere Application
Server for iSeries Information Center at
http://publib.boulder.ibm.com/was400/50/ic2924/index.htm
To install WebSphere Application Server Network Deployment for iSeries, follow
these steps.
1. Verify that the host server jobs have been started on your server by entering
the following on an i5/OS command line:
STRHOSTSVR SERVER(*ALL)
2. If TCP/IP is not started or if you don’t know if TCP/IP is started, enter the
following on an i5/OS command line to start it:
STRTCP
3. Place the WebSphere Application Server Network Deployment, V5.0 for
iSeries CD-ROM in the CD-ROM drive on the workstation. The installation
program should automatically start.
4. At the first panel, read the information and click Next.
5. A small box will be displayed prompting you to sign on to your server. Sign
on to the server with a valid User ID and Password. Click OK.
6. On the next panel, select (Option 5) Network Deployment and click Next.
7. On the next panel, select the options to install for WebSphere MQ classes for
Java and JMS V5.3. Click OK.
8. Review your installation options. If they are incorrect, click Back to correct
them. If they are correct, click Next to begin installation of Network
Deployment.
9. When the installation program is complete, a summary panel is displayed.
Click Finish to close the program
10. For security purposes, if the host servers were not running when you started
installation, you should return your server to its original state with the End
Host Server (ENDHOSTSVR) command.
Applying the Network Deployment Group PTF:
After you have installed Network Deployment, you must apply the Network
Deployment group PTF:
V5R3:
Group Number
Description
Minimum
Level
SF99288
WebSphere Application Server Network
Deployment Version 5.0 for iSeries on V5R3
4
Group Number
Description
Minimum
Level
SF99318
WebSphere Application Server Network
Deployment Version 5.0 for iSeries on V5R4
1
V5R4:
Chapter 2 Preparing the Environment
77
See the following Web page on the IBM eServer iSeries Support site for instructions
on ordering PTFs:
http://www-912.ibm.com/supporthome.nsf/document/10000069
Installing WebSphere Application Server Edge components
In a clustered environment, you must install WebSphere Application Server Edge
Server components to set up load balancing for various HTTP requests. The
standalone machine you use as the load balancer is called the Network Dispatcher.
If you have more than one Web server, the Network Dispatcher load-balances and
routes requests to the multiple Web servers across the network. If you will be
deploying the IBM Workplace Managed Client to use SIP and IIOP protocols, the
Network Dispatcher routes requests to the various nodes. Failure to install the
WebSphere Application Server Edge Server components can result in poor
performance or unexpected results, especially when using the Workplace Managed
Client in a clustered environment.
Prerequisites:
Keep the following prerequisites in mind:
v Network nodes must be on the same subnet as the Network Dispatcher.
v To load balance HTTP requests, the Web server must also be on the same subnet.
v (Required) Install the same operating system version and patches on all nodes in
the cluster.
v For Windows deployments, you must have two separate dispatcher clusters, one
to route HTTP requests and the other to route SIP traffic.
v The nodes that are being balanced must be configured with a loopback adapter.
See the next section for information that is pertinent to your operating system.
For more information about setting up reverse proxies, see the Caching Proxy
Administration Guide at:
http://www-306.ibm.com/software/webservers/appserv/doc/
v50/ec/infocenter/edge/admingd.htm.
About configuring with a loopback adapter:
Keep the following in mind when configuring the prerequisite loopback adapter.
Refer to the Edge Server documentation at http://www-306.ibm.com/software/
webservers/appserv/ecinfocenter.html for additional information.
Configuring on AIX, Linux, and Solaris
v After configuring the loopback adapters, delete the extra routes on the back-end
server as described in the Edge Server documentation.
Configuring on Windows
v On Windows 2003, when aliasing the loopback adapter, use the actual
subnetmask for the subnet you are on.
v On Windows 2000, when aliasing the loopback adapter, use the 255.0.0.0
subnetmask. After configuring the loopback adapters, delete the extra routes on
the back-end server as described in the Edge Server documentation. You do not
need to delete the extra routes on Windows 2003 servers.
78
Clustered-server Deployment Guide
Configuring on i5/OS
The Edge Server documentation does not include instructions on how to set up the
loopback alias on IBM i5/OS. To set up the loopback alias on i5/OS, use the Add
TCP/IP Interface (ADDTCPIFC) and Start TCP/IP Interface (STRTCPIFC)
commands on an i5/OS command line:
ADDTCPIFC INTNETADR(’network_dispatcher_ip_address’) LIND(*VIRTUALIP)
SUBNETMASK(’255.255.255.255’)
STRTCPIFC INTNETADR(’network_dispatcher_ip_address’)
Installing Edge Components 5.0:
Workplace Collaboration Services comes with Edge Server components. See the
Edge Server components Information Center at http://www.ibm.com/software/
webservers/appserv/ecinfocenter.html. Refer to the Load Balancer Administration
Guide for detailed installation instructions.
IBM AIX
Linux
Sun Solaris
Microsoft Windows
CD 1-22 (C547LML)
CD 1-21 (C547KML)
CD 1-23 (C547QML)
CD 1-21 (C547KML)
Applying a fix pack to the base 5.0 installation:
The base 5.0 installation needs to be upgraded to version 5.0.2, which can be found
on the CDs listed below.
IBM AIX
Linux
Sun Solaris
Microsoft Windows
CD 1-26 (C54LUML)
CD 1-25 (C54LTML)
CD 1-27 (C54LVML)
CD 1-25 (C54LTML)
Updates are also available from the IBM Support site at http://www.ibm.com/
software/webservers/appserv/was/support/. In the Download section, click
Recommended Updates.
Windows 2003: Applying an additional fix to the Edge server:
For Windows 2003 installations only, install the following fix from the WebSphere
Application Server PME CF6 CD. Look for the following file in the
EdgeComponents directory:
eLBW2K-5.0.2.46.exe
Related tasks
“Guidelines and limitations in a clustered environment” on page 63
“Setting up a clustered environment” on page 63
“Configuring the Network Dispatcher” on page 438
Preparing external Web servers for a clustered environment
An external Web server is one that uses a port other than the default port 9081.
One or more external Web servers are required for a clustered environment.
External Web servers are also required for use with a IBM Workplace Managed
Client provisioning server. Use WebSphere Application Server Edge components on
another server to set up load balancing for instant messaging and Web conferences.
In a clustered environment, install Web servers before installing Workplace
Collaboration Services.
Chapter 2 Preparing the Environment
79
1. Install the Web server.
Follow the instructions below to install IBM HTTP Server 6, which comes with
Workplace Collaboration Services. Other supported Web servers are listed in
the Requirements topic. Install other servers according to the vendor’s
documentation.
a. Installing IBM HTTP Server 6 on AIX, Linux, or Solaris
b. Installing IBM HTTP Server 6 on Windows
c. Installing IBM HTTP Server for iSeries
2. To test the installation, start the Web server.
3. Create aliases for the shared directories.
4. If you installed IBM HTTP Server 6, apply fixes to the plug-in.
Otherwise, do one of the following:
v AIX, Linux, Solaris, and Windows
Install the WebSphere Application Server plug-in for your Web server.
v i5/OS
Install the *BASE version of WebSphere Application Server.
5. Repeat these steps for each Web server you plan to use.
Related concepts
“AIX, Linux, Solaris, and Windows: Requirements” on page 5
“i5/OS: Requirements” on page 13
“Web server considerations” on page 30
“Phase 2: Setting up the environment” on page 63
Related tasks
“Installing WebSphere Application Server Edge components” on page 78
“Connecting to external Web servers in a clustered environment” on page 287
AIX, Linux, and Solaris: Installing IBM HTTP Server 6
Follow these instructions to install IBM HTTP Server 6 on IBM AIX, Linux, Sun
Solaris. The version of IBM HTTP Server 6 that comes with IBM Workplace
Collaboration Services installs with the WebSphere Application Server plug-in files
needed to connect an external Web server with the Workplace software server.
For information on other supported Web servers, see the Requirements topic. For
installation instructions, refer to the vendor’s Web server documentation.
Installing IBM HTTP Server 6.0:
Follow these instructions to install IBM HTTP Server 6.0.
1. If you are setting up a remote Web server, ensure that the machines that will
host Workplace Collaboration Services or the provisioning server and the Web
server are in the same Internet DNS domain.
2. Download IBM HTTP Server from one of the CDs provided with Workplace
Collaboration Services:
WAS V6.0 IHS Plugins Clients
WAS V6.0 IHS Plugins Clients
WAS V6.0 IHS Plugins Clients
3. Download the appropriate file
/opt1/downloads/IHS60.
AIX
80
Clustered-server Deployment Guide
(AIX)
(Linux)
(Solaris)
to a temporary directory, for example,
C5883ML.tar.gz
Linux
C588FML.tar.gz
Solaris
C5887ML.tar.gz
4. From the temporary directory you used in the previous step, run the
following command to extract the .tar file:
gunzip file_name.tar.gz
where file_name is the file prefix you downloaded in the previous step; for
example C588FML.
5. Run the following command to extract the contents of the .tar file:
tar -xf file_name.tar
where file_name is the file prefix you downloaded in the previous step; for
example C588FML.
6. Open a command prompt window and from the /opt1/downloads/IHS60/
IHS directory, enter the following command:
./install.sh
7. At the Welcome panel, click Next.
8. Select the language in which to run the installation and click Next.
9. Accept the license agreement and click Next.
10. Select the installation directory; for example, /IBMHttpServer60. Then click
Next.
11.
12.
13.
14.
15.
16.
17.
Tip: Make a note of the location you chose for installation. Configuration
steps you take later assume you know the product’s root directory. The
default locations are shown in Directory conventions.
At the next panel, select Typical and click Next.
At the Summary panel, click Next.
At the Installation Complete panel, click Next.
At the next panel, select the checkbox to launch into the WAS Plug-in Installer
and click Finish
To view the documentation, select the appropriate checkboxes; otherwise,
deselect them and click Next.
At the License Agreement panel, accept the license agreement and click Next.
At the next panel, verify that your system meets the prerequisites. If it does,
click Next.
18. Select IBM HTTP Server V6 as the Web server vendor and click Next.
19. At the panel where you select whether or not this will be a local or remote
install, select Remote (even if Workplace Collaboration Services is on the same
machine) and click Next.
20. At the next panel, select the location for plug-in files, for example,
/IBMHttpserver60/Plugins. Click Next.
21. At the next panel, enter the location of the IHS60 httpd.conf file, for example,
/IBMHttpserver60/conf/httpd.conf. Leave the Web Server port unchanged
(should default to 80) and click Next.
22. Specify a unique Web server definition name, for example, the non-fully
qualified name of the Workplace software server, workplace. Click Next.
23. Enter the path to your plugin-cfg.xml file; for example, app_server_root/config/
cells/plugin-cfg.xml. Click Next.
Chapter 2 Preparing the Environment
81
24. Enter the host name or IP address of your Workplace software server (for
example, workplace.acme.com). Click Next.
25. At the Summary panel, review your installation settings for accuracy, and
click Next.
26. At the second Summary panel, review your installation settings for accuracy,
and click Next.
27. At the panel that states some manual configuration steps are required, click
Next.
28. At the Installation Complete panel, click Finish.
29. You will also have a window left open by the IBM HTTP Server installer, click
Next, then Finish.
Updating to IBM HTTP Server 6.0.2:
Follow these instructions to updateIBM HTTP Server 6.0 to Release 6.0.2. Updates
for IBM HTTP Server can be found in the Recommended Updates section of the
IBM HTTP Server Support site at http://www-306.ibm.com/software/webservers/
httpservers/support/.
The WebSphere Application Server 5.0 Update Installer can be downloaded from
the IBM Support site at http://www.ibm.com/software/webservers/appserv/
was/support/.
1. Download the appropriate file to a temporary directory, for example,
/opt1/downloads/IHS602.
AIX
ihs.6020.aix.ppc32.tar
Linux
ihs.6020.linux.ia32.tar
Solaris
ihs.6020.solaris.sparc.tar
2. Run the following command to extract the contents of the .tar file:
tar -xf file_name.tar
where file_name is the file prefix you downloaded in the previous step; for
example ihs.6020.linux.ia32.
3. Open a command prompt window and from the /opt1/downloads/IHS602/
IHS directory, enter the following command:
./install.sh
4. At the Welcome panel, click Next.
5. At the License Agreement panel, accept the license agreement and click Next.
6. Select the installation directory where 6.0 is installed; for example,
/IBMHttpServer60. Then click Next.
7. At the panel that tells you there is an instance of HTTP server installed, click
Next.
8. At the next panel, select Typical and click Next.
9. At the Summary panel, verify the installation settings, then click Next.
10. When you are prompted about overwriting the JVM that came with IBM
HTTP server 6.0, click Yes.
11. At the Installation Complete panel, click Finish.
12. You will also have a window left open by the IBM HTTP Server installer, click
Next, then Finish.
82
Clustered-server Deployment Guide
Updating to IBM HTTP Server 6.0.2.1:
Follow these instructions to update IBM HTTP Server 6.0.2 to Release 6.0.2.1. IHS
6.0.2 Fix Pack 1 can be found by searching for ″6.0.2.1″ on the IBM HTTP Server
Support site or at http://www-1.ibm.com/support/docview.wss?rs=180
&uid=swg24010304.
1. Download the appropriate fix for your operating system to a temporary
directory, for example, /opt1/downloads/IHS6021.
2. Run the following command to extract the contents of the .tar file:
tar -xf file_name.tar
where file_name is the file prefix you downloaded in the previous step; for
example 6.0.2-WS-WASIHS-LinuxX32-FP0000001.tar.
3. Using the -R flag, copy the updateinstaller directory and its subdirectories
from the 6021 install directory to http_root (for example, /IBMHttpServer60).
4. Open a command prompt window and from the /IBMHttpServer60/
updateinstaller directory, enter the following command:
./update.sh
5. At the Welcome panel, click Next.
6. Select the installation directory where 6.0 is installed; for example,
/IBMHttpServer60. Then click Next.
7. Select Install maintenance package, then click Next.
8.
Verify the file path to the 6021 fix pack (for example, /IBMHttpServer60/
updateinstaller/maintenance/6.0.2-WS-WASIHS-LinuxX32-FP0000001.pak,
then click Next.
9. At the Summary panel, review your installation settings for accuracy, and
click Next.
10. At the Installation Complete panel, click Finish.
Verifying the installation:
After installation is complete, follow these steps to ensure that the Web server
starts.
1. Open the httpd.conf file and verify that the locations are correct for the plugins
directory (for example, /IBMHttpserver60/Plugins) and the plugin-cfg.xml file
(for example, app_server_root/config/cells/plugin-cfg.xml).
2. Start the Web server.
Related concepts
“Preparing external Web servers for a clustered environment” on page 79
Related tasks
“Starting and stopping IBM Workplace Collaboration Services servers” on page
145
“Starting and stopping the IBM HTTP server” on page 92
Windows: Installing IBM HTTP Server 6
Follow these instructions to install IBM HTTP Server on Microsoft Windows. The
version of IBM HTTP Server 6 that comes with IBM Workplace Collaboration
Services installs with the WebSphere Application Server plug-in files needed to
connect an external HTTP server with the Workplace software server.
For instructions on installing other supported Web servers, refer to the vendor’s
Web server documentation for more information.
Chapter 2 Preparing the Environment
83
Installing IBM HTTP Server 6.0:
Follow these instructions to install IBM HTTP Server 6.0.
1. If you are setting up a remote Web server, ensure that the machines that will
host IBM Workplace Collaboration Services or the provisioning server and the
Web server are in the same Internet DNS domain.
2. Download IBM HTTP Server from the CD provided with Workplace
Collaboration Services:
WAS V6.0 IHS Plugins Data Direct JDBC Clients (XP/2000) (2000/2003)
3. Download the appropriate file to a temporary directory, for example,
c:\downloads.
C587VML.zip
4. Extract the files from the zip file to another temporary directory, for example,
c:\IHS60_Install.
5. Choose Start → Run. Specify the installation program location, for example:
c:\IHS60_Install\IHS\Install.exe
Then click OK.
6. At the Welcome panel, click Next.
7. Accept the license agreement and click Next.
8. Select the installation directory; for example, “c:\IBMHttpServer60.” Then
click Next.
Tip: Make a note of the location you chose for installation. Configuration
steps you take later assume you know the product’s root directory. The
default locations are shown in Directory conventions.
9. At the next panel, select Typical and click Next.
10. At the screen where you choose to install the Web Server as a service, select
Log on as Local System Account and click Next.
11. At the Summary panel, click Next.
12. At the Installation Complete panel, click Next.
13. At the next panel, select the check box to launch into the WAS Plug-in
Installer and click Finish
14. To view the documentation, select the appropriate check boxes; otherwise,
clear them and click Next.
15. At the License Agreement panel, accept the license agreement and click Next.
16. At the next panel, verify that your system meets the prerequisites. If it does,
click Next.
17. Select IBM HTTP Server V6 as the Web server vendor and click Next.
18. At the panel where you select whether or not this will be a local or remote
install, select Remote (even if Workplace Collaboration Services is on the same
machine) and click Next.
19. At the next panel, select the location for plug-in files, for example,
c:\IBMHttpserver60\Plugins. Click Next.
20. At the next panel, enter the location of the IHS60 httpd.conf file, for example,
c:\IBMHttpserver60\conf\httpd.conf. Leave the Web Server port unchanged
(should default to 80) and click Next.
21. Specify a unique Web server definition name, for example, the non-fully
qualified name of the Workplace software server, workplace. Click Next.
22. Enter the path to your plugin-cfg.xml file; for example, app_server_root\config\
cells\plugin-cfg.xml. Click Next.
84
Clustered-server Deployment Guide
23. Enter the host name or IP address of your Workplace software server (for
example, workplace.acme.com). Click Next.
24. At the Summary panel, review your installation settings for accuracy, and
click Next.
25. At the second Summary panel, review your installation settings for accuracy,
and click Next.
26. At the panel that states some manual configuration steps are required, click
Next.
27. At the Installation Complete panel, click Finish.
28. You will also have a window left open by the IBM HTTP Server installer, click
Next, then Finish.
Updating to IBM HTTP Server 6.0.2:
Follow these instructions to updateIBM HTTP Server 6.0 to Release 6.0.2. Updates
for IBM HTTP Server can be found in the Recommended Updates section of the
IBM HTTP Server Support site at http://www-306.ibm.com/software/webservers/
httpservers/support/.
The WebSphere Application Server 5.0 Update Installer can be downloaded from
the IBM Support site at http://www.ibm.com/software/webservers/appserv/
was/support/.
1. Download the appropriate file to a temporary directory, for example,
c:\install:
ihs.6020.windows.ia32.zip
2. Extract the files from the zip file to another temporary directory, for example,
c:\install\IHS602.
3. Choose Start → Run. Specify the installation program location, for example:
c:\install\IHS602\Install.exe
Then click OK.
4. At the Welcome panel, click Next.
5. At the License Agreement panel, accept the license agreement and click Next.
6. Select the installation directory where 6.0 is installed; for example,
/IBMHttpServer60. Then click Next.
7. At the panel that tells you there is an instance of Web server installed, click
Next.
8. At the next panel, select Typical and click Next.
9. At the screen where you choose to install this as a service, clear the check box
if you prefer to start IBM HTTP Server manually; otherwise, select Log on as
Local System Account. Then click Next.
10. At the Summary panel, verify the installation settings, then click Next.
11. When you are prompted about overwriting the JVM that came with IBM
HTTP server 6.0, click Yes.
12. At the Installation Complete panel, click Finish.
13. You will also have a window left open by the IBM HTTP Server installer, click
Next, then Finish.
Updating to IBM HTTP Server 6.0.2.1:
Chapter 2 Preparing the Environment
85
Follow these instructions to update IBM HTTP Server 6.0.2 to Release 6.0.2.1. IHS
6.0.2 Fix Pack 1 can be found by searching for ″6.0.2.1″ on the IBM HTTP Server
Support site or at http://www-1.ibm.com/support/docview.wss?rs=180
&uid=swg24010304.
1. Download the appropriate file to a temporary directory, for example,
c:\install.
6.0.2-WS-WASIHS-WinX32-FP0000001.zip
2. Extract the files from the zip file to another temporary directory, for example,
c:\install\IHS6021.
3. Copy updateinstaller from the 6021 install directory to http_root (for example,
c:\IBMHttpServer60).
4. Click Start → Run. Specify the update installer location, for example:
c:\IBMHttpServer60\updateinstaller\update.exe
5.
6.
7.
8.
Then click OK.
At the Welcome panel, click Next.
Select the installation directory where 6.0 is installed; for example,
/IBMHttpServer60. Then click Next.
Select Install maintenance package, then click Next.
Verify the file path to the 6021 fix pack (for example, c:\IBMHttpServer60\
updateinstaller\maintenance\6.0.2-WS-WASIHS-WinX32-FP0000001.pak, then
click Next.
9. At the Summary panel, review your installation settings for accuracy, and
click Next.
10. At the Installation Complete panel, click Finish.
Verifying the installation:
After installation is complete, follow these steps to ensure that the Web server
starts.
1. Open the httpd.conf file and verify that the locations are correct for the plugins
directory (for example, c:\IBMHttpserver60\Plugins) and the plugin-cfg.xml
file (for example, c:\Program Files\IBM\Workplace\AppServer\config\cells\
plugin-cfg.xml).
2. Start the Web server.
Note: If you are unable to start IBM HTTP Server as a service, edit the httpd.conf
file to use forward slashes (/) rather than backslashes (\) for the path to the
plugins directory (for example, c:/IBMHttpserver60/Plugins) and the
plugin-cfg.xml file (for example, c:/Program Files/IBM/Workplace/
AppServer/config/cells/plugin-cfg.xml).
Related concepts
“Preparing external Web servers for a clustered environment” on page 79
Related tasks
“Starting and stopping IBM Workplace Collaboration Services servers” on page
145
“Starting and stopping the IBM HTTP server” on page 92
86
Clustered-server Deployment Guide
i5/OS: Creating a new IBM HTTP Server instance
IBM HTTP Server is a licensed program on IBM i5/OS For instructions on
installing IBM HTTP Server on i5/OS, see the IBM eServer iSeries Information
Center at
http://publib.boulder.ibm.com/infocenter/eserver/v1r1/en_US/index.htm?info/
icmain.htm
IBM Web Administration for i5/OS includes a Web-based interface for creating and
configuring a new IBM HTTP Server instance. The Create HTTP Server wizard
collects many of the required values from your server. The following steps describe
how to create a new HTTP server instance using the Create HTTP Server wizard.
1. Start the administrative HTTP server by entering the following on an i5/OS
command line:
STRTCPSVR SERVER(*HTTP) HTTPSVR(*ADMIN)
2. Type the following address in the Address field of a Web browser and press
Enter:
http://hostname:2001
where hostname is the fully qualified host name of the server.
3. Type the system name, user ID and password for the server and click OK. The
user ID must have *ALLOBJ, *IOSYSCFG, and *JOBCTL special authorities.
4. Click IBM Web Administration for i5/OS.
5. Under Common Tasks and Wizards, click Create HTTP Server.
6. Follow each step in the wizard to create a new HTTP Server for use with IBM
Workplace Collaboration Services.
Note: On the ″IP Address″ screen, select the specific IP address you set aside
for use with IBM Workplace Collaboration Services (do not select All
Addresses).
Configuring the Virtual IP address for the Network Dispatcher:
If you are deploying in a clustered environment with a network dispatcher
configured, you must configure the HTTP server to listen on the network
dispatcher’s IP address.
Before performing these steps, you should have previously configured and
activated a *VIRTUALIP to act as the loopback alias for the network dispatcher’s
IP address. See ″Installing WebSphere Application Server Edge components″ for
more information.
To configure the HTTP server to listen on the network dispatcher’s IP address
follow these steps:
1. Open the http_root/conf/httpd.conf file using a text editor or the i5/OS Edit
File (EDTF) command.
2. Add the following entry:
Listen network_dispatcher_IP_address:80
3. Save and close the httpd.conf file.
Related concepts
“Preparing external Web servers for a clustered environment” on page 79
Chapter 2 Preparing the Environment
87
Creating aliases for shared directories
The next step is to create an alias for the Learning content directory. In a clustered
environment, the IBM Workplace Collaborative Learning shared content folder is
on a network drive when you use File System as the course transport method. This
step isn’t necessary in other environments, where the content folder exists in the
default document root of the Web server (for example, \IBMHttpServer\htdocs\
en_US\content).
You must also map the URL to the shared folder to prevent the content URL
(http://servername/content) from loading from the default document root.
1. On the Web server, find the httpd.conf file, located in the http_root\conf
directory and make a backup copy of the file.
2. Open the original httpd.conf file in a text editor.
3. Redirect the /content/ to the share by creating a Directory directive entry:
#</Directory>
<Directory "//Deployment_Manager_Name/NDShare_name">
Options Indexes
AllowOverride None
Order allow,deny
Allow from all
</Directory>
4. Add an alias entry for Learning content.
Alias /content/ "//Deployment_Manager_Name/NDShare_name/content/"
5. Save your changes and close the file.
Related concepts
“Preparing external Web servers for a clustered environment” on page 79
Related tasks
“Creating shared directories in a clustered environment” on page 65
Applying plug-in fixes for IBM HTTP Server 6
If you are setting up a local or remote external Web server running IBM HTTP
Server 6, follow the instructions for your operating system to update the plug-in to
the correct version.
AIX: Updating the IBM HTTP Server plug-in:
1. Install the 6.0.2 update for the plug-in.
The 6.0.2 update can be downloaded from http://www.ibm.com/support/
docview.wss?rs=180&uid=swg24010066.
a. Uncompress the update package:
v 6.0-WS-WASIHS-AixPPC32-RP0000002.tar
b. Copy the updateInstaller directory to the WebSphere/Plugins directory.
c. Run update (follow prompts) from updateInstaller directory (May replace
jre and need to be run twice).
2. Install the 6.0.2.1 update for the plug-in.
The 6.0.2.1 update can be downloaded from http://www.ibm.com/support/
docview.wss?rs=180&uid=swg24010301.
a. Uncompress the update package:
v 6.0.2-WS-WASIHS-AixPPC32-FP0000001.tar
b. Copy the updateInstaller directory to the WebSphere/Plugins directory.
88
Clustered-server Deployment Guide
c. Run update (follow prompts) from updateInstaller directory (May replace
jre and need to be run twice).
Linux: Updating the IBM HTTP Server plug-in:
1. Install the 6.0.2 update for the plug-in.
The 6.0.2 update can be downloaded from http://www.ibm.com/support/
docview.wss?rs=180&uid=swg24010068.
a. Uncompress the update package:
v 6.0-WS-WASIHS-LinuxX32-RP0000002.tar
b. Copy the updateInstaller directory to the WebSphere/Plugins directory.
c. Run update (follow prompts) from updateInstaller directory (May replace
jre and need to be run twice).
2. Install the 6.0.2.1 update for the plug-in.
The 6.0.2.1 update can be downloaded from http://www.ibm.com/support/
docview.wss?rs=180&uid=swg24010302.
a. Uncompress the update package:
v 6.0.2-WS-WASIHS-LinuxX32-FP0000001.tar
b. Copy the updateInstaller directory to the WebSphere/Plugins directory
c. Run update (follow prompts) from updateInstaller directory (May replace
jre and need to be run twice)
Solaris: Updating the IBM HTTP Server plug-in:
1. Install the 6.0.2 update for the plug-in.
The 6.0.2 update can be downloaded from http://www.ibm.com/support/
docview.wss?rs=180&uid=swg24010069.
a. Uncompress the update package:
v 6.0-WS-WASIHS-SolarisSparc-RP0000002.tar
b. Copy the updateInstaller directory to the WebSphere/Plugins directory.
c. Run update (follow prompts) from updateInstaller directory (May replace
jre and need to be run twice).
2. Install the 6.0.2.1 update for the plug-in.
The 6.0.2.1 update can be downloaded from http://www.ibm.com/support/
docview.wss?rs=180&uid=swg24010303.
a. Uncompress the update package:
v 6.0.2-WS-WASIHS-SolarisSparc-FP0000001.tar
b. Copy the updateInstaller directory to the WebSphere/Plugins directory.
c. Run update (follow prompts) from updateInstaller directory (May replace
jre and need to be run twice).
Windows: Updating the IBM HTTP Server plug-in:
1. Install the 6.0.2 update for the plug-in.
The 6.0.2 update can be downloaded from http://www.ibm.com/support/
docview.wss?rs=180&uid=swg24009813.
a. Uncompress the update package:
v 6.0-WS-WASIHS-WinX32-RP0000002.zip
b. Copy the updateInstaller directory to the WebSphere\Plugins directory.
c. Run update (follow prompts) from updateInstaller directory (May replace
jre and need to be run twice).
Chapter 2 Preparing the Environment
89
2. Install the 6.0.2.1 update for the plug-in.
The 6.0.2.1 update can be downloaded from http://www.ibm.com/support/
docview.wss?rs=180&uid=swg24010304.
a. Uncompress the update package:
v 6.0.2-WS-WASIHS-WinX32-FP0000001.zip
b. Copy the updateInstaller directory to the WebSphere\Plugins directory.
c. Run update (follow prompts) from updateInstaller directory (May replace
jre and need to be run twice).
Related concepts
“Web server considerations” on page 30
“Preparing external Web servers for a clustered environment” on page 79
Related tasks
“Regenerating the WebSphere Application Server plug-in in a clustered
environment” on page 443
Installing the plug-in for remote Web servers from other vendors
Follow the instructions in this section only if you installed one or more remote
external Web servers other than IBM HTTP Server 6. Skip this section if:
v You installed IBM HTTP Server 6
v (i5/OS) Your HTTP server is running on IBM i5/OS. You will need to create and
configure a new remote HTTP server instance instead.
Follow these steps to install the base version of the plug-in that allows
communication between the Workplace software server and the remote Web server.
1. Stop the Web server if it is running.
2. On the machine with the Web server, launch the Plug-ins installation wizard,
which can be found on the WebSphere Application Server 6.0 (Base) CD or
from the IBM Support site.
3. Complete the installation, supplying the following information when prompted.
v Select your Web server product.
v Select the Web server machine (remote) installation scenario.
Accept the default location for the installation root directory for the plug-ins.
Verify that the Web server port is correct.
Specify a nickname for the Web server.
Accept the default location for the plugin-cfg.xml file that the wizard creates
on the Web server machine.
v Identify the host name or IP address of the Workplace software server.
v
v
v
v
When the installation is complete, apply the appropriate plug-in fixes.
Related concepts
“Web server considerations” on page 30
“Preparing external Web servers for a clustered environment” on page 79
Related tasks
“Applying plug-in fixes for remote Web servers from other vendors”
“i5/OS: Creating a new IBM HTTP Server instance” on page 87
Applying plug-in fixes for remote Web servers from other vendors:
90
Clustered-server Deployment Guide
This section applies only if you installed one or more remote external Web servers
other than IBM HTTP Server 6. Follow the instructions for your operating system
to update the plug-in to the correct version.
AIX: Updating the plug-in:
1. Install the 6.0.2 update for the plug-in.
The 6.0.2 update can be downloaded from http://www.ibm.com/support/
docview.wss?rs=180&uid=swg24010066.
a. Uncompress the update package:
v 6.0-WS-WASPlugIn-AixPPC32-RP0000002.tar
b. Copy the updateInstaller directory to the WebSphere/Plugins directory.
c. Run update (follow prompts) from updateInstaller directory (May replace
jre and need to be run twice).
2. Install the 6.0.2.1 update for the plug-in.
The 6.0.2.1 update can be downloaded from http://www.ibm.com/support/
docview.wss?rs=180&uid=swg24010301.
a. Uncompress the update package:
v 6.0.2-WS-WASPlugIn-AixPPC32-FP0000001.tar
b. Copy the updateInstaller directory to the WebSphere/Plugins directory.
c. Run update (follow prompts) from updateInstaller directory (May replace
jre and need to be run twice).
Linux: Updating the plug-in:
1. Install the 6.0.2 update for the plug-in.
The 6.0.2 update can be downloaded from http://www.ibm.com/support/
docview.wss?rs=180&uid=swg24010068.
a. Uncompress the update package:
v 6.0-WS-WASPlugIn-LinuxX32-RP0000002.tar
b. Copy the updateInstaller directory to the WebSphere/Plugins directory.
c. Run update (follow prompts) from updateInstaller directory (May replace
jre and need to be run twice).
2. Install the 6.0.2.1 update for the plug-in.
The 6.0.2.1 update can be downloaded from http://www.ibm.com/support/
docview.wss?rs=180&uid=swg24010302.
a. Uncompress the update package:
v 6.0.2-WS-WASPlugIn-LinuxX32-FP0000001.tar
b. Copy the updateInstaller directory to the WebSphere/Plugins directory
c. Run update (follow prompts) from updateInstaller directory (May replace
jre and need to be run twice)
Solaris: Updating the plug-in:
1. Install the 6.0.2 update for the plug-in.
The 6.0.2 update can be downloaded from http://www.ibm.com/support/
docview.wss?rs=180&uid=swg24010069.
a. Uncompress the update package:
v 6.0-WS-WASPlugIn-SolarisSparc-RP0000002.tar
b. Copy the updateInstaller directory to the WebSphere/Plugins directory.
c. Run update (follow prompts) from updateInstaller directory (May replace
jre and need to be run twice).
Chapter 2 Preparing the Environment
91
2. Install the 6.0.2.1 update for the plug-in.
The 6.0.2.1 update can be downloaded from http://www.ibm.com/support/
docview.wss?rs=180&uid=swg24010303.
a. Uncompress the update package:
v 6.0.2-WS-WASPlugIn-SolarisSparc-FP0000001.tar
b. Copy the updateInstaller directory to the WebSphere/Plugins directory.
c. Run update (follow prompts) from updateInstaller directory (May replace
jre and need to be run twice).
Windows: Updating the plug-in:
1. Install the 6.0.2 update for the plug-in.
The 6.0.2 update can be downloaded from http://www.ibm.com/support/
docview.wss?rs=180&uid=swg24009813.
a. Uncompress the update package:
v 6.0-WS-WASPlugIn-WinX32-RP0000002.zip
b. Copy the updateInstaller directory to the WebSphere\Plugins directory.
c. Run update (follow prompts) from updateInstaller directory (May replace
jre and need to be run twice).
2. Install the 6.0.2.1 update for the plug-in.
The 6.0.2.1 update can be downloaded from http://www.ibm.com/support/
docview.wss?rs=180&uid=swg24010304.
a. Uncompress the update package:
v 6.0.2-WS-WASPlugIn-WinX32-FP0000001.zip
b. Copy the updateInstaller directory to the WebSphere\Plugins directory.
c. Run update (follow prompts) from updateInstaller directory (May replace
jre and need to be run twice).
Related concepts
“Web server considerations” on page 30
“Preparing external Web servers for a clustered environment” on page 79
Related tasks
“Installing the plug-in for remote Web servers from other vendors” on page 90
Starting and stopping the IBM HTTP server
This section describes how to stop and start the IBM HTTP Server. The notation
http_root represents the Web server installation directory.
Starting the Web server:
Enter the following commands to start the Web server.
IBM AIX, Linux, and Sun Solaris
cd http_root/bin/
./apachectl start
Microsoft Windows
cd \http_root\bin\
c:\apache -k start
IBM i5/OS
92
Clustered-server Deployment Guide
Use the graphical user interface for HTTP or from an i5/OS command line, enter
the following command:
STRTCPSVR SERVER(*HTTP) HTTPSVR(http instance name)
Stopping the Web server:
Enter the following commands, where http_root is the Web server installation
directory:
AIX, Linux, and Solaris
cd http_root/bin/
./apachectl stop
Windows
cd http_root\bin\
c:\apache -k stop
i5/OS
Use the graphical user interface for HTTP or from the OS400 command line, enter
the following command:
ENDTCPSVR SERVER(*HTTP) HTTPSVR(http instance name)
Related concepts
“Preparing external Web servers for a clustered environment” on page 79
Setting up an i5/OS environment
In an IBM i5/OS environment, make these preparations before installing
Workplace Collaboration Services:
v Install WebSphere Application Server V5.0 Enterprise Enablement.
v (V5R4 only) Install WebSphere Application Server on i5/OS V5R4.
Related concepts
“Phase 2: Setting up the environment” on page 63
Installing WebSphere Application Server on i5/OS V5R4
WebSphere Application Server 5.0 is only supported on IBM i5/OS V5R4 for
Workplace users. This topic contains instructions on how to install WebSphere
Application Server 5.0 on i5/OS V5R4.
Note: If you are installing WebSphere Application Server 5.0 on i5/OS V5R3, see
the WebSphere Application Server for iSeries Information Center for
installation instructions. The Information Center is available on the Web at
http://publib.boulder.ibm.com/was400/50/ic2924/index.htm
Before installing WebSphere Application Server V5.0 on i5/OS V5R4, you must
have the following software installed:
Program
Option
5722SS1
Description
i5/OS V5R4
5722JV1
6
IBM Developer Kit for Java(TM)
(5722-JV1), Version 1.4
5722SS1
30
i5/OS Qshell
Chapter 2 Preparing the Environment
93
5722JC1
IBM Toolbox for Java
To install WebSphere Application Server V5.0 on i5/OS V5R4 from a workstation
connected to your server:
1. Verify that the host server jobs have been started by entering the following on
an i5/OS command line:
STRHOSTSVR SERVER(*ALL)
2. If TCP/IP is not started or if you don’t know if TCP/IP is started, enter the
Start TCP/IP (STRTCP) command on an i5/OS command line.
3. Place the WebSphere Application Server 5.0 for iSeries CD-ROM in the
CD-ROM drive on the workstation. The InstallShield program should
automatically start. If it does not, open Windows Explorer and select your
CD-ROM drive. Double-click the SETUP.EXE file to start the InstallShield
program.
4. At the first panel, read the information and click Next.
5. Enter the name of the server where you are installing WebSphere Application
Server. You also must enter a valid user ID and password for the server. This
user ID should be user type (user class) *SECOFR and have a value of
*USRCLS for special authority. Click Next.
6. On the next panel, select the options to install for WebSphere Application
Server. In order to run IBM WebSphere Portal for Multiplatforms, you must
install *BASE, Option 1, and Option 2. Click Next.
7. On the next panel, clear the options to install for WebSphere MQ V5.3 for
iSeries. Click Next.
8. The options that you specified are displayed. Verify that they are correct. If
they are not, click Back to change your installation options. If they are correct,
click Next.
9. After the installation is complete, the summary panel is displayed showing
the options that were installed. Click Finish to close the InstallShield program.
10. For security purposes, if the host servers were not running, you should return
your server to its original state with the End Host Server (ENDHOSTSVR)
command after the install is complete.
Applying the WebSphere Application Server Group PTF:
After you have installed WebSphere Application Server, apply the following group
PTF:
Group Number
Description
Minimum Level
SF99317
WebSphere App Server V5.0
(Base Edition)
1
See the following Web page on the IBM eServer iSeries Support site for instructions
on ordering PTFs:
http://www-912.ibm.com/supporthome.nsf/document/10000069
i5/OS: Installing WebSphere Application Server V5.0 Enterprise
Enablement
IBM Workplace Collaboration Services requires functionality that is not available
with standard versions of WebSphere Application Server on IBM i5/OS. To add
94
Clustered-server Deployment Guide
this functionality, you must install IBM Enterprise Enablement for WebSphere
Application Server for iSeries (WebSphere Application Server V5.0 Enterprise
Enablement).
Before installing WebSphere Application Server V5.0 Enterprise Enablement, you
must have the following software installed:
Program
Option
5722SS1
Description
i5/OS V5R3 or V5R4
5733WS5
*BASE
WebSphere Application Server V5.0
5733WS5
2
WebSphere Application Server V5.0
Application server runtime
In addition, you must have the following group PTF installed.
V5R3:
Group Number
Description
Minimum Level
SF99282
WebSphere Portal
4
Express/Express Plus Service
Pack
V5R4:
Group Number
Description
Minimum Level
SF99321
WebSphere Portal
1
Express/Express Plus Service
Pack
To install WebSphere Application Server V5.0 Enterprise Enablement from a
workstation connected to your server:
1. If your WebSphere Application Server subsystem is running, end it by entering
the following command on an i5/OS command line:
ENDSBS SBS(QEJBAS5)
2. Insert the WebSphere Application Server V5.0 Enterprise Enablement CD into
your workstation’s CD-ROM drive. The WebSphere Application Server V5.0
Enterprise Enablement installation program will start automatically.
3. A signon screen will prompt you to enter your System, User ID, and
Password.
If you are installing on i5/OS V5R3, enter the signon information and click OK.
If you are installing on i5/OS V5R4, you must start the program from a
command line with the dependency checker disabled. To do this, click Cancel
on the signon screen and do the following:
a. Open a Command Prompt.
b. Change to the root directory of the WebSphere Application Server V5.0
Enterprise Enablement CD.
c. Enter the following to start the installation program with the dependency
checker disabled:
install400.bat -W pmevalidation.active=″false″
Chapter 2 Preparing the Environment
95
d. The signon screen should reappear. Enter your System, User ID, and
Password, and click OK.
4. Select the language for the install and click Next.
5. The WebSphere Application Server V5.0 Enterprise Enablement welcome screen
should appear. Click Next.
6. Review the license agreement. Select I accept the terms of the licensing
agreement and click Next.
7. The following screen asks which version of WebSphere Application Server V5.0
Enterprise Enablement you wish to install. If you are installing on the
Deployment Manager system of a clustered environment, select WebSphere
Application Server V5.0 Enterprise Enablement for ND - Option 11.
Otherwise, select WebSphere Application Server V5.0 Enterprise Enablement Option 10 to install the Base Edition. Click Next.
8. View the install summary information and click Next.
9. When WebSphere Application Server V5.0 Enterprise Enablement finishes
installing, the installation program will display a confirmation panel. Click
Finish.
Re-applying the group PTFs:
After you have successfully installed WAS Application Server V5.0 Enterprise
Enablement, re-apply the group PTF(s). Note that if installing on i5/OS V5R4, you
must apply both versions of the WebSphere Portal Express/Express Plus Service
Pack PTF.
V5R3:
Group Number
Description
Minimum Level
SF99282
WebSphere Portal
4
Express/Express Plus Service
Pack
V5R4:
Group Number
Description
Minimum Level
SF99282
WebSphere Portal
4
Express/Express Plus Service
Pack1
SF99321
WebSphere Portal
1
Express/Express Plus Service
Pack
1
As an alternative to applying PTF SF99282 on i5/OS V5R4, you may apply iFix
LO13316. To obtain this iFix, contact IBM Software Support. For more information,
see ″Contacting IBM Software Support.″
See the following Web page on the IBM eServer iSeries Support site for instructions
on ordering PTFs:
http://www-912.ibm.com/supporthome.nsf/document/10000069
Related tasks
Phase 2: Preparing the environment
96
Clustered-server Deployment Guide
i5/OS: Creating a new Deployment Manager instance
After you have installed WebSphere Application Server and WebSphere
Application Server V5.0 Enterprise Enablement, you must create a new
Deployment Manager instance for your cluster environment. This topic describes
how to create this new instance IBM i5/OS from a QShell session.
1. Start the QShell Interpreter by entering the following on an i5/OS command
line:
STRQSH
2. Change to the WebSphere Application Server bin directory by entering the
following:
cd /QIBM/ProdData/WebAS5/PMEND/bin/
3. Create the new Deployment Manager instance by entering the following
command (enter command on one line):
crtwasinst -instance instance_name -portblock portblock_start
-node node_name -cell cell_name
where instance_name is the name of the new instance, portblock_start is the first
of 12 consecutive ports on the system that will be used by the instance,
node_name is the name of the node, and cell_name is the name of the cell.
4. Leave the QShell session running, and start subsystem QEJBASND5 by entering
the following on an i5/OS command line:
STRSBS SBS(QEJBAS5/QEJBASND5)
5. Back in the QShell session, start the new Deployment Manager instance by
entering the following:
startManager -instance instance_name
where instance_name is the name of the new instance.
Setting up a Database Management System
Before you can host the IBM Workplace Collaboration Services database on a
server, you must install a supported database management system (DBMS), which
stores and manages the data.
Note: DB2 Universal Database for iSeries is integrated with the i5/OS platform. If
you are installing Workplace Collaboration Services on i5/OS, skip this
section.
Workplace Collaboration Services installs with IBM Cloudscape as its default
database. While Cloudscape is sufficient for a demo installation, you should
transfer data to a more robust database management system (DBMS) before
putting Workplace Collaboration Services into production mode.
In addition to Cloudscape, Workplace Collaboration Services supports the
following DBMS products:
v IBM DB2 Universal Database Enterprise and Workgroup Editions
v Oracle Enterprise Edition
v Microsoft SQL Server Enterprise Edition
Refer to the topic, “AIX, Linux, Solaris, and Windows: Requirements” on page 5,
for information on supported releases of these products.
You can install the DBMS server directly on the Workplace Collaboration Services
server. If you install the DBMS on a separate computer, you must install the
Chapter 2 Preparing the Environment
97
associated DBMS client software on every Workplace Collaboration Services server,
to enable them to access the database as needed.
Decide which DBMS product you will use, and proceed to the topic, “Installing the
DBMS server.”
Installing the DBMS server
You can install the database management system (DBMS) server software on the
same computer that will host IBM Workplace Collaboration Services (the database
is local), or on a separate computer (the database is remote). In a large-scale
environment, using a remote database reduces the resource usage on the server by
directing database queries to another computer. Using a separate computer for
hosting the database also allows more storage space for the data required by
Workplace Collaboration Services.
If you use the same DBMS instance with another product, create a separate
database container for use with Workplace Collaboration Services.
Before you install the DBMS server software, review one of the following topics:
v Installing the IBM DB2 Universal Database server:
– “Installing DB2 Universal Database in AIX, Linux, and Solaris”
– “Installing DB2 Universal Database in Windows” on page 100
v “Installing the Oracle server” on page 102
v “Installing SQL Server” on page 103
Installing the DB2 Universal Database server: Install the IBM DB2 Universal
Database server software on the server that will host the IBM Workplace
Collaboration Services database. After you install the server software, be sure to
install the required fix pack.
Procedures for installing DB2 Universal Database varies by platform; see the
appropriate topic for your platform:
v i_inst_t_db_db2_server_unx.dita#i_inst_t_db_db2_server_unx
v i_inst_t_db_db2_server_win.dita#i_inst_t_db_db2_server_win
Installing DB2 Universal Database in AIX, Linux, and Solaris:
Install the IBM DB2 Universal Database server on AIX, Linux, and Solaris.
Complete this procedure on the computer where you will host the IBM Workplace
Collaboration Services database.
1. Log in to the server as a DB2 administrator.
2. Insert one of the following CDs:
v The CD containing the DB2 Universal Database Enterprise Server Edition
for Linux.
v The CD containing the DB2 Universal Database Enterprise Server Edition
for AIX Single-Byte Character Set (SBCS).
v The CD containing the DB2 Universal Database Enterprise Server Edition
for AIX Double-Byte Character Set (DBCS).
v The CD containing the DB2 Universal Database Enterprise Server Edition
for Solaris.
3. Start the launch pad by typing the following command:
./db2setup
98
Clustered-server Deployment Guide
4. Click Installation Prerequisites to review the system requirements.
5. Click Install Products.
6. Make sure that DB2 UDB Enterprise Server Edition is selected, and then click
Next.
7. Read the Welcome panel text, and then click Next.
8. Read the License Agreement, select I accept the terms in the license
agreement, and then click Next.
9. In the Select Installation Type panel, select Typical (do not select Data
warehousing or Satellite administration capability), and then click Next.
If you are prompted with a warning about using APPC to connect to remote
servers, click OK.
10. In the Select the Installation Action panel, make sure that Install DB2 UDB
Enterprise Server Edition on this computer is selected. (do not select Save
your settings in a response file), and then click Next.
11. In the Set user information for the DB2 Administration Server panel, do the
following steps, and then click Next:
a. Accept the default user name.
This user will also be granted administrative privileges in DB2.
b. Type the group name that this user belongs to, for example: db2grp.
c. Type and confirm a password.
d. Accept the default directory, or type one; for example:
/home/db2_admin
12. Do one of the following steps, and then click Next.
v (AIX) Accept the default Create a DB2 instance -32 bit (if your system is 32
bit option this will not display).
v (Linux) Accept the default Create a DB2 instance.
13. Select how the instance will be used: accept the default Single-partition
instance, and then click Next.
14. To set user information for the DB2 instance owner, do the following steps,
and then click Next:
a. Type the DB2 instance owner’s name; for example, db2inst. This name
must not be the same as that used in Step 11 (administrative user).
b. Type the group name that this user belongs to, for example: db2grp.
c. Type and confirm a password.
d. Accept the default directory, or type one; for example:
/home/db2_instance
This path must not be the same as that used in Step 11 (administrative
user).
15. To set user information for the fenced user, do the following steps, and then
click Next:
a. Accept the default user name. This value must not be the same as the
name used in Step 11 (administrative user) or Step 14 (instance owner).
b. Type the group name; for example:
db2grp
c. Type and confirm a password.
d. Type the user’s home directory; for example:
/home/db2_fenced
Chapter 2 Preparing the Environment
99
This path must not be the same as those used in Step 11 (administrative
user) or Step 14 (instance owner).
16. In the Prepare the DB2 tools catalog panel, select Prepare the DB2 tool
catalog in a local database, and then click Next.
17. In the Specify a local database to store the DB2 tools catalog panel, accept
the defaults, and then click Next.
If you are prompted with a warning about SMTP, click OK.
18. In the Set up the administration contact list panel, select Local - create a
contact list on this system, and then click Next.
19. In the Specify a contact for health monitor notification panel, select Defer
the task after installation is complete, and then click Next.
20. In the Start copying files panel, review the list, and then click Install.
21. Restart the server.
Before you can use DB2 Universal Database, you must install FixPak 9a as
described in the following procedure.
Installing DB2 FixPak 9a:
Note: DB2 8.1 FixPak 9a is equivalent to DB2 8.2 FixPak 2.
All FixPaks for DB2 are posted on the DB2 Web site, and can be accessed using the
following steps:
1. Log in to the DB2 database server as the same user who installed the DB2
server software.
2. Navigate to the following Web address and download the FixPak to your DB2
server:
http://www-306.ibm.com/software/data/db2/udb/support/
downloadv8_windows32bit.html
This address contains tables of FixPaks for all supported platforms. Installation
instructions are posted on the download page for each platform.
If you will be hosting the Workplace Collaboration Services database directly on
the DB2 server, proceed to “Phase 3: Installing Workplace Collaboration Services”
on page 107. If you will be hosting the database on a DB2 client computer, proceed
to “Installing the DB2 Universal Database client” on page 104.
Installing DB2 Universal Database in Windows:
Install the IBM DB2 Universal Database server in Microsoft Windows.
Complete this procedure on the computer where you will host the IBM Workplace
Collaboration Services database.
1. Log in to the Windows server as a DB2 administrator.
2. Insert the CD containing the DB2 Universal Database Enterprise Edition
Server for Windows.
The auto-run feature automatically opens the DB2 launch pad in the DB2
Setup wizard.
3. Click Installation Prerequisites to review the system requirements.
4. Click Install Products.
5. Make sure that DB2 UDB Enterprise Server Edition is selected, and then click
Next.
100
Clustered-server Deployment Guide
6. Read the Welcome panel text, and then click Next.
7. Read the License Agreement, select I accept the terms in the license
agreement, and then click Next.
8. In the Select Installation Type panel, select Typical (do not select ″Data
warehousing″ or ″Satellite administration capability″), and then click Next.
If you are prompted with a warning about using APPC to connect to remote
servers, click OK.
9. In the Select the Installation Action panel, make sure that Install DB2 UDB
Enterprise Server Edition on this computer is selected (do not select Save
your settings in a response file), and then click Next.
10. Choose a drive and directory on which to install the DB2 server, and then
click Next.
Do not use the default C:\Program Files\SQLLIB, and do not include spaces
in the path name. For example, use C:\IBM\SQLLIB.
11. In the Set user information for the DB2 Administration Server panel, type
the DB2 administrator’s name.
In this step, you are ensuring that the DB2 administrator now has all of the
necessary privileges in both DB2 and Windows.
12. Type the password for that account and confirm it. Leave Use the same user
name and password for the remaining DB2 services checked, and then click
Next.
13. In the Set up the administration contact list panel, select Local - create a
contact list on this system, and then click Next.
14. In the Configure DB2 instances panel, click Next.
15. In the Prepare the DB2 tools catalog panel select Prepare the DB2 tool
catalog in a local database, and then click Next.
16. In the Specify a local database to store the DB2 tools catalog panel, accept
the defaults and then click Next.
If a warning about SMTP displays, click OK.
17. In the Specify a contact for health monitor notification panel, select Defer
the task after installation is complete, and then click Next.
18. In the Start copying files panel, review the list, and then click Install.
19. Restart the server.
Before you can use DB2, you must install FixPak 9a as described in the following
procedure.
Installing DB2 FixPak 9a:
Note: DB2 8.1 FixPak 9a is equivalent to DB2 8.2 FixPak 2.
All FixPaks for DB2 are posted on the DB2 Web site, and can be accessed using the
following steps:
1. Log in to the DB2 database server as aerver as the same user who installed the
DB2 server software.
2. Navigate to the following Web address and download the FixPak to your DB2
server:
http://www-306.ibm.com/software/data/db2/udb/support/
downloadv8_windows32bit.html
This address contains tables of FixPaks for all supported platforms. Installation
instructions are posted on the download page for each platform.
Chapter 2 Preparing the Environment
101
If you will be hosting the IBM Workplace Collaboration Services directly on the
DB2 server, proceed to “Phase 3: Installing Workplace Collaboration Services” on
page 107. If you will be hosting Workplace Collaboration Services on a separate
computer, you must first install the DB2 client on that machine, so proceed instead
to “Installing the DB2 Universal Database client” on page 104, later in this phase.
Installing the Oracle server:
Setting up the Oracle server involves installing the Oracle database server software
and creating a database instance for use with IBM Workplace Collaboration
Services, as described in this topic. If you have previously installed Oracle 9i and
used it with earlier releases of Workplace Collaboration Services, you must update
the Oracle installation with patch 9.2.0.4.0 and then create a new database for
Workplace Collaboration Services as described in the topic, “Creating the Oracle
database” on page 239.
Attention: If you plan to use partitions for the Messaging database schema, you
must install Oracle with the Partitions feature enabled.
Installing the Oracle server software:
For instructions on installing the Oracle DBMS server software, consult your Oracle
documentation. When installing the Oracle server software, complete the Database
Instance and Service naming task (described in this topic) to ensure proper access
to databases from Workplace Collaboration Services.
Attention: As part of the Oracle server software installation, install Oracle 9i
patch 9.2.0.4.0; this patch is required to ensure that Workplace Collaboration
Services data transfer operations are successful.
After the server software has been installed, proceed to the next section, ″Setting
the database instance and service names.″
Setting the database instance and service names:
Perform this task on the computer hosting the Oracle database.
1. Log in to the server as a user with administrative privileges.
2. While installing the Oracle server software, create a database instance called
wps50 using the Unicode and UTF-8 options.
This database instance will contain the schemas used by Workplace
Collaboration Services, and must be created using the UTF-8 character set to
ensure accessibility in all languages.
Tip: If you omit this step during installation, you can create the database
instance later using the Oracle Database Configuration Assistant tool.
3. Edit the Oracle\Ora9\network\admin\tnsnames.ora file, and set the
SERVICE_NAME parameter to wps50 to match the database instance name
created in Step 2.
In the example that follows, the SERVICE_NAME (shown italicized) matches
the ″tns″ entry in which it is included; this match between names is required
for Workplace Collaboration Services. The examples in this documentation use
wps50 as the database name (and thus, the service name).
wps50 =
(DESCRIPTION =
(ADDRESS_LIST =
(ADDRESS =
102
Clustered-server Deployment Guide
(PROTOCOL = TCP)
(HOST = workplaceserver.acme.com)
(PORT = 1521)
)
)
(CONNECT_DATA =
(SERVER = DEDICATED)
(SERVICE_NAME = wps50)
)
)
The PORT indicates the port that the Oracle server and client use for
communicating (they must use the same port).
4. Save and close the tnsnames.ora file.
After the Oracle server has been installed and the database instance has been
created, proceed to “Adding WebSphere Portal Server users to the Oracle
database” on page 241.
Initializing support for XA transactions:
Initialize support for XA transactions to the Oracle database, to enable database
operations required by the Configuration Wizard.
1. Increase the memory allocation to the Java pool to ensure that the commands
you will need to run have enough memory allocated to execute properly.
Increasing the allocation to 32MB should be sufficient.
2. Connect to the Oracle database by running the following command:
connect sys as sysdba
3. Connect to the SQL Plus utility by running the following command:
sqlplus /nolog
4. In the SQL Plus window, run the following commands:
connect / as sysdba
start ORACLE_HOME/javavm/install/initjvm.sql
start ORACLE_HOME/javavm/install/initxa.sql
quit
Installing SQL Server: IBM Workplace Collaboration Services supports Microsoft
SQL Server Enterprise Edition as a database management product. For instructions
on installing the SQL Server software, consult the SQL Server documentation.
After you have installed the SQL Server software, install the associated SQL Server
client software on all computers that will host Workplace Collaboration Services
(except for the computer hosting the SQL Server database server). For more
information, see the topic, ″“Installing the SQL Server client” on page 105″.
Installing the DBMS client
The IBM Workplace Collaboration Services databases are stored on the DBMS
server. If this is not the same server hosting Workplace Collaboration Services (that
is, you are using a remote database), you must install the appropriate DBMS client
application on the Workplace Collaboration Services server, to ensure access to the
database.
In a Network Deployment cluster, install the DBMS client on the Deployment
Manager as well as on all nodes.
Before you install the DBMS client software, review one of the following topics:
v “Installing the DB2 Universal Database client” on page 104
v “Installing the Oracle client” on page 104
Chapter 2 Preparing the Environment
103
v “Installing the SQL Server client” on page 105″
Installing the DB2 Universal Database client:
Install the IBM DB2 Universal Database Administration Client on every Workplace
software server that is not already hosting the DB2 server.
If your computer already has a copy of the DB2 Administration Client installed,
you may need to remove that version before installing the version required for use
with IBM Workplace Collaboration Services. You can determine the appropriate
product version for DB2 by looking in the following topic: “AIX, Linux, Solaris,
and Windows: Requirements” on page 5.
Complete this procedure on each computer hosting Workplace Collaboration
Services.
1. Log in to the server using an account with administrator privileges.
2. Download the DB2 Administration Client appropriate to your operating system
from the following Web address:
http://www-306.ibm.com/software/data/db2/udb/support/
3. (AIX, Linux, and Solaris only) Source the db2profile file in the login profile of
your IBM WebSphere Application Server V5 instance owner, as described in the
topic, ″Configuring WebSphere Application Server for DB2 access,″ in the
WebSphere Application Server Enterprise information center.
If you are prompted for the DB2 administrator account during client installation,
provide the name of a user account that has DB2 administrator privileges on the
DB2 server.
Note: The DB2 client must always use the same connection port as the DB2 server,
to ensure that the two can communicate. The DB2 server usually defaults to
port 50000 for connections and port 50001 for interrupts. On SuSE Linux,
port 50000 may already be reserved for another use; if so, DB2 automatically
increments the port numbers by one.
To check which ports have been assigned to DB2 on the server, look at the
/etc/services file. This file contains two entries: the entry prefixed with db2c
represents the connection port, and the entry prefixed with db2i represents the
interrupt port. For example, if the owner of the first DB2 instance installed on the
server is ″db2inst1,″ the /etc/services file contains entries like these:
db2cdb2inst1 50000/tcp
db2idb2inst1 50001/tcp
#Connection port for DB2 instance db2inst1
#Interrupt port for DB2 instance db2inst1
In addition to using the same connection port for the DB2 server and client, you
must configure TCP/IP to work between them.
After you complete the DB2 client installation, proceed to “Phase 5: Transferring
data to an external database” on page 217.
Installing the Oracle client: For instructions on installing the Oracle client, refer
to the Oracle documentation. When installing the client software, be sure to install
Oracle 9i patch 9.2.0.4.0, which is required to ensure that IBM Workplace
Collaboration Services data transfers are successful.
104
Clustered-server Deployment Guide
Attention: Be sure to install the client using the same port that the database
server uses, so that they can communicate properly. In addition, make sure that the
client uses a UTF-8 codepage (any language).
Upgrading the client’s JDBC driver
On AIX, Linux, and Solaris platforms, installing the Oracle 9i patch 9.2.0.4.0 patch
may install the (incorrect) 9.2.0.3.0 JDBC driver rather than the required 9.2.0.4.0
JDBC driver.
To check to see if you need to upgrade your driver, look in your Portal system.out
log for this entry:
[3/8/05 18:15:39:041 GMT] 34d14c25 WSRdbDataSour W DSRA7011W: A Oracle JDBC provider
property (TransactionBranchesLooselyCoupled) has been set. Oracle patch 2511780
must be applied before setting this property.
[3/8/05 18:15:39:513 GMT] 34d14c25 WSRdbDataSour u Database version is Oracle9i
Enterprise Edition Release 9.2.0.4.0 - Production
With Release 9.2.0.4.0 - Production the Partitioning, OLAP and Oracle Data Mining
optionsJServer
[3/8/05 18:15:39:514 GMT] 34d14c25 WSRdbDataSour u JDBC Driver
version is 9.2.0.3.0
If the log entry indicates that you have the 9.2.0.3.0 JDBC driver (as shown in
boldface in the example), you will need to upgrade the driver by downloading it
from the following Web address:
http://www.oracle.com/technology/software/tech/java/sqlj_jdbc/index.html
Finalizing the Oracle client installation
After you install the Oracle client, copy the following files from the Oracle server
to the client:
v tsnames.ora
v classes12.zip
Edit the tnsnames.ora file and add a reference to the Oracle database server, and
verify that it specifies the port used by the Oracle server and client.
After you complete the Oracle client installation, proceed to Phase 5, “Phase 5:
Transferring data to an external database” on page 217.
Installing the SQL Server client:
Every computer hosting IBM Workplace Collaboration Services needs a copy of the
Microsoft SQL Server Enterprise Edition client (except for the computer hosting the
SQL Server database-server software).
To download the SQL Server client software, point your browser at:
http://www.microsoft.com/sql/downloads/default.asp
On that page, search for ″JDBC Service Pack 3″; when you locate it, download the
client driver directly to your computer. Instructions for the download are located
on the same page.
Attention: Be sure to install the client driver using the same port that the SQL
Server database-server software uses, so that they can communicate properly.
Chapter 2 Preparing the Environment
105
After you complete the SQL Server client installation, proceed to the topic, “Phase
5: Transferring data to an external database” on page 217.
106
Clustered-server Deployment Guide
Chapter 3 Installing IBM Workplace Collaboration Services
This chapter describes how to install IBM Workplace Collaboration Services in a
variety of scenarios.
Phase 3: Installing Workplace Collaboration Services
Use this section to install IBM Workplace Collaboration Services.
Related tasks
“AIX, Linux, and Solaris: Installing in a clustered environment”
“Windows: Installing in a clustered environment” on page 120
“i5/OS: Installing in a clustered environment” on page 131
AIX, Linux, and Solaris: Installing in a clustered environment
Use this section to perform the following installation-related tasks in a clustered
environment that runs on IBM AIX, Linux, or Sun Solaris:
1. Start the installation program.
2. Install Workplace Collaboration Services on network nodes.
3. Install Workplace Collaboration Services on the Deployment Manager.
4. Configure IBM Workplace Collaboration Services.
5. Start and stop IBM Workplace Collaboration Services.
Related tasks
“AIX, Linux, and Solaris: Uninstalling IBM Workplace Collaboration Services”
on page 120
“Other ways to install IBM Workplace Collaboration Services” on page 148
“AIX, Linux, and Solaris: Clustered-server deployment overview” on page 40
“Phase 3: Installing Workplace Collaboration Services”
AIX, Linux, and Solaris: Starting the installation program
Take these steps to prepare for and start Workplace Collaboration Services
installation from the Web, from a DVD, or from a CD.
Completing pre-installation steps:
1. Complete the steps in the pre-installation checklist and have the Administrator
Names and Passwords worksheet at hand.
2. (AIX and Solaris) The installation program uses the GNU tar archiver to
extract files during installation. Before running the installation program on AIX
or Solaris, you must install GNU tar, version 1.14 or later.
The GNU tar can be downloaded from the Free Software Directory on
www.gnu.org. It must be installed as the default tar utility on the path. (The
default install location for GNU tar is /usr/local/bin.) To verify the version
number of the default tar utility, use the command ″tar --version″ (typed with
two hyphens, not a dash). If the default tar utility is not the latest version,
upgrade to version 1.14 or later.
3. (AIX only) Increase the ulimit to a number larger than the size of
LWP_WPS_Common1.tar.gz with the following command:
© Copyright IBM Corp. 2002, 2006
107
ULIMIT 99999999999999999; export ULIMIT
4. If you expect to set up an HTTP server on a separate machine, ensure that the
Workplace software server and the planned HTTP server are in the same
Internet DNS domain.
5. Deactivate any screen savers, because they may interfere with the operation of
the installation program.
6. Disable all firewalls until Workplace Collaboration Services is installed and
configured because they may interfere with the operation of the installation
program and Configuration Wizard.
7. If you are about to install Workplace Collaboration Services on the Deployment
Manager in a clustered deployment, do the following:
a. In a command prompt window, navigate to the deploy_manager_root/bin
directory and stop the Deployment Manager using the command:
stopmanager -user admin_name -password admin_password
b. Run the following command from the deploy_manager_root/bin directory.
Notice the space between the periods. The special format for this command
sources the command to make the setting active for all processes started
from the command shell.
. ./setupCmdLine.sh
Starting installation from the Web:
Verify that you are logged in to the server as a user with administrative privileges,
then follow these steps to start the installation program. To download from the
Web, go to http://www-306.ibm.com/software/howtobuy/passportadvantage/.
1. Create a downloads directory, for example, /opt/downloads/wcs26.
2. Download the following tar images to the downloads/wcs26 directory:
AIX
v C88GDML
v C88GEML
v C88GKML
v C88GMML
v C88GNML
v C88GQML
v C88GSML
v C88GBML
Linux
v C88GDML
v C88GEML
v C88GKML
v C88GMML
v C88GNML
v C88GQML
v C88GSML
v C88GCML
Solaris
v C88GDML
v C88GEML
v C88GKML
108
Clustered-server Deployment Guide
v C88GMML
v C88GNML
v C88GQML
v C88GSML
v C88GAML
3. Extract the files in the downloads/wcs26 directory, preserving the directory
structure.
For example, use the following command for each file:
tar -xvf file_name.tar
where file_name.tar is the name of the file to be extracted.
4. Change to the local WCSServer directory, for example, /opt/downloads/wcs26/
WCSServer.
5. Enter the command to start installation.
./install.sh
Starting installation from a DVD:
Verify that you are logged in to the server as a user with administrative privileges,
then follow these steps to start the installation program.
1. Insert the Workplace Collaboration Services installation DVD.
2. Change to the WCSServer directory of the installation DVD.
3. Enter the command to start installation.
./install.sh
Starting installation from a CD:
Verify that you are logged in to the server as a user with administrative privileges,
then follow these steps to start the installation program.
1. Gather the following CDs:
v Server Install and Migration Tools (IWCP 2.6 SRV INST MIG TOOLS)
v Server Archive Install 1 of 5 (IWCP 2.6 SRV ARCH INST. CD 1-5)
v Server Archive Install 2 of 5 (IWCP 2.6 SRV ARCH INST. CD 2-5)
v Server Archive Install 3 of 5 (IWCP 2.6 SRV ARCH INST. CD 3-5)
v Server Archive Install 4 of 5 (IWCP 2.6 SRV ARCH INST. CD 4-5)
v Server Archive Install 5 of 5 (IWCP 2.6 SRV ARCH INST. CD 5-5)
2. Insert the Server Install and Migration Tools CD.
3. Enter the command to start installation from the root of the Server Install and
Migration Tools CD.
When prompted to insert the next CD, insert the indicated CD, and verify the
CD Location path is correct. Then click Next.
Note: You may need to manually unmount (eject) each CD when prompted to
insert the next one.
Next step
Now follow the installation prompts to install Workplace Collaboration Services on
the server.
Related tasks
“AIX, Linux, and Solaris: Sequence of operations for a clustered-server
deployment” on page 44
Chapter 3 Installing IBM Workplace Collaboration Services
109
“AIX, Linux, and Solaris: Installing on network nodes”
“AIX, Linux, and Solaris: Completing installation on the Deployment Manager”
on page 115
Related reference
Pre-installation checklist
Administrator names and passwords worksheet
AIX, Linux, and Solaris: Installing on network nodes
After you start the installation program, follow these steps to install Workplace
Collaboration Services on a node in a clustered deployment. The process takes
about an hour to complete.
Note: Each node in the cluster must run on the same platform and have
Workplace Collaboration Services installed in the same directory.
1. At the panel ″Select a language to be used,″ select the language for the
installation program, and then click OK.
2. Optional: At the panel “Welcome to the IBM Workplace Installation,” click
Launch Getting Started to access information about planning, hardware and
software requirements, installation procedures, and configuration tasks.
For more information, see Appendix A.
3. When you are ready to proceed with the installation, click Next at the
Welcome panel.
4. At the panel ″Select the Workplace products that you have licensed,″ select all
the products for which you have licenses, and then click Next.
5. At the License Agreement, click I accept the terms, and click Next.
6. At the panel ″Click Next to install IBM Workplace to this directory,″ specify an
installation directory (recommended examples are shown below), and then
click Next.
The characters in the directory path name must be single-byte coded (8 bit)
characters from the ISO 8859-1 West European (Latin-1) character set. Use a
new or unused directory so that unrelated files are not accidentally deleted if
you later uninstall Workplace Collaboration Services.
AIX
/usr/IBM/Workplace
Linux and Solaris
/opt/IBM/Workplace
Tip: Make a note of the location you chose for installation. Configuration
steps you take later assume you know the product’s root directory. The
default locations are shown in Directory conventions.
7. At the panel ″IBM Workplace supports different deployment topologies,″
select Network Deployment, and then click Next.
8. At the panel ″The installer can configure either the Deployment Manager or a
Node,″ select Node, and then click Next.
9. At the panel ″Enter the fully qualified host name for this installation,″ enter
serverfullDNSname (your server’s full hostname) for the installation, then click
Next.
10. At the panel ″Enter the IBM Workplace administrative user ID and password,″
provide a name and password for the Workplace Collaboration Services
administrator.
110
Clustered-server Deployment Guide
Use only alphanumeric characters for the password; do not use ! ( ) @ # $ %
or other special characters.
Confirm the password, and then click Next.
11. At the panel ″Summary Information,″ verify that the administrator ID is
correct.
If it is correct, click Install to start the installation process. Otherwise, click
Back to correct the settings.
12. The installer displays the final screen, which shows the location of the
installation logs.
13. Click Finish to complete the installation.
Next step
Run the wizard now to complete the installation of Workplace Collaboration
Services on this node.
Related tasks
“AIX, Linux, and Solaris: Starting the installation program” on page 107
“AIX, Linux, and Solaris: Starting the Configuration Wizard”
“AIX, Linux, and Solaris: Next steps” on page 118
“Starting and stopping IBM Workplace Collaboration Services servers” on page
145
“AIX, Linux, and Solaris: Installing in a clustered environment” on page 107
AIX, Linux, and Solaris: Starting the Configuration Wizard
After IBM Workplace Collaboration Services is installed, run the Configuration
Wizard as many times as needed to set up a remote database server or an LDAP
directory for use in a production environment. This step is not needed for a demo
server.
To start the Configuration Wizard, follow these steps.
1. Log in to the Workplace server machine as a user with administrative
privileges.
2. Depending on the configuration task you are performing, servers that run
Workplace Collaboration Services may need to be stopped or started. For more
information, see instructions for each configuration task and the topic ″Starting
and stopping IBM Workplace Collaboration Services.″
3. Navigate to the portal_server_root/config/wizard directory.
4. Type the command for the mode in which you want the wizard to run.
Note: Online help is not available in console mode.
To run the wizard with the graphical user interface:
./configwizard.sh
To run the wizard in console mode (without the graphical user interface):
./configwizard.sh -console
5. At the Welcome screen, click Next to start the wizard.
6. At the panel ″Select a language to be used,″ select the language you want to
see when running this wizard, and then click OK.
7. At the ″Ready to Start″ panel, click Next.
Chapter 3 Installing IBM Workplace Collaboration Services
111
Tip: Each time the Configuration Wizard runs, it creates log files (configwizard.log
and configwizardlog.txt) in the portal_server_root/log directory. Review these
logs to check for errors. To save them for later viewing, assign them names
that describe the type of configuration you chose.
Related concepts
“Phase 4: Connecting to an LDAP directory server” on page 157
“Phase 5: Transferring data to an external database” on page 217
Related tasks
“AIX, Linux, and Solaris: Next steps” on page 118
“Starting and stopping IBM Workplace Collaboration Services servers” on page
145
“AIX, Linux, and Solaris: Installing in a clustered environment” on page 107
Installing on the Deployment Manager
If you are installing IBM Workplace Collaboration Services on the Deployment
Manager, take the following steps:
1. Enable LDAP security on the Deployment Manager.
2. (SQL Server only) Copy SQL Server files from Node 1.
3. Install Workplace Collaboration Services. Follow the instructions appropriate to
the operating system you have.
v IBM AIX, Linux, and Sun Solaris
v Microsoft Windows
v i5/OS
4. (SQL Server only) Complete the data source setup for SQL Server.
Related tasks
“AIX, Linux, and Solaris: Sequence of operations for a clustered-server
deployment” on page 44
“Windows: Sequence of operations for a clustered-server deployment” on page
52
“i5/OS: Sequence of operations for a clustered-server deployment” on page 58
“AIX, Linux, and Solaris: Next steps” on page 118
“Windows: Next steps” on page 130
“i5/OS: Next steps” on page 140
Enabling LDAP security on the Deployment Manager:
If you already enabled LDAP security as part of WebSphere Application Server
setup, skip this step and proceed to installing Workplace Collaboration Services on
the Deployment Manager.
If LDAP security is not enabled, after you set up Node 1 and connect it to an
LDAP directory, copy the security values to the Deployment Manager by following
these steps.
1. Open the WebSphere Administrative Console for Node 1 by typing the
following URL from a browser window:
http://nodename:admin_port/admin
where nodename is the fully qualified DNS name of Node 1, and admin_port is
the port assigned to the WebSphere Administrative Console. On IBM AIX,
Linux, Sun Solaris, and Microsoft Windows, the port number is 9091. On IBM
112
Clustered-server Deployment Guide
i5/OS, the port number is the base port number for the instance, plus 10. For
example, if you specified 30000 as your base port number, the WebSphere
Administrative Console port would be port 30010.
2. Click Security → User Registries → LDAP.
3. In another window, open the WebSphere Administrative Console for the
Deployment Manager by typing the following URL from a browser window:
http://dmname:admin_port/admin
where dmname is the fully qualified DNS name of the Deployment Manager,
and admin_port is the port assigned to the WebSphere Administrative
Console. On IBM AIX, Linux, Sun Solaris, and Microsoft Windows, the port
number is 9090. On IBM i5/OS, the port number is the base port number for
the instance, plus 5. For example, if you specified 30000 as your base port
number, the WebSphere Administrative Console port would be port 30005.
4. Click Security → User Registries → LDAP.
5. Copy the values in the fields listed below from the Node console to the
Deployment Manager console:
Property
Description
Server User ID
The common name of the WebSphere Portal Server; for example:
uid=wpsadmin,cn=Users,l=Nashville,st=Tennessee,c=US,
ou=SE,o=Sales,dc=acme,dc=com
Server User Password
The password of the user specified in the previous field.
Type
The type of LDAP directory to be used; for example:
IBM_Directory_Server
Host
The fully qualified host name of the LDAP server; for example:
ids51ldap.acme.com
Base Distinguished
Name
The base distinguished name of the directory service, indicating
the starting point for LDAP searches of the directory service; for
example:
l=Nashville,st=Tennessee,c=US,ou=SE,o=Sales,dc=acme,dc=com
Bind Distinguished
Name
The fully qualified distinguished name that the application server
must use to bind to the LDAP directory; for example:
uid=wpsbind,cn=Users,l=Nashville,st=Tennessee,c=US,
ou=SE,o=Sales,dc=acme,dc=com
Bind Password
The password of the user specified in the previous field.
Reuse Connection
Clear the check box.
Ignore Case
Select the check box.
SSL
Clear the check box.
6. Click Apply.
7. In both administrative console windows, click Advanced LDAP Settings.
8. Copy the values in the fields listed below from the Node console to the
Deployment Manager console:
Property
Description
User Filter
Add the mail attribute; for example: (&(|(uid=%v)(mail=
%v))(objectclass=inetOrgPerson))
Group Filter
Add the group attribute; for example: (&(cn=
%v)(objectclass=groupOfUniqueNames))
User ID Map
Add the entry *:uid.
Chapter 3 Installing IBM Workplace Collaboration Services
113
Property
Description
Group ID Map
Add the entry *:cn
Group Member ID
Map
Add the group mapping attribute; for example:
groupOfUniqueNames:uniqueMember
9. Click OK.
10. In both administrative console windows, click Security → Authentication
Mechanisms → LTPA.
11. Copy the values in the fields listed below from the Node console to the
Deployment Manager console:
Property
Description
Password
Supply the password.
Confirm Password
Confirm the password.
12. Click Apply.
13. In both administrative console windows, click Single Signon (SSO).
14. Copy the values in the fields listed below from the Node console to the
Deployment Manager console:
Property
Description
Enabled
Select the check box.
Requires SSL
Clear the check box unless you are using SSL at your site.
Domain Name
The domain name; for example, .acme.com. (The period before the
domain name is required.)
15.
16.
17.
18.
Click OK.
Save your changes.
In both administrative console windows, click Security → Global Security.
Copy the values in the fields listed below from the Node console to the
Deployment Manager console:
Property
Description
Enabled
Select the check box.
Enforce Java 2 Security Clear the check box.
Active User Registry
Choose LDAP.
19. Click OK.
20. Save your changes.
21. Log out and close both browser windows.
22. Shut down the Deployment Manager and restart it.
You have now enabled security on the Deployment Manager. In the future,
you will be prompted for the administrative name and password when you
stop the Deployment Manager.
Now install Workplace Collaboration Services on the Deployment Manager.
Related tasks
“AIX, Linux, and Solaris: Sequence of operations for a clustered-server
deployment” on page 44
114
Clustered-server Deployment Guide
“Windows: Sequence of operations for a clustered-server deployment” on page
52
“i5/OS: Sequence of operations for a clustered-server deployment” on page 58
“Installing on the Deployment Manager” on page 112
Copying SQL Server files from Node 1:
If you are setting up a DBMS server running on SQL Server, you must copy files
from Node 1 to the Deployment Manager after the SQL Server software is
installed. Perform this task before you install Workplace Collaboration Services.
Copy the following files from the app_server_root/lib directory on Node 1 after
Workplace Collaboration Services has been installed. Copy them to the
Deployment Manager’s deploy_manager_root/lib directory:
v sqlserver.jar
v base.jar
v util.jar
Related tasks
“Installing on the Deployment Manager” on page 112
AIX, Linux, and Solaris: Completing installation on the Deployment Manager:
After you start the installation program, follow these steps to install Workplace
Collaboration Services on the Deployment Manager in a clustered deployment.
Before you install Workplace Collaboration Services on the Deployment Manager,
enable LDAP security and, if you are using SQL Server, copy SQL Server files from
Node 1.
1. At the panel ″Select a language to be used,″ select the language for the
installation program, and then click OK.
2. Optional: At the panel “Welcome to the IBM Workplace Installation,” click
Launch Getting Started to access information about planning, hardware and
software requirements, installation procedures, and configuration tasks.
For more information, see Appendix A.
3. When you are ready to proceed with the installation, click Next at the
Welcome panel.
4. At the panel ″Select the Workplace products that you have licensed,″ select all
the products for which you have licenses, and then click Next.
5. At the License Agreement, click I accept the terms, and click Next.
6. At the panel ″Click Next to install IBM Workplace to this directory,″ specify an
installation directory (recommended examples are shown below), and then
click Next.
The characters in the directory path name must be single-byte coded (8 bit)
characters from the ISO 8859-1 West European (Latin-1) character set. Use a
new or unused directory so that unrelated files are not accidentally deleted if
you later uninstall Workplace Collaboration Services.
AIX
/usr/IBM/Workplace
Linux and Solaris
/opt/IBM/Workplace
Chapter 3 Installing IBM Workplace Collaboration Services
115
7.
8.
9.
10.
11.
12.
13.
14.
15.
16.
Tip: Make a note of the location you chose for installation. Configuration
steps you take later assume you know the product’s root directory. The
default locations are shown in Directory conventions.
At the panel ″IBM Workplace supports different deployment topologies,″
select Network Deployment, and then click Next.
At the panel ″The installer can configure either the Deployment Manager or a
Node,″ select Deployment Manager, and then click Next.
At the panel ″Enter the fully qualified host name for this installation,″ enter
serverfullDNSname (your server’s full hostname) for the installation. Then click
Next.
At the panel ″Enter the IBM Workplace administrative user ID and password,″
provide a name and password for the Workplace Collaboration Services
administrator.
Use only alphanumeric characters for the password; do not use ! ( ) @ # $ %
or other special characters.
Confirm the password, and then click Next.
At the panel ″Setup has located the IBM WebSphere Deployment Manager,″
verify that the location shown is where you installed the Deployment
Manager, and then click Next.
At the panel ″IBM Workplace requires administrator access to the WebSphere
Deployment Manager,″ provide the administrator ID and password you used
for the Deployment Manager, and then click Next.
At the panel ″WebSphere Deployment Manager Settings,″ enter the node and
cell name for the Deployment Manager. Then click Next.
If you don’t know the node and cell name, navigate to the
deploy_manager_root/config/cells directory and look for the following names:
v The cell name is shown in deploy_manager_root/config/cells/cellname.
v The node name is shown in deploy_manager_root/cellname/nodes/nodeName.
At the panel ″Select the database type,″ select the type of DBMS system you
installed in Phase 2, and then click Next.
At the panel ″IBM Workplace database connection information,″ enter the
name and password for the database application user on this server. Then
click Next.
At the second panel for ″IBM Workplace database connection information,″
provide the following database information, and then click Next.
Field
LWPDBDriver
Description
Specify the database driver class or JDBC
provider for the Workplace Collaboration
Services database. For example:
DB2
COM.ibm.db2.jdbc.DB2XADataSource
Oracle
oracle.jdbc.driver.OracleDriver
SQL Server
com.ibm.websphere.jdbcx.sqlserver.
SQLServerDataSource
116
Clustered-server Deployment Guide
Field
LWPDbLibrary
Description
Specify the database driver class and enter
the location of the zip file that has the
database driver class. For example:
DB2
/IBM/SQLLIB/java/db2java.zip
Oracle
/oracle/ora92/jdbc/lib/classes12.zip
SQL Server
deploy_manager_root/lib/sqlserver.jar,
deploy_manager_root/lib/base.jar,
LWPDBName
LWPDBUrl
deploy_manager_root/lib/util.jar
Enter the database name (for example,
wps50).
Specify the JDBC URL for Workplace
Collaboration Services. For DB2, the URL
would be in the form jdbc:db2:database_name,
wheredatabase_name is the value of
LWPDBName. For example:
DB2
jdbc:db2:wps50
Oracle
jdbc:oracle:oci:@tns entry alias
SQL Server
jdbc:microsoft:sqlserver://SqlServer
Name:1433;DatabaseName=wps50
17. At the panel ″Summary Information,″ verify that the administrator ID is
correct.
If it is correct, click Install to start the installation process. Otherwise, click
Back to correct the settings.
18. The installer displays the final screen, which shows the location of the
installation logs.
19. Click Finish to complete the installation.
Now complete data source setup for SQL Server (if you are using SQL Server at
your site).
Next step
Complete the installation of Workplace Collaboration Services by following the
next steps below.
Related tasks
“AIX, Linux, and Solaris: Starting the installation program” on page 107
“AIX, Linux, and Solaris: Next steps” on page 118
Chapter 3 Installing IBM Workplace Collaboration Services
117
“Starting and stopping IBM Workplace Collaboration Services servers” on page
145
“AIX, Linux, and Solaris: Installing in a clustered environment” on page 107
Completing the data source setup for SQL Server:
If you are using a SQL Server database, follow these steps after installing
Workplace Collaboration Services to create one of the custom properties on the
data source required by the database.
1. In the WebSphere Administrative Console, navigate to Resources → JDBC
Providers.
2. Select the node name for the deployment manager (typically
servernameManager) and click ″apply″.
3. From the list of available jdbc providers (there should be only one), select
″lwp25jdbc″. This opens a new page.
4. Scroll to the bottom and select Data Sources.
5. Select ″lwpApp″ from the list of data sources (there should be only one). This
opens a new page.
6. Scroll to the bottom and select Custom Properties, then click New.
7. In the page that opens, enter ″serverName″ for Name.
8. For Value, enter the full DNS for the database server machine.
9. Click OK and save all changes, selecting the option to synchronize with nodes
if there is an existing cell.
Related tasks
“Installing on the Deployment Manager” on page 112
AIX, Linux, and Solaris: Next steps
Configure IBM Workplace Collaboration Services on IBM AIX, Linux, and Sun
Solaris for your deployment:
v If you use Web Conferencing:
– Enable document conversion services for Web Conferencing
– (AIX, Solaris) Configure the PowerPoint viewer for Web Conferencing
v Connect to an LDAP Directory if you plan to use an existing LDAP directory.
v Connect to a DBMS server if you installed a remote database server.
v Connect to an external Web Server if you plan to bypass the internal HTTP
mechanism supplied with the product.
v Complete the setup of any additional components you may have installed.
Related tasks
“AIX, Linux, and Solaris: Installing in a clustered environment” on page 107
“AIX, Linux, and Solaris: Starting the Configuration Wizard” on page 111
AIX, Linux, and Solaris: Enabling document conversion services for Web
Conferencing:
To ensure that Web conferences perform properly in AIX, Linux, and Solaris,
configure document conversion settings in the WebSphere Portal Document
Manager.
Enabling document conversion allows users to view documents created in an
external application (such as a word processor or a spreadsheet), even if that
application is not installed on the Workplace Collaboration Services server.
118
Clustered-server Deployment Guide
For details on configuring document conversion, see the ″Document conversion″
section of the ″Document Manager″ topic in the WebSphere Portal Server
information center, located at:
http://publib.boulder.ibm.com/pvc/wp/502/ent/en/InfoCenter/wpf/pdm_info.
html#conversion
To enable the Microsoft PowerPoint viewer for use with Web Conferences in AIX
and Solaris, complete the additional steps described in the topic, ″“AIX and Solaris:
Configuring the PowerPoint viewer for Web Conferences”″.
AIX and Solaris: Configuring the PowerPoint viewer for Web Conferences:
If your IBM Workplace Collaboration Services server is hosted on an AIX or Solaris
server, you must enable the Microsoft PowerPoint viewer on the server before
users can present PowerPoint files in Web Conferences. If the PowerPoint viewer is
not properly enabled, Web conference participants will see an ″X″ in the upper left
corner of the Presentation tool.
You can enable the PowerPoint viewer by:
1. Stopping the Workplace Collaboration Services server. .
2. (AIX only) “AIX: Installing the lesstif RPM PowerPoint conversion filter.”
3. (AIX and Solaris) “AIX and Solaris: Adding the PowerPoint filter location to the
LD_LIBRARY_PATH”
4. Starting the Workplace Collaboration Services server..
AIX: Installing the lesstif RPM PowerPoint conversion filter:
This task applies only to AIX; skip to the next task if your IBM Workplace
Collaboration Services server is hosted on a Linux or Solaris platform.
Download and install the PowerPoint conversion filter by completing the following
steps:
1. Point your browser at the following Web address:
http://195.113.15.26/pub/suse/i386/8.1/suse/i586/
lesstif-0.93.14-205.i586.rpm
2. Download the lesstif-0.93.14-205.i586.rpm file (this is the filter). This file is
associated with Linux SuSE 8.1.
3. Log in as the root user, and use the following command to install the filter:
rpm -Uvh lesstif-0.93.14-205.i586.rpm
4. Start the Workplace Collaboration Services server, as described in the topic,
″“Starting and stopping IBM Workplace Collaboration Services servers” on
page 145.″
Now you are ready to add the filter location to the LD_LIBRARY_PATH in the
next task.
AIX and Solaris: Adding the PowerPoint filter location to the
LD_LIBRARY_PATH:
To add the location of the filter to the LD_LIBRARY_PATH, complete the following
steps:
1. Log in to the WebSphere Administrative Console (use the following Web
address): http://fully_qualified_server_DNS:9091/admin
2. Click Servers → Application Servers → WebSphere_Portal → Additional
Properties → Process Definition → Environment Entries.
Chapter 3 Installing IBM Workplace Collaboration Services
119
3. Click LD_LIBRARY_PATH.
4. In the Value field, add the following text at the front of the existing path:
/usr/X11R6/lib:
5. Click Apply.
6. Click Save.
7. Click Save.
Now you are ready to start the Workplace Collaboration Services server from the
x-terminal in the next task.
AIX, Linux, and Solaris: Uninstalling IBM Workplace
Collaboration Services
To
1.
2.
3.
uninstall IBM Workplace Collaboration Servicess, complete the following steps.
Log in to the server as a user with administrative privileges.
Stop Workplace Collaboration Services.
Open a command prompt and enter the appropriate command to start the
Uninstall Wizard.
All commands accept the -console argument to run the uninstallation program
from a command prompt. The console interface presents the same content as
the graphical interface, but in a textual form. Prompts at the bottom of each
screen tell you how to enter numbers to make your selections and proceed to
the next screen.
workplace_server_root/uninstall/uninstall.sh
4. At the panel ″Select a language to be used,″ select the language for the wizard,
and then click Next.
5. Optional: At the panel ″Welcome to the Uninstall Wizard,″ click Next.
6. At the panel ″Ready to Uninstall,″ click Next .
7. At the panel ″Uninstallation is successful,″ click Finish.
Related tasks
“Starting and stopping IBM Workplace Collaboration Services servers” on page
145
“Phase 3: Installing Workplace Collaboration Services” on page 107
Windows: Installing in a clustered environment
Use this section to perform the following installation-related tasks in a clustered
environment that runs on Microsoft Windows:
1. Start the installation program.
2.
3.
4.
5.
Install Workplace Collaboration Services on network nodes.
Install Workplace Collaboration Services on the Deployment Manager.
Configure IBM Workplace Collaboration Services.
Start and stop IBM Workplace Collaboration Services.
Related tasks
“Windows: Uninstalling IBM Workplace Collaboration Services” on page 130
“Other ways to install IBM Workplace Collaboration Services” on page 148
“Windows: Clustered-server deployment overview” on page 48
“Phase 3: Installing Workplace Collaboration Services” on page 107
120
Clustered-server Deployment Guide
Windows: Starting the installation program
Take these steps to prepare for and start Workplace Collaboration Services
installation from the Web, from a DVD, or from a CD.
Completing pre-installation steps:
1. Complete the steps in the pre-installation checklist and have the Administrator
Names and Passwords worksheet at hand.
2. If you expect to set up an HTTP server on a separate machine, ensure that the
Workplace server and the planned HTTP server are in the same Internet DNS
domain.
3. Deactivate any screen savers, because they may interfere with the operation of
the installation program.
4. Disable all firewalls until Workplace Collaboration Services is installed and
configured because they may interfere with the operation of the installation
program and Configuration Wizard.
5. If you are about to install IBM Workplace Collaboration Services on the
Deployment Manager in a Network Deployment, stop the Deployment
Manager before beginning installation.
In a command prompt window, navigate to the deploy_manager_root\bin
directory and enter the following command:
stopmanager -user admin_name -password admin_password
Starting installation from the Web:
Verify that you are logged in to the server as a user with administrative privileges,
then follow these steps to start the installation program. To download from the
Web, go to http://www-306.ibm.com/software/howtobuy/passportadvantage/.
Starting installation from a DVD:
Verify that you are logged in to the server as a user with administrative privileges,
then follow these steps to start the installation program.
1. Insert the Workplace Collaboration Services installation DVD.
2. Change to the WCSServer directory of the installation DVD.
3. Enter the command to start installation.
install.bat
Starting installation from a CD:
Verify that you are logged in to the server as a user with administrative privileges,
then follow these steps to start the installation program.
1. Gather the following CDs:
v Server Install and Migration Tools (IWCP 2.6 SRV INST MIG TOOLS)
v Server Archive Install 1 of 5 (IWCP 2.6 SRV ARCH INST. CD 1-5)
v Server Archive Install 2 of 5 (IWCP 2.6 SRV ARCH INST. CD 2-5)
v Server Archive Install 3 of 5 (IWCP 2.6 SRV ARCH INST. CD 3-5)
v Server Archive Install 4 of 5 (IWCP 2.6 SRV ARCH INST. CD 4-5)
v Server Archive Install 5 of 5 (IWCP 2.6 SRV ARCH INST. CD 5-5)
2. Insert the Server Install and Migration Tools CD.
3. Enter the command to start installation from the root of the Server Install and
Migration Tools CD.
When prompted to insert the next CD, insert the indicated CD, and verify the
CD Location path is correct. Then click Next.
Chapter 3 Installing IBM Workplace Collaboration Services
121
Next step
Now follow the installation prompts to install Workplace Collaboration Services on
the server.
Related tasks
“Windows: Sequence of operations for a clustered-server deployment” on page
52
“Windows: Installing on network nodes”
“Windows: Completing installation on the Deployment Manager” on page 127
Related reference
Pre-installation checklist
Administrator names and passwords worksheet
Windows: Installing on network nodes
After you start the installation program, follow these steps to install IBM
Workplace Collaboration Services on a node in a clustered deployment. The
process takes about an hour to complete.
Note: Each node in the cluster must run on the same platform and have
Workplace Collaboration Services installed in the same directory.
1. At the panel ″Select a language to be used,″ select the language for the
installation program, and then click OK.
2. Optional: At the panel “Welcome to the IBM Workplace Installation,” click
Launch Getting Started to access information about planning, hardware and
software requirements, installation procedures, and configuration tasks.
For more information, see Appendix A.
3. When you are ready to proceed with the installation, click Next at the
Welcome panel.
4. At the panel ″Select the Workplace products that you have licensed,″ select all
the products for which you have licenses, and then click Next.
5. At the License Agreement, click I accept the terms, and click Next.
6. At the panel ″Click Next to install IBM Workplace to this directory,″ specify an
installation directory (recommended example is shown below), and then click
Next.
The characters in the directory path name must be single-byte coded (8 bit)
characters from the ISO 8859-1 West European (Latin-1) character set. Use a
new or unused directory so that unrelated files are not accidentally deleted if
you later uninstall Workplace Collaboration Services.
c:\Program Files\IBM\Workplace
Tip: Make a note of the location you chose for installation. Configuration
steps you take later assume you know the product’s root directory. The
default locations are shown in Directory conventions.
7. At the panel ″IBM Workplace supports different deployment topologies,″
select Network Deployment, and then click Next.
8. At the panel ″The installer can configure either the Deployment Manager or a
Node,″ select Node, and then click Next.
9. At the panel ″Enter the fully qualified host name for this installation,″ enter
serverfullDNSname (your server’s full hostname) for the installation, then click
Next.
122
Clustered-server Deployment Guide
10. At the panel ″Enter the IBM Workplace administrative user ID and password,″
provide a name and password for the Workplace Collaboration Services
administrator.
Use only alphanumeric characters for the password; do not use ! ( ) @ # $ %
or other special characters.
Confirm the password, and then click Next.
11. At the panel ″Summary Information,″ verify that the administrator ID is
correct.
If it is correct, click Install to start the installation process. Otherwise, click
Back to correct the settings.
12. The installer displays the final screen, which shows the location of the
installation logs.
13. Click Finish to complete the installation.
Next step
Run the wizard now to complete the installation of Workplace Collaboration
Services on this node.
Related tasks
“Windows: Starting the installation program” on page 121
“Windows: Starting the Configuration Wizard”
“Windows: Next steps” on page 130
“Starting and stopping IBM Workplace Collaboration Services servers” on page
145
“Windows: Installing in a clustered environment” on page 120
Windows: Starting the Configuration Wizard
After IBM Workplace Collaboration Services is installed, run the Configuration
Wizard as many times as needed to set up a remote database server or an LDAP
directory for use in a production environment. This step is not needed for a demo
server.
To start the Configuration Wizard, follow these steps.
1. Log in to the Workplace server machine as a user with administrative
privileges.
2. Depending on the configuration task you are performing, servers that run
Workplace Collaboration Services may need to be stopped or started. For more
information, see instructions for each configuration task and the topic ″Starting
and stopping IBM Workplace Collaboration Services.″
3. Navigate to the portal_server_root\config\wizard directory.
4. Type the command for the mode in which you want the wizard to run.
Note: Online help is not available in console mode.
To run the wizard with the graphical user interface:
configwizard.bat
To run the wizard in console mode (without the graphical user interface):
configwizard.bat -console
5. At the Welcome screen, click Next to start the wizard.
6. At the panel ″Select a language to be used,″ select the language you want to
see when running this wizard, and then click OK.
Chapter 3 Installing IBM Workplace Collaboration Services
123
7. At the ″Ready to Start″ panel, click Next.
Tip: Each time the Configuration Wizard runs, it creates log files (configwizard.log
and configwizardlog.txt) in the portal_server_root\log directory. Review these
logs to check for errors. To save them for later viewing, assign them names
that describe the type of configuration you chose.
Related concepts
“Phase 4: Connecting to an LDAP directory server” on page 157
“Phase 5: Transferring data to an external database” on page 217
Related tasks
“Windows: Next steps” on page 130
“Starting and stopping IBM Workplace Collaboration Services servers” on page
145
“Windows: Installing in a clustered environment” on page 120
Installing on the Deployment Manager
If you are installing IBM Workplace Collaboration Services on the Deployment
Manager, take the following steps:
1. Enable LDAP security on the Deployment Manager.
2. (SQL Server only) Copy SQL Server files from Node 1.
3. Install Workplace Collaboration Services. Follow the instructions appropriate to
the operating system you have.
v IBM AIX, Linux, and Sun Solaris
v Microsoft Windows
v i5/OS
4. (SQL Server only) Complete the data source setup for SQL Server.
Related tasks
“AIX, Linux, and Solaris: Sequence of operations for a clustered-server
deployment” on page 44
“Windows: Sequence of operations for a clustered-server deployment” on page
52
“i5/OS: Sequence of operations for a clustered-server deployment” on page 58
“AIX, Linux, and Solaris: Next steps” on page 118
“Windows: Next steps” on page 130
“i5/OS: Next steps” on page 140
Enabling LDAP security on the Deployment Manager:
If you already enabled LDAP security as part of WebSphere Application Server
setup, skip this step and proceed to installing Workplace Collaboration Services on
the Deployment Manager.
If LDAP security is not enabled, after you set up Node 1 and connect it to an
LDAP directory, copy the security values to the Deployment Manager by following
these steps.
1. Open the WebSphere Administrative Console for Node 1 by typing the
following URL from a browser window:
http://nodename:admin_port/admin
124
Clustered-server Deployment Guide
where nodename is the fully qualified DNS name of Node 1, and admin_port is
the port assigned to the WebSphere Administrative Console. On IBM AIX,
Linux, Sun Solaris, and Microsoft Windows, the port number is 9091. On IBM
i5/OS, the port number is the base port number for the instance, plus 10. For
example, if you specified 30000 as your base port number, the WebSphere
Administrative Console port would be port 30010.
2. Click Security → User Registries → LDAP.
3. In another window, open the WebSphere Administrative Console for the
Deployment Manager by typing the following URL from a browser window:
http://dmname:admin_port/admin
where dmname is the fully qualified DNS name of the Deployment Manager,
and admin_port is the port assigned to the WebSphere Administrative
Console. On IBM AIX, Linux, Sun Solaris, and Microsoft Windows, the port
number is 9090. On IBM i5/OS, the port number is the base port number for
the instance, plus 5. For example, if you specified 30000 as your base port
number, the WebSphere Administrative Console port would be port 30005.
4. Click Security → User Registries → LDAP.
5. Copy the values in the fields listed below from the Node console to the
Deployment Manager console:
Property
Description
Server User ID
The common name of the WebSphere Portal Server; for example:
uid=wpsadmin,cn=Users,l=Nashville,st=Tennessee,c=US,
ou=SE,o=Sales,dc=acme,dc=com
Server User Password
The password of the user specified in the previous field.
Type
The type of LDAP directory to be used; for example:
IBM_Directory_Server
Host
The fully qualified host name of the LDAP server; for example:
ids51ldap.acme.com
Base Distinguished
Name
The base distinguished name of the directory service, indicating
the starting point for LDAP searches of the directory service; for
example:
l=Nashville,st=Tennessee,c=US,ou=SE,o=Sales,dc=acme,dc=com
Bind Distinguished
Name
The fully qualified distinguished name that the application server
must use to bind to the LDAP directory; for example:
uid=wpsbind,cn=Users,l=Nashville,st=Tennessee,c=US,
ou=SE,o=Sales,dc=acme,dc=com
Bind Password
The password of the user specified in the previous field.
Reuse Connection
Clear the check box.
Ignore Case
Select the check box.
SSL
Clear the check box.
6. Click Apply.
7. In both administrative console windows, click Advanced LDAP Settings.
8. Copy the values in the fields listed below from the Node console to the
Deployment Manager console:
Property
Description
User Filter
Add the mail attribute; for example: (&(|(uid=%v)(mail=
%v))(objectclass=inetOrgPerson))
Chapter 3 Installing IBM Workplace Collaboration Services
125
Property
Description
Group Filter
Add the group attribute; for example: (&(cn=
%v)(objectclass=groupOfUniqueNames))
User ID Map
Add the entry *:uid.
Group ID Map
Add the entry *:cn
Group Member ID
Map
Add the group mapping attribute; for example:
groupOfUniqueNames:uniqueMember
9. Click OK.
10. In both administrative console windows, click Security → Authentication
Mechanisms → LTPA.
11. Copy the values in the fields listed below from the Node console to the
Deployment Manager console:
Property
Description
Password
Supply the password.
Confirm Password
Confirm the password.
12. Click Apply.
13. In both administrative console windows, click Single Signon (SSO).
14. Copy the values in the fields listed below from the Node console to the
Deployment Manager console:
Property
Description
Enabled
Select the check box.
Requires SSL
Clear the check box unless you are using SSL at your site.
Domain Name
The domain name; for example, .acme.com. (The period before the
domain name is required.)
15.
16.
17.
18.
Click OK.
Save your changes.
In both administrative console windows, click Security → Global Security.
Copy the values in the fields listed below from the Node console to the
Deployment Manager console:
Property
Description
Enabled
Select the check box.
Enforce Java 2 Security Clear the check box.
Active User Registry
19.
20.
21.
22.
Choose LDAP.
Click OK.
Save your changes.
Log out and close both browser windows.
Shut down the Deployment Manager and restart it.
You have now enabled security on the Deployment Manager. In the future,
you will be prompted for the administrative name and password when you
stop the Deployment Manager.
Now install Workplace Collaboration Services on the Deployment Manager.
126
Clustered-server Deployment Guide
Related tasks
“AIX, Linux, and Solaris: Sequence of operations for a clustered-server
deployment” on page 44
“Windows: Sequence of operations for a clustered-server deployment” on page
52
“i5/OS: Sequence of operations for a clustered-server deployment” on page 58
“Installing on the Deployment Manager” on page 112
Copying SQL Server files from Node 1:
If you are setting up a DBMS server running on SQL Server, you must copy files
from Node 1 to the Deployment Manager after the SQL Server software is
installed. Perform this task before you install Workplace Collaboration Services.
Copy the following files from the app_server_root/lib directory on Node 1 after
Workplace Collaboration Services has been installed. Copy them to the
Deployment Manager’s deploy_manager_root/lib directory:
v sqlserver.jar
v base.jar
v util.jar
Related tasks
“Installing on the Deployment Manager” on page 112
Windows: Completing installation on the Deployment Manager:
After you start the installation program, follow these steps to install Workplace
Collaboration Services on the Deployment Manager in a clustered deployment.
Before you install Workplace Collaboration Services on the Deployment Manager,
enable LDAP security and, if you are using SQL Server, copy SQL Server files from
Node 1.
1. At the panel ″Select a language to be used,″ select the language for the
installation program, and then click OK.
2. Optional: At the panel “Welcome to the IBM Workplace Installation,” click
Launch Getting Started to access information about planning, hardware and
software requirements, installation procedures, and configuration tasks.
For more information, see Appendix A.
3. When you are ready to proceed with the installation, click Next at the
Welcome panel.
4. At the panel ″Select the Workplace products that you have licensed,″ select all
the products for which you have licenses, and then click Next.
5. At the License Agreement, click I accept the terms, and click Next.
6. At the panel ″Click Next to install IBM Workplace to this directory,″ specify an
installation directory (recommended example is shown below), and then click
Next.
The characters in the directory path name must be single-byte coded (8 bit)
characters from the ISO 8859-1 West European (Latin-1) character set. Use a
new or unused directory so that unrelated files are not accidentally deleted if
you later uninstall Workplace Collaboration Services.
c:\Program Files\IBM\Workplace
Chapter 3 Installing IBM Workplace Collaboration Services
127
7.
8.
9.
10.
11.
12.
13.
14.
15.
16.
Tip: Make a note of the location you chose for installation. Configuration
steps you take later assume you know the product’s root directory. The
default locations are shown in Directory conventions.
At the panel ″IBM Workplace supports different deployment topologies,″
select Network Deployment, and then click Next.
At the panel ″The installer can configure either the Deployment Manager or a
Node,″ select Deployment Manager, and then click Next.
At the panel ″Enter the fully qualified host name for this installation,″ enter
serverfullDNSname (your server’s full hostname) for the installation. Then click
Next.
At the panel ″Enter the IBM Workplace administrative user ID and password,″
provide a name and password for the Workplace Collaboration Services
administrator.
Use only alphanumeric characters for the password; do not use ! ( ) @ # $ %
or other special characters.
Confirm the password, and then click Next.
At the panel ″Setup has located the IBM WebSphere Deployment Manager,″
verify that the location shown is where you installed the Deployment
Manager, and then click Next.
At the panel ″IBM Workplace requires administrator access to the WebSphere
Deployment Manager,″ provide the administrator ID and password you used
for the Deployment Manager, and then click Next.
At the panel ″WebSphere Deployment Manager Settings,″ enter the node and
cell name for the Deployment Manager. Then click Next.
If you don’t know the node and cell name, navigate to the
deploy_manager_root\config\cells directory and look for the following names:
v The cell name is shown in deploy_manager_root\config\cells\cellname.
v The node name is shown in deploy_manager_root\cellname\nodes\nodeName.
At the panel ″Select the database type,″ select the type of DBMS system you
installed in Phase 2, and then click Next.
At the panel ″IBM Workplace database connection information,″ enter the
name and password for the database application user on this server. Then
click Next.
At the second panel for ″IBM Workplace database connection information,″
provide the following database information, and then click Next.
Field
LWPDBDriver
Description
Specify the database driver class or JDBC
provider for the Workplace Collaboration
Services database. For example:
DB2
COM.ibm.db2.jdbc.DB2XADataSource
Oracle
oracle.jdbc.driver.OracleDriver
SQL Server
com.ibm.websphere.jdbcx.sqlserver.
SQLServerDataSource
128
Clustered-server Deployment Guide
Field
LWPDbLibrary
Description
Specify the database driver class and enter
the location of the zip file that has the
database driver class. For example:
DB2
/IBM/SQLLIB/java/db2java.zip
Oracle
/oracle/ora92/jdbc/lib/classes12.zip
SQL Server
deploy_manager_root/lib/sqlserver.jar,
deploy_manager_root/lib/base.jar,
LWPDBName
LWPDBUrl
deploy_manager_root/lib/util.jar
Enter the database name (for example,
wps50).
Specify the JDBC URL for Workplace
Collaboration Services. For DB2, the URL
would be in the form jdbc:db2:database_name,
wheredatabase_name is the value of
LWPDBName. For example:
DB2
jdbc:db2:wps50
Oracle
jdbc:oracle:oci:@tns entry alias
SQL Server
jdbc:microsoft:sqlserver://SqlServer
Name:1433;DatabaseName=wps50
17. At the panel ″Summary Information,″ verify that the administrator ID is
correct.
If it is correct, click Install to start the installation process. Otherwise, click
Back to correct the settings.
18. The installer displays the final screen, which shows the location of the
installation logs.
19. Click Finish to complete the installation.
Now complete data source setup for SQL Server (if you are using SQL Server at
your site).
Next step
Complete the installation of Workplace Collaboration Services by following the
next steps below.
Related tasks
“Windows: Starting the installation program” on page 121
“Windows: Next steps” on page 130
Chapter 3 Installing IBM Workplace Collaboration Services
129
“Starting and stopping IBM Workplace Collaboration Services servers” on page
145
“Windows: Installing in a clustered environment” on page 120
Completing the data source setup for SQL Server:
If you are using a SQL Server database, follow these steps after installing
Workplace Collaboration Services to create one of the custom properties on the
data source required by the database.
1. In the WebSphere Administrative Console, navigate to Resources → JDBC
Providers.
2. Select the node name for the deployment manager (typically
servernameManager) and click ″apply″.
3. From the list of available jdbc providers (there should be only one), select
″lwp25jdbc″. This opens a new page.
4. Scroll to the bottom and select Data Sources.
5. Select ″lwpApp″ from the list of data sources (there should be only one). This
opens a new page.
6. Scroll to the bottom and select Custom Properties, then click New.
7. In the page that opens, enter ″serverName″ for Name.
8. For Value, enter the full DNS for the database server machine.
9. Click OK and save all changes, selecting the option to synchronize with nodes
if there is an existing cell.
Related tasks
“Installing on the Deployment Manager” on page 112
Windows: Next steps
Configure IBM Workplace Collaboration Services on Microsoft Windows for your
deployment:
v Connect to an LDAP Directory if you plan to use an existing LDAP directory.
v Connect to a DBMS server if you installed a remote database server.
v Connect to an external Web Server if you plan to bypass the internal HTTP
mechanism supplied with the product.
v Complete the setup of any additional components you may have installed.
Related tasks
“Windows: Installing in a clustered environment” on page 120
“Windows: Starting the Configuration Wizard” on page 123
Windows: Uninstalling IBM Workplace Collaboration Services
To uninstall IBM Workplace Collaboration Services, complete the following steps.
1. Log in to the server as a user with administrative privileges.
2. Stop Workplace Collaboration Services.
3. Open a command prompt and enter the appropriate command to start the
Uninstall Wizard.
All commands accept the -console argument to run the uninstallation program
from a command prompt. The console interface presents the same content as
the graphical interface, but in a textual form. Prompts at the bottom of each
screen tell you how to enter numbers to make your selections and proceed to
the next screen.
workplace_server_root\uninstall\uninstall.exe
130
Clustered-server Deployment Guide
4.
5.
6.
7.
You can also invoke the uninstallation from Add/Remove Programs in the
Control Panel.
At the panel ″Select a language to be used,″ select the language for the wizard,
and then click Next.
Optional: At the panel ″Welcome to the Uninstall Wizard,″ click Next.
At the panel ″Ready to Uninstall,″ click Next .
At the panel ″Uninstallation is successful,″ click Finish.
Related tasks
“Starting and stopping IBM Workplace Collaboration Services servers” on page
145
“Phase 3: Installing Workplace Collaboration Services” on page 107
i5/OS: Installing in a clustered environment
Use this section to perform the following installation-related tasks in a clustered
environment that runs on IBM i5/OS:
1. Prepare to run the installation program.
2. Install Workplace Collaboration Services on network nodes.
3. Install Workplace Collaboration Services on the Deployment Manager.
4. Configure IBM Workplace Collaboration Services.
5. Start and stop IBM Workplace Collaboration Services.
Related tasks
“i5/OS: Sequence of operations for a clustered-server deployment” on page 58
“i5/OS: Clustered-server deployment overview” on page 55
“i5/OS: Uninstalling IBM Workplace Collaboration Services” on page 143
“i5/OS: Removing an IBM Workplace Collaboration Services instance” on page
143
“Other ways to install IBM Workplace Collaboration Services” on page 148
“Phase 3: Installing Workplace Collaboration Services” on page 107
i5/OS: Starting the installation program
Take these steps to prepare for and start Workplace Collaboration Services
installation from the Web, from a DVD, or from a CD.
1. Complete the steps in the pre-installation checklist and have the Administrator
Names and Passwords worksheet at hand.
2. If host servers are not started on your server, start them by entering the
following on an i5/OS command line:
STRHOSTSVR SERVER(*ALL)
Starting host servers also requires the QUSRWRK, QSYSWRK, and QSERVER
subsystems to be running. To start a subsystem, enter the following on an
i5/OS command line:
STRSBS SBSD(<SUBSYSTEM>)
3. If your WebSphere Application Server subsystem is not running, start it by
entering the following command on an i5/OS command line:
STRSBS SBSD(QEJBAS5/QEJBAS5)
4. If you expect to set up an HTTP server on a separate machine, ensure that the
Workplace server and the planned HTTP server are in the same Internet DNS
domain.
Chapter 3 Installing IBM Workplace Collaboration Services
131
5. Deactivate any screen savers, because they may interfere with the operation of
the installation program.
6. Disable all firewalls until Workplace Collaboration Services is installed and
configured because they may interfere with the operation of the installation
program and Configuration Wizard.
7. Start the QShell Interpreter by entering the following on an i5/OS command
line:
STRQSH
8. (Deployment Manager installation only) Change to the /QIBM/ProdData/
WebAS5/PMEND/bin directory and stop the Deployment Manager using the
command:
stopmanager -instance instance_name -user admin_name -password admin_password
Starting installation from the Web:
Follow these steps to start the installation program. To download from the Web, go
to http://www-306.ibm.com/software/howtobuy/passportadvantage/.
Note: These instructions are for installing Workplace Collaboration Services
remotely from a workstation connected to your server. For local installation,
copy the install files directly to your server and install using the install.sh
command from a QShell session. This will launch the installation program in
console mode.
1. Create a downloads directory, for example, /opt/downloads/wcs26 or
D:\downloads\wcs26.
2. Download the following tar images to the downloads directory.
v C88GDML
v
v
v
v
v
v
v
C88GEML
C88GKML
C88GMML
C88GNML
C88GQML
C88GSML
C88G8ML
v C88G9ML
3. Extract the files in the downloads/wcs26 directory, preserving the directory
structure.
If installing locally, start the QShell Interpreter and then use the pax command
to extract the files:
pax -rv -C 819 -f file_name.tar
where file_name.tar represents the .tar files.
4. Change to the local WCSServer directory, for example, /opt/downloads/wcs26/
WCSServer.
5. Start the installation program by entering one of the following commands,
depending on which version of IBM i5/OS you are using:
V5R3:
install400.bat
V5R4:
install400.bat -W i5OSConfigvalidation.active="false"
V5R4 (Deployment Manager):
132
Clustered-server Deployment Guide
install400.bat -W i5DMValidation.active="false"
6. Sign on to your server with a user profile that has *ALLOBJ, *IOSYSCFG, and
*JOBCTL authorities.
Starting installation from a DVD:
Follow these steps to start the installation program.
Note: These instructions are for installing Workplace Collaboration Services
remotely from a workstation connected to your server. For local installation,
copy the install files directly to your server and install using the install.sh
command from a QShell session. This will launch the installation program in
console mode.
1. Insert the Workplace Collaboration Services installation DVD.
2. Change to the WCSServer directory of the installation DVD.
3. Start the installation program by entering one of the following commands,
depending on which version of IBM i5/OS you are using:
V5R3:
install400.bat
V5R4:
install400.bat -W i5OSConfigvalidation.active="false"
V5R4 (Deployment Manager):
install400.bat -W i5DMValidation.active="false"
4. Sign on to your server with a user profile that has *ALLOBJ, *IOSYSCFG, and
*JOBCTL authorities.
Starting installation from a CD:
Follow these steps to start the installation program.
Note: These instructions are for installing Workplace Collaboration Services
remotely from a workstation connected to your server. For local installation,
copy the install files directly to your server and install using the install.sh
command from a QShell session. This will launch the installation program in
console mode.
1. Prepare to run the installation program.
2. Gather the following CDs:
v Server Install and Migration Tools (IWCP 2.6 SRV INST MIG TOOLS)
v Server Archive Install 1 of 5 (IWCP 2.6 SRV ARCH INST. CD 1-5)
v Server Archive Install 2 of 5 (IWCP 2.6 SRV ARCH INST. CD 2-5)
v Server Archive Install 3 of 5 (IWCP 2.6 SRV ARCH INST. CD 3-5)
v Server Archive Install 4 of 5 (IWCP 2.6 SRV ARCH INST. CD 4-5)
v Server Archive Install 5 of 5 (IWCP 2.6 SRV ARCH INST. CD 5-5)
3. Insert the Server Install and Migration Tools CD.
4. Start the installation program by entering one of the following commands,
depending on which version of IBM i5/OS you are using:
V5R3:
install400.bat
V5R4:
install400.bat -W i5OSConfigvalidation.active="false"
Chapter 3 Installing IBM Workplace Collaboration Services
133
V5R4 (Deployment Manager):
install400.bat -W i5DMValidation.active="false"
5. Sign on to your server with a user profile that has *ALLOBJ, *IOSYSCFG, and
*JOBCTL authorities.
Next step
Now follow the installation prompts to install Workplace Collaboration Services on
the server.
Related tasks
“i5/OS: Sequence of operations for a clustered-server deployment” on page 58
“i5/OS: Installing on network nodes”
“i5/OS: Completing installation on the Deployment Manager” on page 138
Related reference
Pre-installation checklist
Administrator names and passwords worksheet
i5/OS: Installing on network nodes
After you start the installation program, follow these steps to install Workplace
Collaboration Services on a node in a clustered deployment.
Note: Each node in the cluster must run on the same platform and have
Workplace Collaboration Services installed in the same directory.
1. At the panel ″Select a language to be used,″ select the language for the
installation program, and then click OK.
2. When you are ready to proceed with the installation, click Next at the
Welcome panel.
3. At the panel ″Select the Workplace products that you have licensed,″ select all
the products for which you have licenses, and then click Next.
4. At the License Agreement, click I accept the terms, and click Next.
5. View the summary information on the next panel and click Next when you
are ready to begin installation. Note that Workplace Collaboration Services
product files are installed to /QIBM/ProdData/Workplace/WCS26/.
Note: Installation of Workplace Collaboration Services may take 30 minutes or
more to complete.
Tip: Make a note of the location you chose for installation. Configuration
steps you take later assume you know the product’s root directory. The
default locations are shown in Directory conventions.
6. At the panel ″IBM Workplace supports different deployment topologies,″
select Network Deployment, and then click Next.
7. At the panel ″The installer can configure either the Deployment Manager or a
Node,″ select Node, and then click Next.
8. At the panel ″Configuration options,″ select Custom configuration and click
Next.
9. At the panel ″IBM Workplace instance name,″ enter the Instance Name and
click Next.
134
Clustered-server Deployment Guide
Note that all instance names in a Network Deployment must be identical. If
you are installing on Node 1, enter a unique name for the instance and a
make a note of it for future reference. For later nodes, be sure to use the same
name you entered for Node 1.
10. At the panel ″Specify internal ports used by the WebSphere Application
Server,″ enter the first of 100 consecutive ports to be used for IBM Workplace
and click Next.
Note: You will need to know the port block used by Workplace Collaboration
Services for later configuration steps, so you may wish to make a note
of this value.
11. At the panel ″Enter the fully qualified host name for this installation,″ enter
serverfullDNSname (your server’s full host name) for the Workplace
Collaboration Services installation. This is the host name associated with the
TCP/IP address you set aside for use with Workplace Collaboration Services.
Click Next.
12. At the panel ″Enter the IBM Workplace administrative user ID and password,″
provide a name and password for the Workplace Collaboration Services
administrator.
Use only alphanumeric characters for the password; do not use ! ( ) @ # $ %
or other special characters.
Confirm the password, and then click Next.
13. View the configuration summary information and click Next to start
configuration.
Note: Configuration of Workplace Collaboration Services may take an hour or
more to complete.
14. When configuration is complete, the installation program displays a screen
indicating that configuration was successful. Click Finish to exit the
installation program.
Related tasks
“i5/OS: Next steps” on page 140
“Starting and stopping IBM Workplace Collaboration Services servers” on page
145
“i5/OS: Installing in a clustered environment” on page 131
Installing on the Deployment Manager
If you are installing IBM Workplace Collaboration Services on the Deployment
Manager, take the following steps:
1. Enable LDAP security on the Deployment Manager.
2. (SQL Server only) Copy SQL Server files from Node 1.
3. Install Workplace Collaboration Services. Follow the instructions appropriate to
the operating system you have.
v IBM AIX, Linux, and Sun Solaris
v Microsoft Windows
v i5/OS
4. (SQL Server only) Complete the data source setup for SQL Server.
Related tasks
“AIX, Linux, and Solaris: Sequence of operations for a clustered-server
deployment” on page 44
Chapter 3 Installing IBM Workplace Collaboration Services
135
“Windows: Sequence of operations for a clustered-server deployment” on page
52
“i5/OS: Sequence of operations for a clustered-server deployment” on page 58
“AIX, Linux, and Solaris: Next steps” on page 118
“Windows: Next steps” on page 130
“i5/OS: Next steps” on page 140
Enabling LDAP security on the Deployment Manager:
If you already enabled LDAP security as part of WebSphere Application Server
setup, skip this step and proceed to installing Workplace Collaboration Services on
the Deployment Manager.
If LDAP security is not enabled, after you set up Node 1 and connect it to an
LDAP directory, copy the security values to the Deployment Manager by following
these steps.
1. Open the WebSphere Administrative Console for Node 1 by typing the
following URL from a browser window:
http://nodename:admin_port/admin
where nodename is the fully qualified DNS name of Node 1, and admin_port is
the port assigned to the WebSphere Administrative Console. On IBM AIX,
Linux, Sun Solaris, and Microsoft Windows, the port number is 9091. On IBM
i5/OS, the port number is the base port number for the instance, plus 10. For
example, if you specified 30000 as your base port number, the WebSphere
Administrative Console port would be port 30010.
2. Click Security → User Registries → LDAP.
3. In another window, open the WebSphere Administrative Console for the
Deployment Manager by typing the following URL from a browser window:
http://dmname:admin_port/admin
where dmname is the fully qualified DNS name of the Deployment Manager,
and admin_port is the port assigned to the WebSphere Administrative
Console. On IBM AIX, Linux, Sun Solaris, and Microsoft Windows, the port
number is 9090. On IBM i5/OS, the port number is the base port number for
the instance, plus 5. For example, if you specified 30000 as your base port
number, the WebSphere Administrative Console port would be port 30005.
4. Click Security → User Registries → LDAP.
5. Copy the values in the fields listed below from the Node console to the
Deployment Manager console:
136
Property
Description
Server User ID
The common name of the WebSphere Portal Server; for example:
uid=wpsadmin,cn=Users,l=Nashville,st=Tennessee,c=US,
ou=SE,o=Sales,dc=acme,dc=com
Server User Password
The password of the user specified in the previous field.
Type
The type of LDAP directory to be used; for example:
IBM_Directory_Server
Host
The fully qualified host name of the LDAP server; for example:
ids51ldap.acme.com
Base Distinguished
Name
The base distinguished name of the directory service, indicating
the starting point for LDAP searches of the directory service; for
example:
l=Nashville,st=Tennessee,c=US,ou=SE,o=Sales,dc=acme,dc=com
Clustered-server Deployment Guide
Property
Description
Bind Distinguished
Name
The fully qualified distinguished name that the application server
must use to bind to the LDAP directory; for example:
uid=wpsbind,cn=Users,l=Nashville,st=Tennessee,c=US,
ou=SE,o=Sales,dc=acme,dc=com
Bind Password
The password of the user specified in the previous field.
Reuse Connection
Clear the check box.
Ignore Case
Select the check box.
SSL
Clear the check box.
6. Click Apply.
7. In both administrative console windows, click Advanced LDAP Settings.
8. Copy the values in the fields listed below from the Node console to the
Deployment Manager console:
Property
Description
User Filter
Add the mail attribute; for example: (&(|(uid=%v)(mail=
%v))(objectclass=inetOrgPerson))
Group Filter
Add the group attribute; for example: (&(cn=
%v)(objectclass=groupOfUniqueNames))
User ID Map
Add the entry *:uid.
Group ID Map
Add the entry *:cn
Group Member ID
Map
Add the group mapping attribute; for example:
groupOfUniqueNames:uniqueMember
9. Click OK.
10. In both administrative console windows, click Security → Authentication
Mechanisms → LTPA.
11. Copy the values in the fields listed below from the Node console to the
Deployment Manager console:
Property
Description
Password
Supply the password.
Confirm Password
Confirm the password.
12. Click Apply.
13. In both administrative console windows, click Single Signon (SSO).
14. Copy the values in the fields listed below from the Node console to the
Deployment Manager console:
Property
Description
Enabled
Select the check box.
Requires SSL
Clear the check box unless you are using SSL at your site.
Domain Name
The domain name; for example, .acme.com. (The period before the
domain name is required.)
15. Click OK.
16. Save your changes.
17. In both administrative console windows, click Security → Global Security.
Chapter 3 Installing IBM Workplace Collaboration Services
137
18. Copy the values in the fields listed below from the Node console to the
Deployment Manager console:
Property
Description
Enabled
Select the check box.
Enforce Java 2 Security Clear the check box.
Active User Registry
19.
20.
21.
22.
Choose LDAP.
Click OK.
Save your changes.
Log out and close both browser windows.
Shut down the Deployment Manager and restart it.
You have now enabled security on the Deployment Manager. In the future,
you will be prompted for the administrative name and password when you
stop the Deployment Manager.
Now install Workplace Collaboration Services on the Deployment Manager.
Related tasks
“AIX, Linux, and Solaris: Sequence of operations for a clustered-server
deployment” on page 44
“Windows: Sequence of operations for a clustered-server deployment” on page
52
“i5/OS: Sequence of operations for a clustered-server deployment” on page 58
“Installing on the Deployment Manager” on page 112
i5/OS: Completing installation on the Deployment Manager:
After you start the installation program, follow these steps to install Workplace
Collaboration Services on the Deployment Manager in a clustered deployment.
Before you install Workplace Collaboration Services on the Deployment Manager,
enable LDAP security.
1. At the panel ″Select a language to be used,″ select the language for the
installation program, and then click OK.
2. When you are ready to proceed with the installation, click Next at the
Welcome panel.
3. At the panel ″Select the Workplace products that you have licensed,″ select all
the products for which you have licenses, and then click Next.
4. At the License Agreement, click I accept the terms, and click Next.
5. View the summary information on the next panel and click Next when you
are ready to begin installation. Note that Workplace Collaboration Services
product files are installed to /QIBM/ProdData/Workplace/WCS26/.
Note: Installation of Workplace Collaboration Services may take 30 minutes or
more to complete.
Tip: Make a note of the location you chose for installation. Configuration
steps you take later assume you know the product’s root directory. The
default locations are shown in Directory conventions.
6. At the panel ″IBM Workplace supports different deployment topologies,″
select Network Deployment, and then click Next.
138
Clustered-server Deployment Guide
7. At the panel ″The installer can configure either the Deployment Manager or a
Node,″ select Deployment Manager, and then click Next.
8. At the panel ″Enter the fully qualified host name for this installation,″ enter
serverfullDNSname (your server’s full hostname) for the installation. Then click
Next.
9. At the panel ″Enter the IBM Workplace administrative user ID and password,″
provide a name and password for the Workplace Collaboration Services
administrator.
Use only alphanumeric characters for the password; do not use ! ( ) @ # $ %
or other special characters.
Confirm the password, and then click Next.
10. At the panel ″Select an IBM WebSphere Application Server Network
Deployment instance name,″ select the Deployment Manager instance you
created previously, and then click Next.
11. At the panel ″IBM Workplace requires administrator access to the WebSphere
Deployment Manager,″ provide the administrator ID and password you used
for the Deployment Manager, and then click Next.
12. At the panel ″WebSphere Deployment Manager Settings,″ enter the node and
cell name for the Deployment Manager. Then click Next.
If you don’t know the node and cell name, navigate to the
deploy_manager_root/config/cells directory and look for the following names:
v The cell name is shown in deploy_manager_root/config/cells/cellname.
v The node name is shown in deploy_manager_root/cellname/nodes/nodeName.
13. At the panel ″Select the database type,″ select IBM DB2 for iSeries, and then
click Next.
14. At the panel ″IBM Workplace database connection information,″ enter the
name and password for the database application user on this server. Then
click Next.
15. At the second panel for ″IBM Workplace database connection information,″
provide the following database information, and then click Next.
Field
Description
LWPDBDriver
Specify the database driver class or JDBC provider for the
Workplace Collaboration Services database. For example:
Native JDBC:
com.ibm.db2.jdbc.app.UDBXADataSource
Toolbox JDBC driver:
com.ibm.as400.access.AS400JDBCXADataSource
LWPDbLibrary
Specify the database driver class and enter the location of
the zip file that has the database driver class. For example:
Native JDBC:
/QIBM/ProdData/Java400/ext/db2_classes.jar
Toolbox JDBC driver:
/QIBM/ProdData/HTTP/Public/jt400/lib/jt400.jar
LWPDBName
Enter the database host name.
Chapter 3 Installing IBM Workplace Collaboration Services
139
LWPDBUrl
Specify the JDBC URL for Workplace Collaboration
Services. For example:
Native JDBC:
jdbc:db2:*LOCAL
Toolbox JDBC driver:
jdbc:as400:database_host_name
16. At the panel ″Summary Information,″ verify that the administrator ID is
correct.
If it is correct, click Install to start the installation process. Otherwise, click
Back to correct the settings.
17. The installer displays the final screen, which shows the location of the
installation logs.
18. Click Finish to complete the installation.
Next step
Complete the installation of Workplace Collaboration Services by following the
next steps below.
Related tasks
“i5/OS: Next steps”
“Starting and stopping IBM Workplace Collaboration Services servers” on page
145
“i5/OS: Installing in a clustered environment” on page 131
i5/OS: Next steps
Follow these steps to finish setting up IBM Workplace Collaboration Services.
1. If you used the Create IBM Workplace Collaboration Services wizard to
configure Workplace Collaboration Services, skip this step. Otherwise, configure
components separately:
Configure an HTML rendering server.
Connect to an LDAP Directory if you plan to use an existing LDAP directory.
Connect to a DBMS server if you plan to use a remote database server.
Connect to an external HTTP Server if you plan to bypass the internal HTTP
mechanism supplied with the product.
v Complete the setup of any additional components you may have installed.
2. Finish setting up if you installed in a clustered environment.
Related tasks
“i5/OS: Installing in a clustered environment” on page 131
v
v
v
v
“i5/OS: Starting the Configuration Wizard” on page 142
i5/OS: Configuring an HTML rendering server:
In order to enable the Learning and PDM functionality of IBM Workplace
Collaboration Services on IBM i5/OS, you must set up an HTML rendering server
to work with your Workplace Collaboration Services instance. Since i5/OS does
not contain native graphics support, an Xvfb (Xserver virtual frame buffer) server
is required to perform the document conversion required by these functions.
140
Clustered-server Deployment Guide
The following steps only need to be performed if you are installing Workplace
Collaboration Services on i5/OS, and only if you are not using IBM Web
Administration for i5/OS to configure your environment. IBM Web Administration
for i5/OS performs these steps automatically through the Create IBM Workplace
Collaboration Services wizard.
Before following these instructions, you should have installed both Workplace
Collaboration Services and OS/400 - Additional Fonts (5722SS1, Option 43). You
will need to know the name of your Workplace Collaboration Services instance.
Note: The Xvfb server you associate with your Workplace Collaboration Services
instance should only be used for Workplace Collaboration Services. Using
the Xvfb server with other applications may cause problems.
Selecting a display number for the Xvfb server:
To select a display number for the Xvfb server, follow these steps:
1. If the QShell Interpreter is running, stop it by doing the following:
a. On an i5/OS command line, enter QSH
b. Press F3
2. Start the PASE console by entering the following on an i5/OS command line:
CALL QP2TERM
3. Enter the following to list all active HTML rendering servers:
ps gaxuw | grep Xvnc ; ps gaxuw | grep vfb
If other rendering servers are already active, you may see output such as this
(the numbers following the colons are the display numbers already in use):
v2kea554 40571 0.0
0.0 12484 0 - A Jul 13 4:08
/QOpenSys/QIBM/ProdData/DeveloperTools/vnc/Xvnc :6 -desktop X -httpd
v2kea512 13027 0.0
0.0 11912 0 - A Jun 25 14:05
/QOpenSys/QIBM/ProdData/DeveloperTools/vnc/Xvnc :1 -desktop X -httpd
qejbsvr 21707
0.0
0.0 11928 0 - A Jun 30 7:01
/QOpenSys/QIBM/ProdData/DeveloperTools/vnc/Xvnc :33 -desktop X -httpd
v2kea554 40297
0.0
0.0 12232 0 - A Jul 12 2:31
/QOpenSys/QIBM/ProdData/DeveloperTools/vnc/Xvnc :3 -desktop X -httpd
4. Select any number from 1 to 99 that is not in use.
5. Start the Xvfb server by entering the following command on an i5/OS
command line (enter on one line):
SBMJOB CMD(CALL PGM(QP2SHELL) PARM(’/usr/bin/X11/X’ ’-vfb’ ’:N’))
JOB(XVFB) JOBQ(QSYSNOMAX) ALWMLTTHD(*YES)
where N is the display number.
6. Verify that the Xvfb server is started by repeating steps 2-3 and confirming that
a Xvfb server with your display number is in the list.
Associating the Xvfb server with the Workplace Collaboration Services instance:
Follow these steps to associate the Xvfb server with your Workplace Collaboration
Services instance:
1. Start the WebSphere Application Server administrative console by entering the
following in the location bar of a Web browser:
http://SYSTEM_NAME.COM:ADMIN_PORT/admin
where SYSTEM_NAME.COM is the name of your iSeries server, and
ADMIN_PORT is the port assigned to the administrative console of the server1
Chapter 3 Installing IBM Workplace Collaboration Services
141
2.
3.
4.
5.
6.
server. This port number varies depending on the environment and the base
port specified for the instance. To determine the correct port number, see “Port
assignments on i5/OS” on page 492.
Click Servers → Application Servers → WebSphere_Portal → Process Definition
→ Environment entries → New.
In the Name field, type DISPLAY.
In the Value field, type HOSTNAME:N where HOSTNAME is the TCP/IP host
name of your system and N is the display number (Example:
mysystem.rchland.ibm.com:1).
Click OK.
Save your changes to the master WAS configuration file.
Related tasks
“i5/OS: Next steps” on page 140
i5/OS: Starting the Configuration Wizard:
This step is not needed if you used the Create IBM Workplace Collaboration
Services wizard to configure all components simultaneously. If you need to
configure components separately, run the Configuration Wizard as many times as
needed to set up individual components.
To start the Configuration Wizard, follow these steps.
1. Start the QShell Interpreter by entering the following on an i5/OS command
line:
STRQSH
2. Change to the WebSphere Portal Server rootscripts directory by entering the
following:
cd portal_server_root/rootscripts
3. Stop Workplace Collaboration Services with the following case-sensitive
command.
stopWorkplaceServices.sh
4. Ensure that the QEJBAS5 subsystem is running. If the subsystem is not
running, start it by entering the following on an i5/OS command line:
STRSBS QEJBAS5/QEJBAS5
5. Return to the QShell session and change to the WebSphere Portal
rootscripts/subtasks directory by entering the following:
cd portal_server_root/rootscripts/subtasks
6. Restart the Cloudscape Network Server by entering the following:
startNetworkServer.sh
7. Change to the WebSphere Application Server bin directory by entering the
following:
cd app_server_root/bin
8. Restart the WebSphere Application Server by entering the following:
startServer -instance instance server1
where instance is the name of your Workplace Collaboration Services instance.
9. Copy the cfgwiz.exe executable file from your server to your workstation. This
file is in the following directory:
portal_server_root/config/wizard/cfgwiz.exe
142
Clustered-server Deployment Guide
Note: You can copy the file using IBM iSeries Navigator or FTP. Alternatively,
you can map a network drive to your server.
10. Double-click the cfgwiz.exe file on your workstation to start the Configuration
Wizard.
11. A small server signon dialog box will appear. Sign on to your server by typing
the host name, user ID and password, and clicking OK.
Note: If you do not see the server signon box right away, it may be behind
another window on your workstation.
12. At the panel ″Select a language to be used,″ select the language you want to
see when running this wizard, and then click OK.
13. Select the Workplace Collaboration Services instance you want to configure,
and click Next.
Related concepts
“Phase 4: Connecting to an LDAP directory server” on page 157
“Phase 5: Transferring data to an external database” on page 217
Related tasks
“i5/OS: Next steps” on page 140
“Starting and stopping IBM Workplace Collaboration Services servers” on page
145
“i5/OS: Installing in a clustered environment” on page 131
i5/OS: Uninstalling IBM Workplace Collaboration Services
To uninstall IBM Workplace Collaboration Services, complete the following steps.
1. Remove each Workplace Collaboration Services instance you have configured.
For more information, see i5/OS: RemIBM Workplace Collaboration Services
instance.″
2. Start the QShell Interpreter by entering the following on an i5/OS command
line:
STRQSH
3. Change to the system root directory by entering the following:
cd /
4. Begin uninstalling Workplace Collaboration Services by entering the following
command:
/QIBM/ProdData/Workplace/WCS26/WorkplaceServer/uninstall/uninstall.sh -silent
Related tasks
“Starting and stopping IBM Workplace Collaboration Services servers” on page
145
“i5/OS: Removing an IBM Workplace Collaboration Services instance”
“Phase 3: Installing Workplace Collaboration Services” on page 107
i5/OS: Removing an IBM Workplace Collaboration Services
instance
Follow the instructions in this topic to remove an IBM Workplace Collaboration
Services instance on IBM i5/OS. You may wish to do this if the instance is no
longer used, such as when you are planning to uninstall Workplace Collaboration
Services, or if you have configured a new Workplace Collaboration Services
instance for your production environment.
Chapter 3 Installing IBM Workplace Collaboration Services
143
Note: The rmvwcsinst.sh script does not delete Deployment Manager instances. If
you run the script on a Deployment Manager instance, it instead removes all
Workplace Collaboration Services components.
Note: Removing a Workplace Collaboration Services instance does not delete any
of the database schemas associated with that instance. To delete a database
schema, enter the following command on an i5/OS command line:
DLTLIB schema
where schema is the name of the Workplace Collaboration Services schema.
To remove a Workplace Collaboration Services instance on i5/OS, complete the
following steps:
1. If you installed the Workplace Managed Client provisioning server on the
instance, uninstall it before removing the instance. For more information, see
″Uninstalling the provisioning server from i5/OS.″
2. If IBM Workplace Web Content Management is running on the instance,
remove it before removing the instance.
3. Start the QShell Interpreter by entering the following on an i5/OS command
line:
STRQSH
4. Change to the Workplace Collaboration Services product root directory by
entering the following:
cd /QIBM/ProdData/Workplace/WCS26
5. Enter the following for each Workplace Collaboration Services instance you
wish to remove:
rmvwcsinst.sh -instance instance_name -username wasAdminUserId
-password wasAdminPassword
where instance_name is the name of the Workplace Collaboration Services
instance, wasAdminUserId is the User ID for the WebSphere Application Server
instance, and wasAdminPassword is the password for the WebSphere Application
Server instance.
Related tasks
“i5/OS: Installing in a clustered environment” on page 131
“Uninstalling the provisioning server from i5/OS” on page 391
“i5/OS: Uninstalling IBM Workplace Collaboration Services” on page 143
Opening the IBM WebSphere Administrative Console
To access the IBM WebSphere Administrative Console, you must start it and then
log in. After you finish working in the console, save your work and log out.
1. Start IBM Workplace Collaboration Services.
2. Enable cookies in the Web browser that you use to access the WebSphere
Administrative Console.
3. In the same Web browser, type http://yourWASServer:admin_port/admin
yourWASServer is the fully qualified DNS name of the WebSphere Application
Server, and admin_port is the port assigned to the WebSphere Administrative
Console. The port varies depending on the operating system and the
environment. The port number is 9090 for a network deployment of AIX,
Linux, Solaris, or Windows. For i5/OS, the port number is the base port
144
Clustered-server Deployment Guide
number for the instance, plus 10. For example, if you specified 30000 as your
base port number, the WebSphere Administrative Console would be port 30010.
The URL would look like this starting the WebSphere Administrative Console
for a single-server deployment on Windows:
http://server1.acme.com:9091/admin
4. Wait for the console to load in the Web browser window. If you cannot start the
WebSphere Administrative Console because the console port conflicts with an
application that is already running on the machine, change the port number in
the two files that follow and then restart the WebSphere Application Server.
app_server_root/config/cells/cell_name/nodes/node_name/servers/server_name/
server.xml
app_server_root/config/cells/cell_name/virtualhosts.xml
5. When the login page displays, type your user ID and password to log into the
console. Changes made to server configurations are saved to the user ID. Server
configurations also are saved to the user ID if there is a session timeout. A user
ID lasts for the duration of the session for which it was used to log in. If you
enter an ID that is already in use (and in session), perform one of these actions:
v Force the existing user ID out of session. The configuration file used by the
existing user ID is saved in the temporary area.
v Wait for the existing user ID to log out or time out of the session.
v Type a different user ID and password.
6. Click OK.
Starting and stopping IBM Workplace Collaboration Services
servers
This topic describes how to start and stop the servers that run IBM Workplace
Collaboration Services. It also describes how to check the status of those servers.
Note: Commands for IBM AIX, Linux, Sun Solaris, and IBM i5/OS are case
sensitive.
Checking the status of servers
To determine which servers are running, use the serverstatus command.
1. Open a command prompt (QShell session on i5/OS).
2. Navigate to the app_server_root/bin directory.
3. Check the status of all servers with the following command:
serverStatus -all
These are the servers that run with Workplace Collaboration Services:
v Network Server (Cloudscape)
v Mail_Server_1
v server1 (WebSphere Application Server)
v WebSphere_Portal
Starting and stopping all servers that run Workplace
Collaboration Services
Follow these instructions to start and stop all servers that run Workplace
Collaboration Services. If you are using a remote DBMS server, start the DBMS
server before starting Workplace Collaboration Services. Stop the DBMS server
after stopping Workplace Collaboration Services.
Chapter 3 Installing IBM Workplace Collaboration Services
145
1.
2.
3.
4.
Log in to the server machine as a user with administrative privileges.
Open a command prompt (QShell session on i5/OS).
Navigate to the portal_server_root/rootscripts directory.
Start Workplace Collaboration Services with the following command. This
command starts WebSphere_Portal, server1, Mail_Server_1, and Cloudscape
Network Server.
IBM AIX, Linux, and Sun Solaris
./startWorkplaceServices.sh
Microsoft Windows
startWorkplaceServices.bat
i5/OS
startWorkplaceServices.sh
5. Stop Workplace Collaboration Services with the following command.
AIX, Linux, and Solaris
./stopWorkplaceServices.sh
Windows
stopWorkplaceServices.bat
i5/OS
stopWorkplaceServices.sh
Starting the Workplace Collaboration Services clusters
Follow these instructions to start the two clusters that run Workplace Collaboration
Services in a clustered environment.
1.
2.
3.
4.
Log in to the Deployment Manager as a user with administrative privileges.
Open a command prompt (QShell session on i5/OS).
Navigate to the app_server_root/bin directory.
Start the Deployment Manager with the following command.
AIX, Linux, and Solaris
./startManager.sh
Windows
startManager.bat
i5/OS
startManager -instance instance_name
5.
6.
7.
8.
Log in to Node 1 as a user with administrative privileges.
Open a command prompt (QShell session on i5/OS).
Navigate to the app_server_root/bin directory.
Start the node agent on Node 1 with the following command.
AIX, Linux, and Solaris
./startNode.sh
Windows
startNode.bat
i5/OS
startNode -instance instance_name
9. Log in to Node 2 and repeat the previous steps for starting the node agent on
Node 2.
10. Start the node agent on all other nodes.
146
Clustered-server Deployment Guide
11. On the Deployment Manager, log in to the Deployment Manager console.
a. http://dm_fully_qualified_host_name:9090/admin
b. Choose Servers → Clusters.
c. Start the WebSphere_Portal cluster.
Verify that the cluster status is Started (shown with a green arrow) before
proceeding to the next step.
d. After the WebSphere_Portal cluster is started, start the Mail_Server_1
cluster.
(AIX and Solaris) Starting and stopping Workplace Collaboration
Services from the x-terminal
To start the Workplace Collaboration Services server from the x-terminal command
prompt:
1. First, enter the following command:
’xhost + fully_qualified_dns_server_name’
2. Then the appropriate command to start or stop Workplace Collaboration
Services:
Start:
./startServer.sh WebSphere_Portal
Stop:
./stopServer.sh WebSphere_Portal
Starting and stopping individual servers
Follow these instructions to start and stop individual servers.
The following batch files are located in the portal_server_root/rootscripts/subtasks
directory.
Server Name AIX, Linux, and Solaris Windows
i5/OS
Cloudscape
Network
Server
./startNetworkServer.sh startNetworkServer.bat
startNetworkServer.sh
./stopNetworkServer.sh stopNetworkServer.bat
stopNetworkServer.sh
Mail_Server
_1
./startMailServer.sh
startMailServer.bat
startMailServer.sh
./stopMailServer.sh
stopMailServer.bat
stopMailServer.sh
WebSphere
_Portal
./startPortalServer.sh
startPortalServer.bat
startPortalServer.sh
./stopPortalServer.sh
stopPortalServer.bat
stopPortalServer.sh
To start and stop WebSphere Application Server (server1) only, run the batch files
located in the app_server_root/bin directory.
Server Name AIX, Linux, and Solaris Windows
i5/OS
server1
startServer server1
-instance instance_name
./startServer.sh server1
startServer.bat server1
./stopServer.sh server1
stopServer.bat server1
stopServer server1
-instance instance_name
Related tasks
“Accessing IBM Workplace Collaboration Services after installation” on page
148
Chapter 3 Installing IBM Workplace Collaboration Services
147
“Opening the IBM WebSphere Administrative Console” on page 144
“Phase 3: Installing Workplace Collaboration Services” on page 107
“Accessing IBM Workplace Collaboration Services through an external Web
server” on page 300
Accessing IBM Workplace Collaboration Services after
installation
This topic describes how to test the connection to Workplace Collaboration Services
after you have completed installation and optionally configured an LDAP
directory, a DBMS server, and IBM Workplace Collaborative Learning .
1. To access Workplace Collaboration Services, type the following URL:
http://servername.yourcompany.com:9081/lwp/workplace
2. To access the Workplace Collaborative Learning administrator interface, type
the following URL:
http://servername.yourcompany.com:9081/lms-lmm
If you configure an external HTTP server for Workplace Collaboration Services, the
port changes from 9081 to the default port of 80.
Related concepts
“Phase 6: Connecting to an external HTTP server” on page 287
Related tasks
“Accessing IBM Workplace Collaboration Services through an external Web
server” on page 300
“Starting and stopping IBM Workplace Collaboration Services servers” on page
145
“Opening the IBM WebSphere Administrative Console” on page 144
“Phase 3: Installing Workplace Collaboration Services” on page 107
Other ways to install IBM Workplace Collaboration Services
You can install IBM Workplace Collaboration Services in these other ways:
v Installing from the console
The Workplace Collaboration Services installation program provides a console
interface, which enables you to perform an interactive installation from a
command prompt. The console interface presents the same content as the
graphical interface, but in a textual form. Prompts at the bottom of each screen
tell you how to enter numbers to make your selections and proceed to the next
screen.
v Installing with a response file
Workplace Collaboration Services can be installed from a command prompt with
a response file. This method makes displaying the graphical interface and
waiting for user input unnecessary; it is useful when you want to install
Workplace Collaboration Services on multiple servers using a similar
configuration, or when it is impractical to manually enter responses during
installation.
Related tasks
“Phase 3: Installing Workplace Collaboration Services” on page 107
148
Clustered-server Deployment Guide
Installing using the console interface
Follow the steps for your operating system to install IBM Workplace Collaboration
Services from a command prompt:
v IBM AIX, Linux, and Sun Solaris
v Microsoft Windows
v IBM i5/OS
AIX, Linux, and Solaris: Installing using the console interface:
Follow these steps to install IBM Workplace Collaboration Services using the
console interface on IBM AIX, Linux, and Sun Solaris.
1. Prepare to run the installation program.
2. Log in to the server as a user with administrative privileges.
3. Insert the Workplace Collaboration Services installation DVD.
4. Change to the WCSServer directory of the installation DVD.
5. Enter the appropriate command to start installation.
AIX
./usr/WCSServer/install.sh -console
Linux
./opt/WCSServer/install.sh -console
Solaris
./opt/WCSServer/install.sh -console
After installation, you can configure Workplace Collaboration Services as needed
for your site.
Related tasks
“AIX, Linux, and Solaris: Next steps” on page 118
Windows: Installing using the console interface:
Follow these steps to install IBM Workplace Collaboration Services using the
console interface on Microsoft Windows.
1. Prepare to run the installation program.
2. Log in to the server as a user with administrative privileges.
3. Insert the Workplace Collaboration Services installation DVD.
4. Change to the WCSServer directory of the installation DVD.
5. Enter the appropriate command to start installation.
D:\WCSServer\install.bat -console
After installation, you can configure Workplace Collaboration Services as needed
for your site.
Related tasks
“Windows: Next steps” on page 130
Related reference
“Pre-installation checklist” on page 39
i5/OS: Installing using the console interface:
Chapter 3 Installing IBM Workplace Collaboration Services
149
Follow these steps to install IBM Workplace Collaboration Services using the
console interface on IBM i5/OS.
1. Prepare to run the installation program.
2. Insert the Workplace Collaboration Services installation DVD into the optical
drive of your IBM System i server.
3. Start the QShell Interpreter by entering the following:
STRQSH
4. Change to the system root directory by entering the following:
cd /
5. Start installation of Workplace Collaboration Services by entering the following:
/qopt/C88LBML/WCSServer/install.sh
After installation, you can configure Workplace Collaboration Services as needed
for your site.
Related tasks
“i5/OS: Next steps” on page 140
Installing from a response file
Follow the steps for your operating system to run an unattended installation of
IBM Workplace Collaboration Services:
v IBM AIX, Linux, and Sun Solaris
v Microsoft Windows
v IBM i5/OS
AIX, Linux, and Solaris: Installing from a response file:
Create a response file and enter the parameters for the installation you want to
create. Then follow these steps to install IBM Workplace Collaboration Services
with the response file on IBM AIX, Linux, and Sun Solaris.
1. Prepare to run the installation program. For more information, see Chapter 3.
2. Log in to the server as a user with administrative privileges.
3. Insert the Workplace Collaboration Services installation DVD.
4. Change to the WCSServer directory of the installation DVD.
5. Enter the appropriate command to start installation.
Provide the full path name and file name for the response file you created.
AIX
./usr/WCSServer/install.sh -options /path/response_file -silent
Linux
./opt/WCSServer/install.sh -options /path/response_file -silent
Solaris
./opt/WCSServer/install.sh -options /path/response_file -silent
After installation, you can configure Workplace Collaboration Services as needed
for your site.
Related tasks
“AIX, Linux, and Solaris: Next steps” on page 118
Related reference
“Response file parameters for an unattended installation” on page 151
150
Clustered-server Deployment Guide
Windows: Installing from a response file:
Create a response file and enter the parameters for the installation you want to
create. Then follow these steps to install IBM Workplace Collaboration Services
with the response file onMicrosoft Windows.
1. Prepare to run the installation program. For more information, see Chapter 3.
2. Log in to the server as a user with administrative privileges.
3. Insert the Workplace Collaboration Services installation DVD.
4. Change to the WCSServer directory of the installation DVD.
5. Enter the appropriate command to start installation.
Provide the full path name and file name for the response file you created.
install.bat -options path\response_file -silent
After installation, you can configure Workplace Collaboration Services as needed
for your site.
Related tasks
“Windows: Next steps” on page 130
Related reference
“Response file parameters for an unattended installation”
i5/OS: Installing from a response file:
Create a response file and enter the parameters for the installation you want to
create. Then follow these steps to install using a response file on IBM i5/OS.
Note: Installation with a response file can be performed remotely from a Microsoft
Windows workstation or locally on the IBM System i server. These
instructions are for a local install. To install remotely from a Windows
workstation, follow the previous instructions for Windows using the
command install400.bat instead of install.bat.
1. Prepare to run the installation program. For more information, see Chapter 3.
2. Insert the Workplace Collaboration Services installation DVD.
3. Fill in the response file with information appropriate for your environment and
save it to a location on your server.
4. Start the QShell Interpreter by entering the following:
STRQSH
5. Change to the system root directory by entering the following:
cd /
6. Start installation of Workplace Collaboration Services by entering the following:
/qopt/C88LBML/WCSServer/install.sh -options path/response_file
where path/response_file is the directory path and file name of your response file.
After installation, you can configure Workplace Collaboration Services as needed
for your site.
Related tasks
“i5/OS: Next steps” on page 140
Related reference
“Response file parameters for an unattended installation”
Response file parameters for an unattended installation:
Chapter 3 Installing IBM Workplace Collaboration Services
151
The response file contains the information you provide directly when you install
IBM Workplace Collaboration Services, through either the installation screens or
the command console. When you install with a response file, the installation
program determines your installation choices from the response file.
You must supply the parameters in the following table in your response file. The
first column shows each parameter with its default value. The second column
describes the parameter and provides possible values for it. All values must be
enclosed in double quotes ( ″″ ). Note that if a required parameter is not specified
in this response file, an error message displays.
Parameter
Description
-silent
Unattended installation choice
This parameter runs the installation without the graphical
interface.
If you want to use a response file and continue to show
the graphical interface and user input prompts, comment
out this parameter.
-W offeringsPanel.offerings=
″value″
Product offering selection
Specify the products that you have licensed. This option
accepts a comma-delimited list of offering IDs:
learning - IBM Workplace Collaborative Learning
designer - IBM Lotus Workplace Designer
docmgt - IBM Workplace Documents
msg - IBM Workplace Messaging
team - IBM Workplace Team Collaboration™
all - IBM Workplace Collaboration Services
mgdclient - IBM Workplace Managed Client
wccm - Software prerequisites for IBM Workplace Web
Content Management™
Examples:
-W offeringsPanel.offerings=learning,msg,team
-W offeringsPanel.offerings=learning,designer,docmgt,
msg,team,all,mgdclient,wccm
152
Clustered-server Deployment Guide
Parameter
Description
-W product.location=″value″
Installation directory (for IBM AIX, Linux, Sun Solaris,
and Microsoft Windows)
Specify the directory where you want to install Workplace
Collaboration Services, following the convention for
specifying path information on your platform.
If you are installing on IBM i5/OS, leave this value blank.
Oni5/OS, product files are always installed to the
directory QIBM/Lotus/WorkplaceServer/WCS26.
Examples:
AIX
-W product.location=″/usr/IBM/Workplace″
Linux and Solaris
-W product.location=″/opt/IBM/Workplace″
Windows
-W product.location=″c:\Program Files\IBM\Workplace″
-W singleOrNdPanel.choice=
″value″
Installation type
Specify whether this installation is a non-clustered or a
clustered deployment using the following choices:
single - non-clustered deployment
nd - clustered deployment
-W
nodeOrDmPanel.nodeOrDm
=″″value″
Clustered Deployment Installation Type
If you selected a clustered deployment installation type,
specify whether this installation is for the Deployment
Manager server or one of the nodes.
dm - the Deployment Manager server
node - a node
-W node.hostName=″value″
Workplace software server host name
Specify the fully qualified host name or IP address of the
computer running Workplace Collaboration Services; for
example, ″workplace.acme.com.″
-W admin.user=″value″
-W admin.password=″value>″
-W admin.passwordConfirm=
″value″
Workplace Collaboration Services administrator name and
password
Provide a name for the administrator and then provide a
password and confirm the password. If you plan to
connect to an existing LDAP directory, this user name and
password must already exist in your user directory.
Chapter 3 Installing IBM Workplace Collaboration Services
153
Parameter
Description
-W
os400serverCd.cdPath=″value″
Workplace Collaboration Services install media location
(i5/OS ONLY)
Specify the directory path to Workplace Collaboration
Services media. For an i5/OS remote install, this is the
path to the CD-ROM drive on the Windows system (for
example, D:\).
Example:
/qopt/cd-root/LWPMedia
-W instance.instname=″value″
Workplace Collaboration Services instance name (for
i5/OS)
Specify the name of the Workplace Collaboration Services
instance to be created.
Example:
-W instance.instname=″myinstance″
-W port.enterports=″value″
Workplace Collaboration Services instance port range (for
i5/OS)
Specify the first of 50 consecutive ports to be used by the
Workplace software server.
Example:
-W port.enterports=″30501″
(In this example, ports 30501-30550 would be used.)
-W dmAdminPanel.user=
″value″
-W dmAdminPanel.password=
″value″
-W dmAdminPanel.password
Confirm =″value″
Deployment Manager installation settings
If you are installing on a Deployment Manager server in a
clustered deployment, specify the Deployment Manager
administrator credentials, Deployment Manager location,
node name, cell name, and location of Workplace
Collaboration Services installation files and Deployment
Manager installation files.
-W
Example:
dmLocationPanel.dmLocation=
″value″
-W dmAdminPanel.user=″dmAdmin″
-W dmInfoPanel.nodename=
″value″
-W dmInfoPanel.cellname=
″value″
-W dmAdminPanel.password=″dmAdminPassword″
-W
dmAdminPanel.passwordConfirm=″dmAdminPassword″
-W dmLocationPanel.dmLocation =″/opt/WebSphere/
DeploymentManager″
-W dmInfoPanel.nodename=″nodeManager″
-W dmInfoPanel.cellname=″cellNetwork″
154
Clustered-server Deployment Guide
Parameter
Description
-W
dmDbChoicePanel.dbChoice=
″value″
Deployment Manager database settings
-W
dmDbAppUserPanel.username
= ″value″
If you are installing on a Deployment Manager server in a
clustered deployment, specify the following database
properties according to your Deployment Manager (DM)
installation.
Valid dbChoice values are:
-W
dmDbAppUserPanel.password
=″value″
db2, db2iSeries, oracle, mssql
-W dmDbAppUserPanel.
confirmpassword =″value″
-W dmDbChoicePanel.dbChoice=″db2″
-W dmDbConnInfoPanel.
driverclass =″value″
-W dmDbConnInfoPanel.
driverlibrary =″value″
-W
dmDbConnInfoPanel.dbname
=″value″
-W dmDbConnInfoPanel.
jdbcurl =″value″
Examples:
-W dmDbAppUserPanel.username=″dbAdmin″
-W dmDbAppUserPanel.password= ″dbAdminPassword″
-W dmDbAppUserPanel.confirmpassword=
″dbAdminPassword″
-W dmDbConnInfoPanel.driverclass=
″COM.ibm.db2.jdbc.app.DB2Driver″
-W dmDbConnInfoPanel.driverlibrary=
″D:/IBM/SQLLIB/java/db2java.zip″
-W dmDbConnInfoPanel.dbname=″wps50″
-W dmDbConnInfoPanel.jdbcurl=″jdbc:db2:wps50″
Attention: You should not store actual user names and passwords in the response
file. The response file is not encrypted, so it can be read by anyone who can access
this file. When you want to run an installation using the file, insert the correct
values for all user names and passwords. After the installation is complete, remove
the user names and passwords.
Related tasks
“Installing from a response file” on page 150
Chapter 3 Installing IBM Workplace Collaboration Services
155
156
Clustered-server Deployment Guide
Chapter 4 Connecting to an LDAP Directory Server
This chapter provides information on connecting IBM Workplace Collaboration
Services to an LDAP directory server.
Phase 4: Connecting to an LDAP directory server
Before connecting to an LDAP directory server, read the Phase 1 topic “User
registry considerations” on page 28. When you are ready to connect to an LDAP
directory server, see the topic below that is appropriate for your directory server
type:
v “Connecting to IBM Tivoli Directory Server”
v “Connecting to Domino Directory” on page 168
v “Connecting to Active Directory” on page 182
v “Connecting to Sun Java System Directory Server” on page 193
v “Connecting to Novell eDirectory” on page 205
Note: Skip this phase if you used the i5/OS Create IBM Workplace Collaboration
Services wizard to connect to an LDAP directory server. The i5/OS Create
IBM Workplace Collaboration Services wizard is available only for IBM
i5/OS non-clustered environments.
Related concepts
“Optional post-installation tasks” on page 481
Connecting to IBM Tivoli Directory Server
Perform the following steps to configure IBM Workplace Collaboration Services to
use IBM Tivoli Directory Server:
Note: Workplace Collaboration Services performance issues may arise when you
use IBM Tivoli Directory Server 5.1 for iSeries and the directory contains
more than 10,000 user accounts. For better performance, use a different
LDAP directory server if there are a large number of user accounts in the
directory.
1. “Creating administrative accounts for IBM Tivoli Directory Server.”
2. “Indexing the IBM Tivoli Directory Server LDAP database” on page 158.
3. “Editing the helper file for IBM Tivoli Directory Server” on page 159.
4. “Enabling LDAP security for IBM Tivoli Directory Server” on page 164.
5. Optional: “Configuring read-only access to IBM Tivoli Directory Server” on
page 167.
6. “Verifying the IBM Tivoli Directory Server configuration” on page 167.
Related concepts
“Phase 4: Connecting to an LDAP directory server”
Creating administrative accounts for IBM Tivoli Directory Server
Create the following required administrative accounts in the LDAP directory before
you enable LDAP security. See your directory server documentation for
instructions. Each account corresponds to properties that you specify in the helper
file and in the wizard.
© Copyright IBM Corp. 2002, 2006
157
LDAP account
Related properties in helper file and
wizard
IBM WebSphere Application Server
administrator. This can be the same as the
IBM WebSphere Portal Server administrator.
Make sure this account has at least read
access to the directory.
WasUserid
WebSphere Portal Server administrator.
PortalAdminId
WasPassword
Note: Make sure that this account contains a PortalAdminIdShort
value for the mail attribute and has at least
PortalAdminPwd
read access to the directory. Otherwise
enabling LDAP security will fail.
Do not use the following characters in the
password (PortalAdminPwd) because they
can cause authentication failures:
!()@#$%
WebSphere Portal Server administrator
PortalAdminGroupId
group. This group must include the name of
PortalAdminGroupIdShort
the WebSphere Portal Server administrator
and the WebSphere Application Server
administrator. The group must define its
user and group members using the
members’ distinguished names.
Note: Make sure this account has at least
read access to the directory.
Name that WebSphere Portal Server and
LDAPAdminUId
IBM WebSphere Member Manager use to
bind to the LDAP directory. The access level LDAPAdminPwd
given this name controls the access that IBM
Workplace Collaboration Services has to the
directory.
Note: Make sure that this account has at
least read access to the directory, otherwise
enabling LDAP security will fail. Limit this
account to read-only access if you want to
prevent users from using the Sign-up link to
register accounts in the directory, and from
using the Edit My Profile link to change
attributes in the directory, such as their
e-mail addresses.
Name that WebSphere Application Server
uses to bind to the LDAP directory.
Note: Make sure that this account has at
least read access to the directory, otherwise
enabling LDAP security can fail.
LDAPBindID
LDAPBindPassword
Related tasks
“Indexing the IBM Tivoli Directory Server LDAP database”
“Connecting to IBM Tivoli Directory Server” on page 157
Indexing the IBM Tivoli Directory Server LDAP database
Perform the following required steps to index the mail table in the IBM DB2
Universal Database database used by IBM Tivoli Directory Server. Adding this
index to the mail table improves Address Book look up features in IBM Workplace
Collaboration Services products.
158
Clustered-server Deployment Guide
Note: In addition to the mail table, index the cn, displayName, givenName, and sn
attribute tables, if they are not already indexed.
1. Log in as the LDAP database owner:
a. Make sure that the $DB2INSTANCE variable (AIX, Linux, and Solaris) or
the %DB2INSTANCE% variable (Microsoft Windows) is set to your LDAP
database instance.
Tip: If you are not sure which DB2 Universal Database instance is set to
your LDAP database instance, use the db2 db2ilist command to list the
instances.
b. Use the LDAP database owner login account to log in as the LDAP
database owner. Alternatively, on AIX, Linux, and Solaris, type the
following command:
su - dbowner
where dbowner is the database owner, for example, ldapdb2.
2. Type the following command to connect to the LDAP database:
db2 "connect to ldapdatabase"
where ldapdatabase is the name of the database, for example ldapdb2.
3. Type the following command to index the mail table:
db2 "create index maili2 on mail(mail_t,eid)"
Related tasks
“Editing the helper file for IBM Tivoli Directory Server”
“Connecting to IBM Tivoli Directory Server” on page 157
Editing the helper file for IBM Tivoli Directory Server
Use a helper file to aid in enabling LDAP security. Make a backup copy of the
helper file, then edit the helper file, providing values for directory properties that
are appropriate for your LDAP directory environment. When you run the
Configuration Wizard to enable LDAP security, the wizard reads the values in the
helper file, which you can then verify and correct if necessary.
v It’s best if someone with advanced knowledge of LDAP concepts and
administration who is familiar with your directory environment edits the helper
file and enables LDAP security.
v The helper file and the table in this topic provide example values for some
directory properties. Do not assume the example values are correct for your
environment; you must evaluate each property to determine the appropriate
value for your environment.
v Ignore the steps described in the ″How to use this file″ section of the helper file.
v Ignore any properties in the helper file that are not described in the table in this
topic.
To edit the helper file:
1. Make a backup copy of the IBM Tivoli Directory Server helper file,
portal_server_root/config/helpers/security_ibm_dir_server.properties
2. With a text editor, open the security_ibm_dir_server.properties file, specify
values for properties as described in the following table, and then save and
close the file.
Chapter 4 Connecting to an LDAP Directory Server
159
Property
Description
IBM WebSphere Application
Server properties
WasUserid
The distinguished name in the LDAP directory for
the WebSphere Application Server administrator. This
can be the same name as the IBM WebSphere Portal
Server administrator (PortalAdminId). This name
must be a member of the WebSphere Portal Server
administrators group defined by the
PortalAdminGroupId property. Make sure this
account has at least read access to the directory.
Example: uid=wasadmin,cn=users,dc=acme,dc=com
WasPassword
The password for the WasUserid name. As a security
measure, do not type the password in the helper file.
Type the password when you run the wizard.
WpsHostName
The host name for the WebSphere Portal Server. Type
localhost.
IBM WebSphere Portal Server
configuration properties
PortalAdminId
The distinguished name of the WebSphere Portal
Server administrator in the LDAP directory. This
name must be a member of the WebSphere Portal
Server administrators group defined by the
PortalAdminGroupId property.
Note: Make sure that this account contains a value
for the mail attribute and has at least read access to
the directory. Otherwise enabling LDAP security will
fail.
Example: uid=portaladmin,cn=users,dc=acme,dc=com
PortalAdminIdShort
The short form of the WebSphere Portal Server
administrator name.
Example: portaladmin
PortalAdminPwd
Password for the WebSphere Portal Server
administrator. As a security measure, do not type the
password in the helper file. Type the password when
you run the wizard.
Note: Do not include the following characters in the
password because they can cause authentication
failures:
[email protected]()#$%
PortalAdminGroupId
The distinguished name of the WebSphere Portal
Server administrators group in the LDAP directory to
which the WebSphere Portal Server administrator and
the WebSphere Application Server administrator
belong. This group must define its user and group
members using the members’ distinguished names.
Make sure this account has at least read access to the
directory.
Example:
cn=portaladmins,cn=groups,dc=acme,dc=com
160
Clustered-server Deployment Guide
Property
Description
PortalAdminGroupIdShort
The short form of the WebSphere Portal Server
administrators group name.
Example: portaladmins
WebSphere Portal Server security
properties
LTPAPassword
The password used to encrypt and decrypt the LTPA
keys. As a security measure, do not type the
password in the helper file. Type the password when
you run the wizard.
LTPATimeout
Time period in minutes at which an LTPA token
expires.
Example: 120
SSOEnabled
Indicates whether single sign-on is enabled (true or
false).
SSORequiresSSL
Indicates whether single sign-on is enabled only for
Secure Socket Layer (SSL) connections. Type false. If
you want to configure SSL, do so only after you have
enabled LDAP security and verified the LDAP
directory configuration.
SSODomainName
The domain name for all single sign-on hosts.
Example: acme.com
General global security properties
useDomainQualifiedUserNames
Indicates whether to qualify user names with the
security domain within which they reside (true or
false). The default value (false) is recommended for
most environments.
cacheTimeout
Timeout for the security cache. The default value
(600) is recommended for most environments.
issuePermissionWarnings
Indicates whether during application deployment and
application start, the security run time emits a
warning if applications are granted any custom
permissions (true or false). The default value (true) is
recommended for most environments.
activeProtocol
The authentication protocol for RMI/IIOP requests
when security is enabled. The default value (BOTH)
is recommended for most environments.
activeAuthmechanism
The authentication mechanism when security is
enabled. The default value (LTPA) is recommended
for most environments.
LDAP properties
LDAPHostName
The host name for your LDAP server.
Example: ldap.acme.com
LDAPPort
The LDAP server port number. Typically you type
389. Do not type a port used for SSL connections, for
example, 636. If you want to configure an SSL port
for LDAP, do so after you have enabled LDAP
security and verified the LDAP directory
configuration.
Chapter 4 Connecting to an LDAP Directory Server
161
Property
Description
LDAPAdminUId
The distinguished name in the LDAP directory that
WebSphere Portal Server and IBM WebSphere
Member Manager use to bind to the directory. The
level of access given this name determines the level
of access that IBM Workplace Collaboration Services
has to the directory. This name does not have to
contain a uid attribute.
Note: Make sure that this account has at least read
access to the directory, otherwise enabling LDAP
security will fail. Limit this account to read-only
access if you want to prevent users from using the
Sign-up link to register accounts in the directory, and
from using the Edit My Profile link to change
attributes in the directory, such as their e-mail
addresses.
Example: uid=ldapadmin,cn=users,dc=acme,dc=com
LDAPAdminPwd
The password for the name assigned to the
LDAPAdminUId property. As a security measure, do
not type the password in the helper file. Type the
password when you run the wizard.
LDAPServerType
Do not change, leave as IBM_DIRECTORY_SERVER.
LDAPBindID
Distinguished name that WebSphere Application
Server uses to bind to the directory.
Example: uid=wpsbind,cn=users,dc=acme,dc=com
Note: Make sure that this account has at least read
access to the directory, otherwise enabling LDAP
security can fail.
LDAPBindPassword
The password for the LDAPBindID name. As a
security measure, do not type the password in the
helper file. Type the password when you run the
wizard.
Advanced LDAP properties
LDAPSuffix
The location in the directory tree at which to begin
searches for user and group names.
Example: dc=acme,dc=com
LDAPUserPrefix
The leftmost attribute of user names in the directory.
Example: uid
LDAPUserSuffix
The location in the directory tree at which to begin
searches for user names. Make sure that the names
specified for WasUserID, PortalAdminID,
LDAPAdminUId, and LDAPBindID are under this
location or enabling LDAP security will fail.
Example: cn=users
Do not append the LDAPSuffix value as part of this
value. For example, do not type
cn=users,dc=acme,dc=com.
LDAPGroupPrefix
The leftmost attribute of group names in the
directory.
Example: cn
162
Clustered-server Deployment Guide
Property
Description
LDAPGroupSuffix
The location in the directory tree at which to begin
searches for group names.
Example: cn=groups
Do not append the LDAPSuffix value as part of this
value. For example, do not type
cn=groups,dc=acme,dc=com.
LDAPUserObjectClass
The object class used for users.
Example: inetOrgPerson
LDAPGroupObjectClass
The object class used for groups.
Example: groupOfUniqueNames
LDAPGroupMember
The attribute used for the members of groups.
Example: uniqueMember
LDAPUserFilter
The filter used to search for user accounts. The filter
must include the following text:
(&(|(userprefix=%v)(mail=%v))(objectclass=
userobjectclass))
where userprefix is the value specified for the
LDAPUserPrefix property and userobjectclass is the
value specified for the LDAPUserObjectClass
property.
Example: (&(|(uid=%v)(mail=
%v))(objectclass=inetOrgPerson))
LDAPGroupFilter
The filter used to search for groups accounts. The
filter must include the following text:
(&(groupprefix=%v)(objectclass=
groupobjectclass))
where groupprefix is the value specified for the
LDAPGroupPrefix property and groupobjectclass is the
value specified for the LDAPGroupObjectClass
property.
Example: (&(cn=
%v)(objectclass=groupOfUniqueNames))
LDAPGroupMinimumAttributes
Attributes loaded for group searches and related to
performance. Leave this property blank.
LDAPUserBaseAttributes
Attributes loaded for user login related to
performance. Type givenName,sn,preferredLanguage.
Also type the following values to allow users, for
example calendar users, to set international time and
date preferences in the Edit My Profile page:
,ibm-regionalLocale,ibm-timeZone,
ibm-preferredCalendar,ibm-firstDayOfWeek,
ibm-firstWorkDayOfWeek
LDAPUserMinimumAttributes
Attributes loaded for user searches and related to
performance. Leave this property blank.
Chapter 4 Connecting to an LDAP Directory Server
163
Property
Description
LDAPsearchTimeout
Value in seconds for the amount of time the LDAP
server has to respond before canceling a request.
Example: 120
LDAPreuseConnection
Indicates whether LDAP connections are reused (true
or false). If your environment uses a frontend server
to spray requests to multiple backend LDAP
directory servers, type false. If your environment
does not use an intermediate server but instead
authenticates directly with the LDAP directory server,
type true.
LDAPIgnoreCase
Indicates whether LDAP searches ignore character
case (true or false).
Related tasks
“Enabling LDAP security for IBM Tivoli Directory Server”
“Connecting to IBM Tivoli Directory Server” on page 157
Enabling LDAP security for IBM Tivoli Directory Server
Perform the following steps to use the Configuration Wizard to disable IBM
WebSphere Application Server global security, and then to enable LDAP security.
These steps assume you are running the Configuration Wizard using the graphical
user interface. If you are using the console interface, to advance in the wizard, type
the number the wizard indicates rather than click Next. Online help is not
available in console mode.
1. Make sure you have made a backup copy of the
security_ibm_dir_server.properties helper file, and have edited the helper file
to accommodate your directory environment, as explained in the topic
“Editing the helper file for IBM Tivoli Directory Server” on page 159.
2. Start your LDAP directory server.
3. Verify that the account specified for the PortalAdminId property includes a
value for the mail attribute. Use an ldap search tool also to verify that you can
bind and return objects using the accounts specified for the PortalAdminId,
LDAPAdminUId, and LDAPBindID properties.
4. Start Cloudscape Network Server and WebSphere Application Server, and stop
IBM WebSphere Portal Server and Mail_Server_1, as explained in “Starting
and stopping IBM Workplace Collaboration Services servers” on page 145.
5. Start the Configuration Wizard as described in the appropriate topic for your
operating system:
v “AIX, Linux, and Solaris: Starting the Configuration Wizard” on page 111
v “Windows: Starting the Configuration Wizard” on page 123
v “i5/OS: Starting the Configuration Wizard” on page 142
6. At the Select the configuration task that you want to perform dialog box in
the Configuration Wizard, click Disable security, and then click Next.
7. At the WebSphere Application Server global security is enabled. Enter the
user ID and password to be used for Websphere Application Server
administration dialog box, type the administrator name and password
specified during IBM Workplace Collaboration Services installation, and then
click Next.
8. At the Please enter an appropriate properties file location dialog box, type
the path and file name for the wpconfig.properties file, located in the
164
Clustered-server Deployment Guide
portal_server_root/config directory. For example, type /opt/IBM/Workplace/
PortalServer/config/wpconfig.properties.
Note: Do not type the path and file name of the LDAP directory helper file
you edited previously. You will provide that path and file name later in
the procedure when you enable LDAP security.
9. Verify that the next dialog box contains the values indicated in the following
table, then click Next. Do not leave any of the properties blank.
Property
Action
PortalAdminID
Verify that the value is uid=admin,o=default organization, where
admin is the administrator name specified during Workplace
Collaboration Services installation.
PortalAdminIdShort
Verify that the value is the administrator name specified during
Workplace Collaboration Services installation.
PortalAdminPwd
Type the administrator password that you specified during
Workplace Collaboration Services installation.
PortalAdminGroupId
Verify that the value is cn=wpsadmins,o=default organization.
DbPassword
Accept the default hidden password value.
WmmDbPassword
Accept the default hidden password value.
10. At the The Configuration Wizard is ready to run the following
configuration: Disable security dialog box, click Next to disable security. See
the progress bar and wait for the wizard to finish.
11. If you see the The following configuration has completed successfully:
Disable security dialog box, skip to the next step. If disabling security is not
successful, perform the following steps:
a. Click Finish.
b. Correct errors. Open the configwizard.log and configwizardlog.txt files to
help you troubleshoot errors and determine the correct values:
v portal_server_root/log/configwizard.log.
v portal_server_root/log/configwizardlog.txt.
Note: The Configuration Wizard creates a configwizard.log file for any
task it runs. To help distinguish log information for a disable
security task from another task, the wizard copies the contents of
the configwizard.log generated by the disable security task to the
file disable-security.log.
c. Repeat steps 6 through 11 to disable security.
12. Verify that Cloudscape Network Server is running, and that WebSphere
Application Server, IBM WebSphere Portal Server, and Mail_Server_1 are not
running, as explained in “Starting and stopping IBM Workplace Collaboration
Services servers” on page 145.
13. Click Run Wizard Again.
14. At the Select the configuration task that you want to perform dialog box,
click Enable LDAP security, and then click Next.
15. At the Select the LDAP type to use for authentication dialog box, click IBM
Directory Server, and then click Next.
16. At the Please enter your helper properties file location dialog box, type
portal_server_root/config/helpers/security_ibm_dir_server.properties, and then
click Next.
Chapter 4 Connecting to an LDAP Directory Server
165
17. Advance through the wizard.
v At each stage, verify the values the wizard reads from the helper file, and
correct values if necessary. Accurate values are essential for proper LDAP
directory configuration.
v Remember to type the required passwords, which you did not type in the
helper file.
v The wizard may not read the domain name specified for the
SSODomainName property from the helper file. In this case, be sure to type
the SSO domain name again in the wizard.
v If an error prevents you from advancing in the wizard, refer to the
portal_server_root/log/configwizard.log file and the portal_server_root/log/
configwizardlog.txt file to help you troubleshoot the problem.
18. Near the end of the wizard, type values for the following properties, and then
click Next. These properties are not included in the helper file.
Property
Action
WmmDbPassword
Type any text but do not leave the property blank.
DbPassword
Type any text but do not leave the property blank.
LWPDBAdminPassword
Type any text but do not leave the property blank.
19. At the The Configuration Wizard is ready to run the following
configuration: Enable LDAP security dialog box, click Next to run the
wizard. See the progress bar and wait for the wizard to finish.
20. If you see the dialog box that says The following configuration has
completed successfully: Enable LDAP security, click Finish to exit the
wizard, then skip to the next step. If enabling security is not successful,
perform the following steps:
a. Click Finish.
b. Correct any incorrect values in your helper file. Open the configwizard.log
and configwizardlog.txt files to help you troubleshoot errors and
determine the correct values:
v portal_server_root/log/configwizard.log.
v portal_server_root/log/configwizardlog.txt.
Note: The Configuration Wizard creates a configwizard.log file for any
task it runs. To help distinguish log information for an enable
security task from another task, the wizard copies the contents of
the configwizard.log generated by the enable security task to the file
enable-security.log.
c. Repeat all of the previous steps in this topic to disable security and enable
LDAP security.
21. To allow WebSphere Portal Server to communicate with a front-end LDAP
server that manages requests in a clustered directory environment, complete
the following manual steps:
Note: If you transfer to a different database management system (DBMS) after
enabling LDAP security, you must repeat these steps after you complete
the DBMS transfer, because the DBMS transfer overwrites the changes
in the wmm.xml file.
a. With a text editor, open the portal_server_root/shared/app/wmm/
wmm.xml file.
166
Clustered-server Deployment Guide
b. Add the following line to the ldapRepository name=″wmmLDAP″ tag,
directly after the ldapPort= line:
java.naming.referral="follow"
c. Save the file.
Note: Workplace Collaboration Services does not support LDAP referrals.
Related tasks
“Configuring read-only access to IBM Tivoli Directory Server”
“Editing the helper file for IBM Tivoli Directory Server” on page 159
“Connecting to IBM Tivoli Directory Server” on page 157
Configuring read-only access to IBM Tivoli Directory Server
Perform the following optional steps to configure read-only access to the LDAP
directory. Read-only access prevents users from using the Sign-up and Edit My
Profile links in the IBM WebSphere Portal Server page to register themselves in the
directory and to change personal attributes in the directory, such as e-mail
addresses.
If you use IBM Tivoli Directory Server with WebSphere Edge Server, use of the
Sign-up link can cause authentication problems. For this environment, configure
read-only directory access.
1. Give the account name you specified for the LDAPAdminUId property when
you enabled LDAP security read-only access to the directory.
2. Perform the following steps to remove the Sign-up and Edit My Profile links
from the WebSphere Portal Server page:
a. Stop the WebSphere Portal Server.
b. Change to the portal_server_root/config directory.
c. Type the following command:
AIX, Linux, Solaris
./WPSconfig.sh action-fixup-signup-link
Microsoft Windows
WPSconfig.bat action-fixup-signup-link
IBM i5/OS
WPSconfig.sh action-fixup-signup-link
Related tasks
“Verifying the IBM Tivoli Directory Server configuration”
“Connecting to IBM Tivoli Directory Server” on page 157
Verifying the IBM Tivoli Directory Server configuration
Perform the following steps to verify the IBM Tivoli Directory Server configuration.
1. Log in to the server machine as a user with administrative privileges.
2. Open a command prompt (QShell session on IBM i5/OS).
3. Navigate to the portal_server_root/rootscripts directory.
4. Start Workplace Collaboration Services with the following command:
AIX, Linux, Solaris
./startWorkplaceServices.sh
Microsoft Windows
startWorkplaceServices.bat
i5/OS
Chapter 4 Connecting to an LDAP Directory Server
167
startWorkplaceServices.sh
5. Type the following URL in a Web browser to start the IBM WebSphere
Administrative Console:
AIX, Linux, Solaris, Windows
http://hostname:9091/admin
where hostname is the fully qualified name of the server.
i5/OS
http://hostname:admin_port/admin
where hostname is the fully qualified name of the server and admin_port is the
base port number for the instance, plus 10. For example, if you specified 30000
as your base port number, the WebSphere Administrative Console port would
be port 30010.
6. Test that you can log in as the IBM WebSphere Application Server
administrator.
For information on configuring Secure Sockets Layer (SSL) over LDAP, see the IBM
Workplace Collaboration Services Information Center.
Related concepts
“Optional post-installation tasks” on page 481
Related tasks
“Connecting to IBM Tivoli Directory Server” on page 157
Connecting to Domino Directory
Perform the following steps to configure IBM Workplace Collaboration Services to
use Domino Directory:
1. “Adding dominoUNID to the Domino Directory schema.” This step is
necessary only if you use a IBM Lotus Domino Enterprise Server version that
is earlier than 6.5.4.
2. “Creating administrative accounts for Domino Directory” on page 169.
3. “Configuring e-mail addresses for Domino Directory groups” on page 170.
4. Optional: “Configuring write access to the Domino Directory” on page 171.
5. Optional: “Configuring directory assistance” on page 172.
6. “Creating a full-text index on the Domino Directory” on page 172.
7. “Editing the helper file for Domino Directory” on page 173.
8. “Enabling LDAP security for Domino Directory” on page 178.
9. Optional: “Configuring read-only access to Domino Directory” on page 181.
10. “Verifying the Domino Directory configuration” on page 181.
Related concepts
“Phase 4: Connecting to an LDAP directory server” on page 157
Adding dominoUNID to the Domino Directory schema
IBM WebSphere Member Manager requires unique IDs in the LDAP directory to
identify users and groups. If you use Domino Directory, dominoUNID is the
recommended attribute to use for the unique IDs. If you use a version of Domino
that is earlier than 6.5.4, perform the following steps to add the dominoUNID
attribute to the directory schema. Then, after you use the Configuration Wizard to
enable security, WebSphere Member Manager automatically uses dominoUNID as
168
Clustered-server Deployment Guide
the unique ID attribute. If you use Domino version 6.5.4 or later, dominoUNID is
part of the Domino Directory schema by default and it is not necessary to complete
these steps.
This procedure assumes you have an understanding of customizing the Domino
Directory and of extending the LDAP schema. See Domino Administrator Help for
more information on these tasks. The recommended method for customizing the
Domino Directory is making changes in a copy of the Domino Directory template
and then applying the changes to the Domino Directory database.
1. Log in to Domino Designer using the name and password of a server
administrator.
2. Add a field named dominoUNID to the Person, Group, and Server\Certifier
forms in the Domino Directory. Specify the Type as Text and Computed when
Composed. Do not select the Allow multiple values property. Specify the
following formula for the field:
@If(dominoUNID != ""; dominoUNID; @Text(@DocumentUniqueID))
3. To add the dominoUNID field to the schema, type the following command
from the IBM Lotus Domino server console:
tell ldap reloadschema
4. Domino automatically populates the dominoUNID attribute in new Person,
Group, and Server\Certifier documents. To create a Domino agent that
populates the attribute in existing Person, Group, and Server\Certifier
documents, follow these steps:
a. Open the Domino Directory database (NAMES.NSF).
b. Click Create → Design → Agent.
c. Type a name for the agent.
d. In the Runtime box, select the following options: On event, Action menu
selection, and Target All selected documents.
e. Close the properties box.
f. In the Objects pane, click Action.
g. From the list, select Formula and type the following formula:
FIELD dominoUNID := @If(dominoUNID != ""; dominoUNID;
@Text(@DocumentUniqueID));
h. In the Objects pane, click Document Selection.
i. Click Add Condition, select By Form as the condition, select the Group,
Person, and Server\Certifiers forms, and then click Add.
j. Save the agent.
k. Right-click the agent in the agent view, click Design Properties, click the
third tab, and click Prohibit design refresh or replace to modify.
l. To run the agent, select Actions from the IBM Lotus Notes menu.
5. Repeat Step 1 through Step 4 for any additional Domino Directories configured
through directory assistance.
Related tasks
“Creating administrative accounts for Domino Directory”
“Connecting to Domino Directory” on page 168
Creating administrative accounts for Domino Directory
Create the following required administrative accounts in the LDAP directory before
you enable LDAP security. See your directory server documentation for
instructions. Each account corresponds to properties that you specify in the helper
file and in the wizard.
Chapter 4 Connecting to an LDAP Directory Server
169
LDAP account
Related properties in helper file and
wizard
IBM WebSphere Application Server
administrator. This can be the same as the
IBM WebSphere Portal Server administrator.
Make sure this account has at least read
access to the directory.
WasUserid
WebSphere Portal Server administrator.
PortalAdminId
WasPassword
Note: Make sure that this account contains a PortalAdminIdShort
value for the mail attribute and has at least
PortalAdminPwd
read access to the directory. Otherwise
enabling LDAP security will fail.
Do not use the following characters in the
password (PortalAdminPwd) because they
can cause authentication failures:
!()@#$%
WebSphere Portal Server administrator
PortalAdminGroupId
group. This group must include the name of
PortalAdminGroupIdShort
the WebSphere Portal Server administrator
and the WebSphere Application Server
administrator. The group must define its
user and group members using the
members’ distinguished names.
Note: Make sure this account has at least
read access to the directory.
Name that WebSphere Portal Server and
LDAPAdminUId
IBM WebSphere Member Manager use to
bind to the LDAP directory. The access level LDAPAdminPwd
given this name controls the access that IBM
Workplace Collaboration Services has to the
directory.
Note: Make sure that this account has at
least read access to the directory, otherwise
enabling LDAP security will fail. Limit this
account to read-only access if you want to
prevent users from using the Sign-up link to
register accounts in the directory, and from
using the Edit My Profile link to change
attributes in the directory, such as their
e-mail addresses.
Name that WebSphere Application Server
uses to bind to the LDAP directory.
Note: Make sure that this account has at
least read access to the directory, otherwise
enabling LDAP security can fail.
LDAPBindID
LDAPBindPassword
Related tasks
“Configuring e-mail addresses for Domino Directory groups”
Connecting to Domino Directory
Configuring e-mail addresses for Domino Directory groups
If Group documents in the Domino Directory do not contain Internet addresses,
create a Global Domain Document in the Domino Directory to ensure that the
messaging server can send mail to groups:
170
Clustered-server Deployment Guide
1. From the Domino Administrator, click Configuration, and then click
Messaging.
2. Click Domains, and then click Add Domain.
3. Click Basics, and then complete the following fields:
Field
Action
Domain type
Click Global Domain.
Global domain name (Optional)
Type a word or phrase that describes the
domain.
Global domain role
Click R5 Internet Domain or R4.x SMTP
MTA.
4. Click Conversions and complete the following fields:
Field
Action
Local primary Internet domain
Type the name of the primary Internet
domain your organization uses for external
communication.
Alternate Internet domain aliases
Type the names of any additional domains
your organization uses. Separate names with
commas.
Local part formed from
Click Common name
5. At the server console, type restart server to put the changes into effect.
For additional information on Global Domain documents, see Domino
Administrator Help.
Related tasks
“Configuring write access to the Domino Directory”
“Connecting to Domino Directory” on page 168
Configuring write access to the Domino Directory
Consider carefully whether to allow write access to the Domino Directory. Write
access allows users to use the IBM WebSphere Portal Server page Sign-up and Edit
My Profile links to register accounts for themselves in the LDAP directory and to
change personal attributes in the directory, such as e-mail addresses. Perform the
following steps to allow write access to the Domino Directory.
1. Configure Domino Directory access control:
a. Open the Domino Directory from the IBM Lotus Notes client.
b. Click File → Database → Access Control to open the access control list
(ACL).
c. Add an entry in the ACL for the LDAP administrator. This is the
distinguished name in the LDAP directory that IBM WebSphere Member
Manager uses to access the directory, for example, ldapadmin/acme. This
entry corresponds to the name you specify for the LDAPAdminUId
property when you enable LDAP security.
d. Assign access and roles to the LDAP administrator as follows:
v Assign the entry Editor access.
v Add the administrator to the following roles: GroupCreator,
GroupModifier, UserCreator, and UserModifier.
Chapter 4 Connecting to an LDAP Directory Server
171
e. Open the Domino Directory and switch to the Server → Configurations
view.
f. Click Add Configuration.
g. In the new document, click Yes for Use these settings as the default
settings for all servers. Click the LDAP tab. Scroll down and change Allow
LDAP users write access to Yes.
h. Save and close the document.
2. Edit a WebSphere Portal file:
a. With a text editor, open the portal_server_root/shared/app/config/services/
PumaService.properties file.
b. Remove the number sign (#) from the user.sync.remove.attributes property,
and type the following values for it:
user.sync.remove.attributes=cn,CN,cN,Cn
Note: This step assumes that cn is the attribute used for the leftmost part of
users’ distinguished names. This attribute is configured through the
LdapUserPrefix property when you enable LDAP security.
c. Save the file.
Related tasks
“Creating a full-text index on the Domino Directory”
“Connecting to Domino Directory” on page 168
Creating a full-text index on the Domino Directory
Create a full-text index on the Domino Directory to reduce the time required for
login and authentication:
1. From the Domino Administrator client, open the Server document of a server
that runs the LDAP service, or of a server in the same domain as one that runs
the LDAP service.
2. In the left pane, click Directory → LDAP → Settings.
Perform one of these steps:
v If you see the prompt Unable to locate a Server Configuration document
for this domain. Would you like to create one now? click Yes, and then
click the LDAP tab on the document.
v If you do not see the prompt, click Edit LDAP Settings.
4. Next to Automatically Full Text Index Domino Directory? click Yes to enable
the LDAP service to create and update full-text indexes automatically.
5. Click Save & Close.
Related tasks
“Configuring directory assistance”
“Connecting to Domino Directory” on page 168
3.
Configuring directory assistance
Use the following guidelines when configuring the IBM Lotus Domino Enterprise
Server server to use directory assistance to search a secondary Domino Directory.
For detailed instructions on configuring directory assistance, see Domino
Administrator Help.
Note: Do not define an LDAP server in the directory assistance database; IBM
Workplace Collaboration Services does not chase the LDAP referrals that
172
Clustered-server Deployment Guide
would be required in this case for single sign-on authentication. Define only
an extended directory catalog or secondary Domino Directory in the
directory assistance database.
1. Add the IBM WebSphere Portal Server administrator account name to the ACL
of the primary Domino Directory and give the name Manager access. The
primary Domino Directory is the NAMES.NSF database on the Domino server
to which Workplace Collaboration Services will connect.
2. Add the name of the Domino server to which Workplace Collaboration Services
will connect to the ACL of each secondary Domino Directory and give the
server name Manager access. A secondary Domino Directory is a Domino
Directory that has a document in the directory assistance database.
3. To search a secondary Domino Directory, enable one or more naming contexts
(rules) in the Directory Assistance document for the directory that match the
naming context for searches. Set Trusted for Credentials to True in each
naming context. Usually one, all-asterisk naming context is used:
*/*/*/*/*/*
Related tasks
“Editing the helper file for Domino Directory”
“Connecting to Domino Directory” on page 168
Editing the helper file for Domino Directory
Use a helper file to aid in enabling LDAP security. Make a backup copy of the
helper file, then edit the helper file, providing values for directory properties that
are appropriate for your LDAP directory environment. When you run the
Configuration Wizard to enable LDAP security, the wizard reads the values in the
helper file, which you can then verify and correct if necessary.
v It’s best if someone with advanced knowledge of LDAP concepts and
administration who is familiar with your directory environment edits the helper
file and enables LDAP security.
v The helper file and the table in this topic provide example values for some
directory properties. Do not assume the example values are correct for your
environment; you must evaluate each property to determine the appropriate
value for your environment.
v Ignore the steps described in the ″How to use this file″ section of the helper file.
v Ignore any properties in the helper file that are not described in the table in this
topic.
To edit the helper file:
1. Make a backup copy of the Domino Directory helper file, portal_server_root/
config/helpers/security_domino.properties.
2. With a text editor, open the security_domino.properties file, specify values for
properties as described in the following table, and then save and close the file.
Property
Description
IBM WebSphere Application
Server properties
Chapter 4 Connecting to an LDAP Directory Server
173
Property
Description
WasUserid
The distinguished name in the LDAP directory for
the WebSphere Application Server administrator. This
can be the same name as the IBM WebSphere Portal
Server administrator (PortalAdminId). This name
must be a member of the WebSphere Portal Server
administrators group defined by the
PortalAdminGroupId property. Make sure this
account has at least read access to the directory.
Example: cn=wasadmin,o=acme
WasPassword
The password for the WasUserid name. As a security
measure, do not type the password in the helper file.
Type the password when you run the wizard.
WpsHostName
The host name for the WebSphere Portal Server. Type
localhost.
IBM WebSphere Portal Server
configuration properties
PortalAdminId
The distinguished name of the WebSphere Portal
Server administrator in the LDAP directory. This
name must be a member of the WebSphere Portal
Server administrators group defined by the
PortalAdminGroupId property.
Note: Make sure that this account contains a value
for the mail attribute and has at least read access to
the directory. Otherwise enabling LDAP security will
fail.
Example: cn=portaladmin,o=acme
PortalAdminIdShort
The short form of the WebSphere Portal Server
administrator name.
Example: portaladmin
PortalAdminPwd
Password for the WebSphere Portal Server
administrator. As a security measure, do not type the
password in the helper file. Type the password when
you run the wizard.
Note: Do not include the following characters in the
password because they can cause authentication
failures:
[email protected]()#$%
PortalAdminGroupId
The distinguished name of the WebSphere Portal
Server administrators group in the LDAP directory to
which the WebSphere Portal Server administrator and
the WebSphere Application Server administrator
belong. This group must define its user and group
members using the members’ distinguished names.
Make sure this account has at least read access to the
directory.
Example: cn=portaladmins,o=acme
PortalAdminGroupIdShort
The short form of the WebSphere Portal Server
administrators group name.
Example: portaladmins
174
Clustered-server Deployment Guide
Property
Description
WebSphere Portal Server security
properties
LTPAPassword
The password used to encrypt and decrypt the LTPA
keys. As a security measure, do not type the
password in the helper file. Type the password when
you run the wizard.
LTPATimeout
Time period in minutes at which an LTPA token
expires.
Example: 120
SSOEnabled
Indicates whether single sign-on is enabled (true or
false).
SSORequiresSSL
Indicates whether single sign-on is enabled only for
Secure Socket Layer (SSL) connections. Type false. If
you want to configure SSL, do so only after you have
enabled LDAP security and verified the LDAP
directory configuration.
SSODomainName
The domain name for all single sign-on hosts.
Example: acme.com
General global security properties
useDomainQualifiedUserNames
Indicates whether to qualify user names with the
security domain within which they reside (true or
false). The default value (false) is recommended for
most environments.
cacheTimeout
Timeout for the security cache. The default value
(600) is recommended for most environments.
issuePermissionWarnings
Indicates whether during application deployment and
application start, the security run time emits a
warning if applications are granted any custom
permissions (true or false). The default value (true) is
recommended for most environments.
activeProtocol
The authentication protocol for RMI/IIOP requests
when security is enabled. The default value (BOTH)
is recommended for most environments.
activeAuthmechanism
The authentication mechanism when security is
enabled. The default value (LTPA) is recommended
for most environments.
LDAP properties
LDAPHostName
The host name for your LDAP server.
Example: ldap.acme.com
LDAPPort
The LDAP server port number. Typically you type
389. Do not type a port used for SSL connections, for
example, 636. If you want to configure an SSL port
for LDAP, do so after you have enabled LDAP
security and verified the LDAP directory
configuration.
Chapter 4 Connecting to an LDAP Directory Server
175
Property
Description
LDAPAdminUId
The distinguished name in the LDAP directory that
WebSphere Portal Server and IBM WebSphere
Member Manager use to bind to the directory. The
level of access given this name determines the level
of access that IBM Workplace Collaboration Services
has to the directory. This name does not have to
contain a uid attribute.
Note: Make sure that this account has at least read
access to the directory, otherwise enabling LDAP
security will fail. Limit this account to read-only
access if you want to prevent users from using the
Sign-up link to register accounts in the directory, and
from using the Edit My Profile link to change
attributes in the directory, such as their e-mail
addresses.
Example: cn=ldapadmin,o=acme
LDAPAdminPwd
The password for the name assigned to the
LDAPAdminUId property. As a security measure, do
not type the password in the helper file. Type the
password when you run the wizard.
LDAPServerType
Do not change, leave as DOMINO502.
LDAPBindID
Distinguished name that WebSphere Application
Server uses to bind to the directory.
Example: cn=wpsbind,o=acme
Note: Make sure that this account has at least read
access to the directory, otherwise enabling LDAP
security can fail.
LDAPBindPassword
The password for the LDAPBindID name. As a
security measure, do not type the password in the
helper file. Type the password when you run the
wizard.
Advanced LDAP properties
LDAPSuffix
The location in the directory tree at which to begin
searches for user and group names.
Domino Directory does not require a value for this
property, and it is typically left blank. If you do type
a value for LDAPSuffix, for example o=acme, you
must change any non-distinguished (flat) group
names to distinguished names that include the suffix.
This step allows group names to be found. For
example, if you type o=acme as the LDAPSuffix, then
groups names must include the suffix, for example,
cn=portaladmins,o=acme.
LDAPUserPrefix
The leftmost attribute of user names in the directory.
Example: cn
176
Clustered-server Deployment Guide
Property
Description
LDAPUserSuffix
The location in the directory tree at which to begin
searches for user names. Make sure that the names
specified for WasUserID, PortalAdminID,
LDAPAdminUId, and LDAPBindID are under this
location or enabling LDAP security will fail.
Domino Directory does not require a value for this
property, and it is typically left blank.
LDAPGroupPrefix
The leftmost attribute of group names in the
directory.
Example: cn
LDAPGroupSuffix
The location in the directory tree at which to begin
searches for group names.
Domino Directory does not require a value for this
property, and it is typically left blank.
LDAPUserObjectClass
The object class used for users.
Example: dominoPerson
LDAPGroupObjectClass
The object class used for groups.
Example: dominoGroup
LDAPGroupMember
The attribute used for the members of groups.
Example: member
LDAPUserFilter
The filter used to search for user accounts. The filter
must include the following text:
(&(|(userprefix=%v)(mail=%v))(objectclass=
userobjectclass))
where userprefix is the value specified for the
LDAPUserPrefix property and userobjectclass is the
value specified for the LDAPUserObjectClass
property.
Example: (&(|(cn=%v)(uid=%v)(mail=
%v))(objectclass= dominoPerson))
LDAPGroupFilter
The filter used to search for groups accounts. The
filter must include the following text:
(&(groupprefix=%v)(objectclass=
groupobjectclass))
where groupprefix is the value specified for the
LDAPGroupPrefix property and groupobjectclass is the
value specified for the LDAPGroupObjectClass
property.
Example: (&(cn=%v)(objectclass=dominoGroup))
LDAPGroupMinimumAttributes
Attributes loaded for group searches and related to
performance. Leave this property blank.
Chapter 4 Connecting to an LDAP Directory Server
177
Property
Description
LDAPUserBaseAttributes
Attributes loaded for user login related to
performance. Type givenName,sn,preferredLanguage.
Also type the following values to allow users, for
example calendar users, to set international time and
date preferences in the Edit My Profile page:
,ibm-regionalLocale,ibm-timeZone,
ibm-preferredCalendar,ibm-firstDayOfWeek,
ibm-firstWorkDayOfWeek
LDAPUserMinimumAttributes
Attributes loaded for user searches and related to
performance. Leave this property blank.
LDAPsearchTimeout
Value in seconds for the amount of time the LDAP
server has to respond before canceling a request.
Example: 120
LDAPreuseConnection
Indicates whether LDAP connections are reused (true
or false). If your environment uses a frontend server
to spray requests to multiple backend LDAP
directory servers, type false. If your environment
does not use an intermediate server but instead
authenticates directly with the LDAP directory server,
type true.
LDAPIgnoreCase
Indicates whether LDAP searches ignore character
case (true or false).
Related tasks
“Enabling LDAP security for Domino Directory”
“Connecting to Domino Directory” on page 168
Enabling LDAP security for Domino Directory
Perform the following steps to use the Configuration Wizard to disable IBM
WebSphere Application Server global security, and then to enable LDAP security.
These steps assume you are running the Configuration Wizard using the graphical
user interface. If you are using the console interface, to advance in the wizard, type
the number the wizard indicates rather than click Next. Online help is not
available in console mode.
1. Make sure you have made a backup copy of the security_domino.properties
helper file, and have edited the helper file to accommodate your directory
environment, as explained in the topic “Editing the helper file for Domino
Directory” on page 173.
2. Start your LDAP directory server.
3. Verify that the account specified for the PortalAdminId property includes a
value for the mail attribute. Use an ldap search tool also to verify that you can
bind and return objects using the accounts specified for the PortalAdminId,
LDAPAdminUId, and LDAPBindID properties.
4. Start Cloudscape Network Server and WebSphere Application Server, and stop
IBM WebSphere Portal Server and Mail_Server_1, as explained in “Starting
and stopping IBM Workplace Collaboration Services servers” on page 145.
5. Start the Configuration Wizard as described in the appropriate topic for your
operating system:
v “AIX, Linux, and Solaris: Starting the Configuration Wizard” on page 111
v “Windows: Starting the Configuration Wizard” on page 123
178
Clustered-server Deployment Guide
v “i5/OS: Starting the Configuration Wizard” on page 142
6. At the Select the configuration task that you want to perform dialog box in
the Configuration Wizard, click Disable security, and then click Next.
7. At the WebSphere Application Server global security is enabled. Enter the
user ID and password to be used for Websphere Application Server
administration dialog box, type the administrator name and password
specified during IBM Workplace Collaboration Services installation, and then
click Next.
8. At the Please enter an appropriate properties file location dialog box, type
the path and file name for the wpconfig.properties file, located in the
portal_server_root/config directory. For example, type /opt/IBM/Workplace/
PortalServer/config/wpconfig.properties.
Note: Do not type the path and file name of the LDAP directory helper file
you edited previously. You will provide that path and file name later in
the procedure when you enable LDAP security.
9. Verify that the next dialog box contains the values indicated in the following
table, then click Next. Do not leave any of the properties blank.
Property
Action
PortalAdminID
Verify that the value is uid=admin,o=default organization, where
admin is the administrator name specified during Workplace
Collaboration Services installation.
PortalAdminIdShort
Verify that the value is the administrator name specified during
Workplace Collaboration Services installation.
PortalAdminPwd
Type the administrator password that you specified during
Workplace Collaboration Services installation.
PortalAdminGroupId
Verify that the value is cn=wpsadmins,o=default organization.
DbPassword
Accept the default hidden password value.
WmmDbPassword
Accept the default hidden password value.
10. At the The Configuration Wizard is ready to run the following
configuration: Disable security dialog box, click Next to disable security. See
the progress bar and wait for the wizard to finish.
11. If you see the The following configuration has completed successfully:
Disable security dialog box, skip to the next step. If disabling security is not
successful, perform the following steps:
a. Click Finish.
b. Correct errors. Open the configwizard.log and configwizardlog.txt files to
help you troubleshoot errors and determine the correct values:
v portal_server_root/log/configwizard.log.
v portal_server_root/log/configwizardlog.txt.
Note: The Configuration Wizard creates a configwizard.log file for any
task it runs. To help distinguish log information for a disable
security task from another task, the wizard copies the contents of
the configwizard.log generated by the disable security task to the
file disable-security.log.
c. Repeat steps 6 through 11 to disable security.
Chapter 4 Connecting to an LDAP Directory Server
179
12. Verify that Cloudscape Network Server is running, and that WebSphere
Application Server, IBM WebSphere Portal Server, and Mail_Server_1 are not
running, as explained in “Starting and stopping IBM Workplace Collaboration
Services servers” on page 145.
13. Click Run Wizard Again.
14. At the Select the configuration task that you want to perform dialog box,
click Enable LDAP security, and then click Next.
15. At the Select the LDAP type to use for authentication dialog box, click IBM
Lotus Domino Enterprise Server, and then click Next.
16. At the Please enter your helper properties file location dialog box, type
portal_server_root/config/helpers/security_domino.properties, and then click
Next.
17. Advance through the wizard.
v At each stage, verify the values the wizard reads from the helper file, and
correct values if necessary. Accurate values are essential for proper LDAP
directory configuration.
v Remember to type the required passwords, which you did not type in the
helper file.
v The wizard may not read the domain name specified for the
SSODomainName property from the helper file. In this case, be sure to type
the SSO domain name again in the wizard.
v If an error prevents you from advancing in the wizard, refer to the
portal_server_root/log/configwizard.log file and the portal_server_root/log/
configwizardlog.txt file to help you troubleshoot the problem.
18. Near the end of the wizard, type values for the following properties, and then
click Next. These properties are not included in the helper file.
Property
Action
WmmDbPassword
Type any text but do not leave the property blank.
DbPassword
Type any text but do not leave the property blank.
LWPDBAdminPassword
Type any text but do not leave the property blank.
19. At the The Configuration Wizard is ready to run the following
configuration: Enable LDAP security dialog box, click Next to run the
wizard. See the progress bar and wait for the wizard to finish.
20. If you see the dialog box that says The following configuration has
completed successfully: Enable LDAP security, click Finish to exit the
wizard, then skip to the next step. If enabling security is not successful,
perform the following steps:
a. Click Finish.
b. Correct any incorrect values in your helper file. Open the configwizard.log
and configwizardlog.txt files to help you troubleshoot errors and
determine the correct values:
v portal_server_root/log/configwizard.log.
v portal_server_root/log/configwizardlog.txt.
Note: The Configuration Wizard creates a configwizard.log file for any
task it runs. To help distinguish log information for an enable
security task from another task, the wizard copies the contents of
the configwizard.log generated by the enable security task to the file
enable-security.log.
180
Clustered-server Deployment Guide
c. Repeat all of the previous steps in this topic to disable security and enable
LDAP security.
21. To allow WebSphere Portal Server to communicate with a front-end LDAP
server that manages requests in a clustered directory environment, complete
the following manual steps:
Note: If you transfer to a different database management system (DBMS) after
enabling LDAP security, you must repeat these steps after you complete
the DBMS transfer, because the DBMS transfer overwrites the changes
in the wmm.xml file.
a. With a text editor, open the portal_server_root/shared/app/wmm/
wmm.xml file.
b. Add the following line to the ldapRepository name=″wmmLDAP″ tag,
directly after the ldapPort= line:
java.naming.referral="follow"
c. Save the file.
Note: Workplace Collaboration Services does not support LDAP referrals.
Related tasks
“Configuring read-only access to Domino Directory”
Configuring read-only access to Domino Directory
Perform the following optional steps to configure read-only access to the LDAP
directory. Read-only access prevents users from using the Sign-up and Edit My
Profile links in the IBM WebSphere Portal Server page to register themselves in the
directory and to change personal attributes in the directory, such as e-mail
addresses.
1. Give the account name you specified for the LDAPAdminUId property when
you enabled LDAP security read-only access to the directory.
2. Perform the following steps to remove the Sign-up and Edit My Profile links
from the WebSphere Portal Server page:
a. Stop the WebSphere Portal Server.
b. Change to the portal_server_root/config directory.
c. Type the following command:
AIX, Linux, Solaris
./WPSconfig.sh action-fixup-signup-link
Microsoft Windows
WPSconfig.bat action-fixup-signup-link
IBM i5/OS
WPSconfig.sh action-fixup-signup-link
Related tasks
“Verifying the Domino Directory configuration”
“Connecting to Domino Directory” on page 168
Verifying the Domino Directory configuration
Perform the following steps to verify the Domino Directory configuration.
1. Log in to the server machine as a user with administrative privileges.
2. Open a command prompt (QShell session on IBM i5/OS).
3. Navigate to the portal_server_root/rootscripts directory.
4. Start Workplace Collaboration Services with the following command:
Chapter 4 Connecting to an LDAP Directory Server
181
AIX, Linux, Solaris
./startWorkplaceServices.sh
Microsoft Windows
startWorkplaceServices.bat
i5/OS
startWorkplaceServices.sh
5. Type the following URL in a Web browser to start the IBM WebSphere
Administrative Console:
AIX, Linux, Solaris, Windows
http://hostname:9091/admin
where hostname is the fully qualified name of the server.
i5/OS
http://hostname:admin_port/admin
where hostname is the fully qualified name of the server and admin_port is the
base port number for the instance, plus 10. For example, if you specified 30000
as your base port number, the WebSphere Administrative Console port would
be port 30010.
6. Test that you can log in as the IBM WebSphere Application Server
administrator.
For information on configuring Secure Sockets Layer (SSL) over LDAP, see the IBM
Workplace Collaboration Services Information Center.
Related concepts
“Optional post-installation tasks” on page 481
Related tasks
“Connecting to Domino Directory” on page 168
Connecting to Active Directory
Perform the following steps to configureIBM Workplace Collaboration Services to
use Microsoft Active Directory:
1. “Creating administrative accounts for Active Directory.”
2. “Adding required user attributes to the Active Directory schema” on page 183.
3. “Indexing attributes for Active Directory” on page 184.
4. “Editing the helper file for Active Directory” on page 184.
5. “Enabling LDAP security for Active Directory” on page 189.
6. Optional: “Configuring read-only access to Active Directory” on page 192.
7. “Verifying the Active Directory configuration” on page 192.
Related concepts
“Phase 4: Connecting to an LDAP directory server” on page 157
Creating administrative accounts for Active Directory
Create the following required administrative accounts in the LDAP directory before
you enable LDAP security. See your directory server documentation for
instructions. Each account corresponds to properties that you specify in the helper
file and in the wizard.
182
Clustered-server Deployment Guide
Related properties in helper file and
wizard
LDAP account
IBM WebSphere Application Server
administrator. This can be the same as the
IBM WebSphere Portal Server administrator.
Make sure this account has at least read
access to the directory.
WasUserid
WebSphere Portal Server administrator.
PortalAdminId
WasPassword
Note: Make sure that this account contains a PortalAdminIdShort
value for the mail attribute and has at least
PortalAdminPwd
read access to the directory. Otherwise
enabling LDAP security will fail.
Do not use the following characters in the
password (PortalAdminPwd) because they
can cause authentication failures:
!()@#$%
WebSphere Portal Server administrator
PortalAdminGroupId
group. This group must include the name of
PortalAdminGroupIdShort
the WebSphere Portal Server administrator
and the WebSphere Application Server
administrator. The group must define its
user and group members using the
members’ distinguished names.
Note: Make sure this account has at least
read access to the directory.
Name that WebSphere Portal Server and
LDAPAdminUId
IBM WebSphere Member Manager use to
bind to the LDAP directory. The access level LDAPAdminPwd
given this name controls the access that IBM
Workplace Collaboration Services has to the
directory.
Note: Make sure that this account has at
least read access to the directory, otherwise
enabling LDAP security will fail. Limit this
account to read-only access if you want to
prevent users from using the Sign-up link to
register accounts in the directory, and from
using the Edit My Profile link to change
attributes in the directory, such as their
e-mail addresses.
Name that WebSphere Application Server
uses to bind to the LDAP directory.
Note: Make sure that this account has at
least read access to the directory, otherwise
enabling LDAP security can fail.
LDAPBindID
LDAPBindPassword
Related tasks
“Adding required user attributes to the Active Directory schema”
“Connecting to Active Directory” on page 182
Adding required user attributes to the Active Directory schema
IBM Workplace Collaboration Services requires that the following attributes be
defined in the schema for the user object class. You must add these attributes to
the user object class in the Microsoft Active Directory schema if they are not
already defined for it. The user object class is typically ″user.″
Chapter 4 Connecting to an LDAP Directory Server
183
v
v
v
v
v
v
v
v
businessCategory
departmentNumber
description
displayName
employeeNumber
employeeType
preferredLanguage
roomNumber
For information on adding attributes to the schema, see the Active Directory
documentation.
Related tasks
“Indexing attributes for Active Directory”
“Connecting to Active Directory” on page 182
Indexing attributes for Active Directory
Index the following attributes, to ensure optimal name lookup performance:
v cn
v displayName
v givenName
v mail
v sn
v Any attributes specified for the LDAPUserFilter property in the helper file, for
example, samAccountName
Refer to the Microsoft Active Directory documentation for instructions on indexing.
Related tasks
“Editing the helper file for Active Directory”
“Connecting to Active Directory” on page 182
Editing the helper file for Active Directory
Use a helper file to aid in enabling LDAP security. Make a backup copy of the
helper file, then edit the helper file, providing values for directory properties that
are appropriate for your LDAP directory environment. When you run the
Configuration Wizard to enable LDAP security, the wizard reads the values in the
helper file, which you can then verify and correct if necessary.
v It’s best if someone with advanced knowledge of LDAP concepts and
administration who is familiar with your directory environment edits the helper
file and enables LDAP security.
v The helper file and the table in this topic provide example values for some
directory properties. Do not assume the example values are correct for your
environment; you must evaluate each property to determine the appropriate
value for your environment.
v Ignore the steps described in the ″How to use this file″ section of the helper file.
v Ignore any properties in the helper file that are not described in the table in this
topic.
To edit the helper file:
184
Clustered-server Deployment Guide
1. Make a backup copy of the Microsoft Active Directory helper file,
portal_server_root/config/helpers/security_active_directory.properties.
2. With a text editor, open the security_active_directory.properties file, specify
values for properties as described in the following table, and then save and
close the file.
Property
Description
IBM WebSphere Application
Server properties
WasUserid
The distinguished name in the LDAP directory for
the WebSphere Application Server administrator. This
can be the same name as the IBM WebSphere Portal
Server administrator (PortalAdminId). This name
must be a member of the WebSphere Portal Server
administrators group defined by the
PortalAdminGroupId property. Make sure this
account has at least read access to the directory.
Example: cn=wasadmin,cn=users,dc=acme,dc=com
WasPassword
The password for the WasUserid name. As a security
measure, do not type the password in the helper file.
Type the password when you run the wizard.
WpsHostName
The host name for the WebSphere Portal Server. Type
localhost.
IBM WebSphere Portal Server
configuration properties
PortalAdminId
The distinguished name of the WebSphere Portal
Server administrator in the LDAP directory. This
name must be a member of the WebSphere Portal
Server administrators group defined by the
PortalAdminGroupId property.
Note: Make sure that this account contains a value
for the mail attribute and has at least read access to
the directory. Otherwise enabling LDAP security will
fail.
Example: cn=portaladmin,cn=users,dc=acme,dc=com
PortalAdminIdShort
The short form of the WebSphere Portal Server
administrator name.
Example: portaladmin
PortalAdminPwd
Password for the WebSphere Portal Server
administrator. As a security measure, do not type the
password in the helper file. Type the password when
you run the wizard.
Note: Do not include the following characters in the
password because they can cause authentication
failures:
[email protected]()#$%
Chapter 4 Connecting to an LDAP Directory Server
185
Property
Description
PortalAdminGroupId
The distinguished name of the WebSphere Portal
Server administrators group in the LDAP directory to
which the WebSphere Portal Server administrator and
the WebSphere Application Server administrator
belong. This group must define its user and group
members using the members’ distinguished names.
Make sure this account has at least read access to the
directory.
Example:
cn=portaladmins,cn=groups,dc=acme,dc=com
PortalAdminGroupIdShort
The short form of the WebSphere Portal Server
administrators group name.
Example: portaladmins
WebSphere Portal Server security
properties
LTPAPassword
The password used to encrypt and decrypt the LTPA
keys. As a security measure, do not type the
password in the helper file. Type the password when
you run the wizard.
LTPATimeout
Time period in minutes at which an LTPA token
expires.
Example: 120
SSOEnabled
Indicates whether single sign-on is enabled (true or
false).
SSORequiresSSL
Indicates whether single sign-on is enabled only for
Secure Socket Layer (SSL) connections. Type false. If
you want to configure SSL, do so only after you have
enabled LDAP security and verified the LDAP
directory configuration.
SSODomainName
The domain name for all single sign-on hosts.
Example: acme.com
General global security properties
186
useDomainQualifiedUserNames
Indicates whether to qualify user names with the
security domain within which they reside (true or
false). The default value (false) is recommended for
most environments.
cacheTimeout
Timeout for the security cache. The default value
(600) is recommended for most environments.
issuePermissionWarnings
Indicates whether during application deployment and
application start, the security run time emits a
warning if applications are granted any custom
permissions (true or false). The default value (true) is
recommended for most environments.
activeProtocol
The authentication protocol for RMI/IIOP requests
when security is enabled. The default value (BOTH)
is recommended for most environments.
activeAuthmechanism
The authentication mechanism when security is
enabled. The default value (LTPA) is recommended
for most environments.
Clustered-server Deployment Guide
Property
Description
LDAP properties
LDAPHostName
The host name for your LDAP server.
Example: ldap.acme.com
LDAPPort
The LDAP server port number. Typically you type
389. Do not type a port used for SSL connections, for
example, 636. If you want to configure an SSL port
for LDAP, do so after you have enabled LDAP
security and verified the LDAP directory
configuration.
LDAPAdminUId
The distinguished name in the LDAP directory that
WebSphere Portal Server and IBM WebSphere
Member Manager use to bind to the directory. The
level of access given this name determines the level
of access that IBM Workplace Collaboration Services
has to the directory. This name does not have to
contain a uid attribute.
Note: Make sure that this account has at least read
access to the directory, otherwise enabling LDAP
security will fail. Limit this account to read-only
access if you want to prevent users from using the
Sign-up link to register accounts in the directory, and
from using the Edit My Profile link to change
attributes in the directory, such as their e-mail
addresses.
Example: cn=ldapadmin,cn=users,dc=acme,dc=com
LDAPAdminPwd
The password for the name assigned to the
LDAPAdminUId property. As a security measure, do
not type the password in the helper file. Type the
password when you run the wizard.
Note: Make sure that this account has at least read
access to the directory, otherwise enabling LDAP
security will fail.
LDAPServerType
Do not change, leave as ACTIVE_DIRECTORY.
LDAPBindID
Distinguished name that WebSphere Application
Server uses to bind to the directory.
Example: cn=wpsbind,cn=users,dc=acme,dc=com
Note: Make sure that this account has at least read
access to the directory, otherwise enabling LDAP
security can fail.
LDAPBindPassword
The password for the LDAPBindID name. As a
security measure, do not type the password in the
helper file. Type the password when you run the
wizard.
Advanced LDAP properties
LDAPSuffix
The location in the directory tree at which to begin
searches for user and group names.
Example: dc=acme,dc=com
LDAPUserPrefix
The leftmost attribute of user names in the directory.
Example: cn
Chapter 4 Connecting to an LDAP Directory Server
187
Property
Description
LDAPUserSuffix
The location in the directory tree at which to begin
searches for user names. Make sure that the names
specified for WasUserID, PortalAdminID,
LDAPAdminUId, and LDAPBindID are under this
location or enabling LDAP security will fail.
Example: cn=users
Do not append the LDAPSuffix value as part of this
value. For example, do not type
cn=users,dc=acme,dc=com.
LDAPGroupPrefix
The leftmost attribute of group names in the
directory.
Example: cn
LDAPGroupSuffix
The location in the directory tree at which to begin
searches for group names.
Example: cn=groups
Do not append the LDAPSuffix value as part of this
value. For example, do not type
cn=groups,dc=acme,dc=com.
LDAPUserObjectClass
The object class used for users.
Example: user
LDAPGroupObjectClass
The object class used for groups.
Example: group
LDAPGroupMember
The attribute used for the members of groups.
Example: member
LDAPUserFilter
The filter used to search for user accounts. The filter
must include the following text:
(&(|(userprefix=%v)(mail=%v))(objectclass=
userobjectclass))
where userprefix is the value specified for the
LDAPUserPrefix property and userobjectclass is the
value specified for the LDAPUserObjectClass
property.
Example: (&(|(cn=%v)(samAccountName=%v)(mail=
%v)) (objectclass=user))
LDAPGroupFilter
The filter used to search for groups accounts. The
filter must include the following text:
(&(groupprefix=%v)(objectclass=
groupobjectclass))
where groupprefix is the value specified for the
LDAPGroupPrefix property and groupobjectclass is the
value specified for the LDAPGroupObjectClass
property.
Example: (&(cn=%v)(objectclass=group))
188
Clustered-server Deployment Guide
Property
Description
LDAPGroupMinimumAttributes
Attributes loaded for group searches and related to
performance. Leave this property blank.
LDAPUserBaseAttributes
Attributes loaded for user login related to
performance. Type givenName,sn,preferredLanguage.
Also type the following values to allow users, for
example calendar users, to set international time and
date preferences in the Edit My Profile page:
,ibm-regionalLocale,ibm-timeZone,
ibm-preferredCalendar,ibm-firstDayOfWeek,
ibm-firstWorkDayOfWeek
LDAPUserMinimumAttributes
Attributes loaded for user searches and related to
performance. Leave this property blank.
LDAPsearchTimeout
Value in seconds for the amount of time the LDAP
server has to respond before canceling a request.
Example: 120
LDAPreuseConnection
Indicates whether LDAP connections are reused (true
or false). If your environment uses a frontend server
to spray requests to multiple backend LDAP
directory servers, type false. If your environment
does not use an intermediate server but instead
authenticates directly with the LDAP directory server,
type true.
LDAPIgnoreCase
Indicates whether LDAP searches ignore character
case (true or false).
Related tasks
“Enabling LDAP security for Active Directory”
“Connecting to Active Directory” on page 182
Enabling LDAP security for Active Directory
Perform the following steps to use the Configuration Wizard to disable IBM
WebSphere Application Server global security, and then to enable LDAP security.
These steps assume you are running the Configuration Wizard using the graphical
user interface. If you are using the console interface, to advance in the wizard, type
the number the wizard indicates rather than click Next. Online help is not
available in console mode.
1. Make sure you have made a backup copy of the
security_active_directory.properties helper file, and have edited the helper file
to accommodate your directory environment, as explained in the topic
“Editing the helper file for Active Directory” on page 184.
2. Start your LDAP directory server.
3. Verify that the account specified for the PortalAdminId property includes a
value for the mail attribute. Use an ldap search tool also to verify that you can
bind and return objects using the accounts specified for the PortalAdminId,
LDAPAdminUId, and LDAPBindID properties.
4. Start Cloudscape Network Server and WebSphere Application Server, and stop
IBM WebSphere Portal Server and Mail_Server_1, as explained in “Starting
and stopping IBM Workplace Collaboration Services servers” on page 145.
5. Start the Configuration Wizard as described in the appropriate topic for your
operating system:
v “AIX, Linux, and Solaris: Starting the Configuration Wizard” on page 111
Chapter 4 Connecting to an LDAP Directory Server
189
v “Windows: Starting the Configuration Wizard” on page 123
v “i5/OS: Starting the Configuration Wizard” on page 142
6. At the Select the configuration task that you want to perform dialog box in
the Configuration Wizard, click Disable security, and then click Next.
7. At the WebSphere Application Server global security is enabled. Enter the
user ID and password to be used for Websphere Application Server
administration dialog box, type the administrator name and password
specified during IBM Workplace Collaboration Services installation, and then
click Next.
8. At the Please enter an appropriate properties file location dialog box, type
the path and file name for the wpconfig.properties file, located in the
portal_server_root/config directory. For example, type /opt/IBM/Workplace/
PortalServer/config/wpconfig.properties.
Note: Do not type the path and file name of the LDAP directory helper file
you edited previously. You will provide that path and file name later in
the procedure when you enable LDAP security.
9. Verify that the next dialog box contains the values indicated in the following
table, then click Next. Do not leave any of the properties blank.
Property
Action
PortalAdminID
Verify that the value is uid=admin,o=default organization, where
admin is the administrator name specified during Workplace
Collaboration Services installation.
PortalAdminIdShort
Verify that the value is the administrator name specified during
Workplace Collaboration Services installation.
PortalAdminPwd
Type the administrator password that you specified during
Workplace Collaboration Services installation.
PortalAdminGroupId
Verify that the value is cn=wpsadmins,o=default organization.
DbPassword
Accept the default hidden password value.
WmmDbPassword
Accept the default hidden password value.
10. At the The Configuration Wizard is ready to run the following
configuration: Disable security dialog box, click Next to disable security. See
the progress bar and wait for the wizard to finish.
11. If you see the The following configuration has completed successfully:
Disable security dialog box, skip to the next step. If disabling security is not
successful, perform the following steps:
a. Click Finish.
b. Correct errors. Open the configwizard.log and configwizardlog.txt files to
help you troubleshoot errors and determine the correct values:
v portal_server_root/log/configwizard.log.
v portal_server_root/log/configwizardlog.txt.
Note: The Configuration Wizard creates a configwizard.log file for any
task it runs. To help distinguish log information for a disable
security task from another task, the wizard copies the contents of
the configwizard.log generated by the disable security task to the
file disable-security.log.
c. Repeat steps 6 through 11 to disable security.
190
Clustered-server Deployment Guide
12. Verify that Cloudscape Network Server is running, and that WebSphere
Application Server, IBM WebSphere Portal Server, and Mail_Server_1 are not
running, as explained in “Starting and stopping IBM Workplace Collaboration
Services servers” on page 145.
13. Click Run Wizard Again.
14. At the Select the configuration task that you want to perform dialog box,
click Enable LDAP security, and then click Next.
15. At the Select the LDAP type to use for authentication dialog box, click
Microsoft Active Directory, and then click Next.
16. At the Please enter your helper properties file location dialog box, type
portal_server_root/config/helpers/security_active_directory.properties, and then
click Next.
17. Advance through the wizard.
v At each stage, verify the values the wizard reads from the helper file, and
correct values if necessary. Accurate values are essential for proper LDAP
directory configuration.
v Remember to type the required passwords, which you did not type in the
helper file.
v The wizard may not read the domain name specified for the
SSODomainName property from the helper file. In this case, be sure to type
the SSO domain name again in the wizard.
v If an error prevents you from advancing in the wizard, refer to the
portal_server_root/log/configwizard.log file and the portal_server_root/log/
configwizardlog.txt file to help you troubleshoot the problem.
18. Near the end of the wizard, type values for the following properties, and then
click Next. These properties are not included in the helper file.
Property
Action
WmmDbPassword
Type any text but do not leave the property blank.
DbPassword
Type any text but do not leave the property blank.
LWPDBAdminPassword
Type any text but do not leave the property blank.
19. At the The Configuration Wizard is ready to run the following
configuration: Enable LDAP security dialog box, click Next to run the
wizard. See the progress bar and wait for the wizard to finish.
20. If you see the dialog box that says The following configuration has
completed successfully: Enable LDAP security, click Finish to exit the
wizard, then skip to the next step. If enabling security is not successful,
perform the following steps:
a. Click Finish.
b. Correct any incorrect values in your helper file. Open the configwizard.log
and configwizardlog.txt files to help you troubleshoot errors and
determine the correct values:
v portal_server_root/log/configwizard.log.
v portal_server_root/log/configwizardlog.txt.
Note: The Configuration Wizard creates a configwizard.log file for any
task it runs. To help distinguish log information for an enable
security task from another task, the wizard copies the contents of
the configwizard.log generated by the enable security task to the file
enable-security.log.
Chapter 4 Connecting to an LDAP Directory Server
191
c. Repeat all of the previous steps in this topic to disable security and enable
LDAP security.
21. To allow WebSphere Portal Server to communicate with a front-end LDAP
server that manages requests in a clustered directory environment, complete
the following manual steps:
Note: If you transfer to a different database management system (DBMS) after
enabling LDAP security, you must repeat these steps after you complete
the DBMS transfer, because the DBMS transfer overwrites the changes
in the wmm.xml file.
a. With a text editor, open the portal_server_root/shared/app/wmm/
wmm.xml file.
b. Add the following line to the ldapRepository name=″wmmLDAP″ tag,
directly after the ldapPort= line:
java.naming.referral="follow"
c. Save the file.
Note: Workplace Collaboration Services does not support LDAP referrals.
Related tasks
“Configuring read-only access to Active Directory”
“Connecting to Active Directory” on page 182
Configuring read-only access to Active Directory
Perform the following optional steps to configure read-only access to the LDAP
directory. Read-only access prevents users from using the Sign-up and Edit My
Profile links in the IBM WebSphere Portal Server page to register themselves in the
directory and to change personal attributes in the directory, such as e-mail
addresses.
1. Give the account name you specified for the LDAPAdminUId property when
you enabled LDAP security read-only access to the directory.
2. Perform the following steps to remove the Sign-up and Edit My Profile links
from the WebSphere Portal Server page:
a. Stop the WebSphere Portal Server.
b. Change to the portal_server_root/config directory.
c. Type the following command:
AIX, Linux, Solaris
./WPSconfig.sh action-fixup-signup-link
Microsoft Windows
WPSconfig.bat action-fixup-signup-link
IBM i5/OS
WPSconfig.sh action-fixup-signup-link
Related tasks
“Verifying the Active Directory configuration”
“Connecting to Active Directory” on page 182
Verifying the Active Directory configuration
Perform the following steps to verify the Microsoft Active Directory configuration.
1. Log in to the server machine as a user with administrative privileges.
2. Open a command prompt (QShell session on IBM i5/OS).
3. Navigate to the portal_server_root/rootscripts directory.
192
Clustered-server Deployment Guide
4. Start Workplace Collaboration Services with the following command:
AIX, Linux, Solaris
./startWorkplaceServices.sh
Microsoft Windows
startWorkplaceServices.bat
i5/OS
startWorkplaceServices.sh
5. Type the following URL in a Web browser to start the IBM WebSphere
Administrative Console:
AIX, Linux, Solaris, Windows
http://hostname:9091/admin
where hostname is the fully qualified name of the server.
i5/OS
http://hostname:admin_port/admin
where hostname is the fully qualified name of the server and admin_port is the
base port number for the instance, plus 10. For example, if you specified 30000
as your base port number, the WebSphere Administrative Console port would
be port 30010.
6. Test that you can log in as the IBM WebSphere Application Server
administrator.
For information on configuring Secure Sockets Layer (SSL) over LDAP, see the IBM
Workplace Collaboration Services Information Center.
Related concepts
“Optional post-installation tasks” on page 481
Related tasks
“Connecting to Active Directory” on page 182
Connecting to Sun Java System Directory Server
Perform the following steps to configure IBM Workplace Collaboration Services to
use Sun Java System Directory Server:
1. “Creating administrative accounts for Sun Java System Directory Server.”
2. “Indexing attributes for Sun Java System Directory Server” on page 194.
3. “Specifying whether Sun Java System Directory Server uses roles” on page 195.
4. “Editing the helper file for Sun Java System Directory Server” on page 196.
5. “Enabling LDAP security for Sun Java System Directory Server” on page 201.
6. Optional: “Configuring read-only access to Sun Java System Directory Server”
on page 204.
7. “Verifying the Sun Java System Directory Server configuration” on page 204.
Related concepts
“Phase 4: Connecting to an LDAP directory server” on page 157
Creating administrative accounts for Sun Java System Directory
Server
Create the following required administrative accounts in the LDAP directory before
you enable LDAP security. See your directory server documentation for
instructions. Each account corresponds to properties that you specify in the helper
file and in the wizard.
Chapter 4 Connecting to an LDAP Directory Server
193
LDAP account
Related properties in helper file and
wizard
IBM WebSphere Application Server
administrator. This can be the same as the
IBM WebSphere Portal Server administrator.
Make sure this account has at least read
access to the directory.
WasUserid
WebSphere Portal Server administrator.
PortalAdminId
WasPassword
Note: Make sure that this account contains a PortalAdminIdShort
value for the mail attribute and has at least
PortalAdminPwd
read access to the directory. Otherwise
enabling LDAP security will fail.
Do not use the following characters in the
password (PortalAdminPwd) because they
can cause authentication failures:
!()@#$%
WebSphere Portal Server administrator
group or role. This group or role must
include the name of the WebSphere Portal
Server administrator and the WebSphere
Application Server administrator. The group
or role must define its members using the
members’ distinguished names.
PortalAdminGroupId
PortalAdminGroupIdShort
Name that WebSphere Portal Server and
LDAPAdminUId
IBM WebSphere Member Manager use to
bind to the LDAP directory. The access level LDAPAdminPwd
given this name controls the access that IBM
Workplace Collaboration Services has to the
directory.
Note: Make sure that this account has at
least read access to the directory, otherwise
enabling LDAP security will fail. Limit this
account to read-only access if you want to
prevent users from using the Sign-up link to
register accounts in the directory, and from
using the Edit My Profile link to change
attributes in the directory, such as their
e-mail addresses.
Name that WebSphere Application Server
uses to bind to the LDAP directory.
Note: Make sure that this account has at
least read access to the directory, otherwise
enabling LDAP security can fail.
LDAPBindID
LDAPBindPassword
Related tasks
“Indexing attributes for Sun Java System Directory Server”
“Connecting to Sun Java System Directory Server” on page 193
Indexing attributes for Sun Java System Directory Server
Index the following attributes in user accounts, to ensure optimal name lookup
performance:
v cn
v displayName
v givenName
194
Clustered-server Deployment Guide
v mail
v sn
v Any attribute or attributes specified for the LDAPUserFilter property in the
helper file; for example, uid.
Refer to the Sun Java System Directory Server documentation for instructions on
indexing.
Related tasks
“Specifying whether Sun Java System Directory Server uses roles”
“Connecting to Sun Java System Directory Server” on page 193
Specifying whether Sun Java System Directory Server uses roles
Sun Java System Directory Server supports an alternative to groups called roles.
When roles are used, the nsRole attribute is automatically added to accounts to
indicate the roles to which the accounts belong. Roles make membership searches
more efficient because searches of separate group accounts to determine
membership are unnecessary. For additional information on roles, see the Sun Java
System Directory Server documentation.
IBM Workplace Collaboration Services does not use roles by default. However,
configuring it to use roles is recommended if the Sun Java System Directory Server
uses them. If you do not use roles, searches of groups may be slow or may not
work, depending on the size of the groups and whether nested groups are
searched. If you use groups rather than roles on the directory server, preventing
searches of nested groups is strongly recommended.
Perform the following steps to specify whether roles are used on the directory
server:
1. If the directory server uses roles, perform the following steps to configure
Workplace Collaboration Services to use roles:
a. Open the following file with a text editor:
portal_server_root/config/templates/wmm/
wmm_LDAP.xml.IPLANET.3.wmm
b. Add the following text to the file:
memberOfAttributeName="nsRole"
c. Save the modified file.
2. If the directory server is configured to use groups rather than roles, if possible,
perform the following steps to prevent Workplace Collaboration Services from
searching nested groups:
a. Open the following file with a text editor:
portal_server_root/shared/app/config/services/
AccessControlDataManagementService.properties
b. Change the value of the
accessControlDataManagement.enableNestedGroups property to false. If this
property does not exist in the file, add it.
c. Save the modified file.
Note: When you edit the helper file used to enable LDAP security, the values you
specify for the LDAPGroupObjectClass, LDAPGroupMember,
LDAPGroupFilter, and LDAPGroupSuffix properties depend on whether
roles are configured.
Related tasks
Chapter 4 Connecting to an LDAP Directory Server
195
“Example of adding a managed role for WebSphere Portal Server
administrators”
“Editing the helper file for Sun Java System Directory Server”
“Connecting to Sun Java System Directory Server” on page 193
Example of adding a managed role for WebSphere Portal Server administrators:
The following steps provide an example of adding a managed role with the
distinguished name cn=portaladmins,ou=people,o=acme.com to the directory, to be
used in place of a IBM WebSphere Portal Server administrator’s group. A managed
role lets you manually define the names that belong to the role. Although these
steps describe using a Lightweight Directory Interchange Format (LDIF) file and
LDAP commands, you could instead use the Directory Server Console on the Sun
Java System Directory Server.
1. Create an LDIF file with the following definitions:
dn: cn=portaladmins,ou=people,o=acme.com
objectClass: top
objectClass: ldapsubentry
objectClass: nsroledefinition
objectClass: nssimpleroledefinition
objectClass: nsmanagedroledefinition
cn: portaladmins
2. Save the LDIF file.
3. Type the following LDAP command to add the role to the directory:
ldapadd -h ldapserver.acme.com -p 389 -D "ldapadministrator_dn" -w
ldapadministrator_password -f file_name.ldif
4. Use the ldapmodify command to assign names to the role.
Related tasks
“Specifying whether Sun Java System Directory Server uses roles” on page 195
Editing the helper file for Sun Java System Directory Server
Use a helper file to aid in enabling LDAP security. Make a backup copy of the
helper file, then edit the helper file, providing values for directory properties that
are appropriate for your LDAP directory environment. When you run the
Configuration Wizard to enable LDAP security, the wizard reads the values in the
helper file, which you can then verify and correct if necessary.
v It’s best if someone with advanced knowledge of LDAP concepts and
administration who is familiar with your directory environment edits the helper
file and enables LDAP security.
v The helper file and the table in this topic provide example values for some
directory properties. Do not assume the example values are correct for your
environment; you must evaluate each property to determine the appropriate
value for your environment.
v Ignore the steps described in the ″How to use this file″ section of the helper file.
v Ignore any properties in the helper file that are not described in the table in this
topic.
To edit the helper file:
1. Make a backup copy of the Sun Java System Directory Server helper file,
portal_server_root/config/helpers/security_sun_one.properties.
2. With a text editor, open the security_sun_one.properties file, specify values for
properties as described in the following table, and then save and close the file.
196
Clustered-server Deployment Guide
Property
Description
IBM WebSphere Application
Server properties
WasUserid
The distinguished name in the LDAP directory for
the IBM WebSphere Application Server administrator.
This can be the same name as the IBM WebSphere
Portal Server administrator (PortalAdminId). This
name must be a member of the WebSphere Portal
Server administrators group or role defined by the
PortalAdminGroupId property. Make sure this
account has at least read access to the directory.
Example: uid=wasadmin,ou=people,o=acme.com
WasPassword
The password for the WasUserid name. As a security
measure, do not type the password in the helper file.
Type the password when you run the wizard.
WpsHostName
The host name for the WebSphere Portal Server. Type
localhost.
WebSphere Portal Server
configuration properties
PortalAdminId
The distinguished name of the WebSphere Portal
Server administrator in the LDAP directory. This
name must be a member of the WebSphere Portal
Server administrators group defined by the
PortalAdminGroupId property.
Note: Make sure that this account contains a value
for the mail attribute and has at least read access to
the directory. Otherwise enabling LDAP security will
fail.
Example: uid=portaladmin,ou=people,o=acme.com
PortalAdminIdShort
The short form of the WebSphere Portal Server
administrator name.
Example: portaladmin
PortalAdminPwd
Password for the WebSphere Portal Server
administrator. As a security measure, do not type the
password in the helper file. Type the password when
you run the wizard.
Note: Do not include the following characters in the
password because they can cause authentication
failures:
[email protected]()#$%
PortalAdminGroupId
The distinguished name of the WebSphere Portal
Server administrators group or role in the LDAP
directory to which the WebSphere Portal Server
administrator belongs. This group or role must define
its user and group members using the members’
distinguished names. Make sure this account has at
least read access to the directory.
Example: cn=portaladmins,ou=people,o=acme.com
Chapter 4 Connecting to an LDAP Directory Server
197
Property
Description
PortalAdminGroupIdShort
The short form of the WebSphere Portal Server
administrators group name or role name.
Example: portaladmins
WebSphere Portal Server security
properties
LTPAPassword
The password used to encrypt and decrypt the LTPA
keys. As a security measure, do not type the
password in the helper file. Type the password when
you run the wizard.
LTPATimeout
Time period in minutes at which an LTPA token
expires.
Example: 120
SSOEnabled
Indicates whether single sign-on is enabled (true or
false).
SSORequiresSSL
Indicates whether single sign-on is enabled only for
Secure Socket Layer (SSL) connections. Type false. If
you want to configure SSL, do so only after you have
enabled LDAP security and verified the LDAP
directory configuration.
SSODomainName
The domain name for all single sign-on hosts.
Example: acme.com
General global security properties
useDomainQualifiedUserNames
Indicates whether to qualify user names with the
security domain within which they reside (true or
false). The default value (false) is recommended for
most environments.
cacheTimeout
Timeout for the security cache. The default value
(600) is recommended for most environments.
issuePermissionWarnings
Indicates whether during application deployment and
application start, the security run time emits a
warning if applications are granted any custom
permissions (true or false). The default value (true) is
recommended for most environments.
activeProtocol
The authentication protocol for RMI/IIOP requests
when security is enabled. The default value (BOTH)
is recommended for most environments.
activeAuthmechanism
The authentication mechanism when security is
enabled. The default value (LTPA) is recommended
for most environments.
LDAP properties
LDAPHostName
The host name for your LDAP server.
Example: ldap.acme.com
LDAPPort
198
Clustered-server Deployment Guide
The LDAP server port number. Typically you type
389. Do not type a port used for SSL connections, for
example, 636. If you want to configure an SSL port
for LDAP, do so after you have enabled LDAP
security and verified the LDAP directory
configuration.
Property
Description
LDAPAdminUId
The distinguished name in the LDAP directory that
WebSphere Portal Server and IBM WebSphere
Member Manager use to bind to the directory. The
level of access given this name determines the level
of access that IBM Workplace Collaboration Services
has to the directory. This name does not have to
contain a uid attribute.
Note: Make sure that this account has at least read
access to the directory, otherwise enabling LDAP
security will fail. Limit this account to read-only
access if you want to prevent users from using the
Sign-up link to register accounts in the directory, and
from using the Edit My Profile link to change
attributes in the directory, such as their e-mail
addresses.
Example: uid=ldapadmin,ou=people,o=acme.com
LDAPAdminPwd
The password for the name assigned to the
LDAPAdminUId property. As a security measure, do
not type the password in the helper file. Type the
password when you run the wizard.
LDAPServerType
Do not change, leave as IPLANET.
LDAPBindID
Distinguished name that WebSphere Application
Server uses to bind to the directory.
Example: uid=wpsbind,ou=people,o=acme.com
Note: Make sure that this account has at least read
access to the directory, otherwise enabling LDAP
security can fail.
LDAPBindPassword
The password for the LDAPBindID name. As a
security measure, do not type the password in the
helper file. Type the password when you run the
wizard.
Advanced LDAP properties
LDAPSuffix
The location in the directory tree at which to begin
searches for user and group names.
Example: o=acme.com
LDAPUserPrefix
The leftmost attribute of user names in the directory.
Example: uid
LDAPUserSuffix
The location in the directory tree at which to begin
searches for user names. Make sure that the names
specified for WasUserID, PortalAdminID,
LDAPAdminUId, and LDAPBindID are under this
location or enabling LDAP security will fail.
Example: ou=people
Do not append the LDAPSuffix value as part of this
value. For example, do not type
ou=people,o=acme.com
Chapter 4 Connecting to an LDAP Directory Server
199
Property
Description
LDAPGroupPrefix
If you are using groups, the leftmost attribute of
group names in the directory. If you are using roles,
the leftmost attribute of user names in the directory.
Example: cn
LDAPGroupSuffix
The location in the directory tree at which to begin
searches for group names. If you use roles rather than
groups, type the valued specified for the
LDAPUserSuffix property instead.
Example: ou=people
Do not append the LDAPSuffix value as part of this
value. For example, do not type
ou=people,o=acme.com
LDAPUserObjectClass
The object class used for users.
Example: inetOrgPerson
LDAPGroupObjectClass
The object class used for groups. If you use roles
rather than groups, you must type ldapsubentry as
the value.
Example if groups are used: groupOfUniqueNames
LDAPGroupMember
The attribute used for the members of groups. If you
use roles rather than groups, you must type nsrole as
the value.
Example if groups are used: uniqueMember
LDAPUserFilter
The filter used to search for user accounts. The filter
must include the following text:
(&(|(userprefix=%v)(mail=%v))(objectclass=
userobjectclass))
where userprefix is the value specified for the
LDAPUserPrefix property and userobjectclass is the
value specified for the LDAPUserObjectClass
property.
Example: (&(|(uid=%v)(mail=
%v))(objectclass=inetOrgPerson))
LDAPGroupFilter
The filter used to search for groups or roles. The filter
must include the following text:
(&(groupprefix=%v)(objectclass=
groupobjectclass))
where <groupprefix> is the value specified for the
LDAPGroupPrefix property and <groupobjectclass> is
the value specified for the LDAPGroupObjectClass
property.
Example if groups are used: (&(cn=
%v)(objectclass=groupOfUniqueNames))
Example if roles are used: (&(uid=
%v)(objectclass=ldapsubentry))
LDAPGroupMinimumAttributes
200
Clustered-server Deployment Guide
Attributes loaded for group searches and related to
performance. Leave this property blank.
Property
Description
LDAPUserBaseAttributes
Attributes loaded for user login related to
performance. Type givenName,sn,preferredLanguage.
Also type the following values to allow users, for
example calendar users, to set international time and
date preferences in the Edit My Profile page:
,ibm-regionalLocale,ibm-timeZone,
ibm-preferredCalendar,ibm-firstDayOfWeek,
ibm-firstWorkDayOfWeek
LDAPUserMinimumAttributes
Attributes loaded for user searches and related to
performance. Leave this property blank.
LDAPsearchTimeout
Value in seconds for the amount of time the LDAP
server has to respond before canceling a request.
Example: 120
LDAPreuseConnection
Indicates whether LDAP connections are reused (true
or false). If your environment uses a frontend server
to spray requests to multiple backend LDAP directory
servers, type false. If your environment does not use
an intermediate server but instead authenticates
directly with the LDAP directory server, type true.
LDAPIgnoreCase
Indicates whether LDAP searches ignore character
case (true or false).
Related tasks
“Enabling LDAP security for Sun Java System Directory Server”
“Connecting to Sun Java System Directory Server” on page 193
Enabling LDAP security for Sun Java System Directory Server
Perform the following steps to use the Configuration Wizard to disable IBM
WebSphere Application Server global security, and then to enable LDAP security.
These steps assume you are running the Configuration Wizard using the graphical
user interface. If you are using the console interface, to advance in the wizard, type
the number the wizard indicates rather than click Next. Online help is not
available in console mode.
1. Make sure you have made a backup copy of the security_sun_one.properties
helper file, and have edited the helper file to accommodate your directory
environment, as explained in the topic “Editing the helper file for Sun Java
System Directory Server” on page 196.
2. Start your LDAP directory server.
3. Verify that the account specified for the PortalAdminId property includes a
value for the mail attribute. Use an ldap search tool also to verify that you can
bind and return objects using the accounts specified for the PortalAdminId,
LDAPAdminUId, and LDAPBindID properties.
4. Start Cloudscape Network Server and WebSphere Application Server, and stop
IBM WebSphere Portal Server and Mail_Server_1, as explained in “Starting
and stopping IBM Workplace Collaboration Services servers” on page 145.
5. Start the Configuration Wizard as described in the appropriate topic for your
operating system:
v “AIX, Linux, and Solaris: Starting the Configuration Wizard” on page 111
v “Windows: Starting the Configuration Wizard” on page 123
v “i5/OS: Starting the Configuration Wizard” on page 142
Chapter 4 Connecting to an LDAP Directory Server
201
6. At the Select the configuration task that you want to perform dialog box in
the Configuration Wizard, click Disable security, and then click Next.
7. At the WebSphere Application Server global security is enabled. Enter the
user ID and password to be used for Websphere Application Server
administration dialog box, type the administrator name and password
specified during IBM Workplace Collaboration Services installation, and then
click Next.
8. At the Please enter an appropriate properties file location dialog box, type
the path and file name for the wpconfig.properties file, located in the
portal_server_root/config directory. For example, type /opt/IBM/Workplace/
PortalServer/config/wpconfig.properties.
Note: Do not type the path and file name of the LDAP directory helper file
you edited previously. You will provide that path and file name later in
the procedure when you enable LDAP security.
9. Verify that the next dialog box contains the values indicated in the following
table, then click Next. Do not leave any of the properties blank.
Property
Action
PortalAdminID
Verify that the value is uid=admin,o=default organization, where
admin is the administrator name specified during Workplace
Collaboration Services installation.
PortalAdminIdShort
Verify that the value is the administrator name specified during
Workplace Collaboration Services installation.
PortalAdminPwd
Type the administrator password that you specified during
Workplace Collaboration Services installation.
PortalAdminGroupId
Verify that the value is cn=wpsadmins,o=default organization.
DbPassword
Accept the default hidden password value.
WmmDbPassword
Accept the default hidden password value.
10. At the The Configuration Wizard is ready to run the following
configuration: Disable security dialog box, click Next to disable security. See
the progress bar and wait for the wizard to finish.
11. If you see the The following configuration has completed successfully:
Disable security dialog box, skip to the next step. If disabling security is not
successful, perform the following steps:
a. Click Finish.
b. Correct errors. Open the configwizard.log and configwizardlog.txt files to
help you troubleshoot errors and determine the correct values:
v portal_server_root/log/configwizard.log.
v portal_server_root/log/configwizardlog.txt.
Note: The Configuration Wizard creates a configwizard.log file for any
task it runs. To help distinguish log information for a disable
security task from another task, the wizard copies the contents of
the configwizard.log generated by the disable security task to the
file disable-security.log.
c. Repeat steps 6 through 11 to disable security.
12. Verify that Cloudscape Network Server is running, and that WebSphere
Application Server, IBM WebSphere Portal Server, and Mail_Server_1 are not
running, as explained in “Starting and stopping IBM Workplace Collaboration
Services servers” on page 145.
202
Clustered-server Deployment Guide
13. Click Run Wizard Again.
14. At the Select the configuration task that you want to perform dialog box,
click Enable LDAP security, and then click Next.
15. At the Select the LDAP type to use for authentication dialog box, click Sun
ONE Directory Server, and then click Next.
16. At the Please enter your helper properties file location dialog box, type
portal_server_root/config/helpers/security_sun_one.properties, and then click
Next.
17. Advance through the wizard.
v At each stage, verify the values the wizard reads from the helper file, and
correct values if necessary. Accurate values are essential for proper LDAP
directory configuration.
v Remember to type the required passwords, which you did not type in the
helper file.
v The wizard may not read the domain name specified for the
SSODomainName property from the helper file. In this case, be sure to type
the SSO domain name again in the wizard.
v If an error prevents you from advancing in the wizard, refer to the
portal_server_root/log/configwizard.log file and the portal_server_root/log/
configwizardlog.txt file to help you troubleshoot the problem.
18. Near the end of the wizard, type values for the following properties, and then
click Next. These properties are not included in the helper file.
Property
Action
WmmDbPassword
Type any text but do not leave the property blank.
DbPassword
Type any text but do not leave the property blank.
LWPDBAdminPassword
Type any text but do not leave the property blank.
19. At the The Configuration Wizard is ready to run the following
configuration: Enable LDAP security dialog box, click Next to run the
wizard. See the progress bar and wait for the wizard to finish.
20. If you see the dialog box that says The following configuration has
completed successfully: Enable LDAP security, click Finish to exit the
wizard, then skip to the next step. If enabling security is not successful,
perform the following steps:
a. Click Finish.
b. Correct any incorrect values in your helper file. Open the configwizard.log
and configwizardlog.txt files to help you troubleshoot errors and
determine the correct values:
v portal_server_root/log/configwizard.log.
v portal_server_root/log/configwizardlog.txt.
Note: The Configuration Wizard creates a configwizard.log file for any
task it runs. To help distinguish log information for an enable
security task from another task, the wizard copies the contents of
the configwizard.log generated by the enable security task to the file
enable-security.log.
c. Repeat all of the previous steps in this topic to disable security and enable
LDAP security.
Chapter 4 Connecting to an LDAP Directory Server
203
21. To allow WebSphere Portal Server to communicate with a front-end LDAP
server that manages requests in a clustered directory environment, complete
the following manual steps:
Note: If you transfer to a different database management system (DBMS) after
enabling LDAP security, you must repeat these steps after you complete
the DBMS transfer, because the DBMS transfer overwrites the changes
in the wmm.xml file.
a. With a text editor, open the portal_server_root/shared/app/wmm/
wmm.xml file.
b. Add the following line to the ldapRepository name=″wmmLDAP″ tag,
directly after the ldapPort= line:
java.naming.referral="follow"
c. Save the file.
Note: Workplace Collaboration Services does not support LDAP referrals.
Related tasks
“Configuring read-only access to Sun Java System Directory Server”
“Connecting to Sun Java System Directory Server” on page 193
Configuring read-only access to Sun Java System Directory
Server
Perform the following optional steps to configure read-only access to the LDAP
directory. Read-only access prevents users from using the Sign-up and Edit My
Profile links in the IBM WebSphere Portal Server page to register themselves in the
directory and to change personal attributes in the directory, such as e-mail
addresses.
1. Give the account name you specified for the LDAPAdminUId property when
you enabled LDAP security read-only access to the directory.
2. Perform the following steps to remove the Sign-up and Edit My Profile links
from the WebSphere Portal Server page:
a. Stop the WebSphere Portal Server.
b. Change to the portal_server_root/config directory.
c. Type the following command:
AIX, Linux, Solaris
./WPSconfig.sh action-fixup-signup-link
Microsoft Windows
WPSconfig.bat action-fixup-signup-link
IBM i5/OS
WPSconfig.sh action-fixup-signup-link
Related tasks
“Verifying the Sun Java System Directory Server configuration”
“Connecting to Sun Java System Directory Server” on page 193
Verifying the Sun Java System Directory Server configuration
Perform the following steps to verify the Sun Java System Directory Server
configuration.
1. Log in to the server machine as a user with administrative privileges.
2. Open a command prompt (QShell session on IBM i5/OS).
204
Clustered-server Deployment Guide
3. Navigate to the portal_server_root/rootscripts directory.
4. Start Workplace Collaboration Services with the following command:
AIX, Linux, Solaris
./startWorkplaceServices.sh
Microsoft Windows
startWorkplaceServices.bat
i5/OS
startWorkplaceServices.sh
5. Type the following URL in a Web browser to start the IBM WebSphere
Administrative Console:
AIX, Linux, Solaris, Windows
http://hostname:9091/admin
where hostname is the fully qualified name of the server.
i5/OS
http://hostname:admin_port/admin
where hostname is the fully qualified name of the server and admin_port is the
base port number for the instance, plus 10. For example, if you specified 30000
as your base port number, the WebSphere Administrative Console port would
be port 30010.
6. Test that you can log in as the IBM WebSphere Application Server
administrator.
For information on configuring Secure Sockets Layer (SSL) over LDAP, see the IBM
Workplace Collaboration Services Information Center.
Related concepts
“Optional post-installation tasks” on page 481
Related tasks
“Connecting to Sun Java System Directory Server” on page 193
Connecting to Novell eDirectory
Perform the following steps to configure IBM Workplace Collaboration Services to
use Novell eDirectory:
1. “Creating administrative accounts for Novell eDirectory”
2. “Indexing attributes for Novell eDirectory” on page 206.
3. Optional: “Disabling use of the groupMembership attribute for Novell
eDirectory” on page 207.
4. “Editing the helper file for Novell eDirectory” on page 207.
5. “Enabling LDAP security for Novell eDirectory” on page 212.
6. Optional: “Configuring read-only access to Novell eDirectory” on page 215.
7. “Verifying the Novell eDirectory configuration” on page 216.
Related concepts
“Phase 4: Connecting to an LDAP directory server” on page 157
Creating administrative accounts for Novell eDirectory
Create the following required administrative accounts in the LDAP directory before
you enable LDAP security. See your directory server documentation for
instructions. Each account corresponds to properties that you specify in the helper
Chapter 4 Connecting to an LDAP Directory Server
205
file and in the wizard.
LDAP account
Related properties in helper file and
wizard
IBM WebSphere Application Server
Application Server administrator. This can
be the same as the IBM WebSphere Portal
Server administrator. Make sure that this
account has at least read access to the
directory and to the cn attribute of all user
accounts, or enabling LDAP security will
fail. Novell eDirectory does not allow this
access by default.
WasUserid
WebSphere Portal Server administrator.
PortalAdminId
WasPassword
Note: Make sure that this account contains a PortalAdminIdShort
value for the mail attribute, has at least read
PortalAdminPwd
access to the directory and to the cn
attribute of all user accounts, or enabling
Do not use the following characters in the
LDAP security will fail.
password (PortalAdminPwd) because they
can cause authentication failures:
!()@#$%
WebSphere Portal Server administrator
PortalAdminGroupId
group. This group must include the name of
PortalAdminGroupIdShort
the WebSphere Portal Server administrator
and the WebSphere Application Server
administrator. The group must define its
user and group members using the
members’ distinguished names.
Note: Make sure this account has at least
read access to the directory.
Name that WebSphere Portal Server and
LDAPAdminUId
IBM WebSphere Member Manager use to
bind to the LDAP directory. The access level LDAPAdminPwd
given this name controls the access that IBM
Workplace Collaboration Services has to the
directory.
Note: Make sure that this account has at
least read access to the directory and to the
cn attribute of all user accounts, or enabling
LDAP security can fail.
Name that WebSphere Application Server
uses to bind to the LDAP directory.
Note: Make sure that this account has at
least read access to the directory and to the
cn attribute of all user accounts, or enabling
LDAP security can fail.
LDAPBindID
LDAPBindPassword
Related tasks
“Indexing attributes for Novell eDirectory”
“Connecting to Novell eDirectory” on page 205
Indexing attributes for Novell eDirectory
Index the following attributes in user accounts, to ensure optimal name lookup
performance:
206
Clustered-server Deployment Guide
v
v
v
v
v
v
cn
displayName
givenName
mail
sn
Any additional attribute or attributes specified for the LDAPUserFilter property
in the helper file; for example, uid.
Refer to the Novell eDirectory documentation for instructions on indexing.
Related tasks
“Disabling use of the groupMembership attribute for Novell eDirectory”
“Connecting to Novell eDirectory” on page 205
Disabling use of the groupMembership attribute for Novell
eDirectory
The Novell eDirectory groupMembership attribute is an attribute used in entries to
define the groups of which entries are members. Use of the groupMembership
attribute optimizes group membership searches by making searches of separate
group entries unnecessary. Use of the groupMembership attribute is assumed and
strongly recommended. However, populating the groupMembership attribute in
entries requires that you create and populate groups using either the Novell
eDirectory ConsoleOne or NWADMIN management tool. Adding and populating
groups using ldapadd, ldapmodify, or LDIF import commands does not populate
the groupMembership attribute. If you cannot use the ConsoleOne or NWADMIN
management tool to create and populate group entries, perform the steps below to
prevent IBM WebSphere Member Manager from using the groupMembership
attribute. Recognize that performing these steps will have a negative impact on
membership search performance.
1. Open the portal_server_root/config/templates/wmm/
wmm_LDAP.xml.NDS.3.wmm file with a text editor.
2. Remove the following text from the file:
memberOfAttributeName=groupMembership
3. Save the file.
Note: To disable use of the groupMembership attribute after enabling LDAP
security, perform the steps above, but in addition, delete the
memberOfAttributeName=groupMembership text from the
portal_server_root/shared/app/wmm/wmm.xml file and then restart IBM
Workplace Collaboration Services.
Related tasks
“Editing the helper file for Novell eDirectory”
“Connecting to Novell eDirectory” on page 205
Editing the helper file for Novell eDirectory
Use a helper file to aid in enabling LDAP security. Make a backup copy of the
helper file, then edit the helper file, providing values for directory properties that
are appropriate for your LDAP directory environment. When you run the
Configuration Wizard to enable LDAP security, the wizard reads the values in the
helper file, which you can then verify and correct if necessary.
Chapter 4 Connecting to an LDAP Directory Server
207
v It’s best if someone with advanced knowledge of LDAP concepts and
administration who is familiar with your directory environment edits the helper
file and enables LDAP security.
v The helper file and the table in this topic provide example values for some
directory properties. Do not assume the example values are correct for your
environment; you must evaluate each property to determine the appropriate
value for your environment.
v Ignore the steps described in the ″How to use this file″ section of the helper file.
v Ignore any properties in the helper file that are not described in the table in this
topic.
To edit the helper file:
1. Make a backup copy of the Novell eDirectory helper file, portal_server_root/
config/helpers/security_edir_server.properties.
2. With a text editor, open the security_edir_server.properties. file, specify values
for properties as described in the following table, and then save and close the
file.
Property
Description
IBM WebSphere Application
Server properties
WasUserid
The distinguished name in the LDAP directory for
the WebSphere Application Server administrator. This
can be the same name as the IBM WebSphere Portal
Server administrator (PortalAdminId). This name
must be a member of the WebSphere Portal Server
administrators group defined by the
PortalAdminGroupId property. Make sure this
account has at least read access to the directory.
Make sure that this account has read access to the cn
attribute of user accounts, or enabling LDAP security
can fail. Novell eDirectory does not allow this access
by default.
Example: cn=wasadmin,ou=users,o=acme.com
WasPassword
The password for the WasUserid name. As a security
measure, do not type the password in the helper file.
Type the password when you run the wizard.
WpsHostName
The host name for the WebSphere Portal Server. Type
localhost.
IBM WebSphere Portal Server
configuration properties
PortalAdminId
The distinguished name of the WebSphere Portal
Server administrator in the LDAP directory. This
name must be a member of the WebSphere Portal
Server administrators group defined by the
PortalAdminGroupId property.
Note: Make sure that this account contains a value
for the mail attribute, has at least read access to the
directory and to the cn attribute value of all user
accounts, or enabling LDAP security will fail.
Example: cn=portaladmin,ou=users,o=acme.com
208
Clustered-server Deployment Guide
Property
Description
PortalAdminIdShort
The short form of the WebSphere Portal Server
administrator name.
Example: portaladmin
PortalAdminPwd
Password for the WebSphere Portal Server
administrator. As a security measure, do not type the
password in the helper file. Type the password when
you run the wizard.
Note: Do not include the following characters in the
password because they can cause authentication
failures:
[email protected]()#$%
PortalAdminGroupId
The distinguished name of the WebSphere Portal
Server administrators group in the LDAP directory to
which the WebSphere Portal Server administrator and
the WebSphere Application Server administrator
belong. This group must define its user and group
members using the members’ distinguished names.
Make sure this account has at least read access to the
directory.
Example: cn=portaladmins,ou=groups,o=acme.com
PortalAdminGroupIdShort
The short form of the WebSphere Portal Server
administrators group name.
Example: portaladmins
WebSphere Portal Server security
properties
LTPAPassword
The password used to encrypt and decrypt the LTPA
keys. As a security measure, do not type the
password in the helper file. Type the password when
you run the wizard.
LTPATimeout
Time period in minutes at which an LTPA token
expires.
Example: 120
SSOEnabled
Indicates whether single sign-on is enabled (true or
false).
SSORequiresSSL
Indicates whether single sign-on is enabled only for
Secure Socket Layer (SSL) connections. Type false. If
you want to configure SSL, do so only after you have
enabled LDAP security and verified the LDAP
directory configuration.
SSODomainName
The domain name for all single sign-on hosts.
Example: acme.com
General global security properties
useDomainQualifiedUserNames
Indicates whether to qualify user names with the
security domain within which they reside (true or
false). The default value (false) is recommended for
most environments.
cacheTimeout
Timeout for the security cache. The default value
(600) is recommended for most environments.
Chapter 4 Connecting to an LDAP Directory Server
209
Property
Description
issuePermissionWarnings
Indicates whether during application deployment and
application start, the security run time emits a
warning if applications are granted any custom
permissions (true or false). The default value (true) is
recommended for most environments.
activeProtocol
The authentication protocol for RMI/IIOP requests
when security is enabled. The default value (BOTH)
is recommended for most environments.
activeAuthmechanism
The authentication mechanism when security is
enabled. The default value (LTPA) is recommended
for most environments.
LDAP properties
LDAPHostName
The host name for your LDAP server.
Example: ldap.acme.com
LDAPPort
The LDAP server port number. Typically you type
389. Do not type a port used for SSL connections, for
example, 636. If you want to configure an SSL port
for LDAP, do so after you have enabled LDAP
security and verified the LDAP directory
configuration.
LDAPAdminUId
The distinguished name in the LDAP directory that
WebSphere Portal Server and IBM WebSphere
Member Manager use to bind to the directory. The
level of access given this name determines the level
of access that IBM Workplace Collaboration Services
has to the directory. This name does not have to
contain a uid attribute.
Note: Make sure that this account has at least read
access to the directory, otherwise enabling LDAP
security will fail. Limit this account to read-only
access if you want to prevent users from using the
Sign-up link to register accounts in the directory, and
from using the Edit My Profile link to change
attributes in the directory, such as their e-mail
addresses.
Example: cn=ldapadmin,ou=users,o=acme.com
LDAPAdminPwd
The password for the name assigned to the
LDAPAdminUId property. As a security measure, do
not type the password in the helper file. Type the
password when you run the wizard.
LDAPServerType
Do not change, leave as NDS.
LDAPBindID
Distinguished name that WebSphere Application
Server uses to bind to the directory.
Example: uid=wpsbind,ou=users,o=acme.com
Note: Make sure that this account has at least read
access to the directory and to the cn attribute of all
user accounts, or enabling LDAP security can fail.
LDAPBindPassword
210
Clustered-server Deployment Guide
The password for the LDAPBindID name. As a
security measure, do not type the password in the
helper file. Type the password when you run the
wizard.
Property
Description
Advanced LDAP properties
LDAPSuffix
The location in the directory tree at which to begin
searches for user and group names.
Example: o=acme.com
LDAPUserPrefix
The leftmost attribute of user names in the directory.
Example: cn
LDAPUserSuffix
The location in the directory tree at which to begin
searches for user names. Make sure that the names
specified for WasUserID, PortalAdminID,
LDAPAdminUId, and LDAPBindID are under this
location or enabling LDAP security will fail.
Example: ou=users
Do not append the LDAPSuffix value as part of this
value. For example, do not type
ou=users,o=acme.com
LDAPGroupPrefix
The leftmost attribute of group names in the
directory.
Example: cn
LDAPGroupSuffix
The location in the directory tree at which to begin
searches for group names.
Example: ou=groups
Do not append the LDAPSuffix value as part of this
value. For example, do not type
ou=groups,o=acme.com
LDAPUserObjectClass
The object class used for users.Example:
inetOrgPerson
LDAPGroupObjectClass
The object class used for groups.
Example: groupOfNames
LDAPGroupMember
The attribute used for the members of groups.
Example: member
LDAPUserFilter
The filter used to search for user accounts. The filter
must include the following text:
(&(|(userprefix=%v)(mail=%v))(objectclass=
userobjectclass))
where userprefix is the value specified for the
LDAPUserPrefix property and userobjectclass is the
value specified for the LDAPUserObjectClass
property.
Example: (&(|(cn=%v)(mail=
%v))(objectclass=inetOrgPerson))
Chapter 4 Connecting to an LDAP Directory Server
211
Property
Description
LDAPGroupFilter
The filter used to search for groups accounts. The
filter must include the following text:
(&(groupprefix=%v)(objectclass=
groupobjectclass))
where groupprefix is the value specified for the
LDAPGroupPrefix property and groupobjectclass is the
value specified for the LDAPGroupObjectClass
property.
Example: (&(cn=%v)(objectclass=groupOfNames))
LDAPGroupMinimumAttributes
Attributes loaded for group searches and related to
performance. Leave this property blank.
LDAPUserBaseAttributes
Attributes loaded for user login related to
performance. Type givenName,sn,preferredLanguage.
Also type the following values to allow users, for
example calendar users, to set international time and
date preferences in the Edit My Profile page:
,ibm-regionalLocale,ibm-timeZone,
ibm-preferredCalendar,ibm-firstDayOfWeek,
ibm-firstWorkDayOfWeek
LDAPUserMinimumAttributes
Attributes loaded for user searches and related to
performance. Leave this property blank.
LDAPsearchTimeout
Value in seconds for the amount of time the LDAP
server has to respond before canceling a request.
Example: 120
LDAPreuseConnection
Indicates whether LDAP connections are reused (true
or false). If your environment uses a frontend server
to spray requests to multiple backend LDAP
directory servers, type false. If your environment
does not use an intermediate server but instead
authenticates directly with the LDAP directory server,
type true.
LDAPIgnoreCase
Indicates whether LDAP searches ignore character
case (true or false).
Related tasks
“Enabling LDAP security for Novell eDirectory”
“Connecting to Novell eDirectory” on page 205
Enabling LDAP security for Novell eDirectory
Perform the following steps to use the Configuration Wizard to disable IBM
WebSphere Application Server global security, and then to enable LDAP security.
These steps assume you are running the Configuration Wizard using the graphical
user interface. If you are using the console interface, to advance in the wizard, type
the number the wizard indicates rather than click Next. Online help is not
available in console mode.
1. Make sure you have made a backup copy of the
security_edir_server.properties helper file, and have edited the helper file to
accommodate your directory environment, as explained in the topic “Editing
the helper file for Novell eDirectory” on page 207.
2. Start your LDAP directory server.
212
Clustered-server Deployment Guide
3. Verify that the account specified for the PortalAdminId property includes a
value for the mail attribute. Use an ldap search tool also to verify that you can
bind and return objects using the accounts specified for the PortalAdminId,
LDAPAdminUId, and LDAPBindID properties.
4. Start Cloudscape Network Server and WebSphere Application Server, and stop
IBM WebSphere Portal Server and Mail_Server_1, as explained in “Starting
and stopping IBM Workplace Collaboration Services servers” on page 145.
5. Start the Configuration Wizard as described in the appropriate topic for your
operating system:
v “AIX, Linux, and Solaris: Starting the Configuration Wizard” on page 111
v “Windows: Starting the Configuration Wizard” on page 123
v “i5/OS: Starting the Configuration Wizard” on page 142
6. At the Select the configuration task that you want to perform dialog box in
the Configuration Wizard, click Disable security, and then click Next.
7. At the WebSphere Application Server global security is enabled. Enter the
user ID and password to be used for Websphere Application Server
administration dialog box, type the administrator name and password
specified during IBM Workplace Collaboration Services installation, and then
click Next.
8. At the Please enter an appropriate properties file location dialog box, type
the path and file name for the wpconfig.properties file, located in the
portal_server_root/config directory. For example, type /opt/IBM/Workplace/
PortalServer/config/wpconfig.properties.
Note: Do not type the path and file name of the LDAP directory helper file
you edited previously. You will provide that path and file name later in
the procedure when you enable LDAP security.
9. Verify that the next dialog box contains the values indicated in the following
table, then click Next. Do not leave any of the properties blank.
Property
Action
PortalAdminID
Verify that the value is uid=admin,o=default organization, where
admin is the administrator name specified during Workplace
Collaboration Services installation.
PortalAdminIdShort
Verify that the value is the administrator name specified during
Workplace Collaboration Services installation.
PortalAdminPwd
Type the administrator password that you specified during
Workplace Collaboration Services installation.
PortalAdminGroupId
Verify that the value is cn=wpsadmins,o=default organization.
DbPassword
Accept the default hidden password value.
WmmDbPassword
Accept the default hidden password value.
10. At the The Configuration Wizard is ready to run the following
configuration: Disable security dialog box, click Next to disable security. See
the progress bar and wait for the wizard to finish.
11. If you see the The following configuration has completed successfully:
Disable security dialog box, skip to the next step. If disabling security is not
successful, perform the following steps:
a. Click Finish.
b. Correct errors. Open the configwizard.log and configwizardlog.txt files to
help you troubleshoot errors and determine the correct values:
Chapter 4 Connecting to an LDAP Directory Server
213
v portal_server_root/log/configwizard.log.
v portal_server_root/log/configwizardlog.txt.
12.
13.
14.
15.
16.
17.
Note: The Configuration Wizard creates a configwizard.log file for any
task it runs. To help distinguish log information for a disable
security task from another task, the wizard copies the contents of
the configwizard.log generated by the disable security task to the
file disable-security.log.
c. Repeat steps 6 through 11 to disable security.
Verify that Cloudscape Network Server is running, and that WebSphere
Application Server, IBM WebSphere Portal Server, and Mail_Server_1 are not
running, as explained in “Starting and stopping IBM Workplace Collaboration
Services servers” on page 145.
Click Run Wizard Again.
At the Select the configuration task that you want to perform dialog box,
click Enable LDAP security, and then click Next.
At the Select the LDAP type to use for authentication dialog box, click
Novell eDirectory, and then click Next.
At the Please enter your helper properties file location dialog box, type
portal_server_root/config/helpers/security_edir_server.properties, and then
click Next.
Advance through the wizard.
v At each stage, verify the values the wizard reads from the helper file, and
correct values if necessary. Accurate values are essential for proper LDAP
directory configuration.
v Remember to type the required passwords, which you did not type in the
helper file.
v The wizard may not read the domain name specified for the
SSODomainName property from the helper file. In this case, be sure to type
the SSO domain name again in the wizard.
v If an error prevents you from advancing in the wizard, refer to the
portal_server_root/log/configwizard.log file and the portal_server_root/log/
configwizardlog.txt file to help you troubleshoot the problem.
18. Near the end of the wizard, type values for the following properties, and then
click Next. These properties are not included in the helper file.
Property
Action
WmmDbPassword
Type any text but do not leave the property blank.
DbPassword
Type any text but do not leave the property blank.
LWPDBAdminPassword
Type any text but do not leave the property blank.
19. At the The Configuration Wizard is ready to run the following
configuration: Enable LDAP security dialog box, click Next to run the
wizard. See the progress bar and wait for the wizard to finish.
20. If you see the dialog box that says The following configuration has
completed successfully: Enable LDAP security, click Finish to exit the
wizard, then skip to the next step. If enabling security is not successful,
perform the following steps:
a. Click Finish.
214
Clustered-server Deployment Guide
b. Correct any incorrect values in your helper file. Open the configwizard.log
and configwizardlog.txt files to help you troubleshoot errors and
determine the correct values:
v portal_server_root/log/configwizard.log.
v portal_server_root/log/configwizardlog.txt.
Note: The Configuration Wizard creates a configwizard.log file for any
task it runs. To help distinguish log information for an enable
security task from another task, the wizard copies the contents of
the configwizard.log generated by the enable security task to the file
enable-security.log.
c. Repeat all of the previous steps in this topic to disable security and enable
LDAP security.
21. To allow WebSphere Portal Server to communicate with a front-end LDAP
server that manages requests in a clustered directory environment, complete
the following manual steps:
Note: If you transfer to a different database management system (DBMS) after
enabling LDAP security, you must repeat these steps after you complete
the DBMS transfer, because the DBMS transfer overwrites the changes
in the wmm.xml file.
a. With a text editor, open the portal_server_root/shared/app/wmm/
wmm.xml file.
b. Add the following line to the ldapRepository name=″wmmLDAP″ tag,
directly after the ldapPort= line:
java.naming.referral="follow"
c. Save the file.
Note: Workplace Collaboration Services does not support LDAP referrals.
Related tasks
“Configuring read-only access to Novell eDirectory”
“Connecting to Novell eDirectory” on page 205
Configuring read-only access to Novell eDirectory
Perform the following optional steps to configure read-only access to the LDAP
directory. Read-only access prevents users from using the Sign-up and Edit My
Profile links in the IBM WebSphere Portal Server page to register themselves in the
directory and to change personal attributes in the directory, such as e-mail
addresses.
1. Give the account name you specified for the LDAPAdminUId property when
you enabled LDAP security read-only access to the directory.
2. Perform the following steps to remove the Sign-up and Edit My Profile links
from the WebSphere Portal Server page:
a. Stop the WebSphere Portal Server.
b. Change to the portal_server_root/config directory.
c. Type the following command:
AIX, Linux, Solaris
./WPSconfig.sh action-fixup-signup-link
Microsoft Windows
WPSconfig.bat action-fixup-signup-link
IBM i5/OS
Chapter 4 Connecting to an LDAP Directory Server
215
WPSconfig.sh action-fixup-signup-link
Related tasks
“Verifying the Novell eDirectory configuration”
“Connecting to Novell eDirectory” on page 205
Verifying the Novell eDirectory configuration
Perform the following steps to verify the Novell eDirectory configuration.
1. Log in to the server machine as a user with administrative privileges.
2. Open a command prompt (QShell session on IBM i5/OS).
3. Navigate to the portal_server_root/rootscripts directory.
4. Start Workplace Collaboration Services with the following command:
AIX, Linux, Solaris
./startWorkplaceServices.sh
Microsoft Windows
startWorkplaceServices.bat
i5/OS
startWorkplaceServices.sh
5. Type the following URL in a Web browser to start the IBM WebSphere
Administrative Console:
AIX, Linux, Solaris, Windows
http://hostname:9091/admin
where hostname is the fully qualified name of the server.
i5/OS
http://hostname:admin_port/admin
where hostname is the fully qualified name of the server and admin_port is the
base port number for the instance, plus 10. For example, if you specified 30000
as your base port number, the WebSphere Administrative Console port would
be port 30010.
6. Test that you can log in as the IBM WebSphere Application Server
administrator.
For information on configuring Secure Sockets Layer (SSL) over LDAP, see the IBM
Workplace Collaboration Services Information Center.
Related concepts
“Optional post-installation tasks” on page 481
Related tasks
“Connecting to Novell eDirectory” on page 205
216
Clustered-server Deployment Guide
Chapter 5 Connecting to a DBMS Server
This chapter provides information about setting up IBM Workplace Collaboration
Services to work with an external DBMS server.
Phase 5: Transferring data to an external database
By default, IBM Workplace Collaboration Services is installed with some
predefined data stored in the IBM Cloudscape database management system,
which is automatically installed on the Workplace Collaboration Services server.
Data for IBM WebSphere Portal Server (installed along with Workplace
Collaboration Services) is also stored in Cloudscape.
If you intend to use the Cloudscape database, skip this entire section; your
database is ready to use.
If you do not want to use the Cloudscape server to host your data, you must
transfer the predefined data to an external DBMS server as described in this
section.
Attention: If you want to change the context root of your Workplace
Collaboration Services installation, you must do that before you transfer data from
Cloudscape to another DBMS product.
Related tasks
“Changing the installed context root” on page 484
Transferring data from Cloudscape to another database
Before you transfer any data, install the new DBMS server on the computer that
will host the Workplace Collaboration Services database. If the database will not be
hosted on the Workplace software server, be sure to install the database client on
that server, so it can access the database.
Note: The database transfer procedure can migrate user-created data as well as the
data created during product installation; however, migrating additional data
takes longer and leaves the process more prone to errors. For best results,
complete the database transfer before users begin working with Workplace
Collaboration Services.
Transferring to another database involves several tasks, including setting up new
database schemas and migrating data from Cloudscape (on the Workplace software
server) to the new database.
In a clustered-server environment, you then connect any additional nodes in the
cluster to the new database, so they can also access the data.
Proceed to the database transfer topic for the DBMS product you will use:
v “Transferring data to DB2 Universal Database” on page 218
v “Transferring data to DB2 for iSeries” on page 230
v “Transferring data to Oracle” on page 238
v “Transferring data to SQL Server” on page 252
© Copyright IBM Corp. 2002, 2006
217
Transferring data to DB2 Universal Database
By default, IBM WebSphere Portal Server and IBM Workplace Collaboration
Services install with some predefined data stored in the IBM Cloudscape database
management system, hosted on the Workplace Collaboration Services server.
Cloudscape is sufficiently robust for use in demo installations; however, for a
production environment, it is recommended that you transfer data to a more
robust DBMS product.
Before you begin the database transfer, you should be aware of the following
constraints:
v If you edited the wmm.xml file manually during the LDAP directory transfer
process, those changes will be overwritten during the database transfer, and
must be recreated after the database transfer is complete.
v Even if you create the database yourself, you must run Step 2 below (Setting up
the database) before attempting to transfer data, because it ensures that the
database contains appropriate schemas and tablespaces.
Transferring data to IBM DB2 Universal Database involves the following tasks,
which must be completed in the sequence shown:
1. “Creating the database in DB2,” which creates the database container in which
Workplace Collaboration Services data will be stored.
2. “Setting up the database in DB2” on page 220, which creates the schemas and
tablespaces required by Workplace Collaboration Services.
3. “Transferring WebSphere Portal Server data to DB2” on page 225, which
transfers default WebSphere Portal Server data to the DB2 database.
4. “Transferring Workplace Collaboration Services data to DB2” on page 228,
which transfers default Workplace Collaboration Services data to the DB2
database.
5. “Updating the DB2 settings” on page 229, which completes some final setup
tasks for the database before you start using the product.
6. “Installing the DB2 Universal Database client” on page 104 on every Workplace
software server, and then cataloging the DB2 database from each client. This
ensures that the client can access data stored in the remote database.
7. (If the DB2 server is not hosted on the Workplace software server) “Installing
the DB2 Universal Database client” on page 104 on the Workplace software
server, and then cataloging the DB2 database from the client. This ensures that
the client can access data stored in the remote database.
If you are installing a Network Deployment cluster, your next task is to connect
the nodes within the cluster to the DB2 database; for instructions, see the topic
“Connecting nodes to DB2 Universal Database” on page 266
Now that you have transferred data to the DB2 database, you are finished with the
DBMS setup portion of your deployment. Proceed to the topic “Phase 6:
Connecting to an external HTTP server” on page 287
Creating the database in DB2:
If you want to transfer the IBM Workplace Collaboration Services data from its
default database (stored in IBM Cloudscape) to IBM DB2 Universal Database, you
must create a database container to store IBM WebSphere Portal Server and IBM
218
Clustered-server Deployment Guide
Workplace Collaboration Services data. To learn about the types of information that
will be stored in the database, see the topic “About the Workplace Collaboration
Services database.”
You can let the Configuration Wizard create and configure a local database (hosted
on the Workplace Collaboration Services server) for you by setting the Run
database creation option to True during the Database Setup task. If you will use
this method, skip directly to “Setting up the database in DB2” on page 220.
If you want to use a remote database (hosted on a separate computer), you must
create it yourself on the DB2 server. Although you can share the DB2 server
installation itself, use the DB2 server application to create a separate database that
is dedicated to Workplace Collaboration Services instead of sharing a database
with other applications.
Once the database has been created, you configure it during the database transfer
task. Proceed to the topic, “Setting up the database in DB2” on page 220.
About the Workplace Collaboration Services database: IBM Workplace Collaboration
Services uses a single database container.
For IBM DB2 Universal Database and Microsoft SQL Server Enterprise Edition, the
data for Workplace Collaboration Services and IBM WebSphere Portal Server are
combined in a single database, referred to in this documentation as wps50.
For Oracle Enterprise Edition, the database is created during DBMS software
installation, and schemas for both WebSphere Portal Server and Workplace
Collaboration Services are added to a single instance of Oracle. In Oracle, the
default instance name is ″ORCL″, but this name is configurable; for consistency
with the other supported DBMS product, examples in the installation
documentation use ″wps50″ as the instance name.
The Workplace Collaboration Services database hosts multiple schemas, described
in the following table.
Schema Name
Description
database_owner
This WebSphere Portal Serverl schema stores
configuration information for pages, portlets,
users and other portal administrative objects.
Instant messaging contact lists are stored in
this schema. This schema also stores
WebSphere Portal Server content for
publishing, documents created by IBM
Workplace Documents, and other documents
and discussions created by Workplace
Collaboration Services capabilities.
This schema is named using the uppercase
version of the database instance owner’s
user name.
FEEDBACK
This schema contains the information logged
by WebSphere Portal Server for generating
reports for analysis of site activity including
information about campaigns and
personalized resources.
Chapter 5 Connecting to a DBMS Server
219
Schema Name
Description
LWPCOMM
This schema contains administrative data,
mail services data, and team collaboration
data. The schema is also used as the
messaging archive schema to track archived
mail messages. The schema contains links to
archived content that is stored on the file
system.
LWPLMS
The IBM Workplace Collaborative Learning
″Learning Management″ schema maintains
learning information, including the course
catalog, enrollments, and consolidated
progress records.
LWPLDS
The Workplace Collaborative Learning
″Learning Delivery″ schema stores progress
data recorded from student actions. This
data is subsequently transmitted to the
″Learning Management″ schema.
EJB
This schema is used for business rule beans.
PZNADMIN
This schema used for personalization data.
Setting up the database in DB2:
Attention: You must run the Setup Database task before attempting to transfer
data, even if you already have a database container created. The Setup Database
task creates the schemas and tablespaces required by IBM Workplace Collaboration
Services.
Perform this task on the computer hosting Workplace Collaboration Services.
1. If your database will be hosted on a remote server, verify that you have
installed the DB2 database client on the Workplace software server.
2. (AIX, Linux, and Solaris) Add the .profile of the DB2 login user to the root
.profile to set up the DB2 environment.
3. (RedHat 3.0 only) Locate the etc/ant.conf file and rename it to ant.conf.BAK.
The database transfer task will install a file with the same name, so renaming
your original file will prevent it from being overwritten in case you want to
use it at a later date.
Note: If you have run this task before, delete the ant.conf file (created during
the previous run) from the directory. Make sure you don’t delete
ant.conf.bak, which is the original version of this file.
4. Start Cloudscape NetworkServer and WebSphere Application Server, as
explained in “Starting and stopping IBM Workplace Collaboration Services
servers” on page 145.
5. Start the Configuration Wizard as explained in the appropriate topic for your
platform:
v “AIX, Linux, and Solaris: Starting the Configuration Wizard” on page 111
v “Windows: Starting the Configuration Wizard” on page 123
6. If you did not enable security for your LDAP directory, do so now, following
the instructions in the appropriate topic for your LDAP server:
v “Enabling LDAP security for IBM Tivoli Directory Server” on page 164
v “Enabling LDAP security for Domino Directory” on page 178
220
Clustered-server Deployment Guide
v “Enabling LDAP security for Active Directory” on page 189
v “Enabling LDAP security for Sun Java System Directory Server” on page
201
v “Enabling LDAP security for Novell eDirectory” on page 212
Attention: You must have security enabled before you even view any of the
database transfer screens. This is necessary because the dbbuild.properties file
is modified as you navigate through the Database Transfer screens and enter
information, and those changes are saved even if you don’t run all of the
transfer tasks. Once the dbbuild.properties file has been modified, the Enable
Security task will not run correctly.
7. In the Select the configuration task that you want to perform dialog box,
click Set up new IBM Workplace software database, and then click Next.
8. In the Select the database type... dialog box, select IBM DB2 Universal
Database, and then click Next.
9. In the LWPDBDriver: dialog box, type the appropriate paths to the relevant
database files, and then click Next. The following table includes examples of
appropriate values for each field in the dialog box, assuming a Microsoft
Windows server.
File
Example Path
LWPDBDriver
COM.ibm.db2.jdbc.app.DB2Driver
LWPDbLibrary
AIX, Linux, and Solaris
/home/db2inst1/sqllib/java/db2java.zip
Windows
D:/IBM/SQLLIB/java/db2java.zip
10. In the LWPDBName: dialog box, fill in information about the new database,
including its associated user names and passwords, and then click Next. The
following table includes examples of appropriate values for each field in the
dialog box, assuming a Windows server.
Field
Example Values
Comments
LWPDBNAME
wps50
Enter the database name.
LWPDBUrl
jdbc:db2:wps50
Use the database name.
LWPDBAdminUser
db2admin
This user name is case
sensitive.
LWPDBAdminPassword
db2admin_password
Always type the password
yourself as the default value
may not be correct.
LWPDBAppUser
db2admin
Application User’s name.
This user name is case
sensitive.
LWPDBAppPassword
db2admin_password
Application User’s
password. Always type the
password yourself as the
default value may not be
correct.
11. In the You will be able to choose to create a local DB2 database dialog box,
fill in the fields and then click Next. The following table includes examples of
appropriate values for each field in the dialog box, assuming aWindows
Chapter 5 Connecting to a DBMS Server
221
server.
Field
Example Value
Comment
Run database
creation
False
If you want the database created locally, set
this value to True. Use False for a remote
database or for a local database that already
exists.
Always set this value to False if your Workplace
Collaboration Services server is running on
AIX, Linux, or Solaris .
LWPDBHome
D:/IBM/SQLLIB
Type the path to the DB2 home directory.
Default paths are shown here but will depend
upon your installation:
AIX, Linux, and Solaris
/opt/IBM/db2/V8.1
Windows
D:/IBM/SQLLIB
12. In the IBM Workplace common settings dialog box, fill in the schema and
tablespace information for the LWPCOMM schema, and then click Next. The
following table includes examples of appropriate values for each field in the
dialog box, assuming a Windows server.
Field
Example Value
Comment
LWPComSchema
LWPCOMM
The user name of the Comm (Common)
schema’s owner.
db.lwp.comm.data
.tablespace.name
LWPCOMMREG
The data tablespace name for the Comm
schema
db.lwp.comm.data
.container.list
LWPCOMMREG
The data tablespace location for the
Comm schema.
13. In the Learning Management Settings dialog box, fill in the schema and
tablespace information for the LWPLMS schema, and then click Next. The
following table includes examples of appropriate values for each field in the
dialog box, assuming a Windows server.
Field
Example Value
Comment
LWPLMSSchema
LWPLMS
The user name of the LMS (Learning
Management) schema’s owner.
db.lwp.lms.data
.tablespace.name
LWPLMSDATA
The data tablespace name for the LMS
schema
db.lwp.lms.data
.container.list
LWPLMSDATA
The data tablespace location for the LMS
schema.
14. In the Learning Delivery Settings dialog box, fill in the schema and
tablespace information for the LWPLDS schema, and then click Next. The
following table includes examples of appropriate values for each field in the
dialog box, assuming a Windows server.
222
Field
Example Value
Comment
LWPLDSSchema
LWPLDS
The user name of the LDS (Learning
Delivery) schema’s owner.
Clustered-server Deployment Guide
Field
Example Value
Comment
db.lwp.lds.data
.tablespace.name
LWPLDSDATA
The data tablespace name for the LDS
schema.
db.lwp.lds.data
.container.list
LWPLDSDATA
The data tablespace location for the
LDS schema.
15. In the Messaging Settings dialog box, fill in the schema and tablespace
information for the LWPMSG schema, and then click Next. The following
table includes examples of appropriate values for each field in the dialog box,
assuming a Windows server.
Field
Example Value
Comment
LWPMsgSchema
LWPMSG
The user name of the Msg (Messaging)
schema’s owner.
db.num.partitions 3
The number of partitions to create within the
Msg schema.
db.lwp.msg.data
.tablespace.name
LWPMSGDATA
The data tablespace name for the Msg schema
db.lwp.msg.data
.container.list
LWPMSGDATA
The data tablespace location for the Msg
schema.
db.lwp.msg.ptn
.tablespace.name
LWPMSGPTN
The tablespace partition name base for the Msg
schema.
db.lwp.msg.ptn
.container.list
LWPMSGPTN
The tablespace partition location base for the
Msg schema.
db.lwp.msg.mta
.tablespace.name
LWPMSGMTA
The MTA tablespace name for the Msg schema.
db.lwp.msg.mta
.container.list
LWPMSGMTA
The MTA tablespace location for the Msg
schema
db.lwp.msg.file
.tablespace.name
LWPMSGFILE
The file tablespace name for the Msg schema
db.lwp.msg.file
.container.list
LWPMSGFILE
The file tablespace location for the Msg schema.
16. In the Messaging Archive Settings dialog box, fill in the schema and
tablespace information for the LWPARC schema, and then click Next. The
following table includes examples of appropriate values for each field in the
dialog box, assuming a Windows server.
Field
Example Value
Comment
LWPArcSchema
LWPARC
The password for the Arc schema
owner account. Always type the
password yourself as the default value
may not be correct.
db.lwp.arc.data
.tablespace.name
LWPARCDATA
The data tablespace name for the Arc
schema.
db.lwp.arc.data
.container.list
LWPARCDATA
The data tablespace location for the Arc
schema.
17. If you are using a local database (hosted directly on the Workplace
Collaboration Services server) in Windows, skip to the next step.
Chapter 5 Connecting to a DBMS Server
223
If you are using a remote database (hosted on a separate computer) in any
operating system, or are using a local database inAIX, Linux, or Solaris, create
the DB2 database now:
a. Leave the Configuration Wizard open, and open a command prompt
window.
b. Use FTP to transfer the following files from $WCS_HOME/config/
database/work/common.db/db2 to a temporary directory on the database
server:
v createDb.run
v configureDb.run
c. On the remote DB2 server, log on with your DB2 administrator account
and set up the DB2 environment.
d. (Local database in AIX, Linux, or Solaris only) Edit the createDb.run and
configureDb.run files and replace all occurrences of ″wps50″ with another
name; for example, ″wps50ALS″. This name will be used as the database
alias in the steps that follow.
e. Navigate to the temporary directory where you copied the files in substep
b, and then run the following commands to create the database:
Note: Ensure that these files are executable by the DB2 user.
> db2 -tvf createDb.run
> db2 -tvf configureDb.run
f. Return to the Workplace Collaboration Services server and catalog the
database:
AIX, Linux, and Solaris: remote database
catalog tcpip node node_name remote server_dns_name server server_port
catalog database wps50ALS as wps50 at node node_name
AIX, Linux, and Solaris: local database
catalog tcpip node node_name remote server_dns_name server server_port
catalog database wps50ALS as wps50 at node node_name
Note: Linux systems may experience semaphore problems related to
shared memory attachment, resulting in a DB2 SQL1224 error. For
information on a workaround, see ″StaleConnectionException on
Linux systems″ in the WebSphere Portal Server information center,
at: http://publib.boulder.ibm.com/infocenter/wasinfo/v5r1//topic/
com.ibm.websphere.base.doc/info/aes/ae/rdat_stalelinux.html
Windows
catalog tcpip node node_name remote server_dns_name server server_port
catalog database wps50 as wps50 at node node_name
where:
v node_name is any eight-character name you want to assign to the node, as
in: myDB2svr
v server_dns_name is the fully qualified domain name of the remote
database server, as in: db2server.acme.com
v server_port is the port on which DB2 is installed; this is normally port
50000 (Windows) or 50001 (AIX, Linux, and Solaris).
Note: You will also need to catalog the database from every DB2 client that
will access it.
18. In the Do you wish the setup wizard to run these scripts now? dialog box,
start the database configuration by clicking Next. If you are using a local
224
Clustered-server Deployment Guide
database on a Windows operating system and have set Run database creation
to True earlier in this procedure, the database is created for you during this
step.
19. Review the logs (configwizard.log and configwizardlog.txt) from the database
set-up task to ensure all is well before proceeding to the next task; the logs are
stored in the portal_server_root/log directory.
The Configuration Wizard creates a configwizard.log file for any task it runs.
To help distinguish log information for the database set-up task from other
tasks, the wizard copies the contents of the configwizard.log generated by this
task to the file workplace-setup-database.log.
Note: If you have successfully completed a database transfer and you are
running it again, the database schema are already in place and are not
affected by the Database Setup task. The logs will note warnings to this
effect.
20. Return to the task selection dialog box (for the next task) by clicking Run
Wizard Again.
After you have set up the DB2 schemas, proceed to “Transferring WebSphere
Portal Server data to DB2.”
Transferring WebSphere Portal Server data to DB2:
Both the IBM Cloudscape server and the IBM DB2 Universal Database server must
be running to support the data transfer.
Perform this task on the computer hosting IBM Workplace Collaboration Services.
1. (AIX, Linux, and Solaris) Add the .profile of the DB2 login user to the root
.profile to set up the DB2 environment.
2. Start Cloudscape NetworkServer and WebSphere Application Server, and stop
WebSphere Portal Server, as explained in “Starting and stopping IBM
Workplace Collaboration Services servers” on page 145.
3. Start the Configuration Wizard as explained in the topic appropriate for your
platform:
v “AIX, Linux, and Solaris: Starting the Configuration Wizard” on page 111
v “Windows: Starting the Configuration Wizard” on page 123
4. In the Select the configuration task that you want to perform dialog box,
click Transfer WebSphere Portal data to another database, and then click
Next.
5. In the Select the database type... dialog box, select IBM DB2 Universal
Database, and then click Next.
6. If the WebSphere Application Server global security is enabled... dialog box
appears, type the WebSphere Application Server administrative user name and
password in the appropriate fields, and then click Next.
7. If the Enter the LDAPAdminUID and password dialog box appears, type the
LDAP administrator account’s fully distinguished user name and password in
the appropriate fields, and then click Next.
Note: Enter the LDAPAdminUID in its full form (cn=wpsadmin,ouacme,o=test). If this is not entered correctly, the Invalid user ID or
Password. Check the values you entered and try again dialog box will
appear and you will not be able to proceed until you correct the
information.
Chapter 5 Connecting to a DBMS Server
225
8. In the Please enter an appropriate properties file location... dialog box,
browse to or type the path to the DB2 transfer helper file, and then click Next.
This file is usually stored in the following location:
AIX, Linux, and Solaris
/home/db2inst1/sqllib/java/db2java.zip
Windows
portal_server_root/config/helpers/transfer_db2.properties
9. In the DbDriver: dialog box, type appropriate paths for the requested files,
and then click Next. The following table shows example values for a Windows
server.
File
Example path
DBDriver
COM.ibm.db2.jdbc.
app.DB2Driver
Comments
DBDriverDs
COM.ibm.db2.jdbc.
DB2XADataSource
This path has been formatted
for readability; type it without
any spaces or line breaks.
DBLibrary
D:\IBM\SQLLIB\java\
db2java.zip
For Windows, use a single
backslash between directories;
use a single forward slash for
AIX, Linux, and Solaris.
10. In the WpsDbName: dialog box, type appropriate values for the requested
information, and then click Next. The following table shows example values
for a Windows server.
Field
Example Value
Comments
WpsDbName
wps50
For a remote database, use the
name of the alias you used
when cataloging the database.
DbUser
db2admin
This value is case sensitive.
DbPassword
db2admin_password
Always type the password
yourself as the default value
may not be correct.
DbUrl
jdbc:db2:wps50
WpsXDbName
wps50
(Linux only) For a remote
database, use the name of the
alias you used when cataloging
the database.
WpsDbNode
wpsNode
For a remote database, use the
name of the node you
cataloged after creating the
database.
11. In the WmmDbName: dialog box, type appropriate values for the requested
information, and then click Next. The following table shows example values
for a Windows server.
226
Field
Example Value
Comments
WmmDbName
wps50
For a remote database, use the
name of the alias you used
when cataloging the database.
Clustered-server Deployment Guide
Field
Example Value
Comments
WmmDbUser
db2admin
This value is case sensitive.
WmmDbPassword
db2admin_password
Always type the password
yourself as the default value
may not be correct.
WmmDbUrl
jdbc:db2:wps50
12. In the WpcpDbName: dialog box, type appropriate values for the requested
information, and then click Next. The following table shows example values
for a Windows server.
Field
Example Value
Comments
WpcpDbName
wps50
For a remote database, use
the name of the alias you
used when cataloging the
database.
WpcpDbUser
db2admin
This value is case sensitive.
WpcpDbPassword
db2admin_password
Always type the password
yourself as the default value
may not be correct.
WpcpDbUrl
jdbc:db2:wps50
WpcpDbNode
wcmNode
(Linux only) For a remote
database, use the name of the
alias you used when
cataloging the database.
WpcpResourceUrl
portal_server_root/
\wpcp\v5.0\runtime\lib
For Windows, use a single
backslash between directories;
use a single forward slash for
AIX, Linux, and Solaris.
13. In the FeedbackDbName: dialog box, type appropriate values for the
requested information, and then click Next. The following table shows
example values for a Windows server.
Field
Example Value
Comments
FeedbackDbName
wps50
FeedbackDbUser
db2admin
This value is case sensitive.
FeedbackDb
Password
db2admin_password
Always type the password yourself
as the default value may not be
correct.
FeedbackDbUrl
jdbc:db2:wps50
Feedback
XDbName
wps50
(Linux only) For a remote
database, use the name of the alias
you used when cataloging the
database.
14. In the The WebSphere Portal Configuration Wizard is ready to run the
following configuration dialog box, start the database transfer by clicking
Next.
15. Return to the task selection dialog box (for the next task) by clicking Run
Wizard Again.
Chapter 5 Connecting to a DBMS Server
227
16. Review the logs (configwizard.log and configwizardlog.txt) from the
WebSphere Portal Server database transfer to ensure all is well before
proceeding to the next task; the logs are stored in the portal_server_root/log
directory.
The Configuration Wizard creates a configwizard.log file for any task it runs.
To help distinguish log information for the database transfer task from other
tasks, the wizard copies the contents of the configwizard.log generated by this
task to the file portal-database-transfer-database.log.
After you have successfully transferred the WebSphere Portal Server data to DB2,
proceed to “Transferring Workplace Collaboration Services data to DB2.”
Transferring Workplace Collaboration Services data to DB2:
Perform this task on the computer hosting IBM Workplace Collaboration Services.
1. (AIX, Linux, and Solaris) Add the .profile of the DB2 login user to the root
.profile to set up the DB2 environment.
2. Stop Cloudscape NetworkServer, WebSphere Application Server, and
WebSphere Portal Server, as explained in
i_inst_t_starting_lwp.dita#i_inst_t_starting_lwp.
3. Start the Configuration Wizard as explained in the topic appropriate for your
platform:
v “AIX, Linux, and Solaris: Starting the Configuration Wizard” on page 111
v “Windows: Starting the Configuration Wizard” on page 123
4. In the Select the configuration task that you want to perform dialog box,
click Transfer IBM Workplace software data to another database, and then
click Next.
5. In the Select the database type dialog box, select IBM DB2 Universal
Database, and then click Next.
6. In the LWPDriver: dialog box, enter the appropriate paths to the relevant
database files, and then click Next. The following table includes examples of
appropriate values for a Microsoft Windows server.
File
Example Path
LWPDBDriver
COM.ibm.db2.jdbc.
app.DB2Driver
LWPDbLibrary
AIX, Linux, and Solaris
/home/db2inst1/sqllib/
java/db2java.zip
Comments
For Windows, use a single backslash
between directories; use a single forward
slash for AIX, Linux, and Solaris.
Windows
D:\IBM\SQLLIB\java\
db2java.zip
7. In the LWPDBNAME: dialog box, enter information about the new database
and associated user names and passwords, and then click Next. The following
table includes examples of appropriate values for a Windows server.
228
Field
Example Values
LWPDBNAME
wps50
LWPDBUrl
jdbc:db2:wps50
LWPDBAdminUser
db2admin
Clustered-server Deployment Guide
Comments
This value is case sensitive.
Field
Example Values
Comments
LWPDBAdminPassword
db2admin_password
Always type the password
yourself as the default value
may not be correct.
LWPDBAppUser
db2admin
Application User’s name.
This value is case sensitive.
LWPDBAppPassword
db2admin_password
Application User’s
password. Always type the
password yourself as the
default value may not be
correct.
BackEndId
DB2UDBNT_V8_1
This value applies to DB2
on AIX, Linux, Solaris, and
Windows.
8. In the The WebSphere Portal Configuration Wizard is ready to run the
following configuration dialog box, start the database transfer by clicking
Next.
9. Click Finish to close the Configuration Wizard.
10. Review the logs (configwizard.log and configwizardlog.txt) from the
Workplace Collaboration Services data transfer operation to ensure all is well
before proceeding to the next step. These logs are stored in the
portal_server_root/log directory.
The Configuration Wizard creates a configwizard.log file for any task it runs.
To help distinguish log information for the database transfer task from other
tasks, the wizard copies the contents of the configwizard.log generated by this
task to the file workplace-database-transfer-database.log.
11. Stop WebSphere Portal Server; then restart WebSphere Portal Server and start
Mail_Server1, as explained in “Starting and stopping IBM Workplace
Collaboration Services servers” on page 145.
12. Recreate manual changes in the wmm.xml file. If you manually edited the
wmm.xml file during the LDAP directory transfer process before running the
database transfer process, your changes were overwritten during the database
transfer. To recreate those changes, follow the instructions in the last step of
the appropriate ″Enabling LDAP security topic″ for your LDAP directory:
v “Enabling LDAP security for IBM Tivoli Directory Server” on page 164
v “Enabling LDAP security for Domino Directory” on page 178
v “Enabling LDAP security for Active Directory” on page 189
v “Enabling LDAP security for Sun Java System Directory Server” on page
201
v “Enabling LDAP security for Novell eDirectory” on page 212
Note: If your database transfer was successful, all passwords are automatically
deleted from properties and helper files. If you need to re-run the data
transfer in the future, you must first run the Database Setup step again and
allow it to populate files with passwords before you run the data transfer.
After you have successfully transferred Workplace Collaboration Services data to
the DB2 database, proceed to “Updating the DB2 settings.”
Updating the DB2 settings:
Chapter 5 Connecting to a DBMS Server
229
Update the IBM DB2 Universal Database settings to establish the configuration
settings for IBM Workplace Collaboration Services.
1. Complete the database set-up by running the following commands on every
DB2 client, while logged in as the DB2 administrator.
Note that the db2rbind db_name command requires a lowercase L as the first
argument.
db2
CONNECT TO db_name user db2_admin_name using db2_admin_pwd
create index IX2130A on ROLE_INST (OID, RES_TYPE)
create index IX2130B on ROLE_INST (PROT_RES_OID, OID)
reorgchk update statistics on table all
terminate
db2rbind db_name -l db2rbind.out -u db2_admin_name -p db2_admin_pwd
2. (Linux only) Update the /etc/init.d/wse_servers file and source the DB2 profile
so that IBM Workplace Collaboration Services can connect to DB2 automatically
whenever the server is restarted. Open the /etc/init.d/wse_servers file in an
editor and add the following lines at the top of the file, above the
SCRIPT_HOME definition line:
DB2_INSTANCE_NAME= db2_instance_path
cd $DB2_INSTANCE_NAME
. ./db2profile
Where db2_instance_path is the location of the DB2 client instance, example:
/home/db2admin/sqllib.
After you have finished updating the DB2 settings, proceed to “Phase 6:
Connecting to an external HTTP server” on page 287.
Transferring data to DB2 for iSeries
Follow the instructions in this section to transfer data from IBM Cloudscape to
IBM DB2 Universal Database for iSeries using the Configuration Wizard.
Do not perform these steps if you are using the Create IBM Workplace
Collaboration Services wizard to configure Workplace Collaboration Services; the
Create IBM Workplace Collaboration Services wizard performs these steps
automatically.
Note: The steps for transferring data to DB2 for iSeries are different from the steps
for transferring data to DB2 on other platforms. For those instructions, skip
to the topic “Transferring data to DB2 Universal Database” on page 218.
Transferring data to IBM DB2 Universal Database involves the following tasks,
which must be completed in the sequence shown:
1. Creating a database administrator profile. Before transferring data, you will
need to have a database administrator profile, referred to as db2admin
throughout the Workplace Collaboration Services help topics. Because you
cannot change the Workplace Collaboration Services database administrator
once your environment has been configured, it is recommended that you create
a new profile for this purpose rather than use an existing profile associated
with a specific user. The database administrator profile should have the
following authorities:
v *USER authority
v Maximum Storage of *NOMAX
Note: To change this value, enter the following on an i5/OS command line:
CHGUSRPRF USRPRF(DB2ADMIN) MAXSTG(*NOMAX)
230
Clustered-server Deployment Guide
2.
3.
4.
5.
6.
7.
where DB2ADMIN is the database administrator profile.
“Setting up the database in DB2 for iSeries,” which creates the schemas and
tablespaces required by Workplace Collaboration Services.
“Transferring WebSphere Portal Server data to DB2” on page 225, which
transfers default WebSphere Portal Server data to the DB2 database.
“Transferring Workplace Collaboration Services data to DB2” on page 228,
which transfers default Workplace Collaboration Services data to the DB2
database.
“Updating the DB2 settings” on page 229, which completes some final setup
tasks for the database before you start using the product.
“Installing the DB2 Universal Database client” on page 104 on every Workplace
software server, and then cataloging the DB2 database from each client. This
ensures that the client can access data stored in the remote database.
(If the DB2 server is not hosted on the Workplace software server) “Installing
the DB2 Universal Database client” on page 104 on the Workplace software
server, and then cataloging the DB2 database from the client. This ensures that
the client can access data stored in the remote database.
If you are installing a Network Deployment cluster, your next task is to connect
the nodes within the cluster to the DB2 database; for instructions, see the topic
“Connecting nodes to DB2 for iSeries” on page 270
Now that you have transferred data to the DB2 for iSeries database, you are
finished with the DBMS setup portion of your deployment. Proceed to the topic
“Phase 6: Connecting to an external HTTP server” on page 287
Setting up the database in DB2 for iSeries:
Use the Configuration Wizard to create the schemas needed for the IBM
WebSphere Portal Server and IBM Workplace Collaboration Services databases.
Note: The native JDBC driver values are specified by default in the Configuration
Wizard. Use the native JDBC driver if Workplace Collaboration Services is
hosted on the same system as the database files; otherwise, use the IBM
Toolbox JDBC driver. Use the same driver for all database transfer tasks.
1. Start Cloudscape NetworkServer and WebSphere Application Server, and stop
WebSphere Portal Server, as explained in
i_inst_t_starting_lwp.dita#i_inst_t_starting_lwp.
2. Start the Configuration Wizard, as explained in “i5/OS: Starting the
Configuration Wizard” on page 142.
3. If you did not enable security for your LDAP directory, do so now, following
the instructions in the appropriate topic for your LDAP server:
v “Enabling LDAP security for IBM Tivoli Directory Server” on page 164
v “Enabling LDAP security for Domino Directory” on page 178
v “Enabling LDAP security for Active Directory” on page 189
v “Enabling LDAP security for Sun Java System Directory Server” on page
201
v “Enabling LDAP security for Novell eDirectory” on page 212
Chapter 5 Connecting to a DBMS Server
231
Attention: You must have security enabled before you even view any of the
database transfer screens. This is necessary because the dbbuild.properties file
is modified as you navigate through the Database Transfer screens and enter
information, and those changes are saved even if you don’t run all of the
transfer tasks. Once the dbbuild.properties file has been modified, the Enable
Security task will not run correctly.
4. In the Select the configuration task that you want to perform dialog box,
select Set up new IBM Workplace software database, and then click Next.
5. In the Select the database type... dialog box, select IBM DB2 for iSeries, and
then click Next.
6. In the LWPDBDriver: ... dialog box, type the appropriate paths to the relevant
database files, and then click Next. The following table includes the
appropriate values for each field in the dialog box.
File
Path
LWPDbLibrary
Native JDBC:
/QIBM/ProdData/Java400/ext/db2_classes.jar
Toolbox JDBC driver:
/QIBM/UserData/WebAS5/Base/instance
/PortalServer/shared/app/jt400.jar
LWPDBDriver
Native JDBC:
com.ibm.db2.jdbc.app.DB2Driver
Toolbox JDBC driver:
com.ibm.as400.access.AS400JDBCDriver
7. In the LWPDBUrl: ... dialog box, fill in information about the new database,
including its associated user names and passwords, and then click Next. The
following table includes appropriate values for each field in the dialog box.
Field
Value
LWPDBUrl
Native JDBC:
jdbc:db2:*LOCAL
Toolbox JDBC driver:
jdbc:as400:hostname
LWPDBAdminUser
db2admin
LWPDBAdminPasswor
db2admin_password
LWPDBAppUser
user_profile
LWPDBAppPassword
user_profile _password
8. In the LWPDBSuffix... dialog box, enter a unique suffix of up to 4 characters
to add to the Workplace Collaboration Services schema name and then click
Next.
The following schemas will be created, where XXXX is the specified suffix:
v
v
v
v
v
232
LWPMSGXXXX
LWPLMSXXXX
LWPLDSXXXX
LWPCOMXXXX
LWPARCXXXX
Clustered-server Deployment Guide
You can ensure the schemas being created have unique names by viewing the
existing Workplace Collaboration Services libraries. To view existing libraries,
enter the following on an i5/OS command line:
WRKOBJ OBJ(*ALL/LWP*) OBJTYPE(*LIB)
9. In the Do you wish the setup wizard to run these scripts now? dialog box,
start the database configuration by clicking Next.
10. Return to the task selection dialog box (for the next task) by clicking Run
Wizard Again.
11. Review the logs from the database configuration (configwizard.log and
configwizardlog.txt) to ensure all is well before proceeding to the next task.
These logs are stored in the portal_server_root//log directory.
The Configuration Wizard creates a configwizard.log file for any task it runs.
To help distinguish log information for the database set-up task from other
tasks, the wizard copies the contents of the configwizard.log generated by this
task to the file workplace-setup-database.log.
Note: If you have successfully completed a database transfer and you are
running it again, the database schema are already in place and are not
affected by the Database Setup task. The logs will note warnings to this
effect.
After you have set up theDB2 database schemas, proceed to the topic,
“Transferring WebSphere Portal Server data to DB2 for iSeries.”
Transferring WebSphere Portal Server data to DB2 for iSeries:
Use the Configuration Wizard to transfer IBM WebSphere Portal Server data from
the default IBM Cloudscape database to IBM DB2 Universal Database for iSeries.
This process creates one or more WebSphere Portal Server schemas for use with
IBM Workplace Collaboration Services. To ensure that the wizard completes
successfully, make sure any schema names you specify in the Configuration
Wizard do not already exist on the DBMS server. For convenience, it is
recommended that you use the same schema name for all database schema fields
(WpsDBSchema, WmmDbSchema, WpcpDbSchema, and FeedbackSchema). Make a
note of this schema name for future reference.
In addition, it is recommended that you specify a single user profile for all
database user fields. Any database users specified must already exist on the system
at the time you run the Configuration Wizard.
Note: The native JDBC driver values are specified by default in the Configuration
Wizard. Use the native JDBC driver if Workplace Collaboration Services is
hosted on the same system as the database files; otherwise, use the IBM
Toolbox JDBC driver. Use the same driver for all database transfer tasks.
The Cloudscape server and the database host system must be running to support
the data transfer.
1. Stop WebSphere Portal Server, as explained in
i_inst_t_starting_lwp.dita#i_inst_t_starting_lwp.
2. In the Select the configuration task that you want to perform dialog box,
select Transfer WebSphere Portal data to another database, and then click
Next.
Chapter 5 Connecting to a DBMS Server
233
3. If you transferred your LDAP directory from Cloudscape to another product,
you will be prompted to authenticate against your LDAP directory in the
Enter the LDAPAdminUID and password dialog box. Type the LDAP
administrator account’s user name and password in the appropriate fields,
and then click Next.
Note: Enter the LDAPAdminUID in its full form (cn=wpsadmin,ouacme,o=test). If this is not entered correctly, the Invalid user ID or
Password. Check the values you entered and try again dialog box will
appear and you will not be able to proceed until you correct the
information.
4. In the Select the database type... dialog box, select IBM DB2 for iSeries, and
then click Next.
5. In the next dialog box, indicate the location of the helper file you wish to use
for the wizard by typing the path or clicking the Browse button and browsing
for it, and then click Next.
6. In the next dialog box, type appropriate paths for the requested files, and then
click Next. The following table shows appropriate values for these fields.
File
Path
DBDriver
Native JDBC:
com.ibm.db2.jdbc.app.DB2Driver
Toolbox JDBC:
com.ibm.as400.access.AS400JDBCDriver
DBDriverDs
Native JDBC:
COM.ibm.db2.jdbc.app.DB2XADataSource
Toolbox JDBC:
com.ibm.as400.access.AS400JDBCXADataSource
DBLibrary
Native JDBC:
/QIBM/ProdData/Java400/ext/db2_classes.jar
Toolbox JDBC:
/QIBM/UserData/WebAS5/Base/instance
/PortalServer5/shared/app/jt400.jar
7. In the next dialog box, type appropriate values for the requested information,
and then click Next. The following table shows appropriate values for these
fields.
Note: Schema names cannot be more than 10 characters long.
Field
Value
WpsDBSchema
wps_schema
WpsDbName
Native JDBC:LOCAL/wps_schema
Toolbox JDBC:hostname/wps_schema
234
DbUser
user_profile
DbPassword
user_profile_password
Clustered-server Deployment Guide
Field
Value
DbUrl
Native JDBC:jdbc:db2:*LOCAL/
wps_schema
Toolbox JDBC:jdbc:as400:
hostname/wps_schema
8. In the next dialog box, type appropriate values for the requested information,
and then click Next. The following table shows example values.
Note: Schema names cannot be more than 10 characters long.
Field
Value
WmmDbSchema
wmm_schema
WmmDbName
Native JDBC:LOCAL/wmm_schema
Toolbox JDBC:hostname/wmm_schema
WmmDbUser
user_profile
WmmDbPassword
user_profile_password
WmmDbUrl
Native JDBC:jdbc:db2:*LOCAL/
wmm_schema
Toolbox JDBC:jdbc:as400:
hostname/wmm_schema
9. In the next dialog box, type appropriate values for the requested information,
and then click Next. The following table shows appropriate values for these
fields.
Note: Schema names cannot be more than 10 characters long.
Field
Value
WpcpDbSchema
wpcp_schema
WpcpDbName
Native JDBC:LOCAL/wpcp_schema
Toolbox JDBC:hostname/wpcp_schema
WpcpDbUser
user_profile
WpcpDbPassword
user_profile_password
WpcpDbUrl
Native JDBC:jdbc:db2:*LOCAL/
wpcp_schema
Toolbox JDBC:jdbc:as400:
hostname/wpcp_schema
10. In the next dialog box, type appropriate values for the requested information,
and then click Next. The following table shows appropriate values for these
fields.
Note: Schema names cannot be more than 10 characters long.
Field
Example Value
FeedbackSchema
feedback_schema
Chapter 5 Connecting to a DBMS Server
235
Field
Example Value
FeedbackDbName
Native JDBC:*LOCAL/feedback_schema
Toolbox JDBC:hostname/feedback_schema
FeedbackDbUser
user_profile
FeedbackDbPassword
user_profile_password
FeedbackDbUrl
Native JDBC:jdbc:db2:*LOCAL/
feedback_schema
Toolbox JDBC:jdbc:as400:
hostname/feedback_schema
11. In the The WebSphere Portal Configuration Wizard is ready to run the
following configuration dialog box, start the database transfer by clicking
Next.
12. Return to the task selection dialog box (for the next task) by clicking Run
Wizard Again.
13. Review the logs (configwizard.log and configwizardlog.txt) from the
WebSphere Portal Server database transfer to ensure all is well before
proceeding to the next task; the logs are stored in the portal_server_root/log
directory.
The Configuration Wizard creates a configwizard.log file for any task it runs.
To help distinguish log information for the database transfer task from other
tasks, the wizard copies the contents of the configwizard.log generated by this
task to the file portal-database-transfer-database.log.
After you have successfully transferred the WebSphere Portal Server data to DB2
for iSeries, proceed to “Transferring Workplace Collaboration Services data to DB2
for iSeries.”
Transferring Workplace Collaboration Services data to DB2 for iSeries:
Use the Configuration Wizard to transfer IBM Workplace Collaboration Services
data from IBM Cloudscape to the IBM DB2 Universal Database for iSeries
database.
Note: The native JDBC driver values are specified by default in the Configuration
Wizard. Use the native JDBC driver if Workplace Collaboration Services is
hosted on the same system as the database files; otherwise, use the IBM
Toolbox JDBC driver. Use the same driver for all database transfer tasks.
Both the Cloudscape server and the database host system must to be running to
support the data transfer.
1. If you did not enable security for your LDAP directory, do so now before you
continue with the database transfer process.
Attention: You must have security enabled before you even view any of the
database transfer screens. This is necessary because the dbbuild.properties file
is modified as you navigate through the Database Transfer screens and enter
information, and those changes are saved even if you don’t run all of the
transfer tasks. Once the dbbuild.properties file has been modified, the Enable
Security task will not run correctly.
2. Start the Configuration Wizard, as explained in
i_inst_t_lwpsetup_config_run_i5os.dita#i_inst_t_lwpsetup_config_run_i5os.
236
Clustered-server Deployment Guide
3. If you are prompted to authenticate against your LDAP directory in the Enter
the LDAPAdminUID and password dialog box. Type the LDAP administrator
account’s user name and password in the appropriate fields, and then click
Next.
Attention: Enter the LDAPAdminUID in its full form (cn=wpsadmin,ouacme,o=test). If this is not entered correctly, the Invalid user ID or Password.
Check the values you entered and try again dialog box will appear and you
will not be able to proceed until you correct the information.
4. At the Select the configuration task that you want to perform dialog box,
click Transfer IBM Workplace software data to another database, and then
click Next.
5. At the Select the database type dialog box, select IBM DB2 for iSeries, and
then click Next.
6. In the LWPDBDriver... dialog box, enter the appropriate paths to the relevant
database files, and then click Next. The following table includes appropriate
values for these fields.
File
Path
LWPDBDriver
Native JDBC:
com.ibm.db2.jdbc.app.DB2Driver
Toolbox JDBC:
com.ibm.as400.access.AS400JDBCDriver
LWPDbLibrary
Native JDBC:
/QIBM/ProdData/Java400/ext/db2_classes.jar
Toolbox JDBC:
/qibm/userdata/webas5/base/instance
/PortalServer/shared/app/jt400.jar
7. In the LWPDBUrl: dialog box, enter information about the new database and
associated user names and passwords, and then click Next. The following
table includes appropriate values for these fields.
Field
Value
LWPDBUrl
Native JDBC:
jdbc:db2:*LOCAL
Toolbox JDBC:
jdbc:as400:hostname
LWPDBAdminUser
admin_user
LWPDBAdminPassword
admin_user _password
LWPDBAppUser
app_user_profile
LWPDBAppPassword
app_user_profile _password
BackEndId
DB2UDBAS400_V5_1
8. In the The WebSphere Portal Configuration Wizard is ready to run the
following configuration dialog box, start the database transfer by clicking
Next.
9. Click Finish to close the Configuration Wizard.
Chapter 5 Connecting to a DBMS Server
237
10. Review the logs (configwizard.log and configwizardlog.txt) from the
Workplace Collaboration Services data transfer operation to ensure all is well
before proceeding to the next step. Logs are stored in the portal_server_root
/log directory.
The Configuration Wizard creates a configwizard.log file for any task it runs.
To help distinguish log information for the database transfer task from other
tasks, the wizard copies the contents of the configwizard.log generated by this
task to the file workplace-database-transfer-database.log.
11. Start WebSphere Portal Server, as explained in
i_inst_t_starting_lwp.dita#i_inst_t_starting_lwp.
Transferring data to Oracle
By default, IBM WebSphere Portal Server and IBM Workplace Collaboration
Services install with some predefined data stored in the IBM Cloudscape database
management system, hosted on the Workplace Collaboration Services server.
Cloudscape is sufficiently robust for use in demo installations; however, for a
production environment, it is recommended that you transfer data to a more
robust DBMS product.
Transferring data to Oracle involves the following tasks, which must be completed
in the sequence shown.
Before you begin the database transfer, you should be aware of the following
constraints:
v If you edited the wmm.xml file manually during the LDAP directory transfer
process, those changes will be overwritten during the database transfer, and
must be recreated after the database transfer is complete.
v Before you can transfer data to Oracle Enterprise Edition, you must have created
an Oracle database and assigned users to it. For more information, see the topic,
“Creating the Oracle database” on page 239.
v You must run Step 3 below (Setting up the database) before attempting to
transfer data, because it ensures that the database contains appropriate schemas
and tablespaces.
1. Verifying that Oracle 9i patch 9.2.0.4.0 has been installed on the Oracle server
because the data transfer operation will not work unless this patch has been
installed.
2. “Creating the Oracle database” on page 239, which creates the database
container in which Workplace Collaboration Services data will be stored.
3. “Adding WebSphere Portal Server users to the Oracle database” on page 241,
which ensures proper access to the Oracle database.
4. “Setting up the database in Oracle” on page 241, which creates the schemas
and tablespaces required by Workplace Collaboration Services.
5. “Transferring WebSphere Portal Server data to Oracle” on page 247, which
transfers default WebSphere Portal Server data to the Oracle database.
6. “Transferring Workplace Collaboration Services data to Oracle” on page 249,
which transfers default Workplace Collaboration Services data to the Oracle
database.
If you are installing a Network Deployment cluster, your next task is to connect
the nodes within the cluster to the DB2 database; for instructions, see the topic
“Connecting nodes to Oracle” on page 275
238
Clustered-server Deployment Guide
Now that you have transferred data to the Oracle database, you are finished with
the DBMS setup portion of your deployment. Proceed to the topic “Phase 6:
Connecting to an external HTTP server” on page 287
Creating the Oracle database:
If you want to transfer the IBM Workplace Collaboration Services data from its
default database (stored in IBM Cloudscape) to Oracle Enterprise Edition, you
must create a database container to store IBM WebSphere Portal Server and IBM
Workplace Collaboration Services data. To learn about the types of information that
will be stored in the database, see the topic “About the Workplace Collaboration
Services database” on page 219.
Attention: Before creating the new database instance, update your Oracle 9i
installation with patch 9.2.0.4.0.
When you installed the Oracle server software, a single database instance was
created. If you will be using that database instance with Workplace Collaboration
Services, skip the rest of this topic and proceed directly to the topic, “Setting up
the database in Oracle” on page 241.
Create the database instance on the Oracle server by following these instructions,
and then proceed as directed at the end of this topic.
Attention: It is recommended that you create only one Oracle instance on a
computer. One database instance can host schemas used with multiple
applications, although it can host only one set of Workplace Collaboration Services
schemas. If you must create multiple database instances on one computer, be sure
to set buffer sizes to values that do not cause memory swapping. In addition,
tablespace location names must either be unique, or stored in different locations to
prevent ambiguity.
1. Log in to the Oracle server as a user with administrative privileges.
2. Start the Oracle Database Configuration Assistant.
3. Create a new database called wps50, using the Unicode and UTF-8 options.
This database instance will contain the schemas used by Workplace
Collaboration Services, and must be created using the UTF-8 character set to
ensure accessibility in all supported languages.
4. Create passwords for the SYS and SYSTEM accounts. You will use the SYSTEM
account and password later, during database configuration.
5. Edit the Oracle\Ora9\network\admin\tnsnames.ora file, and set the
SERVICE_NAME parameter to wps50 to match the database instance name
created in Step 3.
In the example that follows, the SERVICE_NAME (shown in boldface) matches
the ″tns″ entry in which it is included; this match between names is required
for Workplace Collaboration Services. The examples in this documentation use
wps50 as the database name and the service name.
wps50 =
(DESCRIPTION =
(ADDRESS_LIST =
(ADDRESS =
(PROTOCOL = TCP)
(HOST = workplaceserver.your_company.com)
(PORT = 1521)
)
)
(CONNECT_DATA =
Chapter 5 Connecting to a DBMS Server
239
(SERVER = DEDICATED)
(SERVICE_NAME = wps50)
)
)
The PORT value indicates the port that the Oracle server and client computers
use for communicating; they must use the same port.
6. Save and close the tnsnames.ora file.
After the Oracle database instance has been created, proceed to the topic, “Setting
up the database in Oracle” on page 241.
About the Workplace Collaboration Services database: IBM Workplace Collaboration
Services uses a single database container.
For IBM DB2 Universal Database and Microsoft SQL Server Enterprise Edition, the
data for Workplace Collaboration Services and IBM WebSphere Portal Server are
combined in a single database, referred to in this documentation as wps50.
For Oracle Enterprise Edition, the database is created during DBMS software
installation, and schemas for both WebSphere Portal Server and Workplace
Collaboration Services are added to a single instance of Oracle. In Oracle, the
default instance name is ″ORCL″, but this name is configurable; for consistency
with the other supported DBMS product, examples in the installation
documentation use ″wps50″ as the instance name.
The Workplace Collaboration Services database hosts multiple schemas, described
in the following table.
Schema Name
Description
database_owner
This WebSphere Portal Serverl schema stores
configuration information for pages, portlets,
users and other portal administrative objects.
Instant messaging contact lists are stored in
this schema. This schema also stores
WebSphere Portal Server content for
publishing, documents created by IBM
Workplace Documents, and other documents
and discussions created by Workplace
Collaboration Services capabilities.
This schema is named using the uppercase
version of the database instance owner’s
user name.
240
FEEDBACK
This schema contains the information logged
by WebSphere Portal Server for generating
reports for analysis of site activity including
information about campaigns and
personalized resources.
LWPCOMM
This schema contains administrative data,
mail services data, and team collaboration
data. The schema is also used as the
messaging archive schema to track archived
mail messages. The schema contains links to
archived content that is stored on the file
system.
Clustered-server Deployment Guide
Schema Name
Description
LWPLMS
The IBM Workplace Collaborative Learning
″Learning Management″ schema maintains
learning information, including the course
catalog, enrollments, and consolidated
progress records.
LWPLDS
The Workplace Collaborative Learning
″Learning Delivery″ schema stores progress
data recorded from student actions. This
data is subsequently transmitted to the
″Learning Management″ schema.
EJB
This schema is used for business rule beans.
PZNADMIN
This schema used for personalization data.
Adding WebSphere Portal Server users to the Oracle database:
To ensure that the IBM WebSphere Portal Server has appropriate access to the
Oracle database, add the associated users now.
Complete this task on the Oracle database server.
1. Connect to the Oracle SQL Plus utility.
2. Run the following commands, substituting the appropriate passwords where
needed.
create user WPSDBUSR identified by password default tablespace USERS
temporary tablespace TEMP;
create user WMMDBUSR identified by password default tablespace USERS
temporary tablespace TEMP;
grant connect, resource to WPSDBUSR;
grant connect, resource to WMMDBUSR;
create user PZNADMIN identified by password default tablespace USERS
temporary tablespace TEMP;
create user EJB identified by password default tablespace USERS
temporary tablespace TEMP;
create user WCMDBADM identified by password default tablespace USERS
temporary tablespace TEMP;
grant connect, resource to PZNADMIN;
grant connect, resource to EJB;
grant connect, resource to WCMDBADM;
create user FEEDBACK identified by password default tablespace USERS
temporary tablespace TEMP;
grant connect, resource to FEEDBACK;
3. Exit the SQL Plus utility.
After you have added the WebSphere Portal Server users to the Oracle database,
you are ready to transfer data to the new database. Proceed to the topic, “Setting
up the database in Oracle.”
Setting up the database in Oracle:
Before you perform the steps in this topic, you must have already created the
database instance on the Oracle Enterprise Edition database server. A database
instance is created automatically during Oracle installation; if you are using an
existing installation you may need to drop the existing database and create a new
one.
Chapter 5 Connecting to a DBMS Server
241
Attention: You must run the Setup Database task before attempting to transfer
data, even if you already have a database container created. The Setup Database
task creates the schemas and tablespaces required by IBM Workplace Collaboration
Services.
If you have already run a database transfer (whether or not it was successful) and
plan to run another transfer using the same Oracle database, it is recommended
that you use the Oracle Enterprise Console Manager to drop all Workplace
Collaboration Services users (LWPCOMM, LWPApp, and so on) as well as IBM
WebSphere Portal Server users (FEEDBACK, WMMDBUSR, and so on) with
CASCADE. You should also drop all LWP* named tablespaces as well.
The steps below create the schemas needed for the Workplace Collaboration
Services database. Perform this task on the computer hosting Workplace
Collaboration Services, even if your database is hosted on a remote server.
1. If your database is hosted on a remote server, verify that you have installed
the Oracle database client on the Workplace software server.
2. (AIX, Linux, and Solaris only) Set up the .profile (or .bash_profile) for both
root and Oracle users:
a. Verify that the following variables are set in the profile:
ORACLE_BASE=/opt/oracle (or equivalent for your environment)
ORACLE_HOME=$ORACLE_BASE/product/9ir2 (or equivalent for your environment)
TNS_ADMIN=$ORACLE_HOME/network/admin
ORA_NLS33=$ORACLE_HOME/ocommon/nls/admin/data
NLS_LANG=(See information below)
PATH=$PATH:$ORACLE_HOME/bin
CLASSPATH=$ORACLE_HOME/JRE:$ORACLE_HOME
/jlib:$ORACLE_HOME/rdbms/jlib:$ORACLE_HOME/network
/jlib export ORACLE_BASE ORACLE_HOME ORA_NLS33 NLS_LANG
PATH LD_LIBRARY_PATH CLASSPATH TNS_ADMIN
b. Verify that the library path is correct:
AIX
LIBPATH=[ORACLE_HOME]/lib:[ORACLE_HOME]/lib32:[ORACLE_HOME]
/jdbc/lib
Linux and Solaris
LD_LIBRARY_PATH=$LD_LIBRARY_PATH:$ORACLE_HOME/lib:$ORACLE_HOME
/ctx/lib:$ORACLE_HOME/jdbc/lib
c. Verify that the $NLS_LANG variable is correct by running the following
command:
echo $NLS_LANG
The response should end with ″UTF8″ as in ″American_America.UTF8″.
This is the environment variable that contains the codepage. It is in three
parts: language, territory, and character set (also known as codepage). The
$NLS_LANG env variable is used by Oracle to determine what character
set you are using on the client side to ensure proper conversion. (Both
your Oracle database and your client software must use UTF-8 as the
codepage).
3. (RedHat 3.0 only) Locate the etc/ant.conf file and rename it to ant.conf.BAK.
The database transfer task will install a file with the same name, so renaming
your original file will prevent it from being overwritten in case you want to
use it at a later date.
Note: If you have run this task before, delete the ant.conf file (created during
the previous run) from the directory. Make sure you don’t delete
ant.conf.bak, which is the original version of this file.
242
Clustered-server Deployment Guide
4. (Microsoft Windows only) Verify that you are using the UTF-8 codepage:
a. Open the Windows registry (run regedit).
b. Locate the section, HKEY_LOCAL_MACHINE\SOFTWARE\ORACLE\
HOMEid\NLS_LANG, where id is the unique number identifying the
Oracle home (for example, HOME0).
c. Within that section, locate the NLS_LANG parameter. The key is in three
parts: language, territory, and character set (also known as codepage).
d. Verify that the key ends with ″UTF8″ as in ″American_America.UTF8″; if
necessary, fix the key. You must use the UTF-8 codepage.
e. Close the registry.
5. Start Cloudscape NetworkServer and WebSphere Application Server, as
explained in “Starting and stopping IBM Workplace Collaboration Services
servers” on page 145.
6. Start the Configuration Wizard as explained in the topic appropriate for your
platform:
v “AIX, Linux, and Solaris: Starting the Configuration Wizard” on page 111
v “Windows: Starting the Configuration Wizard” on page 123
7. If you did not enable security for your LDAP directory, do so now, following
the instructions in the appropriate topic for your LDAP server:
v “Enabling LDAP security for IBM Tivoli Directory Server” on page 164
v “Enabling LDAP security for Domino Directory” on page 178
v “Enabling LDAP security for Active Directory” on page 189
v “Enabling LDAP security for Sun Java System Directory Server” on page
201
v “Enabling LDAP security for Novell eDirectory” on page 212
Attention: You must have security enabled before you even view any of the
database transfer screens. This is necessary because the dbbuild.properties file
is modified as you navigate through the Database Transfer screens and enter
information, and those changes are saved even if you don’t run all of the
transfer tasks. Once the dbbuild.properties file has been modified, the Enable
Security task will not run correctly.
8. In the Select the configuration task you want to perform dialog box, click Set
up new IBM Workplace software database, and then click Next.
9. In the Select the database type... dialog box, click Oracle Enterprise Edition,
and then click Next.
10. In the LWPDBDriver: dialog box, type the appropriate paths to the relevant
database files, and then click Next. The following table includes examples of
appropriate values for a Windows server.
File
Example Path
LWPDBDriver
oracle.jdbc.diver.OracleDriver
LWPDbLibrary
C:/oracle/ora92/jdbc/
lib/classes12.zip
11. In the LWPDBNAME: dialog box, fill in the information about the new
database, including its associated user names and passwords, and then click
Next. The following table includes examples of appropriate values for
aWindows server.
Chapter 5 Connecting to a DBMS Server
243
Field
Example Values
Comments
LWPDBNAME
wps50
LWPDBUrl
jdbc:oracle:oci:
@tnsnames_entry_alias
LWPDBAdminUser
ora92dmin
LWPDBAdmin
Password
ora92dmin_password
Always type the password
yourself as the default value may
not be correct.
LWPDBAppUser
LWPApp
Application User’s name.
LWPDBApp
Password
LWPApp_password
Application User’s password.
Always type the password
yourself as the default value may
not be correct.
Use the alias specified for this
database in the tnsnames.ora file.
This is usually the name of the
database; in this documentation
the database name and the tns
alias are both wps50.
12. In the IBM Workplace Common Settings dialog box, fill in information about
the Common schema names and tablespaces in the appropriate fields. The
steps that follow present tables showing examples (for a Windows server) of
appropriate values for the fields in the each dialog box. Notice that
tablespaces are created in the default Oracle directory. If you want to change
this (for example, for performance or backup reasons), specify a different
location in this dialog box. For example, you might change the location of the
Common table space from ″LWPCOMMREG″ to one of the following
locations:
AIX, Linux, and Solaris
/data1/lwpdata/LWPCOMMREG
Windows
F:/lwpdata/LWPCOMMREG
Field
Example Values
Comments
LWPComSchema
LWPCOMM
The user name of the Com
(Common) schema’s owner.
LWPComSchemaPW
LWPCOMM_
password
The password for the Com schema
owner account. Always type the
password yourself as the default
value may not be correct.
db.lwp.comm.data
.tablespace.name
LWPCOMMREG
The data tablespace name for the
Com schema
db.lwp.comm.data
.container.list
LWPCOMMREG
The data tablespace location for the
Com schema.
db.lwp.comm.idx
.tablespace.name
LWPCOMMIDX
The index tablespace name for the
Com schema
db.lwp.comm.idx
.container.list
LWPCOMMIDX
The index tablespace location for
the Com schema.
13. In the Learning Management Settings dialog box, fill in information about
the Learning Management schema names and tablespaces in the appropriate
fields.
244
Clustered-server Deployment Guide
Field
Example Values Comments
LWPLMSSchema
LWPLMS
The user name of the LMS (Learning)
schema’s owner.
LWPLMSSchemaPW
LWPLMS_
password
The password for the LMS schema
owner account. Always type the
password yourself as the default value
may not be correct.
db.lwp.lms.data
.tablespace.name
LWPLMSDATA
The data tablespace name for the LMS
schema
db.lwp.lms.data
.container.list
LWPLMSDATA
The data tablespace location for the LMS
schema.
db.lwp.lms.idx
.tablespace.name
LWPLMSIDX
The index tablespace name for the LMS
schema
db.lwp.lms.idx
.container.list
LWPLMSIDX
The index tablespace location for the
LMS schema.
14. In the Learning Delivery Settings dialog box, fill in information about the
Learning Delivery schema names and tablespaces in the appropriate fields.
Field
Example Values
Comments
LWPLDSSchema
LWPLDS
The user name of the LDS (Learning
Delivery) schema’s owner.
LWPLDSSchemaPW
LWPLDS_password The password for the LDS schema
owner account. Always type the
password yourself as the default value
may not be correct.
db.lwp.lds.data
.tablespace.name
LWPLDSDATA
The data tablespace name for the LDS
schema.
db.lwp.lds.data
.container.list
LWPLDSDATA
The data tablespace location for the
LDS schema.
db.lwp.lds.idx
.tablespace.name
LWPLDSIDX
The index tablespace name for the
LDS schema
db.lwp.lds.idx
.container.list
LWPLDSIDX
The index tablespace location for the
LDS schema.
15. In the Messaging Settings dialog box, fill in information about the Messaging
schema names and tablespaces in the appropriate fields.
Field
Example Value
Comment
LWPMsgSchema
LWPCOMM
The user name of the Msg (Messaging)
schema’s owner.
db.num.partitions
0
Number of partitions to create in the
Messaging schema. You cannot use
partitions unless you have installed the
Oracle server with the Partitions
feature enabled.
LWPMsgSchemaPW
LWPCOMM_
password
The password for the Msg schema
owner account. Always type the
password yourself as the default value
may not be correct.
db.lwp.msg.data
.tablespace.name
LWPMSGDATA
The data tablespace name for the Msg
schema.
Chapter 5 Connecting to a DBMS Server
245
Field
Example Value
Comment
db.lwp.msg.data
.container.list
LWPMSGDATA
The data tablespace location for the
Msg schema.
db.lwp.msg.idx
.tablespace.name
LWPMSGIDX
The index tablespace name for the Msg
schema.
db.lwp.msg.idx
.container.list
LWPMSGIDX
The index tablespace location for the
Msg schema.
db.lwp.msg.lob
.tablespace.name
LWPMSGLOB
The large object tablespace name for
the Msg schema.
db.lwp.msg.lob
.container.list
LWPMSGLOB
The large object tablespace location for
the Msg schema.
db.lwp.msg.ptn
.tablespace.name
LWPMSGPTN
The tablespace partition name base for
the Msg schema.
db.lwp.msg.ptn
.container.list
LWPMSGPTN
The tablespace partition location base
for the Msg schema.
db.lwp.msg.map
.tablespace.name
LWPMSGMAP
The map tablespace name for the Msg
schema.
db.lwp.msg.map
.container.list
LWPMSGMAP
The map tablespace location for the
Msg schema.
db.lwp.msg.mta
.tablespace.name
LWPMSGMTA
The MTA tablespace name for the Msg
schema.
db.lwp.msg.mta
.container.list
LWPMSGMTA
The MTA tablespace location for the
Msg schema.
db.lwp.msg.file
.tablespace.name
LWPMSGFILE
The file tablespace name for the Msg
schema.
db.lwp.msg.file
.container.list
LWPMSGFILE
The file tablespace location for the Msg
schema.
16. In the Messaging Archive Settings dialog box, fill in information about the
Messaging schema names and tablespaces in the appropriate fields.
Field
Example Values
Comments
LWPArcSchema
LWPCOMM
The user name of the Arc (Archive)
schema’s owner; in this example, the
same account owns the Com, Msg,
and Arc schemas to simplify access.
LWPArcSchemaPW
LWPCOMM_
password
The password for the Arc schema
owner account. Always type the
password yourself as the default
value may not be correct.
db.lwp.arc.data
.tablespace.name
LWPARCDATA
The data tablespace name for the Arc
schema.
db.lwp.arc.data
.container.list
LWPARCDATA
The data tablespace location for the
Arc schema.
db.lwp.arc.idx
.tablespace.name
LWPARCIDX
The index tablespace name for the
Arc schema.
db.lwp.arc.idx
.container.list
LWPARCIDX
The index tablespace location for the
Arc schema.
17. In the Do you wish the setup wizard to run these scripts now? dialog box,
start the database configuration by clicking Next.
246
Clustered-server Deployment Guide
18. Review the logs (configwizard.log and configwizardlog.txt) from the database
set-up task to ensure all is well before proceeding to the next task; the logs are
stored in the portal_server_root/log directory.
The Configuration Wizard creates a configwizard.log file for any task it runs.
To help distinguish log information for the database set-up task from other
tasks, the wizard copies the contents of the configwizard.log generated by this
task to the file workplace-setup-database.log.
Note: If you have successfully completed a database transfer and you are
running it again, the database schemas are already in place and are not
affected by the Database Setup task. The logs will note warnings to this
effect.
19. Return to the task selection dialog box (for the next task) by clicking Run
Wizard Again.
After you have set up the Oracle database schemas, proceed to “Transferring
WebSphere Portal Server data to Oracle.”
Transferring WebSphere Portal Server data to Oracle:
Make sure the Oracle server is running. If the Oracle database is not hosted on the
IBM Workplace Collaboration Services server, install the Oracle client on that
server before proceeding.
Perform this task on the Workplace Collaboration Services server.
1. Start NetworkServer and server1, and stop WebSphere_Portal, as explained in
“Starting and stopping IBM Workplace Collaboration Services servers” on
page 145.
2. Switch to the Configuration Wizard window.
3. In the Select the configuration task that you want to perform dialog box,
click Transfer WebSphere Portal data to another database, and then click
Next.
4. If the WebSphere Application Server global security is enabled... dialog box
appears, type the WebSphere Application Server administrative user name and
password in the appropriate fields, and then click Next.
5. If the Enter the LDAPAdminUID and password dialog box appears, type the
LDAP administrator account’s user name and password in the appropriate
fields, and then click Next.
Note: Enter the LDAPAdminUID in its full form (cn=wpsadmin,ouacme,o=test). If this is not entered correctly, the Invalid user ID or
Password. Check the values you entered and try again dialog box will
appear and you will not be able to proceed until you correct the
information.
6. In the Select the database type... dialog box, select Oracle Enterprise Edition,
and then click Next.
7. In the Please enter an appropriate properties file location... dialog box,
browse or type the path to the Oracle transfer helper file, and then click Next.
This file is usually stored in the following location:
portal_server_root\\config\helper\transfer_oracle.properties
8. In the DbDriver: dialog box, type appropriate paths for the requested files,
and then click Next. The following table shows example values for a Windows
server.
Chapter 5 Connecting to a DBMS Server
247
File
Example path
DBDriver
oracle.jdbc.driver.OracleDriver
DBDriverDs
oracle.jdbc.xa.client.OracleXADataSource
DBLibrary
C:/oracle/ora92/jdbc/lib/classes12.zip
9. In the WpsDbName: dialog box, type appropriate values for the requested
information, and then click Next. The following table shows example values
for a Windows server.
Field
Example Value
Comments
WpsDbName
wps50
DbUser
WPSDBUSR
DbPassword
WPSDBUSR_password
Always type the password yourself as
the default value may not be correct.
DbUrl
jdbc:oracle:thin:
@db_server_DNS:
1521:wps50
Use the alias specified for this database
in the tnsnames.ora file. This is usually
the name of the database; in this
documentation the database name and
the tns alias are both ″wps50″.
10. In the WmmDbName: dialog box, type appropriate values for the requested
information, and then click Next. The following table shows example values
for a Windows server.
Field
Example Value
Comments
WmmDbName
wps50
WmmDbUser
WMMDBUSR
WmmDbPassword
WMMDBUSR_password
Always type the password yourself as
the default value may not be correct.
WmmDbUrl
jdbc:oracle:thin:
@db_server_DNS:
1521:wps50
Use the alias specified for this database
in the tnsnames.ora file. This is usually
the name of the database; in this
documentation the database name and
the tns alias are both ″wps50″.
11. In the WpcpDbName: dialog box, type appropriate values for the requested
information, and then click Next. The following table shows example values
for a Windows server.
248
Field
Example Value
WpcpDbName
wps50
WpcpDbUser
WCMDBADM
WpcpDb
Password
WCMDBADM_password
Always type the password yourself as
the default value may not be correct.
WpcpDbUrl
jdbc:oracle:thin:
@db_server_DNS:
1521:wps50
Use the alias specified for this database
in the tnsnames.ora file. This is usually
the name of the database; in this
documentation the database name and
the tns alias are both ″wps50″.
Clustered-server Deployment Guide
Comments
Field
Example Value
Comments
WpcpDbEjb
Password
WpcpDbEjb_password
Always type the password yourself as
the default value may not be correct;
use the password assigned to this
WebSphere Portal Server user account.
WpcpDbPznadmin
Password
WpcpDb_Pznadmin_password Always type the password yourself as
the default value may not be correct use
the password assigned to this
WebSphere Portal Server user account.
Wpcp
ResourceUrl
D:\WebSphere\
PortalServer\
wpcp\v5.0\
runtime\lib
For Windows, use a single backslash
between directories; for AIX, Linux, and
Solaris, use a single forward slash.
12. In the FeedbackDbName: dialog box, type appropriate values for the
requested information, and then click Next. The following table shows
example values for a Windows server.
Field
Example Value
Comments
FeedbackDbName
wps50
FeedbackDbUser
FEEDBACK
FeedbackDb
Password
FeedbackDb_password
Always type the password yourself as
the default value may not be correct.
FeedbackDbUrl
jdbc:oracle:thin:
@db_server_DNS:
1521:wps50
Type this as a single entry. Use the alias
specified for this database in the
tnsnames.ora file. This is usually the
name of the database; in this
documentation the database name and
the tns alias are both ″wps50″.
13. In the The WebSphere Portal Configuration Wizard is ready to run the
following configuration dialog box, start the database transfer by clicking
Next.
14. Review the logs (configwizard.log and configwizardlog.txt) from the
WebSphere Portal Server database transfer to ensure all is well before
proceeding to the next task; the logs are stored in the portal_server_root/log
directory.
The Configuration Wizard creates a configwizard.log file for any task it runs.
To help distinguish log information for the database transfer task from other
tasks, the wizard copies the contents of the configwizard.log generated by this
task to the file portal-database-transfer-database.log.
15. Return to the task selection dialog box (for the next task) by clicking Run
Wizard Again.
After you have successfully transferred the WebSphere Portal Server data to
Oracle, proceed to “Transferring Workplace Collaboration Services data to Oracle.”
Transferring Workplace Collaboration Services data to Oracle:
Perform this task on the computer hosting Workplace Collaboration Services.
1. Stop Cloudscape NetworkServer, WebSphere Application Server, and
WebSphere Portal Server, as explained in “Starting and stopping IBM
Workplace Collaboration Services servers” on page 145.
Chapter 5 Connecting to a DBMS Server
249
2. Start the Configuration Wizard as explained in the topic appropriate for your
platform:
v “AIX, Linux, and Solaris: Starting the Configuration Wizard” on page 111
v “Windows: Starting the Configuration Wizard” on page 123
3. At the Select the configuration task that you want to perform dialog box,
click Transfer IBM Workplace software data to another database, and then
click Next.
4. At the Select the database type dialog box, select Oracle Enterprise Edition,
and then click Next.
5. At the Please enter an appropriate properties file location... dialog box,
verify the path for the dbbuild.properties file, correct it if needed, and then
click Next.
6. At the LWPDBDriver: dialog box, enter the appropriate paths to the relevant
database files, and then click Next. The following table includes examples of
appropriate values for a Windows server.
File
Example Path
LWPDBDriver
oracle.jdbc.driver.
OracleDriver
LWPDbLibrary
C:\oracle\ora92\
jdbc\lib\classes12.zip
Comments
For Windows, use a single backslash
between directories; use a single
forward slash for AIX, Linux, and
Solaris.
7. In the LWPDBName:dialog box, enter information about the new database
and associated user names and passwords, and then click Next. The following
table includes examples of appropriate values for a Windows server.
Field
Example Values
Comments
LWPDBNAME
wps50
LWPDBUrl
jdbc:oracle:oci:
@tnsnames_entry_alias
LWPDBAdmin
User
ora92admin
LWPDBAdmin
Password
ora92admin_password
Always type the password yourself as
the default value may not be correct.
LWPDBApp
User
Application_User_Name
Application User’s name. This value is
case sensitive.
LWPDBApp
Password
Application_User_password
Application User’s password. Always
type the password yourself as the
default value may not be correct.
BackEndId
ORACLE_V9_1
Although you are using Oracle 9.2, this
setting refers to Oracle 9.1.
Use the alias specified for this database
in the tnsnames.ora file. This is usually
the name of the database; in this
documentation the database name and
the tns alias are both ″wps50″.
8. In the The WebSphere Portal Configuration Wizard is ready to run the
following configuration dialog box, start the database transfer by clicking
Next.
9. Click Finish to close the Configuration Wizard.
250
Clustered-server Deployment Guide
10. Review the logs (configwizard.log and configwizardlog.txt) from the
Workplace Collaboration Services data transfer to ensure all is well before
proceeding to the next step; the logs are stored in the portal_server_root/log
directory.
The Configuration Wizard creates a configwizard.log file for any task it runs.
To help distinguish log information for the database transfer task from other
tasks, the wizard copies the contents of the configwizard.log generated by this
task to the file workplace-database-transfer-database.log.
11. Update Oracle database settings by running the following SQL Plus
commands on the Oracle server:
grant ALTER on EJB.BRBeans_Rule to PZNADMIN;
grant DELETE on EJB.BRBeans_Rule to PZNADMIN;
grant INSERT on EJB.BRBeans_Rule to PZNADMIN;
grant SELECT on EJB.BRBeans_Rule to PZNADMIN;
grant UPDATE on EJB.BRBeans_Rule to PZNADMIN;
grant ALTER on EJB.BRBeans_RuleFolder to PZNADMIN;
grant DELETE on EJB.BRBeans_RuleFolder to PZNADMIN;
grant INSERT on EJB.BRBeans_RuleFolder to PZNADMIN;
grant SELECT on EJB.BRBeans_RuleFolder to PZNADMIN;
grant UPDATE on EJB.BRBeans_RuleFolder to PZNADMIN;
conn sys/[email protected]_string as sysdba;
grant SELECT on DBA_PENDING_TRANSACTIONS to PUBLIC;
12. (Solaris only) If your Oracle database is hosted locally (on the Workplace
Collaboration Services server), change the port used by Instant Messaging to
avoid a conflict with Oracle:
a. Open the WAS Administrator Console.
b. Navigate to Server → ApplicationServer → WebSphere_Portal → Workplace
SIP Service
c. Change TCPLiteProtocolChannel from 8080/8081 to 8060/8061, or another
non-conflicting port.
13. Stop WebSphere Portal Server; then restart WebSphere Portal Server and start
Mail_Server1, as explained in “Starting and stopping IBM Workplace
Collaboration Services servers” on page 145.
14. Recreate manual changes in the wmm.xml file. If you manually edited the
wmm.xml file during the LDAP directory transfer process before running the
database transfer process, your changes were overwritten during the database
transfer. To recreate those changes, follow the instructions in the last step of
the appropriate ″Enabling LDAP security topic for your LDAP directory:
v “Enabling LDAP security for IBM Tivoli Directory Server” on page 164
v “Enabling LDAP security for Domino Directory” on page 178
v “Enabling LDAP security for Active Directory” on page 189
v “Enabling LDAP security for Sun Java System Directory Server” on page
201
v “Enabling LDAP security for Novell eDirectory” on page 212
Note: If your database transfer was successful, all passwords are automatically
deleted from properties and helper files, If you need to re-run the data
transfer in the future, you must first run the Database Setup again and
allow it to populate files with passwords before you run the data transfer.
After you have finished transferring data from Cloudscape to Oracle, proceed to
“Phase 6: Connecting to an external HTTP server” on page 287.
Chapter 5 Connecting to a DBMS Server
251
Transferring data to SQL Server
By default, IBM WebSphere Portal Server and IBM Workplace Collaboration
Services install with some predefined data stored in the IBM Cloudscape database
management system, hosted on the Workplace Collaboration Services server.
Cloudscape is sufficiently robust for use in demo installations; however, for a
production environment, it is recommended that you transfer data to a more
robust DBMS product.
Before you begin the database transfer, you should be aware of the following
constraints:
v If you edited the wmm.xml file manually during the LDAP directory transfer
process, those changes will be overwritten during the database transfer, and
must be recreated after the database transfer is complete.
v Even if you create the database yourself, you must run Step 2 below (Setting up
the database) before attempting to transfer data, because it ensures that the
database contains appropriate schemas and tablespaces.
Transferring data to SQL Server involves the following tasks, which must be
completed in the sequence shown.
1. “Creating the database in SQL Server,” which creates the database container in
which Workplace Collaboration Services data will be stored.
2. “Setting up the database in SQL Server” on page 254 creates the schemas and
tablespaces required by Workplace Collaboration Services.
3. “Adding SQL Server database users” on page 257 ensures that Workplace
Collaboration Services has access to the SQL Server database.
4. “Enabling authentication and distributed transactions in SQL Server” on page
258 enables transaction processing and user authentication as needed by
Workplace Collaboration Services.
5. “Adding stored XA procedures to SQL Server” on page 258 adds to the
database a set of stored procedures specifically used with Workplace
Collaboration Services.
6. “Transferring WebSphere Portal Server data to SQL Server” on page 259
transfer default WebSphere Portal Server data to the SQL Server database.
7. “Transferring Workplace Collaboration Services data to SQL Server” on page
262 transfer default Workplace Collaboration Services data to the SQL Server
database.
8. “Granting permissions on Learning tables” on page 265 ensures that the tables
in the Learning database can be accessed as needed by other components of
Workplace Collaboration Services.
If you are installing a Network Deployment cluster, your next task is to connect
the nodes within the cluster to the DB2 database; for instructions, see the topic
“Connecting nodes to SQL Server” on page 280
Now that you have transferred data to the SQL Server database, you are finished
with the DBMS setup portion of your deployment. Proceed to the topic “Phase 6:
Connecting to an external HTTP server” on page 287
Creating the database in SQL Server:
If you want to transfer the IBM Workplace Collaboration Services data from its
default database (stored in IBM Cloudscape) to Microsoft SQL Server Enterprise
Edition, you must create a database container to store IBM WebSphere Portal
252
Clustered-server Deployment Guide
Server and IBM Workplace Collaboration Services data. To learn about the types of
information that will be stored in the database, see the topic “About the Workplace
Collaboration Services database” on page 219.
Generally, it is recommended that you allow the Configuration Wizard to create
the database for you during the Database Setup task. The Configuration Wizard
can create either a local database (stored on the Workplace software server) or a
remote database (stored on the SQL Server computer). To allow the Configuration
Wizard to create the database, skip the rest of this topic and proceed directly to the
topic, “Setting up the database in SQL Server” on page 254.
If there is a reason why you need to create the database yourself, use the
instructions that follow, and then proceed as directed at the end of this topic.
Create the database directly on the computer hosting the SQL Server software,
using the SQL Server Enterprise Manager.
Attention: To prevent schema collisions, it is recommended that you create a
separate database for use with Workplace Collaboration Services rather than share
a database with another application, although you can share the installed SQL
Server instance itself.
1. Start the SQL Server Enterprise Manager.
2. In the main window, expand the nodes until you see Databases → New
Database.
3. Type a name for the new database. The examples in this documentation use
wps50 as the database name.
4. Set the Collation Name according to your environment, making sure that it is
case sensitive. For example, on an English system, use the collation
SQL_Latin1_General_CP1_CS_AS (instead of SQL_Latin1_General_CP1_CI_AS
or Default). A case-sensitive collation can be identified by the _CS in the
collation name; a case-insensitive collation uses _CI instead.
5. Click OK to save the new database.
6. Leave the Enterprise Manager open for the next task.
Next, proceed to “Setting up the database in SQL Server” on page 254.
About the Workplace Collaboration Services database: IBM Workplace Collaboration
Services uses a single database container.
For IBM DB2 Universal Database and Microsoft SQL Server Enterprise Edition, the
data for Workplace Collaboration Services and IBM WebSphere Portal Server are
combined in a single database, referred to in this documentation as wps50.
For Oracle Enterprise Edition, the database is created during DBMS software
installation, and schemas for both WebSphere Portal Server and Workplace
Collaboration Services are added to a single instance of Oracle. In Oracle, the
default instance name is ″ORCL″, but this name is configurable; for consistency
with the other supported DBMS product, examples in the installation
documentation use ″wps50″ as the instance name.
The Workplace Collaboration Services database hosts multiple schemas, described
in the following table.
Chapter 5 Connecting to a DBMS Server
253
Schema Name
Description
database_owner
This WebSphere Portal Serverl schema stores
configuration information for pages, portlets,
users and other portal administrative objects.
Instant messaging contact lists are stored in
this schema. This schema also stores
WebSphere Portal Server content for
publishing, documents created by IBM
Workplace Documents, and other documents
and discussions created by Workplace
Collaboration Services capabilities.
This schema is named using the uppercase
version of the database instance owner’s
user name.
FEEDBACK
This schema contains the information logged
by WebSphere Portal Server for generating
reports for analysis of site activity including
information about campaigns and
personalized resources.
LWPCOMM
This schema contains administrative data,
mail services data, and team collaboration
data. The schema is also used as the
messaging archive schema to track archived
mail messages. The schema contains links to
archived content that is stored on the file
system.
LWPLMS
The IBM Workplace Collaborative Learning
″Learning Management″ schema maintains
learning information, including the course
catalog, enrollments, and consolidated
progress records.
LWPLDS
The Workplace Collaborative Learning
″Learning Delivery″ schema stores progress
data recorded from student actions. This
data is subsequently transmitted to the
″Learning Management″ schema.
EJB
This schema is used for business rule beans.
PZNADMIN
This schema used for personalization data.
Setting up the database in SQL Server:
Attention: You must run the Setup Database task before attempting to transfer
data, even if you already have a database container created. The Setup Database
task creates the schemas and tablespaces required by IBM Workplace Collaboration
Services.
Before beginning this task, there are several prerequisites to complete. First, create
the following directories on the server hosting the database used for Workplace
Collaboration Services:
v Data directory, used for storing Microsoft SQL Server Enterprise Edition data
(.dbf files); for example: C:\wpdatadir
v Log directory, used for storing logs (.log files); for example: C:\wplogdir
254
Clustered-server Deployment Guide
For performance reasons, you may want to use store these directories on different
devices, but this is not a requirement. The examples show the two directories
existing on the same drive.
Next, download the SQL Server Driver for JDBC Service Pack 3 from the following
Web address:
http://www.microsoft.com/sql/downloads/default.asp
On that page, search for ″JDBC Service Pack 3″. When you locate it, download the
driver directly to your computer; instructions for the download are located on the
same page.
Note: The driver is required for this Database Setup task.
Perform the Database Setup task on the computer hosting Workplace Collaboration
Services.
1. If your database will be hosted on a remote server, verify that you have
installed the SQL Server database client on the Workplace software server.
2. (RedHat 3.0 only) Locate the etc/ant.conf file and rename it to ant.conf.BAK.
The database transfer task will install a file with the same name, so renaming
your original file will prevent it from being overwritten in case you want to
use it at a later date.
Note: If you have run this task before, delete the ant.conf file (created during
the previous run) from the directory. Make sure you don’t delete
ant.conf.bak, which is the original version of this file.
3. Start Cloudscape NetworkServer and WebSphere Application Server, as
explained in “Starting and stopping IBM Workplace Collaboration Services
servers” on page 145.
4. Start the Configuration Wizard as explained in “Windows: Starting the
Configuration Wizard” on page 123.
5. If you did not enable security for your LDAP directory, do so now by
following the instructions in the appropriate topic for your LDAP server:
v “Enabling LDAP security for IBM Tivoli Directory Server” on page 164
v “Enabling LDAP security for Domino Directory” on page 178
v “Enabling LDAP security for Active Directory” on page 189
v “Enabling LDAP security for Sun Java System Directory Server” on page
201
v “Enabling LDAP security for Novell eDirectory” on page 212
Attention: You must have security enabled before you even view any of the
database transfer screens. This is necessary because the dbbuild.properties file
is modified as you navigate through the Database Transfer screens and enter
information, and those changes are saved even if you don’t run all of the
transfer tasks. Once the dbbuild.properties file has been modified, the Enable
Security task will not run correctly.
6. In the Select the configuration task that you want to perform dialog box,
click Set up new IBM Workplace software database, and then click Next.
7. In the Select the database type... dialog box, select Microsoft SQL Server
Enterprise, and then click Next.
8. In the LWPDBDriver: dialog box, type the appropriate paths to the relevant
database files, and then click Next. The following table includes examples of
Chapter 5 Connecting to a DBMS Server
255
appropriate values.
File
Example Path
LWPDBDriver
com.microsoft.jdbc.sqlserver.
SQLServerDriver
LWPDbLibrary C:/MicrosoftSQLServer/
lib/msbase.jar;
C:/MicrosoftSQLServer/
lib/mssqlserver.jar;
C:/MicrosoftSQLServer/
lib/msutil.jar
Comments
Type all three paths into the same
field, separating them with semi
colons. Use a forward slash
between directories.
This path has been formatted for
readability; do not include any
spaces or line breaks when you
type it.
9. In the LWPDBName: dialog box, enter information about the new database
and associated user names and passwords, and then click Next. The following
table includes examples of appropriate values.
Field
Example Values
LWPDBNAME
wps50
LWPDBUrl
jdbc:MicrosoftSQLServer//
db_server_DNS:1433
Comments
The database name specified above
in the LWPDBNAME field will be
appended automatically to the
URL.
This path has been formatted for
readability; do not include any
spaces or line breaks when you
type it.
LWPDBAdminUser
sqlserveradmin_ username
SQL Server administrator’s user
name.
LWPDBAdmin
Password
sqlserveradmin_ password
SQL Server administrator’s
password. Always type the
password yourself as the default
value may not be correct.
LWPDBAppUser
LWPCOMM
Application User’s name; for SQL
Server this must be the name of the
LWPCOMM schema owner.
LWPDBApp
Password
appUser_ password
Application User’s password.
Always type the password yourself
as the default value may not be
correct.
10. In the SQL Database Setup dialog box, fill in the information needed to
establish the Workplace Collaboration Services schemas (schema owners,
tablespaces, container lists, and so on) in the new database, and then click
Next. The following table includes examples of appropriate values.
256
Field
Example Value
Comment
Run database
creation
True
If you have already created the
database manually, set the value to
False.
Clustered-server Deployment Guide
Field
Example Value
Comment
db.lwp.data
.container.list
C:\wpdatadir
Data tablespace location. The
directory must already exist, it
cannot be created at run-time.
db.lwp.logdir
.container.list
C:\wplogdir
Log directory location; if stored on
the database server, provide the full
path. The directory must already
exist, it cannot be created at
run-time.
11. In the IBM Workplace common settings dialog box, fill in the user name and
password for the LWPCOMM schema owner account, and then click Next.
12. In the Learning Management Settings dialog box, fill in the user name and
password for the LWPLMS schema owner account, and then click Next.
13. In the Learning Delivery Settings dialog box, fill in the user name and
password for the LWPLDS schema owner account, and then click Next.
14. In the Messaging Settings dialog box, fill in the user name and password for
the LWPMSG schema owner account, and then click Next.
15. In the Messaging Archive Settings dialog box, fill in the user name and
password for the LWPARC schema owner account, and then click Next.
16. In the Do you wish the setup wizard to run these scripts now? dialog box,
start the database configuration by clicking Next.
The database-setup scripts are stored in workplace_server_root/config/
database/work. If you choose not to actually run the scripts now through the
Configuration Wizard, you can run them manually later. If necessary, you can
manually edit the scripts to make additional changes before running them.
17. Review the logs (configwizard.log and configwizardlog.txt) from the database
configuration to ensure all is well before proceeding to the next task; the logs
are stored in the portal_server_root/log directory.
The Configuration Wizard creates a configwizard.log file for any task it runs.
To help distinguish log information for the database set-up task from other
tasks, the wizard copies the contents of the configwizard.log generated by this
task to the file workplace-setup-database.log.
Note: If you have successfully completed a database transfer and you are
running it again, the database schema are already in place and are not
affected by the Database Setup task. The logs will note warnings to this
effect.
18. Return to the task selection dialog box (for the next task) by clicking Run
Wizard Again.
After you have set up the SQL Server database schemas, proceed to “Adding SQL
Server database users.”
Adding SQL Server database users:
Add users to the new database to ensure proper access for components of IBM
Workplace Collaboration Services.
Perform this task on the computer hosting the Microsoft SQL Server Enterprise
Edition database, using the SQL Server Enterprise Manager.
1. Start the SQL Server Enterprise Manager if it is not already running.
Chapter 5 Connecting to a DBMS Server
257
2. Select the Workplace Collaboration Services database (″wps50″ in this
documentation) from the list of databases on your server.
3. Expand the nodes until you see Security → Login → New Logins.
4. Add logins for the following users, using uppercase letters for each name:
v EJB
v FEEDBACK
v PZNADMIN
v WCMDBADM
v WMMDBUSR
v WPSDBUSR
5. For each new login, select SQL Server Authentication and assign the password
that you plan to use when configuring the database.
Attention: For this release, make the passwords match the login names.
6. Use the same database name that you assigned when you created the database.
In this documentation, the examples use wps50 as the database name.
7. Now expand the nodes until you see Databases → wps50 → Users → New
Database User.
8. Add a user for each of the new logins, using uppercase letters for each name
and setting the Database Role Membership to public and db owner for each
user:
v EJB
v FEEDBACK
v PZNADMIN
v WCMDBADM
v WMMDBUSR
v WPSDBUSR
9. Leave the SQL Server Enterprise Manager open for the next task.
After you have added the appropriate users to the database, proceed to “Enabling
authentication and distributed transactions in SQL Server.”
Enabling authentication and distributed transactions in SQL Server:
Enable authentication and distributed transactions for Microsoft SQL Server
Enterprise Edition.
Perform this task on the computer hosting the SQL Server database, using the SQL
Server Enterprise Manager.
1. Start the SQL Serverr Enterprise Manager, if you previously closed it.
2. In the SQL Serverr Enterprise Manager, right click on your Server Group,
which may be (local).
3. Set the authentication mode by clicking Security → Authentication: SQL Server
and Windows.
4. Enable distributed transactions by clicking General → Autostart MSDTC.
5. Close the SQL Server Enterprise Manager.
Continue with “Adding stored XA procedures to SQL Server.”
Adding stored XA procedures to SQL Server:
258
Clustered-server Deployment Guide
Add stored XA command procedures to Microsoft SQL Server Enterprise Edition,
to enable database operations required by the Configuration Wizard.
Attention:
Omitting this task may result in an improperly configured database.
In this task, you copy files from the IBM Workplace Collaboration Services
computer to the computer hosting the SQL Server DBMS.
1. On the Workplace Collaboration Services server, navigate to the following
directory: C:\Program Files\Microsoft SQL Server 2000 Driver for
JDBC\SQLServer JTA
2. Copy the sqljdbc.dll and instjdbc.sql files, and paste them to a location where
they can be accessed from the SQL Server host computer.
3. On the SQL Server host computer, copy the two files to the following directory
(or equivalent): C:\MicrosoftSQLServer\SQLServer\Binn
4. Use the OSQL program to apply the instjdbc.sql file to the SQL Server Master
database by running the following command:
osql -E -i instjdbc.sql -o instjdbc1515.log
After you have added the XA procedures to SQL Server, you are ready to transfer
data to the new database. Proceed to “Transferring WebSphere Portal Server data
to SQL Server.”
Transferring WebSphere Portal Server data to SQL Server:
Both the IBM Cloudscape server and the Microsoft SQL Server Enterprise Edition
database server must be running to support the data transfer.
Perform this task on the computer hosting IBM Workplace Collaboration Services.
1. Start Cloudscape NetworkServer and WebSphere Application Server, and stop
WebSphere Portal Server, as explained in “Starting and stopping IBM
Workplace Collaboration Services servers” on page 145.
2. Start the Configuration Wizard as explained in “Windows: Starting the
Configuration Wizard” on page 123.
3. In the Select the configuration task that you want to perform dialog box,
click Transfer WebSphere Portal data to another database, and then click
Next.
4. In the Select the database type... dialog box, select SQL Server Enterprise,
and then click Next.
5. If the WebSphere Application Server global security is enabled... dialog box
appears, type the WebSphere Application Serveradministrative user name and
password in the appropriate fields, and then click Next.
6. If the Enter the LDAP Admin UID and password dialog box appears, type
the LDAP administrator account’s user name and password in the appropriate
fields, and then click Next.
Note: Enter the LDAPAdminUID in its full form (cn=wpsadmin,ouacme,o=test). If this is not entered correctly, the Invalid user ID or
Password. Check the values you entered and try again dialog box will
appear and you will not be able to proceed until you correct the
information.
7. In the Please enter an appropriate properties file location... dialog box,
browse or type the path to the SQL Server transfer helper file, and then click
Next. This file is usually stored in the following location:
portal_server_root/config/helpers/transfer_sqlserver.properties
Chapter 5 Connecting to a DBMS Server
259
8. In the DBDriver: dialog box, type appropriate paths for the requested files,
and then click Next. The following table shows example values.
File
Example path
Comments
DBDriver
com.microsoft.jdbc.sqlserver
.SQLServerDriver
This path has been formatted for
readability; do not include any
spaces or line breaks when you
type it.
DBDriverDs
com.microsoft.jdbcx.sqlserver
.SQLServerDataSource
This path has been formatted for
readability; do not include any
spaces or line breaks when you
type it.
DBLibrary
C:/MicrosoftSQLServer/
lib/msbase.jar;
C:/MicrosoftSQLServer/
lib/mssqlserver.jar;
C:/MicrosoftSQLServer/
lib/msutil.jar
Type all three paths into the field,
separating them with semi colons.
Use a forward slash between
directories.
This path has been formatted for
readability; do not include any
spaces or line breaks when you
type it.
9. In the WpsDbName: dialog box, type appropriate values for the requested
information, and then click Next. The following table shows example values.
Field
Example Value
Comments
WpsDbName
wps50
DbUser
WPSDBUSR
DbPassword
WPSDBUSR_password
Always type the password yourself,
as the default value may not be
correct.
DbUrl
jdbc:microsoft:
sqlserver://
db_server_DNS: 1433;
DatabaseName=wps50
Type the URL as a single entry;
make sure the ″DatabaseName″
setting appears only once and has a
semi colon (;) before it.
This path has been formatted for
readability; do not include any
spaces or line breaks when you type
it.
10. In the WmmDbName: dialog box, type appropriate values for the requested
information, and then click Next. The following table shows example values.
260
Field
Example Value
WmmDbName
wps50
WmmDbUser
WMMDBUSR
WmmDb
Password
WMMDBUSR_password
Clustered-server Deployment Guide
Comments
Always type the password yourself,
as the default value may not be
correct.
Field
Example Value
Comments
WmmDbUrl
jdbc:microsoft:
sqlserver://
db_server_DNS:1433;
DatabaseName=wps50
Type the URL as a single entry;
make sure the ″DatabaseName″
setting appears only once and has a
semi colon (;) before it.
This path has been formatted for
readability; do not include any
spaces or line breaks when you type
it.
11. In the WpcpDbName: dialog box, type appropriate values for the requested
information, and then click Next. The following table shows example values.
Field
Example Value
Comments
WpcpDbName
wps50
WpcpDbUser
WCMDBADM
WpcpDb
Password
WCMDBADM_password
Always type the password yourself,
as the default value may not be
correct.
WpcpDbUrl
jdbc:microsoft:
sqlserver://
db_server_DNS:1433;
DatabaseName=wps50
Type the URL as a single entry;
make sure the ″DatabaseName″
setting appears only once and has a
semi colon (;) before it.
This path has been formatted for
readability; do not include any
spaces or line breaks when you
type it.
WpcpDbEjb
Password
password as set in SQL Server login Always type the password yourself
as the default value may not be
correct.
WpcpDb
Pznadmin
Password
password as set in SQL Server login Always type the password yourself
as the default value may not be
correct.
WpcpDb
HostName
db_server_DNS
Wpcp
ResourceUrl
c:\WebSphere\PortalServer
\wpcp\v5.0\runtime\lib
Use a single backslash between
directories.
This path has been formatted for
readability; do not include any
spaces or line breaks when you
type it.
12. In the FeedbackDbName: dialog box, type appropriate values for the
requested information, and then click Next. The following table shows
example values.
Field
Example Value
FeedbackDb
Name
wps50
FeedbackDb
User
FEEDBACK
Comments
Chapter 5 Connecting to a DBMS Server
261
Field
Example Value
Comments
FeedbackDb
Password
FEEDBACK_password
Always type the password yourself,
as the default value may not be
correct.
FeedbackDb
Url
jdbc:microsoft:
sqlserver://
db_server_DNS:1433;
DatabaseName=wps50
Type the URL as a single entry;
make sure the ″DatabaseName″
setting appears only once and has a
semi colon (;) before it.
This path has been formatted for
readability; do not include any
spaces or line breaks when you type
it.
FeedbackDb
HostName
db_server_DNS
13. In the The WebSphere Portal Configuration Wizard is ready to run the
following configuration dialog box, start the database transfer by clicking
Next.
14. Return to the task selection dialog box (for the next task) by clicking Run
Wizard Again.
15. Review the logs (configwizard.log and configwizardlog.txt) from the
WebSphere Portal Server database transfer to ensure all is well before
proceeding to the next task; the logs are stored in the portal_server_root/log
directory.
The Configuration Wizard creates a configwizard.log file for any task it runs.
To help distinguish log information for the database transfer task from other
tasks, the wizard copies the contents of the configwizard.log generated by this
task to the file portal-database-transfer-database.log.
After you have successfully transferred the WebSphere Portal Server data to SQL
Server, proceed to “Transferring Workplace Collaboration Services data to SQL
Server.”
Transferring Workplace Collaboration Services data to SQL Server:
Perform this task on the computer hosting IBM Workplace Collaboration Services.
1. Stop Cloudscape NetworkServer, WebSphere Application Server, and
WebSphere Portal Server, as explained in “Starting and stopping IBM
Workplace Collaboration Services servers” on page 145.
2. Start the Configuration Wizard as explained in “Windows: Starting the
Configuration Wizard” on page 123.
3. In the Select the configuration task that you want to perform dialog box,
click Transfer IBM Workplace software data to another database, and then
click Next.
4. In the Select the database type dialog box, select Microsoft SQL Server
Enterprise, and then click Next.
5. In the LWPDBDriver: dialog box, type enter the appropriate paths to the
relevant database files, and then click Next. The following table includes
examples of appropriate values for each field in the dialog box.
262
File
Example Path
LWPDBDriver
com.microsoft.jdbc.sqlserver
.SQLServerDriver
Clustered-server Deployment Guide
Comments
File
Example Path
Comments
LWPDbLibrary
C:/MicrosoftSQLServer/
lib/msbase.jar;
C:/MicrosoftSQLServer/
lib/mssqlserver.jar;
C:/MicrosoftSQLServer/
lib/msutil.jar
Type all three paths into the field,
separating them with semi colons.
Use a forward slash between
directories.
This path has been formatted for
readability; do not include any
spaces or line breaks when you type
it.
6. In the LWPDBNAME: dialog box, type the information about the new
database and associated user names and passwords, and then click Next. The
following table includes examples of appropriate values for each field in the
dialog box.
Field
Example Values
LWPDBNAME
wps50
LWPDBUrl
jdbc:microsoft:
sqlserver://
db_server_DNS:1433;
DatabaseName=wps50
Comments
Type the URL as a single entry;
make sure the ″DatabaseName″
setting appears only once and has a
semi colon (;) before it.
This path has been formatted for
readability; do not include any
spaces or line breaks when you type
it.
LWPDBAdmin
User
SQLSVRADMIN
LWPDBAdmin
Password
SQLSVRADMIN_password
LWPDBApp
User
LWPCOMM
LWPDBApp
Password
LWPCOMM_password
BackEndId
MSSQLSERVER_V7_1
Always type the password yourself,
as the default value may not be
correct.
Always type the password yourself,
as the default value may not be
correct.
7. In the The WebSphere Portal Configuration Wizard is ready to run the
following configuration dialog box, start the database transfer by clicking
Next.
8. Click Finish to close the Configuration Wizard.
9. Review the logs (configwizard.log and configwizardlog.txt) from the
Workplace Collaboration Services data transfer operation to ensure all is well
before proceeding to the next step. These logs are stored in the
portal_server_root/log directory.
The Configuration Wizard creates a configwizard.log file for any task it runs.
To help distinguish log information for the database transfer task from other
tasks, the wizard copies the contents of the configwizard.log generated by this
task to the file workplace-database-transfer-database.log.
10. Use the OSQL utility to run the following scripts, which correct installation
problems in the SQL Server database.
Chapter 5 Connecting to a DBMS Server
263
To do this, you first need to set the user LWPMSG as a database owner, since
by default it owns the tables involved; then you run the scripts.
a. Start the SQL Server Enterprise Manager if it is not already running.
b. Select the Workplace Collaboration Services database (″wps50″ in this
documentation) from the list of databases on your server.
c. Expand the nodes until you see Databases → wps50 → Users.
d. Double click the LWPMSG user to open Database User Properties page.
e. Click db_owner, and then click Apply.
f. Close SQL Server Enterprise Manager.
g. Now run the following script commands:
osql -d wps50 -U LWPMSG -P LWPMSG -i concat_msgtext.sql -o
concat_msgtext.log
osql -d wps50 -U LWPMSG -P LWPMSG -i concat_caltext.sql -o
concat_caltext.log
These files are normally located in workplace_server_root/config/database/
msg.db/sqlserver.
11. If you used the default port of 1433 for your SQL Server installation, skip this
step; if you used a custom port, complete this step before proceeding to the
next.
a. Open the WAS Administrator Console.
b. Click Resources.
c. Under Additional Properties, click WPCP50 JDBC.
d. Click Data Sources Version 4.
e. For each data source listed (feedbackDS, persDS, and wcmDS), click
Custom Properties under the additional properties section:
v Click New to add a custom property.
v Add a property called portNumber, and type the non-zero standard port
number in use for SQL Server.
f. Save the entries and close the Administrative Console.
12. Stop WebSphere Portal Server; then restart WebSphere Portal Server and start
Mail_Server1, as explained in “Starting and stopping IBM Workplace
Collaboration Services servers” on page 145.
13. Recreate manual changes in the wmm.xml file. If you manually edited the
wmm.xml file during the LDAP directory transfer process before running the
database transfer process, your changes were overwritten during the database
transfer. To recreate those changes, follow the instructions in the last step of
the appropriate ″Enabling LDAP security topic″ for your LDAP directory:
v “Enabling LDAP security for IBM Tivoli Directory Server” on page 164
v “Enabling LDAP security for Domino Directory” on page 178
v “Enabling LDAP security for Active Directory” on page 189
v “Enabling LDAP security for Sun Java System Directory Server” on page
201
v “Enabling LDAP security for Novell eDirectory” on page 212
Note: If your database transfer was successful, all passwords are automatically
deleted from properties and helper files. If you need to rerun the data
transfer in the future, you must first run the Database Setup again and
allow it to populate files with passwords before you run the data transfer.
264
Clustered-server Deployment Guide
After you have successfully transferred Workplace Collaboration Services data to
the SQL Server database, proceed to “Granting permissions on Learning tables.”
Granting permissions on Learning tables:
Grant some necessary permissions on the LWPLDS.LRNPARTITION and
LWPLDS.LRNUSER_PARTITION tables within the Microsoft SQL Server Enterprise
Edition database.
This task is only needed in deployments that use IBM Workplace Collaborative
Learning .
The following permissions should be explicitly granted to the LWPCOMM Role:
SELECT, INSERT, UPDATE, DELETE. Grant these permissions by following these
steps:
1. Open SQL Server Enterprise Manager, if it is not already open.
2. Select the Workplace Collaboration Services database (wps50 in this
documentation) from the list of databases on your server.
3. Select the Tables view.
4. In the list of tables, right-click on the table named LRNPARTITION with the
owner LWPLDS.
5. Click Permissions.
6. Grant the following permissions to the LWPCOMM role:
v SELECT
v INSERT
v UPDATE
v DELETE
7. Click OK to close the properties windows.
After the permissions have been granted, proceed to “Phase 6: Connecting to an
external HTTP server” on page 287.
Connecting Network Deployment nodes to a remote database
Each time you install IBM Workplace Collaboration Services onto a server, a copy
of IBM WebSphere Portal Server is installed with it. In addition, each Workplace
Collaboration Services server gets a separate, standalone version of IBM
Cloudscape installed, with a new database.
When you federate multiple Workplace Collaboration Services servers as nodes
within a Network Deployment, they all share a common database, which must be
hosted remotely. For the first node in the deployment, you set up the database
connection and transfer installed data as you would for a standalone Workplace
Collaboration Services server that is using a remote database.
For subsequent nodes in the deployment, you simply connect to that remote
database.
Attention: At this stage, do not access WebSphere Portal Server and do not log in
to it as any user, because that could result in database corruption.
Now proceed to the topic that describes how to connect to the database product
you are using:
Chapter 5 Connecting to a DBMS Server
265
v
v
v
v
“Connecting nodes to DB2 Universal Database”
“Connecting nodes to DB2 for iSeries” on page 270
“Connecting nodes to Oracle” on page 275
“Connecting nodes to SQL Server” on page 280
Related concepts
“Transferring data from Cloudscape to another database” on page 217
Connecting nodes to DB2 Universal Database
By default, each node in a Network Deployment installs with its own IBM
Cloudscape database. Because all the nodes in the Network Deployment need to
share a common data store, you must connect them to a shared remote database
instead. This section explains how to connect the nodes installed after Node 1 to a
remote IBM DB2 Universal Database server.
Attention: You do not need to connect Node 1 to the remote database, as that
connection is completed during the initial database transfer.
Before you begin this task, make sure that you have completed the following tasks:
1. Install the DB2 Universal Database server.
2. Transfer data from Node 1 to the new DB2 database (this task also connects
Node 1 to the database).
3. Install the DB2 client on the current node so it can communicate with the
remote database.
You connect each additional node to the remote database in two steps, ensuring
that data can be successfully accessed for both IBM WebSphere Portal Server and
for IBM Workplace Collaboration Services:
1. “Connecting to DB2 for WebSphere Portal Server.”
2. “Connecting to DB2 for Workplace Collaboration Services” on page 269.
Connecting to DB2 for WebSphere Portal Server:
Perform this task on the new node (which is hosting IBM Workplace Collaboration
Services).
Attention: Do not perform this task on Node 1, as its database connection was
already completed as part of the initial database transfer.
1. (AIX, Linux, and Solaris) Add the .profile of the DB2 login user to the root
.profile to set up the DB2 environment.
2. Open a DB2 command prompt and catalog the DB2 database, to ensure that
the current server can access it correctly.
3. Start Cloudscape NetworkServer and WebSphere Application Server, and stop
WebSphere Portal Server, as explained in “Starting and stopping IBM
Workplace Collaboration Services servers” on page 145.
4. Start the Configuration Wizard as explained in the topic appropriate for your
platform:
v “AIX, Linux, and Solaris: Starting the Configuration Wizard” on page 111
v “Windows: Starting the Configuration Wizard” on page 123
5. In the Select the configuration task that you want to perform dialog box,
click Connect to a Database, and then click Next.
266
Clustered-server Deployment Guide
6. If the WebSphere Application Server global security is enabled... dialog box
appears, type the WebSphere Application Server administrative user name and
password in the appropriate fields, and then click Next.
7. If the Enter the LDAPAdminUID and password dialog box appears, type the
LDAP administrator account’s user name and password in the appropriate
fields, and then click Next.
Attention: Enter the LDAPAdminUID in its full form (cn=wpsadmin,ouacme,o=test). If this is not entered correctly, the Invalid user ID or Password.
Check the values you entered and try again dialog box will appear and you
will not be able to proceed until you correct the information.
8. In the Select the database type... dialog box, select IBM DB2 Universal
Database, and then click Next.
9. In the Please enter an appropriate properties file location... dialog box,
browse to or type the path to the DB2 transfer helper file, and then click Next.
This file is usually stored in the following location:
portal_server_root/config/helpers/transfer_db2.properties
10. In the DbDriver: dialog box, type appropriate paths for the requested files,
and then click Next. The following table shows example values for a Windows
server.
File
Example path
DBDriver
COM.ibm.db2.jdbc.app.DB2Driver
DBDriverDs
COM.ibm.db2.jdbc.DB2XADataSource
11. In the WpsDbName: dialog box, type appropriate values for the requested
information, and then click Next. The following table shows example values
for a Windows server.
Field
Example Value
Comments
WpsDbName
wps50
For a remote database, use the name
of the alias you used when
cataloging the database.
DbUser
db2admin
This value is case sensitive. This
user must have database
administrator privileges.
DbPassword
db2admin_password
Always type the password yourself,
as the default value may not be
correct.
DbUrl
jdbc:db2:wps50
WpsDbNode
wpsNode
For a remote database, use the name
of the node you cataloged after
creating the database.
12. In the WmmDbName: dialog box, type appropriate values for the requested
information, and then click Next. The following table shows example values
for a Windows server.
Field
Example Value
Comments
WmmDbName
wps50
For a remote database, use the
name of the alias you used when
cataloging the database.
WmmDbUser
db2admin
This value is case sensitive.
Chapter 5 Connecting to a DBMS Server
267
Field
Example Value
Comments
WmmDbPassword
db2admin_password
Always type the password yourself,
as the default value may not be
correct.
WmmDbUrl
jdbc:db2:wps50
13. In the WpcpDbName: dialog box, type appropriate values for the requested
information, and then click Next. The following table shows example values
for a Windows server.
Field
Example Value
Comments
WpcpDb Name
wps50
For a remote database, use the
name of the alias you used when
cataloging the database. This
value may default to ″wpcp50″;
be sure to change it to the
correct name.
WpcpDbUser
db2admin
This value is case sensitive.
WpcpDbPassword
db2admin_password
Always type the password
yourself, as the default value
may not be correct.
WpcpDbUrl
jdbc:db2:wps50
WpcpResourceUrl
D:\WebSphere\PortalServer\
wpcp\5.0\runtime\lib
For Windows, use a single
backslash between directories;
use a single forward slash for
AIX, Linux, and Solaris.
14. In the FeedbackDbName: dialog box, type appropriate values for the
requested information, and then click Next. The following table shows
example values for a Windows server.
Field
Example Value
Comments
FeedbackDbName
wps50
FeedbackDbUser
db2admin
This value is case sensitive.
FeedbackDb
Password
db2admin_password
Always type the password
yourself, as the default value
may not be correct.
FeedbackDbUrl
jdbc:db2:wps50
15. In the IBM Workplace software is ready to run the following configuration
dialog box, start the database connection by clicking Next.
16. Return to the task selection dialog box (for the next task) by clicking Run
Wizard Again.
17. Review the logs (configwizard.log and configwizardlog.txt) from the
WebSphere Portal Server database connection task to ensure all is well before
proceeding to the next task; the logs are stored in the portal_server_root/log
directory.
The Configuration Wizard creates a configwizard.log file for any task it runs.
To help distinguish log information for the WebSphere Portal Server database
connection task from other tasks, the wizard copies the contents of the
configwizard.log generated by this task to the file portal-connect-database.log.
268
Clustered-server Deployment Guide
Attention: Now that the WebSphere Portal Server database connection is
completed, do not access WebSphere Portal Server and do not log on to WebSphere
Portal Server as any user from this node, as it could result in database corruption.
After you have successfully connected to DB2 and transferred the WebSphere
Portal Server data, proceed to the topic, “Connecting to DB2 for Workplace
Collaboration Services.”
Connecting to DB2 for Workplace Collaboration Services:
Perform this task on the new Network Deployment node (which is hosting IBM
Workplace Collaboration Services).
1. (AIX, Linux, and Solaris) Add the .profile of the DB2 login user to the root
.profile to set up the DB2 environment.
2. Start the Configuration Wizard as explained in the topic appropriate for your
platform:
v “AIX, Linux, and Solaris: Starting the Configuration Wizard” on page 111
v “Windows: Starting the Configuration Wizard” on page 123
3. In the Select the configuration task that you want to perform dialog box,
click IBM Workplace Connection to Database, and then click Next.
4. In the Select the database type dialog box, select IBM DB2 Universal
Database, and then click Next.
5. In the LWPDriver: dialog box, enter the appropriate paths to the relevant
database files, and then click Next. The following table includes examples of
appropriate values for a Microsoft Windows server.
File
Example Path
LWPDBDriver
COM.ibm.db2.jdbc.app.DB2Driver
LWPDbLibrary
D:\IBM\SQLLIB\java\db2java.zip
6. In the LWPDBNAME: dialog box, enter information about the new database
and associated user names and passwords, and then click Next. The following
table includes examples of appropriate values for a Windows server.
Field
Example Values
Comments
LWPDBNAME
wps50
LWPDBUrl
jdbc:db2:wps50
LWPDBAdmin
User
db2admin
This value is case sensitive.
LWPDBAdmin
Password
db2admin_password
Always type the password
yourself, as the default value
may not be correct.
LWPDBApp
User
application_user
Application User’s name. This
value is case sensitive.
LWPDBApp
Password
application_user_
password
Application User’s password.
Always type the password
yourself, as the default value
may not be correct.
BackEndId
DB2UDBNT_V8_1
7. In the IBM Workplace software is ready to run the following configuration
dialog box, start the database connection by clicking Next.
8. Click Finish to close the Configuration Wizard.
Chapter 5 Connecting to a DBMS Server
269
9. Review the logs (configwizard.log and configwizardlog.txt) from the data
transfer operation to ensure all is well before proceeding to the next step.
These logs are stored in the portal_server_root/log directory.
The Configuration Wizard creates a configwizard.log file for any task it runs.
To help distinguish log information for the Workplace Collaboration Services
database connection task from other tasks, the wizard copies the contents of
the configwizard.log generated by this task to the file workplace-connectdatabase.log.
10. Stop Cloudscape NetworkServer, as explained in “Starting and stopping IBM
Workplace Collaboration Services servers” on page 145.
11. Point your browser to the following Web address to verify that you can
connect to the remote DB2 server:
http://dns_name:9090/admin
Attention: Now that the database connection is completed, do not access
WebSphere Portal Server and do not log on to WebSphere Portal Server as any user
from this node, as it could result in database corruption.
After you have successfully transferred Workplace Collaboration Services data to
the DB2 database, proceed to “Phase 6: Connecting to an external HTTP server” on
page 287.
Connecting nodes to DB2 for iSeries
By default, each node in a Network Deployment installs with its own IBM
Cloudscape database. Because all the nodes in the Network Deployment need to
share a common data store, you must connect them to a remote database instead.
This section explains how to connect the nodes installed after Node 1 to a remote
DB2 for iSeries server.
Attention: You do not need to connect Node 1 to the remote database, as that
connection is completed during the initial database transfer.
Before you begin this task, make sure that you have transferred data from Node 1
to the remote DB2 database (this task also connects Node 1 to the database).
You connect each additional node to the remote database in two steps, ensuring
that data can be successfully accessed for both IBM WebSphere Portal Server and
for IBM Workplace Collaboration Services:
1. “Connecting to DB2 for iSeries for WebSphere Portal Server.”
2. “Connecting to DB2 for iSeries for Workplace Collaboration Services” on page
273.
Connecting to DB2 for iSeries for WebSphere Portal Server:
Perform this task on the new node (which is hosting IBM Workplace Collaboration
Services).
Attention: Do not perform this task on Node 1, as its database connection was
already completed as part of the initial database transfer.
1. Start Cloudscape NetworkServer and WebSphere Application Server, and stop
WebSphere Portal Server, as explained in “Starting and stopping IBM
Workplace Collaboration Services servers” on page 145.
270
Clustered-server Deployment Guide
2. Start the Configuration Wizard, as explained in “i5/OS: Starting the
Configuration Wizard” on page 142.
3. In the Select the configuration task that you want to perform dialog box,
click Connect to a Database, and then click Next.
4. If the WebSphere Application Server global security is enabled... dialog box
appears, type the WebSphere Application Server administrative user name and
password in the appropriate fields, and then click Next.
5. If the Enter the LDAPAdminUID and password dialog box appears, type the
LDAP administrator account’s user name and password in the appropriate
fields, and then click Next.
Attention: Enter the LDAPAdminUID in its full form (cn=wpsadmin,ouacme,o=test). If this is not entered correctly, the Invalid user ID or Password.
Check the values you entered and try again dialog box will appear and you
will not be able to proceed until you correct the information.
6. In the Select the database type... dialog box, select DB2 for iSeries, and then
click Next.
7. In the Please enter an appropriate properties file location... dialog box,
browse to or type the path to the DB2 for iSeries transfer helper file you wish
to use, and then click Next.
8. In the DbDriver: dialog box, type appropriate paths for the requested files,
and then click Next. The following table shows appropriate values for these
fields.
File
Path
DBDriver
Native JDBC:
com.ibm.db2.jdbc.app.DB2Driver
Toolbox JDBC:
com.ibm.as400.access.AS400JDBCDriver
DBDriverDs
Native JDBC:
COM.ibm.db2.jdbc.app.DB2XADataSource
Toolbox JDBC:
com.ibm.as400.access.AS400JDBCXADataSource
DBLibrary
Native JDBC:
/QIBM/ProdData/Java400/ext/db2_classes.jar
Toolbox JDBC:
/QIBM/UserData/WebAS5/Base/instance
/PortalServer5/shared/app/jt400.jar
9. In the WpsDbName: dialog box, type appropriate values for the requested
information, and then click Next. The following table shows appropriate
values for these fields.
Field
Value
WpsDBSchema
wps_schema
WpsDbName
Native JDBC:
*LOCAL/wps_schema
Toolbox JDBC:
hostname/wps_schema
DbUser
user_profile
Chapter 5 Connecting to a DBMS Server
271
Field
Value
DbPassword
user_profile_password
DbUrl
Native JDBC:
jdbc:db2:*LOCAL/wps_schema
Toolbox JDBC:
jdbc:as400:hostname/wps_schema
10. In the WmmDbName: dialog box, type appropriate values for the requested
information, and then click Next. The following table shows appropriate
values for these fields.
Field
Value
WmmDbSchema
wmm_schema
WmmDbName
Native JDBC:
*LOCAL/wmm_schema
Toolbox JDBC:
hostname/wmm_schema
WmmDbUser
user_profile
WmmDbPassword
user_profile_password
WmmDbUrl
Native JDBC:
jdbc:db2:*LOCAL/wmm_schema
Toolbox JDBC:
jdbc:as400:hostname/wmm_schema
11. In the WpcpDbName: dialog box, type appropriate values for the requested
information, and then click Next. The following table shows appropriate
values for these fields.
Field
Value
WpcpDbSchema
wpcp_schema
WpcpDbName
Native JDBC:
*LOCAL/wpcp_schema
Toolbox JDBC:
hostname/wpcp_schema
WpcpDbUser
user_profile
WpcpDbPassword
user_profile_password
WpcpDbUrl
Native JDBC:
jdbc:db2:*LOCAL/wpcp_schema
Toolbox JDBC:
jdbc:as400:hostname/wpcp_schema
12. In the FeedbackDbName: dialog box, type appropriate values for the
requested information, and then click Next. The following table shows
appropriate values for these fields.
272
Field
Example Value
FeedbackSchema
feedback_schema
Clustered-server Deployment Guide
Field
Example Value
FeedbackDbName
*LOCAL/feedback_schema
FeedbackDbUser
user_profile
FeedbackDbPassword
user_profile_password
FeedbackDbUrl
Native JDBC:
jdbc:db2:*LOCAL/feedback_schema
Toolbox JDBC:
jdbc:as400:hostname/feedback_schema
13. In the IBM Workplace software is ready to run the following configuration
dialog box, start the database connection by clicking Next.
14. Return to the task selection dialog box (for the next task) by clicking Run
Wizard Again.
15. Review the logs (configwizard.log and configwizardlog.txt) from the
WebSphere Portal Server database connection to ensure all is well before
proceeding to the next task; the logs are stored in the portal_server_root/log
directory.
The Configuration Wizard creates a configwizard.log file for any task it runs.
To help distinguish log information for the WebSphere Portal Server database
connection task from other tasks, the wizard copies the contents of the
configwizard.log generated by this task to the file portal-connect-database.log.
Attention: Now that the WebSphere Portal Server database connection is
completed, do not access WebSphere Portal Server and do not log on to WebSphere
Portal Server as any user from this node, as it could result in database corruption.
After you have successfully connected to DB2 for iSeries and transferred the
WebSphere Portal Server data, proceed to the topic, “Connecting to DB2 for iSeries
for Workplace Collaboration Services.”
Related tasks
“Starting and stopping IBM Workplace Collaboration Services servers” on page
145
“i5/OS: Starting the Configuration Wizard” on page 142
Connecting to DB2 for iSeries for Workplace Collaboration Services:
Perform this task on the new Network Deployment node (which is hosting IBM
Workplace Collaboration Services).
1. Start the Configuration Wizard as explained in the topic appropriate for your
platform:
v “AIX, Linux, and Solaris: Starting the Configuration Wizard” on page 111
v “Windows: Starting the Configuration Wizard” on page 123
2. In the Select the configuration task that you want to perform dialog box,
click IBM Workplace Connection to Database, and then click Next.
3. In the Select the database type dialog box, select DB2 for iSeries, and then
click Next.
4. In the LWPDriver: dialog box, enter the appropriate paths to the relevant
database files, and then click Next. The following table show appropriate
values for these fields.
Chapter 5 Connecting to a DBMS Server
273
File
Path
LWPDBDriver
Native JDBC:
com.ibm.db2.jdbc.app.DB2Driver
Toolbox JDBC:
com.ibm.as400.access.AS400JDBCDriver
LWPDbLibrary
Native JDBC:
/QIBM/ProdData/Java400/ext/db2_classes.ja
Toolbox JDBC:
/qibm/userdata/webas5/base/instance
/PortalServer/shared/app/jt400.jar
5. In the LWPDBNAME: dialog box, enter information about the new database
and associated user names and passwords, and then click Next. The following
table shows appropriate values for these fields.
Field
Value
LWPDBUrl
Native JDBC:
jdbc:db2:*LOCAL
Toolbox JDBC:
jdbc:as400:hostname
LWPDBAdminUser
admin_user
LWPDBAdminPassword
admin_user_password
LWPDBAppUser
app_user_profile
LWPDBAppPassword
app_user_profile_password
BackEndId
DB2UDBAS400_V5_1
6. In the IBM Workplace software is ready to run the following configuration
dialog box, start the database connection by clicking Next.
7. Click Finish to close the Configuration Wizard.
8. Review the logs (configwizard.log and configwizardlog.txt) from the data
transfer operation to ensure all is well before proceeding to the next step.
These logs are stored in the portal_server_root/log directory.
The Configuration Wizard creates a configwizard.log file for any task it runs.
To help distinguish log information for the Workplace Collaboration Services
database connection task from other tasks, the wizard copies the contents of
the configwizard.log generated by this task to the file workplace-connectdatabase.log.
9. Stop Cloudscape NetworkServer, as explained in “Starting and stopping IBM
Workplace Collaboration Services servers” on page 145.
10. Point your browser to the following Web address to verify that you can
connect to the remote DB2 for iSeries database:
http://dns_name:admin_port/admin
where admin_port is the port assigned to the WebSphere Administrative
Console. If you are unsure of which port to enter, see ″Port assignments on
IBM i5/OS.″
Attention: Now that the database connection is completed, do not access
WebSphere Portal Server and do not log on to WebSphere Portal Server as any user
from this node, as it could result in database corruption.
274
Clustered-server Deployment Guide
After you have successfully transferred Workplace Collaboration Services data to
the DB2 for iSeries database, proceed to “Phase 6: Connecting to an external HTTP
server” on page 287.
Related tasks
“Port assignments on i5/OS” on page 492
Port assignments on IBM i5/OS vary depending on the base port specified for
the Workplace instance. To determine the port assignments for a specific
Workplace instance, use the dspwasinst script from a QShell session.
Connecting nodes to Oracle
By default, each node in a Network Deployment installs with its own IBM
Cloudscape database. Because all the nodes in the Network Deployment need to
share a common data store, you must connect them to a remote database instead.
This section explains how to connect the nodes installed after Node 1 to a remote
Oracle Enterprise Edition server.
Attention: You do not need to connect Node 1 to the remote database, as that
connection is completed during the initial database transfer.
Before you begin this task, make sure that you have completed the following tasks:
1. Install the Oracle server.
2. Transfer data from Node 1 to the new Oracle database (this task also connects
Node 1 to the database).
3. Install the Oracle client on the current node so it can communicate with the
remote database.
You connect each additional node to the remote database in two steps, ensuring
that data can be successfully accessed for both IBM WebSphere Portal Server and
for IBM Workplace Collaboration Services:
1. “Connecting to Oracle for WebSphere Portal Server.”
2. “Connecting to Oracle for Workplace Collaboration Services” on page 278.
Connecting to Oracle for WebSphere Portal Server:
Perform this task on the new Network Deployment node (which is hosting IBM
Workplace Collaboration Services).
Attention: Do not perform this task on Node 1, as its database connection was
already completed as part of the initial database transfer.
1. Start Cloudscape NetworkServer and WebSphere Application Server, and stop
WebSphere Portal Server, as explained in “Starting and stopping IBM
Workplace Collaboration Services servers” on page 145.
2. Start the Configuration Wizard as explained in the topic appropriate for your
platform:
v “AIX, Linux, and Solaris: Starting the Configuration Wizard” on page 111
v “Windows: Starting the Configuration Wizard” on page 123
3. In the Select the configuration task that you want to perform dialog box,
click Connect to a Database, and then click Next.
4. If the WebSphere Application Server global security is enabled... dialog box
appears, type the WebSphere Application Server administrative user name and
password in the appropriate fields, and then click Next.
Chapter 5 Connecting to a DBMS Server
275
5. If the Enter the LDAPAdminUID and password dialog box appears, type the
LDAP administrator account’s user name and password in the appropriate
fields, and then click Next.
Attention: Enter the LDAPAdminUID in its full form (cn=wpsadmin,ouacme,o=test). If this is not entered correctly, the Invalid user ID or Password.
Check the values you entered and try again dialog box will appear and you
will not be able to proceed until you correct the information.
6. In the Select the database type... dialog box, select Oracle Enterprise Edition,
and then click Next.
7. In the Please enter an appropriate properties file location... dialog box,
browse or type the path to the Oracle transfer helper file, and then click Next.
This file is usually stored in the following location:
portal_server_root/\helper\transfer_oracle.properties
8. In the DbDriver: dialog box, type appropriate paths for the requested files,
and then click Next. The following table shows example values for a Windows
server.
File
Example path
DBDriver
oracle.jdbc.driver.OracleDriver
DBDriverDs
oracle.jdbc.xa.client.OracleXADataSource
DBLibrary
C:/oracle/ora92/jdbc/lib/classes12.zip
9. In the WpsDbName: dialog box, type appropriate values for the requested
information, and then click Next. The following table shows example values
for a Windows server.
Field
Example Value
Comments
WpsDbName
wps50
DbUser
WPSDBUSR
DbPassword
WPSDBUSR_password
Always type the password
yourself, as the default value
may not be correct.
DbUrl
jdbc:oracle:thin:
@db_server_DNS:
1521:wps50
Use the alias specified for this
database in the tnsnames.ora
file. This is usually the name
of the database; in this
documentation the database
name and the tns alias are
both wps50.
10. In the WmmDbName: dialog box, type appropriate values for the requested
information, and then click Next. The following table shows example values
for a Windows server.
276
Field
Example Value
WmmDbName
wps50
WmmDbUser
WMMDBUSR
WmmDbPassword
WMMDBUSR_password
Clustered-server Deployment Guide
Comments
Always type the password
yourself, as the default
value may not be correct.
Field
Example Value
Comments
WmmDbUrl
jdbc:oracle:thin:
@db_server_DNS:
1521:wps50
Use the alias specified for
this database in the
tnsnames.ora file. This is
usually the name of the
database; in this
documentation the
database name and the tns
alias are both wps50.
11. In the WpcpDbName: dialog box, type appropriate values for the requested
information, and then click Next. The following table shows example values
for a Windows server.
Field
Example Value
Comments
WpcpDbName
wps50
WpcpDbUser
WCMDBADM
WpcpDb
Password
WCMDBADM_password
Always type the password
yourself, as the default
value may not be correct.
WpcpDbUrl
jdbc:oracle:thin:
@db_server_DNS:
1521:wps50
Use the alias specified for
this database in the
tnsnames.ora file. This is
usually the name of the
database; in this
documentation the
database name and the tns
alias are both wps50.
WpcpDb
EjbPassword
WpcpDbEjb_password
Always type the password
yourself, as the default
value may not be correct.
Use the password assigned
to this WebSphere Portal
Server account.
WpcpDb
PznadminPassword
WpcpDb_Pznadmin
_password
Always type the password
yourself, as the default
value may not be correct.
Use the password assigned
to this WebSphere Portal
Server account.
Wpcp
ResourceUrl
D:\WebSphere\
PortalServer\wpcp\
v5.0\runtime\lib
For Windows, use a single
backslash between
directoAIX, Linux, and
Solaris, use a single
forward slash.
12. In the FeedbackDbName: dialog box, type appropriate values for the
requested information, and then click Next. The following table shows
example values for a Windows server.
Field
Example Value
FeedbackDb
Name
wps50
FeedbackDb
User
FEEDBACK
Comments
Chapter 5 Connecting to a DBMS Server
277
Field
Example Value
Comments
FeedbackDb
Password
FEEDBACK_password
Always type the password
yourself, as the default
value may not be correct.
FeedbackDb
Url
jdbc:oracle:thin:
@db_server_DNS:
1521:wps50
Use the alias specified for
this database in the
tnsnames.ora file. This is
usually the name of the
database; in this
documentation the
database name and the tns
alias are both wps50.
13. In the IBM Workplace software is ready to run the following configuration
dialog box, start the database connection by clicking Next.
14. Review the logs (configwizard.log and configwizardlog.txt) from the
WebSphere Portal Server data connection task to ensure all is well before
proceeding to the next step; the logs are stored in the portal_server_root/log
directory.
The Configuration Wizard creates a configwizard.log file for any task it runs.
To help distinguish log information for the WebSphere Portal Server database
connection task from other tasks, the wizard copies the contents of the
configwizard.log generated by this task to the file portal-connect-database.log.
15. Return to the task selection dialog box (for the next task) by clicking Run
Wizard Again.
After you have successfully transferred the WebSphere Portal Server data to
Oracle, proceed to “Connecting to Oracle for Workplace Collaboration Services.”
Connecting to Oracle for Workplace Collaboration Services:
Perform this task on the new Network Deployment node (which is hosting IBM
Workplace Collaboration Services).
1. Start the Configuration Wizard as explained in the topic appropriate for your
platform:
v “AIX, Linux, and Solaris: Starting the Configuration Wizard” on page 111
v “Windows: Starting the Configuration Wizard” on page 123
2. At the Select the configuration task that you want to perform dialog box,
click IBM Workplace Connection to Database, and then click Next.
3. At the Select the database type dialog box, select Oracle Enterprise Edition,
and then click Next.
4. At the Please enter an appropriate properties file location... dialog box,
verify the path for the dbbuild.properties file, correct it if needed, and then
click Next.
5. At the LWPDBDriver: dialog box, enter the appropriate paths to the relevant
database files, and then click Next. The following table includes examples of
appropriate values for a Microsoft Windows server.
278
File
Example Path
Comments
LWPDBDriver
oracle.jdbc.driver.
OracleDriver
This path has been formatted
for readability; do not include
any spaces or line breaks
when you type it.
Clustered-server Deployment Guide
File
Example Path
Comments
LWPDbLibrary
C:\oracle\ora92\
jdbc\lib\ classes12.zip
For Windows, use a single
backslash between directories;
use a single forward slash for
AIX, Linux, and Solaris.
This path has been formatted
for readability; do not include
any spaces or line breaks
when you type it.
6. In the LWPDBName: dialog box, enter information about the new database
and associated user names and passwords, and then click Next. The following
table includes examples of appropriate values for a Windows server.
Field
Example Values
Comments
LWPDBNAME
wps50
LWPDBUrl
jdbc:oracle:oci:
@tnsnames_entry_alias
LWPDBAdminUser
ora92admin
LWPDBAdmin
Password
ora92admin_
password
Always type the
password yourself, as the
default value may not be
correct.
LWPDBAppUser
Application_
User_Name
Application user’s name.
This value is case
sensitive.
LWPDBApp
Password
Application_
User_Password
Application user’s
password. Always type
the password yourself, as
the default value may not
be correct.
BackEndId
ORACLE_V9_1
Although you are using
Oracle 9.2, this Oracle
refers to Oracle 9.1.
Use the alias specified for
this database in the
tnsnames.ora file. This is
usually the name of the
database; in this
documentation the
database name and the
tns alias are both wps50.
7. At the IBM Workplace software is ready to run the following configuration
dialog box, start the database connection by clicking Next.
8. Click Finish to close the Configuration Wizard.
9. Review the logs (configwizard.log and configwizardlog.txt) from the
Workplace Collaboration Services data transfer to ensure all is well before
proceeding to the next step; the logs are stored in the portal_server_root/log
directory.
The Configuration Wizard creates a configwizard.log file for any task it runs.
To help distinguish log information for the Workplace Collaboration Services
database connection task from other tasks, the wizard copies the contents of
the configwizard.log generated by this task to the file workplace-connectdatabase.log.
Chapter 5 Connecting to a DBMS Server
279
10. Stop Cloudscape NetworkServer, as explained in “Starting and stopping IBM
Workplace Collaboration Services servers” on page 145.
After you have successfully transferred Workplace Collaboration Services data to
the Oracle database, proceed to “Phase 6: Connecting to an external HTTP server”
on page 287.
Connecting nodes to SQL Server
By default, each node in a Network Deployment installs with its own, locally
hosted, IBM Cloudscape database. Because all the nodes in the Network
Deployment need to share a common data store, you must connect them to a
remote database instead. This section explains how to connect the nodes installed
after Node 1 to a remote Microsoft SQL Server Enterprise Edition server.
Attention: You do not need to connect Node 1 to the remote database, as that
connection is completed during the initial database transfer.
Before you begin this task, make sure that you have completed the following tasks:
1. Install the SQL Server database server.
2. Transfer data from Node 1 to the new SQL Server database (this task also
connects Node 1 to the database).
3. Install the SQL Server client on the current node so it can communicate with
the remote database.
You connect each additional node to the remote database in two steps, ensuring
that data can be successfully accessed for both IBM WebSphere Portal Server and
for IBM Workplace Collaboration Services:
1. “Connecting to SQL Server for WebSphere Portal Server.”
2. “Connecting to SQL Server for Workplace Collaboration Services” on page 283.
Connecting to SQL Server for WebSphere Portal Server:
Perform this task on the new Network Deployment node (which is hosting IBM
Workplace Collaboration Services).
Attention: Do not perform this task on Node 1, as its database connection was
already completed as part of the initial database transfer.
1. Start Cloudscape NetworkServer and WebSphere Application Server, and stop
WebSphere Portal Server, as explained in “Starting and stopping IBM
Workplace Collaboration Services servers” on page 145.
2. Start the Configuration Wizard as explained in the topic appropriate for your
platform:
v “AIX, Linux, and Solaris: Starting the Configuration Wizard” on page 111
v “Windows: Starting the Configuration Wizard” on page 123
3. In the Select the configuration task that you want to perform dialog box,
click Connect to a Database, and then click Next.
4. If the WebSphere Application Server global security is enabled... dialog box
appears, type the WebSphere Application Server administrative user name and
password in the appropriate fields, and then click Next.
5. If the Enter the LDAPAdminUID and password dialog box appears, type the
LDAP administrator account’s user name and password in the appropriate
fields, and then click Next.
280
Clustered-server Deployment Guide
Attention: Enter the LDAPAdminUID in its full form (cn=wpsadmin,ouacme,o=test). If this is not entered correctly, the Invalid user ID or Password.
Check the values you entered and try again dialog box will appear and you
will not be able to proceed until you correct the information.
6. In the Select the database type... dialog box, select Microsoft SQL Server
Enterprise, and then click Next.
7. In the Please enter an appropriate properties file location... dialog box,
browse or type the path to the SQL Server transfer helper file, and then click
Next. This file is usually stored in the following location:
portal_server_root\\config\helpers\transfer_sqlserver.properties
8. In the DBDriver: dialog box, type appropriate paths for the requested files,
and then click Next. The following table shows example values.
File
Example path
Comments
DBDriver
com.microsoft.jdbc.
sqlserver.SQLServerDriver
DBDriverDs
com.microsoft.jdbcx.
sqlserver.SQLServerDataSource
DBLibrary
C:/MicrosoftSQLServer/
lib/msbase.jar;
C:/MicrosoftSQLServer/
lib/mssqlserver.jar;
C:/MicrosoftSQLServer/
lib/msutil.jar
Type all three paths into
the field, separating them
with semi colons. Use a
forward slash between
directories.
9. In the WpsDbName: dialog box, type appropriate values for the requested
information, and then click Next. The following table shows example values.
Field
Example Value
Comments
WpsDbName
wps50
DbUser
WPSDBUSER
DbPassword
WPSDBUSER_password
Always type the password
yourself, as the default
value may not be correct.
DbUrl
jdbc:microsoft:
sqlserver://
db_server_DNS:
1433;DatabaseName=wps50
Type the URL as a single
entry; make sure the
″DatabaseName″ setting
appears only once and has
a semi colon (;) before it.
This path has been
formatted for readability;
do not include any spaces
or line breaks when you
type it.
10. In the WmmDbName: dialog box, type appropriate values for the requested
information, and then click Next. The following table shows example values.
Field
Example Value
WmmDb
Name
wps50
WmmDb
User
WMMDBUSER
Comments
Chapter 5 Connecting to a DBMS Server
281
Field
Example Value
Comments
WmmDb
Password
WMMDBUSER_password
Always type the
password yourself, as
the default value may
not be correct.
WmmDbUrl
jdbc:microsoft:
sqlserver://
db_server_DNS:1433;
DatabaseName=wps50
Type the URL as a
single entry; make sure
the ″DatabaseName″
setting appears only
once and has a semi
colon (;) before it.
This path has been
formatted for
readability; do not
include any spaces or
line breaks when you
type it.
11. In the WpcpDbName: dialog box, type appropriate values for the requested
information, and then click Next. The following table shows example values.
Field
Example Value
Comments
WpcpDbName
wps50
WpcpDbUser
WCMDBADMIN
WpcpDb
Password
WCMDBADMIN_password
Always type the
password yourself, as
the default value may
not be correct.
WpcpDbUrl
jdbc:microsoft:
sqlserver://
db_server_DNS:1433;
DatabaseName=wps50
Type the URL as a
single entry; make
sure the
″DatabaseName″
setting appears only
once and has a semi
colon (;) before it.
This path has been
formatted for
readability; do not
include any spaces or
line breaks when you
type it.
282
WpcpDb
EjbPassword
password as set in SQL Server login
Always type the
password yourself, as
the default value may
not be correct.
WpcpDb
PznadminPassword
password as set in SQL Server login
Always type the
password yourself, as
the default value may
not be correct.
WpcpDb
HostName
db_server_DNS
Wpcp
ResourceUrl
WebSphere\
PortalServer\wpcp\
v5.0\runtime\lib
Clustered-server Deployment Guide
Use a single backslash
between directories.
12. In the FeedbackDbName: dialog box, type appropriate values for the
requested information, and then click Next. The following table shows
example values.
Field
Example Value
Comments
FeedbackDb
Name
wps50
FeedbackDb
User
FEEDBACK
FeedbackDb
Password
FEEDBACK_password
Always type the
password yourself, as
the default value may
not be correct.
FeedbackDbUrl
jdbc:microsoft:
sqlserver://
db_server_DNS:1433;DatabaseName=wps50
Type the URL as a
single entry; make
sure the
″DatabaseName″
setting appears only
once and has a semi
colon (;) before it.
This path has been
formatted for
readability; do not
include any spaces or
line breaks when you
type it.
FeedbackDb
HostName
db_server_DNS
13. In the IBM Workplace software is ready to run the following configuration
dialog box, start the database connection by clicking Next.
14. Return to the task selection dialog box (for the next task) by clicking Run
Wizard Again.
15. Review the logs (configwizard.log and configwizardlog.txt) from the
WebSphere Portal Server data connection task to ensure all is well before
proceeding to the next task; the logs are stored in the portal_server_root/log
directory.
The Configuration Wizard creates a configwizard.log file for any task it runs.
To help distinguish log information for the WebSphere Portal Server database
connection task from other tasks, the wizard copies the contents of the
configwizard.log generated by this task to the file portal-connect-database.log.
After you have successfully transferred the WebSphere Portal Server data to SQL
Server, proceed to “Connecting to SQL Server for Workplace Collaboration
Services.”
Connecting to SQL Server for Workplace Collaboration Services:
Perform this task on the new Network Deployment node (which is hosting IBM
Workplace Collaboration Services).
1. Start the Configuration Wizard as explained in the topic appropriate for your
platform:
v “AIX, Linux, and Solaris: Starting the Configuration Wizard” on page 111
v “Windows: Starting the Configuration Wizard” on page 123
Chapter 5 Connecting to a DBMS Server
283
2. In the Select the configuration task that you want to perform dialog box,
click IBM Workplace Connection to Database, and then click Next.
3. In the Select the database type dialog box, select Microsoft SQL Server
Enterprise, and then click Next.
4. In the LWPDBDriver: dialog box, type enter the appropriate paths to the
relevant database files, and then click Next. The following table includes
examples of appropriate values for each field in the dialog box.
File
Example Path
LWPDBDriver
com.microsoft.jdbc.
sqlserver.SQLServerDriver
LWPDbLibrary
C:/MicrosoftSQLServer/
lib/msbase.jar;
C:/MicrosoftSQLServer/
lib/mssqlserver.jar;
C:/MicrosoftSQLServer/
lib/msutil.jar
Comments
Type all three paths into the
field, separating them with
semi colons. Use a forward
slash between directories.
5. In the LWPDBNAME: dialog box, type the information about the new
database and associated user names and passwords, and then click Next. The
following table includes examples of appropriate values for each field in the
dialog box.
Field
Example Values
LWPDBNAME
wps50
LWPDBUrl
jdbc:microsoft:
sqlserver://
db_server_DNS:1433;
DatabaseName=wps50
Comments
Type the URL as a single
entry; make sure the
″DatabaseName″ setting
appears only once and has a
semi colon (;) before it.
This path has been formatted
for readability; do not include
any spaces or line breaks
when you type it.
LWPDBAdmin
User
SQLSVRADMIN
LWPDBAdmin
Password
SQLSVRADMIN_password
LWPDBApp
User
LWPCOMM
LWPDBApp
Password
LWPCOMM_password
BackEndId
MSSQLSERVER_V7_1
Always type the password
yourself, as the default value
may not be correct.
Always type the password
yourself, as the default value
may not be correct.
6. In the IBM Workplace software is ready to run the following configuration
dialog box, start the database connection by clicking Next.
7. Click Finish to close the Configuration Wizard.
8. Review the logs (configwizard.log and configwizardlog.txt) from the data
transfer operation to ensure all is well before proceeding to the next step.
These logs are stored in the portal_server_root/log directory.
284
Clustered-server Deployment Guide
The Configuration Wizard creates a configwizard.log file for any task it runs.
To help distinguish log information for the Workplace Collaboration Services
database connection task from other tasks, the wizard copies the contents of
the configwizard.log generated by this task to the file workplace-connectdatabase.log.
9. If you used the default port of 1433 for your SQL Server database server
installation, skip this step; if you used a custom port, complete this step before
proceeding.
a. Open the WebSphere Application Server Administrative Console.
b. Click Resources.
c. Under Additional Properties, click WPCP50 JDBC.
d. Click Data Sources Version 4.
e. For each data source listed (feedbackDS, persDS, and wcmDS), click
Custom Properties under the additional properties section:
v Click New to add a custom property.
v Add a property called portNumber, and type the non-zero standard port
number in use for SQL Server.
f. Save the entries and close the Administrative Console.
10. Stop Cloudscape NetworkServer, as explained in “Starting and stopping IBM
Workplace Collaboration Services servers” on page 145..
After you have successfully transferred Workplace Collaboration Services data to
the SQL Server database, proceed to “Phase 6: Connecting to an external HTTP
server” on page 287.
Chapter 5 Connecting to a DBMS Server
285
286
Clustered-server Deployment Guide
Chapter 6 Connecting to an External Web Server
This chapter describes how to configure IBM Workplace Collaboration Services and
the IBM Workplace Managed Client provisioning server to run with a separate
Web server rather than using the internal Web server that comes with the product.
Phase 6: Connecting to an external HTTP server
Skip this phase if::
v You are using the built-in HTTP server on port 9081 that is installed with IBM
Workplace Collaboration Services
v (i5/OS) You are deploying on IBM i5/OS and used the Create IBM Workplace
Collaboration Services wizard after installation. The wizard creates a local
external HTTP server.
Follow the instructions in this section if:
v You installed one or more external HTTP servers on a separate machine from
Workplace Collaboration Services, preparing to deploy a remote external HTTP
server in a clustered or non-clustered environment.
v (i5/OS) You did not use the Create IBM Workplace Collaboration Services
wizard after installation or if you now want to configure a remote external
HTTP server.
This section assumes that you have already performed the initial setup steps for
the HTTP server, as described in Phase 2. Repeat the setup steps for every HTTP
server you deploy.
Related concepts
“Web server considerations” on page 30
“Preparing external Web servers for a clustered environment” on page 79
Related tasks
“Connecting to external Web servers in a clustered environment”
“Accessing IBM Workplace Collaboration Services through an external Web
server” on page 300
Connecting to external Web servers in a clustered
environment
The following section provides instructions for configuring external Web servers
for IBM Workplace Collaboration Services products or the provisioning server. You
should have installed the Web server, as described in Phase 2, ″Setting up an
external Web server.″ Repeat these steps for every Web server you deploy in the
cluster.
v If you installed IBM HTTP Server 6, proceed to the next step. Otherwise,
configure your Web servers.
v Create a course directory on the Learning content server.
v Install the provisioning server on the external Web servers.
v Connect services on the provisioning server in a clustered environment.
v Configure HTTPS for the Workplace Managed Client.
© Copyright IBM Corp. 2002, 2006
287
Related concepts
“Phase 6: Connecting to an external HTTP server” on page 287
Related tasks
“IBM Workplace Managed Client installation and configuration checklist for a
clustered environment” on page 317
Configuring other HTTP servers
HTTP servers other than IBM HTTP Server 6 require some custom settings when
you set them up for IBM Workplace Collaboration Services or the provisioning
server. Follow the steps for the HTTP server you installed.
Related tasks
“Download a WebSphere Application Server fix for remote HTTP servers”
“Configuring Apache Server” on page 289
“Configuring Domino Enterprise Server” on page 289
“Configuring Microsoft Internet Information Services” on page 291
“Configuring Sun ONE Web Server, Enterprise Edition” on page 293
“Configuring a Domino, Sun ONE, or Microsoft IIS Web server to enable
Workplace Managed Client download” on page 294
“Connecting to external Web servers in a clustered environment” on page 287
Download a WebSphere Application Server fix for remote HTTP servers:
If you are setting up a remote Web server other than IBM HTTP Server 6,
download an updated plug-in and copy it to your Web server. Perform these steps
on the server that has the WebSphere Application Server plug-in.
1. Stop all Web services.
2. Go to the IBM support site:
http://www-1.ibm.com/support/docview.wss?uid=swg24007265
3. Download the plug-in zip file that is appropriate for your platform.
4. Unzip the plug-in zip file.
5. Back up the plug-in modules currently being used.
6. Copy the updated plugin-cfg.xml file from the WebSphere Application Server to
the local or remote HTTP server directory.
7. (AIX) Run the slibclean command after stopping the Web server to clean up
any shared libraries in use.
8. Restart all Web services.
Verify that the plug-in build date has changed within the plug-in log file by
looking at the Bld version and Bld date recorded in the http_plugin.log file when
the HTTP server starts.
For example, the information on a Windows system might look something like
this:
--------------------System Information-------------PLUGIN: Bld version: 5.0.0
PLUGIN: Bld date: Dec 3 2004, 10:48:06
PLUGIN: Webserver: IBM_HTTP_SERVER/1.3.26.2
Apache/1.3.26 (Win32)
PLUGIN: Hostname = www.mycompany.com
PLUGIN: OS version 5.1, build 2600, ‘Service Pack 1
PLUGIN: -------------------------------------------
288
Clustered-server Deployment Guide
Related tasks
“Connecting to external Web servers in a clustered environment” on page 287
Configuring Apache Server:
Follow these instructions to configure the httpd.conf file for Apache Server.
1. If you are configuring a local Web server (one that is installed on the same
machine as Workplace Collaboration Services), proceed to the next step.
If you are configuring a remote Web server, follow these steps to copy two
WebSphere Application Server files to the remote Web server.
a. Create a directory named ″was″ under the http_root directory. For example:
IBM AIX, Linux, and Sun Solaris
/opt/IHS/was
Microsoft Windows
c:\Program Files\apache-1.3\was
b. Copy the following files from the Workplace Collaboration Services server
and paste them in the ″was″ directory you created.
v plugin-cfg.xml
v mod_was_ap20_http.so or mod_was_ap20_http.dll
2. Find the httpd.conf file, located in the http_root \conf directory and make a
backup copy of the file.
3. Open the original httpd.conf file for editing.
IBM AIX, Linux, Sun Solaris, and Microsoft Windows
Open the httpd.conf file in a text editor.
IBM i5/OS
Enter the following on an i5/OS command line:
EDTF ’http_root /conf/httpd.conf’
4. Add the following line to the file:
AddType application/zip zip jar
5. At the end of the file, add the lines that are appropriate for the Web Server
version you installed and for the platform on which it is running.
app_server_root is the WebSphere Application Server installation directory.
AIX, Linux, and Solaris
LoadModule app_server_http_module app_server_root//bin/mod_app_server_http.so
WebSpherePluginConfig app_server_root/config/cells/plugin-cfg.xml
Windows
LoadModule app_server_http_module "app_server_root\bin\mod_app_server_http.dll"
WebSpherePluginConfig "app_server_root\config\cells\plugin-cfg.xml"
IBM i5/OS
WebSpherePluginConfig app_server_root/config/cells/plugin-cfg.xml
LoadModule ibm_app_server_http_module
/QSYS.LIB/QEJBAS5.LIB/QSVTIHSAH.SRVPGM
6. Save your changes and close the file.
Related tasks
“Connecting to external Web servers in a clustered environment” on page 287
Configuring Domino Enterprise Server:
Follow these instructions to enable the Web server to work with IBM Lotus
Domino Enterprise Server.
Chapter 6 Connecting to an External Web Server
289
Note: The Domino Web Administrator interface may vary slightly depending on
which version of Domino you are using.
1. Start the Domino server.
2. Start the Domino Web Administrator interface by accessing the file
/webadmin.nsf using a Web browser (for example, http://
hostname.yourco.com/webadmin.nsf). Type the short name for the
administrator and the administrator password when prompted.
3. Select the Configuration tab.
4. Select All Server Documents.
5. Double-click the server that you want to use with IBM Workplace
Collaboration Services.
6. Click Edit Server on the top-left of the center window.
7. On the Basic tab, select ″Load Internet configurations from Server\Internet
Sites documents.″
8. Select the Internet Protocols tab.
9. Under DSAPI in the middle-right of the page, add the Domino Web Server
Application Programming Interface (DSAPI) filter file.
Note: If there are already DSAPI filter files specified, use a space to separate
the files.
IBM AIX, Linux, Sun Solaris, and Microsoft Windows
Add the path name to the Domino plug-in, which is installed in the
WebSphere Application Server bin directory.
IBM i5/OS
Add the following path:
/QSYS.LIB/QEJBAS5.LIB/LIBDOMINOH.SRVPGM
10.
11.
12.
13.
Click Save and Close on the upper-left of the center window.
Select the Web tab.
Select Internet Sites.
Click Add Internet Site → Web.
14. (Optional) On the Basic tab, provide a description for ″Descriptive name for
this site.″
The default name is the type of Internet Site document with the host name or
address appended.
15. Enter the name of the registered organization that hosts the Internet Site
document.
The name must correspond to the organization’s certifier.
16. In the ″Use this Web site to handle requests which cannot be mapped to any
other Web sites″ field, select Yes if you want this Web site to process incoming
HTTP requests if Domino cannot locate the Web sites that were entered in the
″Host names or addresses mapped to this site″ field.
Leaving the default of No means this Web site will not process incoming
HTTP requests for which Domino cannot locate a Web site. This choice
requires that you provide your Web server host name or IP address in the
″Host names or addresses mapped to this site″ field. If the site is set up for
SSL, you must specify IP addresses in the field.
17. Define the location of the plugin-cfg.xml configuration file.
Domino 6.5.4 and Domino 7.0
a. Select the Configuration tab.
290
Clustered-server Deployment Guide
b. Under DSAPI, add the path to the Domino plug-in, which is installed in
the app_server_root/bin directory.
c. Select all the methods given under ″Allowed Methods.″
d. Select WebDAV as enabled.
e. Save and close the settings.
Domino 6.5.1
v AIX, Linux, and Solaris: Set the WAS_HOME environment variable to point
to the WebSphere Application Server installation root directory.
v Windows: Add the variable Plugin Config to the registry under the path
name HKEY_LOCAL_MACHINE → SOFTWARE → IBM → WebSphere
Application Server → 5.0.0.0. Set the value for this variable to the location of
the plugin-cfg.xml file, which is app_server_root/config/cells/plugin-cfg.xml.
v IBM i5/OS: Define the location of the plugin-cfg.xml file in the NOTES.INI
file. To edit the NOTES.INI file, enter WRKDOMSVR on an i5/OS
command line and enter 13 next to the server you want to work with. Add
the following line at the end of the file, then save your changes:
WebSphereInit=app_server_root/config/cells/plugin-cfg.xml
18. Allow access to the Domino application from Workplace Collaboration
Services by adding the following parameter to the NOTES.INI file, then save
your changes:
HTTPAllowDecodedUrlPercent=1
19. Restart the Domino server. When the server starts, information similar to the
following appears:
02/12/2005 03:05:09 PM JVM: Java virtual machine initialized
WebSphere Application Server DSAPI filter loaded
02/12/2005 03:05:10 PM HTTP Web Server started
Related tasks
“Connecting to external Web servers in a clustered environment” on page 287
Configuring Microsoft Internet Information Services:
Follow these instructions to configure Microsoft Internet Information Server (IIS).
To perform this task, you must have read/write access to the plugins_root directory,
which is, by default, C:\Program Files\IBM\WebSphere\Plugins\webserver.
For more details, see the IBM WebSphere Application Server Information Center.
Configuring IIS 6.0:
1. Start the IIS application and create a new virtual directory for the Web site
instance that you intend to work with IBM Workplace Collaboration Services.
These instructions assume that you are using the Default Web Site.
Click Programs → Administrative Tools → Internet Information Services (IIS)
Manager on a Windows Server 2003 Standard Edition system, for example.
2. Expand the tree on the left until you see Default Web Site.
Right-click Default Web Site → New → Virtual Directory to create the
directory with a default installation.
3. Type sePlugins in the Alias field in the Virtual Directory Alias panel of the
Virtual Directory Creation Wizard, then click Next.
4. Browse to the plugins_root\bin\IIS_web_server_name directory in the Path field
of the Web Site Content Directory panel of the wizard, then click Next.
Chapter 6 Connecting to an External Web Server
291
For example, select the C:\Program Files\IBM\WebSphere\Plugins\bin\
IIS_webserver1 directory.
5. Select the appropriate permission check boxes in the Virtual Directory Access
Permissions panel of the wizard.
Select the Read check box and the Execute (such as ISAPI applications or
CGI) check box, for example.
6. Click Next to add the sePlugins virtual directory to your default Web site.
7. Click Finish when the success message displays.
8. Copy the plug-in binaries to the plugins_root \bin\IIS_web_server_name
directory.
For example, copy the plug-in binary files to the C:\Program
Files\IBM\WebSphere\Plugins\bin\IIS_webserver1 directory.
The plugin-cfg.loc file resides in this directory. The first line of the
plugin-cfg.loc file identifies the location of the plugin-cfg.xml fil
9. Expand the Web Sites folder in the left pane navigation tree of the IIS
Manager panel.
10. Right-click Default Web Site in the navigation tree and click Properties.
Add the Internet Services Application Programming Interface (ISAPI) filter
into the IIS configuration.
In the Default Web Site Properties panel, perform the following steps:
a. Click the ISAPI Filters tab.
b. Click Add to open the Add/Edit Filter Properties dialog window.
c. Type iisWASPlugin in the Filter name field.
d. Click Browse to select the C:\Program Files\IBM\WebSphere\Plugins\
bin\IIS_webserver1\iisWASPlugin_http.dll file for the value of the
Executable field.
Browse to your plugins_root \bin\IIS_web_server_name directory to select
the iisWASPlugin_http.dll file.
e. Click OK to close the Add/Edit Filter Properties dialog window.
f. Click OK to close the Default Web Site Properties window.
11. Set the value in the plugin-cfg.loc file to the location of the configuration file.
Set the location to the plugins_root \config\webserver_name\plugin-cfg.xml file,
which might be C:\Program Files\IBM\WebSphere\Plugins\config\
IIS_webserver1\plugin-cfg.xml file.
The location varies depending on how you have configured your system. If
the Web server and the Application Server are on separate machines, you have
a remote installation.
If the two servers are on the same machine, you have a local installation.
If the two servers are on the same machine and the application server is
federated, you have a local distributed installation.
Local distributed example:
"C:\IBM\WebSphere\AppServer\profiles\custom01\config\cells\
dmgrcell\nodes\managed_node\servers\webserver1\plugin-cfg.xml"
Local stand-alone example:
"C:\IBM\WebSphere\AppServer\profiles\default\config\cells\
sa_cell\nodes\webserver1_node\servers\webserver1\plugin-cfg.xml"
Remote example:
"C:\IBM\WebSphere\Plugins\config\webserver1\plugin-cfg.xml"
12. Configure the Web server to run WebSphere Application Server extensions:
292
Clustered-server Deployment Guide
a. Expand the left pane navigation tree until you see the Web Service
Extensions folder in the IIS Manager panel.
b. Click Web Service Extensions to display information about what Web
service extensions are allowed.
c. Click All Unknown ISAPI Extensions on the right side of the panel.
d. Click Allow in the middle pane. The status field for the All Unknown
ISAPI Extensions changes to Allowed.
Configuring IIS 5.0:
1. Start the IIS application and create a new virtual directory for the Web site
instance that you intend to work with Workplace Collaboration Services. These
instructions assume that you are using the Default Web Site.
2. Expand the tree on the left until you see Default Web Site.
Right-click Default Web Site, then click New > Virtual Directory to create the
directory with a default installation.
3. Type sePlugins in the Alias to be used to Access Virtual Directory field.
4. Browse to the plugins_root\bin directory in the Enter the physical path of the
directory containing the content you want to publish field.
5. Select the appropriate Execute check box (such as ISAPI applications or CGI) in
the What access permissions do you want to set for this directory field.
6. Click Next to add the sePlugins virtual directory to your default Web site.
7. Click Finish.
8. Right-click the host name in the tree on the left and click Properties.
Add the Internet Services Application Programming Interface (ISAPI) filter
into the IIS configuration.
In the Properties dialog, perform the following steps:
a. Click the Internet Information Services tab.
b. Click WWW Service in the Master properties window.
c. Click Edit to open the WWW Service master properties window.
d. Click ISAPI Filters > Add to open the Filter properties window.
e. Type iisWASPlugin in the Filter Name field.
f. Click Browse in the Executable field.
g. Browse to the plugins_root\bin directory.
h. Click the iisWASPlugin_http.dll file.
i. Click OK until all the open windows close.
Related tasks
“Connecting to external Web servers in a clustered environment” on page 287
Related reference
“Related product information” on page 493
Configuring Sun ONE Web Server, Enterprise Edition:
Follow these instructions to configure entries in the Sun ONE Web Server,
Enterprise Edition obj.conf and magnus.conf configuration files for Version 6.0 and
later of Sun ONE Web Server, Enterprise Edition.
1. Find the obj.conf file and make a backup copy of the file.
2. Use a text editor to open the original obj.conf file.
3. Add two directives to the obj.conf file after the Object name=default tag:
Service fn="as_handler"
Chapter 6 Connecting to an External Web Server
293
AddLog fn="as_term"
4. Close and save the file.
5. Find the magnus.conf file and make a backup copy of the file.
6. Add the load-modules directive to the end of the file.
Init fn="load-modules"
funcs="as_init,as_handler,as_term"
shlib="drive:\WebSphere\AppServer\bin\ns41_http.dll"
7. Add the bootstrap.properties directive to the end of the file.
The location for the bootstrap.properties directive varies, depending on how
you have configured your system. For example:
Local Web server
Init fn="as_init"
bootstrap.properties="/opt/IBM/WebSphere/AppServer/profiles/default/
config/cells/sa_cell/nodes/webserver1_node/servers/webserver1/
plugin-cfg.xml"
Remote Web Server
Init fn="as_init"
bootstrap.properties="/opt/IBM/WebSphere/Plugins/config
/cells/plugin-cfg.xml"
8. Close and save the file.
Related tasks
“Connecting to external Web servers in a clustered environment” on page 287
Configuring a Domino, Sun ONE, or Microsoft IIS Web server to enable
Workplace Managed Client download:
If you are using either a Domino Web server or Sun ONE Web server, you must
perform additional setup tasks to enable IBM Workplace Managed Client users to
download the Workplace Managed Client installation program. By default, the
HTTP server is configured for the IBM HTTP server and Apache HTTP server.
Other HTTP servers must be configured properly to permit the user to download
.exe, .bin and .jar file extensions. This page describes the HTTP server
configuration unique to Domino Web Server and Sun ONE Web Server Enterprise
Edition.
Domino Web Server:
To configure the Domino Web Server for client download, set the content root to
Domino_install_root:/Data/domino/html.
To avoid errors when accessing Domino applications from the client, add the
following parameter to the Domino server’s notes.ini file and then restart the Web
server:
HTTPAllowDecodedUrlPercent=1
Sun ONE Web Server Enterprise Edition:
To configure the Sun ONE Web Server Enterprise Edition for client download, set
the content root to drive_name:/iPlanet/Servers/docs and then add the following
lines to the drive_name:/iPlanet/Servers/https_server_name/config/mime.types file:
294
Clustered-server Deployment Guide
type=application/octet-stream exts=bin,exe
type=application/java-serialized-object exts=ser
type=application/java-vm exts=class
type=application/msword exts=doc,dot,wiz,rtf
type=application/pdf exts=pdf
type=application/postscript exts=ai,eps,ps
type=application/vnd.ms-excel exts=xls,xlw,xla,xlc,xlm,xlt
type=application/vnd.ms-powerpoint exts=ppt,pps,pot
type=application/vnd.ms-project exts=mpp
type=application/winhlp exts=hlp
type=magnus-internal/cgi exts=cgi,bat
Also perform the following steps to correctly configure ACLs.
1. Access the Web Server Manager and select the server instance for which to
create or edit ACLs.
2. Click the Server Manager’s Preferences tab.
3. Click the Restrict Access link.
4. Select the file to edit and click Edit ACL.
5. In the Pick a resource section, click Edit Access Control.
6. Give all access rights to all users and groups.
7. Save the settings and restart the Web Server server.
Microsoft IIS Web Server:
Perform the following steps to enable client download in conjunction with a
Microsoft IIS Web server.
1. Start the IIS application by clicking Start → Programs → Administrative Tools →
Internet Service Manager or Start → Run, type inetmgr, and click OK.
2. Right-click on Web Sites → Default Web site → Properties.
If using IIS 5.0, right-click the host name in the left panel and click Edit to open
the WWW Service Master Properties window.
3. Click the Default Security tab.
4. Click Default Web Site Properties.
5. Click Edit in the Authentication and access control section
6. Uncheck the Integrated Windows Authentication check box in the
Authenticated access section.
7. Click OK to close all windows.
8. Restart the Web server.
Related concepts
“AIX, Linux, Solaris, and Windows: Requirements” on page 5
“i5/OS: Requirements” on page 13
Chapter 6 Connecting to an External Web Server
295
Related tasks
“IBM Workplace Managed Client installation and configuration checklist for a
clustered environment” on page 317
Creating a course directory on the content server
If the external Web server will be a course content server for IBM Workplace
Collaborative Learning , set up the following directory structure.
Before performing these steps, you should have completed setup of the external
Web servers.
1. Create a content directory off the Web server default content directory, for
example:
http_root/htdocs/en_US/content
2. Copy any course content you already have to the new content directory.
For example, if you previously used the built-in internal Web server for
Workplace Collaborative Learning, existing content would be located in:
app_server_root/installedApps/cell_name/LWP_LMS_DS.ear/dsWeb.war/content
Related tasks
“Connecting to external Web servers in a clustered environment” on page 287
“Connecting nodes to an external HTTP server” on page 428
Related reference
“Learning settings in the dbbuild properties file” on page 434
Installing the provisioning server
There are several ways to install the IBM Workplace Managed Client provisioning
server. They are listed, and instructions are linked to, below:
Read the Workplace Managed Client installation and configuration checklist before
installing the provisioning server.
v “Installing and configuring the provisioning server in a clustered environment”
on page 320
Note: For a clustered environment, the Workplace Managed Client provisioning
server must only be installed on Node 1; do not install the provisioning
server on the second or subsequent nodes. The installation on Node 1
must take place before you federate the node or the installation will fail.
v
v
v
v
v
“Installing the provisioning server from CD-ROM” on page 328
“Installing the provisioning server from an e-image” on page 330
Installing the provisioning server silently
“i5/OS: Installing and configuring the provisioning server in a clustered
environment” on page 325
Note: For a clustered environment, the Workplace Managed Client provisioning
server must be installed on Node 1 only; do not install the provisioning
server on the second or subsequent nodes. The installation on Node 1
must take place before you federate the node or the installation will fail.
v
Related tasks
296
Clustered-server Deployment Guide
“IBM Workplace Managed Client installation and configuration checklist for a
clustered environment” on page 317
“Installing the provisioning server on an HTTP server with a non-default
document root” on page 339
“Updating the provisioning server on an HTTP server with a non-default
document root” on page 339
“Specifying a new Workplace Managed Client provisioning server Web
address” on page 340
Connecting services on the provisioning server in a clustered
environment
After you have installed the Workplace Managed Client provisioning server, make
the following changes to properties files on the provisioning server. If you are
installing in a clustered environment, you only need to make the changes on the
Web servers that serve as the provisioning server, not on the Workplace servers.
For a clustered environment, also see Updating Workplace Managed Client
configuration files for a clustered environment.
Editing the pluginvalues.props file:
1. In a text editor, open the pluginvalues.props file.
The file is located in the WebSphere\AppServer\installedApps\yourNode\
wctInstall.ear\wctinstall.war directory, for example:
c:\WebSphere\AppServer\installedApps\node1\wctInstall.ear\wctinstall.war\
pluginvalues.props
Note: For additional settings relative to Workplace Managed Client
provisioning, see Setting Workplace Managed Client installation program
defaults.
2. Add the following parameter to activate IBM Workplace SIP services.
plugin_customization.SIPSERVER=yourAppServer
where yourAppServer is the fully qualified DNS name of the Workplace server
where SIP services have been installed. In a Network Deployment environment,
this is the fully qualified DNS name of the node.
3. Specify the HTTP port (if it is not a standard port) for the following line:
plugin_customization.com.ibm.workplace.security/com.ibm.wkplc.remote.
server.port=port
where port is the non-standard port through which the Web server
communicates, for example:
plugin_customization.com.ibm.workplace.security/com.ibm.wkplc.remote.
server.port=9809
In a clustered environment, this is the HTTP port on the Deployment Manager.
4. If you are editing the file on a node server, replace the host name with the fully
qualified DNS name of the Deployment Manager for the following line:
plugin_customization.com.ibm.workplace.security/com.ibm.wkplc.remote.
server.name=Deployment_Manager_DNS_name
5. Close and save the file.
Editing the token-values.props file:
1. Open the token-values.props file, which is located in the same directory as the
pluginvalues.props file.
Chapter 6 Connecting to an External Web Server
297
Note: For additional settings relative to IBM Workplace Managed Client
provisioning, see “Setting Workplace Managed Client installation
program defaults” on page 351.
2. Change the value of host to be your Web server name, prefaced with the
protocol.
host=http://yourHTTPServer:port
where yourHTTPServer is the fully qualified DNS name of the external Web
server, for example, host=http://web1.acme.com. If you defined a port other
than 80 for the Web server, include the port number in the value.
Note: If you are working in an SSL-secured environment, change the value of
host to be your HTTPS server name, prefaced with the protocol.
host=https://yourHTTPSServer:port
3. Change the value of host-name to be your WebSphere Application Server name.
host-name=yourWASServer
where yourWASServer is the fully qualified DNS name of the WebSphere
Application Server that has the provisioning server software, for example,
host-name=provisioning.acme.com. In a clustered environment using the Edge
Server components, this value is the fully qualified DNS address of your
dispatcher cluster.
4. Close and save the file.
Creating the wctprops directory:
1. Create a directory called wctprops under the http directory (for example,
c:\IBMHTTPServer\htdocs\en_US\wctprops).
2. Copy the fileList.props, pluginvalues.props and token-values.props files to the
wctprops directory.
3. Stop the IBM HTTP server.
4. Set the following values in the httpd.conf file:
v KeepAlive On
v KeepAliveTimeout 5
v MaxKeepAliveRequests 0
v MaxRequestsPerChild 0
5. Turn off HTTP access logging by commenting out the logs/access.log line as
shown below:
# The location of the access log file (Common Logfile Format).
# If this does not start with /, ServerRoot is prepended to it.
# Comment out the below line:
# CustomLog logs/access.log common
6. Close and save the file.
7. Restart the Web server.
“IBM Workplace Managed Client installation and configuration checklist for a
clustered environment” on page 317
“Installing the provisioning server” on page 296
“Updating Workplace Managed Client user interface files on Node 1” on page
395
“Connecting to external Web servers in a clustered environment” on page 287
298
Clustered-server Deployment Guide
Configuring HTTPS for the Workplace Managed Client
You can configure the IBM Workplace Managed Client and a remote external Web
server to use HTTPS (HTTP with Secure Sockets Layer, or SSL) to synchronize data
between the Workplace Managed Client and the IBM WebSphere Portal Server. By
encrypting all transmitted data, as well as authenticating the identity of the server,
HTTPS offers greater security than that of HTTP. HTTPS on the external Web
server is required in a clustered environment or when using a remote external Web
server in a single-server environment.
Configuring the Web server to use SSL:
Follow these steps to set up SSL on each of the remote Web servers that will be
used for provisioning and synchronizing data with Workplace Managed Client
workstations.
1. Enable HTTP on your external Web server, following the documentation
supplied by your HTTP server vendor.
2. Extract the certificate used on the Web server (either self-signed or signed) from
the HTTP server’s keystore, using the ikeyman tool and help supplied with
your HTTP server.
3. Add that extracted certificate as a Signer to the Server Trust store that
WebSphere Portal server is using; for example opt/WebSphere/IBM/
AppServer/etc/DummyServerTrustFile.jks with a password of WebAS.
4. Perform the following tasks using the WebSphere Application Server
Administrative Console.
a. Add the HTTP server port to the virtual hosts parameter for default_host;
for example http://yourWASServer:9091/admin by clicking Environment →
Virtual Hosts → default_host → Addtional Properties - Host Aliases → New.
b. Click Host Name: and enter either * or the HTTP server name.
c. Click Port: and enter either 443 or your HTTPS port number.
d. Click OK.
e. Click Save.
5. Update the HTTP server’s plug-in configuration file for your deployment.
Clustered-server deployment
6. Restart the WebSphere Portal Server and the IBM Workplace Collaboration
Services server.
Configuring Workplace Managed Client workstations to use SSL:
To configure the Workplace Managed Client to use HTTPS for both provisioning
and data synchronization, specify ″https″ and the SSL port number in the user’s
Portal URL field in the Connectivity options page available from the Workplace
Managed Client Login screen.
Related concepts
“Phase 6: Connecting to an external HTTP server” on page 287
Related tasks
“IBM Workplace Managed Client installation and configuration checklist for a
clustered environment” on page 317
“Connecting to external Web servers in a clustered environment” on page 287
Chapter 6 Connecting to an External Web Server
299
Accessing IBM Workplace Collaboration Services through an
external Web server
With an external Web server connection, the port for accessing IBM Workplace
Collaboration Services changes from 9081 to the default port of 80. Unless you’ve
defined a port other than 80 for the Web server, the URL does not need to specify
a port.
1. To access Workplace Collaboration Services, type the following URL:
http://servername.yourcompany.com/lwp/workplace
2. To access the IBM Workplace Collaborative Learning administrator interface,
type the following URL:
http://servername.yourcompany.com/lms-lmm
Shortening the Workplace Collaboration Services URL for users
You can make it easier for users to open Workplace Collaboration Services by
shortening the URL they enter in their browsers. When users enter the URL of the
server, an index.html file fills in the /lwp/workplace part of the URL
automatically and brings them to the login screen.
1. Create a new index.html file.
2. Add the following line to the file, replacing ″workplace.acme.com″ shown in
the example with the fully qualified host name of the Workplace Collaboration
Services server.
<meta HTTP-EQUIV="REFRESH" content="0;url=http://workplace.acme.com/lwp/
workplace/!ut/p/.scr/Login">
3. Save the file.
4. Store the file in the http_root//htdocs/en_US directory on the Web server.
5. Give users the URL to the Workplace Collaboration Services server (for
example, http://workplace.acme.com).
Related concepts
“Phase 6: Connecting to an external HTTP server” on page 287
Related tasks
“Connecting to external Web servers in a clustered environment” on page 287
300
Clustered-server Deployment Guide
Chapter 7 Completing setup of Workplace Collaboration
Services
This chapter describes how to finish setting up Workplace Collaboration Services
components.
Phase 7: Completing setup of Workplace Collaboration Services
components
Some of the components that you can install with IBM Workplace Collaboration
Services require some additional setup, as described in the following procedures.
Related concepts
“Completing Learning setup in a clustered environment”
“Completing Workplace Designer setup in a clustered environment” on page
309
Completing Learning setup in a clustered environment
For IBM i5/OS deployments, skip this phase if you used the Create IBM
Workplace Collaboration Services wizard to configure IBM Workplace
Collaborative Learning . If you did not use the wizard, or if you wish to change
your Learning settings, install and configure an HTML rendering server on your
system before performing the following tasks.
For more information, see ″Configuring Workplace Collaboration Services″ in
Chapter 3.
For all other platforms, finish setting up Workplace Collaborative Learning by
performing the following tasks:
v Grant Learning access to the WebSphere Portal administrator.
Do this on Node 1 only.
v Connect Collaborative Learning portlets to a remote Learning Server.
Do this on Node 1 only.
v Set up access control for Collaborative Learning portlets.
Do this on Node 1 only.
v Enable reporting on IBM AIX, Linux, Sun Solaris, and i5/OS.
Do this on Node 1 and all subsequent nodes.
v Configure help for the Workplace Collaborative Learning administrator interface
for AIX, Linux, Solaris, or Microsoft Windows or i5/OS.
Perform these steps after you have finished setting up the Network Deployment
environment and the Workplace server clusters are operational.
For more information about managing Workplace Collaborative Learning, see the
IBM Workplace Collaboration Services Information Center.
Related tasks
“i5/OS: Configuring an HTML rendering server” on page 140
© Copyright IBM Corp. 2002, 2006
301
Granting Learning access to the WebSphere Portal Server
administrator
When you install IBM Workplace Collaborative Learning , the WebSphere Portal
Server ″wpsRunAsAdmin″ administrator role is automatically set to the user name
″wpsadmin.″ As a result, if a course uses a Discussion database, only the course
creator can enroll.
Complete the following steps to grant Learning access to any WebSphere Portal
Server administrator. In a Network Deployment environment, do this on Node 1.
1.
2.
3.
4.
Log in to the WebSphere Administrative Console.
Click Applications → Enterprise Applications → LWP_LMS_LMM.
Click Map RunAs roles to users.
Select the check box near wpsRunAsAdmin, and then click Remove to delete
″wpsadmin″ as the user value.
5. Click OK, then click Save, and then click Save again when you are prompted
to confirm.
6. Click Applications → Enterprise Applications → LWP_LMS_LMM.
7. Click Map security roles to users/groups.
8. Select the check box near wpsRunAsAdmin, and then click the Lookup users
button.
9. Locate the WebSphere Portal administrator user name and add it to the
wpsRunAsAdmin role.
10. Click OK, click OK again, click Save, and then click Save again when you are
prompted to confirm.
11. Select Applications → Enterprise Applications → LWP_LMS_LMM.
12. Click Map RunAs roles to users.
13. Select the check box near wpsRunAsAdmin, and then type the WebSphere
Portal administrator’s user name and password in the appropriate fields.
14. Click Apply.
15. Click OK, then click Save, and then click Save again when you are prompted
to confirm.
16. Restart the server.
Related concepts
“Completing Learning setup in a clustered environment” on page 301
Related tasks
“Opening the IBM WebSphere Administrative Console” on page 144
Connecting Learning portlets to a remote Learning Server
If you installed IBM Workplace Collaborative Learning on a different node from
the Learning server, add a Web address on the portlet server to allow the
Collaborative Learning portlets to communicate with the Learning Server through
Web services. In a Network Deployment environment, do this on Node 1.
1. On the server where the Workplace Collaborative Learning portlets are
installed, open the WebSphere Administrative Console.
2. Open the URLs list (Resources → URL Providers → Switch to cell level →
Default URL Provider → URLs).
3. Change the specification value of LMS_URL to be the Web address of the
Learning Server (for example, http://http.ibm.com/lms-lmm).
302
Clustered-server Deployment Guide
Related concepts
“Completing Learning setup in a clustered environment” on page 301
Related tasks
“Opening the IBM WebSphere Administrative Console” on page 144
Setting up access control for IBM Workplace Collaborative
Learning portlets
To give certain users access to the Configure Mode of Workplace Collaborative
Learning portlets, you can assign them administrator access.
In a Network Deployment environment, do this on Node 1.
Use the following procedure to set up access to the Workplace Collaborative
Learning portlets:
1. In the WebSphere Portal Server Administration area, go to the User and Group
Permissions selection.
2. Select Users to set access control for an individual user or select User Groups
to set access control for entire groups.
3. Find the users or groups whose access you want to modify and click Select
Resource Type to display a list of resources. You must modify the Pages and
Portlet Applications entries.
4. Select Pages and browse the page hierarchy until you see the Learning page.
5. At the Learning page entry, click Assign Access.
For students, select Privileged User access. Anything above Privileged User in
the list corresponds to higher access. Make sure that no higher level access is
granted to student. The value set here can be inherited from pages up higher in
the hierarchy, meaning that you can set Student access at the My Portal level
and have it filter down. Make sure that no higher level access is granted, either
explicitly or as inherited.
For administrators, choose Administrator.
6. Click OK, and then click Done to return to the list of resources.
7. Select Portlet Applications and search for ″Learning″ to include the Learning
application in your results.
8. At the Learning application page entry, click Assign Access and give the same
access rights as you just did for students and administrators in Step 5. Make
sure that no higher level access is granted to students than Privileged User,
either explicitly or as inherited. For administrators, choose Administrator.
9. Click OK, and then click Done to return to the list of resources.
When you finish, users logged in as Students should see the following options in
their portlet title bars:
v My Learning - Help Mode, Minimize, Maximize
v Announcements - Minimize, Maximize
v My Competencies - Help mode, Minimize, Maximize
Administrators should have an additional Configure mode option for the My
Learning portlet.
Related concepts
“Completing Learning setup in a clustered environment” on page 301
Chapter 7 Completing setup of Workplace Collaboration Services
303
AIX, Linux, and Solaris: Enabling reporting
If you are running IBM Workplace Collaborative Learning on IBM i5/OS and you
did not use the Create IBM Workplace Collaboration Services wizard, you must
install and configure either Virtual Network Computing (VNC) or Xserver virtual
frame buffer (Xvfb) to enable Workplace Collaborative Learning reporting. For
more information, see ″i5/OS: Configuring an HTML rendering server.″
If you are running Workplace Collaborative Learning on AIX, Linux, or Sun
Solaris, you must install Xvfb (Xserver virtual frame buffer) on the Workplace
server to enable Workplace Collaborative Learning reporting. Xvfb provides a
virtual Xserver that runs without a head or graphics card, so that you do not have
to run a real Xserver.
Refer to the following Xvfb installation and configuration instructions for your
operating system.In a clustered deployment, perform these steps on Node 1 and all
subsequent nodes.
Installing Xvfb on AIX:
Use the following procedure to install Xvfb on AIX. For complete instructions, refer
to the AIX Windows Programming Guide at:
http://publib16.boulder.ibm.com/pseries/en_US/aixprggd/aixwnpgd/
xvfb.htm#xvfb.
1. Log in to the server as a user with administrative privileges.
2. Add the following line to /etc/initab:
xvfb:2:respawn:/usr/bin/X11/X -force -vfb -x abx -x dbe -x GLX :1 > /dev/null
3. Set DISPLAY by adding the following line to .profile:
DISPLAY=`hostname`:1.0
export DISPLAY
4. Save the changes.
5. Restart the server.
6. Disable JIT on application servers.
Installing Xvfb on Linux and Solaris:
Use the following procedure to install Xvfb on Linux and Solaris.
Before you begin installing Xvfb
On Linux, the binary is called ’Xvfb’ and may or may not be included with your
distribution. If you do not have Xvfb with your distribution, it may be available
from your Linux vendor; otherwise, it is available from x.org at the following URL:
ftp://ftp.xfree86.org/pub/XFree86/4.2.0/binaries/Linux-ix86-glibc22/
Once obtained, follow the instructions provided with the package to unpack and
install it.
On a standard Solaris 9 O/S, the software should already be installed. It resides
under /usr/openwin/bin and the binary is called ’Xsun’. It is started by a shell
script called Xvfb, which passes it some command line arguments in addition to
what the user specifies.
304
Clustered-server Deployment Guide
Installation
The following steps should be carried out as an administrative user; for example,
root. If you are installing on Linux, skip Steps 1 - 4.
Note: This procedure assumes you use :1 as the display number for Xvfb. To use a
different number, see the instructions that follow for ″Changing the display
number from 1.″
1. (Solaris) Perform the following steps to remove the setgid bit, if it is set, on
the Xvfb script.
a. Check to see if the Xvfb script has setgid permissions. The ″s″ in the
middle set of permissions denotes that the script has setgid permissions.
bash-2.05# ls -l /usr/openwin/bin/Xvfb
-rwxr-sr-x 1 root root 162 Nov 30 18:34 /usr/openwin/bin/Xvfb
b. Issue the following command to remove the setgid bit if it is set:
bash-2.05# chmod g-s /usr/openwin/bin/Xvfb
2. (Solaris) Make a backup copy of the Xvfb script.
3. (Solaris) In a text editor, open the original Xvfb script and change the
following line:
Xsun $* +nkeyboard +nmouse -dev vfb
to
/usr/openwin/bin/Xsun $* +nkeyboard +nmouse -dev vfb
Save the file without closing it.
4. (Solaris) With the Xvfb script still open, determine if the script contains these
lines:
ServerNumber=`echo $1 |grep ":"`
if [ "$ServerNumber" ]
then
shift
fi
These lines, if present, force Xvfb to run on the default display :0. To run on
:1, as described in this procedure, or any other number besides 0, comment
out these lines, then save and close the file.
5. Generate a script file named /etc/init.d/xvfb containing the following:
#!/bin/sh
XVFB_DISPLAY=":1"
case "`uname`" in
"Linux")
XVFB_BINARY=/usr/X11R6/bin/Xvfb
;;
"SunOS"|"Solaris")
XVFB_BINARY=/usr/openwin/bin/Xsun
;;
*)
XVFB_BINARY=
;;
esac
if [ ! -z "$XVFB_BINARY" ]; then
case "$1" in
"start")
if [ -f "$XVFB_BINARY" ]; then
XVFB_PID="`pgrep -f "$XVFB_BINARY $XVFB_DISPLAY"`"
if [ -z "$XVFB_PID" ]; then
echo "xvfb: Starting Xvfb on $XVFB_DISPLAY"
`dirname $XVFB_BINARY`/Xvfb $XVFB_DISPLAY &
else
Chapter 7 Completing setup of Workplace Collaboration Services
305
echo "xvfb: ERROR: Xvfb is running on $XVFB_DISPLAY"
exit
fi
else
echo "xvfb: ERROR: $XVFB_BINARY not found"
exit 1
fi
;;
"stop")
XVFB_PID="`pgrep -f "$XVFB_BINARY $XVFB_DISPLAY"`"
if [ ! -z "$XVFB_PID" ]; then
echo "xvfb: Stopping Xvfb on $XVFB_DISPLAY"
kill -9 $XVFB_PID
else
echo "xvfb: ERROR: Xvfb is not running on $XVFB_DISPLAY"
exit 1
fi
;;
"status")
XVFB_PID="`pgrep -f "$XVFB_BINARY $XVFB_DISPLAY"`"
if [ -z "$XVFB_PID" ]; then
echo "xvfb: Xvfb is not running on $XVFB_DISPLAY"
else
echo "xvfb: Xvfb is running on $XVFB_DISPLAY"
fi
;;
*)
echo " Usage: "
echo " $0 start (start Xvfb)"
echo " $0 stop (stop Xvfb)"
echo " $0 status (check if Xvfb is running)"
exit 1
;;
esac
else
echo "xvfb: ERROR: Could not determine platform"
exit 1
fi
exit 0
6. Make the script file executable with the following command:
chmod +x /etc/init.d/xvfb
7. Determine the run-level into which the system starts with the following
command:
grep initdefault: /etc/inittab
The number in the resulting line indicates the default system run-level. In
these examples, ″3″ is the system run-level:
Linux
id:3:initdefault
Solaris
is:3:initdefault
To use a different run-level, change the line in /etc/inittab to specify a
different number.
8. Create a soft link in the appropriate run-level with the following command:
ln -s /etc/init.d/xvfb /etc/rc3.d/S99xvfb
This example uses run-level 3 (identified by ″rc3.d″).If you intend to use Xvfb
in a different run-level, set up the soft link to the appropriate /etc/rcX.d
directory.
Also, note the use of the number 99 (S99xvfb). This number indicates the
order in which the services for your run-level start up. The higher the number,
306
Clustered-server Deployment Guide
the later the service starts in relation to all the others. You do not have to use
99 but you should make it reasonably high so that other services on which
this may depend will be started first.
9. Restart the machine.
10. Verify that Xvfb is running using the following command:
/etc/init.d/xvfb status
11. Set and export the DISPLAY environment variable using the following
command:
export DISPLAY=`hostname`:1.0
This command can also be added to the shell profile you use; for example,
.bash_profile.
12. Start Application Servers.
Note: Changes in scripts supplied by the operating system supply workarounds
for problems encountered with Xvfb on that platform. IBM accepts no
responsibility for any harm caused to your system by making these changes
and any queries regarding the suitability of such changes should be directed
to the operating system vendor.
Changing the display number from 1:
The display number argument to Xvfb (:1 in the above examples) is what isolates
Xvfb from any other running X servers. This number can be any number that is
not already in use, but you must set your DISPLAY environment variable to the
number you are actually using.
AIX
Make the following changes to /etc/initab, save the changes, and restart the
server.
1. Change GLX :1 to the new display number in the following line:
xvfb:2:respawn:/usr/bin/X11/X -force -vfb -x abx -x dbe -x GLX
:your_new_number/dev/null
where your_new_number represents the new display number.
2. Change DISPLAY=`hostname`:1.0 to the new display number:
DISPLAY=`hostname`:<your_new_number>.0
export DISPLAY
Linux and Solaris
Make the following changes and restart the server.
1. In /etc/init.d/xvfb, change XVFB_DISPLAY=″:1″ to the new display number,
then save the changes:
XVFB_DISPLAY=″:your_new_number″
where your_new_number represents the new display number.
2. Set and export the DISPLAY environment variable using the following
command:
export DISPLAY=`hostname`:your_new_number.0
Related concepts
“Completing Learning setup in a clustered environment” on page 301
Chapter 7 Completing setup of Workplace Collaboration Services
307
AIX, Linux, Solaris, and Windows: Configuring Learning
administrator help
Most IBM Workplace Collaborative Learning administration is performed through
the separate Workplace Collaborative Learning administrator interface. You access
the interface with a Web address such as http://www.servername.com/lms-lmm. To
access help and online documentation while you are using the administrator
interface, configure the help system by following these steps. In a clustered
environment, perform these steps after the Workplace server clusters are
operational.
1. Log in to the server as a user with administrative privileges.
2. If you have not already done so, create a directory in the HTTP Server
document root to store the help files.
IBM AIX, Linux, and Sun Solaris users must have root privileges to create
directories. Do not include spaces when creating directory names.
AIX
/usr/IBMHttpServer/htdocs/en_US
Linux
/opt/IBMHttpServer/htdocs/en_US
Solaris
/opt/IBMHttpServer/htdocs/en_US
Microsoft Windows
c:\IBMHttpServer\htdocs\en_US
3. Copy the lms-help.zip file from theworkplace_server_root/Learning/help
directory to the new local directory.
4. Unzip the files from lms-help.zip into the new local directory.
5. With a browser, access the Learning Server start page as an Administrator and
navigate to Settings → LMM Server → General Settings → General tab.
6. In the ″URL″ field for the Help System on the General settings page, type:
http://$LMM_HOSTNAME /$HELP_DIR/
where $HELP_DIR is the help directory created previously within the HTTP
server’s document root.
For example:
http://xyz.acme.com/help_dir/
Related concepts
“Completing Learning setup in a clustered environment” on page 301
i5/OS: Configuring Learning administrator help
To configure the help system for the IBM Workplace Collaboration Services
administrator interface on IBM i5/OS, follow these steps.
Note: If you used the Create IBM Workplace Collaboration Services wizard to
configure Collaborative Learning, these steps were performed for you.
1. Start the QShell Interpreter by entering the following on an i5/OS command
line:
STRQSH
2. Create a new help directory in the directory structure of your external HTTP
server by entering the following:
mkdir /www/http_instance/htdocs/lms_help
308
Clustered-server Deployment Guide
where http_instance is the name of your HTTP server instance. In most cases,
this will be the same as the name of your IBM Workplace instance.
3. Copy the lms-help.zip file to the new help directory by entering the following
on one line:
cp /qibm/userdata/webas5/base/iwp_instance/workplaceserver/
Learning/help/lms-help.zip /www/http_instance/htdocs/lms_help
where iwp_instance is the name of your IBM Workplace Collaboration Services
instance, and http_instance is the name of your HTTP server instance.
4. Change to the new help directory:
cd /www/http_instance/htdocs/lms_help
5. Unzip the lms-help.zip file by entering the following:
jar -xvf lms-help.zip
6. Once the lms-help.zip file has been unzipped, you can remove it by entering
the following:
rm lms-help.zip
7. Change to the htdocs directory (one level up) by entering the following:
cd ..
8. Create the appropriate permissions for all files in the new help directory by
entering the following:
chmod -R o+rx lms_help
9. With a browser, access the Learning Server start page as an Administrator and
navigate to Settings → LMM Server → General Settings → General tab.
10. In the ″URL″ field for the Help System on the General settings page, type:
http://hostname/lms_help/
where hostname is the full host name of the server hosting Workplace
Collaborative Learning.
Related concepts
“Completing Learning setup in a clustered environment” on page 301
Completing Workplace Designer setup in a clustered
environment
Finish setting up IBM Lotus Workplace Designer by configuring its database as
described in the topics that follow.
Note: Perform these tasks only on Node 1.
Related concepts
“Configuring Workplace Designer databases” on page 310
“Accessing databases with JDBC data sources” on page 314
Granting portlet access to users
Before users can see and use the Workplace Designer portlet on the server, you
must grant them access. To do this, take the following steps:
1. Log in to the Workplace server as the Portal administrator (wpsadmin).
2. Click Administration.
3. Click Access.
4. Click Resource Permissions from the list on the left.
5. In the Resource Types list, click Portlets.
6. Search for the deployed application by typing the title of the application and
clicking Search.
Chapter 7 Completing setup of Workplace Collaboration Services
309
7. Find the portlet in the list and click the key icon in the Assign Access column.
8. In the Roles column, find Users. In the Users row, click the pencil icon in the
Edit Role column.
9. Click Add.
10. Select the check box for all authenticated portal users.
11. Click Done.
Configuring Workplace Designer databases
IBM Lotus Workplace Designer connects to a IBM Cloudscape database by default.
Other database options include DB2, DB2 iSeries, Oracle, and Microsoft SQL
Server. Regardless of your database type, you must create a database or schema
(depending on your database type) to use exclusively with Workplace Designer
before Workplace Designer developers can successfully deploy components.
Developers must provide the details of this existing database or schema when they
create their Workplace Designer deployment profiles. For details about how
deployment profiles, see the online help provided with Workplace Designer.
Workplace Designer is designed to allow you to connect to your data source using
direct Java Database Connectivity (JDBC) connections or a Java Naming and
Directory Interface (JNDI) key. Using a JNDI key is typical for J2EE deployment
because it allows the application to take advantage of server-side connection
pooling and configuration via the server’s Administrative Console. It also makes
your component more portable by allowing you to deploy to any server that is
configured in the database server’s data source properties.
Workplace Designer supports the DB2 app driver by default. If you want to use
the DB2 net driver instead, developers will need to specify additional information
when configuring their Workplace Designer deployment profiles. See “Configuring
the Workplace Designer deployment profile to use the DB2 net driver” on page 312
for more information.
Related tasks
“Configuring Workplace Designer to use the DB2 app driver”
“Configuring Workplace Designer to use the DB2 net driver” on page 311
Configuring Workplace Designer to use with DB2 for iSeries
“Configuring Workplace Designer to use Oracle” on page 313
“Configuring Workplace Designer to use SQL Server” on page 314
Configuring Workplace Designer to use the DB2 app driver:
IBM Lotus Workplace Designer supports the DB2 Universal Database type 2
(″app″) JDBC driver by default. For information about using the DB2 net driver,
see “Configuring Workplace Designer to use the DB2 net driver” on page 311.
To configure Workplace Designer for the DB2 app driver, take the following steps.
Note that steps 1-6 should be performed by the client user and steps 7-10 by the
administrator.
1. Go to the DB2 site at http://www-306.ibm.com/software/data/db2/udb/
support.
2. Locate and install the runtime client for DB2 Version 8. Alternatively you can
install the entire product.
3. On the DB2 server, set up an alias for the remote database you are going to
access. See the DB2 documentation.
310
Clustered-server Deployment Guide
4. On the client machine:
a. Type db2cmd to get the DB2 command prompt.
b. Type db2 to enter the DB2 command interpreter.
c. Type the following commands:
catalog tcpip node node_name remote server_name 50000
catalog database alias at node node_name
The node name must be no more than 8 characters. It is a local pointer to
the database server. The server name must include the domain name and
be correct for the database server. By default (server install), the server
listens on port 50000 (500001 on Linux).
To check the install, open a DB2 command window and type:
connect to alias user db2_admin_name using db2_admin_password
To see what is cataloged, open a command window and type:
list database directory
5. Locate the JDBC driver db2java.zip. Alternatively you can get this file from
your DB2 server. For Windows, this file is located in sqllib\java. In Linux, this
file is located in the /java directory, for example, /home/db2admin/sqllib/
java. No matter how you get it, the Workplace Designer file must be identical
to the server file.
6. Download or copy the driver file to applications\
com.ibm.workplace.designer.corelibs.feature\eclipse\ plugins\
com.ibm.workplace.designer.corelibs_1.0.0.00x\jdbc under your Workplace
Designer install.
7. Log in to the IBM WebSphere Application Server Administrative Console.
8. Go to Servers → Application Servers → WebSphere_Portal → Process
Definition → Java Virtual Machine.
In CLASSPATH properties, add an entry for db2jcc.jar under your
Workplace Designer install, for example, D:\IBM\SQLLIB\java\db2jcc.jar in
Windows or /home/db2admin/sqllib/java/db2jcc.jar in Linux. This is the
same directory that contains db2java.zip.
10. Click Apply, save your changes, and restart the WebSphere Application Server
Administrative Console.
9.
For information about database values that developers should type in Workplace
Designer deployment profile, see the IBM Workplace Designer → Data →
Databases section in the Workplace Designer online help
Configuring Workplace Designer to use the DB2 net driver:
Note: IBM Lotus Workplace Designer supports the DB2 Universal Database type 2
(″app″) JDBC driver by default. For more information, see “Configuring
Workplace Designer to use the DB2 app driver” on page 310.
Workplace Designer supports theDB2 Universal Database type 4 (″net″) JDBC
driver also. Note that support for DB2 net requires additional information in the
Workplace Designer deployment profile that is not mentioned in the online help.
See “Configuring the Workplace Designer deployment profile to use the DB2 net
driver” on page 312 for more information.
To configure Workplace Designer for the DB2 net driver, take the following steps.
Note that steps 1-3 should be performed by the client user and steps 4-8 by the
administrator.
Chapter 7 Completing setup of Workplace Collaboration Services
311
1. Go to the DB2 site at http://www-306.ibm.com/software/data/db2/udb/
support.
2. Locate the JDBC driver db2java.zip. Alternatively you can get this file from
your DB2 server. For Windows, this file is located in sqllib\java. In Linux, this
file is located in the /java directory, for example, /home/db2admin/sqllib/
java. No matter how you get it, the Workplace Designer file must be identical
to the server file.
3. Download or copy the driver file to applications\
com.ibm.workplace.designer.corelibs.feature\eclipse\ plugins\
com.ibm.workplace.designer.corelibs_1.0.0.00x\jdbc under your Workplace
Designer install.
4. Log in to the IBM WebSphere Application Server Administrative Console.
5. Go to Servers → Application Servers → WebSphere_Portal → Process Definition
→ Java Virtual Machine.
6. In CLASSPATH properties, add an entry for db2jcc.jar under your Workplace
Designer install, for example, D:\IBM\SQLLIB\java\db2jcc.jar in Windows or
/home/db2admin/sqllib/java/db2jcc.jar in Linux. This is the same directory
that contains db2java.zip.
7. Restart the WebSphere Application Server Administrative Console.
8. Ensure that the JDBC Applet Server service is running on the DB2 server. The
db2jstrt command starts this service. By default, this service listens on port
6789.
For information about database values that developers should type in Workplace
Designer deployment profile, see the IBM Workplace Designer → Data →
Databases section in the Workplace Designer online help.
Configuring the Workplace Designer deployment profile to use the DB2 net driver:
Note: By default, IBM Lotus Workplace Designer uses the DB2 app driver.
In order to use the DB2 net driver, Workplace Designer developers need to take
additional steps while setting up the Workplace Designer deployment profile to
ensure a successful deployment. Note that these steps are not listed in the
Workplace Designer online help, so you may need to send them this information.
To configure the Workplace Designer deployment profile to use the DB2 net driver,
take the following steps in the deployment profile dialog box:
1. In the Database tab, select the User-defined JDBC URL check box.
2. In the URL field, type the JDBC URL in this format: jdbc:db2j://host:port/
database, where host is the host address of the database server, port is the port
number of the database server, and database is the name of the database, for
example, jdbc:db2://myhost.notesdev.ibm.com:6789/mydb.
3. In the Driver class field, type COM.ibm.db2.jdbc.net.DB2Driver.
Related tasks
“Configuring Workplace Designer to use the DB2 app driver” on page 310
“Configuring Workplace Designer to use the DB2 net driver” on page 311
Configuring Workplace Designer to use with DB2 for iSeries:
This topic provides steps for configuring Workplace Designer to use with DB2 for
iSeries in a clustered environment. These steps supplement the information in the
312
Clustered-server Deployment Guide
IBM Workplace Designer → Data → Databases and IBM Workplace Designer →
Components → Deploying components sections in the Workplace Designer online
help.
Take the following steps:
1. Tell the Workplace Designer developer to type the following information in the
Database tab of the deployment profile:
a. In the Type field, select DB2 iSeries.
b. Be sure that the name you type in the User name field is the same as the
owner of the DB2 iSeries tables. Also, be sure that the database user has all
permissions.
c. Leave the Driver class field blank. It will default to
com.ibm.as400.access.AS400JDBCDriver.
d. In the URL field, type the URL of the form in this format:
jdbc:as400://host/schema, where host is the name of the host and schema is
the name of your schema.
2. Locate the JDBC driver file called jt400.jar located in the
/qibm/proddata/http/public/jt400/lib directory and copy it to the following
directory:
workspace_directory\applications\com.ibm.workplace.designer.corelibs.
feature\eclipse\plugins\com.ibm.workplace.designer.corelibs_1.0.0.005\jdbc
where workspace_directory is the Workplace Designer workspace directory. You
may need to restart the IBM Workplace Managed Client to allow it to find the
JAR file.
Note: The workspace directory is where your user information is stored, for
example your user credentials. The default location for Windows is
C:\Documents and Settings\user_name\IBM\RCP\number\user-name,
where user-name is your Windows user name and number is a unique
number for your version of Workplace Designer.
3. Create a schema on the database system using the STRSQL command and the
CREATE SCHEMA schema-name SQL statement, where schema-name is the name
of the schema. This is the schema that will be used with Workplace Designer.
Note: If you use CRTLIB to create the schema instead of STRSQL, you may get
the following error message: java.sql.SQLException: [SQL7008]
table_name in database_name not valid for operation.. You can
resolve this by enabling journaling for your library and the tables
contained in it.
4. Update the authentication of the database tables using the following
command:CHGAUT OBJ(’/qsys.lib/<schema_name>.lib/*’)
USER(<db_user_name>) DTAAUT(*RWX) OBJAUT(*ALL), where <schema_name> is the
name of the schema and <db_user_name> is the database user name.
5. Issue the following command to grant public access to the root directory of any
shared subdirectories you created for the server applications: chmod -R 777
<cluster_shared_directory_root>/designer, where
<cluster_shared_directory_root> is the name of the root directory.
For more information about iSeries servers, see the IBM eServer™ iSeries
Information Center at http://publib.boulder.ibm.com/iseries/.
Configuring Workplace Designer to use Oracle:
Chapter 7 Completing setup of Workplace Collaboration Services
313
IBM Lotus Workplace Designer supports the Oracle type 4 (pure Java) JDBC driver.
Be sure to meet the following prerequisites:
Prerequisite
Value
Oracle version
Oracle 9i version 9.2.0.4
Java runtime
Sun JRE 1.4
To configure Workplace Designer for Oracle, take the following steps:
1. Go to the Oracle JDBC site at http://www.oracle.com/technology/software/
tech/java/sqlj_jdbc.
2. Locate the JDBC driver ojdbc14.jar.
3. Download it to applications\com.ibm.workplace.designer.corelibs.feature\
eclipse\ plugins\com.ibm.workplace.designer.corelibs_1.0.0.005\jdbc under
your Workplace Designer install.
For information about database values that developers should type in Workplace
Designer deployment profile, see the IBM Workplace Designer → Data →
Databases section in the Workplace Designer online help
Configuring Workplace Designer to use SQL Server:
IBM Lotus Workplace Designer supports the Microsoft SQL Server type 4 (pure
Java) JDBC driver.
To configure Workplace Designer for SQL Server, take the following steps:
1. Go to the Microsoft download site at http://www.microsoft.com/downloads
and find the SQL Server 2000 Driver for JDBC Service Pack 3.
2. Acquire the JDBC driver files msutil.jar, msbase.jar, and mssqlserver.jar. Do
this by following the installation instructions on the Web site.
3. Copy these files to the following folder:
C:\Documents and Settings\<YOURLOGINNAME>\IBM\RCP\<NUMBER>\<YOURLOGINNAME>\
applications\com.ibm.workplace.designer.corelibs.feature\eclipse\plugins\
com.ibm.workplace.designer.corelibs_1.0.0.005\jdbc
For information about database values that developers should type in Workplace
Designer deployment profile, see the IBM Workplace Designer → Data →
Databases section in the Workplace Designer online help.
Accessing databases with JDBC data sources
IBM Lotus Workplace Designer components can access the database using either
direct Java Database Connectivity (JDBC) connections or JDBC data sources. Using
JDBC connections is the default. You can switch to using data sources to make use
of IBM WebSphere Application Server and IBM WebSphere Portal server
connection pools and manage these resources using the WebSphere Application
Server Administrative Console.
For a component to use a JDBC data source, you must do the following:
v Create the data source on the IBM Workplace Collaboration Services or IBM
WebSphere Portal for Multiplatforms server.
v Specify the data source URL and Java Naming and Directory Services (JNDI) key
in the component’s deployment profile.
314
Clustered-server Deployment Guide
For information about specifying the URL and JNDI key in the deployment profile,
see the IBM Workplace Designer → Components → Deploying components →
Creating and editing deployment profiles topic in the Workplace Designer online
help
Related tasks
“Creating data sources”
Creating data sources:
You create data sources on the Workplace software server using the IBM
WebSphere Application Server Administrative Console. You must have
administrator access to the WebSphere Application Server Administrative Console
on the Workplace software server.
To create data sources, do the following:
1. Open a browser and navigate to http://fully_qualified_hostname:9091/admin.
2. Log in to the WebSphere Application Server Administrative Console as an
administrator.
3. Click Resources → JDBC Providers.
4. In the list of JDBC providers, click lwp25JDBC. You can create your own
JDBC provider.
5. Scroll down and below Additional Properties, click Data Sources.
6. Click New.
7. Specify the following data source properties:
v Name - Type a data source name, for example ″designer.″
v JNDI name - Type a JNDI name, for example ″jdbc/designer.″ (The
convention is jdbc/name.)
v Datasource Helper Classname - Type
″com.ibm.websphere.rsadapter.CloudscapeNetworkServerDataStoreHelper″
(no quotes).
v Component-managed Authentication Alias - Select <hostname>/
LWPComm.
v Mapping-Configuration Alias - Select DefaultPrincipalMapping.
8. Click OK, and then save the data source.
9. Navigate to the data source you just created by clicking JDBC Providers →
lwp25jdbc → Data Sources → name_of_data_source.
10. Scroll down and click Custom Properties.
11. Click the following custom properties and specify values:
v databaseName - Type a database name. The name can be anything.
v serverName - Type ″localhost″, or the fully-qualified name of your database
server.
v portNumber - 1527
12. Click Save.
Chapter 7 Completing setup of Workplace Collaboration Services
315
316
Clustered-server Deployment Guide
Chapter 8 IBM Workplace Managed Client Installation and
Configuration
This chapter provides information about installing the IBM Workplace Managed
Client provisioning server and downloading the Workplace Managed Client to user
workstations.
Phase 8: IBM Workplace Managed Client installation and configuration
The IBM Workplace Managed Client is a desktop environment that lets users work
with IBM Workplace Messaging, IBM Workplace Documents, and other
applications such as Lotus Notes. Users install the Workplace Managed Client on
their desktops after the administrator has performed several preliminary tasks. The
administrator creates a provisioning server by installing provisioning components
on the IBM Workplace software server or IBM WebSphere Portal server. The
administrator then performs such tasks as configuring user policy using the IBM
WebSphere Administrative Console. Users should be instructed to download and
install the rich client only after all system administration tasks have been
performed.
The Workplace Managed Client user environment is primarily controlled by user
policy (set by the administrator) and user preferences (set by the user). User policy
determines which applications the user can access and use. The administrator also
configures security-related settings for the user.
In a server-based installation, a provisioning server provides the user with only
those capabilities he has been granted access to through user policy. If any
capabilities have been added or changed on the provisioning server since his last
Workplace Managed Client session, he will be notified. User policy settings are
held in an RCPML file that is accessed each time a user starts the Workplace
Managed Client. The relationship between the WebSphere Administrative Console
policy and security settings, the user’s RCPML file, and the provisioning server is
closely linked to ensure that the user always has access to the correct Workplace
Managed Client capabilities.
Related tasks
“IBM Workplace Managed Client installation and configuration checklist for a
clustered environment”
“Installing and configuring the provisioning server in a clustered environment”
on page 320
“Installing the Workplace Managed Client from a server” on page 358
“Installing the Workplace Managed Client framework and productivity tools
from CD-ROM” on page 361
IBM Workplace Managed Client installation and configuration
checklist for a clustered environment
This topic lists in sequence the tasks administrators must perform before users can
install the IBM Workplace Managed Client on their desktops. It also includes the
tasks users must perform to install the Workplace Managed Client.
© Copyright IBM Corp. 2002, 2006
317
Note: If you want to create an installation CD from which your users can install a
subset of Workplace Managed Client features, such as the IBM productivity
tools, see “Creating an IBM productivity tools installation CD or site” on
page 354.
The administrator performs the following steps to set users up to install the
Workplace Managed Client.
1. Review the preinstallation checklist.
2. Prepare the environment for a clustered-server installation.
3. Install and configure the Workplace software server.
4. Prepare and install an external HTTP server in a clustered environment.
5. If you are using a Sun ONE or Domino Web server, configure it to enable
Workplace Managed Client installation program download.
6. (Optional) Configure Secure Socket Layer (SSL) for the HTTP server to later
facilitate Workplace Managed Client synchronization and replication and
enable SSL provisioning of the Workplace Managed Client capabilities.
7. Review security and authentication access information in preparation of
subsequent steps in this checklist.
8. (IBM i5/OS only) Check that 5722JV1 Option *BASE and Option 6 are
installed on the system before installing the provisioning server. The 5722JV1
product can be found on the system CDs.
9. Ensure that you have defined the default Workplace Managed Client
provisioning server URL using the WebSphere Administrative Console.
10. Install the Workplace Managed Client provisioning server.
Note: If you are installing the provisioning server on i5/OS, see i5/OS:
Installing and configuring the provisioning server in a clustered
environment.
Note: For more information about provisioning server installation options, see
Installing the provisioning server.
11.
12.
13.
14.
15.
16.
318
Note: Workplace Managed Client provisioning is supported using the IBM
Workplace Collaboration Services server with Cloudscape and the IBM
WebSphere Member Manager. You do not need an external database
server or an LDAP directory for provisioning.
Update the wps.ear file on the Deployment Manager and on Node 1 to deploy
Workplace Managed Client user interface files for a clustered environment.
Establish the user policy setting to enable users to install the Workplace
Managed Client using the IBM WebSphere Administrative Console. To ensure
that the user can install Workplace Managed Client, click IBM Workplace
software → Users → Manage User Policies → Default (or specific user policy
name). Scroll down to Allowed clients and check Rich client. Without this
setting, the user cannot install the Workplace Managed Client.
Create a site certificates file. This provides the credential store with a trusted
certificates file and suppresses the security warning dialog from the
Workplace Managed Client installation.
Adjust existing system settings to enhance Workplace Managed Client
performance.
Set Workplace Managed Client installation program defaults.
Establish security settings of your choice for the client certificate store using
the WebSphere Administrative Console.
Clustered-server Deployment Guide
17. Establish user policy settings to enable user access to specific Workplace
Managed Client capabilities using the WebSphere Administrative Console.
a. Establish user policy settings for General access.
b. Establish user policy settings for Credentials access.
c. Establish user policy settings for Security access.
Note: As stated in the IBM Workplace software → Users → Manage User
Policies help for the WebSphere Administrative Console option
Allow Notes application plug-in, IBM Notes 7 and IBM Domino 7
are required for Notes applications to operate in the Workplace
Managed Client. See the IBM Lotus Domino 7 Administration
technical documentation at http://www.lotus.com/doc for details.
18. Configure the password recovery tool for the credential store. You should
create a credential store keystore certificate now for use in the event that a
user forgets or loses his password.
19. (Optional) Configure the provisioning server for secure installation and
update with SSL.
20. Ensure that the client desktops meet the prerequisites of operating system
version, capacity, and so on.
21. (Optional) Configure operating system single sign-on for the user.
22. Provide Workplace Managed Client users with user name, password, and the
Web address of the provisioning server.
23. The user logs in to Workplace Collaboration Services, opens the My Work
welcome page, and downloads and installs Workplace Managed Client
software to the desktop. Alternatively, the user can install Workplace Managed
Client from a CD.
24. The user logs in to the Workplace Managed Client and begins work. She can
configure the desktop using preferences as described in the online help
available in the client. She can also modify the search bar graphic to
customize it for her organization.
25. The administrator updates the provisioning server with new Workplace
Managed Client capabilities as they become available.
If needed later, the user uninstalls the Workplace Managed Client from her
desktop.
If needed later, the administrator uninstalls the provisioning server.
Related concepts
“Phase 8: IBM Workplace Managed Client installation and configuration” on
page 317
“Phase 6: Connecting to an external HTTP server” on page 287
“AIX, Linux, Solaris, and Windows: Requirements” on page 5
“i5/OS: Requirements” on page 13
Related tasks
“AIX, Linux, and Solaris: Sequence of operations for a clustered-server
deployment” on page 44
“Windows: Sequence of operations for a clustered-server deployment” on page
52
“i5/OS: Sequence of operations for a clustered-server deployment” on page 58
“Connecting services on the provisioning server in a clustered environment” on
page 297
Chapter 8 IBM Workplace Managed Client Installation and Configuration
319
“Updating Workplace Managed Client user interface files on Node 1” on page
395
“Setting Workplace Managed Client installation program defaults” on page 351
“Installing the provisioning server using the console interface for Windows” on
page 331
Installing the provisioning server
There are several ways to install the IBM Workplace Managed Client provisioning
server. They are listed, and instructions are linked to, below:
Read the Workplace Managed Client installation and configuration checklist before
installing the provisioning server.
v “Installing and configuring the provisioning server in a clustered environment”
Note: For a clustered environment, the Workplace Managed Client provisioning
server must only be installed on Node 1; do not install the provisioning
server on the second or subsequent nodes. The installation on Node 1
must take place before you federate the node or the installation will fail.
v
v “Installing the provisioning server from CD-ROM” on page 328
v “Installing the provisioning server from an e-image” on page 330
v Installing the provisioning server silently
v “i5/OS: Installing and configuring the provisioning server in a clustered
environment” on page 325
Note: For a clustered environment, the Workplace Managed Client provisioning
server must be installed on Node 1 only; do not install the provisioning
server on the second or subsequent nodes. The installation on Node 1
must take place before you federate the node or the installation will fail.
v
Related tasks
“IBM Workplace Managed Client installation and configuration checklist for a
clustered environment” on page 317
“Installing the provisioning server on an HTTP server with a non-default
document root” on page 339
“Updating the provisioning server on an HTTP server with a non-default
document root” on page 339
“Specifying a new Workplace Managed Client provisioning server Web
address” on page 340
Installing and configuring the provisioning server in a clustered
environment
These instructions are for a clustered environment.
If you are installing on an i5/OS system, see “i5/OS: Installing and configuring the
provisioning server in a clustered environment” on page 325.
Before users can install the IBM Workplace Managed Client the administrator must
install the Workplace Managed Client provisioning server. Workplace Managed
Client capabilities are provided to the user from this provisioning server when she
320
Clustered-server Deployment Guide
installs Workplace Managed Client on her desktop. The client checks the
provisioning server for updates when the user starts Workplace Managed Client
and on a scheduled interval. When updates are available, the user is notified or
they are installed automatically, depending on preference.
Read the Workplace Managed Client installation and configuration checklist before
continuing.
Note: For a clustered environment, the Workplace Managed Client provisioning
server must only be installed on Node 1 only; do not install the provisioning
server on the second or subsequent nodes. The installation on Node 1 must
take place before you federate the node or the installation will fail.
Read Updating the WebSphere Portal EAR file in a clustered environment, and the
platform-specific sequence of events specific to the platform you are installing on,
below before continuing.
v AIX, Linux, and Solaris sequence of operations for a clustered environment
v Windows sequence of operations for a clustered environment
v i5/OS sequence of operations for a clustered environment
If you are installing the provisioning server on a UNIX system, read Provisioning
server installation tips for UNIX.
When running this installation program, you must be logged in as a system
administrator for Microsoft Windows or root for UNIX and i5/OS.
To install and configure the provisioning server, complete the following steps:
1. Ensure that the IBM HTTP server, Cloudscape server, or IBM DB2 server, and
the IBM WebSphere Portal Server that you will be using for this procedure are
installed and running on the IBM Workplace Collaboration Services server.
Note: An external HTTP server configuration doesn’t require a local HTTP
server be installed but it does require additional steps to install and link
the content on the HTTP server.
2. If you already have a provisioning server installed, uninstall it before
continuing.
Note: If you are not sure if there is a provisioning server already installed, for
Windows, click Add/Remove programs and look for ″IBM Workplace
rich client provisioning components″ or, for UNIX, look for installed
package names starting with IBM_LWP_S_MC.
3. On the Workplace Collaboration Services server, start the platform-specific
Workplace Managed Client provisioning setup program. The installation
startup files, listed below, are on the first CD-ROM.
v For Windows, use setupWin32.exe.
v For Linux, use setupLinux.bin.
v For AIX, use setupAix.bin.
v For Solaris, use setupSolaris.bin.
4. When prompted, specify the language in which to display the screen text and
click OK. This affects the language for the installation program and does not
affect which languages will be installed. All languages are made available to
users regardless of your selection here.
5. Read the Welcome screen and click Next.
Chapter 8 IBM Workplace Managed Client Installation and Configuration
321
6. Read the license agreement screen, accept the terms, and click Next.
7. Specify a directory in which to install the provisioning server and click Next.
8. Because you are installing to a clustered environment, select the Custom
installation option.
Note: If you are using a remote HTTP server, do not install the HTTP content
on the Workplace Collaboration Services server. Instead, deselect the
HTTP content boxes, and then run the provisioning server installation
program again on the remote HTTP server, selecting only the HTTP
feature options.
Note: If you are installing the provisioning server in a clustered environment,
and using an external HTTP server, run the provisioning server
installation program on the external HTTP server, selecting only the
Update bundles, Installation files, and CD script to create installation
disks options and complete the installation. If there is more than one
HTTP server, perform this same procedure for all of the HTTP servers
in that cluster. Then, on Node 1, rerun the provisioning server
installation program. This time, deselect the Update bundles,
Installation files, and CD script to create installation disks options
and complete the installation. If you have more than one node in the
cluster then repeat this procedure for all nodes in that cluster.
9. Select the features you want to install and click Next to continue. The Custom
features are listed below:
v Update bundles (install on HTTP server)
v WebSphere Portal content (install on WebSphere Portal Server)
v IBM WebSphere Everyplace Device Manager (WEDM) extensions (install in
selected root)
v IBM Workplace Collaboration Services contents
v Installation files (install on HTTP server)
v CD script to create installation disks (installed on HTTP server)
Note: For a clustered environment, uncheck Update bundles (install on
HTTP server) , Installation files (installed on HTTP server), and CD
script to create installation disks (installed on HTTP server) if your
HTTP server is located on a different server. If the HTTP server is on
the same system as the Workplace Collaboration Services, all of these
should options be checked.
10. Ensure that the IBM WebSphere Portal Server is running and able to install
setup scripts. Then specify the following WebSphere Portal Server information
and click Next to continue.
v Portal server directory -- Specify the directory in which the WebSphere
Portal Server is installed. A typical setting is WebSphere_Portal.
v Portal Server configuration URL -- Accept the default address or specify a
different URL, such as http://lwpsvrabx.pic.ibm.com:9081/lwp/config.
v Portal administrator User ID -- Enter your user ID.
v Portal administrator password (with password confirmation) -- Enter and
confirm your password. This password is not saved to a local registry.
11. On this screen, continue to specify information for the WebSphere Portal
Server selected in the previous screen. Specify the following WebSphere
Application Server information and then click Next to continue.
322
Clustered-server Deployment Guide
v WebSphere Application Server (WAS) application server (AppServer)
directory -- Specify an AppServer directory or accept the default.
v WAS server name -- Specify the WebSphere Application Server name, such
as WebSphere_Portal.
v WAS cell name, located in the installedApps directory for wps.ear -- Specify
the cell name. To determine the cell name check app_server_root/config/cells.
This can be found by navigating to the WebSphere installed applications
directory, searching for the wps.ear associated with the WebSphere Portal
instance you are installing to, and providing its parent directory name.
Note: Use a wps.ear file that has been updated to contain the needed
themes, screens, skins, and images as specified in the topic entitled
″Updating the WebSphere Portal EAR file in a clustered
environment″.
v WAS server bootstrap address -- Accept the default bootstrap address or
specify a different value.
v WAS server SOAP connector port -- Accept the default SOAP connector port
or specify a different value.
Note: The BOOTSTRAP_ADDRESS and SOAP values are typically set in the
WebSphere Application Server Administrative Console and also found
in the serverindex.xml file.
Note: The Server name specified in the user’s login screen (and on the
Connectivity screens available to users) is used to supply Workplace
Managed Client updates to the user’s desktop. It is also used to
synchronize client libraries and other data on the client with data on the
server. Specifying a different server name may result in lost libraries
and malfunctions with mail, calendar, and address book features.
Changing the server value is only supported if the server is known to
be in a clustered environment sharing the same data store. The Port
value corresponds to the setting on the WebSphere Portal Server to
which the client is connecting. To reduce the risk of entering an
erroneous port number, use the WebSphere Administrative Console to
retrieve these values. The default Host (Server name) and Port is
specified by the administrator in the WebSphere Administrative Console
using Servers → Application Servers → server name → End Points →
BOOTSTRAP_ADDRESS.
12. Specify the HTTP server document root, installed on this server, to use for
provisioning Workplace Managed Client updates to the desktop. A sample
path might be http_server_root/htdocs/en_US.
The HTTP server document root is the directory location that maps to ″/″ on
the HTTP site that the server provides. The directory that the HTTP server
uses is part of the HTTP server’s configuration. For the IBM HTTP server, the
default relative path is htdocs/en_US.
For i5/OS, select the HTTP server associated with the Workplace
Collaboration Services server.
Note: If you are using a remote HTTP server (not on the same machine as the
Workplace Collaboration Services server), do not install the HTTP
content on the Workplace Collaboration Services server. Instead,
uncheck the HTTP content boxes when installing to Workplace
Collaboration Services server, run the provisioning server installation
program again on the remote server, and select only HTTP content.
Chapter 8 IBM Workplace Managed Client Installation and Configuration
323
13. Click Next to continue.
14. Read the summary screen and then click Next to install the provisioning
server uninstall program and regenerate the HTTP server’s plug-in
configuration file.
15. If prompted, insert the second CD and click OK to continue.
Note: On UNIX platforms, it may be necessary to unmount CD 1 before
ejecting and then remount CD 2 after inserting.
16. Read the on-screen instructions about restarting the WebSphere Portal Server,
restart it now, and click Next to continue.
17. Read the on-screen instructions regarding the location of installation logs and
record log location. Click Finish to complete the provisioning server
installation. The provisioning directory will contain several .txt files and the
_jvm, _uninst, license, and log subdirectories.
18. Click Finish.
Note: If the installation program reports deployment errors, read through the
log files and determine possible causes and consequences for the errors.
Check the masterInstallLog.txt and masterInstallWizardLog.txt files if
there are errors.
Note: .Before users can install the Workplace Managed Client, you must
establish appropriate user policy settings. The Workplace Managed
Client download and install option is only available to the user, in the
Downloads area of the My Work page, if you enabled the option in the
Allowed client field for that user policy.
Note: For UNIX and Linux administrators, the default permissions on the
following two directories (and all subdirectories) must allow a
minimum of read access for group and others. For example, use chmod
-r 644 directoryname for these directories. This will enable the user to
download the Workplace Managed Client installation programs from
the provisioning server:
v /opt/IBMIHS/htdocs/en_US/lwpupdate
v /opt/IBMIHS/htdocs/en_US/lwpinstall
19. If you are using an external HTTP server complete the external HTTP
checklist now.
Related concepts
“Phase 6: Connecting to an external HTTP server” on page 287
“Configuring for optimal Workplace Managed Client performance” on page 340
Related tasks
“Synchronizing data through the HTTP server” on page 344
“IBM Workplace Managed Client installation and configuration checklist for a
clustered environment” on page 317
“Installing the provisioning server using the console interface for Windows” on
page 331
“Updating Workplace Managed Client user interface files on Node 1” on page
395
“Upgrading the Workplace Managed Client from one release to another” on
page 378
324
Clustered-server Deployment Guide
“Configuring the provisioning server to use the WebSphere Everyplace Device
Manager” on page 386
“Updating the Workplace Managed Client using WebSphere Everyplace Device
Manager” on page 384
“Uninstalling the Workplace Managed Client provisioning server” on page 390
“Connecting services on the provisioning server in a clustered environment” on
page 297
“Updating Workplace Managed Client configuration files for a clustered
environment” on page 442
“Updating the provisioning server on an HTTP server with a non-default
document root” on page 339
“Installing the provisioning server on an HTTP server with a non-default
document root” on page 339
i5/OS: Installing and configuring the provisioning server in a
clustered environment
Before users can install the IBM Workplace Managed Client the administrator must
install the Workplace Managed Client provisioning server. The client checks the
provisioning server for updates when the user starts Workplace Managed Client
and on a scheduled interval. When updates are available, the user is notified or
they are installed automatically, depending on preference.
These instructions describe installation of the provisioning server using the
graphical installation program from a remote workstation connected to your
system. You can also install the provisioning server locally in console mode. To
start an installation in console mode, start a QShell session (STRQSH) on your
system, change to the directory containing the provisioning server install files, and
enter setupi5OS.sh. The console screens contain the same general content as the
graphical screens described below.
Before continuing, read the following topics:
v Workplace Managed Client installation and configuration checklist
v Updating the WebSphere Portal EAR file in a clustered environment
v i5/OS: Sequence of operations for a clustered environment
Note: For a clustered environment, the Workplace Managed Client provisioning
server must be installed on Node 1 only; do not install the provisioning
server on the second or subsequent nodes. The installation on Node 1 must
take place before you federate the node or the installation will fail.
To install and configure the provisioning server in a clustered environment on
i5/OS, complete the following steps:
1. If you already have a provisioning server installed, uninstall it before
continuing.
2. If you have not already done so, regenerate the Web server plug-in:
a. Start the WebSphere Administrative Console.
b. Click Environment > Update Web Server Plugin.
c. Click OK.
3. Insert disk 1 in the CD-ROM drive of a workstation connected to your server.
4. Open Windows Explorer and navigate to the CD-ROM drive.
Chapter 8 IBM Workplace Managed Client Installation and Configuration
325
5. Navigate to the WmcSCI1 directory and start the graphical installation
program by double-clicking the setupi5OS.bat file.
6. Sign on to your system by entering your System name, User ID, and
Password. Click OK.
7. Select the language to be used by the graphical installation program and click
OK.
8. Read the Welcome panel and click Next.
9. Accept the license agreement terms and click Next.
10. Review the information on where the provisioning server product files will be
installed. When you are ready to start installation, click Next.
11. During installation, you will be prompted to insert disk 2. Insert disk 2 into
the CD-ROM drive of the workstation and click Next.
Note: You must enter the absolute path of the directory containing the
contents of disk 2 (example: /opt/downloads/WmcSCI2). Do NOT
enter a relative path to this directory (example: ../WmcSCI2), as it may
cause the installation to fail.
12. When installation completes, a summary screen is displayed. Review the
summary information and click Next to continue with configuration of the
provisioning server, or Cancel to exit the installation program.
13. Read the Configuration Welcome panel and click Next.
14. Select the Custom installation option.
Note: If you are using a remote HTTP server, do not install the HTTP content
on the Workplace Collaboration Services server. Instead, deselect the
HTTP content boxes when installing to the Workplace Collaboration
Services server, and then run the provisioning server installation
program again on the remote server, selecting only the HTTP feature
options.
Note: On the system containing your external HTTP server, run the
provisioning server installation program and select only the Update
bundles and Installation files options. If there is more than one HTTP
server, perform this same procedure for all of the HTTP servers in that
cluster. Then, on Node 1, rerun the provisioning server installation
program. This time, deselect the Update bundles and Installation files
options and complete the installation. If you have more than one node
in the cluster then repeat this procedure for all nodes in that cluster.
15. Select the features you want to install and click Next. The Custom features are
listed below:
v Update bundles (install on HTTP server)
v WebSphere Portal content (install on WebSphere Portal Server)
v IBM WebSphere Everyplace Device Manager (WEDM) extensions (install in
selected root)
v IBM Workplace Collaboration Services contents
v Installation files (install on HTTP server)
Note: Uncheck Update bundles (install on HTTP server) and Installation
files (installed on HTTP server) if your HTTP server is not located on
the Workplace Collaboration Services server. If the HTTP server is on
the same system as the Workplace Collaboration Services server, all
options should be checked.
326
Clustered-server Deployment Guide
16. Ensure that the IBM WebSphere Portal Server is running and able to install
setup scripts. Then select your WebSphere Portal instance and enter your
WebSphere Portal administrator user ID and password. Click Next to
continue.
v Select an instance name -- Specify the instance on which you wish to
configure the provisioning server. If unsure of the instance, use the default
value of WebSphere_Portal.
v User ID -- Enter your WebSphere Portal administrator user ID.
v Password (with password confirmation) -- Enter and confirm your
WebSphere Portal administrator password. This password is not saved to a
local registry.
17. On this screen, continue to specify information for the Workplace
Collaboration Services server instance specified in the previous screen. Specify
the following IBM WebSphere Application Server information and then click
Next.
v Managed Client Server URL -- Enter your_system:/lwp/config
v WAS server name -- Specify the WebSphere Application Server name, such
as WebSphere_Portal.
v WAS cell name, located in the installedApps directory for wps.ear -- Specify
the cell name. To determine the cell name check app_server_root/config/
cells. This can be found by navigating to the WebSphere installed
applications directory, searching for wps.ear associated with the WebSphere
Portal instance you are installing to, and providing its parent directory
name.
v WAS server BOOTSTRAP_ADDRESS -- Specify a bootstrap address or
accept the default.
v WAS server SOAP connector port -- Specify a SOAP connector port or
accept the default.
Note: The BOOTSTRAP_ADDRESS and SOAP variables and values are
typically set in the WebSphere Application Server Administrative
Console and are also found in the serverindex.xml file. A sample
Windows path to serverindex.xml is as below:
app_server_root/config/cells/aria/nodes/abx
A sample i5/OS path to serverindex.xml is as below:
/QIBM/UserData/WebAS5/base/instanceName/config/cells/cellName/
nodes/nodeName
To simplify the process of obtaining your BOOTSTRAP_ADDRESS and
SOAP_CONNECTOR_ADDRESS, use the grep command on the
serverindex.xml. Sample command syntax to find the BOOTSTRAP port
number and SOAP connector port number associated with the
WebSphere_Portal server for the i5/OS platform is shown below. Note
that the term myinstance refers to the Workplace Collaboration Services
instance specified in previous steps.
/qibm/proddata/webas5/pme/bin/dspwasinst -instance myinstance
-server WebSphere_Portal | grep ’Name service port’
/qibm/proddata/webas5/pme/bin/dspwasinst -instance myinstance
-server WebSphere_Portal | grep ’Soap port’
Chapter 8 IBM Workplace Managed Client Installation and Configuration
327
18. Select the HTTP server associated with the Workplace Collaboration Services
server and click Next.
Note: If you are using a remote HTTP server (not on the same machine as the
Workplace Collaboration Services server), do not install the HTTP
content on the Workplace Collaboration Services server. Instead,
uncheck the HTTP content boxes when installing to Workplace
Collaboration Services server, run the provisioning server installation
program again on the remote server, and select only HTTP content.
19. Read the summary screen and then click Next to configure the provisioning
server.
20. Read the on-screen instructions regarding the location of installation logs and
record log location. Click Finish to complete the provisioning server
configuration. The provisioning directory will contain several .txt files and the
_jvm, _uninst, license, and log subdirectories. If the installation program
reports deployment errors, read through the log files and determine possible
causes and consequences for the errors. Check the masterInstallLog.txt and
masterInstallWizardLog.txt files if there are errors.
Before users can install the Workplace Managed Client, you must establish
appropriate user policy settings. The Workplace Managed Client download and
install option is only available to the user, in the Downloads area of the My Work
page, if you enabled the option in the Allowed client field for that user policy.
Related concepts
“Phase 6: Connecting to an external HTTP server” on page 287
“Configuring for optimal Workplace Managed Client performance” on page 340
Related tasks
“Synchronizing data through the HTTP server” on page 344
“IBM Workplace Managed Client installation and configuration checklist for a
clustered environment” on page 317
“Updating Workplace Managed Client user interface files on Node 1” on page
395
“Upgrading the Workplace Managed Client from one release to another” on
page 378
“Uninstalling the Workplace Managed Client provisioning server” on page 390
“Connecting services on the provisioning server in a clustered environment” on
page 297
“Updating Workplace Managed Client configuration files for a clustered
environment” on page 442
“Updating the provisioning server on an HTTP server with a non-default
document root” on page 339
“Installing the provisioning server on an HTTP server with a non-default
document root” on page 339
Installing the provisioning server from CD-ROM
This topic provides a CD-based alternative method for installing the provisioning
server that will be accessed by an IBM Workplace Managed Client installation.
Provisioning server installation is dependent on other installation and
configuration procedures. Read Installing and configuring the provisioning server
before initiating the steps described on this page.
328
Clustered-server Deployment Guide
You can either install directly from the CD or download the contents of the CD to
your hard drive and run the installation program from your hard drive.
To install the provisioning sever from the CD, insert CD 1 and run the following
platform-specific installation program. Refer to Installing and configuring the
provisioning server in a clustered environment or for help in responding to
prompts.
v Windows (Example: e:) -- e:\setupWin32.exe
v Linux -- /opt/mount point/setupLinux.bin
v AIX -- /opt/mount point/setupAix.bin
v Solaris -- /opt/mount point/setupSolaris.bin
v i5/OS -- /opt/mount point/setupi5OS.sh if installing locally or e:\setupi5OS.bat
if installing remotely from Windows
Note: The installation program requires that you use both CDs. For Linux, AIX,
and Solaris run the installation program, resident on CD 1, one level higher
than the mount point. For example, if the mount point is /install, run the
installation program from /opt/install/setupLinux.bin.
To install the provisioning server by downloading from the CD and installing from
the hard drive, complete the following steps:
1. Create a downloads directory on your hard drive for both of the CDs, for
example d:\downloads\WmcSCI1 and d:\downloads\WmcSCI2 (Windows) or
/opt/downloads/WmcSCI1 and /opt/downloads/WmcSCI2 (Linux, AIX,
Solaris, and i5/OS).
2. Insert CD 1 in the CD-ROM drive.
3. Copy the contents of CD1 to the downloads directory created in step 1 on your
hard drive.
Windows:
d:\downloads\WmcSCI1
Linux, AIX, Solaris, and i5/OS:
/opt/downloads/WmcSCI1
4. Insert CD 2 in the CD-ROM drive.
5. Copy the contents of CD 2 to the downloads directory created in step 1 on
your hard drive.
Windows:
D:\downloads\WmcSCI2
Linux, AIX, Solaris, and i5/OS:
/opt/downloads/WmcSCI2
6. Run the platform-specific installation program.
v Windows -- d:\downloads\WmcSCI1\setupWin32.exe
Linux -- /opt/downloads/WmcSCI1/setupLinux.bin
AIX -- /opt/downloads/WmcSCI1/setupAix.bin
Solaris -- /opt/downloads/WmcSCI1/setupSolaris.bin
i5/OS -- /opt/downloads/WmcSCI1/setupi5OS.sh if installing locally or
d:\downloads\WmcSCI1\setupi5OS.bat if installing remotely from Windows
Related tasks
“IBM Workplace Managed Client installation and configuration checklist for a
clustered environment” on page 317
v
v
v
v
Chapter 8 IBM Workplace Managed Client Installation and Configuration
329
“Installing the provisioning server” on page 296
Installing the provisioning server from an e-image
This topic provides an e-image alternative method for installing the provisioning
server that will be used by an IBM Workplace Managed Client installation.
Provisioning server installation is dependent on other installation and
configuration procedures. Refer to Installing and configuring the provisioning
server in a clustered environment or for help in responding to prompts.
To install Workplace Client Technology from an e-image, complete the following
steps:
1. Create a downloads directory on your hard drive.
Windows:
For example:D:\downloads\wmc26
Linux, Solaris, AIX, and i5/OS:
Create the downloads directory under /opt or /tmp; for example:/opt/
downloads/wmc26 or /tmp/downloads/wmc26
2. Copy the e-image contents to the downloads directory created in step 1 using
the following platform-specific procedure.
Windows:
a. Download the C87V1IE.exe and C87V2IE.exe self-extracting images to the
downloads directory created in step 1.
b. Preserving the folder structure, extract the .exe images from the downloads
directory.
The following directory structure should now exist on your hard drive:
D:\downloads\wmc26\WmcSCI1
D:\downloads\wmc26\WmcSCI2
Linux, Solaris, AIX, and i5/OS:
a. Download the C87USIE.tar and C87UTIE.tar images to the downloads
directory created in step 1.
b. Preserving the folder structure, extract the tar images from the downloads
directory.
The following directory structure should now exist on your hard drive:
/opt/downloads/wmc26/WmcSCI1
/opt/downloads/wmc26/WmcSCI2
3. Run the platform-specific installation program.
v Windows -- D:\downloads\wmc26\WmcSCI1\setupWin32.exe
v Linux -- /opt/downloads/wmc26/WmcSCI1/setupLinux.bin
v AIX -- /optdownloads/wmc26/WmcSCI1/setupAix.bin
v Solaris -- /opt/downloads/wmc26/WmcSCI1/setupSolaris.bin
v i5/OS -- /opt/downloads/wmc26/WmcSCI1/setupi5OS.sh if installing
locally or D:\downloads\wmc26\WmcSCI1\setupi5OS.bat if installing
remotely from Windows
Related tasks
“IBM Workplace Managed Client installation and configuration checklist for a
clustered environment” on page 317
“Installing the provisioning server” on page 296
330
Clustered-server Deployment Guide
Installing the provisioning server using the console interface for
Windows
The IBM Workplace Managed Client provisioning server installation program
provides a console interface, which enables you to perform an interactive
installation from a command prompt. The console interface for Windows presents
the same content as the graphical interface, but in a textual form. Prompts at the
bottom of each screen tell you how to enter numbers to make your selections and
proceed to the next screen.
1. Copy the WmcSCI1 and WmcSCI2 directories from the installation media to
your local Windows server.
2. Navigate to your local WmcSCI1 directory.
3. Start the installation by typing the following command and then press Enter:
setupWin32.exe -console
4. Enter a number to correspond to the desired installation program language
and press Enter.
5. Read the license agreement panel and press Enter to continue.
6. Read the rest of the license agreement, press 1 to accept the terms, and press
Enter to continue.
7. Specify a directory in which to install the provisioning components and press
Enter or just press Enter to accept the default installation directory.
8. Press 1 and Enter to specify a typical installation or press 2 and Enter to
specify a custom installation. For information on Custom installation and
subsequent options, see “Installing and configuring the provisioning server in
a clustered environment” on page 320.
9. Enter the Portal server information as below and then press Enter.
a. Enter the Portal server directory or accept the default Portal server.
b. Enter the Portal server configuration URL or accept the default Portal
server. configuration URL.
c. Enter the Portal administrator user ID.
d. Enter the Portal administrator password.
e. Confirm the Portal administrator password.
10. Enter the WebSphere Application Server information as below and then press
Enter.
a. Enter the WebSphere Application Server (WAS) server name, for example
WebSphere_Portal.
b. Enter the WAS cell name, located in the installed applications directory, for
wps.ear. To determine the cell name check c:/app_server_root/config/cells.
This can be found by navigating to the WebSphere installed applications
directory and searching for wps.ear associated with the WebSphere Portal
instance you are installing to, and providing its parent directory name.
c. Enter the BOOTSTAP_ADDRESS.
d. Enter the SOAP connector port.
Note: The BOOTSTRAP_ADDRESS and SOAP values are typically set in
the WebSphere Administrative Console and also found in the
serverindex.xml file. A sample Windows path to serverindex.xml is
C:\Program Files\WebSphere\AppServer\config\cells\aria\nodes\
abx. To simplify the process of obtaining your
BOOTSTRAP_ADDRESS and SOAP_CONNECTOR_ADDRESS, use
the grep command on the serverindex.xml file.
Chapter 8 IBM Workplace Managed Client Installation and Configuration
331
11. Specify the HTTP server document root, associated with the chosen Workplace
software server, to use for provisioning client updates to the desktop. A
sample path might be C:\httpserver\htdocs\en_US. Press Enter to continue.
12. Read the summary panel and press Enter to continue.
13. When prompted to insert the second CD, enter the path to the local WmcSCI2
directory and then press Enter to continue.
14. Note the statement informing you that you must manually restart the
WebSphere Portal server and then press Enter to continue.
15. Note the statement informing you that the server components are now
available and also the location of the log files. Press 3 and Enter to complete
the installation program.
16. Review the Workplace Managed Client installation and configuration checklist.
Related tasks
“IBM Workplace Managed Client installation and configuration checklist for a
clustered environment” on page 317
Installing the Workplace Managed Client provisioning server
using a response file
The administrator can install the provisioning server from a command prompt
window using a response file, instead of using the graphical user interface. This
can be useful when installing provisioning capabilities on multiple servers using a
similar configuration.
Instructions for installation on IBM i5/OS appear at the end of this topic.
Note: Response files will contain the same properties for all platforms, but the
default values and file path formats will be different. It is best to perform
this step for every operating system on which you will use a response file to
install. The response file can’t be played back in silent mode without editing
it.
Note: There is no message from the provisioning server installation program after
you run the command line option to either create a response file or to install
the provisioning server using the earlier-generated response file. A success
indicator does not appear.
1. Create a baseline response file.
a. Open a command prompt window and run the installation program with
the command line option -options-record optional-path\optionsFile.txt. For
example, type run setupWin32.exe -options-record C:\optionsfile.txt.
b. Run through the entire installation program to the end. This will record all
of your responses, allowing you to accept the defaults provided by the
installation program where appropriate.
2. After completing the installation, edit the optionsFile.txt response file to
customize it to your needs. For example, for security reasons, you may wish to
remove the stored IBM WebSphere Portal server administrator password line
-W selectWpsServer.wpsAdminPassword=″wpsadmin″, or change the password
to a placeholder such as ″″ or ″password″ instead of the actual password.
3. Copy the contents of the two IBM Workplace Managed Client provisioning
server CD-ROMs to a temporary location on the server’s hard drive, into
directories named disk1 and disk2, respectively.
332
Clustered-server Deployment Guide
Note: Use the ″disk1″ and ″disk2″ names specifically or the installation will
fail. You can create disk1 and disk2 as subdirectories of a directory with
a more descriptive name.
4. Copy the response file, optionsFile.txt, into the disk1 directory.
5. Open a command prompt window and change to the disk1 directory.
6. Run the installation program for your platform with the command line options
-options optionsFile.txt -silent.
Note: If you removed -W selectWpsServer.wpsAdminPassword=″password″
and -W selectWpsServer.wpsAdminPasswordVerification=″password″
from the response file, or if you replaced the value with a placeholder
value, add that line as a command line option. For example, on a
Windows system where you have replaced the password with ″″, the
command is setupWin32.exe -options optionsFile.txt -silent -W
selectWpsServer.wpsAdminPassword=″TheRealPassword″.
Note: The install command starts asynchronously, meaning the command
window will be immediately available for more input after you start the
installation program. The best way to determine when installation is
complete is to watch for a decrease in server hard drive activity. You can
monitor the state of the master InstallLog.txt file in the logs directory in
the product root install location you specified.
i5/OS: Installing the Workplace Managed Client provisioning server using a
response file:
Follow these instructions to install the provisioning server on i5/OS using a
response file.
Note: Names are case-sensitive and italicized text should be replaced with
appropriate values.
1. Start the Workplace Managed Client installation program by running
setupi5OS.sh from a QShell session if installing locally, or setupi5OS.bat if
installing remotely from a Windows workstation.
2. Follow the prompts until the Workplace Managed Client provisioning server is
successfully installed. When the Workplace Managed Client provisioning server
is successfully installed, a screen titled ″IBM Workplace Managed Client server
has been successfully installed on the system″ is displayed. Click Cancel.
Note: At this point, the installation program has copied Workplace Managed
Client files to the /QIBM/ProdData/Workplace/WMC26 directory.
3. Edit the wctResponse file located in the /QIBM/ProdData/Workplace/
WMC26/WmcSCI1 directory by updating the following properties:
v -W wasInstancePanel.instanceName=″value″
v -W wasInstancePanel.wpsAdminUsername=″value″
v -W wasInstancePanel.wpsAdminPassword=″value″
v -W wasInstancePanel.wpsAdminPasswordVerification=″value″
v -W wpsPropsPanel.wpsConfigUrl=″value″
v -W wpsPropsPanel.wpsServerName=″value″
v -W wpsPropsPanel.wasCell=″value″
v -W wpsPropsPanel.wasBootstrapPort=″value″
v -W wpsPropsPanel.wasSoapConnectorPort=″value″
Chapter 8 IBM Workplace Managed Client Installation and Configuration
333
v -W httpInstancePanel.httpInstance=″value″
v -media 1=/PathToWmcSCI/WmcSCI1 2=/PathToWmcSCI/WmcSCI2
4. Run the following command from a QShell session in the directory where the
edited response file is located:
setupi5OS.sh -options wctResponse.txt
Note: To override values listed in the response file, enter them as options on
the command line. You may wish to do this to avoid storing sensitive
information such as passwords in the response file. The following is an
example of using the command with a parameter value specified on the
command line:
setupi5OS.sh -options wctResponse.txt -W wasInstancePanel.
wpsAdminPassword="mypassword"
Related tasks
“Installing the provisioning server” on page 296
Related reference
“Sample optionsFile.txt”
Sample optionsFile.txt:
The IBM Workplace Managed Client provisioning server can be installed from a
command prompt using a response file. This can be useful when you want to
install the provisioning server on multiple servers using a similar configuration.
When you use a response file to install, you use a baseline response file called
optionsFile.txt. The contents of a sample optionsFile.txt response file for use with
Microsoft Windows is shown below.
################################
# InstallShield Options File
# Wizard name: Install
# Wizard source: data.jar
# Created on: Fri Apr 10 13:23:24 EST 2005
# Created by: InstallShield Options File Generator
#
# This file contains values that were specified during a recent execution of
# Install. It can be used to configure Install with the options specified below
# when the wizard is run with the "-options" command line option. Read each
# setting’s documentation for information on how to change its value.
# A common use of an options file is to run the wizard in silent mode. This lets
# the options file author specify wizard settings without having to run the
# wizard in graphical or console mode. To use this options file for silent mode
# execution, use the following command line arguments when running the wizard:
#
#
-options "c:\optionsfile.txt" -silent
#
################################
# IBM Workplace rich client provisioning components Install Location
# The install location of the product. Specify a valid directory into which the
# product should be installed. If the directory contains spaces, enclose it in
# double-quotes. For example, to install the product to C:\Program Files\My
334
Clustered-server Deployment Guide
# Product, use
#
-P installLocation="C:\Program Files\My Product"
-P installLocation="D:\websphere\WCT"
################################
# Setup Type
# The setup type to be used when installing the product. Legal values are:
#
typical - Typical: The program will be installed with the suggested
#
#
configuration. Recommended for most users.
custom
#
- Custom: The program will be installed with the features you
choose. Recommended for advanced users.
#
# For example, to specify that the "Typical" setup type is selected, use
#
-W setupTypes.selectedSetupTypeId=typical
# You may also set the setup type to nothing by using
#
-W setupTypes.selectedSetypTypeId=
# This clears the current setup type and prevents any changes to the set of
# selected features. Use this option whenever you set feature active states in
# this options file. If you do not clear the selected setup type, the setup type
# panel will override any changes you make to feature active states using this
# file.
-W setupTypes.selectedSetupTypeId=typical
################################
# "License files (installed in selected root)" Feature
# The selection state of the "License files (installed in selected root)"
# feature. Legal values are:
#
true
- Indicates that the feature is selected for installation
#
false - Indicates that the feature is not selected for installation
# For example, to select "License files (installed in selected root)" for
# installation, use
#
-P licensefiles.active=true
-P licensefiles.active=true
################################
# "Update bundles (installed on HTTP server)" Feature
# The selection state of the "Update bundles (installed on HTTP server)"
# feature. Legal values are:
#
true
- Indicates that the feature is selected for installation
#
false - Indicates that the feature is not selected for installation
# For example, to select "Update bundles (installed on HTTP server)" for
# installation, use
#
-P updateBundlesFeature.active=true
-P updateBundlesFeature.active=true
################################
# "WebSphere Portal content (deployed to WebSphere Portal server)" Feature
# The selection state of the "WebSphere Portal content (deployed to WebSphere
# Portal server)" feature. Legal values are:
#
true
- Indicates that the feature is selected for installation
#
false - Indicates that the feature is not selected for installation
# For example, to select "WebSphere Portal content (deployed to WebSphere Portal
Chapter 8 IBM Workplace Managed Client Installation and Configuration
335
# server)" for installation, use
#
-P wpsContentFeature.active=true
-P wpsContentFeature.active=true
################################
#
Feature
# The selection state of the "WebSphere Everyplace Device Manager extensions
# (installed in selected root)" feature. Legal values are:
#
true
- Indicates that the feature is selected for installation
#
false - Indicates that the feature is not selected for installation
# For example, to select "WebSphere Everyplace Device Manager extensions
# (installed in selected root)" for installation, use
#
-P wedmExtensionsFeature.active=true
-P wedmExtensionsFeature.active=true
################################
# "IBM Workplace content" Feature
# The selection state of the "IBM Workplace content" feature. Legal values are:
#
true
#
false - Indicates that the feature is not selected for installation
- Indicates that the feature is selected for installation
# For example, to select "IBM Workplace content" for installation, use
#
-P lwpContentFeature.active=true
-P lwpContentFeature.active=true
################################
# "Installation files (installed on HTTP server)" Feature
# The selection state of the "Installation files (installed on HTTP server)"
# feature. Legal values are:
#
true
- Indicates that the feature is selected for installation
#
false - Indicates that the feature is not selected for installation
# For example, to select "Installation files (installed on HTTP server)" for
# installation, use
#
-P installationFilesFeature.active=true
-P installationFilesFeature.active=true
################################
# User Input Field - wpsDirectory
-W selectWpsServer.wpsDirectory="D:\websphere\PortalServer"
################################
# User Input Field - wpsConfigUrl
-W selectWpsServer.wpsConfigUrl="http://localhost:9081/lwp/config"
################################
# User Input Field - wpsAdminUsername
-W selectWpsServer.wpsAdminUsername="wpsadmin"
################################
# User Input Field - wpsAdminPassword
-W selectWpsServer.wpsAdminPassword="wpsadmin"
################################
# User Input Field - wpsAdminPasswordVerification
-W selectWpsServer.wpsAdminPasswordVerification="wpsadmin"
################################
# User Input Field - wasAppServerDirectory
336
Clustered-server Deployment Guide
-W selectWasServer.wasAppServerDirectory="D:\websphere\AppServer"
################################
# User Input Field - wasServerName
-W selectWasServer.wasServerName="WebSphere_Portal"
################################
# User Input Field - wasCell
-W selectWasServer.wasCell="krishna"
################################
# User Input Field - wasBootstrapPort
-W selectWasServer.wasBootstrapPort="2810"
################################
# User Input Field - wasSoapConnectorPort
-W selectWasServer.wasSoapConnectorPort="8881"
################################
# User Input Field - httpServerDocumentRoot
-W selectHttpServer.httpServerDocumentRoot="D:\IBMHTTPServer\htdocs\en_US"
################################
# User Input Field - instanceName
-W wasInstancePanel.instanceName=""
################################
# User Input Field - wpsAdminUsername
-W wasInstancePanel.wpsAdminUsername=""
################################
# User Input Field - wpsAdminPassword
-W wasInstancePanel.wpsAdminPassword=""
################################
# User Input Field - wpsServerName
-W wpsPropsPanel.wpsServerName="WebSphere_Portal"
################################
# User Input Field - httpInstance
-W httpInstancePanel.httpInstance=""
################################
Related tasks
“Installing the Workplace Managed Client provisioning server using a response
file” on page 332
Provisioning server installation for UNIX
When installing the IBM Workplace Managed Client provisioning server on a
UNIX system, if the administrator launches the installation program using either of
the following two commands, the CD-ROM drive will not open after the installer
prompts for a second disk:
v ./setupLinux.bin
v ./setupAix.bin
Attempting to unmount the drive returns the following error because the shell that
was used to launch the installer still has /mnt/cdrom as its current working
directory and the shell has thus locked that directory:
nmount: /mnt/cdrom: device is busy
Chapter 8 IBM Workplace Managed Client Installation and Configuration
337
To run the installation program, cd to /mnt instead of /mnt/cdrom, and use the
command ″cdrom/setupLinux.bin″ or ″cdrom/setupAix.bin.″ Alternatively, launch
the installation program by double-clicking it’s name in a graphical explorer
window.
If the installation program has partially completed, reboot the system to unlock the
drive, use rpm -e package to remove the packages it installed (all packages
beginning with IBM_LWP_S_MC), and then restart the installation program as
described.
Related tasks
“Installing the provisioning server” on page 296
Configuring the provisioning server for secure installation and
update with SSL
You can configure the IBM Workplace Managed Client provisioning server for
Secure Sockets Layer (SSL) if the WebSphere Application Server and the HTTP
server are already configured to use SSL.
For information on configuring the WebSphere Application Server and the HTTP
server to use SSL, see the IBM Workplace Collaboration Services Information
Center.
If you want users to update from the provisioning server over HTTPS, specify the
URL Provider settings for SSL provisioning using the following procedure. This
procedure also assumes that you will want the user to obtain Workplace Managed
Client updates over HTTPS.
You may need to specify a URL resource for the Workplace Managed Client
installer download server and then repeat the process to specify a URL for the
Workplace Managed Client provisioning server.
1. Log in to the WebSphere Administrative Console using an administrative user
name and password.
2. Click Resources → URL Providers.
3. Set the scope to Cell.
4. If there is a node name specified, remove it and click Apply.
5. Click Default URL Provider.
6. Click Additional Properties - URLs.
7. Click Workplace Client Installer Download Server.
8. Change the Specification setting to link to https://yourserver, for example
https://apple.lotus.com. Do not change the JNDI name or any other fields.
Click OK.
Click Resources → URL Providers.
Set the scope to Cell.
If there is a node name specified, remove it and click Apply.
Click Default URL Provider.
Click Additional Properties - URLs.
Click Workplace Client Provisioning Server.
Change the Specification setting to link to https://yourserver, for example
https://apple.lotus.com/lwpupdate/wct). Do not change the JNDI name or
any other fields.
17. Click OK.
9.
10.
11.
12.
13.
14.
15.
16.
338
Clustered-server Deployment Guide
18. Click Save.
19. Restart the servers.
Related tasks
“Installing the provisioning server” on page 296
Installing the provisioning server on an HTTP server with a
non-default document root
In a customized HTTP server configuration, if the value of the DocumentRoot
entry in the httpd.conf file on the IBM HTTP server is not set to htdocs/en_US, the
administrator must create an alias in that httpd.conf file that points to the key IBM
Workplace Managed Client directories. For example, icons will not appear in the
Workplace Managed Client switcher bar until the administrator creates the alias
/images/opt/IBMIHS/htdocs/en_US/images/ entry in the httpd.conf file.
For an httpd.conf file on the HTTP server with the following DocumentRoot entry,
the administrator must add the additional alias lines to that httpd.conf file:
DocumentRoot "/w3/content"
alias /wctprops /opt/IBMIHS/htdocs/en_US/wctprops/
alias /lwpinstall /opt/IBMIHS/htdocs/en_US/lwpinstall/
alias /lwpupdate /opt/IBMIHS/htdocs/en_US/lwpupdate/
alias /images/opt/IBMIHS/htdocs/en_US/images/
In this example server was installed rooted in /opt/IBMIHS/ . If you have
installed it somewhere else, then use that http_server_root in the alias.
Related tasks
“IBM Workplace Managed Client installation and configuration checklist for a
clustered environment” on page 317
“Specifying a new Workplace Managed Client provisioning server Web
address” on page 340
“Updating the provisioning server on an HTTP server with a non-default
document root”
Updating the provisioning server on an HTTP server with a
non-default document root
In a customized HTTP server configuration, if the value of the DocumentRoot
entry in the httpd.conf file on the IBM HTTP server is not set to htdocs/en_US,
then the administrator must create an alias in that httpd.conf file that points
directly to the IBM Workplace Managed Client switcher bar images directory.
For example if the httpd.conf file on the HTTP server has the following
DocumentRoot entry, the switcher icons will not be visible in the client unless the
administrator adds the additional alias /images/ line to that httpd.conf file:
DocumentRoot "/w3/content" alias /images /opt/IBMIHS/htdocs/en_US/images/
In this example, the server was installed rooted in /opt/IBMIHS/. If you have
installed it somewhere else, then use that http_server_root in the alias.
Related tasks
“IBM Workplace Managed Client installation and configuration checklist for a
clustered environment” on page 317
“Installing the provisioning server on an HTTP server with a non-default
document root”
Chapter 8 IBM Workplace Managed Client Installation and Configuration
339
Specifying a new Workplace Managed Client provisioning server
Web address
Prior to enabling IBM Workplace Managed Client users to download and install
the client, and after installing the IBM Workplace Collaboration Services, all other
servers (LDAP, HTTP, and so on), and the Workplace Managed Client provisioning
server, you can specify a new context root (also known as a provisioning server
URL) from which the client should obtain features and plug-ins during both install
and update. After you specify the new context root, update your HTTP server to
point to port 81.
See Changing the installed context root for details.
In some instances, the context root that you specify will not appear on the user’s
installation screen (Managed Client URL field). It is suggested that you tell your
users what the Managed Client URL field value should be, and if that exact value
does not appear by default, they should manually enter that value during
Workplace Managed Client installation. For example, you might change your
content root to point to http://hostname.domain.com:9081/dev/workplace but the
system might display http://hostname.domain.com:9081/lwp/workplace in the
Managed Client URL field by default.
Related tasks
“IBM Workplace Managed Client installation and configuration checklist for a
clustered environment” on page 317
“Installing the provisioning server on an HTTP server with a non-default
document root” on page 339
“Updating the provisioning server on an HTTP server with a non-default
document root” on page 339
“Editing URL resources for the provisioning server” on page 448
Configuring for optimal Workplace Managed Client
performance
To achieve optimal performance for the IBM Workplace Managed Client, perform
the following tasks. These tasks are best performed after you install the
provisioning server and before the user installs the Workplace Managed Client.
“Configuring Windows system settings for IBM Workplace Managed Client
performance” on page 346
After provisioning server installation, you can also make administrative
adjustments for the following capabilities:
“Synchronizing data through the HTTP server” on page 344
“Configuring a trust certificate for IBM Workplace Managed Client” on page 341
“Configuring the Notes application plug-in for IBM Workplace Managed Client
checklist” on page 345
“Enabling operating system single sign-on” on page 347
“Configuring the provisioning server for secure installation and update with SSL”
on page 338
Related concepts
340
Clustered-server Deployment Guide
“Phase 6: Connecting to an external HTTP server” on page 287
Related tasks
“IBM Workplace Managed Client installation and configuration checklist for a
clustered environment” on page 317
“Connecting services on the provisioning server in a clustered environment” on
page 297
Connecting to an external Web server in a non-clustered environment
“Connecting to external Web servers in a clustered environment” on page 287
“Installing the provisioning server” on page 296
“Synchronizing data through the HTTP server” on page 344
Configuring a trust certificate for IBM Workplace Managed Client
A security warning dialog may appear as a final step during IBM Workplace
Managed Client installation and when the client interacts with a server over the
SSL protocol if a certificate for that server does not exist in the user’s list of trusted
servers. The dialog will state that the system is unable to establish trust for the
identity of the site or server you are connecting to due to an unrecognized
certifying authority. The user choices are to view certificate details, trust the
certifying authority (CA), trust the CA for this action only, or not trust the CA.
To simplify the user experience by suppressing this dialog, you can create a file
that configures the necessary certificate and then add the user’s server(s) certificate
to the list of trusted servers. This is done by creating a site certificates file, adding
it to the list of files sent to the client during Workplace Managed Client
installation, and adding the certificates to the IBM Workplace Collaboration
Services server’s Workplace Client Certificate Store.
Note: This configuration process assumes that you have enabled SSL. If you have
not enabled SSL, you can either do so prior to performing the tasks in this
topic or else disregard this topic and use the supplied site certificates file
and the dummy password of WebAS. However, it is recommended that you
customize the site certificates files for your own site and use a password of
your own choosing.
In this procedure you will use the use the iKeyman tool twice. Use the iKeyman
tool provided with WebSphere to create the site certificate .jks file. The WebSphere
iKeyman tool is typically located in app_server_root/bin as ikeyman.bat/.sh. Be sure
to specify the JKS format when creating the site certificate .jks file. Then use the
iKeyman tool provided with the IBM HTTP server to extract the certificate .arm
files. The IBM HTTP server iKeyman tool is typically located in http_server_root/bin
as ikeyman.bat/.sh.
Note: Certificates are distributed to all Workplace Managed Client desktops on a
server-scheduled basis.
Note: The sitecerts.jks file is copied from the C:\temp\wctpinstall-temp directory
(where it is downloaded as part of the Workplace Managed Client
installation program) to the following client directory that should be its final
location:
\rcp\eclipse\features\com.ibm.rcp.jre.win32.feature_1.3.0\jre\lib\security\
sitecerts.jks
Chapter 8 IBM Workplace Managed Client Installation and Configuration
341
Note: Steps 1 and 2 will extract certificates as .arm files.
1. Extract the public certificates for the truststore file using the WebSphere
Application Server iKeyman tool.
Note: Extracting a certificate from one keystore file and adding it to a
truststore file is not the same as exporting the certificate and then
importing it. Exporting a certificate copies all the certificate information,
including its private key, and is normally only used if you want to copy
a personal certificate into another keystore file as a personal certificate. If
a certificate is self-signed, extract the certificate and its public key from
the keystore file and add it to the target truststore file. If a certificate is
CA-signed, verify that the CA certificate used to sign the certificate is
listed as a signer certificate in the target truststore file. The keystore file
must already exist and contain the certificate to be extracted.
a. Start the WebSphere iKeyman key management utility using either
app_server_root/bin/ikeyman.bat or ikeyman.sh.
b. Open the .jks keystore file, located under app_server_root, from which the
public certificate will be extracted.
c. Select Personal Certificates.
d. Click Extract Certificate.
e. Click Base64-encoded ASCII data under Data type.
f. Enter the Certificate File Name and Location.
g. Click OK to export the public certificate into the specified file.
Note the location of the file that you created; you will need that information
later in the procedure.
2. Extract the public certificates for the truststore file using the IBM HTTP server
iKeyman tool.
a. Start the IBM HTTP server iKeyman key management utility using either
http_server_root/bin/ikeyman.bat or ikeyman.sh.
b. Open the .kdb keystore file from which the public certificate will be
extracted.
c. Select Personal Certificates.
d. Click Extract Certificate.
e. Click Base64-encoded ASCII data under Data type.
f. Enter the Certificate File Name and Location.
g. Click OK to export the public certificate into the specified file.
Note the location of the file that you created; you will need that information
later in the procedure.
A certificate file (*.arm) that contains the public key of the signed personal
certificate is now available for the target truststore file.
3. On the WebSphere Application Server (only), create a site certificates file.
This file is a key database file that contains both public keys and private keys.
Public keys are stored as signer certificates while private keys are stored in the
personal certificates. The keys are used for a variety of purposes, including
authentication and data integrity. You can the iKeyman key management utility
or the keytool utility to create keystore files.
a. Start the WebSphere iKeyman key management utility (if it is not already
running) using either app_server_root/bin/ikeyman.bat or ikeyman.sh.
b. Open a new key database file by clicking Key Database File → New from
the menu bar.
342
Clustered-server Deployment Guide
c. Select the Key Database Type: JKS (default). This is the key file format used
when you configure the SSL setting for your application.
d. Type in the file name sitecerts.jks and the location (preferably /etc).
e. Click OK to continue.
f. Type in a password to restrict access to the file. This password is used as the
key file password when you configure the SSL setting for your application.
g. Click OK to continue. The tool displays all of the available default signer
certificates. These certificates are the public keys of the most common
certificate authorities (CAs). You can add, view, or delete signer certificates
from this panel.
A new SSL site certificate trust file is created.
4. Now you can import signer certificates -- either CA-signed certificates not
contained already in the sitecerts.jks file or self-signed certificates. These
certificates were extracted as .arm files in steps 1 and 2. A signer certificate is
the trusted certificate entry that is usually in a truststore file. You can import a
certificate authority (CA) root certificate from the CA, or a public certificate
from the self-signed personal certificate of the target into your truststore file, as
a signer certificate.
a. Start the WebSphere iKeyman key management utility (if it is not already
running) using either app_server_root/bin/ikeyman.bat or ikeyman.sh.
b. Open the sitecerts.jks (created in step 4). The password prompt window
displays.
c. Type the password and click OK.
d. Select Signer Certificates from the drop down list.
e. Click Add.
f. Click Data type and select Base64-encoded ASCII data, as you did in steps
1 and 2 above.
g. Type a certificate file name and location for the CA root digital certificate or
click Browse to select the name and location and click OK. This option
pertains to the certificate file name and location you specified in steps 1 and
2 above.
h. Type a label for the importing certificate and click OK.
The Signer Certificates field now displays the label of the signer certificate you
just added.
5. Import the server’s public certificate into the server’s Client Certificate Store as
a trusted certificate. To import the certificate into the trusted root store, it must
be in a file visible to your browser.
a. Log in to the IBM WebSphere Application Server Administrative Console as
an administrative user (one who has been associated with the pkiAdmin
role).
b. Click IBM Workplace software → Client Certificate Store. You will see the
current contents of the trusted root store.
c. Click Import certificate from file under Additional actions to display the
import screen.
d. Select the file (for example keyfile.arm) containing the certificate, and click
Next to display the certificate(s) in the current file.
e. Select the certificate to import and check the Trust check box.
f. Click Finish. Repeat for each .arm file you extracted.
Chapter 8 IBM Workplace Managed Client Installation and Configuration
343
6. Place the sitecerts.jks site certificates file with the Workplace Managed Client
installation program on the HTTP server. The default installation directory for
the Workplace Managed Client installation program on the HTTP server is as
follows:
http_server_root/htdocs/en_US/lwpinstall/wct
7. Locate and edit the download applet’s files list properties file (filesList.props)
to add site certificates to the file’s properties for the configurations that you
want. The default file path for the download applet on the WebSphere
Application Server is as follows:
app_server_root/installedApps/server/wctInstall.ear/wctinstall.war
For example, the content of this filesList.props file is shown below:
win32.ie.downloads.files=setup_wct_platform.exe
win32.ie.downloads.location=$host$/lwpinstall/wct/
win32.ie.downloads.execute=setup_wct_platform.exe
win32.mozilla.downloads.files=setup_wct_platform.exe
win32.mozilla.downloads.location=$host$/lwpinstall/wct/
win32.mozilla.downloads.execute=setup_wct_platform.exe
linux.mozilla.downloads.files=setup_wct_platform.bin
linux.mozilla.downloads.location=$host$/lwpinstall/wct/
linux.mozilla.downloads.execute=setup_wct_platform.bin
becomes this:
win32.ie.downloads.files=setup_wct_platform.exe,sitecerts.jks
win32.ie.downloads.location=$host$/lwpinstall/wct/
win32.ie.downloads.execute=setup_wct_platform.exe
win32.mozilla.downloads.files=setup_wct_platform.exe,sitecerts.jks
win32.mozilla.downloads.location=$host$/lwpinstall/wct/
win32.mozilla.downloads.execute=setup_wct_platform.exe
linux.mozilla.downloads.files=setup_wct_platform.bin,sitecerts.jks
linux.mozilla.downloads.location=$host$/lwpinstall/wct/
linux.mozilla.downloads.execute=setup_wct_platform.bin
8. Restart the servers.
Related concepts
“Phase 8: IBM Workplace Managed Client installation and configuration” on
page 317
Related tasks
“IBM Workplace Managed Client installation and configuration checklist for a
clustered environment” on page 317
Synchronizing data through the HTTP server
You can configure the Workplace Managed Client to use HTTPS (HTTP with
Secure Sockets Layer, or SSL) to synchronize data between the IBM Workplace
Managed Client and the IBM WebSphere Portal Server. By encrypting all
transmitted data, as well as authenticating the identity of the server, HTTPS offers
greater security than that of HTTP.
Related tasks
“IBM Workplace Managed Client installation and configuration checklist for a
clustered environment” on page 317
“Connecting to external Web servers in a clustered environment” on page 287
344
Clustered-server Deployment Guide
Configuring the Notes application plug-in for IBM Workplace
Managed Client checklist
With the Lotus Notes® application plug-in in the IBM Workplace Managed Client,
users can open and work with Notes 7 databases, views, and documents without
having to open the Notes client separately. The Workplace Managed Client can use
the Notes password so that the user is not prompted for it when they use a Notes
application. A user policy setting in the IBM WebSphere Application Server and
corresponding settings in the user’s Lotus Domino user policy or Notes .ini file
enable this feature.
To enable users to access the Notes application plug-in in the Workplace Managed
Client, perform the following tasks.
1. Log in to the WebSphere Application Server Administrative Console.
2. Click IBM Workplace software → Users → Manage User Policies → Default (or
specific user policy name).
3. Scroll down and enable the Allow Notes application plugin policy setting.
4. (Optional) Scroll down and enable the Allow Instant Messaging policy setting.
When the user runs the Notes application plug-in from the Workplace
Managed Client, he can use either IBM Workplace Collaboration Services
instant messaging or Notes instant messaging.
v If Instant Messaging is enabled in the user’s Workplace Collaboration
Services user policy, then his default instant messaging type is that of
Workplace Managed Client. If he uses the Notes application plug-in, his
default instant messaging type will be Workplace Managed Client instant
messaging.
v If Instant Messaging is not enabled in the user’s Workplace Collaboration
Services user policy, but is enabled for his Notes client (this is the default but
can be set in Domino user policy), then he will be able to use IBM Lotus
Sametime instant messaging within the Workplace Managed Client Notes
application plug-in.
The user can switch from Workplace Managed Client instant messaging to
Lotus Sametime instant messaging while working in the Notes application
plug-in by clicking File → Preferences → User Preferences → Additional Options
→ Use IBM Lotus Sametime instant messaging. The Domino administrator
controls whether this option is available by using either a setting in the user’s
Domino desktop user policy or the notes.ini file. See IBM Lotus Domino
Administrator 7.0 Help at http://www.lotus.com/doc for details.
5. Apply the policy change and exit the WebSphere Administrative Console.
6. Optionally enable the Notes single log-on feature for users as described in the
Lotus Notes client help topic Allow single log-in to Notes from IBM
Workplace.
v See the Notes application plug-in documentation in the Workplace Managed
Client help for information about Notes application plug-in functionality.
v See Domino administrator documentation at http://www.lotus.com/doc for
more information about the Notes client and its configuration options. For
example, see Chapter: Protecting and Managing Notes IDs; topic: Password
protection for Notes IDs and Chapter: Using Policies; topic; Creating a
security settings policy document in the administrator’s guide.
v See the Notes client help topic Security Basics, which is the main F1 topic
from the Notes client User Security panel.
Related tasks
Chapter 8 IBM Workplace Managed Client Installation and Configuration
345
“IBM Workplace Managed Client installation and configuration checklist for a
clustered environment” on page 317
“Configuring a trust certificate for IBM Workplace Managed Client” on page
341
Changing the embedded browser default Web address
The IBM Workplace Managed Client embedded browser opens to the IBM Web site
(http://www.ibm.com) when a user first uses the embedded browser. A user can
click the home button to switch to a Web address they have defined as the default
address in the browser preference; however, the next time they start the embedded
browser, it again defaults to the IBM site. You can change the default Web address
setting for the embedded browser to display a different consistent default, such as
your company’s Web address, instead of the IBM Web address.
To specify a specific value for the Workplace Managed Client embedded browser’s
default Web address, specify a new value for the initialUrl property in the
requirements.xml file. This file is processed (by RCPML) when the client is
provisioned and updated.
Note: RCPML is a programmatic markup language used internally to set client
capabilities for a user or user group. For example, user policy information
established in the IBM WebSphere Application Server Administrative
Console is transferred to the users desktop as RCPML settings. This type of
RCPML controls, for example, which Workplace Managed Client feature
capabilities a particular user or user group is authorized to use.
To change the default Web address of the embedded browser, perform the
following steps:
1. Log in to the IBM Workplace Collaboration Services server as an administrator.
2. Find the requirements.xml file in the following location:
workplace_server_root/AppServer/installedApps/cell_name
/wps.ear/wps.war/themes/rcpml/requirements.xml
3. Change the com.ibm.rcp.ui.browser.initialUrl key value to the Web address you
want the embedded browser to open to by default.
4. Save the requirements.xml file. When you provision the Workplace Managed
Client the first time or when an update task is run, the associated RCPML is
downloaded to the client. The initalUrl value you specified is stored as a
preference in the following file:
C:\Documents and Settings\username\IBM\RCP\instance ID\
username\.metadata\.plugins\com.ibm.rcp.pagebuilder\config\
-lwp-myworkplace.xml
Related tasks
“IBM Workplace Managed Client installation and configuration checklist for a
clustered environment” on page 317
Configuring Windows system settings for IBM Workplace
Managed Client performance
Maximize system resources for Microsoft Windows user background tasks as
described below:
1. Click Start → Settings → Control Panel → System.
2. Click the Advanced tab and the Performance Options option.
3. Ensure that the Background Processes option is selected.
346
Clustered-server Deployment Guide
4. Click the virtual memory Change option. Ensure that the Initial Size is equal
to the Recommended Size and the Maximum Size is set to 4095.
Note: If the machine’s physical memory is more than 4 GB (4096 MB), the
maximum allowed size of virtual memory is 4095 MB. Set the Initial
Size and Maximum Size limits to 4095 MB.
5. Continue to click OK until no more dialogs appear.
6. If you will not be using Internet Information Services (IIS), remove it now by
performing the following tasks:
a. Click Start → Settings → Control Panel → Add/Remove Programs.
b. Click Add/Remove Windows Components.
c. Uncheck Internet Information Services (IIS).
d. Click Next.
e. Ensure that the Remote Administration Mode option is enabled.
f. Click Next.
g. Click Finish.
h. Close the Add/Remove Programs panel.
Related concepts
“Phase 8: IBM Workplace Managed Client installation and configuration” on
page 317
“Configuring for optimal Workplace Managed Client performance” on page 340
Related tasks
“IBM Workplace Managed Client installation and configuration checklist for a
clustered environment” on page 317
Enabling operating system single sign-on
Single sign-on (SSO) lets users use one user name and password to authenticate
with the operating system and with IBM Workplace Managed Client capabilities.
When you set up single sign-on for the Workplace Managed Client user, the user
name and password are stored in the user’s personal credential store.
Enabling single sign-on (SSO) with the operating system allows the user secure
access to the Workplace Managed Client personal credential store without
requiring an additional authentication prompt. This single sign-on feature is a
system-wide service. If is enabled, and upon successful authentication with the
operating system, the Workplace Managed Client personal credential store can be
accessed without any additional login prompts.
Note: The user’s operating system login password and the Workplace Managed
Client personal credential store password must be identical in order for
single sign-on to work.
The user can choose to enable or disable the installed single sign-on feature using
security preferences.
This feature is supported on Microsoft Windows 2000, Microsoft Windows XP, and
RedHat Enterprise Linux 3.
If single sign-on is not enabled, users can use the Change password preference,
available from the File → Preferences → Security menu, to change the password
stored in the personal credential store. The operating system’s user name and
password values are not affected.
Chapter 8 IBM Workplace Managed Client Installation and Configuration
347
If single sign-on is enabled and a user changes the password used to authenticate
with the operating system, the installed Workplace Managed Client capabilities
detect this change at startup and automatically reset the client password to match
the new operating system password. When single sign-on is enabled, the Change
password preference setting available from File → Preferences → Security is not
enabled.
The login credentials you supply to IBM Workplace Collaboration Services during
installation and setup are initially the same for the Workplace Collaboration
Services browser client and Workplace Managed Client. The local credential store,
however, stores the user names and passwords for the browser client and
Workplace Managed Client as separate credentials. As a result, if you, or a user,
enable single sign-on with the operating system in the Workplace Managed Client
or change the password for the Workplace Managed Client, these changes do not
affect the login information supplied to log in the browser client. The two do not
remain the same.
Related tasks
“Configuring Linux operating system single sign-on”
“Configuring Windows operating system single sign-on”
“Uninstalling single sign-on for Linux” on page 350
“Uninstalling single sign-on for Windows” on page 349
“Installing and configuring the provisioning server in a clustered environment”
on page 320
“Installing the Workplace Managed Client from a server” on page 358
Configuring Windows operating system single sign-on:
Operating system single sign-on lets you use your Microsoft Windows password to
log into IBM Workplace Managed Client. To configure the rich client user
environment for single sign-on with Windows, perform the following tasks.
1. Make sure that the user has installed the Workplace Managed Client.
2. Make sure that the user has sufficient operating system privileges to modify the
Windows registry and install new services, or determine that you will perform
this installation for the user.
3. Navigate to the following directory:
C:\Program Files\IBM\Workplace Managed Client\rcp\eclipse\
features\com.ibm.rcp.security.sso.win32.feature\os\win32\x86
4. Run the ssoinstall.cmd file and then reboot the user’s system.
Note: Not all password changes can be detected. If an administrator changes a
user’s password, or the user changes the password using User Accounts
tools, the Workplace Managed Client, and operating system passwords
may not match.
Note: To disable this feature from the directory cited in step 3, run the
following file and then reboot the user’s system:
C:\Program Files\IBM\Workplace Managed Client\rcp\eclipse\features\
com.ibm.rcp.security.sso.win32.feature\os\win32\x86\ssoremove.cmd
Related concepts
“Enabling operating system single sign-on” on page 347
Configuring Linux operating system single sign-on:
348
Clustered-server Deployment Guide
Operating system single sign-on lets you use your Linux password to log into IBM
Workplace Managed Client. To configure the user environment for single sign-on
with Linux, perform the following tasks.
The instructions assume you have some understanding of Linux System
Administration and Linux Security Administration, especially the configuration of
PAM (Pluggable Authentication Modules). See the Linux-PAM System
Administrator’s Guide (http://www.kernel.org/pub/linux/libs/pam/Linux-PAMhtml/pam.html#toc4) for related information.
Note: The Workplace Managed Client single sign-on feature is not intended for
use with the root user ID. The Workplace Managed Client single sign-on
PAM module and single sign-on daemon will ignore login requests from the
root user ID.
1. Make sure that the user has installed the Workplace Managed Client.
2. In a Linux shell, log in as, or switch user (su), to root.
3. Navigate to the user’s rcp/eclipse/feature/
com.ibm.rcp.security.sso.win32.features/os/linux/x86 directory.
4. Run the installsso script to copy several components to the appropriate system
directories.
5. Navigate to /etc/pam.d in preparation for modifying the system’s PAM
configuration to add the Workplace Managed Client system’s PAM module to
the appropriate system files.
6. Add the statements in bold shown in the sample below to either the gdm or
the xdm PAM configuration file.
Note: If the system is using the GNOME window manager, edit the gdm file. If
the system is using the KDE window manager, edit the xdm file. If in
doubt, edit both files.
Note: See the Linux-PAM System Administrator’s Guide for more details on
file format and content.
A sample /etc/pam.d/gdm file is shown below:
#%PAM-1.0
auth
required
auth
required
account
password
password
pam_unix2.so
nullok #set_secrpc
pam_rcpsso.so
required
required
required
debug
pam_unix2.so
pam_unix2.so
#strict=false
pam_rcpsso.so
session
required
pam_unix2.so
session
required
pam_devperm.so
session
required
pam_resmgr.so
session
required
pam_rcpsso.so
debug
debug # trace or none
debug
7. Add the following line to the passwd file.
password
required
pam_rcpsso.so
debug
8. Reboot the user’s system.
Related concepts
“Enabling operating system single sign-on” on page 347
Uninstalling single sign-on for Windows:
Chapter 8 IBM Workplace Managed Client Installation and Configuration
349
Before uninstalling the IBM Workplace Managed Client, you must uninstall the
operating system single sign-on feature (SSO) and then reboot the system.
1. Navigate to the following directory:
C:\Program Files\IBM\Workplace Managed Client\rcp\eclipse\feature\
com.ibm.rcp.security.sso.win32.feature\os\win32\x86
2. Run the ssoremove.cmd program.
3. Reboot your system.
You or the user can now proceed to uninstall the Workplace Managed Client.
Related concepts
“Enabling operating system single sign-on” on page 347
Related tasks
“Configuring Windows operating system single sign-on” on page 348
“Uninstalling the Workplace Managed Client from the user desktop” on page
388
Uninstalling single sign-on for Linux:
Before uninstalling the IBM Workplace Managed Client, you must uninstall the
operating system single sign-on feature (SSO) and then reboot the system.
1. Log in as root or switch user (su) to root.
2. Navigate to the rcp/eclipse/feature/com.ibm.rcp.security.sso.linux.feature/os/
linux/x86 directory.
3. Manually stop the ibmrcosso server by clicking System Setting → Service
Setting → Services → ibmrcpsso. Select and stop the ibmrcpsso service.
4. Run the removesso script.
Note: The removesso script stops the ibmrcpsso server.
5. Navigate to the /etc/pam.d directory.
6. Edit the gdm and passwd file to remove references to pam_rcpsso.so.
Note: If you do not perform this step, you might not be able to log in later.
7. Reboot your system.
You or the user can now uninstall the Workplace Managed Client.
Related concepts
“Enabling operating system single sign-on” on page 347
Related tasks
“Configuring Linux operating system single sign-on” on page 348
“Uninstalling the Workplace Managed Client from the user desktop” on page
388
Configuring the provisioning server for secure installation and
update with SSL
You can configure the IBM Workplace Managed Client provisioning server for
Secure Sockets Layer (SSL) if the WebSphere Application Server and the HTTP
server are already configured to use SSL.
For information on configuring the WebSphere Application Server and the HTTP
server to use SSL, see the IBM Workplace Collaboration Services Information
Center.
350
Clustered-server Deployment Guide
If you want users to update from the provisioning server over HTTPS, specify the
URL Provider settings for SSL provisioning using the following procedure. This
procedure also assumes that you will want the user to obtain Workplace Managed
Client updates over HTTPS.
You may need to specify a URL resource for the Workplace Managed Client
installer download server and then repeat the process to specify a URL for the
Workplace Managed Client provisioning server.
1. Log in to the WebSphere Administrative Console using an administrative user
name and password.
2. Click Resources → URL Providers.
3. Set the scope to Cell.
4. If there is a node name specified, remove it and click Apply.
5. Click Default URL Provider.
6. Click Additional Properties - URLs.
7. Click Workplace Client Installer Download Server.
8. Change the Specification setting to link to https://yourserver, for example
https://apple.lotus.com. Do not change the JNDI name or any other fields.
9. Click OK.
10. Click Resources → URL Providers.
11. Set the scope to Cell.
12.
13.
14.
15.
If there is a node name specified, remove it and click Apply.
Click Default URL Provider.
Click Additional Properties - URLs.
Click Workplace Client Provisioning Server.
16. Change the Specification setting to link to https://yourserver, for example
https://apple.lotus.com/lwpupdate/wct). Do not change the JNDI name or
any other fields.
17. Click OK.
18. Click Save.
19. Restart the servers.
Related tasks
“Installing the provisioning server” on page 296
Setting Workplace Managed Client installation program
defaults
You can alter the default values that are provided to users during IBM Workplace
Managed Client installation and initial setup by editing the pluginvalues.props and
token_values.props properties files before users install Workplace Managed Client.
This enables you to control the defaults supplied to the client installation program
and client initial setup. This is particularly useful when using the IBM Workplace
Collaboration Services configurations listed below:
v Remote HTTP servers, that do not have the same IP address as the WebSphere
Portal server on which IBM Workplace Collaboration Services is installed
v Clustered environments, which have more than one back-end server that can
service clients
v Alternate port configurations, such as altered BOOTSTRAP_ADDRESS endpoints
Chapter 8 IBM Workplace Managed Client Installation and Configuration
351
Note: In an application cluster, edited properties files must be copied to every
cluster mate.
Note: If you are using a clustered environment, see “Connecting services on the
provisioning server in a clustered environment” on page 297 for additional
settings in the pluginvalues.props and token-values.props.
The procedure to edit initial setup values for user desktops is as follows:
1. Install the Workplace Managed Client provisioning server on the Workplace
Collaboration Services server.
2. On the Workplace Collaboration Services server, navigate to the following
directory:
workplace_server_root/AppServer/installedApps/cell/wctInstall.ear/
wctInstall.war
3. Locate and edit the pluginvalues.props file in this directory to change the
following values. These values are provided to the user as defaults during
Workplace Managed Client installation and configuration.
v plugins=plugin_customization
This setting specifies the name of the file that will be used to carry the
defaults to the client. Do not modify this setting.
v plugin_customization.com.ibm.workplace.configuration/defaulturl
=$host$/lwp/myworkplace
This setting specifies the Web address (URL) to which the client connects to
load the user’s appropriate RCPML for the policy-enabled Workplace
Managed Client capabilities. By default, the $host$ token defaults to the full
DNS name of the system from which the client installer was downloaded,
including the HTTP or HTTPS port number that was specified in the
download (see token_values.props in step 4 below). Change this value only if
the Workplace Collaboration Services server does not have its default context
root set to ″lwp,″ or the RCPML server (or its HTTP server front-end) is not
the server from which the user downloaded the client installation program.
An example is shown below:
com.ibm.workplace.configuration/defaulturl=http://wct001.notesdev.ibm.com/
lwp/myworkplace
v plugin_customization.com.ibm.workplace.security/com.ibm.wkplc.remote.server.
name=$host-name$
This setting populates the Host name field during the user’s initial setup. It
specifies the WebSphere Portal server that the Workplace Managed Client
will connect to when running applications. By default, the $host-name$ token
defaults to the full IP name of the system from which the client installer was
downloaded (see token_values.props in step 4 below). Change this value
only if the server that has Workplace Collaboration Services installed is not
the server from which the user downloaded the Workplace Managed Client
installation program.
v [optional]
com.ibm.workplace.security/com.ibm.wkplc.remote.server.port
=BOOTSTRAP_ADDRESS
This setting populates the Port field during the user’s initial setup. It
specifies the BOOTSTRAP_ADDRESS of the WebSphere Portal server that the
Workplace Managed Client will connect to when running applications. If this
value does not exist, the client will assume the default port 2810. Change this
value only if the server has a BOOTSTRAP_ADDRESS endpoint
configuration that differs from the default of port 2810 (such as for i5/OS
servers or network deployments).
352
Clustered-server Deployment Guide
Note: The default Server and Port on the user’s login Connectivity screen is
specified by the administrator in the WebSphere Administrative
Console using Servers → Application Servers → server name → End
Points → BOOTSTRAP_ADDRESS.
Note: The BOOTSTRAP_ADDRESS and SOAP variables and values are
typically set in the WebSphere Administrative Console and also found
in the serverindex.xml file. A sample Windows path to
serverindex.xml is as below:
workplace_server_root/AppServer/config/cells/cellName/nodes/abx
A sample i5/OS path to serverindex.xml is as below:
/QIBM/UserData/WebAS5/base/instanceName/config/cells/cellName/nodes/
nodeName
4. Locate and edit token-values.props to change the following values. These
values are provided to the user during Workplace Managed Client installation
and configuration.
v host=getParameter
This setting specifies the value substituted for $host$ when values from
pluginvalues.props are downloaded to the user’s workstation. When the user
downloads the Workplace Managed Client installation program, the
getParameter value forces the download applet to use applet values provided
by startdownload-java.jsp, which is a URL of the form http[s]://
full.dns.name:port, derived from the user browser’s HTTP request header.
This value differs from $host-name$ because it is a URL used for WebSphere
Portal page requests that includes http[s]:// and the HTTP /HTTPS port
number that were included in the HTTP request header. The value can either
point to an HTTP server front-end for a WebSphere Portal server on which
Workplace Collaboration Services is installed or it can point directly to a
WebSphere Portal server on which Workplace Collaboration Services is
installed.
If an HTTP port other than port 80 is used, it must be specified on this line.
An example is shown below:
host=http://yourHTTPServer:(HTTPportNumber)
v host-name=getParameter
This setting specifies the value substituted for $host-name$ when values
from pluginvalues.props are downloaded to the user’s workstation. When
the user downloads the Workplace Managed Client installation program, the
getParameter value forces the download applet to use applet values provided
by startdownload-java.jsp, which is a full host name derived from the user
browser’s HTTP request header. This value differs from $host$ in that it is
simply a full host name for remote requests; it does not include http[s]:// or
the HTTP /HTTPS port number included in the HTTP request header.
Note: In a clustered environment, change the value of host-name in the
pluginvalues.props file from
plugin_customization.com.ibm.workplace.security/com.ibm.wkplc.
remote.server.name=$host-name$
to
plugin_customization.com.ibm.workplace.security/com.ibm.wkplc.
remote.server.name= the fully qualified DNS address of your DM Server.
Chapter 8 IBM Workplace Managed Client Installation and Configuration
353
Also create a directory called wctprops under the http_server_root
directory, (for example http_server_root/htdocs/en_US/wctprops) and
place your modified properties files filesList.props, pluginvalues.props,
and token-values.props there.
Note: Only the properties files on the HTTP server need to be updated.
5. While the Workplace Collaboration Services servers are down, locate and edit
the workplace_server_root/AppServer/config/cells/plugin-cfg.xml file as
specified below:
a. Save a backup copy of the file as plugin-cfg.xml.ORIG.
b. Open plugin-cfg.xml and find the following string:
PostSizeLimit=″10000000″
c. Change the value to ″-1″.
Note: When using an IBM HTTP server in conjunction with Workplace
Collaboration Services, set the PostSizeLimit value in the
plugin-cfg.xml file to -1. Do this for all servers in the cluster and then
regenerate the plugin-cfg.xml Web server plugin. This will enable you
to import large files, such as the installation guide PDF file.
See Creating update preferences for information about using
pluginvalues.props to create provisioning defaults.
Related concepts
“Phase 6: Connecting to an external HTTP server” on page 287
Related tasks
“IBM Workplace Managed Client installation and configuration checklist for a
clustered environment” on page 317
“Creating provisioning and update preferences” on page 372
“AIX, Linux, and Solaris: Sequence of operations for a clustered-server
deployment” on page 44
“Windows: Sequence of operations for a clustered-server deployment” on page
52
“i5/OS: Sequence of operations for a clustered-server deployment” on page 58
“Connecting services on the provisioning server in a clustered environment” on
page 297
“Installing the provisioning server” on page 296
“Installing the Workplace Managed Client from a server” on page 358
“Creating an IBM productivity tools installation CD or site”
Creating an IBM productivity tools installation CD or site
Using a supplied script, the administrator can create an installation CD or HTTP
server site that users can use to install the IBM productivity tools, and the IBM
Workplace Managed Client framework needed to run those tools.
Note: Using the API documentation, you can also create other types of Workplace
Managed Client installation CDs.
Using the installation CD or HTTP server site, users can install the stand-alone
productivity tools without accessing the IBM Workplace Collaboration Services
server. Users can later (optionally) use the Help → Connect to Server feature to
354
Clustered-server Deployment Guide
connect to a server and provision their client from that server. They can also use
the Help → Check for Updates option to provision their client from a local site.
The supplied CD or HTTP server installation creation script searches for the
following three required files:
v file_list.txt file – This lists the bundles (features and plug-ins) needed to create
the local update site.
v install.xml manifest file – This specifies the features needed to provision the
application from the local update site.
v site.xml file – This describes the local update site.
The supplied installation CD or HTTP server creation script creates a target
directory structure that you can then burn onto a CD or place on the HTTP server:
v The installation executable (self-deploying installation program file)
setup_wct_platform.exe or setup_wct_platform.bin
This is the same installation executable used by the server-based Workplace
Managed Client.
v A deploy directory, containing the install.xml manifest file
The install.xml manifest file contains the information needed to restart the
application and the list of features and plug-ins that are part of the productivity
tools.
v An update site subdirectory, containing the features subdirectory, plug-ins
subdirectory, and site.xml file
The features and plug-ins directories apply to the productivity tools. The update
site directory acts as a local provisioning server.
For CD installation – Features and plug-ins will be placed on, and provisioned
from, the local update site directory on the CD. Once the user has installed the
Workplace Managed Client framework and productivity tools, provisioning is done
from the update site subdirectory on the CD or from a local directory on the
client’s hard drive.
For HTTP server installation – The administrator can configure the client to use an
HTTP server for provisioning.
A command-line script is supplied that will prompt you through the installation
creation process. The script will copy the appropriate features, plug-ins, markup
(.xml) files, and text files from a product directory to a temporary directory as an
image that can be burned to a CD or placed on the HTTP server.
v Use this procedure to create an installation CD for the productivity tools and
Workplace Managed Client framework.
v Use this procedure to create an installation site on an HTTP server for the
productivity tools and Workplace Managed Client framework.
Related concepts
“Installation overview” on page 2
Related tasks
“Installing the Workplace Managed Client framework and productivity tools
from CD-ROM” on page 361
“IBM Workplace Managed Client installation and configuration checklist for a
clustered environment” on page 317
“Configuring a trust certificate for IBM Workplace Managed Client” on page
341
Chapter 8 IBM Workplace Managed Client Installation and Configuration
355
Creating an IBM productivity tools installation CD
You can create an installation CD for your users that installs the IBM productivity
tools and the IBM Workplace Managed Client framework needed to run those
tools.
1. Install the IBM Workplace Collaboration Services server, including the
Workplace Managed Client provisioning server. This step is needed to obtain
needed features and plug-ins, and the CD scripts used to create the
productivity tools installation CD.
2. Place a formatted and blank CD in the CD-ROM drive.
3. On the server, browse to the scripts directory in which the CD installation
script resides.
Note: The scripts should reside in provision_server_root/htdocs/en_US/scripts,
where provision_server_root is the server on which the Workplace
Managed Client provisioning server was installed. The scripts directory
is created when you install the provisioning server. The IBMProdtools
subdirectory contains the supplied file_list.txt, install.xml, and site.xml
files.
4. Run the supplied CD creation script, either CDTool.bat for Microsoft Windows
or CDTool.sh for UNIX. For Windows, double-click on CDTool.bat or type
CDTool.bat in a command window and then press Enter. For UNIX,
double-click on CDTool.sh or type ./CDTool.sh in shell console and press
Enter.
Note: If you run the script in a command window you can use the optional
language switch, enabling you to run the script in a language of your
choice. For example, CDTool.bat fr or ./CDTool.sh fr runs the tool in
French. If the two letter language code that you enter is not recognized,
the script will run in English.
Note: If you run the Windows version of the CDTool.bat script in conjunction
with the French, German, Spanish, Italian, or Portuguese flag (fr, de, es,
it, or pt_BR), a call is made to the Windows registry to change the
console font. This is necessary to display some user output characters
from the corresponding language and is performed by calling the
reg.exe program that comes bundled with Windows XP. To use this
function in Windows 2000, first download the reg.exe program from
Microsoft and place it in the C:\WINNT\System32 folder.
5. When prompted to specify the subdirectory name containing the files needed
to create the image, type the following response: IBMProdtools
Note: IBMProdtools is the name of the supplied subdirectory that contains the
required scripts.
6. When prompted for the destination directory, type the folder path that will
contain the resultant CD installation files (in other words, the staging
directory). You can specify either a new or existing directory.
7. Respond to additional prompts to complete the creation of the CD installation
files.
8. When the installation file creation process is complete, change to the
destination directory that you specified in step 5. Ensure that the destination
directory contains a results subdirectory, which contains the following two
folders and files.
v deploy subdirectory -- This contains the install.xml file.
356
Clustered-server Deployment Guide
v updateSite subdirectory -- This contains the site.xml file, features folder, and
plugins folder.
v setup_wct_platform.bin file -- This file is used to install Workplace Managed
Client framework and productivity tools on the Linux platform.
v setup_wct_platform.exe file -- This file is used to install Workplace
Managed Client framework and productivity tools on the Windows
platform.
9. Copy the structure and contents of the destination directory (IBMProdtools) to
the CD.
10. Give the CD to your users and instruct them to install the Workplace
Managed Client framework and productivity tools as described below.
v For Windows: Double-click on setup_wct_platform.exe or type
setup_wct_platform.exe in a command prompt window and press Enter.
v For Linux: Double-click on setup_wct_platform.bin or type
./setup_wct_platform.bin in the shell console and press Enter.
Note: User installation instructions can be found in the Installing the
Workplace Managed Client framework and productivity tools from CD
topic.
Related tasks
“Creating an IBM productivity tools installation CD or site” on page 354
“Installing the Workplace Managed Client framework and productivity tools
from CD-ROM” on page 361
“IBM Workplace Managed Client installation and configuration checklist for a
clustered environment” on page 317
“Configuring a trust certificate for IBM Workplace Managed Client” on page
341
Creating an IBM productivity tools installation HTTP server site
You can create a bootstrap installation site that will enable users to install the IBM
productivity tools, and the IBM Workplace Managed Client framework needed to
run those tools, from an HTTP server.
Note: HTTP provisioning of the IBM productivity tools is supported with basic
HTTP authentication; it is not supported with SSL.
Note: User installation instructions can be found in the Installing the Workplace
Managed Client framework and productivity tools from an HTTP server
topic.
1. Install the IBM Workplace Collaboration Services server, including the
Workplace Managed Client provisioning server. This step is necessary to obtain
needed features, plug-ins, and the scripts used to create the productivity tools
installation site for the HTTP server.
2. On the server, browse to the scripts directory in which the installation script
resides.
Note: The scripts should reside in provision_server_root/htdocs/en_US/scripts,
where provision_server_root is the server on which the Workplace
Managed Client provisioning server was installed. The scripts directory
is created when you install the provisioning server. The IBMProdtools
Chapter 8 IBM Workplace Managed Client Installation and Configuration
357
subdirectory contains the supplied file_list.txt, install.xml, and site.xml
files. The files and folders to be placed on the HTTP server include the
following:
v deploy subdirectory -- This contains the install.xml file.
v updateSite subdirectory -- This contains the site.xml file, features
folder, and plugins folder.
v setup_wct_platform.bin file -- This file is used to install the Workplace
Managed Client framework and productivity tools on the Linux
platform.
v setup_wct_platform.exe file -- This file is used to install Workplace
Managed Client framework and productivity tools on the Windows
platform.
3. Run the CDTOOL.bat or CDTOOL.sh file. When prompted for a destination
directory in which to put the productivity tools files, enter a location on the
target HTTP server, for example updateSite.
4. After the script has finished copying the files to the HTTP server location, edit
each feature tag in the install.xml file so that the URL value points to the
subdirectory on the HTTP server that you specified in step 3, for example
updateSite. An example is shown below:
<feature id="com.ibm.lwp.wct.mymailcommon.feature" match="compatible"
version="1.5.1" url="http://www.mycompany/updateSite"/>
5. In the same directory as specified in step 3, add to or edit an existing
plugin_customization.ini file to contain the following key and value:
com.ibm.rcp.install.personality/defaulturl="URL_to_install.xml_file"
6. Create a self-extracting zip file to contain the setup_wct_platform.exe or
setup_wct_platform.bin and the plugin_customization.ini file.
7. Direct users to install from the HTTP server.
Related tasks
“Creating an IBM productivity tools installation CD or site” on page 354
“IBM Workplace Managed Client installation and configuration checklist for a
clustered environment” on page 317
“Configuring a trust certificate for IBM Workplace Managed Client” on page
341
Installing the Workplace Managed Client from a server
After the administrator installs the IBM Workplace Collaboration Services server
and the IBM Workplace Managed Client provisioning server and performs the
various configuration tasks in the checklist, the user can install Workplace
Managed Client on his or her workstation.
Note: Workplace Managed Client installation requires a Java plug-in installed in
the user’s Web browser in order for site-specific defaults to be automatically
provided to the installation screens. If users do not have a Java plug-in, the
client installation program is downloaded as a single executable file with no
defaults. To avoid this complication for your users, ensure that they have a
Java plug-in before they start Workplace Managed Client installation.
The installation screens display content in the language specified in the operating
system’s locale setting.
358
Clustered-server Deployment Guide
The instructions in the remainder of this topic are addressed to the Workplace
Managed Client user.
The installation described here is a three-step process. The first stage downloads
the Workplace Managed Client runtime bundle from a designated server or site
and installs it on your workstation. The second unbundles and installs all
Workplace Managed Client features and plug-ins on your workstation. The third
configures and enables specific features and plug-ins based on the user policy that
your administrator set for you.
Note: The installation program also installs the IBM productivity tools. If you have
installed a trial version of the productivity tools and Workplace Managed
Client framework, you do not need to install the Workplace Managed Client
with these steps. From the trial version click Help → Connect to Server and
enter your user name, password and Workplace Managed Client URL when
prompted. These will be provided to you by the administrator. This process
will convert the evaluation license to a production license.
To install the Workplace Managed Client on your desktop, perform the following
steps:
1. Start IBM Workplace Collaboration Services from your desktop and type your
user name and password when prompted.
2. Click the My Work tab.
3. Under Downloads, click IBM Workplace Managed Client.
4. Click Start Download.
Note: If Java is not enabled for your Web browser, clicking the link lets you
open the installation program directly or specify a location in which to
save it.
Note: Linux users may not be able to run the setup_wct_platform.bin
installation program because they do not have execution rights to the
.bin file. To reset execution rights for the installation program, Linux
users should save the installation executable to disk, then run the
following command:
chmod 755 setup_wct_platform.bin
5.
6.
7.
8.
Note: Linux users may be prompted to download the Mozilla Web browser or
specify its directory if the installation program cannot find it. If so
prompted, download the browser or specify its location and then click
Next to continue. Linux users who do not see the Mozilla installation
screen, or that receive a Mozilla error message, can see the Workplace
Collaboration Services Release Notes for current information.
Read the Welcome screen and click Next to continue.
Read the license agreement screen, accept the terms, and click Next to
continue.
Accept the default directory or specify a different directory in which to install
the Workplace Managed Client and click Next to continue.
If the specified directory contains an existing installation, you are prompted to
specify a different directory or to exit this installation program and work with
the existing installation.
Read the preview screen information for installation directory and product
size and click Next to continue.
Chapter 8 IBM Workplace Managed Client Installation and Configuration
359
The Workplace Managed Client runtime bundle will be installed from the
server to your local drive and then its features and plug-ins will be extracted
onto your system. This process may take several minutes.
9. When the setup installation summary screen appears, read the screen content
and click Next to continue the configuration process.
Note: If you click Cancel, the system will exit the installation program and
perform initial Workplace Managed Client configuration when you click
on the desktop icon later.
10. When prompted, enter your user name and password. Accept the default URL
unless instructed otherwise by your administrator. Click Next to continue.
11.
12.
13.
14.
Note: The Managed Client URL field is populated based on a setting your
administrator has established for you. It is used to access Workplace
Managed Client updates as they become available. Do not change this
value unless instructed by your administrator to do so.
Allow the system to perform verification and security tasks for you, such as
credential store configuration, download plug-ins and settings, and install the
features and capabilities to which you have access. This process may take
several minutes.
Unless instructed by your administrator, accept the default values in the Host
name and Port fields by clicking Next to continue.
When setup is complete, click Finish to exit the initial Workplace Managed
Client configuration program and continue with account setup or click Cancel
to exit and perform final account setup later.
When the Workplace Managed Client login screen appears, enter your
password as prompted. Click Options and be sure that Automatically connect
to network (work online) is enabled for this first login to the client. This part
of the process requires that the work online mode is selected. Optionally
enable the instant messaging options and click Log in to continue. Information
about these options appears in the Workplace Managed Client online help.
Note: Unless you have been told otherwise by your administrator, accept the
default values on the Connectivity screen. The connectivity settings
enable you to specify a different host server, port, and portal URL. The
host server is used to synchronize your rich client libraries and other
data with data on the server. Specifying a different server name may
result in lost libraries and malfunctions with mail, calendar, and
address book features. Changing the server value is only supported if
the server is known to be in a clustered environment sharing the same
data store. The port value corresponds to the setting on the Portal
server to which your rich client is connecting. The portal server is used
to supply client updates to your workstation. The host server and
Portal server may or may not be the same. The default host name and
port are specified by the administrator in the WebSphere Administrative
Console using the Servers → Application Servers → server name → End
Points → BOOTSTRAP_ADDRESS sequence.
15. If a security warning screen appears, and unless instructed otherwise by your
administrator, select to trust the certificate and click OK to continue.
Note: Selecting a trust option from the security warning screen adds a new
certificate and establishes trust to the server, thus enabling your system
360
Clustered-server Deployment Guide
to obtain capability updates as they become available. Your
administrator can also configure trust for you to suppress this screen in
the future.
Note: (SSL only) If a trust certificate appears, you must accept it within 60
seconds or a timeout will occur and cause an error.
16. When the setup process is complete you can begin working with the
Workplace Managed Client. For information about using Workplace Managed
Client capabilities, click Help → Help Contents
On Windows systems, the Workplace Managed Client applet wctpinstall-temp is
placed under c:\temp on the drive where the Windows operating system is
installed. If Windows is installed on the \d: drive, then the wctpinstall-temp
directory is placed under d:\temp. On Linux systems, the wctpinstall-temp
download applet is placed under /tmp. When you uninstall Workplace Managed
Client, the system removes the wctpinstall-temp directory. If you had installed a
second Workplace Managed Client instance on the same machine without first
uninstalling the previous version, an additional wctpinstall-temp directory was
created as wctpinstall-temp.1, and so on for each subsequent installation.
The Workplace Managed Client download applet places the installation program
on the disk. The installation program is named setup_wct_platform.exe or
setup_wct_platform.bin.
Related concepts
“Phase 8: IBM Workplace Managed Client installation and configuration” on
page 317
Related tasks
“IBM Workplace Managed Client installation and configuration checklist for a
clustered environment” on page 317
“Uninstalling the Workplace Managed Client from the user desktop” on page
388
“Configuring a trust certificate for IBM Workplace Managed Client” on page
341
“Installing the provisioning server” on page 296
Installing the Workplace Managed Client framework and
productivity tools from CD-ROM
You can install the IBM productivity tools and IBM Workplace Managed Client
framework using a CD-ROM that your administrator has created for you.
Note: If you have installed a trial-version of the productivity tools, you must
uninstall the trial version before installing the productivity tools. However,
you can have the trial-version installed and then click Help → Connect to
Server , which will convert the trial version productivity tools to a
production version and provide the Workplace Managed Client.
Note: The installation screens display content in the language specified in the
operating system’s locale setting.
Note: The instructions in this topic are addressed to the user.
Chapter 8 IBM Workplace Managed Client Installation and Configuration
361
To install the IBM productivity tools and IBM Workplace Managed Client
framework from the CD-ROM, perform the following steps:
1. Insert the CD into your desktop’s CD-ROM drive. The installation program will
start automatically or you can run the installation program as described below.
v For Microsoft Windows, double-click on setup_wct_platform.exe or type
setup_wct_platform.exe in a command prompt window and press Enter.
v For Linux, double-click on setup_wct_platform.bin or type
./setup_wct_platform.bin in the shell console and press Enter.
2. Read the Welcome screen and click Next to continue.
3. Read the license agreement screen, accept the terms, and click Next to continue.
4. Accept the default directory or specify a different directory in which to install
the Workplace Managed Client framework and click Next to continue.
Note: If the specified directory contains an existing installation, you are
informed how to cancel installation and work with the existing tools,
obtain updates, and/or install another instance. Click Back or Cancel as
needed.
5. Read the preview screen information for installation directory and product size
and click Next to continue.
The runtime bundle will be installed to your local drive and its features and
plug-ins will be extracted onto your system. This process may take several
minutes.
6. When the installation setup summary screen appears, click Next and respond
to all screen prompts.
Note: If you click Cancel, the system will exit the installation program and
perform initial configuration when you open the productivity tools later.
If the installation failed, information is provided as to why it failed and what
you should do next.
7. When the setup completion screen appears, click Finish to complete the
installation and configuration process and begin working with the productivity
tools to create a new document, spreadsheet, presentation, or project plan or
edit an existing file.
Note: Information about using the productivity tools appears in the Workplace
Managed Client framework and productivity tools online help.
Related concepts
“Provisioning Workplace Managed Client and productivity tools updates” on
page 371
Related tasks
“Creating an IBM productivity tools installation CD or site” on page 354
“Installing the provisioning server” on page 296
“Creating provisioning and update preferences” on page 372
Installing the Workplace Managed Client framework and
productivity tools from an HTTP server
You can install the IBM productivity tools and IBM Workplace Managed Client
framework using an HTTP server that your administrator has configured.
362
Clustered-server Deployment Guide
Note: HTTP provisioning of the productivity tools is supported with basic HTTP
authentication; it is not supported with SSL.
Installation is a three-step process. The first stage downloads the Workplace
Managed Client runtime bundle and installs it on your workstation. The second
unbundles and installs the Workplace Managed Client framework and productivity
tools features and plug-ins on your workstation. The third configures and enables
specific features and plug-ins.
1. From a browser window, enter the Web address from which to obtain the
installation files. Your administrator must provide this address.
2. Locate the self-extracting executable, created by your administrator, which
contains the platform-specific installation executable (either
setup_wct_platform.bin or setup_wct_platform.exe) and install.xml.
3. Copy the self-extracting executable to a local directory of your choosing and
run it.
4. Change to the local directory and start the platform-specific installation
program from a command line, using the following syntax to specify the path
to the install.xml deployment manifest file:
-W readDeployBean.deploymentManifestFile="URL_to_install.xml_file".
Note: The install.xml deployment manifest file path can be specified using a
local drive letter or a file or HTTP URL.
Note: If you download the setup_wct_platform.exe and the install.xml files,
the command syntax would be as shown below:
setup_wct_platform.exe -W
readDeployBean.deploymentManifestFile=install.xml
Note: If you follow the instructions in the API guide and download the
setup_wct_platform.exe and the plugin_customization.ini using a zip
file, the command line syntax would be as shown below:
setup_wct_platform.exe -W readDeployBean.deploymentManifestFile=
http://w3.abx.com/wmcgo/deploy/install.xml
5. Read the Welcome screen and click Next to continue.
6. Read the license agreement screen, accept the terms, and click Next to
continue.
7. Accept the default directory or specify a different directory in which to install
the Workplace Managed Client items and click Next to continue.
Note: If the specified directory contains an existing installation you are
informed how to cancel installation and work with the existing tools,
obtain updates, or install another instance. Click Back or Cancel as
needed.
8. Read the preview screen information for installation directory and product
size and click Next to continue.
The runtime bundle will be installed to your local drive and its features and
plug-ins will be extracted onto your system. This process may take several
minutes.
9. When the installation setup summary screen appears, click Next and respond
to all screen prompts.
Chapter 8 IBM Workplace Managed Client Installation and Configuration
363
Note: If you click Cancel, the system will exit the installation program and
perform initial configuration when you open the productivity tools
later.
If the installation failed, information is provided as to why it failed and what
you should do next.
10. When the setup completion screen appears, click Finish to complete the
installation and configuration process and begin working with the
productivity tools to create a new document, spreadsheet, presentation, or
project plan or edit an existing file.
Note: Information about using the productivity tools appears in the
Workplace Managed Client framework and productivity tools online
help.
Related concepts
“Provisioning Workplace Managed Client and productivity tools updates” on
page 371
Related tasks
“Creating an IBM productivity tools installation HTTP server site” on page 357
“Creating an IBM productivity tools installation CD or site” on page 354
“Installing the provisioning server” on page 296
“Creating provisioning and update preferences” on page 372
IBM Workplace Managed Client Version 2.6 Trial evaluation
readme
Last updated January 17, 2006
Copyright International Business Machines Corporation 2006. All rights reserved.
US Government Users Restricted Rights - Use, duplication or disclosure restricted
by GSA ADP Schedule Contract with IBM Corp.
Description
IBM Workplace Managed Client comes with a 180-day evaluation license that lets
you preview and explore the IBM productivity tools product at no charge. The
Workplace Managed Client Trial allows users to install the tools directly onto their
desktop.
You can install and start using the IBM productivity tools right away under the
evaluation license. To purchase a production license, contact your IBM
representative.
For system requirements, installation instructions, and information about how to
use the productivity tools, see the Workplace Collaboration Services Information
Center on the Web at http://www.ibm.com/developerworks/workplace/
documentation.html. For additional information, see the Workplace Collaboration
Services Release Notes.
Converting the evaluation license
When you purchase Workplace Managed Client, you can convert your trial version
to the fully licensed version by performing the following action to provision the
364
Clustered-server Deployment Guide
applications for the Workplace Managed Client and convert the trial client to a
Workplace Collaboration Services server-managed client.
1. From the trial version productivity tools menu, select Help → Connect to
Server.
2. When prompted, enter your user name and password and provide the URL of
the deployed Workplace Collaboration Services server, for example
http://yourservername/lwp/myworkplace.
Your administrator must provide you with a user name and password and should
configure a default provisioning server URL for you. This process will convert
your trial client to a production client.
Data migration
User preferences set in the trial version (using File → Preferences) are maintained
when you click Help → Connect to Server.
Installing the trial version Workplace Managed Client and
productivity tools
To install the trial version, perform the following steps.
1. Double-click the appropriate installer file, WMC2.6_Trial_Linux.tar for Linux or
WMC2.6_Trial_Win32.exe for Windows.
2. Use the installation screens to install the trial version.
3. Once installed, select one of the available productivity tools (Document,
Spreadsheet, Presentation, Project Plan, or Existing File) from the display and
click OK to begin work.
Information about the tools and their usage is available from the Help menu.
Note: Detailed instructions for installing the fully licensed version Workplace
Managed Client framework and productivity tools are located in the
Workplace Collaboration Services Information Center at
http://www.ibm.com/developerworks/workplace/documentation.html.
These instructions are a useful reference when installing the trial version.
Click Installation and upgrade → Phase 8: IBM Workplace Managed Client
installation and configuration for installation assistance.
Connecting to a server and obtaining feature updates
Provided that you have purchased the Workplace Managed Client, you can click
Help → Connect to Server to connect to a Workplace Collaboration Services
provisioning server and use the available Workplace Managed Client capabilities.
While you are connected to the server, your client obtains feature and capability
updates from the provisioning server.
Installing the fully licensed Workplace Managed Client and
productivity tools
After you purchase a fully licensed version of Workplace Managed Client and
productivity tools, you must uninstall the trial version before you can install the
fully licensed version.
Instructions for uninstalling the Workplace Managed Client and productivity tools
are located in the Workplace Collaboration Services Information Center at
Chapter 8 IBM Workplace Managed Client Installation and Configuration
365
http://www.ibm.com/developerworks/workplace/documentation.These
instructions are valid for both the productivity tools evaluation version and the
Workplace Managed Client. Clicking Installation and upgrade in a non-clustered
or clustered environment → Phase 8: IBM Workplace Managed Client installation
and configuration for uininstall assistance.
Contacting IBM support
Use the resource links at http://www-128.ibm.com/developerworks/lotus/
support/ to obtain support content and also to contact IBM directly.
Trademarks
IBM and i5/OS are trademarks of the IBM Corporation in the United States, other
countries, or both.
Intel is a registered trademark of Intel Corporation or its subsidiaries in the United
States and other countries.
Linux is a trademark of Linus Torvalds in the United States, other countries, or
both.
Microsoft and Windows are trademarks of Microsoft Corporation in the United
States, other countries, or both.
Other company, product, and service names may be trademarks or service marks
of others.
Implementing credential store and password recovery
capabilities
All administrators authorized to recover an IBM Workplace Collaboration Services
user’s credential stores share a single recovery administration public key. The
recovery block in the credential store contains the credential store storage key,
which has been encrypted using this public key. A copy of the public recovery
administration key is placed in the trusted root store, from where it is replicated to
a user’s client. Using the IBM WebSphere Application Server Administrative
Console, the administrator tags the key to identify it as a recovery administration
key.
When updating the credential store, the IBM Workplace Managed Client checks for
the presence of this key, and if it is present generates a recovery block in the
keystore file. This recovery block consists of the storage key encrypted under the
recovery administration key. The block is cached and is not recomputed unless the
administration key or the storage key is changed.
Credential store recovery requires that an administrator have access to the client
user’s credential store, along with the key file containing the private component of
the administration key (and its associated password). This key will allow the
recovery block in the credential store to be decrypted and a new password to be
set on the store.
The credential store recovery certificate is used to run a Java recovery tool
application on the client, primarily when the user forgets their Workplace Managed
Client password. Without the recovery key, the user can lose data stored in data
366
Clustered-server Deployment Guide
tables. This functionality creates key pairs with random numbers, creates a
certificate with a public key, and signs the certificate with a private key.
The details of how to configure for credential store recovery are documented in the
WebSphere Application Server Administrative Console help.
The administrator can use the credential store password recovery command line
tool to recover a user’s lost password.
Related concepts
“Installation overview” on page 2
Related tasks
“Configuring a trust certificate for IBM Workplace Managed Client” on page
341
Using the credential store password recovery command line tool
The credential store password recovery tool is a command-line utility that an
administrator can use to recover an IBM Workplace Managed Client user’s lost or
corrupted password. The administrator initially configures the trusted root store,
using an IBM WebSphere Administrative Console procedure, to configure the
administrator’s key for use in recovering the user’s keystore. This procedure must
be performed prior to running the command line tool described below. The
password recovery tool cannot recover the user’s credential store if the
administrator has not first performed the Administrative Console procedure.
The password recovery tool requires the following files and information to recover
the user’s credential store.
v The keystore containing the administrator’s key – configured using the
WebSphere Administrative Console on the server
v The user’s credential store (Credential.Store file) – the user must obtain this file
from his or her machine.
v The password for the keystore that contains the administrator’s key – configured
using the WebSphere Administrative Console on the server
v The new password for the user’s credential store (Credential.Store file)
You can run the password recovery tool on either the server or on your own
administrator client. By default, the tool assumes that you are running it on a
server. You may decide to run the tool on your client if your site has deployed the
unrestricted (long key length) policy on the server and client; the recovery tool
must be run on a platform that is using the same key policy as the client for which
the credential store is being recovered. If your site has upgraded the server to use
the unrestricted key policy, but not the user clients, you cannot perform the
recovery task from the server. (Note that attempting to do so will produce
recovered credential stores that clients using the restricted key policy will be
unable to decrypt). By default, the user client is configured with the restricted
(short key length) policy. If your user client has not been upgraded to use the
unrestricted (long key length) policy, you must run the command line utility from
an administrator client that is also using the restricted key policy. The platform on
which you run the recovery tool, either server or administrator client, must have
the same key policy as the user client that is going to use the recovered credential
store. If the server and clients are using the same key policy, then you can run the
tool on either the server or an administrator client.
Chapter 8 IBM Workplace Managed Client Installation and Configuration
367
A sample password recovery scenario and the steps required to recover a user’s
credential store are presented below. In this scenario, a user has forgotten her
Workplace Managed Client password and is unable to log in and work. She
contacts her administrator and asks him to assist in password recovery.
1. The user obtains her recovery administrator’s contact information by looking at
the recovery certificate on the Workplace Managed Client Security Preferences
screen on a peer’s machine.
2. The user contacts the recovery administrator and gives him her Credential.Store
file, which is located in her Workplace Managed Client home directory. (For
example, the default path in Windows is Documents and Settings\user\IBM\
RCP\id Number\Credential.Store).
3. (Server-based recovery only) The administrator checks that the variable
WAS_HOME on the server is set to the location at which the user’s
Credential.Store file resides (for example, Documents and Settings\user\IBM\
RCP\id Number\).
By default, the user client is configured with the restricted (short key length)
policy. If your user client has not been upgraded to use the unrestricted (long
key length) policy, set the JAVA path to that of an IBM Java Runtime
Environment (JRE) that uses a short key length policy.
Note: If the user client’s JRE version and the Java Virtual Machine (JVM)
version used by the command line utility are not same, for example one
might be using a restricted version of the Java Cryptography Extension
(JCE) and the other might not, the command line recovery tool may not
perform correctly. Set the JAVA path on the server to be the same as that
of the client’s JRE version.
4. (Administrator client-based recovery only) The administrator download and
installs Workplace Managed Client on the administrator client and then copies
the following recovery tool files from the server to a directory on that client:
v recovery tool script (RecoverPassword.bat or RecoverPassword.sh)
v recovery tool (workplace_server_root/lwp_ext/cacerts.jar)
v keystore file that contains the recovery key
Note: The recovery keystore and password should not be exposed on a user’s
client.
5. The administrator copies the user’s credential store file (Credential.Store) to a
temporary location on the system (server or administrator client) from which
you will run the recovery tool.
6. On your server or administrator client, the administrator starts the
RecoverPassword.bat or RecoverPassword.sh command line utility using the
following command syntax:
RecoverPassword{.bat|.sh} [client] [-clientroot client-installation ]
[-cacertsdir cacerts-dir]
(Administrator client-based recovery only) You must specify the Workplace
Managed Client installation directory (client-installation) and also where the
cacerts.jar file is located (cacerts-dir) if it is not in your working directory.
v The [client] parameter specifies that the script is running on the
administrator’s client. If you specify [clientroot] then [client] is assumed and
can be omitted.
v The [-clientroot] client-installation option specifies where the client is installed
on the administrator’s client. If omitted, it defaults to C:\Program
Files\IBM\Workplace Managed Client.
368
Clustered-server Deployment Guide
v The [-cacertsdir] cacerts-dir option specifies where cacerts.jar resides on the
administrator’s client. If omitted, it defaults to the current working directory.
Note: (Server-based recovery only) You do not need to use any of the [client]
options.
Respond to the following command line prompts:
v Enter the location of the keystore. A sample response is d:\keytest\
recoverykey.jks and relates to the user’s client.
v Enter the location of the user’s credential store. A sample response is
d:\keytest\Credential.Store and relates to the user’s client.
v Enter keystore password.
v Enter new password for the credential store.
Note: The passwords are not echoed on the screen.
Note: The new recovered credential store is located in the same location as the
old credential store.
7. The administrator asks the user to copy both the Credential.Store and
CredentialStore.bak files to the same location on the client machine where she
obtained the original Credential.Store file.
Note: The CredentialStore.bak file is basically a copy of the original
CredentialStore file.
8. The user starts the Workplace Managed Client and logs in using her new
password.
Related tasks
“Implementing credential store and password recovery capabilities” on page
366
Managing the client credential store recovery certificate
All administrators authorized to recover an IBM Workplace Collaboration Services
user’s credential stores share a single recovery administration public key. The
recovery block in the credential store contains the credential store storage key,
which has been encrypted using this public key. A copy of the public recovery
administration key is placed in the trusted root store, from where it is replicated to
clients. The key is tagged to identify it as a recovery administration key.
Click IBM Workplace software → Client Certificate Store. Scroll to the bottom of
the page. Click Manage Client Credential Store Recovery Certificate.
When updating the credential store, the IBM Workplace Managed Client checks for
the presence of this key, and if it is present generates a recovery block in the
keystore file. This recovery block consists of the storage key encrypted under the
recovery administration key. The block is cached and is not recomputed unless the
administration key or the storage key is changed.
Credential store recovery requires that an administrator has access to the client
user’s credential store, along with the key file containing the private component of
the administration key (and its associated password). This key will allow the
recovery block in the credential store to be decrypted and a new password to be
set on the store.
Chapter 8 IBM Workplace Managed Client Installation and Configuration
369
The credential store recovery certificate is used to run a Java recovery tool
application on the client, primarily when the user forgets their Workplace Managed
Client password. Without the recovery key, the user can lose data stored in data
tables. This functionality creates key pairs with random numbers, creates a
certificate with a public key, and signs the certificate with a private key.
This page can contain only one certificate. If no certificate has been created, the
Name field displays a None entry. You can click Generate Key to add a key to a
new or existing key store. You can also delete the key.
Note: When you create a keystore, make a backup copy of the file. Prior to
updating or deleting a keystore, ensure that you have a backup copy.
v Name -- Click a name to view certificate details.
v Generate Key -- Click to add a key to an existing keystore or create a new
keystore. This lets you generate a new key or replacement key for the client
credential store recovery keystore. If you select this option and the table contains
no certificate, a new key will be generated. If a key exists, you will be prompted
to add to the existing key store. Click OK to add the key to an existing keystore;
click Cancel to create the key and keystore.
v Delete -- Click to review explanatory text and then click OK to delete the
certificate.
Note: If you delete this certificate you will be unable to recover user credential
store. Users who forget their password may lose data.
Note: When you create a keystore, you should make a backup copy of the file.
Prior to updating or deleting a keystore, you should ensure that you have a
backup copy.
Related reference
“Generate a key”
“Generate a key in a new or existing keystore”
Generate a key
Click IBM Workplace software → Client Certificate Store → Manage Client
Credential Store Recovery Certificate → Generate Key to generate a new key or
replacement key for the credential store recovery keystore.
If you select this option and the table contains no certificate, a new key will be
generated. If a key exists, you will be prompted to add to the existing keystore.
v Existing Keystore -- Click to create a new key in the existing keystore.
v New Keystore -- Click to create a new key and a new keystore.
v Cancel -- Click to return to the previous page.
Generate a key in a new or existing keystore
Click IBM Workplace software → Client Certificate Store → Manage Client
Credential Store Recovery Certificate → Generate Key → Existing Keystore or New
Keystore
You can generate a new or replacement key for the client credential store recovery
keystore.
370
Clustered-server Deployment Guide
When you click OK to update an existing keystore, you are prompted to
acknowledge and confirm that the key will replace the existing recovery certificate.
If this is acceptable, click OK again; if not, click Cancel.
Certificate Name
Specify the label to attach to the recovery certificate. The information in this field
can be edited on the certificate details page.
User ID
This read-only field displays the user name of the administrator who is currently
logged in and is creating this recovery key. This administrator will be associated
with the recovery certificate.
File Path
Specify the file name and location of the keystore. If you are updating or replacing
an existing keystore, make a backup copy of the Java keystore file now, before
proceeding.
Note: When generating a new key store, specify the file path to the Java keystore
file, for example C:\WebSphere\WorkplaceServer\security\recoverykey.jks.
The file path specified is for the server file system, not the client.
Password
Specify the password used to access the keystore. If you are updating an existing
keystore, this field contains the existing password used to access the keystore. If
you are creating a new keystore, specify the password required to access it.
Confirm Password
Reenter the password used to access the keystore.
Contact Information
Specify relevant contact information, such as your e-mail address and phone
number, that will enable users to recognize your association with the keystore and
contact you if they need to perform recovery.
Note: This field value appears in several places, including confirmation, warning,
and information messages and pages.
Provisioning Workplace Managed Client and productivity tools
updates
IBM Workplace Managed Client and IBM productivity tools feature and plug-in
updates can be supplied to the client from a provisioning server or site in several
ways, depending on the user’s configuration.
Workplace Managed Client
For a Workplace Managed Client that was installed using the server-based
download and installation procedure, the client system checks a provisioning
Chapter 8 IBM Workplace Managed Client Installation and Configuration
371
server for updates after the user starts Workplace Managed Client or IBM
productivity tools and periodically according to a preset time interval.
Administrators can set the following preference values:
v At install time, whether to stop provisioning when a problem occurs or continue
provisioning
v Time interval at which to check for updates
v Location of provisioning server
Note: In a non-clustered environment, administrators can also update server-based
client systems using the IBM WebSphere Everyplace® Device Manager.
To accommodate users who are updating from one release to another, you can
force the system to provision the new features, plugins, and updates prior to
checking the provisioning server for updates.
The provisioning server or site will supply any additional capabilities, including
updated features and plug-ins, that have been configured in the user’s policy.
Productivity tools
For a Workplace Managed Client framework and productivity tools that were
installed from CD or from an HTTP server, feature updates can be obtained from
the same location from which the features were originally installed .
Administrators can set the following preference value:
v At install time, whether to stop provisioning when a problem occurs or
continue provisioning
IBM productivity tools users can check for updates by clicking Help → Check for
Updates. For clients installed from CD, this action will look for updates using a
new CD, provided by the administrator, that contains an updated install.xml file
and updated update site. For HTTP server-installed clients, this action will look for
updates on an HTTP server. Users can check a provisioning server on another
machine by clicking Help → Connect to Server, responding to the login prompt,
and responding, if prompted, to a Host, Port, and URL provisioning server address
prompt. Once the user has connected to a server, her system will automatically
check that server for updates as described in the Workplace Managed Client
section above.
Related tasks
“IBM Workplace Managed Client installation and configuration checklist for a
clustered environment” on page 317
“Installing the provisioning server” on page 296
“Creating provisioning and update preferences”
“Installing the Workplace Managed Client from a server” on page 358
“Installing the Workplace Managed Client framework and productivity tools
from CD-ROM” on page 361
Creating provisioning and update preferences
You can set certain update preferences for IBM Workplace Managed Client and
IBM productivity tools users.
372
Clustered-server Deployment Guide
When the user installs Workplace Managed Client from a server, the download
applet creates a plugin_customization.ini file dynamically from information
contained in the applet’s pluginvalues.props file. The applet places a generated
plugin_customization.ini next to the installation program. The installation program
then merges the generated plugin_customization.ini with the platform default
plugin_customization.ini file. For example, if the hostname value is set in the
server’s pluginvalues.props file, then that value is downloaded to the client and
the Host name field is automatically populated during Workplace Managed Client
installation.
For the stand-alone productivity tools installed from CD, the system does not
download such an applet. The administrator must define the desired update
settings in a plugin_customization.ini before creating the installation CD.
Workplace Collaboration Services server-based provisioning for Workplace
Managed Client and productivity tools:
To set update preferences for the server-based client, open the pluginvalues.props
file on your server in the following directory:
workplace_server_root/installedApps/servername/
wctInstall.ear/wctinstall.war.
Edit the pluginvalues.props file, being sure to preface all parameters with
″plugin_customization″.
The available parameters are described in the following list:
v
v
v
v
Setting
Setting
Setting
Setting
the
the
the
the
default provisioning site for the CD or HTTP server-installed client
provisioning process to continue even if an error occurs
wait time for the first update in the session
wait time for subsequent updates in the session
v Forcing new feature provisioning when updating from one release to another
Also see additional pluginvalues.props setting options in Setting Workplace
Managed Client installation program defaults.
Stand-alone (CD or HTTP-based) provisioning for productivity tools:
To set update preferences for the stand-alone client, place a file named
plugin_customization.ini in the same directory from which you will run the
setup_wct_platform.exe/bin installation program. Edit the plugin_customization.ini
file. Do not preface any parameters in the .ini file with ″plugin_customization″.
The available parameters are described in the following list:
v Setting the default provisioning site for the CD or HTTP server-installed client
v Setting the provisioning process to continue even if an error occurs
Related concepts
“Provisioning Workplace Managed Client and productivity tools updates” on
page 371
Related tasks
“IBM Workplace Managed Client installation and configuration checklist for a
clustered environment” on page 317
“Installing the provisioning server” on page 296
Chapter 8 IBM Workplace Managed Client Installation and Configuration
373
Setting the default provisioning server parameter
You can set the default provisioning server address for a server-based installation
of IBM Workplace Managed Client. You can also set the default provisioning server
for a CD-based or HTTP server-based stand-alone IBM productivity tools
installation and the Workplace Managed Client framework that supports the
productivity tools.
IBM Workplace Collaboration Services server-based provisioning for Workplace
Managed Client and productivity tools:
To set the default provisioning server for the server-based client, open the
pluginvalues.props file on your server in the following directory:
workplace_server_root/installedApps/servername/
wctInstall.ear/wctinstall.war.
Set the defaulturl parameter using the following line, where the italics represent the
name of the default provisioning server:
plugin_customization.com.ibm.workplace.configuration/defaulturl=
http://servername/lwp/myworkplace
Note: This setting specifies the provisioning server from which the Workplace
Managed Client will obtain features during install and update. Change this
URL value only if needed. You may want to change this parameter and
place it in a plugin_customization.ini file because it will pre-populate the
provisioning URL value when the productivity tools users connect to a
server. You can change this parameter if users will be connecting to a
Workplace Collaboration Services server in the future, and if you know the
name of that server. The value specifies the server from which to provision
the Workplace Managed Client.
Note: By default, the Host name value on the installation screens defaults to the
full DNS name of the system from which the client installation program was
downloaded, including the HTTP or HTTPS port number that was specified
in the download. Set this parameter only if the provisioning server is not the
server from which the user downloaded the client installation program. For
details see Setting Workplace Managed Client installation program defaults.
Stand-alone (CD or HTTP-based) provisioning for productivity tools:
To set the default provisioning server that the productivity tools client will connect
to when the user clicks Help → Connect to Server, place a file named
plugin_customization.ini in the same directory from which you will run the
setup_wct_platform.exe/bin installation program. Open the
plugin_customization.ini file in preparation for editing it.
Set the defaulturl parameter using the following line, where the italics represent the
name of the default provisioning server:
com.ibm.workplace.configuration/defaulturl=http://servername/lwp/myworkplace
Use the example below as a guide:
com.ibm.workplace.configuration/defaulturl=http://abx.dev.bcy.com:9080/
lwp/myworkplace
Host name and port value defaults for provisioning server installation:
374
Clustered-server Deployment Guide
To set the Host and Port defaults, first open the pluginvalues.props file on your
server in the following directory:
workplace_server_root//installedApps/servername/wctInstall.ear/
wctinstall.war
To set the server name (Host) default for use during provisioning server
installation, set the remote.server value using the example below as a guide:
com.ibm.workplace.security/com.ibm.wkplc.remote.server.name=servername
To set the Port value default for use during provisioning server installation, set the
port value using the example below as a guide:
com.ibm.workplace.security/com.ibm.wkplc.remote.server.port=2811
Related concepts
“Provisioning Workplace Managed Client and productivity tools updates” on
page 371
Related tasks
“Creating provisioning and update preferences” on page 372
Setting the provisioning process to continue if an error occurs
You can set IBM Workplace Managed Client or IBM productivity tools provisioning
to either continue or to stop in the event that an error occurs during the
provisioning process. By default, the provisioning process will stop if an error
occurs. However, if you set the provisioning process to continue, you must inform
the user that when he starts the client, he must manually initiate provisioning by
checking for updates (using the stand-alone productivity tools option Help →
Check for Updates ) or else wait the preset-time interval for the client to
automatically check for updates (if using the Workplace Managed Client). If any
errors are encountered, the user can see the errors in an error dialog.
IBM Workplace Collaboration Services server-based provisioning for Workplace
Managed Client and productivity tools:
To set the provisioning continuation settings for a server-based client, open the
pluginvalues.props file on your server in the directory workplace_server_root/
installedApps/servername/wctInstall.ear/wctinstall.war.
To configure provisioning to continue when it encounters an error, set the
allowPartialResults parameter to true using the following line:
plugin_customization.com.ibm.rcp.provisioning/com.ibm.rcp.managed.
provisioning.allowPartialResults=true
To configure provisioning to stop when it encounters an error, set the
allowPartialResults parameter to false using the following line:
plugin_customization.com.ibm.rcp.provisioning/com.ibm.rcp.managed.
provisioning.allowPartialResults=false
Stand-alone (CD or HTTP-based) provisioning for productivity tools:
To set the provisioning continuation settings for a stand-alone client, place a file
named plugin_customization.ini in the same directory from which you will run the
setup_wct_platform.exe/bin installation program. Open the
plugin_customization.inifile file in preparation for editing it.
Chapter 8 IBM Workplace Managed Client Installation and Configuration
375
To configure provisioning to continue when it encounters an error, set the
allowPartialResults parameter to true using the following line:
com.ibm.rcp.provisioning/com.ibm.rcp.managed.provisioning.
allowPartialResults=true
To configure provisioning to stop when it encounters an error, set the
allowPartialResults parameter to false using the following line:
com.ibm.rcp.provisioning/com.ibm.rcp.managed.provisioning.
allowPartialResults=false
For a CD or HTTP provisioned client using the productivity tools, you may want
to set this value to false. This will allow for the creation of a productivity tools
setup shortcut, which will allow a user to re-initiate provisioning later.
Related concepts
“Provisioning Workplace Managed Client and productivity tools updates” on
page 371
Related tasks
“Creating provisioning and update preferences” on page 372
Setting the initial update interval
You can set the initial time interval for the system to check the provisioning server
for updates. The value is measured from when the user starts the IBM Workplace
Managed Client. Scheduled updates do not occur in the IBM productivity tools.
The default the initial update interval is three minutes after the users starts the
Workplace Managed Client. The value is measured in milliseconds (3*60*1000).
To set the initial update interval for the Workplace Managed Client, open the
pluginvalues.props file on your server in the following directory:
workplace_server_root/installedApps/servername/
wctInstall.ear/wctinstall.war
Set the firstwaittime parameter using the following line (default value shown):
plugin_customization.com.ibm.rcp.pagebuilder/pagebuilder.cache.job.
firstwaittime=180000
Related concepts
“Provisioning Workplace Managed Client and productivity tools updates” on
page 371
Related tasks
“Creating provisioning and update preferences” on page 372
Setting the periodic update interval
You can set a time interval for the system to check the provisioning server for
updates. This interval is measured from when the initial update (typically initiated
three minutes after the users starts the Workplace Managed Client) completes.
Scheduled updates do not occur in the IBM productivity tools.
The default update interval is twenty-four hours; meaning the Workplace Managed
Client checks the provisioning server for updates twenty-four hours after initial
update and every twenty-four hours subsequently for the duration of the work
session. The value is measured in milliseconds (60*60*1000*24).
376
Clustered-server Deployment Guide
To set the periodic update interval for the Workplace Managed Client, open the
pluginvalues.props file on your server in the following directory:
workplace_server_root/installedApps/servername/
wctInstall.ear/wctinstall.war
Set the interval parameter using the following line (default value shown):
plugin_customization.com.ibm.rcp.pagebuilder/pagebuilder.cache.job.
interval=86400000
Related concepts
“Provisioning Workplace Managed Client and productivity tools updates” on
page 371
Related tasks
“Creating provisioning and update preferences” on page 372
Setting to provision new release features and updates
You can change an administrative preference in the server’s requirements.xml file
prior to installing a post 2.6 release or fix pack to force the user’s client to upgrade
to the new features before allowing any existing client application updates to
execute. Ideally, you should change this setting several days prior to installing the
new release or fix pack on the server.
For example, before you deploy the new (post 2.6) provisioning server, change the
preference forceRCPMLFetchOnStartupTarget preference in the requirements.xml
file to one integer higher than previously set (the default is 0). Wait a few days for
clients to retrieve the new setting. Deploy the post 2.6 provisioning server. When
the user starts the IBM Workplace Managed Client, the client will try to provision
the new (post release 2.6) features, plugins, and updates immediately after the user
logs in. The new (post release 2.6) features are provisioned before the old (release
2.6) applications are executed, thus preventing a situation of unusable applications
due to backward compatibility constraints.
1. Log in to the IBM Workplace Collaboration Services server as an administrator.
2. Find and open the requirements.xml file in the following location:
workplace_server_root/installedApps/cell_name/
wps.ear/wps.war/themes/rcpml/requirements.xml
3. Change the com.ibm.rcp.managed.provisioning/
forceRCPMLFetchOnStartupTarget line in the requirements.xml file by
incrementing its value by 1.
com.ibm.rcp.managed.provisioning.personality/
forceRCPMLFetchOnStartupTarget=n + 1
where n is the current value and n+1 is the new value (as incremented by 1)
Note: com.ibm.rcp.managed.provisioning/forceRCPMLFetchOnStartupTarget is
a preference pushed down from the server. The preference will contain
an integer representing the number of times that the administrator has
forced upgrades to occur. com.ibm.rcp.managed.provisioning/
forceRCPMLFetchOnStartupCurrent is a preference maintained by the
client indicating the number of updates it has performed. This preference
is an integer representing the number of times the client has upgraded
while forceUpgradeOnStartup has been enabled.
4. Save the requirements.xml file.
Related concepts
Chapter 8 IBM Workplace Managed Client Installation and Configuration
377
“Provisioning Workplace Managed Client and productivity tools updates” on
page 371
Related tasks
“Creating provisioning and update preferences” on page 372
Upgrading the Workplace Managed Client from one release to
another
Each time a user starts the IBM Workplace Managed Client, the system checks the
provisioning server to determine if there are updates available. If updates are
available, or if user policy settings have changed, the user is prompted to update
his client. This is also true when the user, while active and working online in the
Workplace Managed Client, selects an application from the switcher bar. Typically
the system checks for updates three minutes after starting the Workplace Managed
Client and then subsequently using an update interval set by the administrator or
the default 24 hour interval.
Feature and plug-in update is associated to user policy settings. User policy
settings are downloaded from the server to a file (RCPML file format) on client
desktops. The RCPML file is an integral part of the update and release upgrade
process.
Note: RCPML is a programmatic markup language used internally to set client
capabilities for a user or user group. For example, user policy information
established in the WebSphere Application Server Administrative Console is
transferred to the user’s desktop as RCPML settings. This type of RCPML
controls, for example, which Workplace Managed Client feature capabilities
a particular user or user group is authorized to use.
If you have enabled the Workplace Managed Client for users, you must upgrade
the Workplace Managed Client provisioning server from the old release to the new
release. Upgrading the provisioning server to the latest release will enable each
user’s Workplace Managed Client installation to provision the client with the latest
features and plug-ins when the client connects to the provisioning server for
updates.
For Workplace Managed Client user -- After the administrator upgrades the
provisioning server, the user should log in to the Workplace Managed Client to
access the latest Workplace Managed Client capabilities. The user should not
uninstall an old release and install a new release in order to access the latest
capabilities.
For Workplace Managed Client administrator -- To upgrade to a new Workplace
Managed Client release, uninstall the provisioning server and install the latest
version provisioning server.
In a single server deployment, if all provisioning server components are on the
Portal server, uninstall the old release and install the new release provisioning
server using the uninstall and install instructions provided in the Information
Center help system using the related links at the bottom of this page.
v In a single server deployment, if all provisioning server components are on the
Portal server then uninstall everything.
378
Clustered-server Deployment Guide
v In a single server deployment, if the provisioning server components are on the
Portal server and the HTTP components are on a separate server HTTP server
then uninstall both separately.
v After uninstalling the provisioning server from the Portal server, check that the
wctinstall and wctplaceholder items are no longer resident in the enterprise
applications. If they still remain, they should be uninstalled using the
WebSphere administrative console.
Note: The administrator may need to apply an iFix or fix pack from the IBM
software support site.
Note: Additional provisioning server upgrade instructions may be found in the
release notes and in the Upgrade section of this Information Center help
system.
To upgrade the provisioning server in a clustered environment, perform the
following tasks:
1. Locate the archive copy of wps.ear. Make a backup copy of this version of the
wps.ear in case you need to roll back the upgrade to the original 2.5.1 version.
Note: To locate this copy, view the properties for the wps application in the
WebSphere Administrative Console and find the value of the
Application Binaries field. This will be something like
$(APP_INSTALL_ROOT)/cell_name/wps.ear (or app_server_root/config/
cells/cell_name/applications/wps.ear/wps.ear) where cell_name is the
name of the cell created for the Workplace Collaboration Services
servers. On the primary node (Node 1) the value of
APP_INSTALL_ROOT is normally the AppServer/installApps
subdirectory of where you have installed WebSphere.
2. On the HTTP server, uninstall the 2.5.1 Workplace Managed Client
provisioning server and select only the following customized options from the
Custom Install panel:
Update bundles (installed on HTTP server)
License files
Installation files (installed on HTTP server)
Note: If you have multiple HTTP servers, repeat the above steps on each
server.
3. Install the Workplace Managed Client provisioning server and select only the
following customized options from the Custom Install panel:
Update bundles (installed on HTTP server)
Installation files (installed on HTTP server)
CD script to create installation disks (installed on HTTP server)
Note: Selecting these options installs the update bundles and bootstrap
installer.
4. Verify that the bundles are placed in IBMHttpServer\htdocs\en_US\
lwpupdate\wct and that setup_wct_platform.exe and setup_wct_platform.bin
are placed in directory IBM HTTP server\htdocs\en_US\lwpinstall\wct.
5. If you have multiple HTTP servers, repeat the above steps 1-3 on each server
or copy the updated content from the server where the updates have been
installed to the remaining servers.
Chapter 8 IBM Workplace Managed Client Installation and Configuration
379
6. On all nodes, verify that the files cmm.jar and cmmImpl.jar exist in
app_server_root/lib and that they are exactly the same versions as cmm.jar and
cmmImpl.jar on the Deployment Manager in deploy_manager_root/lib. If either
or both are missing or differ from those on the Deployment Manager, then
copy cmm.jar and cmmImpl.jar from the Deployment Manager to each node.
7. On all nodes, verify that the cluster name WebSphere_Portal cluster is of the
same value as the key wps.appserver.name in portal_server_root/shared/app/
config/services/DeploymentService.properties cluster name.
8. Make sure that all Node 1 node agents and the Web Portal Server are running.
Then, on Node 1, uninstall the Workplace Managed Client provisioning server
and select only the following customized options from the Custom install
panel:
WebSphere Portal content (deployed to WebSphere Portal server)
IBM Workplace Managed Client content
9. Check the WebSphere Administrative Console on the Deployment Manager
under Enterprise Applications. If the application wctplaceholder (which will
have a suffix such as _PA_1_0_IP ) is still installed, use the Administrative
Console to uninstall it.
10. Perform synchronization and then check the synchronization log file at
app_server_root/logs/nodeagent/SystemOut.log to determine that the
synchronization has completed. Look for something similar to the following
log entry: Successful synch: [10/11/06 22:09:58:328 EDT] 2d3f3487
NodeSyncTask A ADMS0003I: Configuration synchronization completed
successfully.
11. Uninstall the wctinstall.war application on the Deployment Manager by
following these steps:
a. Open the WebSphere Administration Console
b. Click Applications → Enterprise applications.
c. Select wctinstall.war and stop the application
d. Once the application has successfully stopped, select wctinstall.war and
uninstall the application.
e. Click OK or Apply and then Save.
12. Again, ascertain the location of wps.ear, which should be
app_server_root/config/cells/cell_name/applications/wps.ear/wps.ear.
Depending on the date on which wps.ear was last updated, cell_name may
either be the name of the Deployment Manager server (for example,
MyDMNetwork) or the name of the primary node. Any errors in updating
wps.ear are noted in WorkplaceManagedClientServerInstall>/logs/
repackageWpsEarLog.txt and WorkplaceManagedClientServerInstall>/logs/
repackageWpsEarErr.txt.
13. With the node agent on Node 1 and the WebSphere Portal Server running,
install the Workplace Managed Client provisioning server on Node 1 and
select only the following customized options from the Custom install panel:
Note: When asked to enter the cell name where wps.ear exists, enter the cell
name from step 12.
WebSphere Portal content (deployed to WebSphere Portal server)
IBM Workplace Managed Client content
14. Perform a full synchronization from the Deployment Manager and then check
the synchronization log file at app_server_root/logs/nodeagent/SystemOut.log.
Look for something similar to the following log entry: Successful synch:
380
Clustered-server Deployment Guide
[10/11/06 22:09:58:328 EDT] 2d3f3487 NodeSyncTask A ADMS0003I:
Configuration synchronization completed successfully. All nodes should
now be running and synchronized.
15. Activate the RCPML portlets associated with wctplaceholder.war,
lwp.dbtoolsPortlets.war, webconfplaceholder.war, and learningplaceholder.war.
a. Log in to the Portal Application Server as an administrator.
b. Click the Administrator link.
c. Click Portlets.
d. Click Manage Applications.
e. Select the four .war files, and activate the portlets that are displayed.
16. On Node 1 (where the provisioning server was installed in step 13), copy the
wctinstall.war file found in app_server_root/installableApps/wctinstall.war, to
the Deployment Manager directory deploy_manager_root/WebSphere/
DeploymentManager/installableApps.
17. Deploy wctinstall.war as follows:
a. Open the WebSphere Application Console.
b. Click Expand Applications.
c. Click Enterprise Applications.
d. Click Install Application.
e. In the local path, type the location to which you copied wctinstall.war in a
previous step and then click Next.
f. Specify the context root as /lwp/downloads/wct and then click Next.
g. Click Generate Default Bindings and then click Next.
h. Choose the default name (wctinstall_war) or enter wctinstall. Use the same
name that you specified when you installed the provisioning server.
Typically, this name is wctinstall.
i. Accept all defaults. In Map modules, make sure that wctinstall.war is
mapped to the cluster.
j. Save the configuration.
k. Click Enterprise Applications and select wctinstall (or the name you
specified in step e.) and then start the application
l. Click Environment → Update Webserver plugin and click OK.
Note: If wctinstall fails to start, you must restart the cluster. Verify that the
application has been installed correctly by checking the address
http://hostname/lwp/downloads/wct to verify the download applet
URL.
18. The newly installed wctinstall.war contains properties files that must be
copied to and updated on the remote HTTP server as specified in the
following substeps:
a. On the HTTP server machine, create the http_server_root\htdocs\en_US\
wctprops directory.
b. From Node 1, or the system on which you installed the latest version
Workplace Managed Client provisioning server, copy fileList.props,
pluginvalues.props and token-values.props from app_server_root\
installed_apps\yourNode\wctInstall.ear\wctinstall.war to the HTTP server
http_server_root\htdocs\en_US\wctprops directory.
c. On the HTTP server machine, update the token-values.props file to change
the value of ’host=getParameter’ to host=http://
dispatcher_cluster.notesdev.ibm.com and change the value of
Chapter 8 IBM Workplace Managed Client Installation and Configuration
381
’host-name=getParameter’ to hostname=dispatcher_cluster.notesdev.ibm.com.
Note: For related information, see the Workplace Collaboration Services
installation section ″Chapter/Phase 6.″ The topic in which the .props
file are described is entitled ″Connecting services on the
provisioning server in a clustered environment″.
Sample resultant settings are as below:
v host=http://dispatcher_cluster.notesdev.ibm.com
v host-name=dispatcher_cluster.notesdev.ibm.com
d. On the HTTP server machine, update the pluginvalues.props file.
Change the value of ’plugin_customization.com.ibm.workplace.security/
com.ibm.wkplc.remote.server.name=$host-name$’
to
plugin_customization.com.ibm.workplace.security/
com.ibm.wkplc.remote.server.name=fully qualified DNS address of your
dispatcher cluster.
Also add the following two lines to the pluginvalues.props file:
plugin_customization.com.ibm.workplace.security/
com.ibm.wkplc.remote.server.port=The bootstrap port of the nodeagents
and
plugin_customization.SIPSERVER=fully qualified dns name of the host
providing SIP services (This should be your dispatcher cluster.)
Sample resultant settings are as below:
v plugin_customization.com.ibm.workplace.security/
com.ibm.wkplc.remote.server.name
=dispatcher_cluster.notesdev.ibm.com
v plugin_customization.com.ibm.workplace.security/
com.ibm.wkplc.remote.server.port
=2809The bootstrap port of the nodeagents
v plugin_customization.SIPSERVER
=dispatcher_cluster.notesdev.ibm.com
e. On the HTTP server machine, leave the fileList.props as is; it does not
need to be updated.
19. Ensure that all nodes are synchronized by opening the System
Administration/Nodes page and making sure all node agents for all nodes in
the cluster are running. Select all nodes and click Full Resynchronize. This
operation may take several minutes to complete.
20. Redeploy wps.ear on the Deployment Manager as follows:
a. Update the workplace_server_root/install/installDM.properties on the
Deployment Manager, based on the values for your organization’s
deployment, using the information in the Workplace Collaboration Services
installation section ″Chapter/Phase 9.″ The topics in which the
installDM.properties file is described are entitled ″Adding Node 1...″ and
″Adding subsequent nodes...″.
b. Copy the wps.ear file from Node 1 (typically /opt/IBM/Workplace/
AppServer/config/cells/applications/wps.ear/wps.ear) to
/opt/WebSphere/DeploymentManager/installableApps.
c. Run the wct-dm-config target using the following syntax:
Windows:lwpDMconfig.bat wct-dm-config
Linux:lwpDMconfig.sh wct-dm-config
382
Clustered-server Deployment Guide
Note: The Deployment Manager and node agents should be started before
running the wct-dm-config target.
d. Perform a full synchronization of all nodes.
e. Restart WebSphere Portal on each node.
21. Verify that all URL providers are created properly using the following steps:
a. Log in as the WebSphere Application Server administrator.
b. Click Resources → URL Providers.
c. Clear any values from Node or Server fields and click Apply.
d. Click Default URL Provider.
e. Open the Additional properties section and click URLs.
f. Verify that the URL providers are set as below and create or correct to
reflect the following content.
Name
JNDI Name
Description
Specification
Workplace Client
Installer download
server
url/lwpprovisioning
server
Workplace Client
Installer download
server
http://dns address of
http server/Edge
ServerDispatcher
Workplace Client
provisioning server
url/
wctprovisioningurl
Workplace Client
provisioning server
http://dns address of
http server/Edge
ServerDispatcher/
lwpupdate/wct/
site.xml
Workplace Client
plugin values
url/wctpinstallpluginvalues
PluginValue
properties file
http://dns address of
http server/Edge
ServerDispatcher/
wctprops/
pluginvalues.props
Workplace Client
token values
url/wctpinstalltokenValues
TokenValue
properties file
http://dns address of
http server/Edge
ServerDispatcher/
wctprops/tokenvalues.props
Workplace Client
files list
url/wctpinstallfilesList
Install file list
http://dns address of
http server/Edge
ServerDispatcher/
wctprops/filesList
22. On Node 1, copy WPS_home/shared/app/rcpportal.jar and
WPS_home/shared/app/WEB-INF\tld\rcpportal.tld in the Portal_server
directory to all other nodes in the cluster.
23. Update the HTTP server plug-in, using the following steps:
a. Open the WebSphere Administrative Console.
b. Click Environment → Update Web Server plugin.
c. Click OK.
24. Copy the plug-in.xml to the HTTP server.
25. Change all the DeploymentManager instances to AppServer in the HTTP
server’s plug-in.xml file.
26. Reboot the HTTP server.
The next time that the user starts the Workplace Managed Client, she will be
provisioned with the latest release Workplace Managed Client capabilities.
Related tasks
Chapter 8 IBM Workplace Managed Client Installation and Configuration
383
“IBM Workplace Managed Client installation and configuration checklist for a
clustered environment” on page 317
“Updating the Workplace Managed Client using WebSphere Everyplace Device
Manager”
“Updating Workplace Managed Client configuration files for a clustered
environment” on page 442
“Uninstalling the Workplace Managed Client provisioning server” on page 390
“Installing and configuring the provisioning server in a clustered environment”
on page 320
Updating the Workplace Managed Client using WebSphere
Everyplace Device Manager
You can use the IBM WebSphere Everyplace Device Manager (WEDM) to provision
feature and plug-in updates to existing IBM Workplace Managed Client desktops
in a single-server deployment. WebSphere Everyplace Device Manager enables you
to push new and updated features to client desktops by creating a software
distribution job using the WebSphere Everyplace Device Manager Administrative
Console. Please see the WebSphere Everyplace Device Manager server Information
Center for related information, including WebSphere Everyplace Device Manager
installation requirements.
You can use WebSphere Everyplace Device Manager to update Workplace
Managed Client desktops with the latest capabilities to which they have access.
However, using WebSphere Everyplace Device Manager to update Workplace
Managed Client desktops in a clustered deployment is not supported.
To enable the provisioning server to use WebSphere Everyplace Device Manager,
you must install the provisioning server and then configure it as described below.
At the end of the process described below, the following two events will occur on
the clients being updated:
v The Workplace Managed Client will connect to the WebSphere Everyplace
Device Manager server to see if there are any jobs to run. This will occur three
minutes after the user starts the Workplace Managed Client and then
periodically thereafter. If a software distribution job is applicable to the device,
the feature will be pushed to the client and this will trigger provisioning of the
rest of the features and plug-ins in the distributed feature.
v When a pushed features have been successfully provisioned, the Workplace
Managed Client user will be notified that new features has been installed and be
asked to restart the client.
Administrators can use WebSphere Everyplace Device Manager to track and push
capability updates to Workplace Managed Client desktops. To do this, WebSphere
Everyplace Device Manager must be installed and configured as a separate
prerequisite. You can install WebSphere Everyplace Device Manager using the
following procedure.
1. Read the current WebSphere Everyplace Device Manager readme.txt for any
updates to its installation instructions.
2. Follow the installation instructions in the WebSphere Everyplace Device
Manager 5 Information center, which can be found on the WebSphere
Everyplace Device Manager CD-ROM in docs/language/InfoCenter/index.html.
Be sure to perform the following tasks:
384
Clustered-server Deployment Guide
a. Install all prerequisite software as documented in the WebSphere Everyplace
Device Manager release notes and Information center.
b. Disable WebSphere security when installing the WebSphere Everyplace
Device Manager server.
c. Ensure that IBM WebSphere Application Server, DB2 server, and HTTP
server are running during the installation.
3. Download the WebSphere Everyplace Device Manager V5.0 fixpack 1 from the
support page at:
http://www.ibm.com/software/pervasive/ws_everyplace_device_manager/
support/
4. Apply the WebSphere Everyplace Device Manager V5.0 fixpack 1 to your
WebSphere Everyplace Device Manager 5.0 server using the instructions in the
readme file included with the fixpack. The resulting server is a WebSphere
Everyplace Device Manager 5.0.1 server.
5. When you installed the Workplace Managed Client provisioning server, the
system created a directory called wedm_extensions in the root install location
you specified (for example, c:\Program Files\IBM\IBM Workplace Managed
Client for Windows or /opt/IBM/IBM Workplace Client Provisioning for
UNIX). That directory contains a bin subdirectory, which houses the tools and
extensions necessary to extend WebSphere Everyplace Device Manager for use
with Workplace Collaboration Services. Navigate to that bin directory and use
your preferred file sharing method, such as ftp, to copy its contents to your
WebSphere Everyplace Device Manager bin directory (for example,
c:\tivdms15\bin on Windows).
6. Install the provisioning server. Once the tools and extension files have been
copied to the WebSphere Everyplace Device Manager bin directory, extend
WebSphere Everyplace Device Manager with the Workplace Managed Client
device profile using the following procedure:
a. Log in as an operating system administrator.
b. Use the WebSphere Application Server Administrative Console to disable
WebSphere Application Server security.
c. From a command line, navigate to your WEDM bin directory.
d. Type the command compinstall -file path to this file/
RCPPluginComponent.jar in the command line.
Note: If you receive an error when the system attempts to shut down and
restart the WebSphere Application Server, security is not disabled.
e. Use the WebSphere Administrative Console to enable WebSphere
Application Server security.
7. Create a new directory on the WebSphere Everyplace Device Manager server.
Copy the bundle registration tool bundlereg.zip from the wedm_extensions
directory (on the Portal server) to the new directory and unzip bundlereg.zip
file to it.
8. Register the feature bundles using the WebSphere Everyplace Device Manager
Administrative Console or bundle registration tool (bundlereg.bat found in
bundereg.zip) and set the device class for the bundles to ″RCP.″ Supply the
following information as prompted:
Note: See the WebSphere Everyplace Device Manager server Information
Center for information on how to register new software bundles to the
server.
Chapter 8 IBM Workplace Managed Client Installation and Configuration
385
v WebSphere Application Server install directory, for example
c:/app_server_root.
v WebSphere Everyplace Device Manager server install directory, for example
C:\TivDMS15\_jvm)
v Web address of the Eclipse Update site, for example http://
server.mycompany.com/lwpupdate/wct/.
v Web address of the WebSphere Everyplace Device Manager server, for
example: http://wedm_server/
v Eclipse update site at which the features_list.txt and plug-ins_list.txt files
reside, for example http_server_root//htdocs/en_US/lwpupdate/wct/
v xWEDM server administrator user name
v WEDM server administrator password
9. Create a software distribution job for the feature bundle to be pushed to the
Workplace Managed Client desktop(s). A process overview is provided below.
For details on how to create a software distribution job, see the WebSphere
Everyplace Device Manager server Information Center.
v Create a new feature with associated features and plug-ins.
v To register the new feature and the associated plug-ins in the WEDM server
using the DM console, right-click Software and then New Software. Click
OSGI bundle to specify the software type. On the New Software Properties:
New Software Properties panel, select the four lines that pertain to the
Workplace Managed Client.
v Create and configure a job to push the new feature to a specific device as
shown below:
– On the main DM console screen, click Devices and click OK.
– Right-click on the target device and click Submit Job.
– In the Submit Job: Attributes panel, set the Job Type to Software
Distribution.
– On the Submit Job: Job Parameters panel, click Add Group, select the
feature you want to update, click Next and then click OK. The job appears
in the Jobs view as Executable.
v Start the Workplace Managed Client or tell the user that he can now start the
Workplace Managed Client.
v When the update information panel appears, click Yes and verify that the
feature has been installed.
Related tasks
“Configuring the provisioning server to use the WebSphere Everyplace Device
Manager”
IBM Workplace Managed Client installation and configuration checklist for a
non-clustered environment
“Upgrading the Workplace Managed Client from one release to another” on
page 378
“Installing the provisioning server” on page 296
“Uninstalling the Workplace Managed Client provisioning server” on page 390
Configuring the provisioning server to use the WebSphere
Everyplace Device Manager
You can use the IBM WebSphere Everyplace Device Manager (WEDM) to provide
IBM Workplace Managed Client features, capabilities, and updates to users.
386
Clustered-server Deployment Guide
If you want to provide updated or upgraded Workplace Managed Client features
and plug-ins using WebSphere Everyplace Device Manager or if you have already
done so using the Eclipse update manager and want to switch to WebSphere
Everyplace Device Manager, configure the IBM Workplace Collaboration Services
server as described below.
Note: Updating the Workplace Managed Client from release 2.0.1 to 2.6 with
WebSphere Everyplace Device Manager is not supported. Updates from
release 2.0.1 to 2.6 must be done using the update manager. Once all clients
have been updated to 2.6, the provisioning server can be configured to use
WebSphere Everyplace Device Manager for future updates.
Note: See the WebSphere Everyplace Device Manager server Information Center
for details on WebSphere Everyplace Device Manager configuration.
Use these instructions to set the rich client provisioning server equal to the Web
address of the WebSphere Everyplace Device Manager server.
1. On the IBM WebSphere Portal Server, edit the requirements.xml file found in
the following directory by removing the comment designation from the
WebSphere Everyplace Device Manager provider preference setting. Example:
portal_server_root/installedApps/sugar/wps.ear/wps.war/themes/rcpml/
Edit the file to look as follows:
<requirements>
<preference
plugin="com.ibm.rcp.provisioning"
key="com.ibm.rcp.provisioning.feature.provider"
value="com.ibm.rcp.provisioning.wedm.provider.WEDMProvider"/>
</requirements>
2. Log into the IBM WebSphere Application Server Administrative Console using
an administrator user name and password.
3. Click Resources/URL Providers.
4. Click Node and delete its contents.
5. Click Apply to display the IBM Workplace client provisioning server URL.
6. Click Default URL Provider.
7. Click URLs.
8. Click on the entry for Workplace Client Provisioning server.
9. Edit the fields to read as follows:
v Name = provisioning server
v JNDI Name = url/wctprovisioningurl
v Specification = protocol://wedmserver hostname/dmserver/
SyncMLDMServletAuthRequired
v
An example is shown below:
http://freefall.abxdev.ibm.com/dmserver/SyncMLDMServletAuthRequired
10. Click Apply and Save.
11. Reboot your server.
Related tasks
“Updating the Workplace Managed Client using WebSphere Everyplace Device
Manager” on page 384
Chapter 8 IBM Workplace Managed Client Installation and Configuration
387
IBM Workplace Managed Client installation and configuration checklist for a
non-clustered environment
“Upgrading the Workplace Managed Client from one release to another” on
page 378
“Installing the provisioning server” on page 296
“Uninstalling the Workplace Managed Client provisioning server” on page 390
Uninstalling the Workplace Managed Client from the user
desktop
Unless you have been instructed to uninstall the IBM Workplace Managed Client
from your desktop, you will probably never need to perform this task. Your
administrator will install all updates on a server or site and will make them
available to you. The process of upgrading from one release to another should be
transparent to you. You do not need to uninstall one version and install another to
obtain the latest release. See your administrator for details.
Uninstalling the Workplace Managed Client from a Windows system
Uninstalling the Workplace Managed Client from a Linux system
If you have been instructed to reinstall the Workplace Managed Client, note that
you must uninstall the existing Workplace Managed Client before reinstalling
either the same version or installing a more recent version.
If you are installing a full Workplace Managed Client or IBM productivity tools
version over an evaluation version, you must uninstall the evaluation version
before installing the full version.
Uninstalling will remove the installed directory (for example c:\Program
Files\IBM\Workplace Managed Client\rcp) and optionally other content from
other directories.
During uninstall, you will be prompted to uninstall local data, documents, and
configuration files. Choosing to remove all local user data and documents will
delete the entire default workspace. The default work space is typically located in
user.dir/IBM/RCP/installation ID/user.name – for example c:\Documents and
Settings\jjonez\IBM\RCP\1662698616\jjonez. Choosing not to remove all local
user data and documents removes only the application features and plug-ins from
the workspace, along with the platform configuration. The features and plug-ins
are typically located in user.dir/IBM/RCP/installation ID/user.name/applications –
for example c:\Documents and Settings\jjonez\IBM\RCP\1662698616\jjonez\
applications. A user data example would be the local Mail database. In all
scenarios data is never removed from the server during Workplace Managed Client
uninstall.
On Microsoft Windows systems, the Workplace Managed Client applet
wctpinstall-temp is placed under c:\temp on the drive where the Windows
operating system is installed. If Windows is installed on the d: drive then the
wctpinstall-temp directory is placed under d:\temp.
On Linux systems, the wctpinstall-temp download applet is placed under /tmp.
When you uninstall Workplace Managed Client, the system removes the
wctpinstall-temp directory. If you had installed a second Workplace Managed
Client instance on the same machine without first uninstalling the previous
388
Clustered-server Deployment Guide
version, an additional wctpinstall-temp directory was created as
wctpinstall-temp.1, and so on for each subsequent installation. The Workplace
Managed Client download applet places the installation program on the disk. The
installation program is named setup_wct_platform.exe or setup_wct_platform.bin.
Related tasks
“Installing the Workplace Managed Client from a server” on page 358
“Installing the Workplace Managed Client framework and productivity tools
from CD-ROM” on page 361
“Uninstalling single sign-on for Windows” on page 349
“Uninstalling single sign-on for Linux” on page 350
Uninstalling the Workplace Managed Client on Windows
If instructed by your administrator, you can uninstall the IBM Workplace Managed
Client from a Microsoft Windows workstation using this procedure.
Note: This procedure can also be used if you have installed the IBM productivity
tools and have since been instructed to perform an uninstall.
The uninstall program will prompt you to remove user data. If you click Yes, all
local data including application files for IBM Workplace Messaging and IBM
Workplace Documents, data replicated from the server, the local document store,
workspace configuration, and downloaded programs will be deleted. Click Yes
only if you are certain that there is nothing in the workspace that you want to
keep.
Note: You must uninstall the Workplace Managed Client before reinstalling the
same version or installing a more recent version.
1. Click Add/Remove Programs from the Control Panel.
2. Locate IBM Workplace Managed Client in the application list.
3. Click Change/Remove.
4. Respond to the prompts that appear.
5. Click Finish to exit.
6. Restart your desktop.
Related tasks
“Uninstalling the Workplace Managed Client from the user desktop” on page
388
“Installing the Workplace Managed Client from a server” on page 358
“Installing the Workplace Managed Client framework and productivity tools
from CD-ROM” on page 361
Uninstalling the Workplace Managed Client on Linux
If instructed by your administrator, you can uninstall the IBM Workplace Managed
Client from a Linux workstation using this procedure.
Note: This procedure can also be used if you have installed the IBM productivity
tools and have since been instructed to perform an uninstall.
The uninstall program will prompt you to remove user data. If you click Yes, all
local data including application files for IBM Workplace Messaging and IBM
Workplace Documents, data replicated from the server, the local document store,
Chapter 8 IBM Workplace Managed Client Installation and Configuration
389
workspace configuration, and downloaded programs will be deleted. Click Yes
only if you are certain that there is nothing in the workspace that you want to
keep.
Note: You must uninstall the Workplace Managed Client before reinstalling the
same version or installing a more recent version.
1. Navigate to the installation directory chosen during Workplace Managed Client
installation.
Note: The default directory begins at /opt/IBM.
2. Navigate to the _uninst subdirectory.
3. Run the ./uninstall.bin program.
Note: If you have updated from a previous release run ./uninstaller.sh.
4. Log out of Linux and log in again.
Related tasks
“Uninstalling the Workplace Managed Client from the user desktop” on page
388
“Installing the Workplace Managed Client from a server” on page 358
“Installing the Workplace Managed Client framework and productivity tools
from CD-ROM” on page 361
Uninstalling the Workplace Managed Client provisioning
server
For users to update to a new IBM Workplace Managed Client release, you must
uninstall the existing provisioning server and reinstall the latest provisioning
server from IBM. Afterward, when the user logs in to the Workplace Managed
Client, he will be notified of component updates.
Note: The system checks the provisioning server for updates each time the user
logs in to the Workplace Managed Client. It also checks the provisioning
server for updates when the user switches applications using the client’s
switcher bar. When the user logs in, the system also checks to determine
what capabilities are available to the user based on his user policy as
defined in the IBM WebSphere Administrative Console.
You must uninstall the provisioning server before installing a new release.
Related tasks
“Upgrading the Workplace Managed Client from one release to another” on
page 378
“Uninstalling the provisioning server from Windows”
“Uninstalling the provisioning server from UNIX” on page 391
“Uninstalling the provisioning server from i5/OS” on page 391
“Updating the Workplace Managed Client using WebSphere Everyplace Device
Manager” on page 384
“Installing the provisioning server” on page 296
Uninstalling the provisioning server from Windows
Use the following steps to uninstall the provisioning server using Microsoft
Windows.
390
Clustered-server Deployment Guide
Note: You must uninstall the provisioning server before reinstalling it.
1. Click Add/Remove Programs from the Control Panel.
2. Locate IBM Workplace rich client provisioning components in the application
list.
3. When prompted, specify the language in which to display the screen text and
then click OK to continue.
4. Follow the directions on the screens.
5. Select the IBM Workplace Managed Client features to uninstall and then click
Next to continue.
6. Read the summary of what will be uninstalled and then click Next to continue.
7. Click Finish to exit.
Related tasks
“Uninstalling the Workplace Managed Client provisioning server” on page 390
“Upgrading the Workplace Managed Client from one release to another” on
page 378
“Installing the provisioning server” on page 296
Uninstalling the provisioning server from UNIX
Use the following steps to uninstall the provisioning server using UNIX.
Note: You must uninstall the provisioning server before reinstalling.
1. Open a command prompt window.
2. Navigate to the root install location that the administrator specified during
install.
3. Navigate to the _uninst directory.
4. Run the uninstaller.bin program.
5. Uninstall all or selected features.
6. Exit the program.
Related tasks
“Uninstalling the Workplace Managed Client provisioning server” on page 390
“Upgrading the Workplace Managed Client from one release to another” on
page 378
“Installing the provisioning server” on page 296
Uninstalling the provisioning server from i5/OS
Use the following steps to uninstall the provisioning server using i5/OS.
Note: You must uninstall the provisioning server before reinstalling.
1. Start a QShell session.
2. Change to the _uninst directory by entering the following:
cd /QIBM/ProdData/Workplace/WMC26/_uninst
3. Start the uninstall program by entering the following:
uninstall.sh -silent
4. Optionally delete the Logs directory using the following command:
rm -rf /QIBM/PordData/Workplace/WMC26
Removing the provisioning server from an instance:
Follow these steps to remove the provisioning server from an instance on i5/OS.
Chapter 8 IBM Workplace Managed Client Installation and Configuration
391
1. Start a QShell session.
2. Change to the _uninst directory of the instance.
3.
4.
5.
6.
Note: The i5/OS uninstall program is located in the /WMC26/_uninst/
directory. For example, if your IBM Workplace Collaboration Server is
myLWP, it is located in the /qibm/userdata/webas5/base/myLWP/
WMC26/_uninst/ directory.
Start the uninstall program in console mode or silent mode by entering one of
the following:
Console mode: i5OSuninstall.sh
Silent mode: i5OSuninstall.sh -silent
If you started the uninstall program in silent mode, the uninstall occurs with
no user prompts. Skip ahead to step 9.
Select the desired language by typing the associated number next to it and
press Enter. Type 0 and press Return. to continue.
Continue to the feature selection screen. By default all the components are
selected. Press Enter to continue or select specific options to uninstall.
Enter the administrative user ID.
7. Enter the administrative password followed by the confirmation password and
press Enter to continue.
8. Once all the components are removed, type 3 to exit the installation program.
9. Optionally delete the Logs directory using the following command, given that
your Workplace Collaboration Server name is myLWP.
rm -rf /qibm/userdata/webas5/base/myLWP/WMC26/
Related tasks
Uninstalling the provisioning server
“Upgrading the Workplace Managed Client from one release to another” on
page 378
“Installing the provisioning server” on page 296
Changing the search bar appearance
You can add a graphic image, such as your company logo, to the search bar in the
IBM Workplace Managed Client user interface. The IBM graphic will still be
visible. You can also change the background color of the search bar.
1. To add your graphic to the search bar, replace the supplied brand.gif file with
your graphic. You must use the brand.gif file name and it must reside in the
rcp\rcp\eclipse\plugins\com.ibm.rcp.platform\brand.gif file path.
2. To replace the supplied color of the search bar with another color, change the
color values in the rcp\rcp\eclipse\plugins\com.ibm.rcp.platform\plugin.xml
file.
Note: The color values appear italicized in the following file excerpt.
<extension
point="org.eclipse.ui.themes">
<colorDefinition
label="%BlueBarBackgroundColorBegin"
value="152,200,248"
id="com.ibm.rcp.platform.BLUE_BAR_BACKGROUND_BEGIN">
<description>
</description>
</colorDefinition>
392
Clustered-server Deployment Guide
<colorDefinition
label="%BlueBarBackgroundColorEnd"
value="152,200,248"
id="com.ibm.rcp.platform.BLUE_BAR_BACKGROUND_END">
<description>
</description>
</colorDefinition>
</extension>
Related tasks
“IBM Workplace Managed Client installation and configuration checklist for a
clustered environment” on page 317
“Installing the Workplace Managed Client from a server” on page 358
Chapter 8 IBM Workplace Managed Client Installation and Configuration
393
394
Clustered-server Deployment Guide
Chapter 9 Completing Setup in a Clustered Environment
This chapter provides information about steps to complete the setup of IBM
Workplace Collaboration Services in a clustered environment.
Phase 9: Completing setup in a clustered environment
To complete the IBM Workplace Collaboration Services setup in a clustered
environment, a few additional steps are necessary.
v Before federating nodes, update the WebSphere Portal EAR file.
v Federate and cluster network nodes.
v Configure load balancing for SIP services and HTTP.
v Finish setting up the HTTP servers.
v Finish setting up Node 1.
v Finish setting up the Deployment Manager.
v Finish setting up Node 2 and subsequent nodes.
Related tasks
“AIX, Linux, and Solaris: Sequence of operations for a clustered-server
deployment” on page 44
“Windows: Sequence of operations for a clustered-server deployment” on page
52
“i5/OS: Sequence of operations for a clustered-server deployment” on page 58
“Starting and stopping IBM Workplace Collaboration Services servers” on page
145
Updating Workplace Managed Client user interface files on
Node 1
If you installed the Workplace Managed Client provisioning server, follow these
steps to update Node 1 with the correct user interface files. Themes, screens, skins,
and images of the client’s user interface are managed as part of the main IBM
WebSphere Portal Server enterprise application and are stored in the IBM
WebSphere Portal Server EAR file (wps.ear). The provisioning server installation
copies these components into the expanded version of the wps.ear file on the
WebSphere Application Server. When installing the provisioning server in a
clustered environment, the archive copy of the wps.ear file in the WebSphere
Application Server configuration repository is updated with this additional content.
The provisioning server adds content to the wps.ear deployed on the node where
it was installed. In order for that content to be replicated to additional nodes
during their federation and during application synchronization, you must
incorporate that content into the archive copy of wps.ear in the WebSphere
Application Server configuration directory.
Follow the instructions for your operating system.
© Copyright IBM Corp. 2002, 2006
395
AIX, Linux, and Solaris: Updating the WebSphere Portal EAR file
Follow these steps to update the wps.ear file. These instructions assume that you
have installed the Workplace Managed Client provisioning server using a Custom
installation and that you installed everything except the two HTTP content
selections.
Perform these steps on the first node (Node 1) before federation.
1. Check the log files if you didn’t do so after installing the provisioning server.
The logs for the repackage task are located in provision_server_root/logs/
repackageWpsEarLog.txt and any errors are reported in provision_server_root/
logs/repackage/WpsEarErr.txt. Correct any errors before continuing.
2. Stop all servers and then start server1. Server1 is used to extract the current
wps.ear from the system that you will update.
On the WebSphere Portal Server server, type the following command:
./stopserver.sh WebSphere_Portal
On the server1 server, type the following command:
./startserver.sh server1
3. Create a temporary directory for storing a copy of the wps.ear file.
The example below uses /tmp/wps.
4. Copy the wps.ear file from the app_server_root/config/cells/cellname/
applications/wps.ear directory to the /tmp/wps/ directory.
5. Navigate to the app_server_root/bin directory and type the following command
on one line:
wsadmin.sh -user admin_user_id -password admin_password -c
’$AdminApp install /tmp/wps/wps.ear {-update
-appname wps}’
6. Stop the server1 server and restart the Portal server.
Windows: Updating the WebSphere Portal EAR file
Follow these steps to update the wps.ear file. These instructions assume that you
have installed the Workplace Managed Client provisioning server using a Custom
installation and that you installed everything except the two HTTP content
selections.
Perform these steps on the first node (Node 1) before federation.
1. Check the log files if you didn’t do so after installing the provisioning server.
The logs for the repackage task are located in provision_server_root\logs\
repackageWpsEarLog.txt and any errors are reported in provision_server_root\
logs\repackage\WpsEarErr.txt. Correct any errors before continuing.
2. Stop all servers and then start the server1 server. Server1 is used to extract the
current wps.ear from the system that you will update.
On the WebSphere Portal Server server, type the following command:
stopserver WebSphere_Portal
On the server1 server, type the following command:
startserver server1
3. Create a temporary directory for storing a copy of the wps.ear file.
The example below uses c:\tmp\wps.
4. Copy the wps.ear file from the app_server_root\config\cells\cellname\
applications\wps.ear directory to the c:\tmp\wps directory.
396
Clustered-server Deployment Guide
5. Navigate to the app_server_root\bin directory and type the following command
on one line:
Use forward slashes or double backslashes for the Windows path; a single
backslash does not work:
wsadmin.bat -user admin_user_id -password admin_password
-c "$AdminApp install c:/tmp/wps/wps.ear {-update -appname wps}"
6. Stop the server1 server and restart the Portal server.
i5/OS: Updating the WebSphere Portal EAR file
Follow these steps to update the wps.ear file. These instructions assume that you
have installed the Workplace Managed Client provisioning server using a Custom
installation and that you installed everything except the two HTTP content
selections.
Perform these steps on the first node (Node 1) before federation.
1. Check the log files if you didn’t do so after installing the provisioning server.
The logs for the repackage task are located in provision_server_root/logs/
repackageWpsEarLog.txt and any errors are reported in provision_server_root/
logs/repackage/WpsEarErr.txt. For i5/OS, the provision_server_root is
/QIBM/UserData/WebAS5/instance_name/WMC26/.
Correct any errors before continuing.
2. Start the QShell Interpreter by entering the following on an i5/OS command
line:
STRQSH
3. Stop all servers and then start the server1 server. Server1 is used to extract the
current wps.ear from the system that you will update.
On the WebSphere Portal Server server, type the following command:
/QIBM/ProdData/WebAS5/PME/bin/stopserver WebSphere_Portal -instance
instance_name -user username -password password
On the server1 server, type the following command:
/QIBM/ProdData/WebAS5/PME/bin/startserver server1 -instance
instance_name
4. Create a temporary directory for storing a copy of the wps.ear file.
The example below uses /tmp/wps.
5. Copy the wps.ear file from the app_server_root/config/cells/cellname/
applications/wps.ear directory to the /tmp/wps/ directory.
6. Give public access to the wps.ear file by entering the following in the QShell
session:
chmod 777 /tmp/wps/wps.ear
7. Navigate to the app_server_root/bin directory and type the following command
on one line in the QShell session:
/QIBM/ProdData/WebAS5/PME/bin/wsadmin -instance instance_name -user
admin_user_id -password admin_password -c ’$AdminApp install
/tmp/wps/wps.ear {-update -appname wps}’
8. Stop the server1 server and restart the Portal server.
Related tasks
“Phase 9: Completing setup in a clustered environment” on page 395
“IBM Workplace Managed Client installation and configuration checklist for a
clustered environment” on page 317
“Installing and configuring the provisioning server in a clustered environment”
on page 320
Chapter 9 Completing Setup in a Clustered Environment
397
“Updating Workplace Managed Client configuration files for a clustered
environment” on page 442
“Updating Workplace Managed Client user interface files on the Deployment
Manager” on page 449
Federating and clustering network nodes
This section explains how to create and maintain a Network Deployment server
cluster.
v
v
v
v
Copy files from Node 1 to subsequent nodes.
Update the DeploymentService.properties file.
Federate nodes to the cell.
Create and update the WebSphere Portal Server and Mail Server clusters.
Related tasks
“AIX, Linux, and Solaris: Sequence of operations for a clustered-server
deployment” on page 44
“Windows: Sequence of operations for a clustered-server deployment” on page
52
“i5/OS: Sequence of operations for a clustered-server deployment” on page 58
“Phase 9: Completing setup in a clustered environment” on page 395
Copying files from Node 1 to subsequent nodes
To allow IBM Workplace Collaboration Services to function properly, several files
must be accessible to all nodes in the deployment.
1. To finish connecting the node to a remote DBMS server, copy the following file
from Node 1 to complete the connection:
portal_server_root/shared/app/wmm/wmm.xml
2. To use the node as an IBM Workplace Managed Client provisioning server,
copy the following two files from Node 1:
This step must be done before federating the node to the cell.
v portal_server_root/shared/app/rcpportal.jar
v portal_server_root/shared/app/WEB-INF/tld/rcpportal.tld
Related tasks
“Federating and clustering network nodes”
Updating the DeploymentService.properties file
Follow these steps to update the DeploymentService.properties file prior to
federating a node.
1. On the node to be federated, open the DeploymentService.properties file, stored
in portal_server_root/shared/app/config/services.
2. Enter the cluster name (for example, Workplace_Cluster) as the value for
wps.appserver.name and save the file.
Related tasks
“Opening the IBM WebSphere Administrative Console” on page 144
“Federating and clustering network nodes”
398
Clustered-server Deployment Guide
Federating nodes to a cell
After you install IBM Workplace Collaboration Services on Network Deployment
nodes, use the addnode command to federate the nodes, which adds them to the
Network Deployment cell. The procedure is slightly different for Node 1 than it is
for Node 2 and subsequent nodes.
Attention: The Workplace Managed Client provisioning server must only be
installed on Node 1; do not install the provisioning server on the second or
subsequent nodes. The installation on Node 1 must take place before you federate
the node or the installation will fail.
For more information on WebSphere Application Server and Network
Deployments, go to the WebSphere Application Server Information Center at
http://publib.boulder.ibm.com/pvc/wp/502/ent/en/InfoCenter/index.html.
Related concepts
“Phase 8: IBM Workplace Managed Client installation and configuration” on
page 317
Related tasks
“Determining the SOAP port to use to connect to the Deployment Manager”
“AIX, Linux, and Solaris: Federating Node 1”
“AIX, Linux, and Solaris: Federating Node 2 and subsequent nodes” on page
400
“Windows: Federating Node 1” on page 400
“Windows: Federating Node 2 and subsequent nodes” on page 401
“i5/OS: Federating Node 1” on page 401
“i5/OS: Federating Node 2 and subsequent nodes” on page 402
“Unfederating a node from a cell” on page 453
“Federating and clustering network nodes” on page 398
Determining the SOAP port to use to connect to the Deployment Manager:
If you do not know which SOAP port to use to connect to the Deployment
Manager, you can find it by performing the following steps:
1. Open the WebSphere Administrative Console for the Deployment Manager.
2. Select System Administration → Deployment Manager.
3. Select End Points in the Additional Properties table.
4. Select SOAP_CONNECTOR_ADDRESS.
Related tasks
“Opening the IBM WebSphere Administrative Console” on page 144
“Federating nodes to a cell”
AIX, Linux, and Solaris: Federating Node 1:
After you install IBM Workplace Collaboration Services on Node 1, use the
addnode command to federate the node, which adds it to the Network
Deployment cell. Depending on the size and location of the node that you
incorporate into the cell, this command can take a few minutes to complete.
Chapter 9 Completing Setup in a Clustered Environment
399
Attention: If you plan to install the IBM Workplace Managed Client provisioning
server on this node, you must do so before federating a node. Installation of the
provisioning server will fail if you attempt to install after federating the node.
Follow these steps to federate Node 1 on IBM AIX, Linux, and Sun Solaris.
1. Run the following command from the node’s portal_server_root/rootscripts
directory:
./stopWorkplaceServices.sh
2. On the Deployment Manager, open a command shell and navigate to the
app_server_root/bin directory.
3. Type the following command:
./startManager.sh
4. From the node you want to add, type the following command on a single line
from the app_server_root/bin directory. The command is different for the first
node in the cluster.
./addNode.sh deployment_manager_host port_number -username
admin_user_id -password admin_password -includeapps
For example:
addnode DM.acme.com 8879 -username wpsadmin -password wpsadmin -includeapps
After a node has been successfully added, a confirmation message displays.
Related tasks
“Federating and clustering network nodes” on page 398
AIX, Linux, and Solaris: Federating Node 2 and subsequent nodes:
After you install IBM Workplace Collaboration Services on Node 2 and subsequent
nodes, use the addnode command to federate the node, which adds it to the
Network Deployment cell. Depending on the size and location of the node that
you incorporate into the cell, this command can take a few minutes to complete.
Follow these steps to federate nodes running under IBM AIX, Linux, and Sun
Solaris.
1. Run the following command from the node’s portal_server_root/rootscripts
directory:
./stopWorkplaceServices.sh
2. On the Deployment Manager, open a command shell and navigate to the
app_server_root/bin directory.
3. Type the following command:
./startManager.sh
4. From the node you want to add, type the following command on a single line
from the app_server_root/bin directory.
./addNode.sh deployment_manager_host port_number -username
admin_user_id -password admin_password
After a node has been successfully added, a confirmation message displays.
Related tasks
“Federating and clustering network nodes” on page 398
Windows: Federating Node 1:
After you install IBM Workplace Collaboration Services on Node 1, use the
addnode command to federate the node, which adds it to the Network
400
Clustered-server Deployment Guide
Deployment cell. Depending on the size and location of the node that you
incorporate into the cell, this command can take a few minutes to complete.
Attention: If you plan to install the IBM Workplace Managed Client provisioning
server on this node, you must do so before federating a node. Installation of the
provisioning server will fail if you attempt to install after federating the node.
Follow these steps to federate Node 1 on Microsoft Windows.
1. Run the following command from the node’s portal_server_root\rootscripts
directory:
stopWorkplaceServices.bat
2. On the Deployment Manager, open a command prompt and navigate to the
app_server_root\bin directory.
3. Type the following command:
startmanager
4. From the node you want to add, type the following command on a single line
from the app_server_root\bin directory. The command is different for the first
node in the cluster.
addnode deployment_manager_host port_number -username
admin_user_id -password admin_password -includeapps
For example:
addnode DM.acme.com 8879 -username wpsadmin -password wpsadmin -includeapps
After a node has been successfully added, a confirmation message displays.
Related tasks
“Federating and clustering network nodes” on page 398
Windows: Federating Node 2 and subsequent nodes:
After you install IBM Workplace Collaboration Services on Node 2 and subsequent
nodes, use the addnode command to federate the node, which adds it to the
Network Deployment cell. Depending on the size and location of the node that
you incorporate into the cell, this command can take a few minutes to complete.
Follow these steps to federate nodes running under Microsoft Windows.
1. Run the following command from the node’s portal_server_root\rootscripts
directory:
stopWorkplaceServices.bat
2. On the Deployment Manager, open a command prompt and navigate to the
app_server_root\bin directory.
3. Type the following command:
startmanager
4. From the node you want to add, type the following command on a single line
from the app_server_root\bin directory. The command is different for the first
node in the cluster.
addnode deployment_manager_host port_number -username
admin_user_id -password admin_password
After a node has been successfully added, a confirmation message displays.
Related tasks
“Federating and clustering network nodes” on page 398
i5/OS: Federating Node 1:
Chapter 9 Completing Setup in a Clustered Environment
401
After you install IBM Workplace Collaboration Services on Node 1, use the
addNode command to federate the node, which adds it to the Network
Deployment cell. Depending on the size and location of the node that you
incorporate into the cell, this command can take a few minutes to complete.
Attention: If you plan to install the IBM Workplace Managed Client provisioning
server on this node, you must do so before federating a node. Installation of the
provisioning server will fail if you attempt to install after federating the node.
Follow these steps to federate Node 1 on IBM i5/OS.
1. On the node system, start the QShell Interpreter by entering the following on
an i5/OS command line:
STRQSH
2. Change to the node’s portal_server_root/rootscripts directory by entering the
following:
cd portal_server_root/rootscripts
3. Enter the following command to stop Workplace Collaboration Services on the
node:
stopWorkplaceServices.sh -username user -password password
4. On the Deployment Manager, open a QShell session (STRQSH) and change to
the deploy_manager_root/bin directory.
5. Enter the following command:
startManager -instance instance_name
6. From the node you want to add, enter the following command on a single line
from the app_server_root/bin directory. The command is different for the first
node in the cluster.
addNode deployment_manager_host port_number
-startingport first_port -instance instance
-username admin_user_id -password admin_password -includeapps
Where:
v deployment_manager_host is the fully qualified host name of the Deployment
Manager system.
v port_number is the base port number for the Deployment Manager instance,
plus one. For example, if you specified a base port number of 30000 for the
Deployment Manager instance, port_number would be 30001.
v first_port is node’s base port number, plus 60. For example, if you specified a
base port number of 40000 for the node, first_port would be 40060.
v instance is the name of the instance.
v username is the administrative user ID.
v password is the administrative user password.
Example:
addNode DM.acme.com 30001 -instance wcs01 -startingport 40060
-username wpsadmin -password wpsadmin -includeapps
After a node has been successfully added, a confirmation message displays.
Related tasks
“Federating and clustering network nodes” on page 398
i5/OS: Federating Node 2 and subsequent nodes:
After you install IBM Workplace Collaboration Services on Node 2 and subsequent
nodes, use the addNode command to federate the node, which adds it to the
402
Clustered-server Deployment Guide
Network Deployment cell. Depending on the size and location of the node that
you incorporate into the cell, this command can take a few minutes to complete.
Follow these steps to federate nodes running under IBM i5/OS.
1. Start the QShell Interpreter by entering the following on an i5/OS command
line:
STRQSH
2. Change to the node’s portal_server_root/rootscripts directory by entering the
following:
cd portal_server_root/rootscripts
3. Enter the following command to stop Workplace Collaboration Services on the
node:
stopWorkplaceServices.sh
4. On the Deployment Manager, open a QShell session (STRQSH) and change to
the deploy_manager_root/bin directory.
5. Enter the following command:
startManager -instance instance_name
6. From the node you want to add, enter the following command on a single line
from the app_server_root/bin directory.
addNode deployment_manager_host port_number
-startingport firstport -instance instance
-username admin_user_id -password admin_password
For example:
addNode DM.acme.com 30001 -instance wcs01 -startingport 40000
-username wpsadmin -password wpsadmin
After a node has been successfully added, a confirmation message displays.
Related tasks
“Federating and clustering network nodes” on page 398
Creating the Workplace Collaboration Services clusters
In a clustered-server deployment, you create two server clusters to provide load
balancing and better performance. The first cluster is a WebSphere Portal Server
cluster; the second cluster is a Mail Server cluster.
After you have installed IBM Workplace Collaboration Services on the first node
and federated the node to the cell, you can create the clusters. When you install
other nodes, add them to the clusters.
Follow the instructions for the platform on which you are running.
v IBM AIX, Linux, and Sun Solaris
v Microsoft Windows
v IBM i5/OS
Related tasks
“Federating and clustering network nodes” on page 398
AIX, Linux, and Solaris: Creating the IBM Workplace Collaboration Services
clusters:
In a clustered-server deployment, you create two server clusters to provide load
balancing and better performance. The first cluster is a WebSphere® Portal Server
cluster; the second cluster is a Mail Server cluster. Follow the instructions for the
node you are adding.
Chapter 9 Completing Setup in a Clustered Environment
403
v
v
v
v
v
Prepare the installDM.properties file before creating a cluster or adding a node
Create the WebSphere Portal Server cluster and add Node 1
Create the Mail Server cluster and add Node 1
Add subsequent nodes to the WebSphere Portal cluster
Add subsequent nodes to the Mail Server cluster
Related concepts
“Creating the Workplace Collaboration Services clusters” on page 403
AIX, Linux, and Solaris: Preparing the installDM.properties file:
Each time you add a node to the WebSphere Portal Server or Mail Server cluster,
you must update the installDM.properties file with the correct information for that
node and cluster. Some values change for each type of node and also, at times, the
cluster to which you are adding it; other values are set for the first node and
remain the same for all Workplace Collaboration Services nodes added to the
clusters thereafter. The installDM.properties file is stored on the Deployment
Manager, in the workplace_server_root/install directory. Note that values are case
sensitive. Properties flagged as ″Required″ must contain a value or the cluster
configuration scripts will fail.
Property
Description
pluginName
plugins1.list
lwp.clusterName (Required)
cluster_name (should match the value in the
DeploymentService.properties file)
Values:
Workplace_Cluster (when adding nodes to the
WebSphere Portal Server cluster)
Mail_Server_Cluster (when adding nodes to the Mail
Server cluster)
NodeName (Required)
dm_node_name (name of Deployment Manager)
Example: LWPNetworkManager
lwp.clusterListeningAddressTCP
(Required)
tcp_listening_address_for_SIP (address at which SIP
proxies in this cluster receive inbound SIP requests
over TCP for dispatch to SIP containers. Used for
Web conference, instant messaging, and presence
activities. Specify the Web server cluster name.)
Example: dispatcher.acme.com
lwp.clusterListeningAddressTLS
(Required)
ssl_listening_address_for_SIP (address at which the SIP
proxy receives inbound SIP requests that are
encrypted using the Transport Layer Security (TLS)
protocol or Secure Sockets Layer (SSL) protocol. Used
for securing Web conference, instant messaging, and
presence activities. Specify the Web server cluster
name.)
Example: dispatcher.acme.com
lwp.lwmDNSServers
dns_server_name
Example: dns1.acme.com
404
Clustered-server Deployment Guide
Property
Description
RemHttpClientPort (Required)
unique_port (client port for DRS entry in Internal
Replication Domain)
Examples:
7974 (Node 1, WebSphere Portal Server cluster)
7978 (Node 1, Mail Server cluster)
7981 (Node 2, WebSphere Portal Server cluster)
7985 (Node 2, Mail Server cluster)
LWPDBType (Required)
dbms_type (database server type; the default is usually
correct)
Values:
db2
oracle
sqlserver
LWPArcSchema
archive_schema_name (i5/OS only: name of Archive
schema)
Value:
Leave blank
WasHome (Required)
app_server_root (WebSphere Application Server install
directory; the initial value shows the directory you
specified when you installed the Deployment
Manager)
Example:
/opt/WebSphere/DeploymentManager
c\:/WebSphere/DeploymentManager (use a
backslash before colon (:), then forward slashes for
directory names)
/QIBM/UserData/WebAS5/ND/instance
WasInstance (Required for i5/OS
only)
instance (i5/OS only: name of the Workplace
Collaboration Services Deployment Manager instance)
Values:
Leave blank
RemNodeName (Required)
node_name (unique name for the node you are adding
to the cluster, such as the WebSphere Application
Server node name. Used with ClusterMemberName
and RemWpsServerName).
Examples:
Node_1 (name of Node 1 when adding Node 1 to the
clusters)
Node_2 (name of Node 2 when adding Node 2 to the
clusters), and so on
Chapter 9 Completing Setup in a Clustered Environment
405
Property
Description
WasUserid (Required)
userid (WebSphere Portal Server administrator name)
Example: wpsadmin
lwp.lwmLocalDomain (Required)
domain_name (cell-wide mail settings -- should be the
same as the domain name used in e-mail addresses
for the users in your LDAP directory; must contain a
value for mail to work)
Example: acme.com
ClusterMemberName (Required)
cluster_member_name (name of the cluster member;
same value as RemWpsServerName)
Values:
WebSphere_Portal (Node 1, WebSphere Portal Server
cluster)
Mail_Server_1 (Node 1, Mail Server cluster)
WebSphere_Portal_RemNodeName (Node 2 and above,
WebSphere Portal Server cluster with node name
appended)
Mail_Server_1_RemNodeName (Node 2 and above,
Mail Server cluster with node name appended)
LWPComSchema
common_schema_name (i5/OS only: name of core
schema containing administrative data, mail services
data, and team collaboration data)
Example:
Leave blank
lwp.internalDomains (Required)
domain_name (cell-wide mail settings -- local domains
for mail routing; should be the same as the domain
name used in e-mail addresses for the users in your
LDAP directory; must contain a value for mail to
work)
Example: acme.com
DebugMode
debug_mode_status (when set to True, starts WebSphere
Application Server in debugging mode. The default is
False.)
CellName (Required)
cell_name (the cell name defined when you installed
the Deployment Manager; stays the same for all
clusters)
Example: LWPNetwork
LwpsHome (Required)
workplace_server_root (workplace_server_root of the
Deployment Manager; the initial value shows the
directory you specified when you installed Workplace
Collaboration Services.)
Example:
/opt/IBM/Workplace/WorkplaceServer
406
Clustered-server Deployment Guide
Property
Description
serverTemplateNodeName
(Required)
node1_name (WebSphere Application server node that
stores templates for IBM Workplace Collaboration
Services applications. Value is always the Node 1
RemNodeName regardless of the node you are adding
to the cluster.)
Example: Node_1
RemWpsServerNameOrg
(Required)
original_cluster_member (always Node 1’s cluster
member name regardless of the node you are adding
to the cluster)
Values:
WebSphere_Portal
messaging_schema_name (i5/OS only: name of
Messaging schema)
LWPMsgSchema
Value:
Leave blank
serverTemplateName (Required)
template_server (server from which the new node’s
application server is replicated)
Values:
WebSphere_Portal (all nodes, WebSphere Portal
Server cluster)
Mail_Server_1 (all nodes, Mail Server cluster)
ssl_status_for_SIP (when set to True, servers in this
cluster can accept inbound SIP requests over TLS or
SSL. Used for securing Web conference, instant
messaging, and presence activities. The default is
True; set to False or leave blank to disable SSL for SIP
services.
lwp.enableTLS
lwp.lsfdata
feedback_database_name
Value:
Leave blank.
lwp.lwmDefaultDomain (Required)
domain_name (cell-wide mail settings -- should be the
same as the domain name used in e-mail addresses
for the users in your LDAP directory; must contain a
value for mail to work)
Example: acme.com
RemHttpReplPort (Required)
unique_http_port (server port for DRS entry in Internal
Replication Domain)
Examples:
7973 (Node 1, WebSphere Portal Server cluster)
7977 (Node 1, Mail Server cluster)
7980 (Node 2, WebSphere Portal Server cluster)
7984 (Node 2, Mail Server cluster)
Chapter 9 Completing Setup in a Clustered Environment
407
Property
Description
WasProdHome
deploy_manager_root (i5/OS only: Deployment
Manager install directory)
Example:
Leave blank
/qibm/proddata/webas5/pmend
WasHostName
app_server_root_hostname (i5/OS only: host name of
the new node being added to the cluster)
Example:
Leave blank
lwp.lwmNWPathMSQueueDir
(Required)
shared_file_path (the location of the shared qfilestore
directory created in Phase 2)
Example:
/mnt/nd_shares/qfilestore
lwp.lwmPostMasterMailAddress
[email protected]_name
Example: [email protected]
RemHttpServerName (Required)
cluster_member_host_name (specify the Web server
cluster name)
Example: dispatcher.acme.com
WasPassword (Required)
password (the password for WebSphere Application
Server security authentication)
Example: wpsadmin
Note: The password is removed when a
configuration tasks runs. You must provide a
password each time you run a configuration task on
the Deployment Manager.
platform.script.ext
file_extension_for_scripts
Values:
sh
RemWpsServerName (Required)
cluster_member_name (name of the cluster member;
same value as ClusterMemberName)
Values:
WebSphere_Portal (Node 1, WebSphere Portal Server
cluster)
Mail_Server_1 (Node 1, Mail Server cluster)
WebSphere_Portal_RemNodename (Node 2 and above,
WebSphere Portal Server cluster with node name
appended)
Mail_Server_1_RemNodename (Node 2 and above,
Mail Server cluster with node name appended)
Related tasks
408
Clustered-server Deployment Guide
“AIX, Linux, and Solaris: Creating the IBM Workplace Collaboration Services
clusters” on page 403
AIX, Linux, and Solaris: Adding Node 1 to the WebSphere Portal Server cluster:
After you have installed and set up IBM Workplace Collaboration Services on
Node 1, add the node to the WebSphere Portal Server cluster.
Verify that the installDM.properties file on the Deployment Manager contains the
correct values for this node and cluster before proceeding.
Add a node to the cluster by following these steps.
1. Log in to the new node as a user with administrative privileges.
2. Open a command shell.
3. Navigate to the app_server_root/bin directory.
4. Start the node agent on this new node with the following command.
./startNode.sh
5. Open a command shell.
6. Run the following command from the deploy_manager_root/bin directory.
Notice the space between the periods. The special format for this command
sources the command to make the setting active for all processes started from
the command shell.
. ./setupCmdLine.sh
7. Navigate to the workplace_server_root/install directory.
8. Run the following command:
./lwpDMconfig.sh base-dm-wps-config >node1_wps.log
Check the log file and correct any errors before proceeding. You receive a
″Build Successful″ message when the update is completed without errors.
9. Navigate to the app_server_root/logs/nodeagent directory.
Check that the SystemOut.log contains the message ″Configuration
synchronization completed successfully″ before continuing.
10. Repeat the previous step on Node 1 and any other nodes in the cluster.
Related tasks
“AIX, Linux, and Solaris: Preparing the installDM.properties file” on page 404
“AIX, Linux, and Solaris: Creating the IBM Workplace Collaboration Services
clusters” on page 403
AIX, Linux, and Solaris: Adding Node 1 to the Mail Server cluster:
After you have installed and set up IBM Workplace Collaboration Services on
Node 1 and added it to the WebSphere Portal Server cluster, add the node to the
Mail Server cluster.
Verify that the installDM.properties file on the Deployment Manager contains the
correct values for this node and cluster before proceeding.
Create a Mail Server cluster by following these steps on the Deployment Manager.
1. Open a command shell.
2. Navigate to the deploy_manager_root/bin directory.
Chapter 9 Completing Setup in a Clustered Environment
409
3. Run the following command from the deploy_manager_root/bin directory. Notice
the space between the periods. The special format for this command sources
the command to make the setting active for all processes started from the
command shell.
. ./setupCmdLine.sh
4. Navigate to the workplace_server_root/install directory.
5. Run the following command:
./lwpDMconfig.sh base-dm-mailserver-config >node1_mail.log
Check the log file and correct any errors before proceeding. You receive a
″Build Successful″ message when the update is completed without errors.
6. Navigate to the app_server_root/logs/nodeagent directory.
Check that the SystemOut.log contains the message ″Configuration
synchronization completed successfully″ before continuing.
Related tasks
“AIX, Linux, and Solaris: Preparing the installDM.properties file” on page 404
“AIX, Linux, and Solaris: Creating the IBM Workplace Collaboration Services
clusters” on page 403
AIX, Linux, and Solaris: Adding subsequent nodes to the WebSphere Portal Server
cluster:
After you have installed and set up IBM Workplace Collaboration Services on a
new node, add the node to the WebSphere Portal Server cluster.
Verify that the installDM.properties file on the Deployment Manager contains the
correct values for this node and cluster before proceeding.
Add a node to the cluster by following these steps.
1. Log in to the new node as a user with administrative privileges.
2. Open a command shell.
3. Navigate to the app_server_root/bin directory.
4. Start the node agent on this new node with the following command.
./startNode.sh
5. Open a command shell.
6. Run the following command from the deploy_manager_root/bin directory.
Notice the space between the periods. The special format for this command
sources the command to make the setting active for all processes started from
the command shell.
. ./setupCmdLine.sh
7. Navigate to the workplace_server_root/install directory.
8. Run the following command:
./lwpDMconfig.sh add-wps-cluster-member >node2_wps.log
Check the log file and correct any errors before proceeding. You receive a
″Build Successful″ message when the update is completed without errors.
9. Navigate to the app_server_root/logs/nodeagent directory.
Check that the SystemOut.log contains the message ″Configuration
synchronization completed successfully″ before continuing.
10. Repeat the previous step on Node 1 and any other nodes in the cluster.
Related tasks
“AIX, Linux, and Solaris: Preparing the installDM.properties file” on page 404
410
Clustered-server Deployment Guide
“AIX, Linux, and Solaris: Creating the IBM Workplace Collaboration Services
clusters” on page 403
AIX, Linux, and Solaris: Adding subsequent nodes to the Mail Server cluster:
After you have installed and set up IBM Workplace Collaboration Services on a
new node and added it to the WebSphere Portal Server cluster, add the node to the
Mail Server cluster.
Verify that the installDM.properties file on the Deployment Manager contains the
correct values for this node and cluster before proceeding.
Add a node to the Mail Server cluster by following these steps on the Deployment
Manager.
1. Log in to Node 1 as a user with administrative privileges.
2. Open a command shell.
3. Navigate to the app_server_root/bin directory.
4. Start the node agent on Node 1 with the following command.
./startNode.sh
5. Open a command shell.
6. Run the following command from the deploy_manager_root/bin directory.
Notice the space between the periods. The special format for this command
sources the command to make the setting active for all processes started from
the command shell.
. ./setupCmdLine.sh
7. Navigate to the workplace_server_root/install directory.
8. Run the following command:
./lwpDMconfig.sh add-mailserver-cluster-member >node2_mail.log
Check the log file and correct any errors before proceeding. You receive a
″Build Successful″ message when the update is completed without errors.
9. Navigate to the app_server_root/logs/nodeagent directory.
Check that the SystemOut.log contains the message ″Configuration
synchronization completed successfully″ before continuing.
10. Repeat the previous step on Node 1 and any other nodes in the cluster.
Related tasks
“AIX, Linux, and Solaris: Preparing the installDM.properties file” on page 404
“AIX, Linux, and Solaris: Creating the IBM Workplace Collaboration Services
clusters” on page 403
Windows: Creating the IBM Workplace Collaboration Services clusters:
In a clustered-server deployment, you create two server clusters to provide load
balancing and better performance. The first cluster is a WebSphere® Portal Server
cluster; the second cluster is a Mail Server cluster. Follow the instructions for the
node you are adding.
v
v
v
v
v
Prepare the installDM.properties file before creating a cluster or adding a node
Create the WebSphere Portal Server cluster and add Node 1
Create the Mail Server cluster and add Node 1
Add subsequent nodes to the WebSphere Portal cluster
Add subsequent nodes to the Mail Server cluster
Chapter 9 Completing Setup in a Clustered Environment
411
Related concepts
“Creating the Workplace Collaboration Services clusters” on page 403
Windows: Preparing the installDM.properties file:
Each time you add a node to the WebSphere Portal Server or Mail Server cluster,
you must update the installDM.properties file with the correct information for that
node and cluster. Some values change for each type of node and also, at times, the
cluster to which you are adding it; other values are set for the first node and
remain the same for all Workplace Collaboration Services nodes added to the
clusters thereafter. The installDM.properties file is stored on the Deployment
Manager, in the workplace_server_root/install directory. Note that values are case
sensitive. Properties flagged as ″Required″ must contain a value or the cluster
configuration scripts will fail.
Property
Description
pluginName
plugins1.list
lwp.clusterName (Required)
cluster_name (should match the value in the
DeploymentService.properties file)
Values:
Workplace_Cluster (when adding nodes to the
WebSphere Portal Server cluster)
Mail_Server_Cluster (when adding nodes to the Mail
Server cluster)
NodeName (Required)
dm_node_name (name of Deployment Manager)
Example: LWPNetworkManager
lwp.clusterListeningAddressTCP
(Required)
tcp_listening_address_for_SIP (address at which SIP
proxies in this cluster receive inbound SIP requests
over TCP for dispatch to SIP containers. Used for
Web conference, instant messaging, and presence
activities. Specify the Web server cluster name.)
Example: dispatcher.acme.com
lwp.clusterListeningAddressTLS
(Required)
ssl_listening_address_for_SIP (address at which the SIP
proxy receives inbound SIP requests that are
encrypted using the Transport Layer Security (TLS)
protocol or Secure Sockets Layer (SSL) protocol. Used
for securing Web conference, instant messaging, and
presence activities. Specify the Web server cluster
name.)
Example: dispatcher.acme.com
lwp.lwmDNSServers
dns_server_name
Example: dns1.acme.com
412
Clustered-server Deployment Guide
Property
Description
RemHttpClientPort (Required)
unique_port (client port for DRS entry in Internal
Replication Domain)
Examples:
7974 (Node 1, WebSphere Portal Server cluster)
7978 (Node 1, Mail Server cluster)
7981 (Node 2, WebSphere Portal Server cluster)
7985 (Node 2, Mail Server cluster)
LWPDBType (Required)
dbms_type (database server type; the default is usually
correct)
Values:
db2
oracle
sqlserver
LWPArcSchema
archive_schema_name (i5/OS only: name of Archive
schema)
Value:
Leave blank
WasHome (Required)
app_server_root (WebSphere Application Server install
directory; the initial value shows the directory you
specified when you installed the Deployment
Manager)
Example:
c\:/WebSphere/DeploymentManager (use a
backslash before colon (:), then forward slashes for
directory names)
WasInstance (Required for i5/OS
only)
instance (i5/OS only: name of the Workplace
Collaboration Services Deployment Manager instance)
Value:
Leave blank
RemNodeName (Required)
node_name (unique name for the node you are adding
to the cluster, such as the WebSphere Application
Server node name. Used with ClusterMemberName
and RemWpsServerName).
Examples:
Node_1 (name of Node 1 when adding Node 1 to the
clusters)
Node_2 (name of Node 2 when adding Node 2 to the
clusters), and so on
WasUserid (Required)
userid (WebSphere Portal Server administrator name)
Example: wpsadmin
Chapter 9 Completing Setup in a Clustered Environment
413
Property
Description
lwp.lwmLocalDomain (Required)
domain_name (cell-wide mail settings -- should be the
same as the domain name used in e-mail addresses
for the users in your LDAP directory; must contain a
value for mail to work)
Example: acme.com
ClusterMemberName (Required)
cluster_member_name (name of the cluster member;
same value as RemWpsServerName)
Values:
WebSphere_Portal (Node 1, WebSphere Portal Server
cluster)
Mail_Server_1 (Node 1, Mail Server cluster)
WebSphere_Portal_RemNodeName (Node 2 and above,
WebSphere Portal Server cluster with node name
appended)
Mail_Server_1_RemNodeName (Node 2 and above,
Mail Server cluster with node name appended)
LWPComSchema
common_schema_name (i5/OS only: name of core
schema containing administrative data, mail services
data, and team collaboration data)
Example:
Leave blank
lwp.internalDomains (Required)
domain_name (cell-wide mail settings -- local domains
for mail routing; should be the same as the domain
name used in e-mail addresses for the users in your
LDAP directory; must contain a value for mail to
work)
Example: acme.com
DebugMode
debug_mode_status (when set to True, starts WebSphere
Application Server in debugging mode. The default is
False.)
CellName (Required)
cell_name (the cell name defined when you installed
the Deployment Manager; stays the same for all
clusters)
Example: LWPNetwork
LwpsHome (Required)
workplace_server_root (workplace_server_root of the
Deployment Manager; the initial value shows the
directory you specified when you installed Workplace
Collaboration Services.)
Example:
c:\Program Files\IBM\Workplace\WorkplaceServer
414
Clustered-server Deployment Guide
Property
Description
serverTemplateNodeName
(Required)
node1_name (WebSphere Application server node that
stores templates for IBM Workplace Collaboration
Services applications. Value is always the Node 1
RemNodeName regardless of the node you are adding
to the cluster.)
Example: Node_1
RemWpsServerNameOrg
(Required)
original_cluster_member (always Node 1’s cluster
member name regardless of the node you are adding
to the cluster)
Values:
WebSphere_Portal
messaging_schema_name (i5/OS only: name of
Messaging schema)
LWPMsgSchema
Value:
Leave blank
serverTemplateName (Required)
template_server (server from which the new node’s
application server is replicated)
Value:
WebSphere_Portal (all nodes, WebSphere Portal
Server cluster)
Mail_Server_1 (all nodes, Mail Server cluster)
ssl_status_for_SIP (when set to True, servers in this
cluster can accept inbound SIP requests over TLS or
SSL. Used for securing Web conference, instant
messaging, and presence activities. The default is
True; set to False or leave blank to disable SSL for SIP
services.
lwp.enableTLS
lwp.lsfdata
feedback_database_name
Value:
Leave blank.
lwp.lwmDefaultDomain (Required)
domain_name (cell-wide mail settings -- should be the
same as the domain name used in e-mail addresses
for the users in your LDAP directory; must contain a
value for mail to work)
Example: acme.com
RemHttpReplPort (Required)
unique_http_port (server port for DRS entry in Internal
Replication Domain)
Examples:
7973 (Node 1, WebSphere Portal Server cluster)
7977 (Node 1, Mail Server cluster)
7980 (Node 2, WebSphere Portal Server cluster)
7984 (Node 2, Mail Server cluster)
Chapter 9 Completing Setup in a Clustered Environment
415
Property
Description
WasProdHome
deploy_manager_root (i5/OS only: Deployment
Manager install directory)
Example:
Leave blank
/qibm/proddata/webas5/pmend
WasHostName
app_server_root_hostname (i5/OS only: host name of
the new node being added to the cluster)
Example:
Leave blank
lwp.lwmNWPathMSQueueDir
(Required)
shared_file_path (the location of the shared qfilestore
directory created in Phase 2)
Examples:
z\:/NDShares/qfilestore (use a backslash before
colon (:), then forward slashes for directory names)
//fileserver1/NDShares/qfilestore (use forward
slashes for directory names)
lwp.lwmPostMasterMailAddress
[email protected]_name
Example: [email protected]
RemHttpServerName (Required)
cluster_member_host_name (specify the Web server
cluster name)
Example: dispatcher.acme.com
WasPassword (Required)
password (the password for WebSphere Application
Server security authentication)
Example: wpsadmin
Note: The password is removed when a
configuration tasks runs. You must provide a
password each time you run a configuration task on
the Deployment Manager.
platform.script.ext
file_extension_for_scripts
Value:
sh
416
Clustered-server Deployment Guide
Property
Description
RemWpsServerName (Required)
cluster_member_name (name of the cluster member;
same value as ClusterMemberName)
Values:
WebSphere_Portal (Node 1, WebSphere Portal Server
cluster)
Mail_Server_1 (Node 1, Mail Server cluster)
WebSphere_Portal_RemNodename (Node 2 and above,
WebSphere Portal Server cluster with node name
appended)
Mail_Server_1_RemNodename (Node 2 and above,
Mail Server cluster with node name appended)
Related tasks
“Windows: Creating the IBM Workplace Collaboration Services clusters” on
page 411
Windows: Adding Node 1 to the WebSphere Portal Server cluster:
After you have installed and set up IBM Workplace Collaboration Services on
Node 1, add the node to the WebSphere Portal Server cluster.
Verify that the installDM.properties file on the Deployment Manager contains the
correct values for this node and cluster before proceeding.
Add a node to the cluster by following these steps.
1. Log in to Node 1 as a user with administrative privileges.
2. Open a command prompt.
3. Navigate to the app_server_root\bin directory.
4. Start the node agent on Node 1 with the following command.
startNode.bat
5. Open a command prompt window.
6. Navigate to the deploy_manager_root/bin directory.
7. Run the following command:
setupCmdLine.bat
8. Navigate to the workplace_server_root/install directory.
9. Run the following command:
lwpDMconfig.bat base-dm-wps-config >node1_wps.log
Check the log file and correct any errors before proceeding. You receive a
″Build Successful″ message when the update is completed without errors.
10. Navigate to the app_server_root\logs\nodeagent directory.
Check that the SystemOut.log contains the message ″Configuration
synchronization completed successfully″ before continuing.
11. Repeat the previous step on Node 1 and any other nodes in the cluster.
Related tasks
“Windows: Preparing the installDM.properties file” on page 412
“Windows: Creating the IBM Workplace Collaboration Services clusters” on
page 411
Chapter 9 Completing Setup in a Clustered Environment
417
Windows: Adding Node 1 to the Mail Server cluster:
After you have installed and set up IBM Workplace Collaboration Services on
Node 1 and added it to the WebSphere Portal Server cluster, add the node to the
Mail Server cluster.
Verify that the installDM.properties file on the Deployment Manager contains the
correct values for this node and cluster before proceeding.
Create a Mail Server cluster by following these steps on the Deployment Manager.
1. On the Deployment Manager, open a command prompt window.
2. Navigate to the deploy_manager_root/bin directory.
3. Run the following command:
setupCmdLine.bat
4. Navigate to the workplace_server_root/install directory.
5. Run the following command:
lwpDMconfig.bat base-dm-mailserver-config >node1_mail.log
Check the log file and correct any errors before proceeding. You receive a
″Build Successful″ message when the update is completed without errors.
6. Navigate to the app_server_root\logs\nodeagent directory.
Check that the SystemOut.log contains the message ″Configuration
synchronization completed successfully″ before continuing.
Related tasks
“Windows: Preparing the installDM.properties file” on page 412
“Windows: Creating the IBM Workplace Collaboration Services clusters” on
page 411
Windows: Adding subsequent nodes to the WebSphere Portal Server cluster:
After you have installed and set up IBM Workplace Collaboration Services on a
new node, add the node to the WebSphere Portal Server cluster.
Verify that the installDM.properties file on the Deployment Manager contains the
correct values for this node and cluster before proceeding.
Add a node to the cluster by following these steps.
1. Log in to the new node as a user with administrative privileges.
2. Open a command prompt.
3. Navigate to the app_server_root\bin directory.
4. Start the node agent on this new node with the following command.
startNode.bat
5. Open a command prompt window.
6. Navigate to the deploy_manager_root/bin directory.
7. Run the following command:
setupCmdLine.bat
8. Navigate to the workplace_server_root/install directory.
9. Run the following command:
lwpDMconfig.bat add-wps-cluster-member >node2_wps.log
Check the log file and correct any errors before proceeding. You receive a
″Build Successful″ message when the update is completed without errors.
418
Clustered-server Deployment Guide
10. Navigate to the app_server_root\logs\nodeagent directory.
Check that the SystemOut.log contains the message ″Configuration
synchronization completed successfully″ before continuing.
11. Repeat the previous step on Node 1 and any other nodes in the cluster.
Related tasks
“Windows: Preparing the installDM.properties file” on page 412
“Windows: Creating the IBM Workplace Collaboration Services clusters” on
page 411
Windows: Adding subsequent nodes to the Mail Server cluster:
After you have installed and set up IBM Workplace Collaboration Services on a
new node and added it to the WebSphere Portal Server cluster, add the node to the
Mail Server cluster.
Verify that the installDM.properties file on the Deployment Manager contains the
correct values for this node and cluster before proceeding.
Add a node to the Mail Server cluster by following these steps on the Deployment
Manager.
1. Log in to Node 1 as a user with administrative privileges.
2. Open a command prompt.
3. Navigate to the app_server_root\bin directory.
4. Start the node agent on Node 1 with the following command.
startNode.bat
5. Open a command prompt window.
6. Navigate to the deploy_manager_root/bin directory.
7. Run the following command:
setupCmdLine.bat
8. Navigate to the workplace_server_root/install directory.
9. Run the following command:
lwpDMconfig.bat add-mailserver-cluster-member >node2_mail.log
Check the log file and correct any errors before proceeding. You receive a
″Build Successful″ message when the update is completed without errors.
10. Navigate to the app_server_root\logs\nodeagent directory.
Check that the SystemOut.log contains the message ″Configuration
synchronization completed successfully″ before continuing.
11. Repeat the previous step on Node 1 and any other nodes in the cluster.
Related concepts
“Creating the Workplace Collaboration Services clusters” on page 403
Related tasks
“Windows: Preparing the installDM.properties file” on page 412
i5/OS: Creating the IBM Workplace Collaboration Services clusters:
In a clustered-server deployment, you create two server clusters to provide load
balancing and better performance. The first cluster is a WebSphere® Portal Server
cluster; the second cluster is a Mail Server cluster. Follow the instructions for the
node you are adding.
v Prepare the installDM.properties file before creating a cluster or adding a node
Chapter 9 Completing Setup in a Clustered Environment
419
v
v
v
v
Create the WebSphere Portal Server cluster and add Node 1
Create the Mail Server cluster and add Node 1
Add subsequent nodes to the WebSphere Portal cluster
Add subsequent nodes to the Mail Server cluster
Related concepts
“Creating the Workplace Collaboration Services clusters” on page 403
i5/OS: Preparing the installDM.properties file:
Each time you add a node to the WebSphere Portal Server or Mail Server cluster,
you must update the installDM.properties file with the correct information for that
node and cluster. Some values change for each type of node and also, at times, the
cluster to which you are adding it; other values are set for the first node and
remain the same for all Workplace Collaboration Services nodes added to the
clusters thereafter. The installDM.properties file is stored on the Deployment
Manager, in the workplace_server_root/install directory. Note that values are case
sensitive. Properties flagged as ″Required″ must contain a value or the cluster
configuration scripts will fail.
Property
Description
pluginName
Value:
plugins1.list
lwp.clusterName (Required)
cluster_name (should match the value in the
DeploymentService.properties file)
Values:
Workplace_Cluster (when adding nodes to the
WebSphere Portal Server cluster)
Mail_Server_Cluster (when adding nodes to the Mail
Server cluster)
NodeName (Required)
dm_node_name (name of Deployment Manager)
Example: LWPNetworkManager
lwp.clusterListeningAddressTCP
(Required)
tcp_listening_address_for_SIP (address at which SIP
proxies in this cluster receive inbound SIP requests
over TCP for dispatch to SIP containers. Used for
Web conference, instant messaging, and presence
activities. Specify the Web server cluster name.)
Example: dispatcher.acme.com
lwp.clusterListeningAddressTLS
(Required)
ssl_listening_address_for_SIP (address at which the SIP
proxy receives inbound SIP requests that are
encrypted using the Transport Layer Security (TLS)
protocol or Secure Sockets Layer (SSL) protocol. Used
for securing Web conference, instant messaging, and
presence activities. Specify the Web server cluster
name.)
Example: dispatcher.acme.com
lwp.lwmDNSServers
dns_server_name
Example: dns1.acme.com
420
Clustered-server Deployment Guide
Property
Description
RemHttpClientPort (Required)
unique_port (client port for DRS entry in Internal
Replication Domain)
You must specify the number of a port that is
available on the node that you are going to add to
the cluster. For example, you can base it off of the
port block configured for that node.
Examples:
(assuming the port block starts at 32500)
32581 (Node 1, WebSphere Portal Server cluster)
32582 (Node 1, Mail Server cluster)
32583 (Node 2, WebSphere Portal Server cluster)
32584 (Node 2, Mail Server cluster)
LWPDBType (Required)
dbms_type (database server type; the default is usually
correct)
Value:
db2iseries
LWPArcSchema
archive_schema_name (i5/OS only: name of Archive
schema)
Value:
LWPARC26 (match the value shown in the
dbbuild.properties file, located in the
workplace_server_root/config/database directory)
WasHome (Required)
app_server_root (WebSphere Application Server install
directory; the initial value shows the directory you
specified when you installed the Deployment
Manager)
Example:
/QIBM/UserData/WebAS5/ND/instance
WasInstance (Required for i5/OS
only)
instance (i5/OS only: name of the Workplace
Collaboration Services Deployment Manager instance)
Value:
wcs26
RemNodeName (Required)
node_name (unique name for the node you are adding
to the cluster, such as the WebSphere Application
Server node name. Used with ClusterMemberName
and RemWpsServerName).
Examples:
Node_1 (name of Node 1 when adding Node 1 to the
clusters)
Node_2 (name of Node 2 when adding Node 2 to the
clusters), and so on
Chapter 9 Completing Setup in a Clustered Environment
421
Property
Description
WasUserid (Required)
userid (WebSphere Portal Server administrator name)
Example: wpsadmin
lwp.lwmLocalDomain (Required)
domain_name (cell-wide mail settings -- should be the
same as the domain name used in e-mail addresses
for the users in your LDAP directory; must contain a
value for mail to work)
Example: acme.com
ClusterMemberName (Required)
cluster_member_name (name of the cluster member;
same value as RemWpsServerName)
Values:
WebSphere_Portal (Node 1, WebSphere Portal Server
cluster)
Mail_Server_1 (Node 1, Mail Server cluster)
WebSphere_Portal_RemNodeName (Node 2 and above,
WebSphere Portal Server cluster with node name
appended)
Mail_Server_1_RemNodeName (Node 2 and above,
Mail Server cluster with node name appended)
LWPComSchema
common_schema_name (i5/OS only: name of core
schema containing administrative data, mail services
data, and team collaboration data)
Value:
LWPCOM26 (match the value shown in the
dbbuild.properties file, located in the
workplace_server_root/config/database directory)
lwp.internalDomains (Required)
domain_name (cell-wide mail settings -- local domains
for mail routing; should be the same as the domain
name used in e-mail addresses for the users in your
LDAP directory; must contain a value for mail to
work)
Example: acme.com
DebugMode
debug_mode_status (when set to True, starts WebSphere
Application Server in debugging mode. The default is
False.)
CellName (Required)
cell_name (the cell name defined when you installed
the Deployment Manager; stays the same for all
clusters)
Example: LWPNetwork
LwpsHome (Required)
workplace_server_root (workplace_server_root of the
Deployment Manager; the initial value shows the
directory you specified when you installed Workplace
Collaboration Services.)
Example:
/QIBM/UserData/WebAS5/Base/instance/
WorkplaceServer
422
Clustered-server Deployment Guide
Property
Description
serverTemplateNodeName
(Required)
node1_name (WebSphere Application server node that
stores templates for IBM Workplace Collaboration
Services applications. Value is always the Node 1
RemNodeName regardless of the node you are adding
to the cluster.)
Example: Node_1
RemWpsServerNameOrg
(Required)
original_cluster_member (always Node 1’s cluster
member name regardless of the node you are adding
to the cluster)
Values:
WebSphere_Portal
messaging_schema_name (i5/OS only: name of
Messaging schema)
LWPMsgSchema
Values:
Leave blank
LWPMSG26 (match the value shown in the
dbbuild.properties file, located in the
workplace_server_root/config/database directory)
serverTemplateName (Required)
template_server (server from which the new node’s
application server is replicated)
Values:
WebSphere_Portal (all nodes, WebSphere Portal
Server cluster)
Mail_Server_1 (all nodes, Mail Server cluster)
ssl_status_for_SIP (when set to True, servers in this
cluster can accept inbound SIP requests over TLS or
SSL. Used for securing Web conference, instant
messaging, and presence activities. The default is
True; set to False or leave blank to disable SSL for SIP
services.
lwp.enableTLS
lwp.lsfdata
feedback_database_name
Value:
lwp (match the value for the Feedback Database
schema shown in the wpconfig.properties file, located
in the portal_server_root/config directory)
lwp.lwmDefaultDomain (Required)
domain_name (cell-wide mail settings -- should be the
same as the domain name used in e-mail addresses
for the users in your LDAP directory; must contain a
value for mail to work)
Example: acme.com
Chapter 9 Completing Setup in a Clustered Environment
423
Property
Description
RemHttpReplPort (Required)
unique_http_port (server port for DRS entry in Internal
Replication Domain)
You must specify the number of a port that is
available on the node that you are going to add to
the cluster. For example, you can base it off of the
port block configured for that node.
Examples:
32585 (Node 1, WebSphere Portal Server cluster)
32586 (Node 1, Mail Server cluster)
32587 (Node 2, WebSphere Portal Server cluster)
32588 (Node 2, Mail Server cluster)
WasProdHome
deploy_manager_root (i5/OS only: Deployment
Manager install directory)
Example:
/qibm/proddata/webas5/pmend
WasHostName
app_server_root_hostname (i5/OS only: host name of
the new node being added to the cluster)
Example:
Leave blank
lwp1.acme.com
lwp.lwmNWPathMSQueueDir
(Required)
shared_file_path (the location of the shared qfilestore
directory created in Phase 2)
Example:
/NDShares/qfilestore
lwp.lwmPostMasterMailAddress
[email protected]_name
Example: [email protected]
RemHttpServerName (Required)
cluster_member_host_name (specify the Web server
cluster name)
Example: dispatcher.acme.com
WasPassword (Required)
password (the password for WebSphere Application
Server security authentication)
Example: wpsadmin
Note: The password is removed when a
configuration tasks runs. You must provide a
password each time you run a configuration task on
the Deployment Manager.
platform.script.ext
file_extension_for_scripts
Value:
sh
424
Clustered-server Deployment Guide
Property
Description
RemWpsServerName (Required)
cluster_member_name (name of the cluster member;
same value as ClusterMemberName)
Values:
WebSphere_Portal (Node 1, WebSphere Portal Server
cluster)
Mail_Server_1 (Node 1, Mail Server cluster)
WebSphere_Portal_RemNodename (Node 2 and above,
WebSphere Portal Server cluster with node name
appended)
Mail_Server_1_RemNodename (Node 2 and above,
Mail Server cluster with node name appended)
Related tasks
“i5/OS: Preparing the installDM.properties file” on page 420
“i5/OS: Creating the IBM Workplace Collaboration Services clusters” on page
419
i5/OS: Adding Node 1 to the WebSphere Portal Server cluster:
After you have installed and set up IBM Workplace Collaboration Services on
Node 1, add the node to the WebSphere Portal Server cluster.
Verify that the installDM.properties file on the Deployment Manager contains the
correct values for this node and cluster before proceeding.
Create the WebSphere Portal Server cluster by following these steps.
1. Log in to Node 1 as a user with administrative privileges.
2. Start the QShell Interpreter by entering the following on an i5/OS command
line:
STRQSH
3. Navigate to the app_server_root/bin directory.
4. Start the node agent on Node 1 with the following command.
startNode -instance instance_name
where instance_name is the name of the instance.
5. On the Deployment Manager, start a QShell session (STRQSH).
6. Enter the following:
cd /QIBM/ProdData/WebAS5/PMEND/bin
7. Enter the following command; including a space between the periods:
. ./setupCmdLine -instance instance_name
8. Change to the workplace_server_root/install directory.
9. Run the following command:
./lwpDMconfig400.sh base-dm-wps-config -logfile node1_wps.log
Check the log file and correct any errors before proceeding. You receive a
″Build Successful″ message when the update is completed without errors.
10. Navigate to the app_server_root/logs/nodeagent directory.
Check that the SystemOut.log contains the message ″Configuration
synchronization completed successfully″ before continuing.
Chapter 9 Completing Setup in a Clustered Environment
425
11. Repeat the previous step on Node 1 and any other nodes in the cluster.
Related tasks
“i5/OS: Preparing the installDM.properties file” on page 420
“i5/OS: Creating the IBM Workplace Collaboration Services clusters” on page
419
i5/OS: Adding Node 1 to the Mail Server cluster:
After you have installed and set up IBM Workplace Collaboration Services on
Node 1 and added it to the WebSphere Portal Server cluster, add the node to the
Mail Server cluster.
Verify that the installDM.properties file on the Deployment Manager contains the
correct values for this node and cluster before proceeding.
Create the Mail Server cluster by following these steps on the Deployment
Manager.
1. Start the QShell Interpreter by entering the following on an i5/OS command
line:
STRQSH
2. Enter the following:
cd /QIBM/ProdData/WebAS5/PMEND/bin
3. Run the following command; including a space between the periods:
. ./setupCmdLine -instance instance_name
where instance_name is the name of the instance.
4. Navigate to the workplace_server_root/install directory.
5. Run the following command:
./lwpDMconfig400.sh base-dm-mailserver-config -logfile node1_mail.log
Check the log file and correct any errors before proceeding. You receive a
″Build Successful″ message when the update is completed without errors.
6. Navigate to the app_server_root/logs/nodeagent directory.
Check that the SystemOut.log contains the message ″Configuration
synchronization completed successfully″ before continuing.
Related tasks
“i5/OS: Preparing the installDM.properties file” on page 420
“i5/OS: Creating the IBM Workplace Collaboration Services clusters” on page
419
i5/OS: Adding subsequent nodes to the WebSphere Portal Server cluster:
After you have installed and set up IBM Workplace Collaboration Services on a
new node, add the node to the WebSphere Portal Server cluster.
Verify that the installDM.properties file on the Deployment Manager contains the
correct values for this node and cluster before proceeding.
Add a node to the WebSphere Portal Server cluster by following these steps.
1. Log in to Node 1 as a user with administrative privileges.
2. Start the QShell Interpreter by entering the following on an i5/OS command
line:
STRQSH
426
Clustered-server Deployment Guide
3. Navigate to the app_server_root/bin directory.
4. Start the node agent on Node 1 with the following command.
startNode -instance instance_name
where instance_name is the name of the instance.
5. Start the QShell Interpreter by entering the following on an i5/OS command
line:
STRQSH
6. Enter the following:
cd /QIBM/ProdData/WebAS5/PMEND/bin
7. Enter the following command; including a space between the periods:
. ./setupCmdLine -instance instance_name
8. Change to the workplace_server_root/install directory.
9. Run the following command:
./lwpDMconfig400.sh add-wps-cluster-member -logfile node2_wps.log
Check the log file and correct any errors before proceeding. You receive a
″Build Successful″ message when the update is completed without errors.
10. Navigate to the app_server_root/logs/nodeagent directory.
Check that the SystemOut.log contains the message ″Configuration
synchronization completed successfully″ before continuing.
11. Repeat the previous step on Node 1 and any other nodes in the cluster.
Related tasks
“i5/OS: Preparing the installDM.properties file” on page 420
“i5/OS: Creating the IBM Workplace Collaboration Services clusters” on page
419
i5/OS: Adding subsequent nodes to the Mail Server cluster:
After you have installed and set up IBM Workplace Collaboration Services on a
new node and added it to the WebSphere Portal Server cluster, add the node to the
Mail Server cluster.
Verify that the installDM.properties file on the Deployment Manager contains the
correct values for this node and cluster before proceeding.
Add a node to the Mail Server cluster by following these steps on the Deployment
Manager.
1. Log in to Node 1 as a user with administrative privileges.
2. Start the QShell Interpreter by entering the following on an i5/OS command
line:
STRQSH
3. Navigate to the app_server_root/bin directory.
4. Start the node agent on Node 1 with the following command.
startNode -instance instance_name
where instance_name is the name of the instance.
5. Navigate to the deploy_manager_root/bin directory.
6. Run the following command; including a space between the periods:
. ./setupCmdLine -instance instance_name
7. Navigate to the workplace_server_root/install directory.
8. Run the following command:
Chapter 9 Completing Setup in a Clustered Environment
427
./lwpDMconfig400.sh -instance instance_name add-mailserver-cluster-member
-logfile node2_mail.log
Check the log file and correct any errors before proceeding. You receive a
″Build Successful″ message when the update is completed without errors.
9. Navigate to the app_server_root/logs/nodeagent directory.
Check that the SystemOut.log contains the message ″Configuration
synchronization completed successfully″ before continuing.
10. Repeat the previous step on Node 1 and any other nodes in the cluster.
Related tasks
“i5/OS: Preparing the installDM.properties file” on page 420
“i5/OS: Creating the IBM Workplace Collaboration Services clusters” on page
419
Connecting nodes to an external HTTP server
Workplace Collaboration Services properties files need to be updated before a
connection to an external HTTP server is possible.
Follow the set of instructions that correspond to the server platform:
v IBM AIX
v Linux
v Sun Solaris
v Microsoft Windows
v IBM i5/OS
Related tasks
“Connecting to external Web servers in a clustered environment” on page 287
AIX, Linux, and Solaris: Connecting nodes to an external Web
server
Workplace software server settings need to be updated to connect to an external
Web server. Follow these instructions to connect a node in a Network Deployment
to an external Web server.
Change settings by editing the wpconfig.properties and dbbuild.properties files
and then running a configuration script to update the IBM Workplace
Collaboration Services database with the new settings.
1. Make a backup copy of the following files:
v app_server_root/config/cells/CellName/resources.xml
v portal_server_root/config/wpconfig.properties
v All files in workplace_server_root/properties
v workplace_server_root/config/database/dbbuild.properties
2. Using a text editor, update the original wpconfig.properties file as follows.
428
Property
Description
CellName
Verify that the value is correct for the Deployment Manager cell
for this node. Correct it if necessary.
Clustered-server Deployment Guide
Property
Description
WpsHostName
If you are using a Network Dispatcher to manage a Web server
cluster, this value is the fully qualified DNS address of the
Network Dispatcher cluster. If you are using a remote Web server,
this value is the host name of the machine where you installed the
Web server; for example, web1.acme.com.
WpsHostPort
This is the port number that your Web server uses to listen for
HTTP traffic. For an external Web server, remove the default 9081
and leave the port number blank, unless you have set up a port
other than 80 for HTTP traffic.
3. Verify that other settings in the wpconfig.properties file are correct, then save
the file.
4. Using a text editor, update the following values in the original
dbbuild.properties file.
LWPDBAdminUser=admin_user
LWPDBAdminPassword=password
LWPDBAppUser=db_app_user
LWPDBAppUserPassword=db_app_user_password
where LWPDBAdminUser and LWPDBAdminPassword are the name and
password of the database administrator. LWPDBAppUser and
LWPDBAppUserPassword are the name and password of the administrator of
the WebSphere Portal wps50 database.
5. Edit the following Learning settings in the dbbuild.properties file.
Property
Description
lmscontent_serversnn
Remove ″/lms-ds″ from the value. For example:
lmscontent_base_url
Update value to match the content server URL. For example:
lmscontent_base_url=http://contentserverURL/content
If you are using a Network Dispatcher to cluster content servers,
contentserverURL is the fully qualified DNS address of the
Network Dispatcher cluster.
Note: If you have multiple content servers, set them up to be
accessed through this single URL.
6. Update any other Learning settings to be accurate for your deployment, then
save the dbbuild.properties file. For example:
v lmmserver_url=http://your remote Web server URL (or fully qualified
DNS address of the Network Dispatcher cluster)
v lmmserver_coursePackages_dir=
shared_directory_path_to_lms_courses
v lmmserver_juru_path=
shared_directory_path_to_lms_juru
v dsserver_url=http://your remote Web server URL (or fully qualified
DNS address of the Network Dispatcher cluster)
7. If the WPSconfig lwp-httpserver-config task has already been run, all
passwords were replaced with the value PWD_REMOVED when the task
ended. Update the dbbuild.properties file to replace all instances of
PWD_REMOVED with valid passwords. Then close and save the file.
8. Verify that the HTTP server is running.
9. Shut down Workplace Collaboration Services.
Chapter 9 Completing Setup in a Clustered Environment
429
10. Run the following command from the app_server_root/bin directory. Notice the
space between the periods. The special format for this command sources the
command to make the setting active for all processes started from the
command shell.
. ./setupCmdLine.sh
11. Change to the portal_server_root/config directory and enter the appropriate
command:
On Node 1
./WPSconfig.sh lwp-httpserver-config >httpsettings.log
On subsequent nodes
./WPSconfig.sh lwp-httpserver-config -DNodeName=Node1_short_name
>httpsettings.log
Use Node 1’s short name for NodeName (for example, ″node1″ instead of
node1.acme.com).
12. Check the log file httpsettings.log to make sure the update completed
successfully.
Related tasks
“Connecting to external Web servers in a clustered environment” on page 287
“Creating aliases for shared directories” on page 88
Related reference
“Learning settings in the dbbuild properties file” on page 434
Windows: Connecting nodes to an external HTTP server
Workplace software settings need to be updated to connect to an external Web
server. Follow these instructions to connect a node in a Network Deployment to an
external Web server.
Change settings by editing the wpconfig.properties and dbbuild.properties files
and then running a configuration script to update the IBM Workplace
Collaboration Services database with the new settings.
1. Make a backup copy of the following files:
v app_server_root\config\cells\CellName\resources.xml
v portal_server_root\config\wpconfig.properties
v All files in workplace_server_root\properties
v workplace_server_root/config\database\dbbuild.properties
2. Using a text editor, update the original wpconfig.properties file as follows.
430
Property
Description
CellName
Verify that the value is correct for the Deployment Manager cell
for this node.
WpsHostName
If you are using a Network Dispatcher to manage a Web server
cluster, this value is the fully qualified DNS address of the
Network Dispatcher cluster. If you are using a remote Web server,
this value is the host name of the machine where you installed the
Web server; for example, web1.acme.com.
WpsHostPort
This is the port number that your Web server uses to listen for
HTTP traffic. For an external Web server, remove the default 9081
and leave the port number blank, unless you have set up a port
other than 80 for HTTP traffic.
Clustered-server Deployment Guide
3. Verify that other settings in the wpconfig.properties file are correct, then save
the file.
4. Using a text editor, update the following values in the original
dbbuild.properties file.
LWPDBAdminUser=admin_user
LWPDBAdminPassword=password
LWPDBAppUser=db_app_user
LWPDBAppUserPassword=db_app_user_password
where LWPDBAdminUser and LWPDBAdminPassword are the name and
password of the database administrator. LWPDBAppUser and
LWPDBAppUserPassword are the name and password of the administrator of
the WebSphere Portal wps50 database.
5. Edit the following Learning settings in the dbbuild.properties file.
Property
Description
lmscontent_serversnn
Remove ″/lms-ds″ from the value. For example:
lmscontent_servers0=CS00,1,Z:/content
where Z:/content represents a mapped drive to the
<drive>:\IBMHTTPServer\htdocs\en_US\content directory of the
remote HTTP server.
lmscontent_base_url
Update value to match the content server URL. For example:
lmscontent_base_url=http://contentserverURL/content
If you are using a Network Dispatcher to cluster content servers,
contentserverURL is the fully qualified DNS address of the
Network Dispatcher cluster.
Note: If you have multiple content servers, set them up to be
accessed through this single URL.
6. Update any other Learning settings to be accurate for your deployment, then
save the dbbuild.properties file. For example:
v lmmserver_url=http://your remote Web server URL (or fully qualified
DNS address of the Network Dispatcher cluster)
v lmmserver_coursePackages_dir=
shared_directory_path_to_lms_courses
v lmmserver_juru_path=
shared_directory_path_to_lms_juru
v dsserver_url=http://your remote Web server URL (or fully qualified
DNS address of the Network Dispatcher cluster)
7. If the WPSconfig lwp-httpserver-config task has already been run, all
passwords were replaced with the value PWD_REMOVED when the task
ended. Update the dbbuild.properties file to replace all instances of
PWD_REMOVED with valid passwords. Then close and save the file.
8. Verify that the Web server is running.
9. Shut down Workplace Collaboration Services.
10. From the app_server_root\bin directory, enter:
setupCmdLine.bat
11. Change to the portal_server_root\config directory and enter the following
command on one line:
On Node 1
WPSconfig.bat lwp-httpserver-config >httpsettings.log
Chapter 9 Completing Setup in a Clustered Environment
431
On subsequent nodes
WPSconfig.bat lwp-httpserver-config -DNodeName=Node1_short_name
>httpsettings.log
Use Node 1’s short name for NodeName (for example, ″node1″ instead of
node1.acme.com).
12. Check the log file httpsettings.log to make sure the update completed
successfully.
Related tasks
“Connecting to external Web servers in a clustered environment” on page 287
“Creating aliases for shared directories” on page 88
Related reference
“Learning settings in the dbbuild properties file” on page 434
i5/OS: Connecting nodes to an external Web server
Workplace software server settings need to be updated to connect to an external
Web server. Follow these instructions to connect a node in a Network Deployment
to an external Web server.
Change settings by editing the wpconfig.properties and dbbuild.properties files
and then running a configuration script to update the IBM Workplace
Collaboration Services database with the new settings.
1. On the node you will connect to the external Web server, make a backup copy
of the following files:
v app_server_root/config/cells/CellName/resources.xml
v portal_server_root/config/wpconfig.properties
v All files in workplace_server_root/properties
v workplace_server_root/config/database/dbbuild.properties
2. Using a text editor, update the original wpconfig.properties file as follows.
Property
Description
CellName
Verify that the value is correct for the Deployment Manager cell
for this node. Correct it if necessary.
WpsHostName
If you are using a Network Dispatcher to manage a Web server
cluster, this value is the fully qualified DNS address of the
Network Dispatcher cluster. If you are using a remote Web server,
this value is the host name of the machine where you installed the
Web server; for example, web1.acme.com. If you are using a local
Web server, this value is the host name of the Workplace
Collaboration Services machine.
WpsHostPort
This is the port number that your Web server uses to listen for
HTTP traffic. For an external Web server, remove the default 9081
and leave the port number blank, unless you have set up a port
other than 80 for HTTP traffic.
3. Verify that other settings in the wpconfig.properties file are correct, then save
the file.
4. Using a text editor, update the following values in the original
dbbuild.properties file.
LWPDBAdminUser=admin_user
LWPDBAdminPassword=password
LWPDBAppUser=db_app_user
432
Clustered-server Deployment Guide
LWPDBAppUserPassword=db_app_user_password
where LWPDBAdminUser and LWPDBAdminPassword are the name and
password of the database administrator. LWPDBAppUser and
LWPDBAppUserPassword are the name and password of the administrator of
the WebSphere Portal wps50 database.
5. Edit the following Learning settings in the dbbuild.properties file.
Property
Description
lmscontent_serversnn
Remove ″/lms-ds″ from the value.
lmscontent_base_url
Update value to match the content server URL. For example:
lmscontent_base_url=http://contentserverURL/content
If you are using a Network Dispatcher to cluster content servers,
contentserverURL is the fully qualified DNS address of the
Network Dispatcher cluster.
Note: If you have multiple content servers, set them up to be
accessed through this single URL.
6. Update any other Learning settings to be accurate for your deployment, then
save the dbbuild.properties file. For example:
v lmmserver_url=http://your remote Web server URL (or fully qualified
DNS address of the Network Dispatcher cluster)
v lmmserver_coursePackages_dir=
shared_directory_path_to_lms_courses
v lmmserver_juru_path=
shared_directory_path_to_lms_juru
v dsserver_url=http://your remote Web server URL (or fully qualified
DNS address of the Network Dispatcher cluster)
7. If the WPSconfig lwp-httpserver-config task has already been run, all
passwords were replaced with the value PWD_REMOVED when the task
ended. Update the dbbuild.properties file to replace all instances of
PWD_REMOVED with valid passwords. Then close and save the file.
8. Verify that the Web server is running.
9. Shut down Workplace Collaboration Services.
10. Start the QShell Interpreter by entering the following on an i5/OS command
line:
STRQSH
11. Change to the portal_server_root/config directory and enter the appropriate
command:
On Node 1
WPSconfig.sh lwp-httpserver-config | iconv -f 37 -t 819 >httpsettings.log
On subsequent nodes
WPSconfig.sh lwp-httpserver-config -DNodeName=Node1_short_name
| iconv -f 37 -t 819 >httpsettings.log
Use Node 1’s short name for NodeName (for example, ″node1″ instead of
node1.acme.com).
12. Check the log file httpsettings.log to make sure the update completed
successfully.
Related tasks
“Connecting to external Web servers in a clustered environment” on page 287
“Creating aliases for shared directories” on page 88
Related reference
Chapter 9 Completing Setup in a Clustered Environment
433
“Learning settings in the dbbuild properties file”
“Learning settings in the dbbuild properties file”
Learning settings in the dbbuild properties file
The following table of IBM Workplace Collaborative Learning properties shows the
default values set by the installation program and indicates which settings need to
be changed if you set up an external HTTP server. It uses the following
abbreviations:
Abbrevi