Lotus Sametime Version 8.5

Lotus Sametime
Version 8.5

Version 8.5.0
Lotus Sametime 8.5

Installation and Administration Guide Part 1
SC23-5987-04
Lotus Sametime
®
Version 8.5

Version 8.5.0
Lotus Sametime 8.5

Installation and Administration Guide Part 1
SC23-5987-04
Note
Before using this information and the product it supports, read the information in “Notices” on page 637.
Edition notice
This edition applies to version 8.5 of IBM Lotus Sametime (program number 5724–J23) and to all subsequent
releases and modifications until otherwise indicated in new editions.
© Copyright International Business Machines Corporation 1996, 2009.
US Government Users Restricted Rights – Use, duplication or disclosure restricted by GSA ADP Schedule Contract
with IBM Corp.
Contents
Chapter 1. Overview . . . . . . . . . 1 Installing DB2 on Linux and Windows . . . . 57
Accessibility features for Lotus Sametime . . . . . 1 Installing the Lotus Sametime System Console. . 59
What’s new in Lotus Sametime 8.5? . . . . . . 2 Connecting to an LDAP server . . . . . . . 64
What is Lotus Sametime? . . . . . . . . . . 3 Installing a Lotus Sametime Community Server
Lotus Sametime server architecture . . . . . . 6 and supporting software . . . . . . . . . 69
Lotus Sametime System Console . . . . . . . 8 Installing a Lotus Sametime Proxy Server . . . 101
Lotus Sametime Community Server . . . . . 8 Installing a Lotus Sametime Media Manager . . 107
Lotus Sametime Proxy Server . . . . . . . . 9 Installing a Lotus Sametime Meeting Server . . 115
Lotus Sametime Media Manager. . . . . . . 9 Installing a Lotus Sametime Gateway server . . 122
Lotus Sametime Meeting Server . . . . . . 10 Installing the WebSphere Application Server
Lotus Sametime Gateway. . . . . . . . . 10 Update Installer . . . . . . . . . . . 196
Lotus Sametime clients . . . . . . . . . 11 Deploying the Sametime client to users. . . . 199
Meeting features in Connect versus Web clients . . 13 Starting and stopping servers in a Lotus
Glossary . . . . . . . . . . . . . . . 16 Sametime deployment . . . . . . . . . 230
Uninstalling . . . . . . . . . . . . . 240
Chapter 2. Planning . . . . . . . . . 23 Installing on IBM i . . . . . . . . . . . 248
Preparing to install Lotus Sametime on IBM i 249
Skills needed for Sametime administration . . . . 23
Installing the Lotus Sametime System Console 250
System requirements . . . . . . . . . . . 24
Connecting to an LDAP server . . . . . . 255
Downloading Lotus Sametime files for installation 24
Installing a Lotus Sametime Community Server
Supporting IPv6 addressing in a Lotus Sametime
and supporting software . . . . . . . . 260
deployment . . . . . . . . . . . . . . 25
Installing a Lotus Sametime Proxy Server . . . 312
Supporting IPv4, IPv6, or both protocols. . . . 26
Installing a Lotus Sametime Meeting Server . . 318
Enabling support for IPv6 . . . . . . . . 28
Installing a Lotus Sametime Gateway server . . 327
Planning deployment topologies . . . . . . . 33
Installing the WebSphere Application Server
Deploying instant messaging and presence only 33
Update Installer on IBM i . . . . . . . . 397
Deploying instant messaging and meetings . . . 34
Deploying the Sametime client to users. . . . 399
Deploying instant messaging, meetings, and Web
Starting and stopping servers in a Lotus
clients . . . . . . . . . . . . . . . 34
Sametime deployment . . . . . . . . . 417
Deploying instant messaging, meetings, Web
Uninstalling . . . . . . . . . . . . . 423
clients, audio, and video . . . . . . . . . 34
Deploying instant messaging to external
messaging communities . . . . . . . . . 35 Chapter 4. Migrating and upgrading 431
Planning for an LDAP directory . . . . . . . 40 Upgrading Lotus Sametime. . . . . . . . . 431
Planning a Community Server installation . . . . 41 Upgrading Lotus Sametime on AIX, Linux,
Audio/video considerations . . . . . . . . 42 Solaris, or Windows . . . . . . . . . . 431
Planning for the dedicated Domino server for Upgrading Lotus Sametime on IBM i . . . . 502
Lotus Sametime . . . . . . . . . . . . 43 Upgrading Lotus Sametime Gateway . . . . . 578
Deploying a stand-alone Community Server Mux 44 Upgrading the DB2 server . . . . . . . . 579
Planning a Lotus Sametime Media Manager Upgrading Lotus Sametime Gateway servers 579
installation . . . . . . . . . . . . . . 47 Upgrading Sametime clients . . . . . . . . 631
Audio and video considerations . . . . . . 48 Considerations for upgrading the Sametime
Planning a Lotus Sametime Gateway installation . . 50 Connect client . . . . . . . . . . . . 631
Planning for migration from an earlier release . . . 53 Retiring older Sametime clients . . . . . . 632
Clustering Sametime servers for high availability . . 55 Installing the new Lotus Sametime client . . . 636
Giving users a preview guide . . . . . . . . 56
Notices . . . . . . . . . . . . . . 637
Chapter 3. Installing . . . . . . . . . 57 Trademarks . . . . . . . . . . . . . . 639
Installing on AIX, Linux, Solaris, and Windows . . 57
© Copyright IBM Corp. 1996, 2009 iii

iv Lotus Sametime: Installation and Administration Guide Part 1
Chapter 1. Overview
Learn more about how to install and configure IBM Lotus Sametime for instant
messaging and Web conferences.
This section contains an overview of the components of IBM Lotus Sametime for
installers and administrators.
Accessibility features for Lotus Sametime

Accessibility features help users who have a disability, such as restricted mobility
or limited vision, to use information technology products successfully. IBM strives
to provide products with usable access for everyone, regardless of age or ability.
Accessibility features
The Lotus Sametime System Console is based on the IBM WebSphere Application
Server Integrated Console, and shares the same accessibility features, described
below.
v The following features are for vision-impaired users:
– Can be operated by using only the keyboard
– Communicates all information independent of color
– Supports interfaces commonly used by screen readers and screen magnifiers
– Supports the attachment of alternate output devices
– Provides help information in an accessible format
– Supports high contrast using a white background (some icons may not
display properly on a colored background)
v The following features are for users who have mobility impairments or limited
use of their hands:
– Allows the user to request more time to complete timed responses
– Can be operated by using only the keyboard
– Supports the attachment of alternative input and output devices
v The following features are for the deaf and hard of hearing users:
– Supports alternatives to audio information
– Supports adjustable volume control
v The console does not flash the screen at rates that could induce epileptic seizures
The help system for Integrated Solutions Console has the following accessibility
features:
v Uses the accessibility support enabled by the browser that is used to display the
help
v Enables navigation by using the keyboard
The Lotus Sametime Information Center is accessibility-enabled. The accessibility

features of the information center are described at: publib.boulder.ibm.com/
infocenter/sametime/v8r5/topic/com.ibm.help.ic.doc/using_system/
accessibility_info.html.
© Copyright IBM Corp. 1996, 2009 1

Keyboard navigation
To move through the controls on a particular page, use the Tab key.
To click a link or control on a page using the keyboard, navigate to the link or
control and press Enter.
To change the navigation view using the keyboard, follow these steps:
1. Navigate to the View selection list using the Tab key.
2. Use the up and down arrows to change the value of the selection list.
3. Press Enter.
The tasks displayed in the navigation are changed according to your selection.
Related accessibility information
When you administer WebSphere Application Server settings, you work in the
Integrated Solutions Console. Detailed information on console accessibility is
provided in the WebSphere Application Server information center.
IBM and accessibility
See the IBM Human Ability and Accessibility Center for more information about
the commitment that IBM has to accessibility:
What’s new in Lotus Sametime 8.5?

Learn more about the new features in this release that allow Sametime® to make
unified communications in your organization simple and effective.
Unified communications consolidate various synchronous communications

channels (voice, video, meetings) with asynchronous channels (e-mail, voicemail,
social networks) on a common data network, thereby reducing communications
and infrastructure costs. Unfortunately, however unified on the back end, unified
communications solutions are rarely unified for the end user. It is not uncommon
for an ″integrated″ solution to require users to learn four or more software clients.
And the clients rarely integrate with each other, forcing users to switch contexts as
their communication needs change, disrupting the task at hand. In the end, this
complexity slows adoption and the business fails to recognize the expected return
on investment.
The focus of Sametime 8.5 is to make unified communications seamless to the user
by introducing a range of new capabilities and improvements:
v A new online meeting experience is fully integrated into the Sametime Connect
client.
v A new Sametime Meetings panel provides a consolidated view of a user’s
meetings and calendar and makes starting or joining a meeting a single-click
process. Users can easily invite others to meetings by dragging their names from
the Contact list. They can accept meeting invitations with a single click, just like
joining a group chat. Users can move seamlessly from a text chat to a voice or
video chat to a meeting. To upload meeting materials, they simply drag and
drop the items they need.
v New, zero-download, browser-based chat and meeting clients extend the desktop
experience to wherever the user is working.
2 Lotus Sametime: Installation and Administration Guide Part 1

v Improved audio and video capabilities make it easier to interoperate with
existing audio and video conferencing systems and increase their utilization.
v New audio and video codecs provide higher quality native voice and video
services for a more compelling collaborative experience out of the box.
v New Web 2.0 APIs let developers embed Sametime capabilities into Web sites
and applications so users do not have to switch context as often.
v For mobile users, there is a new browser-based Apple iPhone chat client,
support for the Blackberry Storm, and an improved mobile client for Microsoft®
Windows® Mobile devices.
v New social views make it easier for users to find the people they collaborate
with the most.
v You can now select an existing geographic location that you have previously
used and copy the location data to your current location.
v Improved integration with Microsoft Outlook and Office puts more Sametime
capabilities at users’ fingertips.
This release also continues to focus on enhancing Sametime as a platform, making

it easier to manage and less expensive to operate.
v A new Sametime System Console centralizes infrastructure configuration,
deployment, and management and centralizes policy management for all
Sametime services.
v A new Sametime Media Manager with SIP-based interfaces and APIs
interoperates with third-party video and audio conferencing systems. It also
offers new video (H.264) and audio (G.722.1) codecs that deliver a better user
experience at a fraction of the bandwidth and provides administrative controls
over the video experience (size, bitrate, and so on).
v A new online meeting infrastructure no longer requires add-on servers for high
availability and improves firewall friendliness through the use of HTTP/S to
connect users.
v A new Sametime Proxy Server with Web 2.0 APIs simplifies integration into Web
sites and applications.
v New operating systems and platforms are supported for this release: IBM®
Lotus® Domino® 8.5, Microsoft Windows 2008 (32-bit and 64-bit editions) and
64-bit Linux® operating systems.
What is Lotus Sametime?

IBM Lotus Sametime consists of client and server applications that enable a
community of users to collaborate through instant messaging and online meetings
over an intranet or the Internet. Lotus Sametime Entry is an offering targeted at
helping organizations get started with instant messaging.
Members of the Lotus Sametime community use collaborative activities such as

awareness, chat, screen sharing, and real-time audio/video capabilities to work
together.
Awareness – Lotus Sametime awareness technology lets members who have

logged in to Lotus Sametime to see all other members who are logged in. The
names of online users display in ″awareness lists″ in Lotus Sametime applications.
From these awareness lists, members of the community can chat through instant
messaging sessions or start meetings that include chat, screen-sharing, polls, the
ability to send Web pages to other users, and audio/video capabilities.
Chapter 1. Overview 3
Meeting rooms – While awareness lists support instant collaboration with other
online users, the Lotus Sametime Meeting Room Center provides a central meeting
place for members of the community. In the Meeting Room Center, users can create
meeting rooms and use them whenever they want to meet with their colleagues.
Users access the Lotus Sametime Meeting Room Center with Web browsers or
from the Meetings panel in the Lotus Sametime Connect client.
Instant messaging – The Lotus Sametime client is a Java™ application that uses the
Eclipse-based IBM Lotus Expeditor. The Lotus Sametime client leverages the
Eclipse plug-in framework to provide developers with extensibility features that go
far beyond those available in previous Lotus Sametime releases. Partners,
independent software vendors (ISVs), customers, and internal developers use these
features to integrate with the Lotus Sametime client to extend its capabilities.
Instant meetings – Instant meetings are meetings that Lotus Sametime Connect
users can create on the fly, and are perfect for quick meetings when you don’t
need to save the meeting room, its content, and related information.
Voice chat – The Lotus Sametime client allows users to talk to other Lotus
Sametime users through their computer’s audio features and Voice-over-IP (VoIP)
technology. VoIP is becoming increasingly popular, since it allows users anywhere
in the world to talk inexpensively. Voice-over-IP allows users to click the
microphone icon to call another user for instant voice chats over the intranet.
Telephony– Voice chat is one of two telephony capabilities in the Lotus Sametime
IM client. The other is click-to-call (also called click-to-dial), which allows a user to
instantly create a telephone conference with one or more other users. In both cases,
a user invites other users in a chat window or on the buddy list to join a call, and
the invitees are given the opportunity to either join or decline. Those users who
choose to join can connect to the call by clicking an icon. If voice chat is used to
initiate the call, all connected parties communicate using their computer’s
microphone and speakers. If click-to-call is used, a third-party telephony service
calls each user at the appropriate number.
Video chat – Users who are equipped with video components can see each other
on their screens during a chat.
Location awareness – Lotus Sametime includes location awareness of the user, and
an extensible resource area at the bottom of the left pane that can be customized to
reflect different locations.
Connect to public IM networks – Lotus Sametime provides for connectivity to

outside instant messaging providers such as AOL’s AIM, Yahoo! Messenger,
Microsoft Office Communications Server, and Google Talk communities through
IBM’s Lotus Sametime Gateway. Through the gateway, users can share presence
information and can participate in text-based IM conversations.
Contact information – The Business Card features provides the user with
telephone number, e-mail address, photo, name, title, and location displayed in the
Business Card hover-over feature and in the chat window. Business cards can be
provided by the Lotus Sametime Community Server or a Lotus Connections server.
Emoticons – Lotus Sametime includes emotionally-expressive icons such as smiley

faces.

Customizing – Your company name can be added to the Instant Messaging
window.
File transfer – Users can send files.
Quick find – Users can start typing name in the Quick Find box to find a person
they want to chat with, and then click the name to initiate a chat.
Time stamp – The time of day is provided in the Chat window along side the text.
Polling– A user can poll members of a group to provide brief feedback to

questions.
Policy– Users can be assigned access to different features in Instant Messaging,

such as voice chat, creating meetings, transferring files, IP telephony. Policy
settings govern their access.
The two primary Lotus Sametime client applications are the Lotus Sametime
Connect client and the Lotus Sametime Meeting Room. The Lotus Sametime
Connect client contains a presence list that displays selected members of the
community who are online. FromLotus Sametime Connect, a user can collaborate
by sending instant messages or by starting an instant meeting with any other
online member of the community.
The Lotus Sametime Meeting Room runs in a user’s Web browser whenever the
user attends a meeting. The Lotus Sametime Meeting Room contains components
that support the full range of Lotus Sametime collaborative activities, including
interactive audio and video.
Lotus Sametime Standard and Lotus Sametime Entry
Lotus Sametime Standard is the full Lotus Sametime product offering, Lotus
Sametime Standard provides awareness, instant messaging, and meeting room
functionality.
Lotus Sametime Entry is a limited offering, providing a core set of awareness and
instant messaging capabilities either from stand-alone Lotus Sametime clients or
from within Lotus Notes®. Lotus Sametime Entry does not support meeting rooms.
In addition, Lotus Sametime Entry is sometimes packaged with other IBM
products.
You can expand your real-time collaboration capabilities in Lotus Sametime Entry
by purchasing the Lotus Sametime Standard server to add meeting room
capabilities and a richer instant messaging client to your environment.
The following table compares the features of Lotus Sametime Entry and Lotus
Sametime Standard.
Available with Lotus Available with Lotus

Capability Sametime Entry Sametime Standard
Presence yes yes
Instant Messaging chat yes yes
N-way (group) chat yes yes
Sort contact list yes yes
Available with Lotus Available with Lotus
Capability Sametime Entry Sametime Standard
Show short names yes yes
Show those online only yes yes
Time stamps on chats yes yes
Chat history yes yes
Rich text yes yes
Emoticons yes yes
Emoticon palettes yes yes
Business card display yes yes
Contact type ahead yes yes
Spell check in chat yes yes
Standalone Sametime yes yes
Connect client
Microsoft Office integration yes yes
Meeting rooms and instant no yes
meetings
Sametime toolkits including no yes
embedded IM through
STlinks
Sametime gateway (to public no yes
IM)
Sametime mobile access no yes
Selective ’who can see me’ no yes
Alerts setting no yes
File transfer no yes
Telephony (with 3rd party) no yes
Voice chat no yes
Video chat (native no yes
point-to-point)
Multiple communities no yes
Geographic locating no yes
Screen capture tool no yes
Selective do-not-disturb no yes
status
Lotus Sametime plug-ins no yes
Lotus Sametime server architecture

A typical Lotus Sametime server includes a cluster of servers for instant messaging
on a Domino-based platform and other clustered servers running on WebSphere
Application Server that support meetings, audio-visual services, and connections to
a variety of clients.
The illustration below shows the different types of servers you can have in a
Sametime deployment. The second illustration names each type of server.

This illustration provides the names for the servers shown in the illustration above.
Lotus Sametime System Console
The Lotus Sametime System Console is a Web-based application that provides a
central location for installing, configuring, administering, and monitoring the
Sametime family of products.
In a production environment, install the console on a dedicated machine. The

machine also becomes the Deployment Manager in a clustered environment,
managing activity in all server clusters in the Sametime environment.
Lotus Sametime Community Server

The Lotus Sametime Community Server runs on Lotus Domino. It supports all
presence (or awareness) and text chat activity in a Lotus Sametime community.
Any Lotus Sametime client that contains a presence list must connect to the
Sametime Community server.
Basic functionality supported by the server includes:

v Handling client login requests.
v Handling connections from clients that access the Sametime server through a
direct TCP/IP connection, or through HTTP, HTTPS, or SOCKS proxy servers.
v Providing directory access for user name search and display purposes.

v Providing directory access to compile lists of all Sametime servers and users in
the community.
v Dissemination of presence and chat data to all users connected to Community
Services.
v Maintenance and storage of privacy information, user preference settings, and
presence lists for online users.
v Handling connections from the Community Services on other Sametime servers
when Using multiple non-clustered Lotus Sametime Community Servers.
Server-to-server connections for the Lotus Sametime Community Server occur on
default TCP/IP port 1516.
v Logging of server events to the General log settings (stlog.nsf).
v Enabling a name entry prompt to appear when the ACL settings of a Domino
database enabled with IBM Lotus instant messaging technology allows
anonymous access. This name entry prompt ensures that the presence list in the
Sametime database can display a name for the user.
Lotus Sametime Proxy Server

The IBM Lotus Sametime Proxy Server runs on WebSphere® Application Server. It
requires a Lotus Sametime Community Server.
The Lotus Sametime Proxy Server communicates with the Lotus Sametime
Community Server, Lotus Sametime Meeting server, Lotus Sametime Connections
Server, and Lotus Sametime Unified Telephony Server or TCSPI-enabled server.
The Proxy Server is responsible for the following activities:

v It hosts the Sametime client for browsers.
v It provides live names awareness for Sametime meetings, Business Cards, and
custom applications.
v It replaces the Sametime Java Connect or Sametime Connect for Browsers client.
v It can also replace the Sametime Links Toolkit.
Lotus Sametime Media Manager

The IBM Lotus Sametime Media Manager runs on WebSphere Application Server
to provide audio visual services for chats and meetings. It requires a Lotus
ametime Community Server.
The Lotus Sametime Media Manager uses the Session Initiation Protocol (SIP) to
provide support for point-to-point and multipoint calls. It is designed to support
standard audio and video codecs so that it works with other external audio and
video vendors.
The Lotus Sametime Media Manager uses three components. In a pilot

environment, the Lotus Sametime Media Manager components can all be installed
on one server, but in a production environment, you should install each of the
components on its own server.
v Conference server
The Conference server manages all conferences, including point-to-point and
multipoint. It works with the client to establish the SIP session for the call. It
hosts the internal TCSPI adapter and optionally an external TCSPI adapter.
The Conference server requires access to LDAP, Meetings (optional), and
Proxy/Registrar (including transport protocol: UDP, TCP). The Conference server
will handle workload management for conference sessions among the switchers.
v Proxy and Registrar
The Proxy and Registrar is responsible for location service and forwarding SIP
messages to a destination. It requires access to LDAP. You may also install and
configure a database to be used with it.
v Packet switcher
The Packet switcher is responsible for receiving and sending media streams from
endpoints to other endpoints in a conference. The Switcher works on audio
streams to determine the active video stream to send to the participants, a
process known as Voice-Activated Switching (VAS).
The Packet switcher requires access to LDAP, Conference server, and media
ports (1 or a range of ports for audio, and 1 or a range of ports for video). If the
switchers are installed on the same machine, ensure that are no port conflicts.
If security is turned on, use SSL to allow servers to communicate.
Lotus Sametime Meeting Server

The Lotus Sametime Meeting Server runs on WebSphere Application Server. It
requires an IBM DB2 database and an LDAP server. The Meeting Server provides a
central meeting place for members of the community. When combined with the
Lotus Sametime Media Manager, meeting rooms can be enhanced with
audio-visual features.
Lotus Sametime Gateway

IBM Lotus Sametime Gateway runs on WebSphere Application Server. It is a
platform for sharing presence and real-time collaboration with external instant
messaging communities.
Use Lotus Sametime Gateway to connect with any of the following gateways or
communities:
v Lotus Sametime communities deployed outside of your firewall
v AOL Instant Messenger
v Google Talk
v Jabber
v Yahoo Messenger
You can install one Lotus Sametime Gateway server or cluster of Lotus Lotus
Sametime Gateway servers for a local Sametime community. A local community
can be made up of one Sametime server, or a cluster of Sametime servers
connected by a common LDAP directory. Lotus Lotus Sametime Gateway does not
support more than one local Sametime community and uses the same LDAP
directory used by the local Sametime community.
Lotus Sametime Gateway is delivered with out-of-the-box functionality, such as

presence and instant messaging, filtering of blacklisted domains, user access
control, and logging of user content, presence, and instant messaging events. In
addition, all interactions with external domains are logged. Built upon a plug-in
technology, the Sametime Gateway allows IBM and third-party developers to
enrich and customize message handlers for spam control and virus checking.
How Gateway connections work
Instant messaging and presence through the Lotus Sametime Gateway depend on
direct connections between companies. The following illustration shows a local

IBM Sametime community behind a firewall. The community connects with
Company A, B, C, and D and vice versa, but these companies do not connect with
each other.
Lotus Sametime Gateway follows these steps to deliver an instant message to

another community.
1. Gateway confirms that the other community is on its list of communities.
2. Gateway checks each message to see if it has a route to the desired destination.
3. Gateway checks if there is permission to interact with the other system by
means of an Access Control List (ACL).
4. If necessary, Gateway translates the message into a protocol, either SIP or
XMPP (Extensible Messaging and Presence Protocol) that the community can
understand.
AOL Instant Messenger and Yahoo! Messenger use SIP.
Jabber and Google Talk use XMPP.
Lotus Sametime Gateway also bridges Sametime communities that use the
same protocol, as is the case with Company A and Company B in the
illustration above.
5. Finally, Gateway sends the message to its destination.
Lotus Sametime clients

To collaborate in instant messaging and online meetings, people in your
organization use IBM Lotus Sametime clients that interact with services on Lotus
Sametime servers.
v Sametime Connect - desktop instant messaging client that can be stand-alone or
embedded in Lotus Notes
v Sametime browser client - instant messaging client in a browser
v Sametime mobile client - instant messaging features in a mobile device
v Sametime iPhone client - optimized browser client for iPhone
v Sametime Meetings - meeting room plugin for Sametime Connect or Lotus Notes
v Sametime Meeting Room Center in a browser - online access to Sametime
meeting rooms
v Sametime Classic Meetings client - Java-based meeting room client interacts with
the Sametime Classic Meeting Server.
Integrating Lotus Sametime with Microsoft Office applications

You can integrate Lotus Sametime with Microsoft Office to enable Windows users
to talk and meet without leaving their Microsoft Office applications. You can also
integrate Lotus Sametime with the Office SharePoint Server to enable Lotus
Sametime users to communicate with Office SharePoint Server users from a
SharePoint site.
The administrator decides which features to make available to clients. If you

enable all features for clients, they have access to the following Sametime features
from Microsoft Word, Microsoft PowerPoint, and Microsoft Excel.
v Presence awareness
Names within Microsoft documents are instant-messaging-aware, which means
users can see if a document author—or any name included in a document—is
online. This is helpful, for example, if a user is reviewing a client proposal and
cannot proceed without verifying a project estimate with the writer. Presence
awareness allows the user to see immediately—directly from the proposal—that
the writer is online and available to answer questions.
v Business-class instant messaging
Instant-messaging capabilities within Microsoft documents can help users get
information and answers quickly, so they can work unimpeded. For example, to
verify a data point in an Excel spreadsheet, a user can start a chat directly from
the spreadsheet. There’s no need to leave the spreadsheet to start a chat or even
a Voice over Internet Protocol (VoIP) call.
v Web conferencing
Users can also initiate Web conferences directly from Microsoft Office
applications, for those projects that require collaboration to move them along. A
user working on a chart within a PowerPoint presentation, seeing that it needs
some refining, can use Web conferencing to collaborate with team members.
Sharing the presentation in real time, and even jointly editing it live, saves time
that would otherwise be spent sending e-mails or managing multiple versions of
the content.
Related tasks
“Enabling installation of optional client features such as Microsoft Office
Integration” on page 200
IBM Lotus Sametime ships with a number of optional client features that are not
included in the default installation package. You can add features to the
installation package for new client installs, as well as update already-installed
clients.
“Installing Sametime Integration for Microsoft Office” on page 217
IBM Lotus Sametime integration with Microsoft Office allows you to collaborate,
create meetings, and chat with coworkers through Microsoft Office applications.
Lotus Sametime integration with the Microsoft Office SharePoint Server allows
similar collaboration features with coworkers who use Office SharePoint Server as
their instant messaging application.
Lotus Sametime Advanced and Lotus Sametime Unified

Telephony clients
The users at your site must install the IBM Lotus Sametime Connect client and
plug-ins that are compatible with your Lotus Sametime deployment.

Since the release cycles for Lotus Sametime, Lotus Sametime Advanced, and Lotus
Sametime Unified Telephony vary, be sure that you deploy the correct version of
the Lotus Sametime Connect client and plug-ins. This is especially important when
you have a deployment that mixes different versions of these Lotus Sametime
components. You should deploy the version of the Lotus Sametime Connect client
that is compatible with the versions of the Lotus Sametime Advanced and Lotus
Sametime Unified Telephony servers deployed at your site. Once Lotus Sametime
Advanced 8.5 is released, your users can upgrade to the Lotus Sametime Connect
8.5 client.
Lotus Sametime 8.5 supports the following clients on Windows XP and Vista:
v Lotus Sametime Connect 8.5
v Lotus Sametime Connect 8.5 embedded in Lotus Notes 8.5.1
v Lotus Sametime Connect 8.0.2 embedded in Lotus Notes 8.5.1
v Lotus Sametime Connect 8.0.2 with the Lotus Sametime Advanced plug-in
v Lotus Sametime Connect 8.0.2 with the Lotus Sametime Unified Telephony
plug-ins
v Lotus Sametime Connect 8.0.2 with the Lotus Sametime Unified Telephony
plug-ins embedded in Notes® 8.5.1
v Lotus Sametime Connect 8.0.2 with the Lotus Sametime Advanced and Lotus
Sametime Unified Telephony plug-ins.
Lotus Sametime Advanced update sites.
For Lotus Sametime Advanced, you can ensure that users get the correct plug-in
by delivering the correct version of the Lotus Sametime Advanced update site for
the Sametime or Notes client that they are using. The Lotus Sametime Advanced
update site for Lotus Sametime Connect 8.0.2 is available, now. Once the Lotus
Sametime Advanced update sites for Lotus Sametime Connect 8.5 and Lotus Notes
8.5.1 are available, then users can upgrade to the Lotus Sametime Connect 8.5 or
Lotus Notes 8.5.1 clients with the Lotus Sametime Advanced plug-ins.
For more information, see the system requirements for the Lotus Sametime family
of products at:
http://www.ibm.com/support/docview.wss?rs=477&uid=swg27016451
Meeting features in Connect versus Web clients

The table below compares meeting features available to the Sametime Connect
client (rich client) and the Web client.
Features Connect client Web client

Reservationless, persistent yes yes
meeting rooms, available 24
x 7 for participant use
Instantly create a Sametime yes yes
Meeting Room from
Sametime Connect Client or
browser based Meeting
Room Center
Reservationless, persistent yes yes
meeting rooms, available 24
x 7 for participant use
Instantly create a Sametime yes yes
Meeting Room from
Sametime Connect Client or
browser based Meeting
Room Center
Join or create a Sametime yes no
Instant Meeting from a
1-on-1 or group chat
Assign and enter meeting yes yes
rooms from Notes, Outlook
invitations
View your calendar from yes no
Sametime Connect with one
click access to meeting rooms
One click access to Meeting yes no
rooms you own
One click access to your yes no
recently used Meeting
Rooms
Find Meeting Rooms by yes yes
owner or room name
Set passwords and hide yes yes
meeting rooms
Anonymous or guest access no yes
to meetings
Set permissions to control yes yes
whether users can share their
screens or just observe
Control who else can manage yes yes
room permissions
Invite users to meeting by yes no
drag and drop from contact
list
Browser users can participate yes yes
in meetings without any
client download
Photo and list view of yes yes
attendees
Sort participant list yes no
alphabetically or by users
with raised hands
Application and screen yes yes
sharing
Application sharing remote yes no
control (peer-to-peer)
Each meeting room has its yes yes
own, private file library
Load files into library by yes no
drag and drop

High quality conversion & yes yes
presentation of PDF, ODF,
and Microsoft Office files
Local, background, yes no
high-fidelity file conversion
Control whether users can yes yes
download documents from
meeting library
Fit to screen view yes yes
Edge-to-edge full screen yes no
view
Presenter tools (highlighter, yes no
pointer)
View slide thumbnails yes no
during presentation
Create Polls Immediately or yes no
Store for Future Use
Immediately share poll yes no
results with participants
Screen capture tool yes no
Paste an item from your yes no
clipboard to the meeting
library
Share URLs yes yes
Raise hand yes yes
Initiate private chat yes yes
Group discussion yes yes
Emoticon support yes no
Breakout sessions and yes no
simultaneously participate in
multiple meetings
Join Call function to enter yes no
audio portion of meeting
Client-side meeting yes no
recordings in standard file
formats (mpeg4 .mov)
Control whether users can yes yes
record a meeting
Conferencing with voice and yes no
video
User can rearrange interface yes no
Capture minutes, questions, yes yes
action items, answered
questions and follow up
items
Detailed meeting reports yes yes
Historical meeting reports yes no
Reset meeting room by yes yes
clearing out all room content
Administrators can use yes yes
policies to control in-meeting
discussion and file sharing
Reporting tool for yes yes
administrators to generate
meeting statics and usage
reports
Use HTTP/HTTPS to yes yes
connect all users, simplifying
internal and external
collaboration
Built-in failover and yes yes
clustering
Glossary
Familiarize yourself with terminology used in IBM Lotus Sametime.
Terms
breakout sessions
Users who are attending a meeting see a list of all meeting participants in
the Participant List component of the Meeting Room client. While the
meeting is in progress, a user who has Instant Meeting Policy permission
can start a ″breakout session″ with any user displayed in the Participant
List. A breakout session is an instant meeting that is started from the
Participant List of a meeting that is currently active.
Users must also be allowed by their Policy to create instant meetings in
order to create a breakout session.
chat Lotus Sametime supports text-based chat and instant messaging. A chat
session can consist of two (or more) users exchanging instant messages.
Chat or instant messaging sessions can be initiated from any contact list in
a Sametime client.
There are three basic kinds of voice chat that can be used with Sametime
Instant Messaging and Instant Meetings, and with scheduled meetings.
These are: the traditional Codec-style voice that comes with the client
workstation that is equipped with sound card and speakers, the
Sametime-ready third-party IP telephony, and the new IBM community
tools plug-in that uses voice-over-IP technology. For IP telephony,
Sametime provides a new client-side telephony application program
interface (API) that allows partners to easily integrate their telephony
service with the Instant Messaging client.
All instant messaging and chat activity is supported by Community
Services on the Sametime server.
clearinghouse
A federated community of users linked by an enterprise’s message router
that translates protocols and routes messages. When a message contains
destination domains not found elsewhere in a routing configuration, the

message is routed to a clearinghouse. A route to a clearinghouse enables
Lotus Sametime Gateway users to connect to a much wider community.
community
The Lotus Sametime community refers to all users that have Web browser
access to a Sametime server (or servers) and all Sametime servers that
support those users. The Sametime community can be maintained in the
Domino Directory on the Sametime Server or in an LDAP Directory on a
third-party LDAP-compliant server. Specifically, the Sametime community
can be described as a shared directory, or set of directories, that lists the
people and groups of the community, and as one or more Sametime
servers that each have access to the shared directory or set of directories
connectivity (firewall and proxy support)
To engage in collaborative activities, the Sametime clients must connect to
various services on the Sametime server. The HTTP Services, Community
Services, Meeting Services, Recorded Meeting Broadcast Services, and
Audio/Video Services on the Sametime server listen for connections from
clients on different TCP/IP ports. Because of the number of ports required
to support the full range of collaborative activities, Sametime includes
specially-designed connectivity features that enable Sametime clients to
establish connections through firewalls and proxy servers.
Domino Directory
The Lotus Sametime server uses the Domino Directory of the Domino
server on which Sametime is installed. The Domino Directory is a database
that serves as a central repository for information about Sametime users (or
members of the Sametime community). The Domino Directory contains a
separate Person document for each Sametime user. The Person document
contains the User Name and Internet password required for authentication
with the Sametime server. The Person document also contains a ″Sametime
server″ field that is used to specify a user’s home Sametime server. The
home ″Sametime server″ is the Sametime server a user connects to when
logging in to the Community Services for presence and chat activity. The
Domino Directory also contains Group documents that hold lists of users
that perform similar tasks. Group documents also define the Public Groups
that users can add to the Sametime Connect client presence list.
hand raise
Hand raise is a collaborative activity that allows users to raise a hand at
any time during a meeting. When users raise their hands, a hand icon
appears next to their names in the Participant List.
IP audio
Interactive IP Audio is a Lotus Sametime collaborative activity that enables
multiple (two or more) users to transmit and receive audio over an IP
network. In a meeting that includes interactive IP audio, the audio can
operate in either the ″automatic microphone″ or the ″request microphone″
mode. The request microphone mode is the more controlled mode. Only
one user can speak at a time and a user must request the microphone
before speaking. The automatic microphone mode enables two users to
speak simultaneously. In the automatic microphone mode, the person
speaking is automatically detected by the Audio/Video Services on the
Sametime server (it is not necessary to request the microphone before
speaking). Automatic microphone mode offers a more natural form of
conversation but provides less control.
IP video
Interactive IP video is a Lotus Sametime collaborative activity that enables
multiple users to transmit and receive video packets over an IP network. In
a meeting that includes interactive IP video, the video follows the audio.
The video component of the Sametime Meeting Room client includes a
Remote and Local video window. The Remote window displays images
from the camera of the person who is speaking and the Local window
displays the image from a user’s local camera.
LDAP directory
The administrator can configure the Lotus Sametime server to connect to a
Lightweight Directory Access Protocol (LDAP) server. This capability
enables an administrator to integrate Sametime into an environment in
which LDAP servers and LDAP directories are already deployed. When
Sametime is configured to connect to an LDAP server, the Sametime server
searches and authenticates user names against entries in the LDAP
directory on the third-party LDAP server. The LDAP directory replaces the
Domino Directory as the user repository in the community. The community
is defined by the users in the LDAP directory.
logging
The Sametime server logging tools include the Sametime log and the
Domino® log. The Sametime log records events in the Sametime log
database (stlog.nsf). The Sametime Administration Tool includes logging
settings that enable you to control whether activities are logged to a
database or to text files and to determine which activities are logged. If
you log Sametime information to a database, you can view the Sametime
log from the Sametime Administration Tool.
The Sametime Administration Tool also allows an administrator to launch
the Domino Web Administration Tool to view the Domino log. The
Domino log includes information about available memory and disk space,
server performance, and databases that need maintenance.
meetings
Lotus Sametime meetings are either ″instant″ or ″scheduled.″ An instant
meeting is started immediately from a presence list in any Sametime client.
Whiteboard files cannot be saved during instant meetings. Instant meetings
cannot be recorded. A scheduled meeting is scheduled to start at a
particular time and date. Scheduled meetings are created in advance in the
Sametime Meeting Center application (stconf.nsf) on the Sametime server.
The Meeting Services and the Community Services support the starting,
stopping, and creation of meetings on the Sametime server. Components of
the Sametime Meeting Room clients interact with the Meeting Services,
Community Services, and Audio/Video Services when participating in
Sametime meetings. The Meeting Room Client provides telephony and
video features for meetings (Web conferences). When attending a meeting,
a participant can click the ’Join the call’ button on the Meeting page.
Teleconferencing services are extensible through the use of Telephony
Conferencing SPI (TCSPI) For Audio teleconferencing, telephone services
can be made available for meetings and chats, allowing the user to initiate
a call for selected users or for everyone in the meeting/chat, using
telephone network or voice over IP (VoIP). Server establishes the phone
conference by calling each participant. Audio/video services include VoIP
and video services for meetings, using G.711 and G.723 audio codecs, and
H.263+,, and can be selected when a user schedules a meeting or launches
an instant meeting.
monitoring
The Sametime server includes charts that allow you to monitor current

Sametime server statistics. The monitoring charts, which are presented as
tables, provide up-to-the-second information about Community Services,
Meeting Services, Recorded Meeting Broadcast Services, Audio/Video
Services, Web statistics, and free disk space on the server.
polling
Polling is a Sametime collaborative activity that enables a Room Owner or
Manager to use polls (or ask questions) to gather feedback from meeting
participants. For example, the Moderator might ask meeting participants to
vote to approve or reject a proposal. Any Sametime Connect users can
send polls. Users with share permission for the Sametime Connect can
create polls.
The administrator controls whether this collaborative activity is available
for meetings on the Sametime server from the Configuration - Meeting
Services - General tab of the Sametime Administration Tool.
presence
Presence refers to the ability of a user to detect when other users are
online. A user can view a presence list in a Lotus Sametime client or
application that displays the names of other online users. Presence is
sometimes called ″awareness″ or ″online awareness.″
A presence list (or contact list) is a starting point for immediate or ″instant″
collaboration. Presence lists in Sametime clients display the names of
online users in bold green text. Instant messaging sessions and instant
meetings can be started immediately from a contact list. A user simply
double-clicks or right-clicks an online user’s name to send an instant
message or start an instant meeting.
Contact lists are found in all Sametime clients. The Sametime Connect
client includes a contact list that can display the names of all users in the
community who are online. The Sametime Meeting Room client contains a
Participant List that displays the names of all users attending a particular
meeting.
A user logs in to the Community Services on the Sametime server to
become present in the community or an online place (such as a Sametime
meeting or Web site enabled with Sametime technology). The Community
Services on the Sametime server support all presence functionality in
Sametime.
record and playback (recorded meetings)
Lotus Sametime includes a Record and Playback feature that enables a user
to record meetings. When scheduling a meeting, the user selects a check
box labeled ″Record this meeting so that others can replay it later″ to
record the meeting.
Reverse proxy and portal server support
A Sametime server can be deployed behind a reverse proxy server or a
portal server. When a Sametime server is deployed on an internal network
behind a reverse proxy server, the reverse proxy server operates as an
intermediary between the Sametime server and the Sametime clients. All
Sametime data flowing between the Sametime server and its clients passes
through the reverse proxy server. To accomplish its security objectives, a
reverse proxy server manipulates the data that passes through it. The
manipulation of Sametime data by the reverse proxy server imposes
specific requirements and limitations on the use of reverse proxy servers
with the Sametime server.
Sametime Administration Tool
The Sametime®Administration Tool is an HTML and XML based
application that runs in a Web browser. You open the Sametime
Administration Tool by clicking ″Administer the Server″ on the Sametime
server home page. The Sametime Administration Tool is the primary
administration tool for the Sametime server.
Sametime Gateway
IBM Lotus Sametime Gateway serves as the clearinghouse of presence,
using Extensible Messaging and Presence Protocol (XMPP), Virtual Place
(VP) protocol, and Session Initiation Protocol (SIP) to connect clients both
inside and outside your corporate environment. The Sametime Gateway
opens Sametime to external instant messaging access. You can enable this
functionality to allow users in your community to communicate with users
in another Sametime community that contains a Sametime server with the
Sametime Gateway functionality enabled. Enabling the Sametime Gateway
functionality requires the installation of separate components
Sametime Meeting Center (stconf.nsf)
The Sametime Meeting Center is an application (a Lotus Notes® database
named stconf.nsf) on the Sametime server that is accessed by a Web
browser. This application is a central meeting place for members of the
Sametime community. From the Sametime Meeting Center, you can
schedule a meeting, start a meeting immediately, attend a meeting, and
view information about scheduled and finished meetings. All scheduled
meetings in Sametime are created in the Sametime Meeting Center. A user
who starts an instant meeting from a contact list does not access the
Sametime Meeting Center. Anonymous access is allowed to the Sametime
Meeting Center database by default. With anonymous access, users are not
required to authenticate when accessing the Sametime Meeting Center.
Sametime server
The term Sametime server is used throughout the documentation to refer
to a server that has both Lotus Sametime and Domino installed.
Sametime server clusters
The Sametime server supports Sametime server clustering. Sametime
server clusters enhance server scalability and reliability to enable Sametime
to meet the demands of large user populations, and provide load balancing
and failover capabilities for Sametime Community Services and Meeting
Services.
Sametime server home page (stcenter.nsf)
The Lotus Sametime server home page is an HTML page that exists in the
Sametime Center database (stcenter.nsf). The Sametime server home page
can only be accessed by a Web browser and is the user entry point to the
Sametime server. After installing the Sametime server on the Domino
server, you must set stcenter.nsf as the Home URL for the server. To do
this, open the Server document for the Domino server that includes
Sametime, select the Internet Protocols tab, select the HTTP tab, and enter
stcenter.nsf in the Home URL field of the Mapping section of the Server
document.
screen sharing
Screen sharing is a Lotus Sametime collaborative activity that enables
multiple users to work within a single application on one user’s computer.
Geographically dispersed users in remote locations can collaborate within a
single application to produce a document, spreadsheet, blueprint, or any

other file generated from a Windows application. Screen sharing is
sometimes also referred to as ″application sharing.″
In a meeting that includes screen sharing, one user uses the screen-sharing
tool in the Sametime Meeting Room client to share a screen or application
on the user’s local computer with other meeting participants in remote
locations. The other meeting participants also use the screen-sharing tools
of the Sametime Meeting Room client on their local computers to view and
make changes to the shared screen or application. It is not necessary for
the remote users to have the application that is being shared installed on
their local systems. (The remote users share a single instance of the
application that is running on only one meeting participant’s computer.)
Only one user at a time can be in control of the shared screen. Most users
see the initials of the user who controls the shared screen beside the cursor.
The person who is sharing the screen does not see the initials when
someone else controls the shared screen. The person who is sharing the
screen must view the Participant List details to confirm who controls the
shared screen.
Services - General tab of the Sametime Administration Tool.
The administrator controls whether screen sharing is available for meeting
participants by setting the Policies - ″Allow screen sharing″ options of the
Sametime Administration Tool. Note that policy is group or user-specific
Screen sharing is supported by T.120 components of the Meeting Services
on the Sametime server. For more information about using this
collaborative activity in a meeting, see the Sametime user online help.
security
The Sametime server uses the Internet and intranet security features that
are available on the Domino server on which it is installed. Generally, you
use the Access Control Lists (ACLs) of databases on the Sametime server to
provide users with anonymous access or basic password authentication to
individual databases on the server. In addition to the Domino Internet and
intranet security features, the Sametime server requires ″authentication by
token″ security mechanisms to ensure that Sametime clients that establish
connections to the Sametime services are authenticated. These security
mechanisms include the Sametime Secrets and Tokens authentication
databases and the Domino Single Sign-On (SSO) authentication feature.
self-registration
The Lotus Sametime server includes a self-registration feature. This feature
allows an user to create a Person document that contains a User Name and
Internet password in the Domino Directory on the Sametime server. The
self-registration feature is available to users from the Register link of the
Sametime server home page. The administrator has the option of allowing
or not allowing self-registration. Self-registration can reduce the workload
for the administrator because it enables users to add themselves to the
Domino Directory (create a Person document in the directory containing a
User Name and Internet password). Allowing self-registration can involve
security risks because it enables anonymous users to create records in the
Domino Directory. These records permit anonymous users to authenticate
with databases on the server. Self-registration is not allowed by default.
Also, self-registration cannot be used if Sametime is configured to operate
with an LDAP directory.
send web pages
Send Web Pages is a Lotus Sametime collaborative activity that enables a
Meeting Moderator to send a Web page URL to all participants in a
meeting. When the Moderator sends a Web page URL to the meeting
participants, a browser window opens on each participant’s screen and
displays the Web page. If the Moderator sends an additional Web page
URL to the meeting participants, the new Web page replaces the previous
Web page in the Web browser window.
Services - General settings of the Sametime Administration Tool.
shared whiteboard and slides tools
The slides and shared whiteboard tools are Lotus Sametime collaborative
activities. The slides tab in the meeting room supports uploaded
presentations and other documents, while the whiteboard tab provides a
white page on which meeting participants can draw. Both activities
provide annotation tools that can be used for drawing and highlighting.
In a slides presentation of a web conference or e-meeting, the meeting
chair or other presenter displays a slide visible to participants on their
computers. Remote meeting participants can view the images and annotate
the images using the annotation tools in the Sametime Meeting Room.
Before slides can be presented in a meeting, a file containing the slide(s)
must be attached to the meeting.
The meeting chair or creator can attach files before or during meetings,
and any presenter can attach files during meetings.
StdebugTool.exe utility
You can use the StdebugTool.exe utility to produce trace files and create
new trace file sets for troubleshooting purposes. These trace files contain
debug messages that aid IBM Technical Support in troubleshooting
Sametime server problems. If you have never worked with Sametime trace
files before, you should use the StdebugTool.exe utility only under the
guidance of IBM Technical Support.
transfer files
Transferring files is a Lotus Sametime collaborative activity that enables
users to send a file to another user via a contact list in the Sametime
Meeting Room or the Sametime Connect client. Users must transfer one file
at a time to one person at a time. File transfers are automatically
encrypted. The administrator can enable or disable this feature. When you
enable this feature, both authenticated and anonymous users can transfer
files. The administrator can also disallow certain file types such as .exe file
types.
The file transfer feature does not work with Sametime Links. For more
information about Sametime Links, see the Sametime Directory and
Database Access Toolkit documentation available from IBM
DeveloperWorks (http://www.ibm.com/developerworks/lotus/products/
instantmessaging/.

Chapter 2. Planning
This section contains information about planning for information technology
departments, including installers and administrators.
Skills needed for Sametime administration

Administering a Lotus Sametime deployment calls for skills in several different
technologies. There are many IBM learning resources that can help you develop the
skills you need.
WebSphere Application Server configuration and maintenance
View performance information about server and application components
WAS proxy, SIP, and HTTP servers
Use problem determination tools and log files to troubleshoot problems
Resources for information:

v System Administrator skills for IBM WebSphere Application Server 7
v Education Assistant for WebSphere Application Server 7
v WebSphere Application Server education
WebSphere Application Server application management
Use WebSphere Application Server administrative tools to configure and manage

enterprise applications
Configure security for server-side application resources
WebSphere Application Server clustering
Deploy applications in clustered environments

v IBM Certified System Administrator - WebSphere Application Server Network
Deployment V7.0
LDAP directory management
Install and set up an LDAP directory
Manage users
DB2® database management
Creating and managing DB2 databases

v DB2 education

v DB2 9.5 for Linux, UNIX®, and Windows Transition from DB2 9
Domino server administration
Domino is required for Sametime. The administrator should know:

v Notes and Domino basics (what they are, how used)
v Installation and setup of Notes and Domino.
v How to monitor the Domino server tasks (logs, alerts)
v Basic Domino networking (setup/configuration).
v Security (levels, including how ACLs work, server security)
v Server tasks (what are they, how to change, how used, access)
v Administrator client (how to use, accessing from the web)
v How to set up, configure, and manage users and groups in a Domino directory

v Lotus Domino product home page
v Education Offerings on IBM Lotus Notes Domino 8/ 8.5
Secure Sockets Layer (SSL) configuration
Knowledge of certificate management
SSL management in Domino and WebSphere Application Server environments
Audio/Video technology
Audio/Video transmission protocols (STUN, TURN, ICE)
Audio/Video codecs (Media Manager)
System requirements
System requirements for installing IBM Lotus Sametime, including supported
operating systems, databases, LDAP servers, Lotus Sametime servers, browsers,
and JDKs.
System requirements for this release of the Lotus Sametime family of products is
maintained as an IBM Tech Note at the following Web address:
Downloading Lotus Sametime files for installation

IBM enables users to download IBM Lotus Sametime installation kits from the
Passport Advantage® Web site.
About this task
Follow the steps for your operating system.

1. AIX®, Linux, Solaris, Windows
a. To download installation packages, you must have an IBM Passport
Advantage account, which is described at the following Web address:
www.ibm.com/software/howtobuy/passportadvantage/paocustomer/docs/en_US/ecare.html

b. Open this release’s Download document at the following Web address:
http://www.ibm.com/support/docview.wss?rs=477&uid=24024322
Locate the components you need in the document’s listing, then download
the packages labelled with the corresponding part numbers to the system
on which you are installing.
c. Extract the files to a local directory.
d. Verify that you have at least 1 GB of temporary space to run the installation
in your %TEMP% or /tmp directory.
2. IBM i: (for Sametime Community Server installations from downloaded
images)
the packages labelled with the corresponding part numbers.
c. On your workstation, run the downloaded .exe file to extract the following
files:
v A short Readme document
v Q5724J23IM: IBM i binary save file containing the Sametime *BASE
option
v Q5724J23WC: IBM i binary save file containing Sametime option 1
(This file is included with Lotus Sametime Standard, but not with Lotus
Sametime Entry.)
Complete the remaining steps to transfer the save files from your
workstation to the system where you plan to install the Sametime
Community server.
3. IBM i (for installations from downloaded images)
c. Use ftp or another convenient method to transfer the installation package to
the system where you plan to install the product. Store the file in an IFS
directory of your choosing; for example:
/MySametimePackages
Supporting IPv6 addressing in a Lotus Sametime deployment

IPv6 addresses use a different format from IPv4 addresses to support a greater
range of direct addresses to computers on the internet. Enabling IPv6 addressing
reduces the need for Network Address Translators while improving the efficiency
of routing and providing for greater security. Beginning with release 8.0.2, IBM
Lotus Sametime servers and clients support the use of IPv6 addresses.
Chapter 2. Planning 25
Note: For more information on IPv6 addressing with Lotus Sametime, see the
article Best practices for moving to IPv6.
In this release of Lotus Sametime, some components have some limitations when
supporting IPv6 addressing:
v Lotus Sametime Gateway
You must install the Gateway with a special parameter to enable it for IPv6
addressing; you cannot enable it for support after deployment. The instructions
for installing a Lotus Sametime Gateway server include information on the
parameter and how to use it.
v Lotus Sametime Media Manager
The Media Manager does not support IPv6 addressing in this release. If your
Lotus Sametime deployment includes a Media Manager server, you cannot
enable IPv6 addressing at this time. IPv6 addressing will be supported in an
upcoming release of Lotus Sametime Media Manager.
v Lotus Sametime Connect clients
If you support only IPv6 addressing, clients from releases earlier than 8.0.2 will
not generate error messages but will appear ″broken″ to users because they
cannot communicate with the IPv6–enabled servers. To avoid lengthy
investigations of problems caused by attempts to use older clients with servers
where only IPv6 addressing is enabled, you should only use clients from release
8.0.2 or later. If you support both IPv4 and IPv6 addressing, all Lotus Sametime
clients can communicate all Lotus Sametime servers provided you configure
those servers to listen for IPv4–format addresses as well as IPv6–format
addresses.
v Lotus Sametime Advanced
Lotus Sametime Advanced has not been updated to release 8.0.2 and does not
yet support IPv6 addressing. If your Lotus Sametime deployment includes Lotus
Sametime Advanced, you cannot enable IPv6 at this time. IPv6 addressing will
be supported in an upcoming release of Lotus Sametime Advanced.
v Lotus Sametime Unified Telephony
Lotus Sametime Unified Telephony has not been updated to release 8.0.2 and
does not yet support IPv6 addressing. If your Lotus Sametime deployment
includes Lotus Sametime Unified Telephony, you cannot enable IPv6 at this time.
IPv6 addressing will be supported in an upcoming release of Lotus Sametime
Unified Telephony.
Enabling support for IPv6 addressing in Lotus Sametime products requires

configuration changes to various components of a deployment, as described in the
following topics:
Supporting IPv4, IPv6, or both protocols

Your IBM Lotus Sametime deployment can support IPv4 addressing, IPv6
addressing, or both protocols. The option you choose will determine how you
configure the servers in your deployment.
Existing Lotus Sametime deployments use IPv4 addressing only. Rather than
completely switch over to IPv6 addressing, you will probably want to phase it in
and support both protocols for some time until you are satisfied with your IPv6
support. There are some requirements and limitations for each type of addressing,
so review the sections below before implementing any changes.

IPv4 and IPv6 protocols
IPv4 (Internet Protocol version 4) and IPv6 (Internet Protocol version 6) are names
of protocols that define how you address computers on the Internet. The IPv6
protocol was introduced to provide not only a larger number of addresses for the
increasing number of computers on the Internet, but also to enhance the security of
Internet communications.
When entering an IPv4 address, you format it using four sets of digits, separated
with dots like this:
205.188.21.22
IPv6 addresses use eight sets of hexadecimal digits separated with colons like this:
2001:0db8:85a3:0000:0000:8a2e:0370:7334
You may see IPv6 addresses abbreviated, for example:

v 2001:db8:85a3:0:0:8a2e:370:7334 where the leading zeros in each group are
omitted
v 2001:db8:85a3::8a2e:370:7334 where two consecutive groups containing only
zeros are represented by a double colon
v [2001:db8::]/64 where the suffix (/64) indicates the portion of the address that
represents the network (the remainder of the address represents computers
within that network)
If the URL includes a port, add the :port value outside of the brackets like this:
https://[2001:0db8:85a3:08d3:1319:8a2e:0370:7348]:443/
Supporting IPv4–only addressing
Prior to release 8.0.2, Lotus Sametime products supported only IPv4 addresses,
listening only for connections from clients using the IPv4 protocol and ignoring
connections using the IPv6 protocol. An IPv4–only deployment requires no special
configuration and can combine Lotus Sametime components from release 8.0.2 and
later with those from prior releases.
Supporting both IPv4 and IPv6 addressing
Lotus Sametime release 8.0.2 introduced support for IPv6 addressing, but
additionally continued support for IPv4 addressing. This allows you to update
your Lotus Sametime deployment gradually by combining servers that support
both protocols.
Even if a particular Lotus Sametime component is enabled only for IPv4

addressing, it can still communicate with IPv6–enabled servers within the
deployment provided those servers also support IPv4 addressing (known as
dual-support).
Enabling support for IPv6 addressing requires some additional configuration in

your deployment. If you upgrade from an IPv6-enabled server in your Lotus
Sametime deployment, you should verify that you IPv6 settings are still in place
and modify them if needed.
Supporting IPv6–only addressing
If you choose to support only IPv6 addressing in your Lotus Sametime

deployment, use the instructions in this section to enable IPv6. You will
additionally need to disable support for IPv4 addressing by ensuring that your
settings use values recommended for ″IPv6 only″ wherever that option is offered.
Enabling support for IPv6 addressing requires some additional configuration in

your deployment. If you upgrade from an IPv6-enabled server in your Lotus
Sametime deployment, you should verify that you IPv6 settings are still in place
and modify them if needed.
Enabling support for IPv6

Enabling IPv6 support in an IBM Lotus Sametime deployment involves
configuration changes to the operating system and networks as well as the Lotus
Sametime components themselves.
About this task
Enable support for the IPv6 addressing protocol in your server and client operating
systems before you install Lotus Sametime:
Enabling IPv6 on your operating systems

Before enabling IPv6 support for IBM Lotus Sametime, you must enable it for your
server and client operating systems.
About this task
The configuration changes needed for supporting IPv6 with Lotus Sametime vary
with the operating system and whether you are using it as a server or a client:
Enabling IPv6 on a server operating system:
Consult your server operating system’s documentation for instructions on

configuring support for IPv6 addressing. In addition, implement the specific
changes described here to ensure that your operating system can properly
communicate with IBM Lotus Sametime while using IPv6 addressing.
About this task
with the server’s operating system:
Configuring an AIX server to support IPv6:
Configure support for IPv6 addressing on a computer running an IBM AIX

operating system.
About this task
To see which versions of AIX are supported by IBM Lotus Sametime, see the
Sametime Requirements Tech Note.
For complete instructions on configuring support for IPv6 addressing on a

computer running an IBM AIX operating system, see the Upgrading to IPv6 with
IPv4 configured in the AIX information center:

Important: Some of the components of a Lotus Sametime server require the use of
an IPv4-formatted loopback address. To ensure that your Lotus Sametime server
functions properly, do not disable IPv4 support in your server operating system –
instead, enable support for both IPv4 and IPv6 addressing.
Configuring an IBM i server for IPv6:
Configure support for IPv6 addressing on a computer running an IBM i operating

system.
Before you begin
You must be using IBM i V6R1 with Lotus Sametime if you want to support IPv6
addressing; if you are using an older version of i5/OS®, upgrade to V6R1 before
configuring the operating system to support IPv6 as described below. To see the
complete list of IBM i and i5/OS versions supported by Lotus Sametime, see the
For information on the IBM i operating system, visit the IBM System i information
center.
About this task
These instructions describe how to enable support for IPv6 addressing on a

functioning Sametime server that is currently using IPv4 addressing.
Follow the steps below to update the IBM i TCP/IP configuration for the IPv6
address you will use for your Lotus Sametime server:
1. Add the IPv6–formatted IP address that you will use for your Sametime server.
For more information, see Adding a TCP/IP address on IBM i.
2. Add an entry in the local host table for the IPv6 IP address.
For more information, see Updating the host table on IBM i.
Specify the same fully qualified host name that you used for the original IPv4
address.
3. Update the Domain Name Server.
The contents of the Domain Name Server should be similar to the local host
table, with two DNS entries for the host name of your Sametime server: one
entry that maps the host name to the IPv4 address and another that maps it to
the IPv6 address.
See Updating the Domain Name Server for IBM i for special considerations
when TCP/IP is configured to check the DNS before the local host table.
Configuring a Linux server for IPv6:
By default, the versions of Linux SUSE and Linux RHEL required by IBM Lotus
Sametime are enabled for IPv6 addressing; however, you should verify that
support is enabled before attempting to configure IPv6 support in Lotus Sametime.
Before you begin
Some of the components of a Lotus Sametime server require the use of an

IPv4-formatted loopback address. To ensure that your Lotus Sametime server
About this task
To see which versions of Linux are supported by Lotus Sametime, see the
v Red Hat Enterprise Linux
Red Hat Enterprise Linux supports IPv6 firewall rules using the Netfilter 6
subsystem and the ip6tables command. In Red Hat Enterprise Linux 5, both IPv4
and IPv6 services are enabled by default. For more information on IPv6 support
in Red Hat, visit the Red Hat Web site.
v SUSE Linux
SUSE Linux supports IPv6 addressing, which is enabled by default; for more
information on IPv6 support in Linux SUSE, see the SUSE Linux 10 Reference
Guide.
A Linux SUSE operating system supports IPv6 addressing by default; however it

support was disabled for some reason, you will need to enable it before installing
Lotus Sametime:
Configuring Linux SUSE to support IPv6:
Configure support for IPv6 addressing on a computer running a Linux SUSE

operating system.
About this task
IPv6 addressing is enabled by default on Linux SUSE servers, but may have been
disabled to improve performance while running applications that did not support
this protocol.
1. If you suspect that IPv6 addressing was disabled on your Linux SUSE server,
you can check by logging in as the root user and running the following
command:
ifconfig
The system output will look like this:
eth0 Link encap:Ethernet HWaddr 00:0F:1F:89:8F:D5
inet addr:192.168.1.100 Bcast:140.171.243.255 Mask:255.255.254.0
inet6 addr: fe80::20f:1fff:fe89:8fd5/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:33386388 errors:0 dropped:0 overruns:0 frame:0
TX packets:2947979 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:2211978470 (2109.5 Mb) TX bytes:380978644 (363.3 Mb)
Base address:0xdf40 Memory:feae0000-feb00000
lo Link encap:Local Loopback

inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:895 errors:0 dropped:0 overruns:0 frame:0

TX packets:895 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:76527 (74.7 Kb) TX bytes:76527 (74.7 Kb)
If the system output includes statements containing the string inet6 as shown
above, then IPv6 support is currently enabled and you can proceed directly to
the next topic.
If the output does not contain this string, you must enable IPv6 support now as
explained in the next step.
2. Edit the configuration file of the kernel module loader and add the following
statement:
The configuration file is typically located in one of these locations:
v /etc/modules.conf
v /etc/conf.modules
alias net-pf-10 ipv6 # automatically load IPv6 module on demand
3. Save and close the file.
Configuring a Solaris server for IPv6:
Configure support for IPv6 addressing on a computer running a Sun Solaris

operating system.
About this task
To see which versions of Solaris are supported by Lotus Sametime, see the
Support for IPv6 addressing can be enabled during installation of a Solaris server.
For information on enabling and verifying IPv6 support on Sun Solaris servers, see
the Sun IPv6 Administration Guide:
Configuring a Microsoft Windows server to support IPv6:
Configure support for IPv6 addressing on a computer running a Microsoft

Windows operating system.
Before you begin
Some of the components of a Lotus Sametime server require the use of an

IPv4-formatted loopback address. To ensure that your Lotus Sametime server
About this task
To see which versions of Windows are supported by Lotus Sametime, see the
The Microsoft TechNet Web site includes information on how IPv6 addressing
affects Microsoft operating systems.
Enable IPv6 addressing for your Windows operating system by following the steps
below. Note that the names of commands and dialog boxes may be different for
your particular Windows operating system.
1. Open the ″Network Connections″ dialog box; for example, by clicking Start →
Control Panel → Network Connections.
2. In the ″Network Connections″ dialog box, right-click on Local Area
Connection, and click Properties.
a. In the ″Local Area Connection Properties″ dialog box, make sure you are
viewing the ″General″ tab.
b. On the ″General″ tab, click the Install button (below the list of connection
items).
c. In the ″Select Network Component″ dialog box, click Protocol in the list of
network components, and then click the Add button.
d. In the ″Select Network Protocol″ dialog box, click Microsoft TCP/IP version
6, and then click OK.
Support for IPv6 is installed immediately, and the ″Network Component″
and the ″Network Protocol″ dialog boxes close automatically.
Back in the ″Local Area Connection Properties″ dialog box. you can enable
or disable the IPv6 protocol on your computer using the checkbox that
appears next to Microsoft TCP/IP version 6.
e. Close the ″Local Area Connection Properties″ dialog box by clicking the
Close button.
3. To assign an IP address to your computer, use the netsh command.
The Microsoft TechNet Web site contains a Netsh Technical Reference section
that explains how to use the netsh command.
Enabling IPv6 on a client operating system:
Consult your server operating system’s documentation for instructions on

configuring support for IPv6 addressing. In addition, implement the specific
changes described here to ensure that your operating system can properly
communicate with IBM Lotus Sametime while using IPv6 addressing.
About this task
To see which operating systems are supported by Lotus Sametime Connect, see the
with the client computer’s operating system:
Configuring a Windows client operating system for IPv6:
Configure a Microsoft Windows client operating system to support IPv6

addressing.
1. Open the ″Network Connections″ dialog box; for example, in Windows XP
Professional, by clicking Start → Control Panel → Network Connections.
2. In the ″Network Connections″ dialog box, right-click on Local Area
Connection, and click Properties.
a. In the ″Local Area Connection Properties″ dialog box, make sure you are

b. On the ″General″ tab, click the Install button (below the list of connection
items).
c. In the ″Select Network Component″ dialog box, click Protocol in the list of
network components, and then click the Add button.
d. In the ″Select Network Protocol″ dialog box, click Microsoft TCP/IP version
6, and then click OK.
Support for IPv6 is installed immediately, and the ″Network Component″
and the ″Network Protocol″ dialog boxes close automatically.
Back in the ″Local Area Connection Properties″ dialog box. you can enable
or disable the IPv6 protocol on your computer using the checkbox that
appears next to Microsoft TCP/IP version 6.
Close button.
3. If you later want to disable IPv6 support on the Windows client, reverse the
above settings as follows:
a. Open the ″Network Connections″ dialog box; for example, in Windows XP
Professional, by clicking Start → Control Panel → Network Connections.
b. In the ″Local Area Connection Properties″ dialog box, make sure you are
c. On the ″General″ tab, click Microsoft TCP/IP version 6.
d. Click Uninstall.
Close button.
Planning deployment topologies

Read about the topology that includes the Lotus Sametime features you plan to
deploy to users.
Deploying instant messaging and presence only

To provide instant messaging and presence only, use a Sametime Community
Server or cluster of servers running on Domino.
The following components are deployed in a Sametime environment that contains

instant messaging and presence only:
v Lotus Sametime System Console (used for managing and administering servers
from a central location)
v DB2
v LDAP directory
v Lotus Sametime Community Server
v Lotus Sametime Proxy Server
v Sametime Connect client, Sametime client embedded in Notes, or Sametime
browser client
To extend instant messaging to external communities, also deploy Lotus Sametime

Gateway. To provide audio-visual features in the Sametime client, also deploy
Lotus Sametime Media Manager.
Deploying instant messaging and meetings
To provide instant messaging and presence, use a Sametime Community Server or
cluster of servers running on Domino. To provide meeting rooms, use a Sametime
Meeting Server or cluster of servers running on WebSphere Application Server.
The following components are deployed in a Sametime environment that combine

instant messaging and presence with meetings
v DB2
v LDAP directory
v Lotus Sametime Meeting Server
browser client

Gateway. To provide audio-visual features in the Sametime client and in meetings,
also deploy Lotus Sametime Media Manager.
Deploying instant messaging, meetings, and Web clients

To provide instant messaging and presence, use a Sametime Community Server or
cluster of servers running on Domino. To provide meeting rooms, use a Sametime
Meeting Server or cluster of servers running on WebSphere Application Server. To
provide support for Web clients, use a Sametime Proxy Server.

v DB2
v LDAP directory
browser client

Deploying instant messaging, meetings, Web clients, audio,

and video
To provide all client features to users, plan to deploy Sametime Community
Servers, Sametime Meeting Servers, Sametime Proxy Servers, and Lotus Sametime
Media Manager components.


v DB2
v LDAP directory
browser client

Audio-visual components provided with the Lotus Sametime

Media Manager
The Lotus Sametime Media Manager comprises three components, which are
installed on separate systems in a production environment.
v Packet Switcher
Based on voice-activated switching, the Packet Switcher routes audio and video
data to participant endpoints. There can be one or more Packet Switchers in a
deployment; it cannot be clustered. A Packet Switcher can only be registered
with one Conference Manager. If you have a Conference Manager cluster then
the Packet Switcher is registered with the cluster and each cluster member uses
the same Packet Switcher.
v Conference Manager
Manages multipoint conferences by maintaining a dialog with each participant,
and ensuring that all media flows between those participants. You can install
multiple Conference Manager components and cluster them for high availability
and failover.
v SIP Proxy/Registrar
Directs conference participants to Conference Manager servers and provides
high availability and failover functionality. You can install multiple SIP
Proxy/Registrar components and cluster them for high availability and failover.
Deploying instant messaging to external messaging

communities
Use Lotus Sametime Gateway to connect Sametime clients with other instant
messaging clients. Several options are available for setting up a single server or a
cluster of Lotus Sametime Gateway servers in a network deployment. You can
install Lotus Sametime Gateway securely in the network DMZ. In some cases,
Network Address Translators (NAT) is supported.
In addition to the topologies described here, you can read about deploying Lotus
Sametime Gateway on the wiki, available at the following Web address:
http://www.ibm.com/developerworks/wikis/display/sametime/Sametime+Gateway+deployments
Deploy Lotus Sametime Gateway in the DMZ
Lotus Sametime Gateway is an enterprise solution that requires a clustered

deployment in the network DMZ. DMZ is a networking term that comes from the
military term ″demilitarized zone.″ DMZ refers to an area of a network, usually
between two firewalls, where users from the Internet are permitted limited access
over a defined set of network ports and to predefined servers or hosts. A DMZ is
used as a boundary between the Internet and your company’s internal network.
The network DMZ is the only place on a corporate network where Internet users
and internal users are allowed at the same time.
There is no risk of data being compromised as Lotus Sametime Gateway itself does
not contain data. There is no need to install reverse proxies or other servers, such
as IP sprayers or load balancers in front of Lotus Sametime Gateway. Lotus
Sametime Gateway is secure because:
v Firewall restrictions make it impossible for users from the Internet to directly
access a Sametime community server on your corporate intranet, but Internet
users can access Lotus Sametime Gateway in the network DMZ.
v Sametime community servers, behind the internal firewall, are accessible only
over an encrypted VP protocol.
v DB2 is behind the internal firewall, restricted by host and port access.
v LDAP is behind the internal firewall, accessible over SSL and restricted by host
and port access
v Lotus Sametime Gateway exchanges with other instant messaging providers
over SIP can be encrypted with SSL.
Components perform best when installed on their own machines and are most
secure when behind the internal firewall.
Topologies for a standalone server
A standalone Sametime Gateway server has its own administrative console.

Standalone servers do not require a SIP or XMPP proxy server. In the following
configuration, the Sametime Gateway server is deployed outside the internal
firewall in the DMZ, while DB2 and LDAP servers are behind the firewall.
Topologies for a managed group of servers
Each of the following deployments consists of a cluster of servers that work

together in a cell to provide high availability and failover. There is one
administrative console to manage all servers. The following cluster deployments
are considered:

v Scenario: Two-machine installation of a cell of Sametime Gateway servers
– Machine 1: DB2, Deployment Manager, primary node
– Machine 2: secondary node, proxy servers
v Scenario: Three-machine installation of a cell of Sametime Gateway servers
– Machine 1: DB2
– Machine 2: Deployment Manager, primary node
– Machine 3: secondary node, proxy servers
v Scenario: Four-machine installation of a cell of Sametime Gateway servers
– Machine 1: DB2
– Machine 3: secondary node
– Machine 4: proxy servers
v Scenario: Five-machine installation of a cell of Sametime Gateway servers
– Machine 1: DB2
– Machine 5: proxy servers
The following illustration shows a typical of Sametime Gateway cluster and the
ports that must be open in the firewalls to connect with DB2 and LDAP, and
exchange instant messages and presence between the local Sametime community
and external instant messaging communities.
WebSphere Application Server and DB2
IBM Lotus Sametime Gateway runs on WebSphere Application Server. WebSphere

Application Server provides the following capabilities:
v Clustering support, robust failover capability using the High Availability
Manager
v Session Initiation Protocol (SIP) Infrastructure, including stateless SIP Proxy and
SIP IP sprayer provided by the platform
v Open, extensible platform support. Additional plug-in services can configured in
a flexible manner
v A central place to administer system configuration and monitoring and security
policies through the Integrated Solutions Console and wsadmin script
commands.
DB2 is the storage for the Lotus Sametime Gateway policies and logging. DB2 can
be clustered for failover and load-balancing purposes. DB2 is part of the Lotus
common storage strategy. Lotus Domino can use DB2 as an alternative repository,
and Lotus Sametime Enterprise Meeting Server also uses DB2 for storing and
sharing configuration data across servers. DB2 should be installed on a separate
machine behind the internal firewall.
Typical deployment when connecting to instant messaging

communities
Lotus Sametime Gateway can connect to the following instant messaging

communities:
v AOL, Yahoo! Messenger, Google Talk, and XMPP communities
v Other Lotus Sametime communities
v Other Lotus Sametime companies using AOL clearinghouse
You can set up any or all configurations as needed. Lotus Sametime Gateway
allows selected individuals in your company to send instant messages to users on
one or more public networks, giving your users immediate access to millions of
users worldwide.
Note: When you set up a connection with AOL, you have the option of connecting
with AOL users only, or connecting with the AOL clearinghouse community that
includes AOL, ICQ, iChat, and other users from AOL Enterprise Federation Partner
communities, including external Sametime communities. IBM recommends that
you do not configure both communities, as users served by the AOL clearinghouse
are a superset of users served by the AOL community. If you set up AOL only, and
later decide to connect with the AOL clearinghouse community, delete the AOL
community first before adding the AOL clearinghouse community to Lotus
Sametime Gateway.
When you connect to other Lotus Sametime companies, you can connect business
users of different companies. This deployment is very useful in case of acquisitions
when IT infrastructure is still separate, when you want to interconnect vendors
over the Internet. Connections are made secure by using an SSL certificate
exchange.

Recommended deployment
For small, test configurations only, you can install Lotus Sametime Gateway on the
same machine as Sametime Server, DB2, or other applications. For a production
environment, your Sametime Community server should be installed on a separate
machine from your Lotus Sametime Gateway.
Using NATs and multiple NICs
You can deploy a Network Address Translator (NAT) between local Lotus
Sametime community servers and Lotus Sametime Gateway. However, deploying a
NAT device between Lotus Sametime Gateway and the Internet is not supported
when trying to connect Lotus Sametime Gateway to AOL, Yahoo, or TLS-encrypted
SIP-based external communities. While there are SIP-aware NAT devices, they are
not sufficient because both AOL and Yahoo communities require secure SIP
(SSL/TLS) communication, and a NAT device would not be able to decrypt and
translate the packets for proper operation. NAT has no affect on the XMPP
protocol, so exchanges using Google Talk over XMPP are always permitted to pass
through a NAT-enabled firewall that is between Lotus Sametime Gateway and the
Internet.
Multiple Network Interface Cards
To simulate a NAT, you can use two Network Interface Cards (NICs), one for an
internal IP address and the other for an external IP address. If you use this
configuration, you must update the default host using the Integrated Solutions
Console. See the help topic on configuring multiple NICs.
Planning for an LDAP directory

The IBM Lotus Sametime 8.5 multiple-server environment requires an LDAP
directory for user authentication. The LDAP server should be set up and running
before deploying Sametime.
System requirements
Follow the guidelines for your operating system before setting up an LDAP server:
v AIX, Linux, Solaris, and Windows:
To avoid resource conflicts that may degrade performance, do not host the
directory on the same computer as the Sametime Community Server.
v IBM i:
The directory and the Lotus Sametime Community Server can reside on the
same system. If using LDAP to access the contents of the Domino directory, the
LDAP service and the community server must run on separate Domino servers.
Note: System capacity planning for anticipated workloads must be performed.
Server installation requirements
After installing the Sametime System Console, you will be instructed to connect it
to the LDAP server. These other servers require that an LDAP directory be set up
and running to be able to complete the installation:
v The Lotus Sametime Meeting Server
v The IBM Lotus Sametime Community Server, when installed with a deployment
plan through the Sametime System Console
An IBM Lotus Sametime Community Server integrated with the Lotus Sametime
System Console must connect to a user directory in LDAP format.
Multiple LDAP directories
If you use multiple LDAP repositories, you must ensure that the base entries do
not overlap, as that causes problems when Secure Socket Layer (SSL) is enabled.
For example, the following base entries have a field in common, so they overlap:

o=lotus
o=sales,o=lotus
These base entries use different fields and are acceptable:

o=ibm,c=us
o=lotus
Lotus Sametime servers and the LDAP mail attribute
Lotus Sametime 8.5 requires authenticated users to have a mail attribute assigned
in the LDAP directory. The mail attribute must be a unique string, which
preferably follows the syntax and length restrictions of e-mail addresses.
This attribute is not used for e-mail purposes, and does not have to be assigned as
a user name for logging into Lotus Sametime. Instead, the ″mail″ attribute serves
as a common attribute between the various Lotus Sametime subsystems, such as
Calendar Integration, Business Cards, LDAP, and REST APIs. This attribute is also
used when generating a URL for a user’s persistent meeting room (for example,
http://meetings.company.com/stmeetings/room/user@company.com/users-room). In
addition, using the ″mail″ attribute provides certain performance advantages since
translation between attributes is not required; it also provides consistency and
integrity by using a common and well-understood attribute.
Note: Not all users need to be authenticated to use the server; the mail attribute is
not required for anonymous (guest) users.
Therefore, IBM recommends that the user repository (LDAP server) create a mail
attribute for users who plan to authenticate with the Lotus Sametime servers. The
mail attribute must be a unique string, which preferably follows the syntax and
length restrictions of e-mail addresses.
Upgrade considerations
If you used a Lotus Domino Directory in its native format with a previous release
of Lotus Sametime, you have two options for setting up your user directory:
v Convert the existing Lotus Domino Directory to LDAP format. The LDAP
service and the community server must run on separate Domino servers.
v Set up a dedicated LDAP directory for use with Lotus Sametime
Best Practices
Best Practices for using LDAP with Lotus Sametime article on the Sametime wiki
contains an overview of LDAP components and describes how the Lotus Sametime
Community Server works with LDAP to provide authentication, name lookups,
and name resolution. The article describes best practices for creating search filters,
setting sametime.ini parameters, and enhancing Sametime and LDAP
performance.
Planning a Community Server installation

You should review the following considerations before installing an IBM Lotus
Sametime Community Server.
Directory Type
An LDAP directory is required if your Community Server will be integrated with

the Lotus Sametime System Console. The LDAP server must be connected to the
Sametime System Console and the Community Server itself must also be
configured to use an LDAP server (instead of a native Lotus Domino Directory).
You can configure additional user directories, including Lotus Domino Directories,
later.
Network performance
For optimal performance, the Community Server should be placed at a centrally

located network backbone, to reduce the number of network hops between clients
and the server. Ideally, there should be no more than one WAN hop for every
possible client-to-server connection. Clients that make multiple WAN hop to
connect to the server will experience slower performance than clients connecting
through a LAN or making one WAN hop to the server. For organizations that have
large networks, it may be necessary to install multiple community servers to
reduce the number of WAN hops for clients.
Clustering Community Servers
If you have a large number of Lotus Sametime users, you can install multiple
community servers and cluster them for load balancing and to reduce network
usage.
Installing multiple community servers
Even if you have decided not to cluster your community servers, there are special
considerations when installing more than one Community Server; for example, you
must synchronize all of the community servers to operate as a single community.
National language considerations
You do not need to select a language when installing a Community Server. The
language displayed for Lotus Sametime interfaces is primarily determined by the
individual user’s language settings. However, it is recommended that you install
the Lotus Domino language pack that corresponds to the language used by the
majority of your Lotus Sametime users. If no language pack exists for your
language on your preferred platform, see the IBM Technotes, available at
www.ibm.com/software/support, for information on how to localize the Lotus
Domino server.
Related concepts
“Clustering Sametime servers for high availability” on page 55
In a production environment, use clustering to provide failover and load balancing
by creating a cluster of multiple Sametime servers of the same type. Each cluster of
servers can be managed by the Sametime System Console.
Audio/video considerations
Audio and video services provided by the IBM Lotus Sametime Reflector (a Lotus
Sametime server application that helps to establish multimedia sessions between
clients across a firewall) will not be available in this release to assist Sametime 8.5
client to Sametime 8.5 client multimedia (audio/video) communication. The service
may appear to be running, but will not function.

In the initial release of Lotus Sametime 8.5, the 8.5 client can only establish audio
and video connections with other 8.5 clients. Release 8.5 audio/video services can
co-exist with release 7.5.x and 8.0.x audio/video services, with the following
restrictions:
v The 8.5 client cannot establish an audio or video call with 7.5.x or 8.0.x clients.
v The 7.5.x and 8.0.x clients cannot establish an audio or video call with the 8.5
client.
v The 8.5 client cannot use the Lotus Sametime Reflector.
Planning for the dedicated Domino server for Lotus Sametime

Unlike other IBM Lotus Sametime servers that run on WebSphere Application
Server, the Lotus Sametime Community Server runs on a Lotus Domino server.
You must install the Domino server before you install the Lotus Sametime
Community Server. The Domino Server that runs the Community Server should be
completely dedicated to supporting the real-time, interactive communication
services of Lotus Sametime.
The Lotus Sametime Community Server uses the directory, security, and replication
features of the Domino server. Do not use the Sametime Community Server for
other high-demand Domino services such as mail storage and routing, application
and database storage, or centralized directory and administration services.
IBM AIX, Linux, Sun Solaris and IBM i can run multiple partitioned Domino
servers on the same system. For these server platforms, you can create a new
Domino server on the same system as your existing production server. This
configuration is not supported in Microsoft Windows. Adding Lotus Sametime to
an existing production server is not supported.
To add a server to an existing Domino domain for use as a Lotus Sametime

Community Server, register the server to create a Server document before installing
Domino. For more information, see ″Installing a Domino server″ for your operating
system.
To find out which Domino releases are supported for Lotus Sametime, see the
following document:
Directory considerations
If your Community Server will be integrated with the Lotus Sametime System
Console, then you must initially configure the console with an LDAP server. The
Community Server must also use the LDAP server. If your user information is
stored in a Lotus Domino Directory, you can configure Sametime to access the
Domino Directory using LDAP. However, the LDAP service and the community
server must run on separate Domino servers.
While an LDAP directory is highly recommended, you can configure the Lotus
Sametime Community Server to directly access the Lotus Domino Directory if you
do not plan to use the Lotus Sametime System Console. Keep in mind that
changing the Community Server to use an LDAP server at a later time is more
complicated than initially configuring it to use LDAP.
v If you install the Domino server in a new domain, no users are in the Domino
Directory at the time the server is created, other than the server administrator.
Therefore, if you select the Domino Directory as the user repository for your
Lotus Sametime Community Server, you will need to add all of your Lotus
Sametime users to the Domino Directory. When you install the Domino server
into an existing domain, you will not need to add these users to the directory.
However, before a user can use Sametime, the user’s directory entry must be
updated with the name of a home Lotus Sametime server and an Internet
password.
v To add a new Lotus Sametime user to the Domino Directory, create a Person
document for the user in the directory that includes (at minimum) a Last Name,
a User Name and an Internet password. The Person document must also include
a home Sametime server. You can use any of the following tools to create a
Person document: an IBM Lotus Notes client, a Lotus Domino Administrator
client, or the Sametime server self-registration feature.
Deploying a stand-alone Community Server Mux

Optionally install an IBM Lotus Sametime Community Server Mux (multiplexer)
on a separate computer to remove the connection-handling load from the Lotus
Sametime Community Server. Configuring a stand-alone multiplexer enables the
Community Server to handle a larger number of users and improves its stability.
About this task
Every Lotus Sametime Community Server contains a multiplexer (″mux″)

component that maintains connections from Lotus Sametime clients. The
Community Server Mux is installed automatically and comes configured for
immediate use. You can optionally deploy a stand-alone Community Mux by
installing it on a separate computer, so that clients connect to the stand-alone
multiplexer instead of to the Community Server. This configuration frees the
Community Server from the burden of managing the live client connections; the
stand-alone multiplexer is dedicated to this task.
You can deploy a stand-alone Community Mux to operate with one or more
unclustered Community Servers, or to operate with a cluster. You can also deploy
multiple stand-alone multiplexers and use a load-balancer to distribute client
connections among them.
Deploying stand-alone multiplexers in front of a Community

Server cluster
If you intend to deploy one or more stand-alone Community Server multiplexers
in front of a cluster of Community Servers, there are some issues to consider.
The stand-alone multiplexer maintains a single IP connection to each Community

Server in the cluster. The data for all Community Server clients is transmitted over
this single IP connection to the Community Server on the Sametime server. The
illustration below shows stand-alone Community Services multiplexers deployed
in front of clustered Community Servers to reduce the client connection load on
the clustered servers.

In the illustration, note the following:
v The Community Server multiplexers are installed on separate computers and
handle the connections from the clients.
v If you want to distribute connections among the multiplexers, you can set up a
load-balancing mechanism such as IBM Load Balancer.
v Each Community Server multiplexer maintains a single IP connection to
Sametime server 1, and a single IP connection to Sametime server 2. The
Community Server data is passed from the multiplexer computers to the
Sametime Community Servers over these IP connections. Each Sametime
Community Server maintains only two IP connections to handle all data.
v The scenario shown above can significantly increase the load-handling
capabilities of the Sametime Community Servers. The table below illustrates the
advantages of deploying stand-alone multiplexers.
Number of Community Services

Multiplexer deployment connections
Two Sametime servers with the multiplexer Each Sametime Community Server can
installed on the same machines as the handle approximately 10,000 connections, for
servers (default installation) a total of 20,000 connections.
Number of Community Services
Multiplexer deployment connections
Two Sametime servers with the multiplexers v Each Sametime Community Server can
installed on different computes (as seen in service approximately 100,000 active
the illustration above) connections.
v Each Community Server multiplexer
machine can handle as many as 20,000 to
30,000 live IP port connections, for a
possible total of 60,000 connections.
v The machines in the illustration above
might be able to handle 160,000 active
connections. You can increase the load
handling capability further by adding
additional Community Server
multiplexers in front of the two Sametime
Community Servers. For example, adding
two more Community Server multiplexers
to the cluster shown above might
accommodate as many as 120,000 active
connections (4 x 30,000 connections per
Community Server multiplexer).
Note: The server capacity numbers used above are approximations meant to
provide a rough estimate of the possible load-handling improvement if you deploy
Community Server multiplexers on separate computers. The actual server capacity
is affected by variables such as:
v The average number of users in the contact lists of all Sametime clients
v The number of instant messages that users send
Deploying a stand-alone Community Mux for a single Sametime

Community Server
This section discusses the performance advantages and procedures associated with
deploying a separate multiplexer in front of a Sametime server machine (or
machines) that does not operate as part of a Community Server cluster.
Each Sametime server contains a Community Server multiplexer (or MUX)

component. The function of the Community Server multiplexer is to handle and
maintain connections from Sametime clients to the Community Server.
During a normal Sametime server installation, the Community Server multiplexer

is installed with all other Sametime components on the Sametime server machine.
The Sametime server CD provides an option to install only the Community Server
multiplexer component. This option enables the administrator to install the
Community Server multiplexer on a different machine than the Sametime server.
When the Sametime Community Server multiplexer is installed on a different

machine than the Sametime server:
v The Sametime Connect clients connect to the Community Server multiplexer
machine, not the Sametime server. This configuration frees the Sametime server
from the burden of managing the live client connections; the multiplexer
machine is dedicated to this task.
v The Community Server multiplexer maintains a single IP connection to the
Sametime server. The data for all Community Server clients is transmitted over
this single IP connection to the Community Server.

In this scenario, the Community Server connection-handling load is removed from
the Sametime server. The Sametime server does not need to employ system
resources to maintain thousands of client connections. Removing the
connection-handling load from the Sametime server ensures these system resources
can be dedicated to other Community Server processing tasks.
The Community Server multiplexer machine dedicates its system resources to

handling client connections but does not perform other Community Server
processing. Distributing the Community Server workload between multiple servers
in this way enables the Community Server to handle a larger number of
connections (users) and to function more efficiently.
Performance improvements with a stand-alone multiplexer
If the Community Server multiplexer operates on the same machine as the

Sametime server, the Sametime server can handle approximately 8,000 to 10,000
Community Server connections and also perform other Community Server
processing tasks adequately.
However, if the Sametime server is not required to expend system resources to

maintain client connections, the server can service approximately 100,000
connections. (The Sametime server is capable of processing the Community Server
data that is passed over 100,000 connections if it does not have to maintain the
connections themselves.)
When a Sametime Community Server multiplexer is installed on a separate

machine, the Community Server multiplexer can support approximately 20,000 live
IP port connections. You can also deploy multiple Community Server multiplexers
in front of a Sametime server.
To summarize the performance benefits of a separate multiplexer deployment,

consider the following example:
v You can install three separate Community Server multiplexers in front of a
single Sametime server. If each Community Server multiplexer handles 20,000
connections, as many as 60,000 users can be connected to a single Sametime
server at one time.
v If the Sametime server is capable of servicing 100,000 connections, the server
performance will not degrade under the load produced by 60,000 connections.
v If the multiplexer operates on the Sametime server instead of being deployed
separately, the Sametime server can service a maximum of 10,000 users. By
deploying three separate multiplexers in front of a single Sametime server, you
can service 50,000 more users (assuming one connection per user) than if the
multiplexer operates on the same machine as the Sametime server.
v If you deploy separate multiplexers in the manner described above, you can also
implement a rotating DNS system, or IBM WebSphere Edge Server, in front of
the multiplexers to load balance connections to the separate multiplexers.
Planning a Lotus Sametime Media Manager installation

You should review the following considerations before installing components of an
IBM Lotus Sametime Media Manager. In Sametime 8.5, audio and video are
managed with the Lotus Sametime Media Manager server. Audio and video
services provided by the Lotus Sametime Media Manager have been tested and
optimized for sessions with six participants. The actual number of participants per
session will vary up or down based on network and environmental conditions.
Important: In this release, a Lotus Sametime deployment can support only one
stand-alone Media Manager server, or one cluster of Media Manager servers.
A Media Manager deployment consists of a Conference Manager, a SIP Proxy and

Registrar, and a Packet Switcher. The Conference Manager handles the workload
distribution among the Packet Switchers. A standalone Media Manager
deployment can have multiple Packet Switchers to support a higher number of
simultaneous audio and video conferences. Each Packet Switcher runs on a
separate WebSphere node and is not clustered. The Lotus Sametime System
Console can only administer one Media Manager instance. The individual
components of the Media Manager instance may be individually clustered to
provide failover and high availability, deployed as standalone servers, or installed
on the same server – but only one Media Manager deployment can be
administered from a given Lotus Sametime System Console.
The Packet Switcher is not administered from the console, so it is not affected by
this limitation; however the Conference Manager and the SIP Proxy and Registrar
components are administered from the console, so your planning must take this
limitation into consideration.
Example 1: Two standalone Conference Manager servers cannot be administered

from the same Lotus Sametime System Console.
Example 2: A Conference Manager cluster and a SIP Proxy and Registrar cluster
can both be administered from the same console. This is the recommended
topology for enterprise customers.
Example 3: A Conference Manager cluster and a standalone SIP Proxy and

Registrar server can be administered from the same console.
This restriction is due to a limitation with the current version of the Lotus
Sametime System Console.
Related concepts
“Lotus Sametime Media Manager” on page 9
The IBM Lotus Sametime Media Manager runs on WebSphere Application Server
to provide audio visual services for chats and meetings. It requires a Lotus
ametime Community Server.
Audio and video considerations

If your IBM Lotus Sametime deployment will include one or more Lotus Sametime
Media Manager servers, you should review this information about audio/video
features.
Bandwidth considerations
Lotus Sametime Media Manager allows configuration of several parameters that

effect the bandwidth and performance of audio and video conferences. These
parameters default to values which should work for most environments, but they
can be tuned to meet the specific needs of the organization deploying Lotus
Sametime Media Manager.
In the Lotus Sametime System Console, the codecs used for audio and video
transfer can be tuned to the values required. The selected audio and video codec
will effect the bandwidth used and the processing power required to encode and

decode the information streams. Consult the specification of those codecs to
determine which one bests suits any specific needs of the deployment.
Within the specification of the video codec, it is also possible to adjust the video
resolution and bit-rate which will be used for video streams. Generally, the lower
the resolution and the bit-rate, the lower the bandwidth used and the lower the
processing power required to send and receive the video streams. However, the
lower resolutions and bandwidth, the lower the quality of the video image.
Likewise, the higher the bit-rate and resolution, the higher the required bandwidth
and processing power, and the higher the quality of the video.
For example, if you are using low bandwidth networks and older machines with
less processing power, it might be necessary to select a lower video bit rate. If the
quality of the video image is important, and enough processing power and
network bandwidth is available, a higher video bit-rate can be used.
Sametime video codecs provide many resolution choices, from SQCIF to Wide Full
HD (1080p). The higher the resolution, the more CPU, display memory, and
graphics card power are required. Machines equivalent to Lenovo T60 can handle
CIF and VGA, but HD will require Intel® Core 2 Quad or better CPU and at least
256 megabytes of display memory.
Another configuration parameter which can be adjusted is the number of switched

audio streams. This is the total number of audio streams that will be sent from the
server to the client when participating in a audio conference call. The higher the
number of audio streams to each client, then the higher the number of people on
the call who can speak at the same time and be heard by all participants. The
number of streams sent to each client also affects bandwidth and server load.
The total number of participants in audio and video conferences can also be
capped, limiting the amount of bandwidth that any single call can use as a sum of
the other parameters and the number of people participating in the conference.
Video Conferencing
As the number of participants in a video conference increases, so does the demand

on the network. To ensure that a given network can support this new collaborative
feature, administrators have the ability to restrict the maximum number of
participants. Administrators should work directly with their network team to
identify the maximum number of participants that works best for their
organization and their respective network policies. The default maximum number
of participants in a single audio-only or video conferences is set to six; however,
this can be adjusted to accommodate specific network consumption requirements.
Audio and video services provided by the Sametime Media Manager have been
tested and optimized for sessions with six participants. The actual number of
participants will vary up or down based on network and environmental conditions
Another consideration for networks is latency, which can cause undesirable results.
Latency of less than 150ms end-to-end is normally acceptable in interactive real-time
audio video conferencing.
Video driver
It is strongly recommended that you use the up-to-date driver that comes with the
video camera, as some cameras do not work well with the generic video driver.
Sametime Reflector
Audio and video services provided by the IBM Lotus Sametime Reflector (a Lotus
Sametime server application that helps to establish multimedia sessions between
clients across a firewall) will not be available in this release to assist Sametime 8.5
client-to-client audio/video communication. The service may appear to be running,
but will not function.
Client interoperability
In the initial release of Lotus Sametime 8.5, the 8.5 client can only establish audio
and video connections with other 8.5 clients. Release 8.5 audio/video services can
co-exist with release 7.5.x and 8.0.x audio/video services, with the following
restrictions:
v The 8.5 client cannot establish an audio or video call with 7.5.x or 8.0.x clients.
client.
v The 8.5 client cannot use the Lotus Sametime Reflector.
Best Practices
For information on using the best practices for ensuring a good audio/visual
experience, see Audio/Visual Best Practices in the Sametime wiki.
Planning a Lotus Sametime Gateway installation

Before you begin your installation, consider the size of your deployment, the DB2
database and LDAP server that you will connect to, ports in the firewalls that need
to open, hardware requirements, and node names. Review this checklist to prepare
for installation.
About this task
Collecting information about servers and ports now will make it easier to supply
correct information during the Lotus Sametime Gateway installation.
1. Review the deployment scenarios and refer to the software and hardware
requirements as you size your deployment. Determine if you are installing a
standalone Sametime Gateway server, or a cluster of Sametime Gateway
servers. Clusters provide enhanced scalability and failover capabilities and are
recommended for large organizations and deployments with many users.
Standalone deployments are recommended for small and medium
deployments, or pilot deployments.
2. Talk with the systems administrators in your company who oversee DB2,
LDAP, and DNS servers about Sametime Gateway requirements. Make sure
everyone in your organization knows that this product requires these services.
A well-designed and well-thought out process makes the deployment of new
software systems roll out smoother and faster.
3. Consult the network firewall administrator about requirements to open ports
in the firewalls. Sametime Gateway is installed in the DMZ between the
internal and external firewalls. See the deployment scenario diagrams to
understand the ports that need to be open:

Port Firewall Description
1516 Internal Port to each Sametime
community server in the
local Sametime community,
allowing both inbound and
outbound traffic between
Sametime Gateway and each
community server.
389 or 636 Internal Port 389 or 636 (SSL) to
LDAP server that services
the local Sametime
community.
Note: Port 389 or 636 should
be opened for all deployed
nodes, including the SIP
proxy.
50000 Internal Port to DB2 server.
5269 External Port to Google Talk and
Jabber connections.
5061 External Port to external Lotus
Sametime, AOL, or Yahoo!
Messenger communities.
5060 External Port to external Lotus
Sametime communities not
using TLS/SSL.
53 External Port to external DNS servers
to resolve the fully qualified
domain name of external
community servers.
4. The Sametime Gateway servers must have access to a DNS server that can
resolve public DNS records (A records, SRV records, and PTR records). For
example, the following commands should be able to resolve successfully:
nslookup sip.oscar.aol.com
nslookup 64.12.162.248
nslookup -type=all -class=all _xmpp-server._tcp.google.com
5. If you are installing a standalone deployment of Sametime Gateway, what
machine will you use?
6. If you plan to configure a cluster, determine what machines and how many
you will need before installing the Network Deployment:
Node type Number allowed Notes

Deployment Manager 1 You can install the
Deployment Manager on its
own machine, or on the
same machine with primary
node and proxy servers.
Primary node 1 You can install the primary
node on its own machine, or
on the same machine with
Deployment Manager and
the proxy servers.
Node type Number allowed Notes
Secondary node 1 In this release, a cluster can
only support two nodes.
Install the secondary node on
its own machine, or on the
same machine with proxy
servers.
SIP proxy server 1 If you have a clustered
deployment, you must install
a SIP proxy server to connect
to other Sametime
communities, AOL, or Yahoo!
Messenger communities. The
best practice is to install
proxy servers on a separate
machine to isolate the proxy
processing from the
Sametime Gateway cluster.
XMPP proxy server 1 If you have a clustered
deployment, you must install
an XMPP proxy server to
connect to a Google Talk or
Jabber community.
7. Determine the following items for the DB2 database:
What You Need to Know Notes

Database host name For example: database.server.acme.com
Port used by the database server The default port is 50000.
Name of the database The default database name is STGW but you
can change this by editing the database
creation script.
DB2 application user ID and password A database user ID that has permission to
connect to the DB2 database and read or
write records. This is normally the ID you
created when you installed DB2.
DB2 schema owner ID and password A database user ID for a user who has
appropriate permission to create tables in
the database. You may need to get this
information from the database administrator.
The schema user ID is often the same as the
application user ID.
8. Determine the Administrative security user ID and password. You are

prompted for this ID and password during installation. Use these credentials
to log into the Integrated Solutions Console (http://localhost:9060/ibm/
console), the administrative interface to WebSphere Application Server.
9. Determine if you plan to connect to your LDAP server when you run the
installation wizard, or later. If you require a client side certificate to securely
connect to an LDAP server from the Sametime Gateway server, you must
configure LDAP using the Integrated Solutions Console after installation.
Otherwise, you can connect to your LDAP during the installation process. In
either case, you will need this information about your LDAP:

LDAP information needed for anonymous LDAP information needed for
access authenticated access
v host name (or IP address) v host name (or IP address)

v port v port
v bind distinguished name and password
v base distinguished name (not required for
Domino LDAP)
10. What are the node names for the Deployment Manager, primary node, proxy
server node, and additional secondary nodes? The installation wizard
provides a name that you can change if needed. Node names must be unique
and cannot contain spaces or special characters.
11. What is the fully qualified host name or IP address of the Lotus Sametime
Community Server in your local Lotus Sametime community?
12. How will you install Sametime Gateway? You can use an installation wizard,
console mode, or silent installation.
Note: If your server runs on IBM i and it is enabled for IPv6 addressing, you
must install Lotus Sametime Gateway in console mode with input validation
disabled, as noted in the installation instructions.
13. Download the installation images and either burn a CD or copy the install
images to each machine where you plan to install Sametime Gateway.
14. Sketch a deployment diagram that shows where your firewalls, Deployment
Manager, primary node, secondary nodes, and proxy servers will be installed
related to the hardware. List the node names and host names that you plan to
use. Identify where you should check network connectivity and other
environmental issues that may interfere with a smooth installation process.
Planning for migration from an earlier release

The tasks involved in planning an upgrade from an earlier release of IBM Lotus
Sametime will vary, depending on your current release of Lotus Sametime,
whether you have enabled online meetings, and how you want to support those
meetings in the future.
In Lotus Sametime 8.5, meeting services and community services have been moved
to separate servers. Existing Lotus Sametime servers and Lotus Sametime Gateway
servers can be upgraded to Lotus Sametime 8.5. In addition, you may choose to
install additional components to take advantage of new features and capabilities.
Upgrading Lotus Sametime with no online meetings
You can upgrade a Lotus Sametime running release 7.5.1 or later directly to Lotus
Sametime 8.5 Community Server, preserving legacy data and supporting instant
messaging just as in earlier releases.
Note: If your Lotus Sametime server is running a release prior to 7.5.1, you will
need to complete an interim upgrade to release 7.5.1 or later before upgrading to
Lotus Sametime 8.5.
Upgrading Lotus Sametime with online meetings enabled
If your legacy Lotus Sametime server has the online meetings feature enabled, you
have two options:
v Continue creating and hosting online meetings on the upgraded server
If the online meetings feature was enabled in your previous release of Lotus
Sametime, it remains enabled when you upgrade and features work just as in
the earlier release.
Note: The Lotus Sametime Enterprise Meeting Server is not supported by Lotus
Sametime release 8.5. If your meeting rooms are clustered with Lotus Sametime
Enterprise Meeting Server, you will have to remove the servers from the cluster.
v Install additional Lotus Sametime 8.5 components to support the Lotus
Sametime 8.5 Meeting Server
All your legacy meeting data is still preserved, but rather than continue creating
and hosting meetings on the upgraded server, you can set up URL redirects to
route users to the Lotus Sametime 8.5 Meeting Server for creating and attending
meetings. Expanding the deployment to include a stand-alone Meeting Server
requires that you install these additional components:
– LDAP user directory
Because the new components in Lotus Sametime 8.5 run on IBM WebSphere
Application Server, you must use an LDAP directory to ensure all
components can authenticate users. If your previous deployment used the
native Lotus Domino Directory for user management, you can convert it to
LDAP format for use with the expanded deployment.
– IBM DB2 database
The database stores information used by several of the components in the
deployment.
– Lotus Sametime 8.5 System Console
The Lotus Sametime System Console provides a central point for
administering all servers in the deployment. If you cluster any of the
WebSphere-based servers, you can use the system console as the Deployment
Manager; the console can serve as Deployment Manager for multiple clusters.
– Lotus Sametime 8.5 Proxy Server
The Lotus Sametime Proxy Server enables browser-based clients to participate
in Lotus Sametime instant messaging and online meetings. In addition, the
Lotus Sametime Proxy Server works with Lotus Sametime Community Server
or Lotus Connections to enable the business card feature in Lotus Sametime,
and with Lotus Sametime Unified Telephony or other TCSPI-enabled products
to enable the Lotus Sametime click-to-call feature. The Lotus Sametime Proxy
Server also provides live names awareness, and can replace the Links Toolkit
used in earlier releases of Lotus Sametime.
– Lotus Sametime 8.5 Meeting Server
The Lotus Sametime Meeting Server provides an online meeting feature in a
stand-alone server, rather than combining them with community services as
in the past. Because it runs on WebSphere Application Server, the meeting
server can be clustered using a WebSphere network deployment.
If you choose to expand your deployment this way, you may additionally choose
install to these remaining components:
v Lotus Sametime 8.5 Media Manager
The Lotus Sametime Media Manager provides audio and video features for
instant messaging and online meetings.
v Lotus Sametime 8.5 Gateway

The Lotus Sametime Gateway provides instant messaging with external
communities, including Lotus Sametime communities deployed outside of your
firewall, AOL Instant Messenger, Google Talk, and Yahoo! Messenger.
Upgrading Lotus Sametime Gateway
You can upgrade Lotus Sametime Gateway 8.0.2 directly to release 8.5; if you have
an earlier release you will need to complete an interim upgrade before you can
upgrade to Lotus Sametime Gateway 8.5. Upgrading Lotus Sametime Gateway
includes upgrading the WebSphere Application Server on which it runs from
version 6 to version 7.
Although a new deployment of Lotus Sametime Gateway uses DB2 9.5 Limited
Use, an upgraded gateway will continue to use DB2 9.1 Enterprise Server Edition;
the database schema will be updated automatically by scripts that run during
gateway product installation.
Before upgrading Lotus Sametime Gateway servers in a cluster, you will have to
remove each node from the cluster. Once the server upgrades are complete, you
can add the nodes back into the cluster.
Note: In this release, a Lotus Sametime Gateway cluster can only have one
Secondary Node.
Upgrading Lotus Sametime clients
Lotus Sametime Connect and Lotus Sametime embedded clients running release
7.5.1 or later can be upgraded directly to release 8.5. If your users are running
clients older than release 7.5.1, their workstations must be upgraded to release 7.5.1
or later before you can upgrade them to release 8.5.
Clustering Sametime servers for high availability

In a production environment, use clustering to provide failover and load balancing
by creating a cluster of multiple Sametime servers of the same type. Each cluster of
servers can be managed by the Sametime System Console.
Clusters are groups of servers that are managed together and participate in
workload management. A cluster can contain nodes or individual application
servers. A node is usually a physical computer system with a distinct host IP
address that is running one or more application servers. Clusters can be grouped
under the configuration of a cell, which logically associates many servers and
clusters with different configurations and applications with one another depending
on the discretion of the administrator and what makes sense in their organizational
environments.
Clusters are responsible for balancing workload among servers. Servers that are a
part of a cluster are called cluster members. When you install an application on a
cluster, the application is automatically installed on each cluster member. You can
configure a cluster to provide workload balancing with service integration or with
message driven beans in the application server.
Related tasks
“Installing Gateway servers in a cluster” on page 138
Complete these steps to install a cluster of Lotus Sametime Gateway servers in a
network deployment. A cluster is a group of application servers that are managed
together and participate in workload management. A network deployment is a group
of nodes administered by the same cell, and controlled by a Deployment Manager.
Lotus Sametime Gateway supports cluster members on multiple nodes across
many nodes in a cell, with nodes either coexisting on the same hardware, or
running on dedicated systems. At a minimum, a network deployment is made up
of a Deployment Manager, which manages the cell, a primary node, a primary
server (primary cluster member), and a secondary cluster member. You expand the
cluster by adding additional cluster members either on existing nodes, or by
adding a new secondary node and then adding the member to the new node.
“Installing Gateway servers in a cluster” on page 340
Giving users a preview guide

You can help your IBM Lotus Sametime users get started quickly and easily using
the informational and learning resources in the Lotus Sametime wiki. The Lotus
Sametime product page links you to all of the informational and educational
material you’ll need.
For starters, there are materials you can use to provide your users with a preview
of the new features coming to their desktops: Administrators: Previewing Lotus
Sametime for your users. The ready-to-distribute PDF file gives a quick overview
of what is new and changed in this release. The Lotus Symphony™ file includes the
same information as the PDF file, with instructions on how to customize the file
with information specific to your site and how to create your own PDF. Note: Be
sure to read the customization instructions in blue text.
The Lotus Sametime Getting started section of the wiki provides your users with
links to Flash demonstrations, videos, reference cards, Web seminars, product
tours, and other materials for learning more about Lotus Sametime: Lotus
Sametime Media Gallery.

Chapter 3. Installing
Install and configure prerequisites, then install IBM Lotus Sametime servers and
complete basic server configuration.
Installing on AIX, Linux, Solaris, and Windows

complete basic server configuration on AIX, Linux, Solaris, and Windows.
This section contains information about system requirements, Lotus Sametime

prerequisites, server installation and required configuration tasks to do after
installation.
Related concepts
Chapter 4, “Migrating and upgrading,” on page 431
Migrate data from a previous version of Lotus Sametime and upgrade one or more
servers to take advantage of the latest features.
Installing DB2 on Linux and Windows

IBM DB2 is a prerequisite for IBM Lotus Sametime and is included with the
Sametime installation package for Linux and Windows. The package does not
include DB2 for AIX or Solaris.
Before you begin
The DB2 installation provided with Lotus Sametime supports Linux 32-bit systems
and Windows 32-bit or 64-bit systems. If you have a 64-bit Linux system, either
install DB2 for Windows or install DB2 on a 32-bit Linux system instead. IBM i
includes DB2.
About this task
If you are running in a production environment, install DB2 on a separate

machine. In a pilot environment, you can install DB2 on the same machine on
which you plan to install Lotus Sametime System Console.
1. (Linux RHEL only) Disable SELinux on any RedHat operating system:
a. Log in as root on the Linux RedHat server where you will install DB2.
b. Open the /etc/selinux/config file for editing.
c. Locate the SELINUX setting. Change its value to either disable or
permissive.
d. Save and close the file.
e. Restart the Linux server.
2. Log in to your computer as the system administrator (Microsoft Windows) or
as root (Linux).
3. Download the Sametime DB2 installation package if you have not already
done so.

d. Verify that you have at least 1 GB of temporary space to run the
installation in your %TEMP% or /tmp directory.
4. Navigate to the folder where you extracted the files. Start the installation
program by running one of the following commands from the disk 1 folder:
Linux
./launchpad.sh
Windows
launchpad.exe
5. If necessary, select a language other than English from the ″Select a language″
dropdown list.
6. Click Install IBM DB2 and click Install IBM DB2.
7. Leave the defaults selected and click Next.
If Installation Manager is already installed, the selection is dimmed.
8. At the Licenses screen, click the I accept the terms in the license agreements
option and click Next.
9. At the next screen, accept the default locations.
Click Next.
10. At the next screen, accept the default location for the package group.
Click Next.
11. Select Create a new package group and accept the default location.
Click Next.
12. Confirm that all available features are selected, then click Next.
13. Create a new DB2 Application User ID that does not exist on the system. Then
supply a password that meets the operating system password policy
requirements as well as any additional requirements imposed by your
company. Confirm the password.
For information about passwords, see the Password Rules topic in the DB2
information center.
Important: This user cannot previously exist on the system. This user will be
created as a local operating system user during the DB2 installation process; if
your organization does not allow creation of local operating system users for
security reasons, exit this installer and install DB2 v9.5 using a different
package. This installer will not check to see if the user already exists.
Make a note of the DB2 Application User name and password. This user has
database administration authority and you will supply the name and
password when you install the Lotus Sametime System Console and when
you connect to DB2 databases later.
Then click Next.
14. At the summary panel, review the settings, then click Install to start the
installation.
The installation may take up to 20 minutes to install. You will receive
confirmation when it is complete.

15. Click Finish to close the installation screen.
16. Click Exit to close the Installation Manager.
Results
If the installation fails, click View Log File for more information. Logs are stored
in the following locations.
Linux
/var/ibm/InstallationManager/logs
Windows 2008
%ALLUSERSPROFILE%\IBM\Installation Manager\logs
Windows 2003
%ALLUSERSPROFILE%\Application Data\IBM\Installation Manager\logs
What to do next
“Creating a database for the Lotus Sametime System Console on AIX, Linux,
Solaris, and Windows”
Installing the Lotus Sametime System Console

The Lotus Sametime System Console is your focal point for administering and
configuring all Sametime servers.
About this task
Install and configure prerequisite applications, then install the IBM Lotus Sametime
System Console, which you will use for preparing for server installations and for
managing your Lotus Sametime deployment.
Creating a database for the Lotus Sametime System Console on

AIX, Linux, Solaris, and Windows
Before installing the Lotus Sametime System Console, create a database to store its
data.
Before you begin
Make sure you have installed DB2. If you previously created a System Console
database and want to run the script again to create a database of the same name,
use the DB2 DROP DATABASE command first to delete all user data and log files,
as well as any back/restore history for the original database. Also note that
uninstalling DB2 does not remove the data and log files.
About this task
Run the scripts that come with Lotus Sametime in the DB2 installation package to
create the database for the Lotus Sametime System Console.
1. On the DB2 server, log in to the system as the DB2 administrator created
during DB2 installation if you are not already logged in.
Linux and Windows: Now proceed to Step 3.
AIX and Solaris: Now proceed to Step 2.
Chapter 3. Installing 59
2. Download the DB2 installation package if you have not already done so.
3. Open a command prompt and navigate to the folder where you extracted the
DB2 installation package.
4. Create the database by running one of the following commands from the disk 1
folder:
AIX, Linux, and Solaris
./createSCDb.sh STSC
Windows
createSCDb.bat STSC
Replace ″STSC″ in the command if you want to choose a different database
name. Names can be from 1 - 8 characters, but cannot contain special or
multibyte characters.
Follow the rules for your operating system when naming DB2 objects.
5. Close the command window.
6. Open the DB2 Control Center.
Open the IBM DB2 folder on the desktop and click Control Center.
Windows
Click Start → Programs → IBM DB2 → installed_DB2_instance → General
Administration Tools → Control Center.
7. Verify that the new database was created.
Related tasks
“Installing DB2 on Linux and Windows” on page 57
Installing the console on AIX, Linux, Solaris, and Windows

Run the install program to set up the Lotus Sametime System Console on AIX,
Linux, Solaris, or Windows.
Before you begin
Ensure that your DB2 server is installed and running with the db2start command,
and that the Lotus Sametime System Console database has been created.
AIX, Linux, and Solaris: The launchpad install program needs to be able to launch
a Web browser to start. You will need to be on the console or have an X server and

a Web browser installed and configured. (VNC or a remote X term session will
work as well.)
About this task
Follow these steps to install the Lotus Sametime System Console.

a. Log in as root on the Linux RedHat server where you will install the
permissive.
as root (IBM AIX, Linux, Solaris).
Solaris only: Solaris installs must be performed by the root user using su or a
normal login session. Third-party sudo packages are not supported on Solaris.
3. Download the Sametime System Console installation package if you have not
already done so.
4. Navigate to the folder where you stored the downloaded files for Lotus
Sametime and start the installation program by running one of the following
commands from the disk 1 folder:
AIX, Linux, Solaris
./launchpad.sh
Windows
launchpad.exe
dropdown list.
6. Click Install IBM Lotus Sametime System Console and click Launch IBM
Lotus Sametime System Console 8.5 installation.
7. Leave the defaults selected to install IBM Installation Manager, Version 1.3.x
and IBM Sametime System Console server, Version 8.5.x. Click Next.
Note: If IBM Installation Manager is already installed on the system, its

selection will be dimmed.
8. At the Licenses screen, click I accept the terms in the license agreements and
click Next.
9. Accept the location for shared installation files and click Next.
10. Select Create a new package group. Accept the installation directory. Then
click Next.
11. Verify that IBM Sametime System Console server 8.5.x is selected as the
feature to install and click Next.
12. At the Common Configurations screen, verify the cell, node, and host name.
The Lotus Sametime System Console is a Deployment Manager and
administers a cell and any nodes federated into the cell for other Sametime
servers. In a production environment, the servers are in one geographic region
and in a pilot environment, the servers are all installed on one machine.
v Cell: This is the name of the WebSphere cell that will be created for the
System Console, such as systemNameSSCCell.
v Node: This is the name of the WebSphere node that will run the Sametime
applications in the Sametime System Console. It will be federated into the
cell during the installation process.
v Host Name: Use the fully qualified DNS name of the server you are
installing the Sametime System Console on. Make sure this DNS name is
resolvable from other servers you will be installing products on. Do not use
an IP address, a short host name, or localhost.
13. Create the WebSphere Application Server User ID user name and password,
then confirm the password.
This user will be created in a WebSphere local file system repository and does
not exist on the operating system or in an LDAP directory. It will be used to
administer the Sametime System Console server.
Make a note of the ID and password because you will need them later for
additional product installations and configuration. It will also be used to
administer the Sametime System Console server. Click Next.
14. At the Configure DB2 for the System Console screen, provide information for
connecting to the Sametime System Console database. Then click Next.
v Host Name: Use the fully qualified domain name of the server where you
installed DB2. Do not use an IP address or a short host name.
v The Port field shows the default port of 50000. Accept the default unless
you specified a different port during DB2 installation or your server is
using a different port.
Linux: The default is typically 50000, but will vary based on port
availability. Check the /etc/services file on the DB2 server to verify the port
number being used.
v Database Name for the System Console/Policy: Enter the name of the
database you want to connect to. If you used the recommended name when
you created the Sametime System Console, the name is STSC.
v Application user ID: Enter the name of the database administrator you
created when installing DB2. The default is db2admin.
v Application password: Supply the password that you created when you
installed DB2, such as db2password.
15. Click Validate.
16. When the button label changes to Validated, click Next.
If the database connection is not successful, use the dbverify.log to debug the
problem. The log can be found in the temp directory for your operating
system.
/tmp

Windows
%TEMP%
installation.
Results
After a successful installation, the three components that are needed to run the
console start automatically: the Deployment Manager, the node agent, and the
Sametime System Console server. These must always be started before you can use
the system console.
If the installation was not successful, look at the installation logs for more
information about what occurred during the installation attempt. Fix any problems,
then uninstall all components and reinstall. Find information in the logs directory
and the ant and native subdirectories.
AIX, Linux, or Solaris
SSC connection log: /tmp/SSCLogs/ConsoleUtility.log.0
Windows 2008
Windows 2003
SSC connection log:
Documents and Settings\username\Local Settings\Temp\SSCLogs\

ConsoleUtility.log.0
What to do next
“Starting the Lotus Sametime System Console” on page 231

Related tasks
“Uninstalling DB2 and Sametime software with the Installation Manager” on page
243
Use the Installation Manager to uninstall the following components that are
packaged with Lotus Sametime: IBM DB2 for Linux and Windows, Lotus Sametime
System Console, Lotus Sametime Proxy Server, Lotus Sametime Meeting Server,
and Lotus Sametime Media Manager.
Logging in to the Lotus Sametime System Console

Use the IBM Lotus Sametime System Console to prepare to install new servers,
start Sametime servers that have been installed, use guided activities to perform
configuration tasks, and administer any Sametime servers managed by the console.
About this task
With the Lotus Sametime System Console started, follow these steps to log in.
1. From a browser, enter the following URL, replacing serverhostname.domain with
the fully qualified domain name of the Lotus Sametime System Console server.
Specify port 8700 for all platforms except IBM i.
http://serverhostname.domain:8700/ibm/console
IBM i: The port number may not be 8700. Use the port that was listed in the
Sametime System Console installation results summary. To check the port, open
the AboutThisProfile.txt file for the Sametime System Console Deployment
Manager Profile and use the setting specified for the ″Administrative console
port.″ For the default profile name (STSCDmgrProfile), the file is located here:
/QIBM/UserData/Websphere/AppServer/V7/SametimeWAS/profiles/
STSCDmgrProfile/logs/AboutThisProfile.txt
Note: During the install process, WebSphere security is enabled. SSL is enabled
as part of the WebSphere security process and you will be directed to another
port which listens for https connections.
The WebSphere Application Server Integrated Solutions Console opens.
2. Enter the WebSphere Application Server User ID and password that you
created when you installed Lotus Sametime System Console.
The default name is wasadmin.
3. Click the Sametime System Console task to open it in the navigation tree.
What to do next
“Connecting to an LDAP server”

Related tasks
When started, the Lotus Sametime System Console runs as a task in the WebSphere
Application Server administrative console.
Connecting to an LDAP server

Use the Lotus Sametime System Console to connect IBM Lotus Sametime servers to
an LDAP server that has already been installed and configured. An LDAP server is
required for the Lotus Sametime System Console, Lotus Sametime Community
Server, Lotus Sametime Meeting Server, Lotus Sametime Media Manager, and
Lotus Sametime Gateway Server .
Before you begin
Start the LDAP server and the Lotus Sametime System Console if they are not
already running.
About this task
If you have not already opened the Connect to LDAP Servers activity, follow these
steps:
the fully qualified host name of the Lotus Sametime System Console server.

If you are prompted with a security exception, accept the certificate, and
continue.
secure port.″ For the default profile name (STSCDMgrProfile), the file is located
here: /QIBM/UserData/Websphere/AppServer/V7/SametimeWAS/profiles/
STSCDMgrProfile/logs/AboutThisProfile.txt
created when you installed the Lotus Sametime System Console.
4. Expand Sametime Prerequisites, and click Connect to LDAP Servers.
Related concepts
“Planning for an LDAP directory” on page 40
Related tasks
Sametime prerequisite: Connecting to an LDAP server

This activity takes you through the steps for identifying users and groups in an
LDAP directory that need access to IBM Lotus Sametime.
Before you begin
An LDAP server must be installed and configured.
About this task
Connect IBM Lotus Sametime servers to the LDAP server. Once your Lotus
Sametime server connects to the LDAP server, it can search the LDAP directory
and authenticate Sametime users. If you have already connected Sametime to an
LDAP server, but now you want to edit or delete a connection, use this activity.
Note: If you are using Active Directory as the LDAP, a common attribute to use
for authentication is the saMAccountName attribute. When an Active Directory
LDAP is being used, WebSphere automatically maps uid to saMAccountName, so
saMACccountName should not be explicitly stated as an attribute. If you want to
use saMAccountName for any LDAP attribute field, you must specify uid. Specifying
saMACccountName as a login or search property causes installation to fail. You can
find more information in this TechNote: http://www-01.ibm.com/support/
docview.wss?uid=swg21253331.
1. Connect to LDAP server.
In Connect to LDAP servers, click Add.
If you want to edit or delete an LDAP connection instead, then click the
appropriate button. You can only edit or delete an LDAP connection if it has
not been used to install a product.
2. Bind to LDAP.
a. Click either Anonymous access or Authenticated access.
When a Lotus Sametime server connects to the LDAP server, this can be
done either anonymously or using credentials to authenticate with the
LDAP server. If you select Authenticated access, you will be prompted with
the Bind distinguished name (DN) and Password fields to enter this
information. If you select Anonymous access, these fields will be hidden as
they are not required.
b. Enter a Deployment Name for this LDAP connection. This is name you
provide to this LDAP connection for easy reference. It does not need to map
to any existing server name or value and is intended as an easy way to
identify this object when you reference it in the future.
c. Enter the fully qualified domain name of the LDAP server you wish to
connect to in the Host name field. Do not use an IP address or a short host
name.
d. Enter the Port of the LDAP server. The default value is 389. If your LDAP
server is running on a different port, enter the correct port value here. If
this is an SSL connection, click Is secure LDAP connection?.
e. If you have selected Authenticated Access, enter the Bind distinguished
name (DN) and Password fields. These are the user credentials you will use
to authenticate with your LDAP server. If you have selected Anonymous
Access, these fields will not be shown. For example:
cn=John Smith,ou=managers,o=acme,st=Massachusetts,c=US
f. Verify that the check box for Is used by Sametime System Console? is
selected. It is selected by default so that the LDAP server is used by the
Sametime System Console for authentication and policy management.
g. Click Next.
When designating an authenticated user, IBM recommends that you create a
unique directory entry that is used only for the purpose of authenticating
connections from the Lotus Sametime server to the LDAP server. After creating
the directory entry, you must ensure this directory entry has at least read access
to the attributes of the LDAP directory entries.
3. Base Distinguished Name and Filter for Searches.
Enter the base distinguished name and filter for searches information.
a. Select your base distinguished name and filter for searches from the
dropdown list, or if it was not found, enter it into the field. Selecting one
that was found from the dropdown list will populate the field for you. You
specify the basic LDAP parameters required to conduct searches for people,
and for groups, in an LDAP directory. Some of these parameters are also
necessary for displaying the names of users in the IBM Lotus Sametime
user interface.
Note: A dropdown list typically displays from which you select a base DN
that is detected by the guided activity; however, the list does not display
when Domino LDAP is being used. Additionally, Domino LDAP is the only
LDAP that uses a blank base DN, while WebSphere requires a base DN for
federating repositories. Since WebSphere does not let you federate an LDAP
directory with an empty base DN, it sets the base DN to C=US. The LDAP
repositories are listed by base DN after they are federated.
If your site uses single sign-on (SSO) for awareness, you must manually
modify the base DN in both the Lotus Sametime Community Server and
Lotus Sametime Meeting Server so they match. Update the Sametime
Community Server’s LDAP connections in the stconfig.nsf and da.nsf to

use the same base DN that the Sametime Meeting Server will be using:
C=US. The Sametime System Console does not overwrite any manual
changes that you make.
b. Optional: To specify the search filter and basic LDAP settings for person
and group entries, click Configure advanced LDAP settings.
c. Click Next.
4. Collect Person Settings. To search for a user name, a Sametime end user enters
a text string in the user interface of a Sametime client. This setting defines the
LDAP search filter responsible for selecting a user name from the LDAP
directory. The search filter matches the text string provided by the user to
information contained within the attributes of LDAP directory person entries.
a. Enter the search filter attributes of an LDAP person entry.
Table 1. Search Filter
Attribute Description
Authentication Attributes Allows the user to authenticate with more
than one attribute of the user’s entry. For
example, if this field is set to cn, uid the user
could authenticate with either of these
names.
Important: In order for the Meeting Server
to work, the first field of the Authentication
attribute must be set to ″mail″ and it must
be listed first. The other fields can be
anything the administrator wants for the
server separated by a semicolon ″ ;″. For
example, the Authentication attribute can be
set to ″mail;cn;uid″.
Search Attributes Use for searching the directory for users.
The fields must be separated by a semicolon
″;″. For example, the Searach attribute can be
Object Class Specifies a set of attributes used to describe
an object that identifies the entry as a
person. IBM recommends using an
objectclass of organizationalPerson for your
person entries. Lotus Sametime determines
whether a directory entry returned by a
search is a person or group entry. Lotus
Sametime assumes that groups are
represented by entries with a unique object
class. Lotus Sametime compares the name of
the object class specified in this setting to
the object class values of each entry to
decide whether the entry is a group or a
person.
b. Enter the person attributes of an LDAP person entry.

Table 2. Person Attributes
Display Name Displays a user’s name in Lotus Sametime
user interfaces.
Similar name distinguisher Differentiates between two users that have
the same common name (cn) attribute.
Table 2. Person Attributes (continued)
e-mail address Contains the user’s e-mail address in the
field.
Home Sametime Server Enter the fully qualified host name of the
home Sametime Community Server. If your
environment includes multiple Lotus
Sametime Community Servers or you have
deployed other applications enabled with
Sametime technology, every user must be
assigned to a home Sametime Community
Server.
c. Click Next.
5. Collect Group Settings. To search for a group name, a Sametime user enters a
text string in the user interface of a Sametime client. This setting defines the
LDAP search filter responsible for selecting a group name from the LDAP
information contained within the attributes of LDAP directory group entries.
Search Attributes Use for searching the directory for groups.
Object Class Specifies the attribute of a directory entry
that identifies the entry as a group. Lotus
Sametime determines whether a directory
entry returned by a search is a person or
group entry. Lotus Sametime assumes that
groups are represented by entries with a
unique object class. Lotus Sametime
compares the name of the object class
specified in this setting to the object class
values of each entry to decide whether the
entry is a group or a person.

Display Name Displays a group’s name in Lotus Sametime
user interfaces.
Similar name distinguisher Differentiates between two groups that have
Group membership attribute Specifies the name of the attribute in the
group entry that contains that names of
individual people or subgroups. If an user
adds a group to a presence list, privacy list,
or a list that restricts meeting attendance,
Lotus Sametime must obtain the list of
members within the group so that
individual members of the group can be
displayed.
c. Click Next.

6. Task Completion Summary.
Review the configuration details in the Task Completion Summary table, and
click Finish to connect to the LDAP server with this configuration, or click
Cancel to abandon this configuration and start over.
7. Restart the System Console Deployment Manager if you selected the Is used by
Sametime System Console?. This is necessary to complete the LDAP federation
process.
What to do next
Go to System Administration → Nodes. Select all the available nodes, and click
Synchronize. This ensures the LDAP changes are pushed to the nodes.
Related tasks
“Starting and stopping the Deployment Manager” on page 417
The Deployment Manager manages the Lotus Sametime System Console and all
Lotus Sametime Server cells.
Related reference
“Command reference for starting and stopping servers” on page 232
You may use a command window to start and stop Sametime components running
on WebSphere Application Server. To stop servers, you will supply the WebSphere
Application Server administrator password that was established when you
installed the server. Important: Verify that the Deployment Manager for the cell is
running before starting any server.
Installing a Lotus Sametime Community Server and

supporting software
First install a Lotus Sametime Community Server on a Domino platform. You must
have already connected the Sametime System Console to an LDAP server. After
installing a Lotus Sametime Community Server, you can install and set up optional
components, such as a multiplexer or integration with Microsoft Office.
Related concepts
Related tasks
“Connecting to an LDAP server” on page 64
Installing a Domino server

Install a Domino server and prepare the Domino environment before installing a
Lotus Sametime Community Server.
Before you begin
If you have never installed and set up a Lotus Domino server, it is strongly
recommended that you refer to the Lotus Domino documentation to get a full
understanding of how to install and set up a Domino server.
Installing a Domino server on Windows:
If you are installing a new IBM Lotus Domino server for your IBM Lotus
Sametime server, use these general directions to remind you of the necessary steps
to install Lotus Domino; this procedure assumes that you have a working
knowledge of Domino administration.
Before you begin
If you are adding a server to an existing Lotus Domino domain, you need to
register the server before you can install Lotus Domino. The registration process
creates a Server document in the Domino Directory.
Specify the following settings during registration:

1. Store the server ID file that is created during registration somewhere on the
system where you will configure the Sametime server. Record the path name;
you will need to specify it when you configure the Sametime server.
2. Use the same network name as the first Lotus Domino server in the Lotus
Domino domain.
About this task
To install Lotus Domino on a Windows platform, follow these steps.

1. Run the install program (setup.exe), which is on the Domino server
installation CD.
2. Read the Welcome screen, and click Next. Then read the License Agreement
and click Yes.
3. Enter the administrator’s name and the company name. Do not elect to install
Lotus Domino on partitioned servers.
4. Choose the program and data directory in which to copy the software. Make
note of the locations you provide for the Domino program and data
directories. You will need this information when you install Lotus Sametime.
Click Next.
5. Select ″Domino Enterprise Server″ as the server type.
6. Click Next to accept all components.
7. Specify the program folder or accept Lotus Applications as the program folder
that will contain the software.
8. Click Finish to complete the install program.
9. (Domino 8.5 only) Create a file to modify XML transforms needed by
Sametime:
a. Navigate to the Domino_program_directory\jvm\lib\jaxp.properties
directory.
b. Create a file called jaxp.properties.
c. Add the following line to the file:
javax.xml.transform.TransformerFactory=org.apache.xalan.processor.TransformerFactoryImpl

10. On the Windows Start menu, clickPrograms → Lotus Applications → Lotus
Domino Server to start the Server Setup program.
What to do next
Using the Domino Server Setup Program Locally: After installing Domino, the
first time you start the server, the Domino Server Setup Program launches. The
Server Setup program asks a series of questions and guides you through the setup
process.
Installing a Domino server on AIX, Linux, or Solaris:
If you are installing a new IBM Lotus Domino server, use these general directions
to remind you of the steps for installing Lotus Domino. This procedure assumes
that you have a working knowledge of Domino administration.
Before you begin
If you are adding a server to an existing Lotus Domino domain, you need to
register the server before you can install Lotus Domino. The registration process
creates a Server document in the Domino Directory.
Specify the following settings during registration:

1. Store the server ID file that is created during registration somewhere on the
2. Use the same network name as the first Lotus Domino server in the Lotus
Domino domain.
About this task
The Lotus Domino installation programs for AIX, Linux, and Solaris use scripts
that ask for configuration information and then install the software in the
appropriate directories.
1. Place the CD in the CD-ROM drive.
2. Become the root user by logging in as the root user or using the ″su″ command.
Open Operations Navigator.
3. Mount the Lotus Domino CD for your server platform (AIX, Solaris or Linux)
to make it available. You can mount the CD using the SMIT utility or the
appropriate version of the following command:
mount -r -v -cdrfs /dev/cd0 /cdrom
4. Using the above example, change to the /cdrom directory and start the
installation script using the following command:
./install
5. Follow the directions on each panel of the script, making sure to retain the
information you provide for the location of the Domino executable directory
and the Domino data directory. You will need this information when you install
the Lotus Sametime Community Server.
Installing Domino on partitioned servers:
a. When prompted to install more than one Lotus Domino server on this
computer, click Yes.
b. When prompted for the location of the data directory and the Notes user
account, be sure to specify a unique location for the data directory and the
appropriate user name for each partitioned server.
6. (Domino 8.5 only) Create a file to modify XML transforms needed by
Sametime:
a. Navigate to the Domino_program_directory/jvm/lib/jaxp.properties
directory.
b. Create a file called jaxp.properties.
c. Add the following line to the file:
javax.xml.transform.TransformerFactory=org.apache.xalan.processor.TransformerFactoryImpl
e. If the Domino server is running, restart it so this change can take effect.
What to do next
After you have installed the Domino server, you must start and stop the Domino
server at least once before installing the Sametime server. This allows certain files
to be created that Lotus Sametime needs in order to install correctly.
Related tasks
“Starting and stopping servers in a Lotus Sametime deployment” on page 230
An IBM Lotus Sametime deployment is made of up several component servers that
can be started and stopped independently.
Preparing the AIX, Linux, or Solaris environment for Domino:
Set up the environment on a computer running IBM AIX, Linux, or Sun Solaris
before installing IBM Lotus Domino.
1. You must log in as the root user to install the Lotus Domino and Lotus
Sametime server.
2. You must have a designated operating system user who can start the Lotus
Sametime server, and this user must be a part of a designated operating system
group.
The default user is ″notes″ and the default group is also ″notes,″ but any
non-root username and group can be used. To verify that the designated
operating system user is part of the operating system group, type the
following, where dominoUserName is the name of the Notes user.
groups dominoUserName
For example, if you type groups notes and get the return value of notes, this
indicates that the user name ″notes″ is a part of the group ″notes″.
3. Verify the amount of disk space you have. Make sure that the file system has at
least 1GB of disk space. Type the following command: type ″df -k″
Note: If you are installing from a downloaded image rather than a CD, you
must also consider the disk space required for the *.tar install files and the
unpacked install files, which require approximately 2GB of disk space.
4. (AIX only) The Input Output Completion Protocol (IOCP) must be installed
and configured.
If not, it will not allow the Lotus Domino setup to begin, and you will get the
following error:

Your system is not configured with I/O Completion Ports. I/O Completion Ports
must be installed in order to run the Domino 7 Server. Install and make
available I/O Completion Ports and restart your system. Refer to Lotus
Knowledgebase Technote 1086556 for detailed instructions on how to
install/configure IOCP.
a. Open the /etc/selinux/config file for editing.
b. Locate the SELINUX setting.
c. Change its value to either disabled or permissive.
6. (For partitioned servers only) Additional preparation is necessary if you plan
to install Lotus Sametime on a partitioned Lotus Domino server:
a. Ensure that each partitioned server has a unique IP address.
You can map multiple IP addresses to one network card using the ifconfig
command:
ifconfig device alias new_IP_address netmask subnet
For example:
ifconfig en0 alias 9.3.187.209 netmask 255.255.255.128
b. Ensure that each partitioned server has a DNS name that maps to its unique
IP address.
If a DNS name can be resolved to multiple IP addresses, be sure to read the
″multi-homed″ notes in Installing partitioned Domino servers on AIX,
Linux, or Solaris.
c. It is recommended (but not required) that each partitioned server be run by
a unique user account.
Create a new UNIX Notes user for each partitioned server that you plan to
install. You can use a single Notes group for all partitions
Configuring partitioned Domino servers on AIX, Linux, or Solaris:
Prepare IBM Lotus Domino partitioned servers before installing the Lotus
Sametime Community Server on AIX, Linux, or Solaris. Partitioned Domino servers
are not supported on Microsoft Windows.
About this task
Follow these steps to configure each server. Use the appropriate Notes user
account for each server you want to configure. For example, log in as notes and
configure the first server. Then log out, log in as notes2 and configure the second
server, and so on.
1. Log in with the first Notes user account and run the following command:
/opt/lotus/bin/server
2. During configuration, make sure that any field referring to the server’s name or
IP address is set up properly. By default, the IP address and server name fields
for each configuration contain the IP address and server name of the first
server. For each additional server, you must update these fields so that they are
appropriate for that partition.
3. After configuration for each server is complete, provide the host name for each
partitioned Lotus Domino server:
a. Start the Lotus Domino server.
b. Open a browser and go to the server’s Lotus Domino Directory (usually
names.nsf).
c. Open the Server document for this particular Lotus Domino server.
d. Choose Internet Protocols / HTTP tab and fill in the Host name with the
fully qualified name of the server, and then enable Bind to host name. For
Multi-homed, do not enter the Host name; instead enter all IP addresses
into the Host name field.
e. Save and close the server document.
f. Open the notes.ini file and add the following field:
TCPIP_TcpIpAddress=0,(server_ip):1352
4. Log out.
5. Access the Community Services Network settings from the Sametime
Administration Tool by selecting Configuration > Connectivity > Networks and
Ports. You must change the Event Server port and the Token Server port for
each additional partition you install. Ensure that the values are unique and that
they are not in use by another Sametime server or process. Recommendation:
Use ports above 9098.
6. Repeat the process until you have configured all the partitioned Notes servers.
What to do next
1. Start each partitioned Lotus Domino server, one at a time.
2. Verify each server has successfully started.
3. Verify no errors are reported.
4. Stop each Lotus Domino server.
Installing the Notes client and Domino administrative client:
To administer the Lotus Domino server, you must install and configure at least one
Microsoft Windows PC as the administration workstation.
Before you begin
Before you can install the Lotus Domino and Lotus Notes clients, you must have
installed and set up the Lotus Domino server.
About this task
Use the IBM Lotus Domino software that shipped with IBM Lotus Sametime to
install and configure the Lotus Domino Administrator and IBM Lotus Notes clients
on the administration workstation.
1. If you are installing from physical media, insert the Lotus Notes Client CD into
the PC you plan to use as the administrator’s workstation.
2. Start the installation wizard.
3. Follow the instructions on each panel of the Lotus Notes installation wizard,
selecting to install both the Lotus Domino Administrator and Lotus Notes
clients.
4. Copy the certifier ID and administrator ID files from the Domino data directory
of your Lotus Domino server to the Lotus Notes data directory of the
Administrator workstation. You can use File Transfer Protocol (FTP) or another
method, or you can let the initial communications between the server and
administration workstation copy the files for you automatically.
5. If necessary, start the Lotus Domino Server.

6. Open Lotus Notes.
7. Follow the instructions in the setup wizard to configure the Lotus Notes client.
If you have moved the certifier and administrator ID files to the PC you have
designated as your administration workstation, indicate the correct location
when asked. If you have not copied the ID files, simply provide the user
administrator name you specified during HTTP setup. You will be prompted
for the password for this ID. The ID files will be copied and stored on your
administration workstation for you automatically.
What to do next
When you have set up the Lotus Domino Administrator and Lotus Notes clients,
you are ready to begin preparing the Domino server for Lotus Sametime
installation
Verifying your Lotus Domino environment:
Verify your Lotus Domino server environment.
Verifying the Domino Server document settings:
After installing the Lotus Domino server and before installing Lotus Sametime
Community Server, you should edit the Lotus Domino server document to make
sure the fields are completed as described below.
About this task
Follow these steps to edit the server document.

1. Start the Domino server.
Note: Starting the Domino server may take a few minutes.

2. Open the Domino Administrator client and click the Configuration tab.
3. Expand the Server section and then click All Server Documents.
4. Open the Server document for the Domino server on which you are installing
Lotus Sametime. Use the table below to verify the appropriate values for the
fields in the Server document. Make changes to the document if necessary.
Server Document Values

Basics tab
Fully qualified Internet host name This field is completed during the Domino
server install, and should contain the fully
qualified host name as known by the DNS
server.
In a test environment, the local hosts table

can be used as well as DNS.
Note: This CANNOT be a numeric IP
address.
Load Internet configurations from Disabled

Server\Internet Sites documents
Directory assistance database name If a Directory Assistance database does not
already exist on the server, Sametime will
create one during server installation and this
field will be set to da.nsf
Directory Type Make sure this field says ″Primary Domino

Directory.″
If this field contains ″Configuration

Directory,″ shutdown the Domino server and
replicate names.nsf from a master server.
Master servers have a Directory Type of
Primary Domino Directory. If you are unsure
about a server, check the Directory Type
field in the Server document.
Security tab
Administrators This field is completed during the Domino

server install, and should contain the name
of the Sametime administrator. If not, click
the arrow to select a name from an address
book.
Internet authentication Default is ″Fewer name variations with

higher security″, the recommended setting
for tighter security.
Select More name variations with lower

security if Domino Directory authentication
is being used and you want users to be able
to use short names.
Access server Leave this field blank if possible. If you do

include entries, you must add the following
to the list of trusted directories:
Sametime Development/Lotus Notes

Companion Products
Run unrestricted methods and operations After you install the Sametime server, this
field should include these entries:
v The name of the server
v The name of the administrator
v Sametime Development/Lotus Notes
Companion Products
Note: If you have signed agents with an
additional signature, include that name here
as well.
Ports - Notes Network Ports tab
Port TCPIP
Note: This must be typed exactly as shown
in all uppercase letters or you will not be
able to add Lotus Sametime to this server.

Protocol TCP
Net Address The fully qualified host name for the

Domino server as known by the DNS server.
This should match both of the following:

v The fully qualified Internet host name on
the Basics tab above
v The Host Name on the Internet
Protocols-HTTP tab specified below.
Commonly:
computername.internetdomain.com
For example, stdom1.acme.com.

address.
Ports - Internet Ports - Web tab
TCP/IP port number 80 (or 8088 if tunneling is being used)
TCP/IP port status Enabled
Name & password Yes
Anonymous Yes
Internet Protocols - HTTP tab
Host name The fully qualified host name of the Domino

server as known by the DNS server.

v The Net Address on the Ports - Notes
Network Ports tab tab above
Commonly:
For example: stserver1.acme.com

Note: Normally, this CANNOT be a
numeric IP address. For AIX, Linux or
Solaris servers with multiple valid IP
addresses (multi-homed), enter all of the IP
addresses instead of the host name.
Bind to Host name Disable -- for Microsoft® Windows® servers;

also for IBM AIX®, Linux, and Solaris servers
when not using partitioned Domino servers
Enable -- for IBM i® servers; also for IBM

AIX®, Linux, and Solaris servers when using
partitioned Domino servers
Allow HTTP clients to browse databases Yes (enable) for portals, otherwise, not
necessary
Home URL This field is set to ″stcenter.nsf″ during

Lotus Sametime installation.
DSAPI filter file names If this field is set to NDOLEXTN (Domino

Offline Services), remove the value and
leave this field blank.
Internet Protocols - Domino Web Engine

tab
Session Authentication This field is set to Multiple Servers (SSO)

during Sametime installation.
If single sign on (SSO) is not being used,

you can change this to single-server.
Web SSO Configuration This field is set to LtpaToken during

Sametime installation.
Java servlet support Domino Servlet Manager
5. Click Save and Close, if you made changes.

6. Stop and restart the Domino server for the changes to take effect.
Related tasks
Verifying the Domino server is accessible:
Before installing IBM Lotus Sametime, verify that the IBM Lotus Domino server is
accessible from client workstations.
About this task
Test client access (using HTTP) to a Lotus Notes database hosted on your Lotus
Domino server.
Start a Web browser on the workstation and attempt to access names.nsf (or some
other convenient database) by entering the following address into the location bar:
If you have set names.nsf to be inaccessible from clients, test with a database that
clients can access.
http://hostname.yourco.com/names.nsf
If you can sign on using the server administrator ID and internet password to
view the contents of names.nsf, the Domino server is accessible and ready for
installation of Sametime.
Installing a community server on AIX, Linux, Solaris, or Windows

Follow the instructions for your operating system to install a Lotus Sametime
Community Server on AIX, Linux, Solaris, or Windows.

Preparing to install a Lotus Sametime Community Server:
Use the Lotus Sametime System Console to prepare to install a Lotus Sametime
Community Server by pre-populating values required for installation.
Before you begin
Start the Lotus Sametime System Console if it is not already running. Start the
Domino server to allow validation of the Domino administrator during the
installation.
About this task
If you have not already opened the Install Lotus Sametime Community Server
guided activity, follow these steps:
4. Click Sametime Guided Activities → Install Sametime Community Server.
Related tasks
Guided activity: Preparing to install a Lotus Sametime Community Server:
This guided activity takes you through the steps of creating a deployment plan,
which collects information that pre-populates installation screens.
Before you begin
You have installed and prepared the IBM Lotus Domino server environment on the
server where you plan to install the Lotus Sametime Community Server and
started the Domino server. If you plan to connect to a separate slide conversion
server, you have configured the server and know its name and port number.
About this task
Follow these steps to store a deployment plan on the Lotus Sametime System
Console to be used when you run the installation program for Lotus Sametime
Community Server.
1. Plan a product installation.
In the Install Sametime Community Server portlet, click Create a New
Deployment Plan, and then click Next.
2. Deployment Name.
Give the deployment plan a unique, recognizable name, which will be shown
only in the Sametime System Console, and then click Next.
The name should include the installation and node type, such as stComm. You
can include multibyte characters, symbols, and spaces in the name. The name
can be up to 256 characters and is not case sensitive.
3. Server Host Name.
Provide the fully qualified host name for this Lotus Sametime Community
Server. Do not use an IP address or the host’s short name.
4. Connect to Domino Server.
Enter the existing Domino administrator’s user ID and password, and then
click Next.
Use the common-name portion of the ID (not the hierarchical name that
includes slashes). The Sametime System Console validates the administrator
credentials on the Domino server.
5. Slide Conversion.
Do one of the following:
Select Use the Sametime server to host the slide conversion feature on the
current server, and then click Next.
Select Use Sametime slide conversion server to host the slide conversion
feature on a different Community Server, provide the host name and port to
connect to that server, and then click Next.
6. Connect to an LDAP Server.
Click the LDAP directory that you configured with the Lotus Sametime System
Console guided activity, and then click Next.
7. HTTP Tunneling.
To allow Sametime clients to make HTTP-tunneled connections on port 80 to a
server with a single IP address, click Enable HTTP Tunneling, and then click
Next.
Selecting this feature increases the possibility that users in restrictive network
environments can exchange data in chats on a Sametime Community Server
that is extended to the Internet.
8. Deployment Summary.
Review the summary screen, and then click Finish.
The deployment plan is ready to be used for the server installation. If you need
to make any changes, click Modify an Existing Deployment Plan and update
the plan. All changes must be made prior to running installation.
What to do next
“Installing a Lotus Sametime Community Server and supporting software” on page

69
Installing with a deployment plan when IPv6 addressing is enabled:
If you are installing an IBM Lotus Sametime Community Server using a

deployment plan and your Lotus Sametime System Console supports IPv6
addressing, you may need to map the Lotus Sametime System Console’s IP
address to its host name to ensure that the deployment plan can be retrieved
during installation.
About this task
You create a deployment plan on the Lotus Sametime System Console. When you
install the Lotus Sametime Community Server and indicate that you want to use
the deployment plan, the Lotus Sametime Community Server’s installation
program retrieves the deployment plan from the Lotus Sametime System Console.
The installation program does not support IPv6 addressing; however, if your

deployment uses both IPv4 and IPv6 addressing, you can map both addresses to
the same host name as a workaround. When presented with the IPv6 address, the
installation program uses this mapping to determine the corresponding host name,
and then retrieves the deployment plan using the associated IPv4 address.
This task is only necessary when all of the following conditions are true:
v You are installing the Lotus Sametime Community Server using a deployment
plan (already created and stored on the Lotus Sametime System Console).
If you will not be using a deployment plan, then there is no reason to complete
this task.
v You are installing the Lotus Sametime Community Server on either IBM AIX,
Linux, Solaris, or Microsoft Windows.
If you are installing the Lotus Sametime Community Server on IBM i, you
cannot use a deployment plan, so there is no reason to complete this task.
v The Lotus Sametime System Console supports both IPv4 and IPv6 protocols.
If the Lotus Sametime System Console supports only IPv4, this task is not
needed. If the Lotus Sametime System Console supports only IPv6, there is no
IPv4 address to map to the host name and there is no reason to complete this
task.
Important: For an IPv6-only deployment, you cannot use a deployment plan for
the Lotus Sametime Community Server. Instead, install the server by running
the installation program without connecting to the Lotus Sametime System
Console, and then register the Lotus Sametime Community Server with the
console afterward.
1. Log on to the computer where you will install the Lotus Sametime Community
Server as a user with root (AIX, Linux, Solaris), or administrator (Windows)
privileges.
2. Navigate to the directory containing the /etc/hosts file:
v AIX, Linux: /etc/hosts
v Solaris: /etc/inet/hosts
v Windows: C:/WINDOWS/system32/drivers/etc/hosts
3. Add the following statements to the hosts file to map the Lotus Sametime
System Console’s IPv4 address and its IPv6 address to the same host:
Explicit_IPv6_address Fully_qualified_host_name Short_name
Explicit_IPv4_address Fully_qualified_host_name Short_name
Where:
v Explicit_IPv6_address specifies the IPv6-formatted address for the Lotus
v Explicit_IPv4_address specifies the IPv4-formatted address for the Lotus
v Fully_qualified_host_name specifies the fully qualified host name
(server.domain) for the Lotus Sametime System Console. This value is the
same for both statements.
v Short_name specifies the short host name for the Lotus Sametime System
Console. This value is the same for both statements.
Example:
2002:97d:eec3:623:9:123:118:101 stsyscon.acme.com stsyscon
9.123.118.101 stsyscon.acme.com stsyscon
5. Restart the server before attempting to run the Lotus Sametime Community
Server installation program.
Running the community server installation program on AIX, Linux, Solaris, or

Windows:
Run the installation program on the machine where you plan to install a Lotus
Sametime Community Server. It must be on its own machine.
Before you begin
You should have already created a deployment plan for the Lotus Sametime
Community Server and started the Lotus Sametime System Console server. If you
have opened the Sametime System Console in a browser, close it before continuing.
Also close any open Sametime clients.
Complete any pending reboot actions you may have from installing other
applications. Make sure that all applications on the server computer (including the
Domino Server Administrator and the Web browser) are closed. All Domino
services must be stopped. Otherwise, you might corrupt any shared files and the
installation program might not run properly.
About this task
By using the deployment plan you created earlier, you have fewer selections to
make when you run the installation program.
a. Log in as root on the Linux RedHat server where you will install the Lotus
Sametime server.
permissive.
3. Download the Sametime Community Server installation package if you have
not already done so.

Sametime and open the Server folder. Start the installation program by
running one of the following commands:
AIX
./setupaix.bin
Linux
./setuplinux.bin
Solaris
./setupsolaris.bin
Windows
setupwin32.exe
5. Select the language to use for the installation and click OK.
6. At the Welcome screen, click Next.
7. At the Licenses screen, click the I accept both the IBM and the non-IBM
terms option and click Next.
8. Click Yes to install from the Lotus Sametime System Console. Click Next.
9. Supply values for connecting to the Lotus Sametime System Console, then
click Next.
v Sametime System Console hostname: Provide the Host Name for the Lotus
Sametime System Console. The host name was determined when you
installed the Lotus Sametime System Console.
v Use SSL: Leave this option selected to run the server over a secure
connection.
v Sametime System Console port: Leave 9443 as the default value.
v Sametime System Console administrator: Provide the WebSphere
Application Server User ID and password that you created when you
installed the Lotus Sametime System Console.
v Fully qualified hostname for this Sametime server: Provide the fully
qualified host name for the machine you are currently using, which is the
same name you used when you created the deployment plan for this
installation.
Do not use an IP address or short host name.
10. Select the Lotus Sametime Community Server deployment plan you created
earlier with the Lotus Sametime System Console guided activity. Then click
Next.
installation.
13. If prompted, click Finish to reboot the system.
Results
The Domino_data_directory\stsetup_exit_status.txt file contains a zero (″0″) if

the installation is successful. If the installation was not successful, look at the
installation logs for more information about what occurred during the installation
attempt. Fix the problem, then try installing again. The installation logs are stored
Domino data directory: SametimeInstall.log, stsetup.log, stsetup_exit_status.txt,

notes.ini, sametime.ini, and meetingserver.ini
SametimeIniParser.log: This log may be in /tmp or in the Domino data directory.
The default Domino data directory is /local/notesdata/.
Windows
Domino data directory: SametimeInstall.log, stsetup.log, and stsetup_exit_status.txt
Domino program directory: notes.ini, sametime.ini, and

stsetup_exit_code_windows.txt
SametimeIniParser.log: This log may be in %TEMP% or in the Domino data

directory.
SSC connection log: Documents and Settings\username\Local

Settings\Temp\SSCLogs\ConsoleUtility.log.0
The default Domino data directory is c:\program files\ibm\lotus\domino\data\

and the Domino program directory is c:\program files\ibm\lotus\domino.
Related tasks
“Guided activity: Preparing to install a Lotus Sametime Community Server” on
page 79
Enabling the Sametime Administrator to manage the Community Server:
Add the IBM Lotus Sametime Administrator account to the stconfig.nsf database to
enable the administrator to manage the Lotus Sametime Community Server.
Before you begin
Install a Lotus Sametime Community Server using a deployment plan created on

the Lotus Sametime System Console.
About this task
When you use a deployment plan to install the Lotus Sametime Community
Server, the Lotus Sametime Administrator listed in the LDAP directory does not
automatically have access to manage the server. Add the Sametime Administrator
to the server’s Access Control List to ensure that user account has the appropriate
access.
Note: This task is not necessary if you installed the Community Server without
using a deployment plan, or if you upgraded the Community Server from an
earlier release.
1. If the Lotus Sametime Community Server is running, stop it now:
Only stop the Lotus Sametime server; you will need to have the Lotus Domino
server running to complete this task.
a. Open a command window.
b. Navigate to the Lotus Domino installation directory.
c. Start the Lotus Domino server console by typing jconsole and then
pressing Enter.
d. In the Lotus Domino server console, stop the Lotus Sametime server by
typing Tell STADDIN Quit and then pressing Enter.
2. Open the Lotus Notes client on this server.
3. Open the ″Sametime Configuration″ (stconfig.nsf) database:
a. Click File → Lotus Notes Application → Open.
b. In the Look in field, select the server where the Lotus Sametime
Community Server is installed.
If you are using a Lotus Notes client on the same server, the location is
″Local″.
c. In the Open Application dialog box, click the ″Data″ folder and then click
Open.
d. In that folder, locate the ″Sametime Configuration″(stconfig.nsf) database
and click Open.
4. Add the Lotus Sametime Administrator to the Access Control List for this
database:
a. Click File → Application → Access Control.
b. In the Access Control List dialog box, locate the following name:
(&(objectclass=groupOfNames)(member=%s)).
This user is included by default but is not needed; rather than creating a
new user, you can simply change this user’s name.
c. Click the name, and then click the Rename button below the list.
d. Type the name of the Lotus Sametime Administrator account that is listed in
your LDAP directory, and then click OK.
e. Click OK to close the Access Control List dialog box.
5. Close the Lotus Notes client.
Configuring Sametime for partitioned Domino servers on AIX, Linux, or Solaris:
After installing the Lotus Sametime Community server in a IBM Lotus Domino
partitioned server environment on AIX, Linux, or Solaris, configure the partitioned
servers to avoid IP conflicts.
Avoiding IP conflicts in a multi-homed configuration:
If your computer hosts multiple IBM Lotus Sametime servers (a ″multi-homed″

configuration), you must define settings to ensure that the IP addresses for each
Sametime server do not conflict. This topic applies only to IBM AIX, Linux, and
Sun Solaris servers.
Define trusted IP addresses:
About this task
If your server has multiple IP addresses but they do not all translate to single DNS
names, then you will need to configure Sametime and indicate which IP addresses
to trust:
1. Open the sametime.ini file and make the following change before saving the
file: Under [Config], add:
VPS_TRUSTED_IPS=comma_separated_list_of_IPv4_addresses_for_all_network_
interfaces_on_server
For example:
VPS_TRUSTED_IPS=9.51.251.231,9.51.251.232,9.51.251.233,
9.51.251.234,9.51.251.238
2. Using the IBM Lotus Notes Client, open the stconfig.nsf database, which is
located on the Sametime server.
3. Modify the Community Trusted IPs setting to equal the list of IPv4 addresses
that you specified in step 1.
Bind the Broadcast Server to all IP addresses:
About this task
By default, Broadcast Server will only bind to a single IP address and port. If
multiple IP addresses resolve to the same DNS name, then you will need to bind
all of them to the Broadcast Server by completing the following steps:
1. Start the Sametime server.
2. Log in as Administrator, and open the Sametime Administration Tool by
clicking Administer the Server.
3. Click Configuration → Connectivity → Broadcast gateway address for client
connections.
4. Do one of the following:
v Enter the specific IP Address you wish to use for Broadcast connections.
v Specify that the Broadcast Server should bind to ALL IP addresses on the
server.
5. Close the Sametime Administration Tool.
6. Open the meetingserver.ini file and make the following change before saving
the file: Under [SOFTWARE\Lotus\Sametime\BroadcastGateway\DBNL],
locate the entry:
IPBindAll=0
and change it to
IPBindAll=1
Specify a dotted IPv4 Address:
About this task
If you are specifying a DNS name for the Address for client connections → Host
name and Address for HTTP tunneled client connections → Host name fields,
then you must specify a dotted IPv4 Address that your Fully Qualified Domain
Name resolves to:
1. Start the Sametime server.
2. Log in as Administrator, and open the Sametime Administration Tool by
clicking Administer the Server.
3. Click Configuration → Connectivity.
4. Enter the dotted IPv4 Address in the following fields:
v Address for client connections → Host name
v Address for HTTP tunneled client connections → Host name
Verifying a community server installation on AIX, Linux, Solaris, or Windows:

After installing the Lotus Sametime Community Server, start the server and verify
that the installation was successful.
About this task
Follow these steps to confirm that you can connect to the community server.
1. On the Domino server, start the Domino server and Sametime Community
Server.
2. On the Sametime System Console system, start the Lotus Sametime System
Console.
3. Start the Deployment Manager for the cell.
4. From a browser, log in to the Integrated Solutions Console:
a. Enter the following URL, replacing serverhostname.domain with the fully
qualified domain name of the Lotus Sametime System Console server.
b. Enter the WebSphere Application Server User ID and password that you
5. Click Sametime System Console → Sametime Servers → Sametime Community
Servers.
6. In the Sametime Community Servers list, click the deployment name of the
server you installed.
7. Click any of the tabs to see the types of settings you can change. You will make
most configuration changes from these tabs.
8. Log in to the Sametime Administration Tool.
a. Using a browser, enter the URL http://serverhostname.domain:port/
stcenter.nsf
Replace serverhostname.domain with your Community Server name and add
the port number if you determined it is not the default port number 80. For
example: http://st85comm1.acme.com/stcenter.nsf
b. Log in with the Domino administrator’s name and password.
c. On the Sametime Welcome page, under Administrator Tools, click
Administer the server. You use the Sametime Administration Tool for some
server administration tasks.
Related concepts
“Starting and stopping servers running on Lotus Domino” on page 235
The IBM Lotus Sametime Community Server is configured as a set of services that
start and stop automatically when the Domino server is stopped or started.
Related tasks
“Guided activity: Preparing to install a Lotus Sametime Community Server” on
page 79
Enabling IPv6 support on a Lotus Sametime Community Server

Enabling support for IPv6 addressing on an IBM Lotus Sametime server involves
configuring settings for both Lotus Domino and Lotus Sametime.
Before you begin
Install Lotus Domino and a Lotus Sametime Community Server as described

earlier; these products must be installed before you can modify their configuration
settings.
Important: Due to the way the Lotus Sametime Community Server functions, you
must not disable IPv4 addressing in the server’s operating system. Even if you will
use IPv6-only addressing with the Lotus Sametime Community Server and with
your network, internal server components use IPv4 addresses (for example, in
loopback addresses) and will fail if the operating system does not support IPv4
addressing.
About this task
To enable support for IPv6 addressing on the Lotus Sametime Community Server,
modify the configuration settings for Lotus Domino and for Lotus Sametime as
explained in the following topics:
Configuring Lotus Domino to support IPv6 addressing:
The IBM Lotus Sametime Community Server is hosted on Lotus Domino. When
you enable support for IPv6 addressing on the Community Server, you must
additionally ensure that the underlying Lotus Domino server also supports IPv6.
Before you begin
Lotus Sametime supports IPv6 addressing only with Lotus Domino 8.0 or later. If
you use an earlier release of Lotus Domino, you must upgrade it to release 8.x
before you can configure it for IPv6 addressing.
About this task
The steps to enabling IPv6 support in Lotus Domino vary with the operating
system:
Configuring Lotus Domino for IPv6 addressing on AIX, Linux, or Solaris:
Before an IBM Lotus Sametime server can support IPv6 addressing on IBM AIX,
Linux, or Solaris, you must configure IPv6 support for the Lotus Domino server on
which it is hosted.
Before you begin
Lotus Domino and the Lotus Sametime Community server must be installed; the
Lotus Domino server must be running (it does not matter whether the Community
Server is also running at this point).
About this task
In Lotus Domino, only IPv4 addressing is enabled by default. Configuring Lotus

Domino to support IPv6 involves modifying the Lotus Sametime Community
Server’s ″Server″ document within the Lotus Domino Administrator interface, as
well as adding configuration settings to the notes.ini file used by Lotus Domino.

For information on supporting IPv6 with Lotus Domino, see ″IPv6 and Lotus
Domino″ in the Lotus Domino Administration information center at:
Lotus Domino Administration information center
1. To support both IPv4 and IPv6 addressing, update the ″Server″ document for
the Community Server so that both formats will be accepted:
Note: If you will only support IPv6 addressing, skip this step.
a. On the Lotus Domino/Lotus Sametime Community Server, start the
Domino Administrator client.
b. In the Domino Administrator, navigate to the Server pane and double-click
your Community Server’s name to select it.
This opens the corresponding ″Server″ document.
c. In the ″Server″ document, navigate to the Internet Protocols → HTTP tab.
d. Update the HTTP hostname field by entering the Community Server’s fully
qualified host name, followed by the explicit IPv4 and IPv6 IP addresses for
this server.
Attention: When you fill out this field, you must enter the values using
the following format:
v The first value in the field must a fully qualified host name (for example:
commsvr1.acme.com).
v The second and third values must be the explicit IP addresses (using IPv4
dot notation or IPv6 colon notation) that correspond to that host name;
the order of these two IP addresses does not matter.
v Separate values with a carriage return by pressing the ENTER key before
adding another value.
e. Save and close the ″Server″ document.
f. Restart the HTTP service on the Lotus Domino server by running the
following command in the console:
tell http restart
2. Enable support for IPv6 addresses by adding the following setting to the
notes.ini file, located in the Lotus Domino server data directory:
tcp_enableipv6=1
DONT_USE_REMEMBERED_ADDRESSES=1
Leave this file open for the next step.
3. (AIX and Solaris only) Add the following setting to the notes.ini file to define
the default zone for your server:
tcp_defaultzone=zone
In this statement, zone is the default zone; this information can be obtained by
running the ifconfig -a command.
4. Restart the Lotus Domino server so your changes can take effect.
Configuring Lotus Domino for IPv6 on Windows:
Before an IBM Lotus Sametime Community Server can support IPv6 addressing on
Microsoft Windows, you must configure IPv6 support for the IBM Lotus Domino
server on which it is hosted.
Before you begin
About this task

Domino to support IPv6 involves modifying the Lotus Sametime Community
Server’s ″Server″ document within the Lotus Domino Administrator interface, as
well as adding configuration settings to the notes.ini file used by Lotus Domino.
Domino″ in the Lotus Domino Administration information center at:
Lotus Domino Administration information center
1. To support both IPv4 and IPv6 addressing, update the ″Server″ document for
the Community Server so that both formats will be accepted:
Note: If you will only support IPv6 addressing, skip this step.
your Community Server’s name to select it.
This opens the corresponding ″Server″ document.
d. Update the HTTP hostname field by entering the fully qualified host name,
followed by the explicit IPv4 and IPv6 IP addresses for this server.
Attention: When you fill out this field, you must enter the values using
the following format:
v The first value in the field must a fully qualified DNS (for example:
commsvr1.acme.com).
v The second and third values must be the explicit IP addresses (using IPv4
dot notation or IPv6 colon notation) that correspond to that host name;
the order of these two IP addresses does not matter.
v Separate values with a carriage return by pressing the ENTER key before
adding another value.
tell http restart
2. Enable support for IPv6 addresses by adding the following settings to the
notes.ini file, located in the Lotus Domino server data directory:
tcp_enableipv6=1
In the next statement, zone is the default zone; this information can be obtained
by running the ipconfig /all command.
tcp_defaultzone=zone
This set of statements creates one port for IPv4 addressing (TCPIP) and another
port for IPv6 addressing (TCPIPV6):

TCPIP=tcp,0,15,0
TCPIPV6=tcp,0,15,0
tcpip_tcpipaddress=0,Domino_server's_IPv4_address
TCPIPV6_tcpipaddress=0,Domino_server's_IPv6_address
ports=tcpip,tcpipv6
Configuring the Lotus Sametime Community Server to support IPv6

addressing:
Configure settings to establish connectivity and resolve addresses when using IPv6
addressing on the IBM Lotus Sametime Community Server.
Before you begin
Enable support for IPv6 addresses on the Lotus Domino server hosting this Lotus
addressing.
About this task
Follow the steps below to configure IPv6 support on the Lotus Sametime
Community Server:
1. Stop the Community Server.
2. Locate the sametime.ini file in the Lotus Sametime Community Server’s data
directory, and open the file so you can edit it.
3. In the [Connectivity] section, add (or modify) the following statements:
UCM_RESOLVE_PREFERRED_IP_VER=IPv4_or_IPv6_selection
VPS_HOST=Explicit_IP_address_of_this_server
UCM_LOCAL_IP=Explicit_IP_address_of_this_server
VPHMX_HTTP_SERVER_IP=IP_address_of_Domino_HTTP_server
VPHMX_HTTP_SERVER_PORT=Domino_HTTP_port
where:
v UCM_RESOLVE_PREFERRED_IP_VER specifies which type of addresses should be
preferred when a domain name resolves to multiple addresses of both
protocols:
– If you support only IPv6 addressing, set this to ″6″ to disallow
IPv4–formatted addresses.
– If you support both IPv4 and IPv6 addressing, set this to ″4″ to allow both
protocols but attempt to resolve addresses, using IPv4 protocol first.
v VPS_HOST specifies the explicit IP address of this Lotus Sametime Community
Server. Use the IP address that matches the setting in
UCM_RESOLVE_PREFERRED_IP_VER. For example, if you set that value to ″4″ then
specify an IPv4–format address, but if you set that value to ″6″ then specify
an IPv6–format address.
v UCM_LOCAL_IP specifies the explicit IP address of this Lotus Sametime
Community Server. Use the IP address that matches the setting in
v VPHMX_HTTP_SERVER_IP specifies the IP address of the Lotus Domino HTTP
server running on this computer.
v VPHMX_HTTP_SERVER_PORT specifies the port used by the Lotus Domino HTTP
server running on this computer; normally this is port 80.
4. In the [Config] section, add (or modify) the following statement:
STLINKS_HOST=Explicit_IP_address_of_this_server
where STLINKS_HOST specifies the explicit IP address of this Lotus Sametime
specify an IPv4–format address, but if you set that value to ″6″ then specify an
IPv6–format address.
Table 5. Accepted values for STLINKS_HOST
Type of address Example
IPv4 explicit address (dot notation) 9.42.127.134
IPv6 explicit address using colon notation 2002:92a:8f7a:200:9:42:127:134
IPv6 explicit address using double-colon 3ef0::bee7:994:2e66
notation
IPv6 explicit address using IPv4–suffix 3ef0::bee7:9.148.46.102
notation
IPv4 ″any″ (four zeroes) 0.0.0.0
IPv6 ″any″ (a double colon) ::
5. Add (or modify) the following statements in the [Debug] section within the
sametime.ini file:
v If this Lotus Sametime Community Server will support both IPv4 and IPv6
addressing:
VPMX_DISABLE_CONFIGURATION_UPDATE=1
VPMX_HOSTNAME=::,0.0.0.0
VPMX_PORT=1533
VPHMX_HOSTNAME=::,0.0.0.0
VPHMX_PORT=8082
Where:
– VPMX_DISABLE_CONFIGURATION_UPDATE=1 requires all four of the statements
that follow it.
– VPMX_HOSTNAME specifies the addresses where the multiplexer residing on
this server handles Lotus Sametime client communications. (The
multiplexer was installed automatically as a part of the Lotus Sametime
Community Server; if you will additionally install a stand-alone
Community Mux, you will need to enable support for IPv6 addressing on
that server as well).
Table 6. Accepted values for VPMX_HOSTNAME
notation

Table 6. Accepted values for VPMX_HOSTNAME (continued)
notation
For example, set this to ::,0.0.0.0 to accept ″any″ address using either IP
protocol.
– VPMX_PORT specifies the port on which the multiplexer residing on this
server listens for client connections, normally port 1533.
– VPHMX_HOSTNAME specifies the addresses where the multiplexer residing on
this server handles HTTP client communications.
Table 7. Accepted values for VPHMX_HOSTNAME
notation
notation
protocol.
– VPHMX_PORT specifies the port on which the multiplexer residing on this
server listens for HTTP client connections, normally port 8082.
v If this Lotus Sametime Community Server will support only IPv6 addressing:
[Debug]
VPMX_HOSTNAME=::
VPMX_PORT=1533
VPHMX_HOSTNAME=::
VPHMX_PORT=8082
6. IBM i only: If you will support both IPv4 and IPv6 addressing, replace all of
the remaining Lotus Sametime Community Server host names in the
sametime.ini file with the correct IPv4 or IPv6 address, based on your address
preference as specified with the UCM_RESOLVE_PREFERRED_IP_VER setting.
For example:
v If the UCM_RESOLVE_PREFERRED_IP_VER setting is ″6″, change every occurrence
of stserver1.acme.com to 2001:db8:85a3:0:0:8a2e:370:7334 (the
corresponding IPv6 address).
of stserver1.acme.com to 9.42.127.134 (the corresponding IPv4 address).
8. Start the Community Server.
What to do next
If your Lotus Sametime Community Server is hosted on a Linux SuSE server, you
will additionally need to edit the ststart script to enable support for IPv6
addressing in SuSE as described in the next topic.
Enabling IPv6 addressing for a Community Server on Linux SuSE:
By default, support for IPv6 addressing is disabled in the version of IBM Lotus
Sametime that runs on Linux SuSE operating systems; you must enable IPv6
support in the ″ststart″ script used by Lotus Sametime on a Linux SuSE server.
Before you begin
Previous releases of Lotus Sametime did not support IPv6 addressing. Because the
Linux SuSE operating system already supported IPv6 by default, it was necessary
to specifically disable IPv6 for Lotus Sametime on those servers. If you want to
support the use of IPv6 addresses with Lotus Sametime on a Linux SuSE server,
you must re-enable support for IPv6 by modifying the ststart script.
Note: This task is needed only for Linux SuSE servers.

1. On the Community Server, open a command window and navigate to the
Lotus Sametimedata directory (for example, /local/notesdata).
2. Open the ststart script so you can edit it.
3. Comment out the following statements by inserting the # character at the
beginning of each line:
if [ -f /etc/SuSE-release ]; then
IBM_JAVA_OPTIONS=-Djava.net.preferIPv4Stack=true
export IBM_JAVA_OPTIONS
fi
The statements should now look like this:
#if [ -f /etc/SuSE-release ]; then
# IBM_JAVA_OPTIONS=-Djava.net.preferIPv4Stack=true
# export IBM_JAVA_OPTIONS
#fi
5. Restart the Community Server.
Installing and setting up a separate Community Services

multiplexer
Installing and setting up a separate Community Services multiplexer involves the
following considerations and procedures. The multiplexer can be installed on AIX,
Linux, Solaris, and Windows and can also be connected to an IBM i deployment
through one of those platforms.
Planning to install a separate multiplexer for a single Sametime Community

Server:
Consider the requirements of the Community Server multiplexer machine before

installing it.
v Community Server multiplexer installation files are available for Windows, AIX,
Linux, and Solaris. A separate Community Server multiplexer cannot be installed
on IBM i. However, Sametime on IBM i supports the use of a separate
multiplexer installed on a Windows system.

v The minimum system requirements for the Community Server multiplexer
machine are the same as the system requirements for the core Sametime
Community Server.
v A machine that meets the minimum system requirements should be able to
handle approximately 20,000 simultaneous client connections.
v Testing indicates that machines with dual 1133 MHz CPUs and 2 GB of RAM
can handle approximately 30,000 simultaneous client connections.
v TCP/IP connectivity must be available between the Community Server
multiplexer machine and the Sametime Community Server. Port 1516 is the
default port for the connection from the Community Server multiplexer machine
to the Sametime Community Server.
Installing the Community Services multiplexer:
To deploy a stand-alone Community Services multiplexer, install it on a separate

computer.
About this task
Follow these steps to install the Community Services multiplexer:

1. Insert the Lotus Sametime CD into the Community Services multiplexer
machine, start the installation program, and choose the option to install the
Community Services Mux.
2. At the ″Select a language″ screen, select a language for the installer, and then
click OK.
3. At the ″Welcome″ screen, click Next.
4. At the license agreement screen, click I accept both the IBM and the non-IBM
terms, and then click Next.
5. At the ″Directory name″ screen, browse to a the directory where you want to
install the Community Mux (or accept the default), and then click .Next
6. At the ″Host name or IP address″ screen, enter the fully qualified host name of
the Lotus Sametime Community Server that this Community Mux will serve.
For best results, do not use an IP address.
7. At the summary screen, click Install.
8. At the ″successfully installed″ screen, click Finish.
Connecting to a Sametime Community Mux server:
Use the IBM Lotus Sametime System Console to connect to a Lotus Sametime
Community Mux and validate its settings.
Before you begin
Start the Lotus Sametime Community Mux if it is not already running.
About this task
If you have not already opened the Connect to Sametime Community Mux Servers
activity, follow these steps:
the fully qualified host name of the Lotus Sametime System Console server (for
example stconsole.acme.com).
continue.
4. Expand Sametime Prerequisites, and click Connect to Sametime Community
Mux Servers.
Related concepts
Related tasks
Sametime prerequisite: Connecting to a Sametime Community Mux Server:
Validate the host name and ports specified for a new IBM Lotus Sametime
Community Mux server.
Before you begin
Use this page to validate the host name of a new Community Mux, along with the
ports on which it will listen for client connections. This ensures you have a
working multiplexer before you attempt to connect it to a Lotus Sametime
Community Server or cluster.
1. Connect to Sametime Community Mux Servers.
Click Add to begin the guided activity, which lets you validate your installed
Lotus Sametime Community Mux servers before connecting them to
Community Servers.
You can optionally edit or delete connections to Community Mux servers. Click
Refresh to view your most recent changes.
2. Add Sametime Community Mux Servers.
a. In ″Connect to Sametime Community Mux Servers″, click Add.
b. In the Host Name field, type the fully qualified host name of the new
Sametime Community Mux (for example: mux1.acme.com).
c. Accept the default settings for the Client Port and Client HTTP Port fields.
These settings indicate the ports that the multiplexer will listen on for
connections from Lotus Sametime Connect clients and from Web clients,
respectively.
d. Click Save.
The connection to the Lotus Sametime Community Mux is validated when
you save the settings.
Configuring security for the multiplexer:
Update the CommunityConnectivity document in the stconfig.nsf database to

enable the Sametime Community Server to accept connections from the
Community Server multiplexer.

About this task
A Sametime Community Server only accepts connections from a Community

Services multiplexer that is listed in the ″CommunityTrustedIps″ field of a
″CommunityConnectivity″ document to prevent an unauthorized machine from
connecting to the Sametime Community Server.
1. Use a Lotus Notes client to open the stconfig.nsf database on the Sametime
Community Server.
2. Open the CommunityConnectivity document in the stconfig.nsf database by
double-clicking on the date associated with the document.
If the CommunityConnectivity document does not exist in the stconfig.nsf
database, you must create it. To create the CommunityConnectivity document,
choose Create → CommunityConnectivity from the menu bar in the stconfig.nsf
database.
3. In the ″CommunityTrustedIps″ field, enter the IP addresses of the Community
Services multiplexer machine(s). If you enter multiple addresses, separate each
address with a comma.
The IP addresses of SIP Connector machines associated with a Sametime
community are also entered in this field.
4. Save and close the CommunityConnectivity document.
Configuring the sametime.ini file for the multiplexer:
When the multiplexer is installed on a separate machine, the configuration of the

multiplexer is controlled by the settings in the sametime.ini file on the multiplexer
machine. Review the settings in the Sametime.ini file on the multiplexer machine
to confirm that they are appropriate for your site.
About this task
Notes about maximum user and server connections with a multiplexer:

v When the Community Services multiplexer is installed on a separate machine,
Community Services users do not connect to the Sametime server. Therefore, the
Maximum user and server connections to the Community Server setting in the
Sametime Administration Tool for the Sametime Community Server does not
apply. Use the VPMX_CAPACITY= parameter in the multiplexer’s sametime.ini
file to control the maximum number of connections.
v Multiplexer machines that meet the minimum system requirements can
successfully handle 20,000 connections. This value may vary depending on the
processing capabilities of the multiplexer machine. Multiplexer machines that
have dual 1133 MHz CPUs and 2GB of RAM can successfully handle as many as
30000 connections.
Follow these steps to confirm or change the settings for VPS_HOST, VPS_PORT,
and VPMX_CAPACITY, open the sametime.ini file on the Community Server
multiplexer machine.
1. Open a text editor on the Community Server multiplexer machine.
2. Open the Sametime.ini file located in the Sametime server installation directory
(the default directory in Windows is C:\program files\lotus\domino).
3. Confirm the host name (VPS_HOST) of the Sametime server to which the
Community Services multiplexer connects (specified during the Community
Services multiplexer installation and in the stconfig.nsf database.
4. Confirm the port (VPS_PORT) the Community Services multiplexer uses to
establish the connection with the Sametime server (default port 1516).
5. Confirm or change the maximum number of simultaneous connections allowed
to the multiplexer (VPMX_CAPACITY).
The default value is 20,000 connections:
VPMX_CAPACITY=20000
6. Save the sametime.ini file.
Configuring a stand-alone Community Mux for IPv6:
Configure settings to establish connectivity between an IBM Lotus Sametime server

and a stand-alone Lotus Sametime Community Mux when using IPv6 addressing.
About this task
Each Lotus Sametime server contains a local Community Services multiplexer

component. The multiplexer handles and maintain connections from Lotus
Sametime clients to the Community Services on the Lotus Sametime server. If your
multiplexer is hosted on the same server as Community Services, it was already
enabled for IPv6 support when you configured the Community Services.
If you installed a stand-alone Community Mux (hosted on a separate server), you

can enable IPv6 support as described below.
1. Stop the multiplexer.
2. Locate the sametime.ini file in the Sametime Community Mux installation
3. Add (or modify) the following statements to the [Connectivity] section within
the file:
Note: The first three settings must match the values used for the Lotus
Sametime server where Community Services are hosted; these values must use
the same IP protocol as well.
VPS_HOST=Explicit_IP_address_of_Sametime_server
UCM_LOCAL_IP=Explicit_IP_address_of_Community_Mux
where:
protocols:
protocols but attempt to resolve addresses using IPv4 protocol first.
– If you support only IPv6 addressing, set this to ″6″ -- this will still allow
both protocols, but will attempt to resolve addresses using IPv6 protocol
first in case your operating system is enabled for both IP protocols.
v VPS_HOST specifies the explicit IP address of the Lotus Sametime server to
which this Community Services multiplexer connects. This value must use
the format specified in UCM_RESOLVE_PREFERRED_IP_VER; for example if you
entered a ″4″ for that setting, then you must provide an IPv4–format IP
address here.
v UCM_LOCAL_IP specifies the explicit IP address of the Community Mux
machine (using dot notation for IPv4 protocol or colon notation for IPv6

protocol). This value must use the format specified in
UCM_RESOLVE_PREFERRED_IP_VER; for example if you entered a ″4″ for that
setting, then you must provide an IPv4–format IP address here.
server where Lotus Sametime is running.
server where Lotus Sametime is running; normally port 80.
sametime.ini file:
v If this Lotus Sametime server will support both IPv4 and IPv6 addressing:
VPMX_PORT=1533
VPHMX_PORT=8082
Where:
that follow it.
– VPMX_HOSTNAME specifies the addresses where this multiplexer serves Lotus
Sametime client communications.
notation
notation
protocol.
– VPMX_PORT specifies the port on which this multiplexer listens for client
connections, normally port 1533.
– VPHMX_HOSTNAME specifies the addresses where this multiplexer serves
HTTP client communications.
notation
notation
protocol.
– VPHMX_PORT specifies the port on which the stand-alone Community Mux
listens for HTTP client connections, normally port 8082.
v If this Lotus Sametime server will support only IPv6 addressing:
[Debug]
VPMX_HOSTNAME=::
VPMX_PORT=1533
VPHMX_HOSTNAME=::
VPHMX_PORT=8082
6. Restart the Community Mux so your changes can take effect.
Configuring client connectivity to the multiplexer:
After you have configured the Community Server multiplexer, give users the DNS
name of the multiplexer and instruct them to set up their Sametime Connect
preferences to connect to the multiplexer instead of the Sametime Community
Server.
About this task
Each user must update the Sametime Connect client with the DNS name of the
multiplexer. If you have deployed multiple Community Server multiplexers,
distribute users evenly among the machines. For example, with two multiplexers,
direct half of your users to use multiplexer 1 and the other half to use multiplexer
2.
1. Open Sametime Connect.
2. Choose File → Preferences → Server Communities.
3. In the Server Community field, type the DNS name of the Community Server
multiplexer machine, such as messaging.acme.com, as instructed by the
administrator.
Load-balancing client connections to multiplexers (optional):
Dynamically load-balancing connections to multiple Community Services

multiplexers is an optional procedure.
Set up load balancing in one of these ways:

v Set up a rotating DNS system to accomplish load balancing. Use rotating DNS to
associate the IP addresses of the Community Services multiplexer machines to a
single DNS name.
For example, associate the IP address of Community Services multiplexer
machine 1 (11.22.33.44) and Community Server multiplexer machine 2
(11.22.33.55) to the DNS name cscluster.sametime.com.
v Set up an IBM WebSphere Edge Server (Network Dispatcher) in front of the
Sametime servers that you intend to cluster. Use the WebSphere Edge Server
Network Dispatcher to distribute connections to the Community Services
multiplexer machines. See the documentation for the IBM WebSphere Edge
Server for more information.

Installing a Lotus Sametime Proxy Server
The IBM Lotus Sametime Proxy Server enables browser-based clients to participate
in Lotus Sametime instant messaging and online meetings. In addition, the Lotus
Sametime Proxy Server works with Lotus Sametime Community Server or Lotus
Connections to enable the business card feature in Lotus Sametime, and with Lotus
Sametime Unified Telephony or other TCSPI-enabled products to enable the Lotus
Sametime click-to-call feature. The Lotus Sametime Proxy Server also provides live
names awareness, and can replace the Links Toolkit used in earlier releases of Lotus
Sametime.
Preparing to install a Lotus Sametime Proxy Server

Proxy Server by pre-populating values required for installation.
Before you begin
Start the Lotus Sametime System Console if it is not already running.
About this task
If you have not already opened the Install Lotus Sametime Proxy Server guided
4. Click Sametime Guided Activities → Install Sametime Proxy Server.
Related tasks
Guided activity: Preparing to install a Lotus Sametime Proxy Server:
Before you begin
The following servers must be installed and running:

v LDAP server
v Lotus Sametime System Console
v Lotus Sametime Community Server, installed using a deployment plan created
on the System Console
About this task
Follow these steps to store a deployment plan on the Sametime System Console to
be used when you run the installation program for Lotus Sametime Proxy Server.

In the Install Sametime Proxy Server portlet, click Create a New Deployment
Plan, and then click Next.
2. Deployment Name.
a. Give the deployment plan a unique, recognizable name, which will be
shown only in the Sametime System Console, and then click Next.
The name should include the installation and node type, such as
stProxy_primary. You can include multibyte characters, symbols, and spaces
in the name. The name can be up to 256 characters and is not case sensitive.
b. Click Existing Sametime Community Server, select the Lotus Sametime
Community Server to which you want to connect the Lotus Sametime Proxy
Server, and then click Next.
3. Choose the configuration type.
Select the profile type for this installation, and then click Next:
Pilot use: Select Cell Profile.
Production use:
Add this server to the Sametime System Console cell by selecting the
appropriate Network Deployment option.
v First server of this type: Select Network Deployment - Primary Node.
v Additional server of this type: Select Network Deployment - Secondary Node.
If you will use the Lotus Sametime System Console as the Deployment
Manager for a Lotus Sametime Proxy Server cluster, there is no need to install a
Lotus Sametime Proxy Server with the Deployment Manager option.
4. WebSphere Profile Settings.
a. Type the fully qualified host name of the server where you will be installing
the Lotus Sametime Proxy Server.
b. Enter the user name and password to be used as the WebSphere
Application Server administrator on the Sametime Proxy Server, and then
click Next.
Important: This must be a unique user ID that does not exist in the LDAP
directory.
What to do next
“Installing a proxy server on AIX, Linux, Solaris, or Windows”
Installing a proxy server on AIX, Linux, Solaris, or Windows

Sametime Proxy Server.
Before you begin
You should have already created a deployment plan for the Lotus Sametime Proxy
Server and started the Lotus Sametime System Console server. If you are logged
into the Sametime System Console, log out and close the browser before
continuing.

work as well).
About this task
Sametime server.
permissive.
3. Download the installation package if you have not already done so. This
installation uses SametimeProxyServer.zip.
AIX, Linux, Solaris
./launchpad.sh
Windows
launchpad.exe
dropdown list.
6. Click Install IBM Lotus Sametime Proxy Server and click Launch IBM Lotus
Sametime Proxy Server 8.5 installation.
7. Select the packages you want to install and click Next.
9. Select a package group option and accept the installation directory. Then click
Next.

Select Create a new package group if you have not installed any other
Sametime software on this machine.
Leave Use the existing package group selected if you are installing several
Sametime servers on the same machine.
10. Select IBM Lotus Sametime Proxy Server as the feature to install and select
Use Lotus Sametime System Console to install. Click Next.
11. At the WebSphere Profile settings screen, supply values for connecting to the
Lotus Sametime System Console.
v Host Name: Provide the Host Name for the Lotus Sametime System
Console. The Host Name was determined when you installed the Lotus
connection.
v HTTPs Port: Leave 9443 as the default value.
v User ID and password: Provide the WebSphere Application Server User ID
and password that you created when you installed the Lotus Sametime
System Console.
12. Provide the host name for the machine you are currently using, which is the
installation.
13. Click Validate to log in to the Lotus Sametime System Console.
The button name changes to Validated after you log in.
14. When you are logged in, click Next.
15. Select the Lotus Sametime Proxy Server deployment plan you created earlier
with the Lotus Sametime System Console guided activity. Then click Next.
16. Review the deployment settings, then click Next.
installation.
Results
Windows 2008
Windows 2003

SSC connection log:

What to do next
Managing trusted IP addresses

Related tasks
“Guided activity: Preparing to install a Lotus Sametime Proxy Server” on page 101
243
Verifying a proxy server installation on AIX, Linux, Solaris, or Windows:
Open the Sametime Web client to verify that the installation was successful.
About this task
Follow these steps to verify the installation.

1. Using a browser, log in to the Lotus Sametime Proxy Server application with
the following command: http://serverhostname.domain:port/stwebclient/
index.jsp
Replace serverhostname.domain with your server name and add the port number.
Tip: To verify the port number being used by the Lotus Sametime Proxy
Server, log in the Lotus Sametime System Console. In the WebSphere
Application Server administrative console, click Servers → WebSphere
application servers → STProxyServer → ports → WC_defaulthost to find the port
number.
For example: http://st85proxy1.acme.com:9081/stwebclient/index.jsp
2. Verify that you can create or view contacts.
Related tasks
“Logging in to the Lotus Sametime System Console” on page 63

Whenever you install a server that communicates with an IBM Lotus Sametime
Community Server, you must add the new server’s IP address to the Community
Server’s settings.

About this task
The Lotus Sametime Community Server accepts connections from the Lotus
Sametime Media Manager, the Lotus Sametime Gateway, the Lotus Sametime
Community Mux, and the Lotus Sametime Proxy Server, as well as other servers
that are listed in the Community Services page. To ensure that the Lotus Sametime
Community Server trusts these components when they establish a connection, you
must add the trusted server’s IP address to the Lotus Sametime Community
Server.
You do not need to add the Lotus Sametime System Console’s IP address because
it is added automatically when you install the Lotus Sametime Community Server
using a deployment plan or register the Lotus Sametime Community Server with
the console after installation.
This task must be completed separately for each server within a Lotus Sametime
Community Server cluster, as well as for multiple non-clustered Community
Servers.
1. Log in to the Integrated Solutions Console.
Servers.
server with the list of trusted IP addresses that you want to change.
4. Click the Connectivity tab.
5. Under Trusted Servers, enter the IP address of the server that must connect to
the Lotus Sametime Community Server in the New IP Address field, and click
Add.
Note: For the Lotus Sametime Media Manager, enter the Conference Manager
server IP address. Each instance of a Conference Manager cluster must be
entered.
To delete an IP address from the list, select it and click Delete Selected.
6. Click OK.
7. Restart the Lotus Sametime Community Server for the change to take effect.
Installing the FIPS Server

IBM Lotus Sametime supports the U.S. government-defined security requirements
for cryptographic modules known as FIPS 140-2 (Federal Information Processing
Standard 140-2). Installing the FIPS Server is only necessary if your Lotus
Sametime deployment must be FIPS-compliant; otherwise, it is optional.
Before you begin
You should have already installed the IBM Lotus Sametime Server Console and the
Lotus Sametime Proxy Server.
About this task
To maintain FIPS 140-compliance for all data exchanged between clients and Lotus
Sametime Community Servers, you must install the FIPS Server on the Lotus
Sametime Proxy Server to accept data on behalf of Lotus Sametime Community
Servers.

If you want to administer the FIPS Server from the Sametime Systems Console,
you must install the FIPS administration portlet before you install the FIPS Server.
The FIPS administration portlet can connect to the FIPS Server only if the it has
been installed on the Lotus Sametime Proxy Server, and you must always restart
the Lotus Sametime Proxy Server if you make any configuration changes using the
administration portlet. You cannot have multiple FIPS Servers running on the same
machine.
If you do not install the FIPS administration portlet, you can manage the FIPS
Server using information in FIPS Support for IBM Lotus Sametime 8.
1. Install the FIPS administration portlet into the Sametime System Console of
the Integrated Solutions Console. Go to WebSphere\STSCServerCell\
optionalConsoleApps\fips.proxyadmin and install the portlet using the
instructions in the readme.txt.
2. Copy sametimefipsproxy.war from setup\STIPLaunchpad\disk1\FIPSProxy on
the image disk to your local drive.
3. Log in to the Integrated Solutions Console on the machine where you are
installing the FIPS Server.
4. Click Applications → Application Types → Websphere Enterprise
Applications.
5. On the Enterprise Applications page, click Install. .
6. Under Path to the new application, browse to the sametimefipsproxy.war file.
Keep the default settings to install the server, and then click Next
7. Enter the context root that you want for the FIPS Server.
8. Click Finish and save the configuration.
9. Restart the Lotus Sametime Proxy Server to automatically start the FIPS
Server.
11. Click Sametime System Console → Sametime Servers → FIPS Proxy Servers.
You can only edit data for FIPS if the FIPS war is running on the installed
server. Make sure that your FIPS Server is running in order to administer it.
Note: Currently, You cannot administer the per-node configuration or vertical

clustering of FIPS on the Sametime System Console.
12. Click the FIPS Server that you installed.
13. Enter a fully qualified inbound host name and port and an outbound host
name and port to which FIPS connects, and then click OK.
14. Restart the Lotus Sametime Proxy Server again to automatically start the FIPS
Server.
Installing a Lotus Sametime Media Manager

Media Manager.
Preparing to install a Lotus Sametime Media Manager

Media Manager by pre-populating values required for installation. The media
manager runs on Linux and Windows only.
Before you begin

About this task
If you have not already opened the Install Lotus Sametime Media Manager guided
4. Click Sametime Guided Activities → Install Sametime Media Manager.
Related tasks
Guided activity: Preparing to install a Lotus Sametime Media Manager:
which collects information that pre-populates installation screens. The IBM Lotus
Sametime Media Manager runs on Linux and Microsoft Windows only. The media
manager is comprised of three components: Proxy/Registrar, Conference Manager,
and Packet Switcher. In a production environment, you should install these Media
Manager components on separate machines for better performance.
Before you begin
The instructions below assume you have decided what type of deployment plan
you are setting up for the Media Manager. A pilot deployment uses one machine
and one deployment plan. A production deployment typically distributes each
Media Manager component on a separate machine and therefore uses multiple
deployment plans. In addition, you can cluster the Proxy/Registrar and Conference
Manager components, which requires a deployment plan for the component’s
primary node and another deployment plan for secondary nodes. Clustering is not
available for the Packet Switcher; it is also not available for an ″All Components″
installation of the Media Manager, which includes the Packet Switcher.
v Pilot deployment prerequisite
You must have installed a Lotus Sametime Community server using a
deployment plan.
v Production deployment prerequisites
The SIP Proxy and Registrar requires that you have installed a Lotus Sametime
Community server using a deployment plan.
The Conference Manager requires that you have installed a Lotus Sametime
Community server and a SIP Proxy and Registrar using deployment plans.
The Packet Switcher requires that you have installed a Lotus Sametime
Community server and a Conference Manager using deployment plans.
Create deployment plans and install each component in this order to meet
prerequisites:
1. SIP Proxy and Registrar
2. Conference Manager
3. Packet Switcher

About this task
be used when you run the installation program for Lotus Sametime Media
Manager or one of its components.
In the Install Sametime Media Manager portlet, click Create a New
2. Deployment Name.
stMedia_primary or stMediaProxReg_primary. You can include multibyte
characters, symbols, and spaces in the name. The name can be up to 256
characters and is not case sensitive.
3. Media Manager Feature Installation.
Select which components to install, and then click Next:
Pilot use: Click Install All Components to install all media manager
components on the same computer.
Production use: Select the component to install on the current computer.
v Install Proxy/Registrar
v Install Conference Manager
v Install Packet Switcher
Attention: The Packet Switcher can only be deployed with Conference

Managers that have already been installed and registered with the Lotus
Select the profile type for this installation, and then click Next
Production use:
v First server of this type: Select Network Deployment - Primary Node. (The
Packet Switcher must be installed using the Primary Node option).
v Additional SIP Proxy and Registrar or Conference Manager: Select Network
Deployment - Secondary Node. (The secondary node option does not apply
to a Packet Switcher installation because Packet Switchers cannot be
clustered.)
Manager for a SIP Proxy and Registrar cluster, there is no need to install a SIP
Proxy and Registrar with the Deployment Manager option. If you will use the
Lotus Sametime System Console as the Deployment Manager for a Conference
Manager cluster, there is no need to install a Conference Manager with the
Deployment Manager option.
the media manager component.

Application Server administrator on the Sametime Media Manager server,
and then click Next.
directory.
6. Connect to Community Server.
Select the deployment plan that represents the Community Server to which this
Media Manager component (or components) connect, and then click Next.
For a Conference Manager deployment plan, also select the existing
Proxy/Registrar deployment plan. For a Packet Switcher deployment plan, also
select the existing Conference Manager deployment plan.
Repeat this guided activity for each media manager component you plan to
install on a separate computer.
What to do next
“Installing a media manager on Linux or Windows”
Installing a media manager on Linux or Windows

Run the installation program on the machine where you plan to install Lotus
Sametime Media Manager. The media manager runs only on Linux or Windows.
Before you begin
You should have already created a deployment plan for the Lotus Sametime Media
Manager and started the Lotus Sametime System Console server. If you are logged
continuing.
Linux: The launchpad install program needs to be able to launch a Web browser to
start. You will need to be on the console or have an X server and a Web browser
installed and configured. (VNC or a remote X term session will work as well).
About this task
Sametime server.
permissive.
as root (Linux).
3. Download the installation package for the Sametime Media Manager if you
have not already done so.
Linux
./launchpad.sh
Windows
launchpad.exe
dropdown list.
6. Click Install IBM Lotus Sametime Media Manager and click Launch IBM
Lotus Sametime Media Manager 8.5 installation.
7. Select the version you want to install and click Next.
Next.
10. Select IBM Sametime Media Manager as the feature to install and select Use
Lotus Sametime System Console to install. Click Next.
11. At the SSC Login screen, supply values for connecting to the Lotus Sametime
System Console.
v Host name: Provide the fully qualified domain name in the Host Name
field for the Lotus Sametime System Console. The host name was
determined when you installed the Lotus Sametime System Console.
connection.
v HTTPs port: Leave 9443 as the default value.
System Console.
installation.

15. Select the Lotus Sametime Media Manager deployment plan you created
Next.
installation.
Results
Linux
Windows 2008
Windows 2003
SSC connection log:

What to do next
Related tasks
“Guided activity: Preparing to install a Lotus Sametime Media Manager” on page
108
which collects information that pre-populates installation screens. The IBM Lotus
Sametime Media Manager runs on Linux and Microsoft Windows only. The media
manager is comprised of three components: Proxy/Registrar, Conference Manager,
and Packet Switcher. In a production environment, you should install these Media
Manager components on separate machines for better performance.
Managing trusted IP addresses:

About this task
Server.
Servers.
Servers.
Add.
entered.
6. Click OK.
Increasing the heap size for a non-clustered SIP Proxy and Registrar
component:
If you installed the IBM Lotus Sametime Media Manager using the Cell profile
option to create a non-clustered server, increase the maximum heap size for the SIP
Proxy and Registrar component. Complete this task regardless of whether the SIP
Proxy and Registrar component is hosted on a computer with other media
manager components, or is hosted separately.
Before you begin
Install the Lotus Sametime Media Manager using the Cell profile to create a
non-clustered server. If you installed the SIP Proxy and Registrar on a separate
computer, complete this task on that server.

Note: If you installed the SIP Proxy and Registrar component using the Primary
Node or Secondary Node option so you can create a cluster, skip this task.
Federating a server into a cluster overwrites the heap settings, so you will
complete this task after creating the cluster.
About this task
Typically, the total value of all server instance JVM heap sizes on a specific node
must be less than half of the total RAM of that computer.
1. Log in to the SIP Proxy and Registrar’s Integrated Solutions Console as the
WebSphere administrator.
2. Click Servers → Server Types → WebSphere application servers → .
3. Click a server name to display the ″Configuration″ page for the server.
4. In the Server Infrastructure section, click Java and process management, and
then click Process definition.
5. Under ″Additional Properties″ click Java virtual machine.
6. Under ″General Properties″ specify the heap size settings as follows:
Table 10. Heap settings for the SIP Proxy and Registrar
Initial heap size 256
Maximum heap size 1024
7. In the Generic JVM arguments field, type the following information exactly as
shown:
-Xverbosegclog:${SERVER_LOG_ROOT}/gc.log,1,14000
This will create an approximately 20MB rolling verbose GC log file, stored in
the server logs directory.
8. Click OK.
9. Save your changes by clicking the Save link in the ″Messages″ box at the top of
the page.
Verifying a media manager installation on Linux or Windows:
After installing the Lotus Sametime Media Manager, verify that you can use
audio-visual services.
About this task
Follow these steps to verify that the server started automatically after installation
and that you can use audio-visual services from the Sametime Connect client.
1. Check the WebSphere Application Server systemout.log and systemerr.log for
any exceptions.
2. From a browser, log in to the Lotus Sametime System Console:
a. Enter the following URL, replacing serverhostname.domain with the fully
qualified domain name of the Lotus Sametime System Console server.
b. Enter the WebSphere Application Server User ID and password that you
c. Click the Sametime System Console task to open it in the navigation tree.
3. Click Servers → Server types → WebSphere application servers.

4. Find the Media Manager server in the list and verify that the status column
shows that the server is running.
5. Log in to the Lotus Sametime Client and verify that you can use audio-visual
services in a meeting or a chat.
Installing a Lotus Sametime Meeting Server

Meeting Server.
Creating a database for the Lotus Sametime Meeting Server on

AIX, Linux, Solaris, and Windows
Before installing the Lotus Sametime Meeting Server on AIX, Linux, Solaris, and
Windows, create a database to store its data.
Before you begin
If you previously created a Meeting Server database and want to run the script
again to create a database of the same name, use the DB2 DROP DATABASE
command to delete all user data and log files, as well as any back/restore history
for the original database. Also note that uninstalling DB2 does not remove the data
and log files.
About this task
create the database for the Lotus Sametime Meeting Server.
during DB2 installation.
folder:
./createMeetingDb.sh STMS
Windows
createMeetingDb.bat STMS
Replace ″STMS″ in the command if you want to choose a different database
4. Close the DB2 command window.
AIX, Linux, and Solaris:
Windows:
Click Start → Programs → IBM DB2 → General Administration Tools → Control
Center.

Related tasks
Connecting to a DB2 database

Use the Lotus Sametime System Console to connect to the Lotus Sametime Meeting
Server or Lotus Sametime Gateway database before installing the server from the
System Console. If you installed the server without using the System Console (as is
the case with the Sametime Meeting Server on IBM i and Sametime Gateway on
any platform), do this step before registering the server with the System Console.
Before you begin
About this task
If you have not already opened the Connect to DB2 Databases activity, follow these
steps:
Sametime System Console installation results summary or use the setting
specified for the Administrative console secure port in the AboutThisProfile.txt
file. For the Sametime System Console Deployment Manager Profile
(STSCDmgrProfile), the file is located in the following path:
4. Click Sametime Prerequisites → Connect to DB2 Databases.
Related tasks
Sametime prerequisite: Connecting to a DB2 database:
This activity takes you through the steps for connecting to the Meeting Server or
Gateway database you created.
Before you begin
AIX, Linux, Solaris, Windows: Ensure that IBM DB2 has been installed and that
you have created the Sametime Meeting Server or Gateway database.
IBM i: Ensure that you have created the required database schemas and tables.
In the Connect to DB2 Databases portlet, verify that the Lotus Sametime System
Console database you created earlier is already displayed in the list of databases.

About this task
Follow these steps to connect to the Meeting Server or Gateway database. You
must do this before you can install the Meeting Server using the Sametime System
Console. If you installed the server without using the System Console (as is the
case with the Sametime Meeting Server on IBM i and Sametime Gateway on any
platform), do this step before registering the server with the System Console.
1. DB2 Configuration Guided Activity.
Click Add to begin the guided activity that will connect your server to the DB2
database. If a connection already exists, you can optionally edit or delete it.
2. Add a new database.
a. In the Connect to DB2 Databases portlet, click Add.
If you want to edit or delete a database instead, then select one, and click
the appropriate button.
b. Enter the fully qualified host name of the DB2 server in the Host name
field.
Do not enter an IP address or a short host name.
c. The Port field shows the default port of 50000. Accept the default unless
you specified a different port during DB2 installation or your server is using
a different port.
availability. Check the /etc/services file on the DB2 server to verify the
port number being used.
d. In the Database name, field, enter the name of the database you want to
connect to.
Meeting Server database
On AIX, Linux, Solaris, and Windows, the database name is STMS unless
you changed it.
On IBM i, the name is always STMS.
Gateway database
For AIX, Linux, Solaris, and Windows, the database name is STGWDB
unless you changed it.
For IBM i, use the name you specified when creating the database schemas.
e. In the Application user ID field, supply the DB2 application’s
administrative user name that you created when you installed DB2, such as
db2admin. This user has database administration authority and you will use
this user ID and password whenever you work with DB2 databases for
Lotus Sametime. On IBM i, this is the user profile you specified as the
owner of the Meeting Server database schemas in your copy of the
stms.default.response.properties file or the user profile you logged in with
when you created the Gateway database schemas.
f. In the Application password field, enter the password for the DB2
administrative user ID.
g. If you are connecting to a database on an IBM i server, click Hosted on
IBM i.
h. Click Finish.
Preparing to install a Lotus Sametime Meeting Server

Meeting Server by pre-populating values required for installation.

Before you begin
About this task
If you have not already opened the Install Lotus Sametime Meeting Server guided
4. Click Sametime Guided Activities → Install Sametime Meeting Server.
Related tasks
Guided activity: Preparing to install a Lotus Sametime Meeting Server:
Before you begin
You have set up an IBM DB2 database and an LDAP server, and have run the
guided activities for connecting to the DB2 database and to the LDAP server.
About this task
Meeting Server.
In the Install Sametime Meeting Server portlet, click Create a New
2. Deployment Name.
stMeeting_primary. You can include multibyte characters, symbols, and spaces
Production use:

Manager for a Lotus Sametime Meeting Server cluster, there is no need to
install a Lotus Sametime Meeting Server with the Deployment Manager option.
the Lotus Sametime Meeting Server.
Application Server administrator on the Sametime Meeting Server, and then
click Next.
directory.
5. Choose a database for this deployment.
Select the Lotus Sametime Meeting Server database that you configured with
the Lotus Sametime System Console activity, and then click Next.
If you used the recommended name when you created the Sametime Meeting
Server database, the name is STMS.
Select the LDAP directory that you configured with the Lotus Sametime System
What to do next
“Installing a meeting server on AIX, Linux, Solaris, or Windows”
Installing a meeting server on AIX, Linux, Solaris, or Windows

Sametime Meeting Server.
Before you begin
Meeting Server and started the Lotus Sametime System Console server. If you are
logged into the Sametime System Console, log out and close the browser before
continuing.
work as well).
About this task

Sametime server.
permissive.
3. Download the Meeting Server installation package if you have not already
done so.
AIX, Linux, Solaris
./launchpad.sh
Windows
launchpad.exe
dropdown list.
6. Click Install IBM Lotus Sametime Meeting Server and click Launch IBM
Lotus Sametime Meeting Server 8.5 installation.
Next.
10. Select IBM Lotus Sametime Meeting Server 8.5.0 as the feature to install and
select Use Lotus Sametime System Console to install. Click Next.
11. At the Common Configurations screen, supply values for connecting to the

v Host Name: Provide the fully qualified domain name in the Host Name
connection.
System Console.
installation.
15. Select the Lotus Sametime Meeting Server deployment plan you created
Next.
installation.
18. Click Finish when the installation process is complete.
Results
Windows 2008
Windows 2003
SSC connection log:


What to do next
Related tasks
“Starting and stopping servers running on WebSphere Application Server” on page
230
Starting and stopping IBM Lotus Sametime servers that run on WebSphere
Application Server involves other server components such as the Deployment
Manager and the node agent.
243
Verifying a meeting server installation:
Log in to the Lotus Sametime Meeting Server to verify that the installation was
successful.
About this task
Verify the installation by logging in to the server and creating a new meeting
room.
1. From a Web browser, navigate to the Meeting Room Center by entering the
following URL:
http://serverhostname.domain:port/stmeetings
Replace serverhostname.domain with the fully qualified domain name of the
Meeting server; for example:
Tip: To verify the HTTP port number being used by the Lotus Sametime
Meeting Server, open the AboutThisProfile.txt file for the Sametime Meeting
Application Server Profile and use the setting specified for the HTTP transport
port. The default profile name is STMAppProfile. On IBM i, look for the
AboutThisProfile.txt file in the following location: /QIBM/UserData/Websphere/
AppServer/V7/SametimeWAS/profiles/STMAppProfile/logs/
AboutThisProfile.txt
http://st85ms1.acme.com:9080/stmeetings
Note: By default, the WebSphere proxy listens on port 80, and forwards to the
Lotus Sametime Meeting Server on port 9080.
2. Click Log In and then enter your User name and Password to log in to the
Meeting Center.
3. Click New Meeting Room, then fill in the fields and click Save.
4. The new meeting appears in the list of meetings that you own. Click Enter
Meeting Room below the name of the new meeting to join the meeting.
Installing a Lotus Sametime Gateway server

Plan a deployment and install IBM DB2 and then one or more Lotus Sametime
Gateway servers.
Creating a DB2 database for Windows, Linux, AIX, and Solaris

Create the database tables and schema needed by Lotus Sametime Gateway. These
steps assume that you already have installed DB2 on the same machine on which

you are now creating the database. If the machine on which you installed DB2 is
named STGW, follow the steps in this procedure to change the name of the database
in the database creation script. The default database name, STGW, cannot be the
machine name.
Before you begin
The Lotus Sametime Gateway installation package includes a database creation

script, which creates the database. Follow the steps below to unpack the
installation compressed file and extract the contents before you run the script.
Expected state: DB2 is installed and running.

1. From the installation media, copy the Lotus Sametime Gateway installation
image for your operating system to a temporary directory on the DB2 server
node:
The part numbers for each product are available in the Lotus Sametime
Download document.
v Windows:
\TMP\SametimeGateway\part_number.exe
v Linux, AIX, or Solaris:
/TMP/SametimeGateway/part_number.tar
2. Open a command window and navigate to the temporary directory.
3. Unzip the installation image to the /TMP/SametimeGateway folder.
4. Log in to the operating system using the DB2 administrator account created
when you installed DB2.
5. On the node where you will be creating the database Lotus Sametime Gateway,
open a command window and type one of the following commands:
v Windows:
db2cmd
v Linux or AIX:
. /db2adminHomeDir/sqllib/db2profile
Note the period (.) and space before /db2adminHomeDir/sqllib/db2profile.

v Solaris:
6. If the host name on which you installed DB2 is named STGW, or if you need to
change the database name to something other than STGW, or if your database
administrator wishes to specify tablespace options, complete the following sub
steps, otherwise skip this step.
a. Using a text editor, open createDb.sql.
b. Replace every instance of stGW with a new database name that is eight
characters or less.
c. If desired, you may edit the tablespace file locations for your specific
environment to be somewhere other than the default location.
d. Save the file.
7. In the DB2 window, navigate to this directory:
\TMP\SametimeGateway\database\db2
8. Type the following command to create the database:
db2 -tvf createDb.sql > createDbOut.txt

If you edited the createDb.sql file, inspect the createDbOut.txt file to be sure
that all commands executed correctly.
9. Stop and then restart the database using the following commands:
a. db2stop
b. db2start
Installing Sametime Gateway

Install an IBM Lotus Sametime Gateway server. This section provides procedures
for installing a single server and installing a cluster of servers. When installing a
cluster, you install a primary server, a Deployment Manager server, and at least
one additional server on its own machine. You can install the primary server and
Deployment Manager on the same machine, or each on its own machine.
Before you begin
The fully qualified domain name of the Lotus Sametime Gateway server must be
externally resolvable by the domain name server, and must not be set in the
″hosts″ file. Verify that this is true before installing the Lotus Sametime Gateway.
About this task
Unlike other Lotus Sametime components, the Lotus Sametime Gateway does not
install with a deployment plan created on the Lotus Sametime System Console.
Instead, you enter required information as you proceed through the installation
program. Once the installation is complete, you will register the Gateway with the
Lotus Sametime System Console; from then on, you will administer the Gateway
server from the System Console, just like all the other Lotus Sametime
components.
Installing a single Gateway server:
Choose to install a single Sametime Gateway server on Windows, AIX, Linux,

Solaris, or IBM i.
Installing a single server on Windows:
Complete these steps to install Lotus Sametime Gateway as a single server on

Windows, to create an administrative user ID for WebSphere Application Server,
and to connect to an LDAP server. This installation program installs WebSphere
Application Server and Lotus Sametime Gateway. If you need to install an
additional Lotus Sametime Gateway server later, follow the procedure for installing
servers in a cluster.
Before you begin
Expected state: DB2 is installed. The DB2 database is created and DB2 is running.
Information on downloading packages for Lotus Sametime is located at:

www.ibm.com/support/docview.wss?rs=477&uid=swg24024322
1. Log in as the Windows administrator on the server where you will install
Lotus Sametime Gateway.
2. Create the temporary file folder \TMP\WASCD.
3. From the installation media, copy the WebSphere Application Server
installation image part_number.exe to the folder \TMP\WASCD.

4. Open a command window and navigate to the folder \TMP\WASCD.
5. Extract all files to the temporary directory \TMP\WASCD. When you are done
extracting the files, you should have a \TMP\WASCD\ifpackage folder with WAS
and JDK folders inside the ifpackage folder.
6. From the installation media, copy the Sametime Gateway installation image
part_number.exe to the \TMP folder.
7. Extract the files in part_number.exe. This step creates the folder
\TMP\SametimeGateway.
8. Navigate to the \TMP\SametimeGateway folder containing the extracted files.
9. Open a command window and type the following command:
v For wizard mode: install.bat
v For console mode: install.bat -console
Attention: If one or more of the DNS addresses in your environment (for

example: WebSphere Application Server installation host name, DB2 host
name, or LDAP host name) refers to an IPv6–format address, add the
following option to your install command to work around an IPv6–related
issue with the installer:
install.bat -V BypassWasInfoCheck=true
Because your input will not be verified during installation, you should take
extra care when typing values.
10. Select the language for the installation wizard and click OK. The Lotus
Sametime Gateway Welcome screen is displayed. You can launch the
Sametime information center from this panel.
11. Click Next to continue with the installation. The Software License Agreement
dialog is displayed. Read the license agreement carefully. Select the
appropriate radio button option to accept the terms if you agree with the
statement and click Next to proceed with the installation.
12. Select Standalone server and then click Next.
13. Type or click Browse to select the path to where you extracted the WebSphere
Application Server installation files from the CD. Do not use quotation marks.
This directory should contain the WAS and JDK subdirectories. It is very
important that you select the parent directory and not the subdirectory. For
example: use C:\TMP\WASCD\ifpackage but do not use C:\TMP\WASCD\
ifpackage\WAS or C:\TMP\WASCD\ifpackage\JDK.
14. Click Next to see the default directory path where WebSphere Application
Server will be installed is displayed. To change the installation location of
WebSphere Application Server, click Browse and select a desired location, or
type a new path.
15. Click Next to see node, cell, and host name profile information provided by
the installer. If the supplied information is correct, click Next.
Option Description
Node Logical name for the node. For example,
acmeNode.
Cell Name for the cell. Every WebSphere
Application Server is created on a node
inside a cell. A cell is a collection of nodes
for administration and workload
management. For example, acmeCell.

Option Description
Host name Fully qualified domain name of the machine
on which you are installing WebSphere
Application Server. For example:
server1.acme.com
Note: If the server where you are installing
has multiple NICs/IPs/DNS names, or for
more information about considerations in
choosing a host name, read the section ″Host
name considerations″ in the WebSphere
Application Server information center topic,
Creating an application server profile.
16. Create a user ID and password to log in to the Integrated Solutions Console,
the administrative interface for managing Lotus Sametime Gateway. The user
ID must not exist in the LDAP directory. Passwords must not contain accented
characters or any of the following characters:
;*!?"/<>|+&'`[]%^
17. Click Next to see the default directory path where Lotus Sametime Gateway
will be installed. To change the location, click Browse and select a desired
location, or type a new path.
18. Click Next to enter database properties.
Option Description
Host name Fully qualified host name or TCP/IP
address of the database server.
Port Port number on the database server.
Database name The name of the database that you created.
If you used the default database name, type
STGW. Case does not matter.
Application user ID A database user ID that has permission to
connect to the database and read or write
records. The application user ID is often the
same as the schema owner user ID.
Application password The password for the application user. The
application password is often the same as
the schema owner password.
Schema user ID The ID for the user that has appropriate
permissions to create tables in the database.
You may need to get this information from
the database administrator. The schema user
ID is often the same as the application user
ID.
Schema password The password for the schema owner. You
may need to get this information from the
database administrator. The schema
password is often the same as the
application password.
19. Click Next to connect to an LDAP server at this time. The LDAP server must
be the same LDAP used by Lotus Sametime.

Option Description
Configure LDAP now Select if you want to set up a connection
between Sametime Gateway and LDAP that
does not need an SSL connection. You will
need to know the host name and port of the
LDAP server.
Configure LDAP after the installation Select this option if you need to set up an
SSL connection with LDAP, or if you do not
know the host name and port number used
by LDAP. If you are installing Lotus
Sametime Gateway outside the firewall and
the LDAP directory is located inside the
firewall, choose this option and skip to step
23.
20. Select an LDAP host name from list of Registered host names and ports in
your domain, or select Other and enter a host name or IP address in the Host
name field. The default port number is 389. Click Next.
21. If anonymous access is successful to the LDAP host name, you may have the
option of continuing with anonymous access or changing the access to
authenticated access. If anonymous access is not permitted, you will not have
this option because you must supply a bind distinguished name and
password.
Option Description
Anonymous access Select this option if you don’t need
authenticated access to the LDAP server.
Lotus Sametime Gateway only requires
anonymous access to an LDAP server.
Authenticated access Select this option if your LDAP server
requires authenticated access. You must
provide an authentication identity, including
a bind distinguished name and password
from the LDAP administrator.
22. Enter the Bind distinguished name (DN) and Bind password. The bind
distinguished name can be any user with read permission for the directory
server. The bind DN need not be the LDAP administrator. For example:
v Bind distinguished name:
uid=ldapadmin,cn=users,l=shipley,st=kansas,c=us,ou=acme,o=medical,DC=ACME,DC=COM
v Bind password:
C@pital1
23. Click Next. Choose a base distinguished name from the list of Suggested base
distinguished names in your LDAP or enter a base DN in the Base
distinguished name field. The base distinguished name indicates the starting
point for LDAP searches of the directory service. For example, for the bind
distinguished name given as an example in the previous step, you can specify
the base DN as: DC=ACME,DC=COM. For authorization purposes, this field is case
sensitive. This panel is not shown if you are connecting to Domino LDAP.
24. Click Next to see the Lotus Sametime Gateway installation summary. You can
review the installation summary settings and, if necessary, click Back to make
changes.
25. Click Install to begin copying files. A progress bar is displayed and the
activity is logged to the Lotus Sametime Gateway log file. This installation

takes about 10 minutes to complete. When the installation is complete, the
wizard displays a message indicating a successful installation.
26. Read the summary and click Finish. To view the installation log, click View
log file or open the log file at stgw_server_root\logs\installlog.txt.
Installing a single server on AIX, Linux, or Solaris:
Complete these steps to install a single Lotus Sametime Gateway server on an AIX,
Linux, or a Solaris machine, to create an administrative user ID for WebSphere
Application Server, and to connect to an LDAP server. This installation requires
installing the WebSphere Application Server Network Deployment edition, even if
you are installing a single server. If you need to create a cluster of Lotus Sametime
Gateway servers later, follow the procedure for installing a cluster of servers using
the wizard.
Before you begin
Expected state: DB2 or the DBMS Administration Client is installed. The DB2
database is created and DB2 is running.
Information on downloading packages for Lotus Sametime is located at the

following Web address:
About this task
The Lotus Sametime Gateway install wizard deploys both the WebSphere
Application Server and the Lotus Sametime Gateway server application in one
installation.
1. Log in as root on the server where you will install Lotus Sametime Gateway.
c. Change its value to either disable or permissive.
3. Create the temporary file folder /TMP/WASCD.
installation image for your operating system to /TMP/WASCD.
5. Open a command window and navigate to the directory /TMP/WASCD.
6. Run the following command to uncompress the files:
gunzip -c part_number.tar.gz | tar -xvf -
When you are done extracting the files, you should have the following folder:
/TMP/WASCD/ifpackage
Verify that you have WAS and JDK folders inside the ifpackage folder.
image part_number.tar to the temporary directory /TMP.
8. Navigate to the /TMP directory and uncompress the following file:
unzip part_number.tar

When you are done, you have the folder /TMP/SametimeGateway
9. You can run the installer in wizard mode or in console mode. Use the wizard
mode if you are installing from a PC to the IBM i system.
v To run the installer in wizard mode, type the following command:
installi5OS.bat

installi5OS.bat -V BypassWasInfoCheck=true
v To run the installer in console mode, perform these steps:
a. Copy the directory /TMP/SametimeGateway to the IFS of the IBM i system.
b. Start a QSHELL session.
c. Navigate to the /TMP/SametimeGateway directory and type the following
command:
install.sh -console
Attention: If one or more of the DNS addresses in your environment

(for example: WebSphere Application Server installation host name, DB2
host name, or LDAP host name) refers to an IPv6–format address, add
the following option to your install command to work around an
IPv6–related issue with the installer:
install.sh -console -V BypassWasInfoCheck=true
Because your input will not be verified during installation, you should
take extra care when typing values.
10. Select the language to be used for the installation and click OK. The Lotus
Sametime Gateway Welcome screen is displayed.
12. Select Standalone server, and then click Next.
Application Server installation files from the CD. This directory should
contain the WAS and JDK subdirectories. It is very important that you select
the parent directory and not the subdirectory. For example: use
/TMP/WASCD/ifpackage but do not use /TMP/WASCD/ifpackage/WAS or
/TMP/WASCD/ifpackage/JDK.
type a new path.
the installer. If the supplied information is correct, click Next.

Option Description
acmeNode.
server1.acme.com
;*!?"/<>|+&'`[]%^
18. Click Next to enter properties required by DB2:
Option Description
ID.

Option Description
Option Description
LDAP server.
firewall, choose this option, and skip to step
23.
password.
Option Description
v Bind password:
C@pital1
changes.
25. Click Install to begin copying files. A progress bar is displayed and the
log file or open the log file at stgw_server_root/logs/installlog.txt
About this task
Server.
Servers.
Servers.
Add.
entered.
6. Click OK.

Starting a single server:
This section explains how to start a standalone Lotus Sametime Gateway server.
Skip these steps if you are setting up a cluster.
About this task
Single server configurations must have the Lotus Sametime Gateway server
running to access the Integrated Solutions Console, while a Lotus Sametime
Gateway cluster must have the Deployment Manager running to access the
Integrated Solutions Console. Do not start Lotus Sametime Gateway at this time if
you are creating a cluster of Lotus Sametime Gateway servers.
1. Log in to the server machine as a user with administrative privileges.
2. Navigate to the Lotus Sametime Gateway profile directory that contains
binaries: stgw_profile_root\bin
3. Type the following command to start Lotus Sametime Gateway. Note that
RTCGWServer is case-sensitive.
./startServer.sh RTCGWServer
Windows
startServer.bat RTCGWServer
IBM i
startServer RTCGWServer
Connecting to a DB2 database:
Before you begin
About this task
steps:

Related tasks
Before you begin
About this task
field.
a different port.
connect to.
you changed it.

Gateway database
IBM i.
h. Click Finish.
Registering a new Gateway server with the System Console:
After installing an IBM Lotus Sametime Gateway server on IBM AIX, Linux, Sun
Solaris, or Microsoft Windows, register it with the Lotus Sametime System Console,
so you can manage all of the Lotus Sametime servers from a central location.
Before you begin
Before you register the server, verify that you have completed the following tasks,
which are described in the Installing on AIX, Linux, Solaris, and Windows section
of this information center.
v The Lotus Sametime System Console must be started.
v The LDAP server must be connected to the System Console and must be started.
v The Gateway database must be connected to the System Console and must be
started.
v The Community Server that the Gateway server connects to must already be
registered with the Console and must be started.
About this task
Working from the server that you want to connect to the console, follow these
steps to update properties files and run the registration utility.
During this task you will edit the following files; click the topic titles below to see
details on each file. Use Ctrl+Click to open the topic in a new browser tab or
window so you can keep it open for reference:
v console.properties
v productConfig.properties
1. On the Lotus Sametime Gateway server, navigate to the stgw_server_root/IBM/
WebSphere/STgateway/console directory.
2. Make backup copies (using different names) of the console.properties and
productConfig.properties files.

3. Update the console.properties file with the following values, and then save
and close the file.
Table 11. console.properties settings
SSCHostName Provide the fully qualified host name of the Lotus
Sametime System Console server.
SSCHTTPPort Specify the HTTP port used for the Lotus Sametime
System Console server if SSL is not enabled and the
value for SSCSSLEnabled is ″false.″
To determine the correct HTTP port, open the

AboutThisProfile.txt file for the lotus Sametime System
Console Application Server Profile and use the setting
specified for the ″HTTP transport port.″ The default
profile name is STSCAppProfile.
On IBM i, look for the AboutThisProfile.txt file in the

following location: /QIBM/UserData/Websphere/
AppServer/V7/SametimeWAS/profiles/STSCAppProfile/
logs/AboutThisProfile.txt
SSCUserName Enter the IBM WebSphere Application Server User ID
that you created when you installed Lotus Sametime
System Console. The default is wasadmin.
SSCPassword Enter the WebSphere Application Server password
associated with the SSCUserName.
SSCSSLEnabled Change this value to ″true″ to connect to the Lotus
Sametime System Console using a secure connection.
SSCHTTPSPort Specify the HTTPS port used by the Sametime System
Console server if SSCSSLEnabled is set to ″true.″
4. Verify that the settings in the productConfig.properties file are correct,

modifying them as needed before saving and closing the file.
5. Run the registration utility:
v AIX, Linux, Solaris: registerProduct.sh
v Windows: registerProduct.bat
The utility registers the server, generating a log file called ConsoleUtility.log
and storing it in the console/logs directory. If the registration is successful, a
console.pid will also be generated.
6. Start the Lotus Sametime Gateway server, if it is not already running.
Optional network configuration:
After you complete your IBM Lotus Sametime Gateway installation, you can
optionally modify some network configuration settings.
Using a different SIP return address:
In a single-server IBM Lotus Gateway deployment, you can optionally configure

the SIP return address to use the IBM WebSphere Application Server’s host name
address instead of the operating system’s host name address.
About this task
Outgoing SIP messages include a ″Contact″ field, which is used as the return
address for opening a new connection back to the sender. By default, the ″Contact″

value uses the operating system’s own host name address. If you wish, you can
assign the WebSphere Application Server’s host name address to this value instead.
If you do this, WebSphere Application Server stops listening for SIP messages on
all of the available operating system interfaces, and instead listens only on the
interface described by the new return address (its own host name address).
Specifying a different SIP return address is an optional procedure, and applies to

only single-server installations (clustered installations already use the WebSphere
Application Server’s host name address as the SIP return address).
1. Log into Integrated Solutions Console.
2. Click Servers → Application servers.
3. Click RTGWServer.
4. Under ″Communications″, click Ports.
5. Click SIP_DEFAULTHOST.
6. In the Host field, type the WebSphere Application Server installation’s host
name address, and then click OK.
Specify a fully qualified domain name in this field; for example:
server1.acme.com
Use the name you specified as the host name when you installed this Lotus
Sametime Gateway server.
7. Click SIP_DEFAULTHOST_SECURE.
server1.acme.com
9. Restart the Lotus Sametime Gateway server.
Configuring network interface cards to simulate a NAT:
This optional procedure describes how to you can simulate a Network Address
Translator (NAT) to provide additional security by using two Network Interface
Cards (NICs), one for an internal IP address facing the Sametime community
server, and the other for an external IP address facing the Internet. This procedure
applies to standalone Sametime Gateway deployments only. If you use this
Console.
Before you begin
The procedure applies to single server installations only. If you have a cluster of
Sametime Gateway servers, and you want to set up two Network Interface Cards,
install the NICs on the proxy server node in the cluster. The proxy server node is
smart enough to handle incoming and outgoing addresses on two different IP
addresses without additional configuration.
About this task
Perform these steps to configure multiple NIC support in a single server

installation. When Sametime Gateway has two IP addresses, one external facing

and one internal facing, sometimes the Sametime Gateway sends subscribe
requests such that the external community is instructed to respond back to the
internal IP address. To ensure that Sametime Gateway sends the external IP
address instead of the internal IP, perform the following configuration steps:

4. Under Communications, click Ports.
6. In the Host field, type the external IP address; for example: 101.35.112.99
8. In the Host field, type the external IP address. For example: 101.35.112.99
9. Click Apply, then Save.
10. Restart the Sametime Gateway server.
Installing Gateway servers in a cluster:

About this task
Before you begin, upgrade existing Lotus Sametime Gateway servers to the current
release before you install new servers.
Except in the case of IBM i, the Lotus Sametime Gateway install wizard deploys
both WebSphere Application Server and the Lotus Sametime Gateway server
application in one installation.
Installing the Deployment Manager:

Install the Deployment Manager on its own machine, or on the same machine as
the primary node. Installing the Deployment Manager on the same machine as the
primary node provides the efficiency of multiple Java Virtual Machines and takes
advantage of a fast CPU. If you are installing the Deployment Manager on the
same machine with an existing primary node from a previous release, upgrade the
primary node to the present release before installing the Deployment Manager.
Installing the Deployment Manager on Windows:
Install the Deployment Manager on the same machine as the primary server, or on
a separate machine. The installation program also creates a non-SSL connection to
LDAP.
Before you begin
Expected state: The DB2 server is installed, the DB2 database has been created, and
DB2 is running.

About this task
You can install the Deployment Manager and the primary server on the same
machine, or each on its own machine. Additional nodes must be installed on their
own machines.
2. Create two temporary file folders: \TMP\WASCD and \TMP\SametimeGateway.
6. Extract the files in Sametime Gateway installation image part_number.exe to
the \TMP\SametimeGateway folder.


10. Select Deployment Manager, and then click Next.
The directory should contain the WAS and JDK subdirectories. It is very
type a new path.
the installer. If the supplied information is okay, click Next.
Option Description
acmeDMNode.
Cell Every WebSphere Application Server is
created on a node inside a cell. A cell is a
collection of nodes for administration and
workload management. For example,
acmeDMCell.
Host name Fully qualified domain name name of the
machine on which you are installing
WebSphere Application Server. For example:
server1.acme.com
14. Create a user ID and password for logging into the Integrated Solutions
Console, the administrative interface for managing Lotus Sametime Gateway.
The user ID must not exist in the LDAP directory. Passwords must not contain
accented characters or any of the following characters:
;*!?"/<>|+&'`[]%^
Option Description

Option Description
Option Description
LDAP server.
If you select this option, continue with the

next step.
firewall, choose this option.
If you select this option, skip to step 21.
password.
Option Description

v Bind password:
C@pital1
changes.
23. Click Install to begin copying files. A progress screen is displayed and the
log file or open the log file at stgw_server_root\logs\installlog.txt
25. To test the Deployment Manager installation and ensure that LDAP settings
are correct, log into the Deployment Manager node as a user with
administrative privileges.
26. Navigate to the stgw_profile_root\bin directory.
27. Start the Deployment Manager with the following command:
startManager.bat
28. Log in into the Integrated Solutions Console using the administrative user ID
and password that you created.
29. Test the LDAP connectivity. Click Users and Groups → Manage users.
30. Verify that you can search and retrieve users in your LDAP directory.
31. Leave the Deployment Manager node running as you install other nodes in
the cluster.
About this task
Server.

Servers.
Servers.
Add.
entered.
6. Click OK.
Installing the Deployment Manager on AIX, Linux, or Solaris:
Complete these steps to install the Deployment Manager server on AIX, Linux, or
Solaris. Install the Deployment Manager on the same machine as the primary
server, or on its own machine. The installation program also creates a non-SSL
connection to LDAP.
Before you begin
database is created and DB2 is running.
Part numbers are listed in the Lotus Sametime Download document.
About this task
Note that there are special naming rules for each node and cell that are part of a
cluster. When installing each node, the node name and the cell name must be
unique across all machines. No two nodes can have the same cell name. Later, when
you federate each node into the cluster, the cell name is automatically changed to
the Deployment Manager’s cell name.
The installation wizard installs an instance of WebSphere Application Server and

an instance of Sametime Gateway.

6. Run the following command to extract the files:
When you are done extracting the files, you should have a
/TMP/WASCD/ifpackage folder with WAS and JDK folders inside the ifpackage
folder.
part_number.tar to the /TMP folder.
8. Unzip the files in part_number.tar. This step creates the folder
/TMP/SametimeGateway.
9. In the DB2 profile window, navigate to the /TMP/SametimeGateway directory,
and execute the following command:
v . /install.sh (wizard installation)
v . /install.sh -console (console installation)
Attention: If one or more of the domain addresses in your environment (for

install.sh -V BypassWasInfoCheck=true
12. Select Deployment Manager, and then click Next.
13. The WebSphere Application Server installation directory dialog is displayed.
Type the root to the path where you copied the WebSphere Application Server
installation files from the CD. This directory should contain the WAS and JDK
subdirectories. It is very important that you select the parent directory and not
the subdirectory. For example: use /TMP/WASCD/ifpackage but do not use
/TMP/WASCD/ifpackage/WAS or /TMP/WASCD/ifpackage/JDK.
type a new path.
the installer. If the supplied information is okay, click Next.

Option Description
acmeDMNode.
management. For example, acmeDMCell.
server1.acme.com
16. Create a user ID and password for logging into the Integrated Solutions
Console, the administrative interface for managing Lotus Sametime Gateway.
The user ID must not exist in the LDAP directory. Passwords must not contain
accented characters or any of the following characters:
;*!?"/<>|+&'`[]%^
Option Description

Option Description
LDAP server.
If you select this option, continue with the

next step.
If you select this option, skip to step 23.
password.
Option Description
v Bind password:
C@pital1
sensitive. Note that this panel is now shown if you are connecting to Domino
LDAP.

changes.
28. Navigate to the stgw_profile_root/bin directory.
./startManager.sh
the cluster.
What to do next
You have installed the Deployment Manager server.
Note: Do not start the server at this time (skip step 3 – restart the server – in the
steps below).
About this task
Server.
Servers.

Servers.
Add.
entered.
6. Click OK.
Installing the primary node:
Install a primary node for a cluster. You can install the primary node and the
Deployment Manager on the same machine. Installing the primary node on the
same machine as the Deployment Manager provides the efficiency of multiple Java
Virtual Machines and takes advantage of a fast CPU. If you are installing the
primary node on the same machine with an existing Deployment Manager from a
previous release, upgrade the Deployment Manager to the present release before
installing the primary node.
Installing the primary node on Windows:
Complete these steps to install the primary node of a Lotus Sametime Gateway
cluster on Windows. You can install both the primary node and Deployment
Manager on the same machine.
Before you begin
database is created and DB2 is running. The Deployment Manager is installed and
running.
Information on downloading packages for Lotus Sametime Gateway is located in

the Lotus Sametime Download document.
About this task
The following steps show the installation of a primary node on a separate machine
from the Deployment Manager. If you are installing the primary node on the same
system as the Deployment Manager, you do not have to copy the WebSphere
Application Server media to the server. Instead, the install program reuses the
shared binaries that are installed with the Deployment Manager.
2. Complete the following substeps only if you are installing the primary node
on its own machine. If you plan to install the primary node on the same
machine as the Deployment manager, skip to step 3.

a. Create two temporary file folders: \TMP\WASCD and \TMP\SametimeGateway.
b. From the installation media, copy the WebSphere Application Server
c. Open a command window and navigate to the folder \TMP\WASCD.
d. Extract all files to the temporary directory \TMP\WASCD. When you are done,
you should have a \TMP\WASCD\ifpackage folder with WAS and JDK folders
inside the ifpackage folder.
e. Extract the files in the Sametime Gateway installation image
part_number.exe to the \TMP\SametimeGateway folder.
3. Navigate to the \TMP\SametimeGateway folder.
4. Type the following command:

7. Do one of the following
v If you are installing the primary node on the same computer as the
Deployment Manager, click Next, and then click Next again.
v If you are installing the primary node on a separate computer, select
Primary node, and then click Next.
8. Check the node name, cell name, and host name that are supplied by the
installer. Make sure that the cell and node names do not match the cell and
node names you used when installing the Deployment Manager. Choose a
unique node name and cell name for this installation. If the supplied
information is okay, click Next.
Option Description
Node The logical name for the node. For example,
acmeNodePrimary.
Cell A name for the cell. Every WebSphere
management. For example, acmeCellPrimary.

Option Description
Host name The fully qualified domain name of the
machine on which you are installing
WebSphere Application Server. For example:
server1.acme.com
9. Type the administrative user ID and password used to log in to the Integrated
Solutions Console, the administrative interface for managing Lotus Sametime
Gateway. Use the same user ID and password that you created when you
installed the Deployment Manager. The user ID must not exist in the LDAP
directory.
11. Type the required information for the database as follows:
Option Description
Host name The fully qualified host name or TCP/IP
Port The port number on the database server.
ID.
changes.

takes about 10 to 20 minutes to complete. When the installation is complete,
the wizard displays a message indicating a successful installation.
About this task
Server.
Servers.
Servers.
Add.
entered.
6. Click OK.
Installing the primary node on AIX, Linux, or Solaris:
Install the primary node of a Lotus Sametime Gateway cluster on Windows. You
can install both the primary node and Deployment Manager on the same machine.

Before you begin
database is created and DB2 is running. The Deployment Manager is installed and
running.

About this task
The Lotus Sametime Gateway install wizard deploys both the WebSphere
Application Server and the Lotus Sametime Gateway server application in one
installation.
3. If you are not installing the primary node on the Deployment Manager
machine, complete the following sub steps:
a. Create the temporary file folder /TMP/WASCD .
b. Open a command window and navigate to the folder /TMP/WASCD.
c. Extract all files to the temporary directory /TMP/WASCD. When you are done
extracting the files, you should have a /TMP/WASCD/ifpackage folder with
WAS and JDK folders inside the ifpackage folder.
d. Run the following command to extract the files:
folder.
image part_number.tar to the temporary directory /TMP/SametimeGateway.
5. Extract the following file to the /TMP/SametimeGateway folder:
tar -xvf part_number.tar
6. Navigate to the temporary directory /TMP/SametimeGateway and type one of
the following commands:
v For wizard mode: ./install.sh
v For console mode: ./install.sh -console

./install.sh -V BypassWasInfoCheck=true

This command installs WebSphere Application Server 6.1 and Lotus Sametime
Gateway. The Language Selection dialog is displayed.
dialog is displayed. Please make sure to read the license agreement carefully.
9. Select the appropriate radio button option to accept the license agreement if
you agree with the statement and click Next to proceed with the installation.
If you accepted the terms, the Installation Type dialog is displayed.
10. If you are not installing the primary node on the Deployment Manager
machine, complete the following sub steps:
a. Select Primary node, and then click Next.
b. The WebSphere Application Server 6.1 installation directory dialog is
displayed. Type the root to the path where you copied the WebSphere
contain the WAS and JDK subdirectories. It is very important that you
select the parent directory and not the subdirectory. For example: use
c. Click Next to continue with the installation. The WebSphere Application
Server Location dialog is displayed. If you wish to change the location for
the installation of WebSphere Application Server, click Browse and select
the desired location.
11. If you are installing the primary node on the Deployment Manager, the
installation wizard recognizes that an instance of Sametime Gateway is on the
same machine. The new installation for the primary node adds a profile to
WebSphere Application Server. Click Next, and then click Next again.
Option Description
acmeNodePrimary.
server1.acme.com

Gateway. You created these credentials when you installed the Deployment
Manager. The user ID must not exist in the LDAP directory.
15. Type the required information for DB2 as follows:
Option Description
ID.
changes.

About this task
Server.
Servers.
Servers.
Add.
entered.
6. Click OK.
Federating the primary node into the cell:
After you create the primary node you must add the primary node to the
Deployment Manager’s cell.
Federating the primary node into the cell on Windows:
Add the primary node to the Deployment Manager’s cell. Adding the primary
node to the cell allows a central point of administration for the network
deployment by using the Deployment Manager’s Integrated Solutions Console. You
will not be able log into the primary node’s Integrated Solutions Console after this
step.
Before you begin
Expected state: the Deployment Manager is running.

About this task
1. Make sure that the system clocks on the Deployment Manager and the primary
node are within five minutes of each other and set for the same timezone.
Federation fails if the clocks are not synchronized within five minutes.
2. Ping the Deployment Manager node from the primary node to make sure the
host name is resolvable.
3. On the primary node, open a command window and navigate to the
stgw_profile_root\bin directory. If the Deployment Manager and the primary
node are installed on the same machine, the default profile directory is
RTCGW_Profile1 (not RTCGW_Profile).
4. Run the following command to add the primary node to the Deployment
Manager’s cell:
addNode.bat DM_hostname DM_port_number -includeapps
Where DM_hostname is the host name of the Deployment Manager server. For
example:
addNode.bat gateway_dm.acme.com 8879 -includeapps
Port 8879 is the default port on which the Deployment Manager listens.
5. When prompted, provide the Deployment Manager’s administrative user ID
and password.
Wait for the operation to complete before proceeding. Look for a success
message similar to the following when complete:
Node MyserverNodePrimary has been successfully federated.
6. To verify that the primary node has joined the Deployment Manager’s cell, log
into the Integrated Solutions Console (http://localhost:9060/ibm/console)
using your administrative user ID and password and click Servers →
Application servers. Make sure you can see the primary node’s information.
If you already logged in, you must log out and then log in again before you
can see changes.
Federating the primary node into the cell on AIX, Linux, and Solaris:
Add the primary node to the Deployment Manager’s cell on AIX, Linux, or Solaris
platforms. Adding the primary node to the cell allows a central point of
administration for the network deployment by using the Deployment Manager’s
Integrated Solutions Console. You will not be able log into the primary node’s
Integrated Solutions Console after this step.
Before you begin

Deployment Manager host name is resolvable.
stgw_profile_root/bin directory.
Manager’s cell:
./addNode.sh DM_hostname DM_port_number -includeapps

example:
./addNode.sh gateway_dm.acme.com 8879 -includeapps
and password. Wait for the operation to complete before proceeding. Look for a
success message similar to the following when complete:
can see changes.
What happens when you federate the primary node into the cell?:
When you federate the primary node into the Deployment Manager’s cell, the
primary node’s original configuration is backed up. This means that you can
remove the primary node from the Deployment Manager at a later time, and you
can restore the profile configuration to the state it was in before federation.
The primary node’s scope changes to include the Deployment Manager’s cell.
Before federation, the scope of the RTCGWServer was:
cell:<PrimaryCell>/node:<PrimaryNode>/server:RTCGWServer
After federation, the scope of the server is the following:

cell:<Deployment Manager Cell>/node:/<PrimaryNode>/server:RTCGWServer
When you federate, the Integrated Solutions Console of the primary node is
disabled because you will be using the Integrated Solutions Console from the
Deployment Manager. The primary node inherits all the cell level configuration
data from the Deployment Manager. Any information you can see through the
Deployment Manager’s Integrated Solutions Console is now stored in XML on the
primary node, so it is accessible from any application. The applications that were
installed to RTCGWServer are now included on the RTCGWServer in the
Deployment Manager’s cell. If you attempt to federate another node that contains
these same applications, they are excluded.
Because the LDAP configuration and your credentials as the WebSphere

Application Server administrative user in the Deployment Manager are defined at
the cell level, this data overwrites the security settings of the primary node. The
Deployment Manager’s settings apply to the primary node. If you remove the
primary node from the cell, the primary node’s original security configuration are
restored.
When you federate the primary server into the cell, a single server of Sametime
Gateway can be managed by a Deployment Manager. You can actually run a real
environment and configure your Sametime communities just as you would in a
standalone server environment. What is lacking is failover and load balancing
capabilities. In order to add those features, you need to add a secondary node and
create a cluster in the later steps.
Installing an additional server in a cluster:

Install a secondary node for the cluster. A cluster at a minimum contains a primary
server, a Deployment Manager, and at least one secondary node. Depending upon
your capacity requirements, install secondary nodes as needed.
About this task
Note: In this release, a Lotus Sametime Gateway cluster can support only two
nodes.
Installing a secondary node on Windows:
Complete these steps to install a secondary node on Windows that will be part of a
cluster of Sametime Gateway servers.
About this task
A secondary node for the cluster must be installed on its own machine. A
secondary cannot be installed on the same machine as the primary server or the
Deployment Manager.

6. Extract the files in the Sametime Gateway installation image part_number.exe
to the \TMP\SametimeGateway folder.


10. Select Secondary node, and then click Next.
type a new path.
the installer. Make sure that the cell and node names do not match the cell
and node names that you used when installing the Deployment Manager or
the primary node, or any previously created secondary nodes. If the supplied
Option Description
acmeNode.
server1.acme.com
the administrative interface for managing Lotus Sametime Gateway. Use the
same administrative user ID and password that you created when installing
the Deployment Manager and primary node. The user ID must not exist in the
LDAP directory. Passwords must not contain accented characters or any of the
following characters:
;*!?"/<>|+&'`[]%^
16. Click Next to enter database properties:
Option Description

Option Description
changes.
19. Read the summary and click Install.
To view the installation log, click View log file or open the log file at
stgw_server_root\logs\installlog.txt\
About this task
Server.
Servers.
Servers.

Add.
entered.
6. Click OK.
Installing a secondary node on AIX, Linux, or Solaris:
Complete these steps to install a secondary node on AIX, Linux, or Solaris that will
be part of a cluster of Sametime Gateway servers.
About this task
A secondary node for the cluster must be installed on its own machine and cannot
be installed on the same machine as the primary server or the Deployment
Manager.
Part numbers are listed in the Lotus Sametime Download document.

When you are finished extracting the files, you should have a
folder.
image part_number.tar to the temporary directory /TMP/SametimeGateway.
8. In the DB2 profile window, navigate to the temporary directory /TMP.
9. Unzip the following file to the /TMP/SametimeGateway folder:
10. Navigate to the folder /TMP/SametimeGateway and type one of the following
commands:
v For wizard mode: . /install.sh
v For console mode: . /install.sh -console

The Language Selection dialog is displayed.
14. Select Secondary node as the type of installation, and then click Next.
15. The WebSphere Application Server 6.1 installation directory dialog is
contain the WAS and JDK subdirectories. It is very important that you select
the parent directory and not the subdirectory. For example: use
16. Click Next to continue with the installation. The WebSphere Application
Server Location dialog is displayed. If you wish to change the location for the
installation of WebSphere Application Server, click Browse and select the
desired location.
the installer. Make sure that the cell and node names do not match the cell
and node names that you used when installing the Deployment Manager or
the primary node, or any previously created secondary nodes. If the supplied
Option Description
acmeNode.
server1.acme.com

;*!?"/<>|+&'`[]%^
Option Description
21. You can review the installation summary settings and if necessary click Back
to make changes.
the wizard displays a message indicating the successful installation of the
Lotus Sametime Gateway and WebSphere Application Server products.
23. Read the summary and click Finish to complete the installation. Do not start
the server or first steps at this time.
About this task
Server.

Servers.
Servers.
Add.
entered.
6. Click OK.
Federating secondary nodes into the cell:
Add secondary nodes to the Deployment Manager’s cell to create a network

deployment of Sametime Gateway servers.
About this task
In this release, a Lotus Sametime Gateway cluster can support only two nodes: one
Primary Node and one Secondary Node.
Federating a secondary node on Windows into the cell:
Add a secondary node to the Deployment Manager’s cell. Adding secondary nodes
to the cell allows a central point of administration for the network deployment by
using the Deployment Manager’s Integrated Solutions Console.
Before you begin

1. Make sure that the system clocks on the Deployment Manager and the
secondary node are within five minutes of each other and set for the same
timezone. Federation fails if the clocks are not synchronized within five
minutes.
2. Ping the Deployment Manager node from the secondary node to make sure the
3. On the secondary node, open a command window and navigate to the
stgw_profile_root\bin directory.

4. Run the following command to add a secondary node to the Deployment
Manager’s cell. Note the omission of the -includeapps qualifier.
addNode.bat DM_hostname DM_port_number
example:
addNode.bat gateway_dm.acme.com 8879
Node Machine22NodeSecondary has been successfully federated.
6. For each additional secondary node, repeat the preceding steps.
7. Restart the Deployment Manager by typing the following commands. Wait for
the first command to finish before starting the Deployment Manager:
stopManager
startManager
What to do next
When you have finished installing and federating secondary nodes into the
Deployment manager, continue with the cluster configuration as instructed in the
topic, “Creating a cluster and proxy servers” on page 167.
Federating a secondary node on AIX, Linux, and Solaris into the cell:
Add a secondary node to the Deployment Manager’s cell. Adding a secondary

deployment by using the Deployment Manager’s Integrated Solutions Console.
Before you begin

minutes.
3. On secondary node, open a command window and navigate to the
./addNode.sh DM_hostname DM_port_number
example:
./addNode.sh gateway_dm.acme.com 8879

6. For each additional AIX, Linux, or Solaris secondary node, repeat the preceding
steps.
7. Restart the Deployment Manager by typing the following commands on the
Deployment Manager machine. Wait for the first command to finish before
starting the Deployment Manager:
./stopManager.sh
./startManager.sh
What to do next
What is a network deployment?:
A network deployment is a distributed WebSphere environment. Unlike a

stand-alone environment that contains only one application server node, a network
deployment contains many application server nodes that can distribute the
workload of Lotus Sametime Gateway applications across several physical systems.
The purpose of a network deployment is to provide a topology that is scalable and
has load balancing and failover capabilities.
Typically, a network deployment contains one node per physical computer. This is
not a requirement. Nodes are logical groupings of application servers, so you can
have more than one node installed on a physical system. For performance reasons,
most installations have only one cluster member per node, since each cluster
member creates its own JVM footprint.
In a network deployment, all nodes are federated into the deployment manager’s
cell. This allows the deployment manager to do its purpose in life- Manage the
Deployment. A Deployment Manager is nothing more than a node that is
responsible for administering a cell. In Lotus Sametime Gateway, the only things
configured on the Deployment Manager node are a few minor cell level attributes,
and the Lotus Sametime Gateway administrative portlet plugin extensions. Lotus
Sametime Gateway application files all run on the cluster member application
servers.
The primary node is basically the same thing as a standalone node installation,
minus a few cell level configurations that will be trumped by the Deployment
Manager’s configuration. The primary node contains all the applications and
WebSphere Application Server components that are required to run Lotus
Sametime Gateway. When you install a primary node, you create a server instance
called RTCGWServer. This server instance is cloned for use with all secondary
nodes across the cluster. There can only be one primary Lotus Sametime Gateway
node installed in any network deployment, because applications can only be added
to the cell from one node. In the Lotus Sametime Gateway network deployment,
the primary node also configures the database server.
The secondary nodes are WebSphere Application Server placeholders that can run
additional cluster members (servers created as clones of the primary server). When
you install a secondary node for Lotus Sametime Gateway, the installation creates a
node and default server instance, as well as some node level WebSphere
Application Server attributes such as data sources, WebSphere variables, and
shared library definitions. A network deployment of Lotus Sametime Gateway can
contain as many secondary nodes as your environment needs.

Creating a cluster and proxy servers:
Create a Sametime Gateway cluster, install proxy servers, and then configure the
proxy servers to use the cluster. Set up node replication only if you need high
availability and failover, and then start the cluster.
About this task
Starting a cluster involves starting the Deployment Manager, starting the node
agents on all the nodes, and then starting the servers, including the proxy servers,
on each node.
Creating the cluster:
Create a new cluster of IBM Lotus Lotus Sametime Gateway servers by running
the Cluster Configuration Wizard. If you are upgrading an existing Lotus
Sametime Gateway cluster, you must still complete this task because you removed
the cluster before upgrading the nodes.
Before you begin
Expected state: the Deployment Manager is running and nodes are stopped.
About this task
The instructions that follow describe steps for setting up a horizontal cluster, the
most common cluster configuration. The Primary Node already has the primary
server installed, so no additional server is needed on that computer. To add servers
to the horizontal cluster, create one cluster member for each secondary node
(computer).
Note: This release supports only one Secondary Node on a cluster.

1. On the Deployment Manager, open a command window, navigate to the
stgw_server_root\config directory, and run the following command:
./configwizard.sh
Windows
configwizard.bat
IBM i
./configwizard.sh
Note: To run this program in console mode (instead of using the graphical
interface), add the -console argument to the command line; for example:
configwizard.bat -console
2. View the Welcome page and click Next.
3. For a Secondary Node, do the following:
a. Select the Secondary Node from the Node drop down list and type a
unique name in the Server Name field.
b. Click Add Member.
4. When you have finished adding the Secondary Nodes, click Next.
5. Type the Schema user ID and Schema password for the database

. These credentials have appropriate permissions to create tables in the
database. You may need to get this information from the database
administrator. The schema user ID is often the same as the application user ID
for the database.
6. Read the summary and click Configure. When finished, you can view the
configuration log at You can review the configuration wizard log at
stgw_server_root\logs\configwizard.log.
7. Restart the Deployment Manager with the following commands:
./stopServer.sh dmgr -username username -password password
./startServer.sh dmgr
Windows
stopServer.bat dmgr -username username -password password
startServer.bat dmgr
IBM i
startServer.sh dmgr
8. Complete the following steps on every node in the cluster, including the
Primary Node:
a. Log in to the node’s operating system.
b. Navigate to the stgw_profile_root\bin directory.
c. Start the node agent on the node with the following command:
./startNode.sh
Windows
startNode.bat
IBM i
startNode
Note: During installations, the Node agent on primary and secondary

servers may be loaded, and issuing a startnode command may result in the
error: ″Conflict detected on port 8878. Likely causes: a) An instance of the
server nodeagent is already running b) some other process is using port
8878.″ If this occurs you can confirm the nodeagent status by running the
command serverstatus nodeagent from the stgw_profile_root\bin
directory. When prompted, supply the Lotus Sametime Gateway
administrator credentials. Verify that the nodeagent is running (the status
will read, ″The Node Agent ″nodeagent″ is STARTED). If the agent is
running, continue to the next step.
9. When all the node agents are started, verify that the cluster configured
properly by performing the following steps:
a. Log into the Integrated Solutions Console (http://localhost:9060/ibm/
console) using your administrative user ID and password on the
Deployment Manager machine.
b. Click Servers → Clusters, and verify that SametimeGatewayCluster appears
in the table.
c. Click SametimeGatewayCluster, and then under Additional properties,
click Cluster members to view the cluster members that you created.

Before you begin
About this task
steps:
Related tasks
Before you begin
About this task
field.
a different port.
connect to.
you changed it.
Gateway database
IBM i.
h. Click Finish.
Installing SIP and XMPP proxy servers:
SIP and XMPP proxy servers act as the initial point of entry for messages that flow
into and out of the enterprise. While you can install these proxy servers on an IBM
Lotus Sametime Gateway node, it is recommended that you install them on a
separate machine to isolate the proxy processing from the Lotus Sametime
Gateway cluster.
Before you begin
Expected state: DB2, LDAP, and Sametime Gateway servers are installed.

About this task
For network security, IBM recommends that you install the XMPP and SIP proxy
server node and the Sametime Gateway cluster in the network DMZ. Installing the
SIP proxy in the DMZ by itself is not a supported configuration because it places a
firewall device between that server and the Sametime Gateway cluster. All of these
components should be able to communicate freely which each other without
traversing through a firewall device.
Note: If you are upgrading from a previous version of Lotus Sametime Gateway,
you already have a SIP proxy server. If the SIP proxy server is on an existing
primary or secondary node, there is no need to upgrade the SIP proxy server.
However, if your SIP proxy server is installed on its own node, you must upgrade
WebSphere Application Server on that node to version 6.1.0.11. If you want your
cluster to be able to access Google Talk or other XMPP users, you must install an
XMPP proxy server.
Installing a SIP and XMPP proxy server on Windows:
The SIP and XMPP proxy servers are the first point of contact, after the firewall,
for messages that flow into and out your enterprise. Install the proxy servers for
both standalone or network deployment installations of Sametime Gateway. IBM
recommends that you install a SIP and XMPP proxy server on its own node.
About this task
The XMPP and SIP proxy server node installation creates a WebSphere Application
Server node with two application servers installed. One server is a generic SIP
proxy server provided by WebSphere Application Server, and the other is a
standard application server onto which is installed the XMPP proxy application.
The node does not function until it is federated into a Sametime Gateway cell.
6. Extract the files in part_number.exe to the \TMP\SametimeGateway folder.
7. Navigate to the\TMP\SametimeGateway folder.

11. If you are installing the proxy server on its own computer instead of on an
existing Sametime Gateway node, complete the following sub steps:
a. Select SIP and XMPP proxy servers, and then click Next.
\TMP\WASCD\ifpackage but do not use \TMP\WASCD\ifpackage\WAS or
\TMP\WASCD\ifpackage\JDK.
12. If you are installing the proxy servers on an existing Sametime Gateway node,
the installation wizard recognizes that an instance of Sametime Gateway is on
the same machine. The new installation for the proxy servers adds a profile to
WebSphere Application Server. Click Next.
Option Description
acmeNodeProxy.
management. For example, acmeCellProxy.

Option Description
proxy.acme.com
directory. Click Next.
15. If you are installing the proxy servers on their own machine, you now see the
default directory path where Lotus Sametime Gateway will be installed. To
change the location, click Browse and select a desired location, or type a new
path.
changes.
What to do next
Note: If you start the SIPProxyServer instance now and log into the Integrated
Solutions Console, you cannot view the SIPProxyServer instance. After you
federate the node in the next procedure, you will see the SIPProxyServer instance.
Installing a SIP and XMPP proxy server on AIX, Linux, or Solaris:
for messages that flow into and out your enterprise. To set up a Sametime
Gateway deployment, install a SIP and XMPP proxy server on its own node.
About this task
Information on downloading packages for Lotus Sametime is located in the Lotus

Sametime Download document.
1. Create the temporary file folder /TMP/WASCD .
2. Open a command window and navigate to the folder /TMP/WASCD.
3. Extract all files to the temporary directory /TMP/WASCD. When you are done
extracting the files, you should have a /TMP/WASCD/ifpackage folder with WAS

folder.
6. Unzip the following file:
This step creates the folder /TMP/SametimeGateway.

7.
12. Select SIP and XMPP proxy servers, and then click Next.
13. If you are installing the proxy servers on their own machine, complete the
following sub steps:
a. The WebSphere Application Server installation directory dialog is
b. Click Next to continue with the installation. The WebSphere Application
14. If you are not installing the proxy servers on their own machine, the
same machine. The new installation for the SIP and XMPP proxy servers adds
a profile to WebSphere Application Server. Click Next, and then click Next
again.
node names you used when installing other Sametime Gateway servers.
Choose a unique node name and cell name for this installation. If the supplied

Option Description
acmeNodeProxy.
server1.acme.com
Gateway. Use the credentials that you created when you installed the
Deployment Manager. The user ID must not exist in the LDAP directory.
Passwords must not contain accented characters or any of the following
characters:
;*!?"/<>|+&'`[]%^
17. Click Next. If you are installing the proxy servers on their own machine, you
now see the default directory path where Lotus Sametime Gateway will be
installed. To change the location, click Browse and select a desired location, or
type a new path.
changes.
What to do next
Proxy servers:
A proxy server acts as a surrogate for the Lotus Sametime Gateway servers within
the enterprise. The node that hosts the XMPP or SIP proxy server hosts the public
XMPP or SIP domain of the enterprise. The SIP proxy is capable of securing the
transport, using secure sockets layer (SSL), and the content, using various
authentication and authorization schemes.

A SIP proxy server facilitates automatic load balancing, affinity matching, and
failover for a cluster of Lotus Sametime Gateway servers. It’s also the preferred
place to configure the connection settings for external domains, since it directly
manages all such connections when in use. You must set up a cluster with at least
one node before creating a SIP proxy server. You can run a SIP proxy server on an
Lotus Sametime Gateway server node, or create a separate node, on which Lotus
Sametime Gateway is not installed, to be the SIP proxy server node.
After you set up a Lotus Sametime Gateway cluster and a SIP proxy server, you
can add external communities to Lotus Sametime Gateway. Lotus Sametime
Gateway prompts you for the relevant connection settings (host name, port
number, transport protocol), and then creates the SIP Uniform Resource Indicator
(URI). The SIP URI is sent to the SIP container in WebSphere Application Server
which sends it to the SIP proxy server to route the request to the appropriate
destination. There is no need to set the domain, host, port, or transport protocol in
the SIP proxy server as all this information is set in Lotus Sametime Gateway.
Multiple proxy servers
You can set up multiple proxy servers for load balancing, better Web response, and
high availability. WebSphere Application Server does not support the clustering of
SIP or XMPP proxy servers, but you can set up more than one proxy server in
front of an Lotus Sametime Gateway cluster. This configuration provides multiple
entry points into the Lotus Sametime Gateway cluster while providing workload
balancing. Multiple proxy server can be fronted by a simple IP sprayer, such as the
SIP Load Balancer component included in WebSphere Application Server that
handles IP spraying to multiple proxy servers. If a proxy server fails, the affinity is
to the container and not to the proxy itself so there is one less potential failure
along the message flow.
Federating the proxy server node into the cell:
After you install the SIP and XMPP proxy server node, you must federate the node
into the Deployment Manager’s cell so that the proxy server becomes part of the
cluster.
Before you begin
Expected state: The Deployment Manager is running.
About this task
To federate or add the proxy server node into the cell, you run the addnode
command on the proxy server node and specify the hostname of the Deployment
Manager.
1. Log into the proxy server node’s operating system.
2. IBM i only: On the command line, run the STRQSH (Start Qshell) command.
3. Synchronize the system clocks on the Deployment Manager and the proxy node
so that they are within five minutes of one another and are set for the same
time zone.
Federation fails if the clocks are not synchronized within five minutes of each
other.
4. On the proxy server node, open a command window and navigate to the

5. IBM i only: Run the following command to obtain the
SOAP_CONNECTOR_ADDRESS port number. Make a note of the port number
as you will need it to add nodes to the cluster:
dspwasinst
6. Run the following command to add the proxy server node to the Deployment
Manager’s cell:
./addNode.sh DM_server_host_name DM_port_number -includeapps
Windows
IBM i:
addNode DM_server_host_name DM_SOAP_port -username WAS_Admin_user_name_on_DM
-password WAS_Admin_password_on_DM
where:
v DM_server_host_name is the resolvable host name of the Deployment
Manager.
v DM_SOAP_portis the port that the Deployment Manager’s SOAP port is
listening on.
v WAS_Admin_user_name_on_DM is the user ID of the WebSphere Application
Server administrator account on the Deployment Manager.
v WAS_Admin_password_on_DM is the password associated with the
WebSphere Application Server administrator account.
For example:
addNode gateway_dm.acme.com 8879 -includeapps -username wasadmin -password waspassword
Node MyProxyNode has been successfully federated.
8. Verify that the proxy servers are installed correctly:
console).
can see changes.
b. Click Servers → Proxy servers. You should see the SIP proxy server.
c. Click Servers → Application Servers. You should see the XMPP proxy
server.
Configuring a SIP proxy server:
Configure the Session Initiation Protocol (SIP) proxy server for a cluster of IBM
Lotus Sametime Gateway servers. There is no need to configure external domains
in the SIP proxy server; this is done through the Lotus Sametime Gateway
configuration.
Before you begin
Set up a cluster with at least one secondary node and install the SIP and XMPP
proxy servers on the same physical hardware as a Deployment Manager, primary
node, or secondary node, or install the proxy servers on separate hardware. The
SIP and XMPP installation creates a new profile for the SIP and XMPP proxy
servers.

About this task
After you finish setting up a SIP proxy server, you’ll have a port number. You
provide the port number in combination with the domain name of the node on
which the SIP proxy server runs to external servers to connect to your Lotus
Sametime Gateway.
Assigning the SIP proxy to work with the Lotus Sametime Gateway cluster:
Assign the SIP proxy server to function with the IBM Lotus Sametime Gateway
cluster.
1. In the Integrated Solutions Console, click Server Types → WebSphere proxy
servers.
2. In the ″WebSphere proxy servers″ page, click the SIPProxyServer link
corresponding to the proxy server you want to update.
3. Click SIP Proxy server settings → SIP Proxy settings.
4. From the drop down list, select the Lotus Lotus Sametime Gateway cluster.
5. Click OK then click Save, and then click OK again.
Configuring the SIP Proxy server to listen on ports 5060 and 5061:
Configure the IBM Lotus Sametime Gateway cluster’s SIP Proxy server to listen on
ports 5060 and 5061.
Before you begin
Configure a cluster of Lotus Sametime Gateway servers.
About this task
Public instant messaging providers require you to accept connections on ports 5060
and 5061, so you will need to confirm that the SIP Proxy server’s host name is
resolvable and is listening on these ports. If the cluster’s SIP Proxy server is
installed on a node that is already hosting Lotus Sametime Gateway, and the SIP
Proxy server is not already listening on ports 5060 and 5061, reconfigure the port
settings as follows:
1. Determine which ports the SIP Proxy server is currently listening on:
a. On the cluster’s Deployment Manager, log in to the Integrated Solutions
Console as the WebSphere administrator.
b. Click WebSphere proxy servers → SIPProxyServer → Ports.
c. Check the listening ports for the following names:
v PROXY_SIP_ADDRESS
v PROXY_SIPS_ADDRESS
If PROXY_SIP_ADDRESS listens on port 5060 and PROXY_SIPS_ADDRESS
listens on port 5061, you can skip the rest of this task. Otherwise, proceed to
the next step to change the port settings.
2. Determine whether any nodes share the IP address and host name with the SIP
Proxy server.
If another node shares the IP address and host name, change the default host
port settings for that node to avoid a conflict with the SIP Proxy server.
a. Still on the Deployment Manager, click System Administration → Nodes.

b. Check whether any nodes use the same IP address and host name as the
SIP Proxy server.
c. If a node does share the IP address and host name, check its port settings
for the following names:
v SIP_DEFAULTHOST
v SIP_DEFAULTHOST_SECURE
d. If SIP_DEFAULTHOST is not set to 5060 and SIP_DEFAULTHOST_SECURE
is not set to 5061, skip to step 3.
e. If ports 5060 and 5061 are already in use, change those settings now by
setting:
v SIP_DEFAULTHOST to port 5080
v SIP_DEFAULTHOST_SECURE to port 5081
f. Save your changes to the master configuration by clicking Save when
prompted.
3. Now reset the SIP ports on the SIP Proxy server to use ports 5060 and 5061:
a. On the Deployment Manager, click WebSphere proxy servers →
SIPProxyServer → Ports.
b. Change the port settings for the following names:
v PROXY_SIP_ADDRESS to port 5060
v PROXY_SIPS_ADDRESS to port 5061
c. Save your changes to the master configuration and synchronize the nodes in
the cluster:
WebSphere Application Server displays a message prompting you to save
changes to the master configuration. Select the Synchronize nodes option
before clicking the Save button.
Creating a virtual host for the SIP proxy:
Create virtual host definitions for ports 5060 and 5061.

1. To identify the SIP proxy port number in the proxy server table, click the name
of the SIP proxy server that you created.
2. Under Proxy Settings, select SIP proxy server settings → SIP Proxy server
transports.
3. Make a note of the port number defined for SIPS_PROXY_CHAIN. The port
number in combination with the domain name of the node on which the SIP
proxy server runs is needed for configuring external servers to connect to your
Lotus Lotus Sametime Gateway server.
4. Now move to the Environment section if the Integrated Solutions Console.
5. Click Virtual Hosts → default_host → Host Aliases → New.
6. Verify the virtual host definitions for 5060/5061. If the virtual host is not
defined, define the new alias as follows:
a. Add * to the Host Name field.
b. Add 5060 to the Port field.
c. Click OK.
d. Click Save.
The additional Virtual Host entry is needed if the default ports are not added
during installation. Port 5060, however, only covers non-TLS installs. For secure
setups, the following entry may also need to be added: *:5061
Create custom properties for the SIP proxy server:

Define custom properties that will instruct the SIP proxy server to return ″503
Service Unavailable″ when the server is down, rather than the default error ″404
Page not found.″
Create two custom properties for the new SIP Proxy server as follows:
The new properties will instruct the SIP Proxy server to return ″503 Service
Unavailable″ when the server is down, rather than the default error ″404 Page not
found.″
1. In the Integrated Solutions Console, click Servers → Proxy Servers →
your_new_SIP_proxy.
2. Click SIP Proxy server settings → SIP Proxy settings → Custom properties.
3. Click New, enter the following information, and then click OK.
Name lsnLookupFailureReasonPhrase
Value Service Unavailable
Name lsnLookupFailureResponseCode
Value 503
5. Click Save.
Tuning the SIP proxy:
This sections describes the steps for tuning a SIP proxy.
About this task
Tune the JVM garbage collection policy for the SIP proxy server as follows:
SIPProxyServer.
2. Perform the following instructions for each of the sip proxies in the list:
a. Select a proxy server by clicking it in the list.
b. Under Server Infrastructure, click Java and Process management → Process
Definition.
c. Under Additional Properties, click Java Virtual Machine.
d. In the Initial Heap Size field, enter 600.
e. In the Maximum Heap Size field, enter 600.
f. In the Generic JVM arguments field, enter the following value as one
continuous line :
-Xmo60m -Xgcpolicy:gencon -Xgc:noAdaptiveTenure,tenureAge=8,
stdGlobalCompactToSatisfyAllocate -Xtgc:parallel
g. Click OK, and click Save to save changes to the master configuration.
Configuring the Gateway cluster and SIP proxy for a NAT environment:
Configure a cluster of IBM Lotus Sametime Gateway servers to operate in a NAT

(Network Address Translation) environment.

Before you begin
Traversing a NAT environment is known issue in the SIP domain. There are several
ways to solve this issue, while some of them have been formed as IETF standard
(RPORT, STUN and ICE), others have been formed as proprietary solutions. So
what is the problem? Some of the SIP communication parameters contain the Fully
Qualified DNS Name (FQDN) or the IP address, and the port, but a SIP device
deployed in a NAT environment does not know how it will be seen from the
internet because the NAT device translates the IP address. The SIP message will
contain IP address and port – which are not accessible from the internet. There are
several paradigms to solve this issue:
v SIP Friendly NAT device – NAT devices that can analyze a SIP message and
then replace the IP address and ports listed inside of it. This solution does not
support encrypted SIP communication such as TLS.
v IETF Standard – a method using a standardized protocol such as RPORT, STUN,
or ICE.
Currently, the IBM WebSphere SIP infrastructure does not provide a solution to
this problem because it does not support any of the IETF standards. Therefore, any
SIP application deployed on WebSphere has to develop its own solution. The
solution provided here assumes that you have the following elements in your
deployment:
v A clustered environment, with one ore more clustered servers.
v A SIP proxy server federated to the cluster.
v All cluster members (including the SIP proxy server) are deployed within the
same subnet.
v A static NAT is defined in the NAT or firewall; the public IP address should be
mapped to the SIP proxy server’s internal IP address.
About this task
The following diagram illustrates the NAT environment that this solution was
designed for:

Limitations:
v Only static NAT is supported
v A single SIP proxy deployment was tested; a multiple-SIP proxy deployment
was never tested but can be applied with the same setting.
v Single-server deployment is not supported, but a clustered deployment which
contains only one server is supported.
1. Map a fully qualified domain name to the public IP address serving the Lotus
Sametime Gateway.
This FDQN will be used when registering the Gateway for provisioning with
Yahoo! and AOL, as well as in the SRV record used for communicating with
Google.
2. Install the SSL certificate.
The CN name for the certificate should be the one defined as FQDN mapped to
the public IP in step 2. For example, the diagram above uses the FQDN
gw.ibm.com. For information on requesting the certificate, see Creating a
certificate request.
3. Define a custom property to map the cluster FQDN for traversing the NAT:
Define a custom property to enable communications in a NAT (Network
Address Translation) environment. Traversing NAT is known issue for the SIP
domain; defining the ″FQDN″ custom property for Lotus Sametime Gateway is
a workaround for this issue. Before beginning, make sure the following
requirements have been satisfied:
v A static NAT should be defined in the NAT or Firewall (only static NATs are
supported).
v The public IP address should be mapped to the SIP proxy internal IP
address.
v A fully qualified domain name must be mapped to the public IP address
serving the Lotus Sametime Gateway.
This FDQN will be used when registering the Lotus Sametime Gateway for
provisioning with Yahoo! & AOL, as well as the SRV record used for
communicating with Google .
a. Log in to the Integrated Services Console as a Lotus Sametime Gateway
administrator.
b. Click System administration → Cell → Custom Properties.
c. Click New and enter information for the new custom property:
Name Type com.ibm.sametime.gateway.fqdn as the name of

the new property.
Value Type your fully qualified domain name.
Description Type a description of the new property.
d. Click Apply, and then click OK.

e. Perform a full synchronize with the nodes:
1) In the Deployment Manager’s Integrated Solutions Console, click
System administration → Nodes.
2) Click Full Resynchronize.
f. Restart all Lotus Sametime Gateway nodes.
For example, If you set the custom property to gw.ibm.com (and the port is set
to 5070), the INVITE SDP would look like this:

v=0
o=- 0 0 IN IP4 gw.ibm.com
s=session
c=IN IP4 gw.ibm.com
t=0 0
m=message 5070 sip null
4. Enable the SIP Proxy IP Sprayer:
a. In the Integrated Solutions Console, click Servers → Proxy Servers.
b. Select the SIP proxy server from the list.
c. Click SIP Proxy Server Settings → Enable SSL sprayer.
d. Apply the following settings:
v Enable SSL sprayer
v Set the SSL host to the FQDN (in our diagram gw.ibm.com)
v Set the port to 5061.
e. Restart the proxy and the Lotus Sametime Gateway server.
Configuring the XMPP proxy server:
Configure the XMPP proxy server to allow Google Talk, and other XMPP-based
instant messaging systems to flow to and from the Sametime Gateway.
Before you begin
Expected state: the SIP and XMPP proxy server node is installed and federated into
the cell. A Sametime cluster has been installed. The Deployment Manager is
started.
1. On the Deployment Manager node, log into the Integrated Solutions Console.
2. Click Servers → Application Servers and select the XMPPProxyServer from
the list.
3. Click Ports.
4. Click New to add a port.
5. Select User-defined Port .
6. Type XMPP_INTERNAL_PORT in the Specify port name field.
7. In the Host name field, type the IP address of the machine on which
XMPPProxyServer is installed.
8. In the Port field, type 5271.
A note about ports:
v XMPP_INTERNAL_PORT is used for listening to traffic from the proxy
server.
If the XMPPProxy and XMPPServer are running on the same physical
computer, they will attempt to listen to the same default value of
XMPP_INTERNAL_PORT which is 5271. As a result, the proxy will listen to
the incoming connections from the server, and the server will listen to the
proxy. In order to break this endless loop, set XMPP_INTERNAL_PORT to
another value for the proxy (for example, 5272).
v XMPP_SERVER_ADDRESS port is used on the proxy server itself to listen
to traffic from an external community.
The XMPP_SERVER_ADDRESS port (5269) is unrelated to the ″port 5269″
value that appeared on the XMPP community page when you created the

community. That community page port refers to the port that the external
community is listening on, and is used when Lotus Sametime Gateway
performs a DNS-SRV record lookup.
If you need to change a default port, click Application Servers → Server Name
and, under the ″Communications″ section, click Ports .
9. Click OK and Save.
10. In the Integrated Solutions Console, click System administration → Cell.
11. Under Additional properties, click Custom Properties, and click New.
12. Create Name and Value pairs for the Sametime Gateway cluster, XMPP proxy
node name, and XMPP proxy server name. Type the names and values as they
are spelled out in the table below. For XMPP proxy node name, substitute the
name of the node on which the XMPP proxy resides.
Name Value
STGW_CLUSTER_NAME SametimeGatewayCluster
XMPP_PROXY_NODENAME XMPP proxy node name
XMPP_PROXY_SERVERNAME XMPPProxyServer
13. Click Apply and Save after you type each pair. When you are done, you will
have a table that looks something like this:
Setting up node replication and failover for the cluster:
This optional procedure sets up node replication to provide high availability and
failover support for the cluster. If one member of the cluster goes down, other
nodes can continue to process the SIP request. Use this procedure only if you
require high availability and failover support.
Before you begin
Before you begin, you must install IBM Lotus Sametime Gateway on each node,
add the nodes to a cluster, and then start the cluster and the SIP proxy server.

About this task
Lotus Sametime Gateway offers a comprehensive high availability (HA) solution.

High availability means an environment that doesn’t have a single point of failure.
A SIP cluster that requires replication and failover can consist of many replication
domains, each of which contain a set of two servers. There is no limit set on the
number of servers in a cluster. For performance reasons, each replication domain
should contain two servers only. The replication domain should be set to the entire
domain, which means state is replicated to all servers in the replication domain.
The replication mode must be Both client and server. The distributed session for a
container must be set to Memory-to-memory replication.
1. Click Servers → clusters and verify that the Sametime Gateway cluster is started
and the status is green.
2. Click Servers → Proxy Servers and verify that the SIP proxy is started and the
status is green.
3. Click SIP proxy → SIP Proxy Server Settings → SIP proxy settings and verify
that the cluster in the drop down box is the same Sametime Gateway cluster
defined in the previous step.
4. Click Environment → Replication Domains , and then click New. Do not pick
the GatewayCache. This is the DynaCache used to propagate the configuration
across the cluster, and is not used for SIP session replication.
5. Type a name for the new replication domain.
6. Under Number of Replicas, select Entire Domain so that the SIP session is
replicated to all members in the domain, and click OK.
7. Click Servers → Application Servers, and then select a member of the cluster.
a. Under Container Settings, clickSession management.
b. Under Additional Properties, click Distributed environment settings.
c. Under Distributed sessions, click Memory-to-memory replication. The
distributed session option will become enabled once configured.
d. Under Replication domain, select the replication domain that you created in
previous steps.
e. In the Replication mode field, select Both client and server, then click OK,
and then clickSave. Memory to memory replication is now enabled for this
member of the cluster.
8. Repeat the previous step for each member of the cluster.
Starting a cluster:
When starting a cluster for the first time, you must start the Deployment Manager,
node agents, and then all Lotus Sametime Gateway servers in the cluster.
Before you begin
Before begin these steps, you must install Lotus Sametime Gateway on each node,
federate the nodes into the cell, run the Cluster Configuration Wizard, and then set
up SIP and XMPP proxy servers for your cluster.
About this task
In the steps that follow, you start the Deployment Manager in a command window
so that you can log in to the Integrated Solutions Console and complete the
remaining steps. After the Deployment Manager is started, you can view the
Integrated Solutions Console pages. However, you cannot view the Lotus

Sametime Gateway administration pages until you start at least one node agent
and the Lotus Sametime Gateway server on that node.
1. Log in to the Deployment Manager node as a user with administrative
privileges.
2. Open a command window (QShell session on IBM i) and navigate to the
stgw_profile_root\bin directory
3. If not already started, start the Deployment Manager with the following
command:
./startManager.sh
Windows
startManager.bat
IBM i
startManager
4. Log in to one of the Lotus Sametime Gateway nodes.
6. Start the node agent with the following command.
./startNode.sh
Windows
startNode.bat
IBM i
startNode
7. Log in to the other nodes, except the Deployment Manager node, and repeat
the previous steps to start the node agent on each node.
Stopping and starting the Deployment Manager:
This topic describes how to stop and start the Deployment Manager.
privileges.
3. Stop the Deployment Manager. Use the administrative user ID and password
that you created when you installed the Deployment Manager. Note that you
do not have to provide the username and password qualifiers in the command;
you can wait to be prompted and then enter your credentials. Type the
following commands:
./stopManager.sh -username username -password password
./startManager.sh
Windows
stopManager.bat -username username -password password
startManager.bat
IBM i
stopManager -username username -password password
startManager
Stopping and starting the node agents:

This topic describes how to stop and start the node agents. Typically, you stop and
start node a node agent by logging onto a node and running the stop node or start
node command. However, for convenience, you can restart all node agents from
the Deployment Manager node by using the Integrated Solutions Console only if
the node agents are running. If they are stopped, you must start the node agents
from nodes themselves.
3. Stop the node agent with the following command:
./stopNode.sh
Windows
stopNode.bat
IBM i
stopNode
./startNode.sh
Windows
startNode.bat
IBM i
startNode
the previous steps to stop and start the node agent on each node.
6. To restart node agents that are already running:
a. Make sure the Deployment Manager is running and log into the Integrated
Solutions Console on the Deployment Manager node.
b. Click System Administration → Node agents .
c. Select all node agents, and then click Restart.
Stopping and starting a cluster:
Complete these steps to stop and start a cluster of Sametime Gateway servers from
the Integrated Solutions Console.
Before you begin
Expected state: the Deployment Manager, node agents, and all servers in the
cluster are started.
About this task
You must restart the cluster when you add, delete, or change a community.
1. Log into the Integrated Solutions Console (http://localhost:9060/ibm/console)
on the Deployment Manager server as a user with administrative privileges.
2. Click Servers → Clusters.
3. Select the Lotus Sametime Gateway cluster, and click Stop, and wait for the
cluster to stop.

5. Select the Lotus Sametime Gateway cluster, and click Start.
6. Click Servers → Proxy servers.
7. Select the SIP proxy server and click Start if it is not already started.
9. Select the XMPP proxy server and click Start if it is not already started.
Stopping and starting servers in a cluster:
This topic describes how to stop or start individual servers or nodes in a cluster.
2. Click Servers → Application Servers .
3. If you want to stop a server, select the application server’s check box and click
Stop.
4. If you want to start a server, select the application server’s check box and click
Start.
Stopping and starting a single server:
Complete these steps to stop and start a single Sametime Gateway server in a
single server environment.
2. Open a command window and navigate to the Lotus Sametime Gateway
profile directory that contains binaries: stgw_profile_root\bin
3. Type the following command to stop the Sametime Gateway server. Note that
RTCGWServer is case-sensitive, and that on all the stopserver commands, you are
prompted to enter your administrative user ID and password that you created.
v Windows:
stopserver.bat RTCGWServer
./stopserver.sh RTCGWServer
v IBM i:
stopServer RTCGWServer
4. Type the following command to start Lotus Sametime Gateway.
v Windows:
startserver.bat RTCGWServer
./startserver.sh RTCGWServer
v IBM i:
Starting the SIP and XMPP proxy servers:
The XMPP and SIP proxy server node is different from other Sametime Gateway
node installation types in that it contains more than one server. Based on the type
of traffic you expect to have in your environment (SIP or XMPP), you can start or
stop the appropriate proxy server instance on the node. This removes the need to
define a proxy server for each type of protocol. If you require the XMPP proxy
functionality only, then start the XMPPProxyServer only. If you need SIP proxy
functionality only, then start the SIPProxyServer only. If you need both, start both.

About this task
Table 12. Instant Messaging Systems and Proxy Servers
Instant Messaging System Proxy Server
Sametime SIP
AOL Instant Messenger SIP
Office Communications Server SIP
Yahoo! Messenger SIP
Google Talk XMPP
Before you start the SIP and XMPP proxy servers, you must add nodes to the
cluster, create the cluster, set up a SIP and XMPP proxy server, and then start the
cluster.
1. On the Deployment Manager node, log in to the Integrated Solutions Console.
2. Choose Servers → Clusters.
3. Verify that the cluster status is Started (shown with a green arrow).
5. Select the SIP proxy server and click Start.
6. Choose Servers → Applications servers.
7. Select the XMPP proxy server and click Start.
Registering a new Gateway cluster with the System Console:
After installing the IBM Lotus Sametime Gateway cluster on IBM AIX, Linux, Sun
Before you begin
Before you register the cluster, verify that you have completed the following tasks,
started.
About this task
Working from the cluster’s Deployment Manager, follow these steps to update
properties files and run the registration utility to register the cluster with the
System Console.
Note: Run this utility only on the Deployment Manager; do not register individual
nodes because they will be registered automatically during the cluster registration.

1. On the Deployment Manager, navigate to the stgw_server_root/IBM/
Note: If a cluster’s Primary Node is installed on the same server as the

Deployment Manager, make sure you are working in the Deployment
Manager’s profile.
3. Update the Deployment Manager’s console.properties file:
a. Open the file for editing.
b. Update the file with the following values:
Table 13. console.properties settings for the Deployment Manager


c. Verify that the remaining settings are appropriate for the Deployment
Manager.
4. Update the Deployment Manager’s productConfig.properties file:
Only the required values in this file are listed here:
Table 14. configProduct.properties settings for the Deployment Manager
DepName Provide a descriptive name for your deployment. It must
be a unique deployment name on the Lotus Sametime
System Console.

Table 14. configProduct.properties settings for the Deployment Manager (continued)
WASAdminPassword Specify the password associated with the WASUserID
LDAPBindPassword Specify the password associated with the LDAPBindDN.
DB2AdminPassword Specify the password associated with the database ID.
CommunityServerHost Specify the fully qualified host name (not the IP address)
of the Community Server registered with the Lotus
CommunityServerPort Specify the port for the Community Server.
Manager.
5. Update the Primary Node’s productConfig.properties file on the Deployment
Manager server:
a. Navigate to the stgw_server_root/IBM/WebSphere/AppServer7/profiles/
DMProfile/config/cells/DMCell/nodes/PNnode directory.
b. Open the file for editing.
c. In the DepName setting, provide a descriptive name for the Primary Node
deployment; it must be a unique deployment name on the Lotus Sametime
System Console.
d. Verify that the remaining settings are appropriate for the Primary Node.
e. Save and close the file.
6. Update the Secondary Node’s productConfig.properties file on the
Deployment Manager server:
a. Navigate to the stgw_server_root/IBM/WebSphere/AppServer/profiles7/
DMProfile/config/cells/DMCell/nodes/SNnode directory.
c. In the DepName setting, provide a descriptive name for the Secondary Node
System Console.
d. Verify that the remaining settings are appropriate for the Secondary Node.
a. Navigate back to the Deployment Manager’s profile: stgw_server_root/IBM/
WebSphere/STgateway/console.
b. Run the utility:
c. When the utility prompts for the cluster’s name, type the name and press
Enter.
The utility registers the cluster, as well as each node, generating a log file called
ConsoleUtility.log and storing it in the console/logs directory. If the
registration is successful, a console.pid will also be generated.
8. Start the Lotus Sametime Gateway cluster, if it is not already running.
Performing a silent installation:

IBM Lotus Sametime Gateway can be installed silently using a response file. You
can either generate your own response file by installing using the install wizard, or
by editing the default response file that is provided.
Performing a silent installation on Windows:
Before you begin

About this task
A response file is a text file that contains all the options that would normally be
specified in the installation dialogs. Silent installation is useful in situations where
automation is desired.
To perform a silent installation, you have to create a new response file or edit the
existing response file that is included with the product. On the root of the Lotus
Sametime Gateway installation CD is a fully-documented response
file: installresponse.txt. Copy this file to the machine and edit it with values
appropriate for your environment, or complete the following steps to create a
response file based on a real installation.
1. From the installation media, copy and extract the files from the following Lotus
Sametime Gateway installation image to a temporary directory \TMP on the
machine where you will be installing Lotus Sametime Gateway:
C17KCML.exe
2. Open a command window.
3. Navigate to the directory where you copied and extracted the installation files:
\TMP\SametimeGateway
4. Record a response file by typing the following command. This will perform an
installation and generate a response file:
install.bat -options-record response_file
where response_file is an absolute path to the response file to be generated. For

example:
install.bat -options-record C:\TMP\SametimeGateway\gatewayOptions.txt
5. Once a response file is created, either by modifying the installresponse.txt
file included with the installer, or by generating your own response file, open a
command window.
6. Type the following command to use the response file that you created:
install.bat -options response_file -silent
What to do next
Upon completion of the installation, control will return to the command window.
Validation or installation errors are logged to the installation log file.

Note: Generating response files using the -options-record option puts clear text
passwords in the response file.
About this task
Server.
Servers.
Servers.
Add.
entered.
6. Click OK.
Performing a silent installation on AIX, Linux, or Solaris:
Before you begin


About this task
Sametime Gateway installation CD is a fully-documented response file:
installresponse.txt. Copy this file to the machine and edit it with values
Note: The installation program installs both WebSphere Application Server and
Sametime Gateway.
1. From the installation media, copy and uncompress the following Lotus
Sametime Gateway installation image to a temporary directory /TMP on the
machine where you will be installing Lotus Sametime Gateway:
C17KBML.tar
2. Open a command window and type the following command to source the DB2
profile:
Note the period (.) and space before /db2adminHomeDir/sqllib/db2profile.
3. Navigate to the directory where you copied and extracted the installation files:
/TMP/SametimeGateway
./ install.sh -options-record response_file
where response_file is an absolute path to the response file to be generated. For

example, in Windows:
./ install.sh -options-record TMP/SametimeGateway/gatewayOptions.txt
command window.
6. Type the following command to install using the response file:
. /install.sh -options response_file -silent
What to do next

About this task
Server.
Servers.
Servers.
Add.
entered.
6. Click OK.
Troubleshooting installation:
These steps help you troubleshoot installation problems by describing how you can
use a different tables pace name for the database and how you can clean your
system of previous installations.
About this task
Many installation problems are caused when the installer cannot locate the
database or when installing a new instance of Sametime Gateway and a previous
installation has not been completely removed from the system. The following steps
describe how to use a different table space in the database or clean your system of
previous installations.
1. Open the installation log file at stgw_server_root\logs\installlog.txt
2. If log reports an error in finding the DB2 database, check to make sure you are
using the table space name USERSPACE1. Sametime Gateway expects USERSPACE1
by default. To install using a different table space name, use the following
command when you run the installer:

install.bat -VTableSpaceName="tableSpaceName"
Where tableSpaceName is the name of the table space that you want the installer
to use.
3. To clean your system of previous installations, use the log to find the location
of the Install Shield Multiplatform (ISMP) database called the Vital Product
Database (VPD). For example, examine this log entry from Windows (formatted
to fit on the page):
(Nov 24, 2007 2:22:22 PM), stGwInstall,
com.ibm.rtc.gateway.install.CheckVPDRegistry, msg1,
using VPD registry at C:\Program Files\Common
Files\InstallShield\Universal\common\Gen2\_vpddb\vpd
The location of this registry varies from system to system. On windows, VPD is
usually found in the \Program Files\Common Files\InstallShield\Universal\
common\Gen2 folder. If a Sametime Gateway server is uninstalled, but an error
occurs and the product is not unregistered, the VPD shows that Sametime
Gateway is installed on the system. When a new installation is initiated, and a
previously installed Sametime Gateway server is detected, the installer prompts
you to upgrade or install a new version, or the installer forces you to install a
Deployment Manager server or a Primary Server on the same system. None of
these scenarios are desired because there are no Sametime Gateway servers
installed on the system.
4. Back up the Gen2 folder. Note that the VPD registry may be used by other
programs that are installed with InstallShield, so removing this registry may
interfere with other programs. It’s recommended that you do not remove the
Gen2 folder unless absolutely necessary.
5. Remove the original Gen2 folder.
6. If installing on Windows, delete the following left over files:
C:\Windows\.nifregistry
C:\Windows\vpd.properties
7. Start the installation again.
Installing the WebSphere Application Server Update Installer

Use the WebSphere Application Server Update Installer to add required software
updates.
About this task
Follow these steps to download the update package and install the IBM Update
Installer, which is needed for installed software updates for WebSphere Application
Server.
1. Log in with the same user account used to install the Sametime software.
2. On the local system, create a directory to store the update files, such as
stwas_fixes.
3. Download the IBM Update Installer package if you have not already done so.

4. Extract the package to the local fixes directory you created.
5. In the UpdateInstallers subdirectory of the package you extracted, extract the
updateInstaller package for your platform.
6. Navigate to the directory where you extracted the Update Installer and run
the install program.
./install
Windows
install.exe
7. The installation wizard initializes and displays the Welcome screen.
a. Linux Red Hat and Linux zSeries® users: if you select the documentation
links in the installation program for the Update Installer, your Web
browser might not launch. The path to the Web browser is not included in
your PATH environment variable. To resolve this problem, you can add
the Web browser path to your PATH environment variable, and rerun the
installation program.
b. Click Next to continue.
8. The License agreement screen is displayed. Read the license agreement and
accept its terms. After you accept the licensing terms, the installation wizard
checks for a supported operating system and prerequisite patches. If you
encounter a problem such as not having the right prerequisite updates on
your system, cancel the installation, make the required changes, and restart
the installation.
9. The Installation directory screen is displayed. Specify the destination of the
installation root directory.
10. Select the Create a start menu icon to create a shortcut for the Update
Installer. Deselect this checkbox if you do not need a shortcut for the Update
Installer in your start menu. Click Next to continue.
11. The Installation summary panel appears. Review the summary. Click Next to
begin the installation or click Back to make changes to previous panels.
12. The Installation results panel is displayed. Verify the success of the installer
program by examining the completion panel.
a. If you want to launch the Update Installer upon completion of the
installation, select Launch Update Installer for WebSphere Software on
exit.
b. Click Finish to exit the installer.
Installing WebSphere Application Server updates

If you must install additional WebSphere Application Server software updates,
perform this step on each of the servers in your deployment running on
WebSphere Application Server.

Before you begin
To perform these steps, you must have already installed the WebSphere
Application Server Update Installer.
About this task
Follow these steps to install the WebSphere Application Server software updates
required for Sametime 8.5 servers as outlined in the Technote on the IBM Support
Site.
maintained as an IBM Technote at the following Web address:
1. Download the WebSphere Application Server updates package if you have not
already done so.
2. Extract the updates to a local directory such as stwas_fixes.
3. Ensure that you stop all running processes as described in “Command
reference for starting and stopping servers” on page 232.
4. If you have not already launched the WebSphere Application Server Update
Installer, log in with the same user account used to install the Sametime
software, then navigate to the directory where you installed the Update
Installer and run the update program.
./update.sh
Windows
update.bat
5. The Welcome screen is displayed. Click Next.
6. Specify the location of the product that you want updated.
7. Accept the default to Install maintenance. Click Next.
8. At the prompt, enter the directory name containing the Sametime update
packages (for example, stwas_fixes). Click Next.
9. The system will automatically determine the appropriate maintenance
packages based on the version of the product that is installed. Click Next.
10. Before the installation, the Confirmation panel confirms which packages will
be installed. Click Next.

11. After you install the update package, check the installation log to verify that
the install is successful. The log can be found at app_server_root/logs/update/
maintenance_package.install.
12. Start the servers as described in “Command reference for starting and
stopping servers” on page 232.
Results
To verify which updates have been installed, run the versionInfo command from
the app_server_root/bin directory.
Linux
./versionInfo.sh -maintenancePackages > version.txt
Windows
versionInfo -maintenancePackages > version.txt
The command creates a text file that lists all the WebSphere Application Server
updates that have been installed on the system.
Related tasks
“Installing the WebSphere Application Server Update Installer” on page 196
updates.
Deploying the Sametime client to users

The IBM Lotus Sametime Connect client or Lotus Sametime client embedded in
Notes have to be installed on users’ machines to use instant messaging and
meetings. This section gives you information about ways to install these clients.
Sametime Connect client considerations

There are several things you need to know before deploying the IBM Lotus
Sametime Connect client to your users.
About this task
The Lotus Sametime Connect client must be installed on a user’s workstation by

someone with administrative privileges on that computer. Before installing the
client, review the following changes for this release:
v Using Lotus Expeditor to install the Sametime client
If you will use Lotus Expeditor to push the client onto user workstations, be
aware of the following restrictions:
– Do not use non-ASCII characters in the name of the installation directory.
– Do not use long paths (instead create a profile that uses short paths).
– Do not use paths containing non-ISO-8859-1 characters.
These restrictions are discussed in the Lotus Expeditor information center.
v Internet passwords required
Internet passwords are required to log on to IBM Lotus Sametime connect.
Before using Lotus Sametime Connect, each user must have an Internet
password in their Person Document in the Domino Directory or stored in the
LDAP Directory. You may need to inform users of their Internet passwords.

v Supporting IPv6 addressing with the Connect client
Supporting the IPv6 protocol in a Lotus Sametime deployment requires you to
upgrade Lotus Sametime Connect clients to release 8.5 to ensure they can
communicate with Lotus Sametime servers that use IPv6 addresses.
If you support only IPv6 addressing, older clients will not generate error
messages but will appear ″broken″ to users because they cannot communicate
with the IPv6–enabled servers. To avoid lengthy investigations of problems
caused by attempts to use older clients with servers where only IPv6 addressing
is enabled, you should only use clients from release 8.0.2 or later.
If you support both IPv4 and IPv6 addressing, all Lotus Sametime clients can
communicate with the IPv6–enabled servers; just be sure to configure the servers
to listen for IPv4–format addresses as well as IPv6–format addresses.
v Spell checker dictionaries
The U.S. English spell check dictionary is installed automatically, but you can
install spell checker dictionaries for additional languages. The additional
dictionaries are provided as an update site on the client CD and downloaded
image in the optional-components/optional-components-update.zip file. See
“Adding optional features to already-installed clients” on page 209.
Enabling installation of optional client features such as Microsoft

Office Integration
clients.
Before you begin
For example, these optional features are not installed by default; to make them
available to your users, you must either update existing clients or customize the
installation package for new clients.
v Microsoft Office Integration features
v E-mail Integration features
Note: Microsoft Office Integration features are available only for clients running on
Windows.
The administrator decides which features to make available to clients, and which
method to use for installing the client. The following sections explain the available
options in more detail.
Editing the client installation file for a CD or download image:
IBM Lotus Sametime ships with optional client features that you can add to the
default client installations, including Microsoft Office Integration features on
Microsoft Windows clients, E-mail Integration Features, and Spell Checker
Dictionaries.
About this task
Follow these steps to use a customized install.xml file to include optional

features in installations from a CD or download image.

1. Copy the contents of the CD or downloaded image to a local directory. Use this
local directory to make the edits in the next steps.
2. Open the install.xml file for the appropriate client operating system: Open the
file in a text editor.
v Windows
CD\sametimeclient.standalone\deploy\install.xml
3. Customize the install.xml file to remove the comment markers from any
optional features you wish to include in the install.
Optional features are commented out like this:


Everything between the markers is ignored as a comment. To enable a feature,
either copy it and place it outside of the commented section, or move the
comment markers as needed to exclude the feature from the commented
section.
5. Test a base install.
6. Repackage the CD or download image before distributing to your users.
Example: Customized install.xml file for the Sametime Connect client:
The install.xml is the installation manifest, which lists all features shipped with
IBM Lotus Sametime Connect. When you uncomment the optional features in the
list, they become part of the base client install package. You can edit the
install.xml file for installations from a CD, a downloadable image, or from a link
on the Sametime Welcome page.
Original
This example shows the default settings, in which six Microsoft Office Integration
features and two other optional features are commented out. The commented
section begins with 
Note: The lines below have been formatted for readability because it is important
to move entire feature statements.

Modified to enable optional features
Now the Microsoft Office Integration features have been moved outside of the
comment, so they will install automatically. The remaining optional features are
still commented out and will not be installed.

Editing the client installation package for use on the Sametime Welcome page:
Dictionaries. You can customize the installation package and then create an archive
zip file that you post on your Sametime Welcome page for users to download.

About this task
Complete these tasks to create a customized install.xml file and post it for users
to download using a link on the Sametime Welcome page:
Editing the client install file:
About this task

features in installations from the network.
1. Open the install manifest (the install.xml file) stored in the network-install
directory on the Sametime server:
v Windows server
– Windows client: C:\Program Files\lotus\domino\data\domino\html\
sametime\network-install\install\deploy\install.xml
v AIX, Linux, and Solaris servers
– Windows client: /local/notesdata/domino/html/sametime/network-
install/install/deploy/install.xml
v IBM i server
There is no default data directory but the name may be similar to this:
– Windows client: /STserver/domino/html/sametime/network-install/
install/deploy/install.xml
2. Edit both versions of install.xml to uncomment any optional features you
wish to include in the install.

section.
3. Save and close the files.

Original



Making the client installation package available from the Sametime Welcome page:
Perform the following steps to make the network client installer available for
installation from the Sametime Welcome page.
Before you begin
If you want to add any optional client features to the base install for all of your
users, see Enabling installation of optional client features such as Microsoft Office
Integration.
About this task
Note: If the Domino HTTP server has been configured to use SSL with a
self-signed test certificate, users will not be able to download the zip from the
Lotus Sametime Welcome page.
1. Copy the entire contents of the network-install directory from the Lotus
Sametime Connect Network Install Client CD or downloaded image to the
following location on the Sametime Community Server.
server_data_directory\domino\html\sametime\network-install
Note: There are placeholder files in the directory; you must replace them with
the real ones.
These are the default locations for the network-install directory:
Windows
c:\program files\lotus\domino\data\domino\html\sametime\network-install
/local/notesdata/domino/html/sametime/network-install
IBM i
/STserver/domino/html/sametime/network-install
2. (Optional) Set default preferences in the plugin_customization.ini file located
in the deploy directory:
v \network-install\install\deploy
3. Update the installer URL information.
a. Open the \domino\html\sametime\network-install\applet\
download.properties file in a text editor.

b. Set the value of the installer.root.base property to match the correct URL for
the network-install directory on your Sametime server.
For example, if your Sametime server host name is stserver.com:
installer.root.base=http://stserver.com/sametime/network-install
c. Save your changes.
4. Use the ArchiveCreator tool to generate the installer archive zips for each
platform.
These zip files only include the base installer with the Expeditor/Eclipse
platform and the install manifest which can be customized for your
environment. This allows the user to download the zip file, extract it, and run
the installer, which provisions the Lotus Sametime features from the update site
included with the network-install directory.
Windows
a. Open a console window to the \domino\html\sametime\network-install\
bin directory
b. Run the ArchiveCreator tool (ArchiveCreator.bat).
bin directory
b. Run the ArchiveCreator tool (ArchiveCreator.sh).
IBM i
a. Run the following commands:
QSH
cd /server_data_directory/domino/html/sametime/network-install/bin
ArchiveCreator_i5OS.sh
b. Press F3 to Exit QSH.
Editing the installation package for the Lotus Notes embedded client:
Dictionaries. You can customize the installation package for the Lotus Sametime
client that is embedded in Lotus Notes on Microsoft Windows.
About this task
Follow these steps to use a customized install.addon.xml file that includes

optional features in the Lotus Notes embedded client installation package.
2. Extract the sametime.embedded.add-on.OS.yyyymmdd-hhss.zip archive file for
the appropriate client operating system.
v Windows
sametime.embedded.add-on.win.yyyymmdd-hhss.zip
where yyyymmdd-hhss displays a date and time; for example: 20091027-2140.
3. Open the deploy\install.addon.xml file for editing (this is one of the extracted
files).
4. Locate the section that starts with the following statement (near the end of the
file):

5. Remove the comment markers to enable desired features:
v By default, all of the features in this section are disabled because they are
commented out.
v You can enable any combination of features.
v You can enable any, or all, of these features by moving the comment markers
to the appropriate position.
v Make sure to comment entire features (from the opening <feature marker
through the closing /> marker.
v Begin a comment with this marker: 


For example, you may want to enable one or more Microsoft Office Integration
features for clients running on Windows:
Table 15. Microsoft Office Integration features available on Windows
Feature Description
com.ibm.collaboration.realtime.exchange
Provides automatic availability status updates in
Sametime livenames based on Microsoft Outlook
calendar entries.
com.ibm.collaboration.realtime.oi.sharepoint.feature
Provides awareness and instant messaging among
Lotus Sametime users who are using an Office
SharePoint site.
com.ibm.collaboration.realtime.oi.toolbar
Provides an action toolbar in Microsoft Outlook
containing Lotus Sametime instant messaging actions,
including access to the contact list, status, and location
information.
com.ibm.collaboration.realtime.oi.webConfTab
Provides the ability to reserve Sametime meetings from
the Sametime tab in Microsoft Outlook meetings.
com.ibm.collaboration.realtime.oi.smarttags
Provides Sametime instant messaging actions in the
Microsoft Office document Smart Tags menu and the
toolbar for Word, Excel, and PowerPoint.
6. Save and close the deploy\install.addon.xml file.

Example: Customized client install.addon.xml file for embedded client:
The install.addon.xml file is the installation manifest, which lists all features
shipped with the IBM Lotus Sametime embedded client for Lotus Notes. When
you uncomment the optional features in the list, they become part of the base
client install package.
Original
The set of optional features is enclosed in comment markers (all of the features are
within a single comment):

Note: Lines have been formatted here for readability because it is important to
make sure you move entire feature statements.
<feature id="com.ibm.rtc.meetings.embedded.feature"
url="jar:${installer.root}/sametime.embedded.update.site.20091027-2140.zip!/"/>
<feature id="com.ibm.rtc.meetings.feature" version="8.5.0.20091027-1957"
match="compatible" download-size="23446" size="23446" action="install"
shared="true" mergeaction="add"
<feature id="com.ibm.rtc.web.utils.feature"
<feature id="com.ibm.collaboration.realtime.sslite.feature"
version="1.0.0" match="greaterOrEqual" download-size="0" size="0"
action="uninstall" shared="true"

The first three optional features have been moved outside of the comment markers
and are now enabled for installation:
<feature id="com.ibm.rtc.meetings.feature"
version="1.0.0" match="greaterOrEqual" download-size="0"
size="0" action="uninstall" shared="true"



Adding optional features to already-installed clients:
The IBM Lotus Sametime client can be easily updated at any time after the initial
installation.
Before you begin
There are several reasons to install an update, including:

v To install optional features. Sametime ships with several optional features - these
are provided with the release but are not automatically installed.
v To install a new feature that you have purchased from a 3rd party or developed
yourself using the Sametime SDK.
v To install an update that Lotus has provided to fix an existing client feature.
A basic Eclipse update site is provided in the optional-components directory of the

standalone client install CD and downloaded image. It includes all of the optional
features distributed with Sametime, including Microsoft integration features and
spell checker dictionaries for various languages. You can make updates to this site
yourself to remove features you do not plan to distribute, to add your own
features, or to add fixes.
Three options are available for delivering updates to Sametime Connect client
users:
v Automatic Updates: Administrators can provision new or updated Sametime
features to their clients in a ″push″ mode so that all clients use the same set of
features. The push method enables the client to receive updates automatically
whenever he or she logs in to Sametime.

v Optional Updates: Administrators can also provide new Sametime features to
their clients as an option. With the optional method, the user is notified that
optional updates are available when logging in to Sametime. The user selects
which updates to install, if any.
Note: The optional update feature is the recommended approach for any
updates that are not required. If the optional site is configured before the initial
client install, it provides a seamless initial install experience. A user installs the
client, and is presented with a prompt to select optional features at first log in. It
requires less communication and manual interaction than the manual update
method.
v Manual Updates: Administrators either distribute update sites (zip or jar files)
or post them to a Web server, and provide the users with instructions for
manually installing the updates using the tools in the connect client.
About this task
Setting up automatic updates
To set up your server so that client updates are installed automatically, specify the
″Sametime update site URL″ on each of your Sametime servers.
From the Lotus Sametime System Console, open the policies page and update each
of the appropriate policies:
1. Log in to the Sametime System Console, open that server’s Integrated Solutions
Console, select Sametime System Console, and then click Manage Policies →
Instant Messaging.
2. Locate the ″Sametime update site URL″ setting in the Instant Messaging section
of the policy.
3. Specify the URL for the update site where you will post required updates.
Updates of features from this site are required and will be installed
automatically; the client is not provided a choice. For Lotus Sametime 8.0
connect clients, you can specify more than one URL by separating them with
semi-colons or commas.
When the user logs in from the client, the client checks the Sametime update
site URL setting for the appropriate policy on the default Sametime server.
Note: If the URL has not been specified or the setting is not found, the client
will search the preferences.ini file located in the update plugin
(com.ibm.collaboration.realtime.update\preferences.ini) root directory for the
adminUpdatePolicyURL value. (The policy setting was not available prior to
Sametime 7.5.1.)
When the client logs in and connects to the specified update site, it silently
downloads all updated features it finds and installs them. Once installation is
complete, the user receives a textbox announcing that new updates have been
installed and that the user should restart the Sametime client. The user can
click the restart button or press a five-minute delay button. If the user is
involved in chats with other users, he or she can continue to delay restart for as
long as he wishes by continuing to press the restart button at five-minute
intervals. After the restart, the client checks again to see if there are more
updates, and if it finds none, the user is not interrupted again. This update
process takes place each time the user restarts his client and logs in.
Setting up optional updates

To set up your server so that your users are presented with a selection of optional
updates, specify the ″Sametime optional add-on site URLs″ on each of your
Sametime servers.
Instant Messaging.
2. Locate the ″Sametime optional add-on site URLs″ setting in the Instant
Messaging section of the policy.
3. Specify one or more URLs for update sites where you will post optional
updates.
When the user logs in from the client, the client checks the ″Sametime optional
add-on site URLs″ policy on the default Sametime server.
optionalUpdatePolicyURL value. (The policy setting was not available prior to
Sametime 8.0.)
When the client logs in, it scans all of the optional update sites listed to find
any available updates that match the client configuration. If any updates are
found, the client displays a message alerting the user that updates are available
with an option to open the Update Manager (which is pre-populated with the
list of sites defined in the policy). The alert also allows the user to disable
further checking on startup. (This preference can also be set in the Contact List
preferences). From the Update Manager, the user can select which updates (if
any) they would like to install, then follow the instructions in the update
panels to accept the license(s) and complete the install. If any updates are
installed, the client will prompt the user to restart.
Manually installing updates
In Sametime Connect, the user can manually install updates by choosing Tools >
Plug-ins > Install plug-ins. The user can then:
1. Select Search for new features to install, and then click Next.
2. Add an update site:
v If remote, select Add Remote Location..., specify a name for the update site
and provide the URL for the site.
v If a local directory, select Add Folder Location..., and select the directory
where the update site exists.
v If a local archive, select Add Zip / Jar Location... and select the update site
archive.
For example, if you have access to the Standalone client install CD or
downloaded image, you can click New Archive Site.... Then navigate to the
optional-components directory and select optional-components-update-
site.zip.
3. Click OK to add the new update site, and then click Finish. After a short time,
the Update window appears

4. Expand the update site and select the updates you wish to install from the
available list. Then click Next.
5. You must agree to the license terms to continue.
6. In the next window, click Finish to install. Verify by clicking Install.
7. Restart the Client.
Installing the Sametime Connect client from a CD

Users can install the IBM Lotus Sametime Connect client from the standalone client
installer CD or corresponding downloaded image.
Installing the Sametime Connect client from CD on Windows:
installer CD or corresponding downloaded image on a Microsoft Windows client.
Before you begin
If the installation has been customized to install Microsoft Office Integration

features, you must ensure that no Office or Outlook processes are running at the
time of the install. For more information, see the IBM Tech Note 1307607 at:
About this task
Follow these steps to install the Sametime Connect client on a Windows client.
1. If the Sametime Connect client is running, shut it down before attempting to
install the newer version.
2. Important: Make a back-up copy of the directory where the earlier version of
the client is installed, in case you need to revert to it.
3. Navigate to the root of the CD or downloaded image.
4. Double-click setup.exe to begin the installation.
If you have previous releases of the Connect client installed:
v Sametime Connect 7.5.x:
The default operation is to uninstall an existing client, but because the 8.5
client installs to a different directory, you can choose to retain the 7.5.x client
by running the new installation with a special flag, as follows:
setup.exe /v"STUNINSTALL75=0"
The 8.5 client installs to the same path as the 8.0.x client, you cannot retain
the older client when you install the 8.5 client; the new client will replace the
old client.
5. Enter the required information when prompted.
6. When the installation completes, launch the Sametime Connect client; by
default Sametime Connect is installed to C:\Program Files\IBM\Lotus\Sametime
Connect.
Configuring the silent install for Connect client:
You can enable the silent installation of the IBM Lotus Sametime Connect Client on
Windows using two files that are provided on the client standalone installer CD
and the associated downloaded image.

About this task
Copy the setup.bat and the silentinstall.ini files from the root of the CD or
download, and then update them to tailor the installer to your requirements.
Updating the setup.bat file
The batch file (setup.bat) contains several different commands that can be used to
perform different installation functions. Some of the commands are commented out
by default but can be uncommented and updated if the function is needed.
Detailed explanations are included in the setup.bat file.
v Uninstalling older, pre-7.5.x Sametime Connect clients
Three commands are provided to shutdown, uninstall, and cleanup an older,
pre-7.5.x installation of the connect client. These commands are commented-out
by default. If this functionality is needed, uncomment these lines and configure
the paths to the old Sametime install directory as needed for your environment.
v Several sample commands are provided for different methods of executing the
silent install.
– The first option executes the installer silently and uses a silentinstall.ini file to
preconfigure connection settings.
This is the default. If you choose to use one of the other methods, comment
out this command.
– The second option executes the installer silently and migrates the connection
settings from an existing, earlier (pre-7.5) version of Sametime.
This option does not use the silentinstall.ini file. If you choose to use this
method, uncomment this command.
– The third option executes the MSI version of the installer silently, using a
silentinstall.ini to preconfigure the connection settings. If you choose to use
this method, uncomment this command.
The commands in the setup.bat file contain several configuration parameters:

Table 16. Sametime Connect command line parameters
parameter description
install.log The name of the log file created by the
installer. The file is created in the same
directory as the installer.
INSTALLDIR={path} Full path to the desired installation directory
STSILENTINIFILE={name} Name of the silentinstall.ini file
STSILENTINSTALL=TRUE Must be TRUE for silent execution
STMIGRATESETTINGSPRE75CHK Instructs the installer to migrate connection
settings from an existing pre-7.5 version of
Sametime.
LAPAGREE= Set to YES to indicate acceptance of the
license agreement. This must be specified on
the command-line when the silentinstall.ini
file is not used. When silentinstall.ini is
used, LAPAGREE is set in that file.
Updating the silentinstall.ini file

The silentinstall.ini file contains configuration parameters for the Lotus Sametime
Connect client. The settings are used to pre-populate the community-config.xml file
with server connection information and other parameters required by the installer
for silent execution.
Table 17. silentinstall.ini file
parameter description/value
LAPAGREE=NO You must change this parameter to YES to
indicate acceptance of the license agreement.
STSERVERNAME=stservername.domain.com Fully qualified host name of the Sametime
server. Normally this should be the same as
the home Sametime server specified in the
person document.
STCOMMUNITYNAME= Community name
YourCommunityName
STSERVERPORT=1533 Sametime Server IP Port number
STSENDKEEPALIVE=true Flag for sending keep alive signal.
STKEEPALIVETIME=60 Default is 60 seconds. Indicates how often to
check the connectivity between the client
and server, allowing timely notification if
disconnected.
STCONNECTIONTYPE75=direct Connection type
STPROXYHOST=Proxy port number (leave Proxy host name (leave blank if not used)
blank if not used)
STPROXYPORT= Proxy port number (leave blank if not used)
STRESOLVELOCALY75= Proxy resolves local flag (TRUE/FALSE)
STPROXYUSERNAME= Proxy user name (leave blank if not used)
STPROXYPASSWORD= Proxy password (leave blank if not used)

Table 17. silentinstall.ini file (continued)
STCOUNTRYLANG=en Specify one of the Language codes listed
below to set the language used by the
Sametime Connect client. If not specified,
the client machine’s default language will be
used.
v cs - Czech
v da - Danish
v de - German
v el - Greek
v en - English
v es - Spanish
v fi - Finnish
v fr - French
v hu - Hungarian
v it - Italian
v ja - Japanese
v ko - Korean
v nl - Dutch
v no - Norwegian
v pl - Polish
v pt - Portuguese (Portugal)
v pt_BR - Portuguese (Brazil)
v ru - Russian
v sv - Swedish
v tr - Turkish
v zh_CN - Chinese (simplified)
v zh_TW - Chinese (traditional)
STAUTHSERVERURL= Specifies the URL of the Auth Server for
SSO Token Login (leave blank if not used)
See Configuring the Sametime Connect

client for token login for additional
information.
STLOGINBYTOKEN=false Login By Token flag. TRUE/FALSE
STUSEAUTHSERVER=false Use Auth Server flag. TRUE/FALSE
STLOGINATSTARTUP=false Login at startup flag. TRUE/FALSE
STUNINSTALL75=1 Uninstall Sametime 7.5.x client flag:
1=uninstall 7.5.x client if found
0=leave 7.5.x client installed

STUNINSTALLPRE75=1 Uninstall Sametime clients older than release
7.5:
1=uninstall pre-7.5 client if found (default)
0=leave pre-7.5 client installed

Installing the Sametime Connect client from the network
Providing installation files on the network allows users to download the Lotus
Sametime Connect Client without CDs or download images.
Installing the Sametime Connect client from the network on Windows:
When network installation files are available, users can install Lotus Sametime
Connect from a Web browser on Windows.
in the \network-install\install\deploy directory:
2. Using a Web browser, open the Sametime Welcome page on your Sametime
server.
For example, if the fully qualified host name of your Sametime server is
stserver.com, you open http://stserver.com/stcenter.nsf.
3. Click Download Lotus Sametime Connect 8.5 Client to display the ″Welcome
to the IBM Lotus Sametime Connect 8.5 Client Download Site″ page.
4. Click Install Now to begin the download and installation process.
Once all files have been downloaded, the actual client installer will start.
Follow the instructions in the installer and enter the required information to
complete the installation.
Tip: If there are problems running the network client installer applet, or if you
want to install at a later time, you can select Save from the Welcome page
instead. This shows you a downloads page where you can select the operating
system of the installer you wish to save and follow the instructions for
downloading the installer for later use.
Installing the Sametime embedded client for Lotus Notes

Install the IBM Lotus Sametime embedded client to a Lotus Notes client.
Installing the embedded client on Windows:
Install the IBM Lotus Sametime embedded clients on a Lotus Notes client running
on Microsoft Windows.
About this task
The Lotus Sametime embedded client installs directly into the Lotus Notes
directory. If you have already installed a previous version of the embedded client,
it is upgraded to this new version.
1. Download the installation package for the Lotus Sametime embedded client if
you have not already done so.

2. Stop the Lotus Notes client.
3. Double-click the setup.exe file to begin installation:
a. Select a language and click Next.
b. Click Next as needed to proceed through the installation screen.
4. Verify the installation:
a. Help → About IBM Lotus Notes
b. Click Feature Details.
c. Verify that ″Sametime Application″ appears in the list of features with
″8.5.0″ at the beginning of its version information.
d. Close the dialog box.
Installing Sametime Integration for Microsoft Office

IBM Lotus Sametime integration with Microsoft Office allows you to collaborate,
create meetings, and chat with coworkers through Microsoft Office applications.
Lotus Sametime integration with the Microsoft Office SharePoint Server allows
similar collaboration features with coworkers who use Office SharePoint Server as
their instant messaging application.
About this task
You can integrate Lotus Sametime with Microsoft Office to enable users to
collaborate directly within Office applications. You can additionally integrate Lotus
Sametime with the Office SharePoint Server to enable Lotus Sametime users to
communicate with Office SharePoint Server users from a SharePoint site.
Office integration
Integrating Lotus Sametime with Microsoft Office allows Lotus Sametime users to
collaborate directly within Office products by providing awareness and messaging
capabilities within each application. All users must be hosted on Lotus Sametime
servers.
Lotus Sametime Office Integration features require the following applications:

v Microsoft Office version XP, 2003, or 2007
v Microsoft Windows version XP or Vista
Office SharePoint Server integration
Integrating Lotus Sametime with Microsoft Office SharePoint Server extends

collaboration capabilities by providing awareness and instant messaging among
users whose names appear on a SharePoint site. Any Office SharePoint Server
user’s live name that can be resolved using the standard e-mail address field will
be recognized and will display its presence status to a user who is logged into
Lotus Sametime. Clicking on an active SharePoint user displays a contextual Lotus
Sametime menu. During a chat, the Lotus Sametime user is presented with the
complete feature set of Lotus Sametime and its third-party plug ins, including
emoticons, file sharing, image captures, multiway chats, audio, video, telephony,
screen sharing, and chat history.
Integration with Office SharePoint Server is achieved using documented interfaces

from Microsoft Corporation. Deploying this feature requires modifying two
template files on the Office SharePoint Server. In addition, Lotus Sametime
Connect users will need to upgrade their installed client software.

Lotus Sametime integration with the Microsoft Office SharePoint Server requires
the following applications:
v Microsoft Office versions XP, 2003, 2007
v Microsoft Internet Explorer browser, version 6 or higher
v Microsoft Office SharePoint Server service version 2 or version 3, Microsoft
Office SharePoint Portal Server 2003, or Microsoft Office SharePoint Server 2007
v Lotus Sametime 8.5 client with the Lotus Sametime Connect Integrator for
Microsoft Office
v Lotus Sametime server, release 8.5 or higher
The Office SharePoint feature requires only a Lotus Sametime client; other Office
Integration features need not be installed at all, or may be present in any
combination. Complete the tasks below according to the features you wish to
install. The client installation files or update site also need to be enabled to include
the Office Integration features.
Related tasks
clients.
Installing Office Integration:
IBM Lotus Sametime with Microsoft Office allows you to collaborate, create
meetings, and chat with co-workers from Microsoft Office.
Before you begin
Complete the installation of Lotus Sametime servers and clients and install
Microsoft Office before beginning the Microsoft Office integration.
About this task
Lotus Sametime Integration with Microsoft Office offers the following features:
v Sametime Connect integrator for Microsoft Office
v Microsoft Outlook calendar availability
v Sametime Connect integrator for Microsoft Outlook
v Sametime meeting integrator for Microsoft Outlook
v Sametime Connect integrator for SharePoint
Note: When you install Office Integration, you do not have to close any Office,
Outlook, or Internet Explorer process, but Office Integration become available only
after you restart those programs.
Installing the Office Integration features
The following should be performed after the installation of (or upgrade to) Lotus
Sametime Connect client on each machine.
Enabling SmartTags

The Sametime Office Integration feature set adds the SmartTag recognizer which
will start on either the names from the user’s local buddy list or from internet-style
e-mail addresses, for example ″jdoe@acme.com″.
Note: These are in addition to the Lotus Sametime menu items contributed to
Person Name (English) from Lotus Sametime 7.5.1.
v To enable SmartTags, select the Person (Lotus Sametime Recognizer) entry from
the AutoCorrect SmartTag dialog.
v The use of automatic hyperlinks in Office documents will interfere with the new
SmartTag’s ability to recognize e-mail addresses -- you can regain the SmartTag
function by disabling hyperlinks: Clear the ″Internet and network paths with
hyperlinks″ option in ″AutoFormat As You Type″ tab from the
Tools->Auto-Correct Options menu.
Known issues
v The Meeting Integrator feature can support Sametime meeting servers that
require SSL by modifying the syntax of the server name specified in the
Sametime Meeting properties: if SSL is required, include the protocol portion of
the server URL, for example ″https://sametime.mycompany.com″. The syntax
shown in the dialog example, ″sametime.mycompany.com″, is correct for servers
that are accessible by ordinary, non-SSL http.
v If the default e-mail fields read by the Outlook Toolbar are not the appropriate
fields for a customer’s enterprise, the Toolbar can be redirected to use other
fields instead by modifying the file CustomProperties.ini in the Sametime install
folder. The intent is that such modifications would be made by IT experts and
the ini file (text) be distributed to users. If this optional file is not present,
Toolbar uses its default field settings.
Limitations
v The local Outlook user e-mail address must be resolvable in Sametime for the
MyStatus button to properly display status.
v The Meeting Integrator feature is not included in a meeting request that begins
from Outlook’s ″Plan A Meeting″ dialog.
v In a meeting which includes a Sametime meeting, if the Sametime meeting
password is changed after the initial invitation is sent, then the message body
will show more than one password -- the most recent password assignment is
displayed last.
Third Party Limitations

v Microsoft Outlook will cache and retain forms despite the uninstall if the form is
designated to be used.
To fully uninstall and eliminate the ST OnlineMeeting, ST OnlineMeetingRTL,
and STContact custom forms, the user must be sure to set Calendar and Contact
″When posting...″ properties back to IPM.Appointment and IPM.Contact
respectively.
v Microsoft Outlook permits multiple user profiles but is designed to operate
under one profile at a time, which must be selected at Outlook’s launch. Some
Lotus Sametime features must keep the Outlook process running for their
operation, which has implications when a user wants to select or switch profiles.
Outlook can be configured to always use one default profile, or to prompt at
start-up; if you later want to use Outlook with a different profile, you must exit
Outlook, launch it again, and then select the new profile.

If the Lotus Sametime client has been configured to use Outlook for either the
Calendar AutoStatus feature or as the storage location for Chat History, and
Outlook is not already running, Lotus Sametime will silently launch Outlook to
access those features, and then keep it running as a background process with no
user interface. If the user has multiple profiles with no default selected and
Lotus Sametime executes this silent launch, a ″Use Profile″ dialog box will be
provided by Outlook and will be used by the background process. When the
user later starts Outlook, the profile chosen earlier during the Lotus Sametime
start-up will automatically be used; if the user wants to change the profile, he or
she must exit both Outlook and the Lotus Sametime client (which in turn stops
the Outlook process running in the background).
Installing the Meeting Integrator:
IBM Lotus Sametime Meeting Integrator allows you to use the Calendar feature
within Microsoft Office even though you do not have the Sametime Client
installed.
About this task
Note: When you install Office Integration, you do not need to close Microsoft
Outlook, but the Meeting Integrator becomes available only after you restart
Outlook.
To install IBM Lotus Sametime Meeting Integrator (sametime-outlook-integrator-

8.5.exe), launch the installer and work through the screens from install to license. If
you have closed all the Outlook Processes Running during installing, the fix is
installed successfully onto Outlook. If you have not closed all the Outlook
Processes Running during installing, the fix is installed completely only after you
restart Outlook.
Known issues
The Meeting Integrator feature can support Sametime meeting servers that require
SSL by modifying the syntax of the server name specified in the Sametime Meeting
properties: if SSL is required, include the protocol portion of the server URL, for
example ″https://sametime.mycompany.com″. The syntax shown in the dialog
example, ″sametime.mycompany.com″, is correct for servers that are accessible by
ordinary, non-SSL http.
Limitations
The Meeting Integrator feature is not included in a meeting request that begins
from Outlook’s ″Plan A Meeting″ dialog. In a meeting which includes a Sametime
meeting, if the Sametime meeting password is changed after the initial invitation is
sent, then the message body will show more than one password -- the most recent
password assignment is displayed last.
Setting up the Meeting Integrator for a secure connection:
Install the SSL certificate on the client to use the Meeting Integrator successfully on
Sametime servers running on a secure connection. The Sametime Meeting Server
runs on a secure HTTPS connection by default.

About this task
Follow these steps to install the certificate.

1. Open Internet Explorer to connect to the Sametime server over HTTPS.
2. At the Security Alert dialog box, click View Certificate.
If you do not see a dialog box, double-click the lock icon located in the bottom
right corner of the window.
3. The Certificate dialog box shows the certificate properties. Open the
Certification Path tab.
The root certificate shows a red X because it is not yet trusted.
4. Select the root certificate and click View Certificate.
A dialog box shows the properties of the root certificate.
5. Click Install Certificate.
6. When the wizard starts, click Next.
7. On the next screen, select Automatically select the certificate store based on
the type of certificate and click Next.
8. Click Finish.
At the prompt, click Yes to trust the root certificate.
9. After receiving a confirmation that the certificate was correctly installed, close
and reopen Internet Explorer and connect to the Sametime server again.
If the certificate was installed properly, the Security Alert no longer appears.
Troubleshooting Microsoft Office integration:
If the Microsoft Office integration does not work properly in your IBM Lotus
Sametime deployment, you may need to adjust the Lotus Sametime server
configuration.
Troubleshooting the Lotus Sametime Integrator for Microsoft Outlook
The Lotus Sametime Integrator for Microsoft Outlook (or “Outlook toolbar”) works
by asking Lotus Sametime to process an identifier phrase – in the Outlook case, the
phrase is an e-mail address. The key to getting full functionality from the Outlook
toolbar is to configure the Lotus Sametime server to resolve the e-mail ″phrases″
found by the toolbar.
The most common symptom of resolution problems is that the Target Contact
button is not updated to show the Lotus Sametime display name and status, but
instead continues to show an e-mail address, such as “jsmith@acme.com” or
“JSMITH” (a CN portion of an X.400 address). There will always be e-mails from
external parties that will remain unresolved, but addresses for Lotus Sametime
user should resolve.
Troubleshooting has four steps, described in more detail below: enable logging,
find the resolution request, check the phrase, and, if necessary, adjust the Lotus
Sametime server configuration.
Enabling Logging
Begin troubleshooting this problem by enabling the log files in the Lotus Sametime
client. As any new e-mail address is encountered, an XML message is sent from the
Outlook toolbar to the Lotus Sametime client for lookup processing. These
messages can be echoed into the client logs. The configuration information for a
user is stored in a workspace under the user’s Documents and Settings folder,
under the path Documents and Settings\User\Application Data\Lotus\Sametime\
.config. The rcpinstall.properties file located here is processed on each launch
of the client.
Open this and add the following line to the end of the file:
com.ibm.collaboration.realtime.brokerbridge.level=FINE
On all subsequent launches, the XML traffic between the Lotus Sametime client
and the Office Integration features will be logged to the trace-log-N.xml files in
the Application Data\Lotus\Sametime\logs folder.
A few tips will simplify using these logs:

v Focus the troubleshooting effort on just one Office application – so avoid
opening other Office applications or SharePoint pages, because their message
traffic will overlap the Outlook messages and make the logs larger.
v The Lotus Sametime client usually needs to be exited to complete the writing of
the logs – the easiest approach is to start Lotus Sametime, click a few problem
e-mails, then exit the client and examine the logs.
v The logs are designed to be opened in a browser from the Application
Data\Lotus\Sametime\logs folder, which contains formatting files to create tables
of output.
Finding the Resolution Request
Once the trace log is opened, use the browser’s function to search for text in the
page and search for the phrase “liveNameResolve”. This XML message is the type
used by Outlook toolbar to request resolutions – because e-mail addresses map
uniquely to one person, the toolbar is using the lookup service which returns only
unique matches. Once the table row containing a liveNameResolve is found, the
target phrase is located in the lookupName section – this in turn is an array of one
or more phrases, in stringArray\data nodes. As a concrete example, an e-mail
within the STOIDEV enterprise from user John Doe might cause a
liveNameResolve like this one:
<?xml version="1.0" encoding="utf-8" ?>
<messageSet version="1.0" signed="false">
<liveNameResolve typeVersion="1.0">
<lookupNames valueType="stringArray"><stringArray length="1">
<data><!<CDATA<CN=John Doe,CN=Users,DC=stoidev,DC=com>>></data>
</stringArray> </lookupNames></liveNameResolve><signature /> </messageSet>
This example has been formatted for this page – it may appear as a single line in
the logs. So the e-mail address phrase here is CN=John
Doe,CN=Users,DC=stoidev,DC=com.
Note that in this example (from a real Exchange test set-up) this particular format
of the e-mail address is NOT ordinarily displayed to the Outlook user – instead,
the user sees “John Doe” or “jdoe@stoidev.com” displayed in Outlook documents
and dialogs.
Checking the Phrase
A quick check for resolution results can be accomplished by starting the Lotus
Sametime client and clicking Add Contact. Then, paste the phrase from the
liveNameRequest (CN=John Doe,CN=Users,DC=stoidev,DC=com in this example) into
the User name field of the ″New Contact″ dialog box, and click Lookup. If the

phrase returns a unique result, then the toolbar should likewise get that result and
operate fully for that target contact. If there are no results, or if there are multiple
results, then the toolbar resolution will not be able to display a Lotus Sametime
user for that address.
Adjusting the Server Configuration
Both the Lotus Sametime client and the Outlook toolbar (working within the Lotus
Sametime client), rely on the Lotus Sametime server to associate a particular
phrase with a user. No other communications to directories are in use – if the
Lotus Sametime server cannot establish the association, the Outlook toolbar can
only assume that none exists. However, the Lotus Sametime server has great
flexibility and can be directed to use any of the directory fields at its disposal
when doing this processing.
Authentication settings in the LDAP directory ensure that Sametime users can be
authenticated against entries. The first table entry, called ″Search filter to use when
resolving a user name to a distinguished name″, dictates the query that is used.
Notice that ″mail=%s″ is a recommended setting, and will be successful when the
ID phrase is the SMTP e-mail address ″ajones@acme.com″. For cases like the
example above, the default settings for many Exchange deployments will have this
address phrase, in its entirety, within an attribute called “legacyExchangeDN” – so
a query term “(legacyExchangeDN=%s)” would typically be added as an addition
to the “(mail=%s)” and others present in the filter string. Other cases could require
inspecting available directory attributes to find a suitable match.
One final detail is that the Lotus Sametime server, by default, will skip over
attribute values that are in LDAP canonical format as a single field, but it offers an
override – this override would be required in the legacyExchangeDN case, for
example. To establish the override behavior, edit the Lotus Sametime server’s
sametime.ini configuration file and add this line:
ST_DB_LDAP_ALLOW_SEARCH_ON_DN=1
to the section labeled [Directory]. If there is no such section already, create one by
appending the two lines at the end of the sametime.ini file:
[Directory]
Setting up Office SharePoint integration:
Integrating IBM Lotus Sametime with Microsoft Office SharePoint Server extends
collaboration capabilities by providing awareness and instant messaging between
Lotus Sametime users who are using an Office SharePoint site. System
administrators set up this feature by modifying template files on the Microsoft
Office SharePoint Server as described below. Users add these new capabilities by
using a customized install file to install the optional client feature called ″Sametime
Connect integrator for SharePoint.″
About this task
Complete the tasks below to set up Office SharePoint integration:

Related tasks
clients.
Setting up the Office SharePoint Server:
Set up integration with Microsoft Office SharePoint by modifying template files on

the Microsoft Office SharePoint Server with which you want IBM Lotus Sametime
to communicate.
Before you begin
The user plugin called ″Sametime Connect integrator for SharePoint″ is the client
feature that responds to the server modifications described here. That feature can
be installed on the client at any time, but it will remain dormant until Internet
Explorer views a SharePoint Web page from a server that has been modified as
described in this topic. Likewise, the web pages from a modified server can be
viewed from any client, but the extended functions will only be available on a
client that is running Lotus Sametime Connect and the integrator for SharePoint
plugin.
The Office SharePoint Server integration feature is an optional feature and is not
necessary for enabling integration with Office applications. On the client, the Lotus
Sametime Connect integrator for SharePoint plugin can be installed independently
of other Office Integration features.
Note: Microsoft Communicator must not be configured to run against the Office
SharePoint Server.
About this task
Setting up the SharePoint integration feature requires copying files to the Office
SharePoint Server, using them to modify template files, and then restarting the
server, as described below.
The files that you copy to the Office SharePoint Server in this procedure are
available with the Lotus Sametime package. For details on downloading parts from
the kits, see the Sametime Download document at:
1. Copy the following files from the Lotus Sametime client packages to a
temporary location on the Office SharePoint Server:
These files are stored in the folder called sametimesharepoint:
v SharePointImages.zip
v EnsureIMNControl.js
v Copy the appropriate version of this file for your version of SharePoint:
– IMNGetStatusImage_SharePoint2003.js
– IMNGetStatusImage_SharePoint2007.js
2. Open the folder called Common Files\Microsoft Shared\web server
extensions\12\TEMPLATE.

For most machines, the path will be: C:\Program Files\Common
Files\Microsoft Shared\web server extensions\12\TEMPLATE. You will work
in this folder for the remaining steps.
3. Extract the contents of the SharePointImages.zip file to the \IMAGES subfolder.
For example: C:\Program Files\Common Files\Microsoft Shared\web server
extensions\12\TEMPLATE\IMAGES.
4. Now open the folder called Common Files\Microsoft Shared\web server
extensions\12\TEMPLATE\LAYOUTS\Language_ID.
For example, an English installation will have the Language_ID 1033, and the
path will be: C:\Program Files\Common Files\Microsoft Shared\web server
extensions\12\TEMPLATE\LAYOUTS\1033.
5. Make backup copies of the Init.js and OWS.js template files.
In each of these files, you will replace two functions with newer versions that
support integration with Lotus Sametime, and modify two other functions to
correctly support the presence icon.
6. Replace the EnsureIMNControl function in the Init.js file as follows:
a. Open the Init.js file for editing.
b. Open the EnsureIMNControl.js file that you copied to the server back in
step 1.
c. Copy the EnsureIMNControl function from this file (leave the file open for
now).
d. Back in the Init.js file, search for its own version of the
EnsureIMNControl function, delete that, and paste the newer version in its
place.
7. Now replace the IMNGetStatusImage function in the same manner:
a. Open the IMNGetStatusImage200x.js file that you also copied in step 1.
b. Copy the IMNGetStatusImage function from this file (you can also leave
this file open for now).
c. Back in the Init.js, search for its own version of the IMNGetStatusImage
function, delete that, and paste the newer version in its place.
8. Make two changes to the IMNRC(name, elem) function within the Init.js file
as follows:
a. Locate the function called IMNRC(name, elem).
b. Locate the following statement (approximately 30 lines into the function):
if (typeof(IMNDictionaryObj[id])=="undefined")
c. Change the assignment from IMNDictionaryObj[id]=1 to
IMNDictionaryObj[id]=0 so the ″if″ statement looks like this:
{
IMNDictionaryObj[id]=0;
}
d. At the bottom of the same IMNRC(name, elem) function, there is a section
that looks like this:
if (fFirst)
{
var objRet=IMNGetOOUILocation(obj);
objSpan=objRet.objSpan;
if (objSpan)
{
objSpan.onmouseover=IMNShowOOUIMouse;
objSpan.onfocusin=IMNShowOOUIKyb;

objSpan.onmouseout=IMNHideOOUI;
objSpan.onfocusout=IMNHideOOUI;
}
}
e. Add the following statement as the last assignment within that section:
objSpan.tabIndex=0;
Now that section should look like this (make sure you inserted the
statement in the right place):
if (fFirst)
{
if (objSpan)
{
objSpan.tabIndex=0;
}
}
9. Finally, modify the IMNIsOnlineState function as explained here:
a. Locate the IMNIsOnlineState function.
b. Change the condition from state==1 to state==0 so that the function looks
like this:
function IMNIsOnlineState(state){
if (state==0)
{
return false;
}
return true;
}
10. Save and close the Init.js file.
Next you will make similar changes to the OWS.js file.
11. Replace the EnsureIMNControl function in the OWS.js file as follows:
a. Open the OWS.js file for editing.
b. Open the EnsureIMNControl.js file that you copied to the server back in
step 1.
c. Copy the EnsureIMNControl function from this file (leave the file open for
now).
d. Back in the OWS.js file, search for its own version of the EnsureIMNControl
e. Close the EnsureIMNControl.js file.
12. Now replace the IMNGetStatusImage function in the same manner:
a. Open the IMNGetStatusImage200x.js file that you also copied in step 1.
b. Copy the IMNGetStatusImage function from this file (you can also leave
this file open for now).
c. Back in the OWS.js, search for its own version of the IMNGetStatusImage
d. Close the IMNGetStatusImage.js file.
13. Make two changes to the IMNRC(name, elem) function within the OWS.js file as
follows:
a. Locate the function called IMNRC(name, elem).
b. Locate the following statement (approximately 30 lines into the function):

c. Change the assignment from IMNDictionaryObj[id]=1 to
IMNDictionaryObj[id]=0 so the ″if″ statement looks like this:
{
IMNDictionaryObj[id]=0;
}
d. At the bottom of the same IMNRC(name, elem) function, there is a section
that looks like this:
if (fFirst)
{
if (objSpan)
{
}
}
e. Add the following statement as the last assignment within that section:
objSpan.tabIndex=0;
Now that section should look like this (make sure you inserted the
statement in the right place):
if (fFirst)
{
if (objSpan)
{
objSpan.tabIndex=0;
}
}
14. Finally, modify the IMNIsOnlineState function as explained here:
a. Locate the IMNIsOnlineState function.
b. Change the condition from state==1 to state==0 so that the function looks
like this:
function IMNIsOnlineState(state){
if (state==0)
{
return false;
}
return true;
}
15. Save and close the OWS.js file.
16. Restart the Office SharePoint Server.
Related reference
“Troubleshooting Office SharePoint integration” on page 229
If the Microsoft Office SharePoint integration does not work properly in your IBM
Lotus Sametime deployment, you may need to modify how Lotus Sametime
processes the identifier phrase being used by the Office SharePoint Server.
Verifying the Office SharePoint integration setup:

Use the IBM Lotus Sametime Connect client with the Lotus Sametime Connect
integrator for SharePoint to verify that the Microsoft Office SharePoint integration
feature is working correctly.
Before you begin
Set up the Office SharePoint Server by modifying template files as described in

″Setting up the Office SharePoint server.″ On the client machine, install Lotus
Sametime Connect with the optional feature called ″Sametime Connect integrator
for SharePoint.″
About this task
When a Web page like the My Site page is loaded, the Lotus Sametime SharePoint
control will display a presence icon for names on the page that represent online
Lotus Sametime users (for example, a green square indicates a online user whose
status is Available). No icon appears when a name is unresolved or a user is
offline. Log in to the Sametime Connect client and navigate to a SharePoint site to
ensure that the presence icons are displaying correctly.
1. If online users are displaying appropriate Lotus Sametime presence icons,
integration is correctly configured and you have finished. Skip the remainder of
this topic.
2. If icons are missing, check for the following situations:
v Names on this page are missing icons entirely.You know that a particular
name should have a presence icon but only displays it when you mouse-over
the name.
In this case, the client control is loading and resolving the name, but the icon
update within the page is not complete. The most likely cause is incorrect
editing of the template files on the server; return to the previous topic and
verify that you made the changes properly.
v Names are missing icons and a mouse-over shows the control as a gray
″X″.
In this case, the client control is loading but is not receiving positive
resolutions for the person data being set by the page. Verify that the Lotus
Sametime Connect client is running and logged into the Lotus Sametime
server. If the problem persists, check the following topic, ″Troubleshooting
Office SharePoint integration″.
v A mouse-over does not show any change in the presence icon and does not
have a gray ″X″.
In this case, either:
– The optional Lotus Sametime Connect integrator for SharePoint feature
was not installed on the client. Install it now and repeat this procedure to
verify that integration is working correctly.
– the JavaScript™ library edits have not been applied on the server hosting
this Web page. Return to the previous topic and apply the template
changes directly on the Office SharePoint Server where the page being
tested is hosted.

Related tasks
clients.
Related reference
“Troubleshooting Office SharePoint integration”
“Troubleshooting Office SharePoint integration”
Troubleshooting Office SharePoint integration:
Lotus Sametime and Office SharePoint user directories
In some enterprises, the Office SharePoint integration may function immediately

with no additional configuration updates besides the JavaScript library changes
described in ″Setting up Office SharePoint Server integration″. The most likely
scenario to encounter this immediate functionality is one where Lotus Sametime
and Office SharePoint have both been configured to use the same Active Directory,
sharing this one LDAP for their backend directory. However, sharing a common
LDAP is not a prerequisite for success with the Lotus Sametime SharePoint
integration.
Enterprises where the Lotus Sametime server uses a different directory server are
workable, even in cases where Lotus Sametime is configured to use IBM Lotus
Domino and Office SharePoint is configured to use Active Directory. The key to the
functionality is the concept of Lotus Sametime ″resolving″ a phrase to match a
Lotus Sametime user. The Office SharePoint Server creates and delivers Web pages
to the local browser, and the live names on the page include JavaScript code that
initializes names with presence controls.
Ensuring that Lotus Sametime can resolve an Office SharePoint server phrase
In Office SharePoint 2007, the function that provides a Lotus Sametime user name
with a presence icon is called IMNRC. This function will appear in the page source
wherever Office SharePoint intends to place a presence icon. The IMNRC function
is passed an identifier phrase, typically an SMTP-format e-mail address for the
user; so alongside the name ″Alice Jones″ will be a presence initializer like
IMNRC( ″ajones@acme.com″). The Lotus Sametime control that is loaded into the
browser will be passed this ID (the ″ajones@acme.com″ string).
The primary requirement for successful use of the Lotus Sametime SharePoint
integration is that the ID phrase be uniquely resolvable by the Lotus Sametime
server. Lotus Sametime does not require the Office SharePoint Server to use a

particular data field as its ID for users, but you must configure the Lotus Sametime
server to recognize the field you choose. The exact setting used by the Lotus
Sametime server is described in the ″Table 6, Authentication settings for the LDAP
directory″ in the LDAP directory settings topic within this information center.
The first table entry, called ″Search filter to use when resolving a user name to a
distinguished name″, dictates the query that is used. Notice that ″mail=%s″ is a
recommended setting, and will be successful when the ID phrase is the SMTP
e-mail address ″ajones@acme.com″.
To summarize, the user data that is configured as an ID for presence by Office

SharePoint Server must be made available to the Lotus Sametime server (even if in
a second directory), and then specified in the ″Search filter... when resolving a user
name″ field. A quick troubleshooting check is to take the ID phrase found in the
presence initializing function, and paste it into the Lookup text field of the ″Add
Contact″ dialog in the Lotus Sametime Connect Client. If it is a unique match, the
ID phrase will resolve in the proper Office SharePoint integration.
Related tasks
“Setting up the Office SharePoint Server” on page 224
Set up integration with Microsoft Office SharePoint by modifying template files on
the Microsoft Office SharePoint Server with which you want IBM Lotus Sametime
to communicate.
“Verifying the Office SharePoint integration setup” on page 227
Use the IBM Lotus Sametime Connect client with the Lotus Sametime Connect
integrator for SharePoint to verify that the Microsoft Office SharePoint integration
feature is working correctly.
Starting and stopping servers in a Lotus Sametime

deployment
Starting and stopping servers running on WebSphere Application

Server
Starting and stopping the Deployment Manager:
About this task
Before starting Lotus Sametime Servers, the Deployment Manager must be running
for each cell.
Windows only: You can also use the Start - Programs menu to use the Start and
Stop menu commands.
1. In a command window, navigate to the app_server_root/profiles/
DeploymentManagerName/bin directory for the Deployment Manager you want
to start:
2. Run the following command to start and stop the Deployment Manager:

./startManager.sh
./stopManager.sh dmgr -username admin_user -password admin_password
Windows
startManager.batstopManager.bat dmgr -username admin_user -password
admin_password
IBM i
startManager dmgr
stopManager dmgr -username admin_user -password admin_password.
Related tasks
“Starting and stopping WebSphere Application Servers on Windows” on page 232
Use the Start Programs menu in Microsoft Windows to start or stop any Sametime
servers running on WebSphere Application Server.
Related reference
Starting the Lotus Sametime System Console:
Before you begin
Verify that the Deployment Manager is running for the cell.

1. In a command window, navigate to the local app_server_root/profiles/
STSCAppProfile profile directory and change to the bin directory:
2. Run the following commands:
./startNode.sh
./startServer.sh STConsoleServer
Windows
startNode.bat
startServer.bat STConsoleServer
IBM i
startNode
startServer STConsoleServer
What to do next

Related tasks
Related reference
“Command reference for starting and stopping servers”
Starting and stopping WebSphere Application Servers on Windows:
About this task
From the IBM WebSphere menu off the Start Programs menu, you can navigate to
the Start and Stop menu choices for a server.
1. Working on the server you want to start or stop, click Start → All Programs.
2. Click IBM WebSphere Application Server → Network Deployment V7.0 →
Profiles.
3. Select the profile for the server and click the appropriate Start or Stop menu
command.
Related tasks
“Automating Sametime Community Server shutdown on Windows” on page 240
Follow these instructions for the proper sequence of events for an automated
shutdown of a IBM Lotus Sametime Community Server on Windows.
Related reference
“Command reference for starting and stopping servers”
Command reference for starting and stopping servers:
Table 18. Server command directories
Type Primary node Secondary node
Sametime System Console STSCAppProfile/bin STSCSNAppProfile/bin
Meeting Server STMAppProfile/bin STMSNAppProfile/bin
Proxy Server STPAppProfile/bin STPSNAppProfile/bin
Media Manager STMSAppProfile/bin STMSSNAppProfile/bin

Note: The Deployment Manager must be running for the cell before starting a
server. Also note that the server name is case sensitive.
Table 19. Start server commands for AIX, Linux, or Solaris
Type Commands
Sametime System Console ./startNode.sh
Meeting Server ./startNode.sh
./startServer.sh STMeetingHttpProxy
./startServer.sh STMeetingServer
Proxy Server ./startNode.sh
./startServer.sh STProxyServer
Media Manager ./startNode.sh
./startServer.sh STMediaServer
Table 20. Stop server commands for AIX, Linux, or Solaris

Type Commands
Sametime System Console ./stopServer.sh STConsoleServer
-username username -password password
./stopNode.sh -username username

-password password
Meeting Server ./stopServer.sh STMeetingServer
./stopServer.sh STMeetingHttpProxy

-password password
Proxy Server ./stopServer.sh STProxyServer -username
username -password password

-password password
Media Manager ./stopServer.sh STMediaServer -username

-password password
Windows
The Start Programs menu is also a convenient way to start and stop Sametime

Table 21. Start server commands for Windows
Server Commands
Sametime System Console startNode.bat
Meeting Server startNode.bat
startServer.bat STMeetingHttpProxy
startServer.bat STMeetingServer
Proxy Server startNode.bat
startServer.bat STProxyServer
Media Manager startNode.bat
startServer.bat STMediaServer
Table 22. Stop server commands for Windows

Server Commands
Sametime System Console stopServer.bat STConsoleServer -username
stopNode.bat -username username

-password password
Meeting Server stopServer.bat STMeetingServer -username
stopServer.bat STMeetingHttpProxy

-password password
Proxy Server stopServer.bat STProxyServer -username

-password password
Media Manager stopServer.bat STMediaServer -username

-password password
IBM i
Table 23. Start server commands for IBM i
Server Commands
Sametime System Console startNode

Table 23. Start server commands for IBM i (continued)
Server Commands
Meeting Server startNode
startServer STMeetingHttpProxy
startServer STMeetingServer
Proxy Server startNode
startServer STProxyServer
Media Manager Not supported on IBM i
Table 24. Stop server commands for IBM i

Server Commands
Sametime System Console stopServer STConsoleServer -username
stopNode -username username -password

password
Meeting Server stopServer STMeetingServer -username
username-password password
stopServer STMeetingHttpProxy -username


password
Proxy Server stopServer STProxyServer -username

password
Related tasks
Starting and stopping servers running on Lotus Domino

Starting and stopping a Sametime server on AIX, Linux, or Solaris while

Domino is running:
IBM Lotus Sametime on AIX, Linux, or Solaris is installed on an IBM Lotus

Domino server. You can start and stop a Sametime server without starting and
stopping the Domino server from running.

About this task
There are times when you will need to keep the Domino server running while
doing Sametime maintenance tasks. For example, you might need to shut down
Sametime services while you make configuration changes on the Sametime server,
but you need to leave the Domino server running so you can access Domino
databases on the server.
1. Open the Domino server console on the Sametime/Domino server.
2. In the Domino server console, choose one of the following actions:
To start the Sametime server from a Domino server that is already running,
type this command:
Load STADDIN
To stop the Sametime server without stopping the Domino server, type this
command:
Tell STADDIN Quit
Related concepts
“Considerations for AIX, Linux, and Solaris” on page 239
If you install IBM Lotus Sametime on an IBM AIX, Linux, or Sun Solaris server,
you should be aware of some special behaviors.
Starting and stopping a Sametime server on Windows while Domino is

running:
IBM Lotus Sametime on Windows is installed on an IBM Lotus Domino server.

You can start and stop a Sametime server without starting and stopping the
Domino server from running.
About this task
To start the Sametime server from a Domino server that is already running,
type this command:
Load STADDIN
To stop the Sametime server without stopping the Domino server, type this
command:
Tell STADDIN Quit
Starting and stopping Domino and a Sametime Community Server on AIX,

Linux, or Solaris:
Learn how to start and stop a Sametime Community Server running on AIX,
Linux, or Solaris.
Starting Domino and a Sametime Community Server on AIX, Linux, or Solaris:
Follow these instructions to start a Sametime Community Server on AIX, Linux, or

Solaris.

About this task
IBM Lotus Sametime is installed on an IBM Lotus Domino server. Once you set up
the Lotus Domino server to launch Lotus Sametime automatically, then whenever
you start or stop the Domino server, you are starting and stopping the Lotus
Sametime server as well.
1. Log in to the system as the default Domino user. Make sure the default path
and environment are set correctly.
2. Start the Sametime server by issuing the following server command. Note that
starting the Sametime server might take a few minutes.
./ststart
3. The ″ststart″ script file sets some important environment variables before
launching the server executable (/opt/ibm/lotus/bin/server).
What to do next
Starting and stopping the Sametime server without starting and stopping
Domino
You can start and stop the Sametime server and keep the Domino server running.
For example, you might need to shut down Sametime services while you make
configuration changes on the Sametime server, but you need to leave the Domino
server running so you can access Domino databases on the server.
a. To start the Sametime server from a Domino server that is already running
type this command:
Load STADDIN
b. To stop the Sametime server without stopping the Domino server type this
command:
Tell STADDIN Quit
Related concepts
“Considerations for AIX, Linux, and Solaris” on page 239
Running a Sametime server as a background process on AIX:
You can run Lotus Sametime as a background process on an IBM AIX server.
Before you begin
The operating system’s IBM Lotus Domino user actually runs the background
process, and must have permission to run the script and write files to the Domino
Data Directory.
About this task
To run the Sametime server as a background process, complete the following steps:
1. Open the ststart script located in the data directory, and copy the two sections
below into the .profile of the Domino user that will run Sametime as a
background process:

# Define variables
BINDIR=/opt/lotus/notes/latest/ibmpow/
LOTUSDIR=/opt/lotus/bin
# Export paths for notes user

LIBPATH=${LIBPATH}:$BINDIR
export LIBPATH
PATH=${PATH}:$BINDIR
export PATH
Note: The PATH environment variable cannot contain the /lotus/bin directory,
which defaults to /opt/lotus/bin.
2. Set up the Virtual Frame Buffer, and verify that it is running.
3. Set the DISPLAY environment variable to the host name:
DISPLAY=machine:1
export DISPLAY
4. From the command prompt, run the following command, which enables you to
manage the server only through the IBM Lotus Notes Administration Client:
nohup /opt/lotus/bin/server < /dev/null > /dev/null 2>&1 &
5. If you want to use text files for stin and stout, use the following:
a. Create the following script on the server:
#!/usr/bin/sh
DOMINO_PROGRAM_DIR=/opt/lotus
DOMINO_DATA_DIR=/local/notesdata
export DOMINO_PROGRAM_DIR
export DOMINO_DATA_DIR
cd $DOMINO_DATA_DIR
if [ -f st.in ] ; then
rm st.in
fi
if [ -f st.out ] ; then
mv st.out st.out.bak
fi
touch st.in
$DOMINO_PROGRAM_DIR/bin/server <st.in >st.out 2>&1 &
cd -
Note:
If /usr/bin/sh does not exist, change the path for sh at the top of the script.
If the default installation settings are not used, modify the
DOMINO_DATA_DIR and DOMINO_PROGRAM_DIR environment
variables at the top of the script.
b. Save the script on the AIX server.
c. Use the cd command to navigate to the folder where the script was saved.
d. Launch the script by typing:
./script_name
where script_name is the file name of the script.
Results
Once the server is running, you can interact with the server console by using the
Administrator Client Server console. Alternatively, you can view the console in a
telnet session by issuing the following commands:
> cd DOMINO_DATA_DIR
> tail -f st.out

To enter commands at the server console, do the following:
> cd DOMINO_DATA_DIR
> echo {command} >>st.in
where
DOMINO_DATA_DIR is be the value for the Domino Data directory; for example,
/local/notesdata,
and
{command} is a Domino Server console command such as ″Show Tasks″; for

example:
> echo show tasks >>st.in
Stopping Domino and a Sametime Community Server on AIX, Linux, or Solaris:
Follow these instructions to stop a Sametime Community Server on AIX, Linux, or

Solaris.
1. Return to the terminal session where Domino was started.
2. If the prompt character > is not present, press the Enter key once to be
presented with a prompt character. Then type either exit or quit and press the
Enter key.
Considerations for AIX, Linux, and Solaris:
v You must not have /opt/ibm/lotus/bin in your PATH, otherwise Sametime will
not function correctly.
v If you do not start Sametime from an XWindows environment, Save Annotations
will not function unless you set up a Virtual frame buffer.
v If you start Sametime from a telnet session, exiting the telnet session also
terminates the Domino Console and Sametime.
Starting and stopping Domino and a Sametime Community Server on

Windows:
Learn how to start and stop a Sametime Community Server on Windows.
Starting Domino and a Sametime server on Windows:
Follow these instructions to start a Sametime server on Windows.

1. Select Start → Administrative Tools → Component Services.
2. In the Services dialog box, select Services (Local).
3. Right-click ″Sametime server″ and select Start.
Stopping Domino and a Sametime Community Server on Windows:
Follow these instructions to stop a Lotus Sametime Community Server on

Windows.
1. Select Start → Administrative Tools → Component Services.
2. In the Services dialog box, select Services (Local).

3. Right-click ″Sametime server″ and select Stop.
Automating Sametime Community Server shutdown on Windows:
Follow these instructions for the proper sequence of events for an automated
shutdown of a IBM Lotus Sametime Community Server on Windows.
About this task
If you try to automate the shutdown of Lotus Sametime Community Servers in

batch files by using the Windows net stop command against Lotus Domino
without first shutting down Sametime services, then crash-on-shutdown events
and long restart times can result. This sort of shutdown can also trigger crashes of
other servers within a Community Services Cluster. These problems occur because
the ST Community Launch service relaunches Lotus Sametime applications as
needed. If Domino is stopped, then ST Community Launch works as designed and
tries to relaunch the now-failing applications, with unpredictable results.
You can prevent these problems by creating your batch file with the proper
sequence of events for an automated shutdown of the Lotus Community Sametime
Server.
Follow this order when you create your batch file:

net stop "ST Community Launch"
<wait for service shutdown>
net stop "Sametime Server"
net stop "Lotus Domino Server"
Note: If your site has changed the service names then adjust the commands
accordingly. These individual services might require several minutes to shut down
properly; this time is longer for high-volume servers. IBM recommends performing
these steps manually first to observe the time required for each shutdown. Insert
the appropriate wait sleep commands between the net stop commands when you
create your batch files.
Uninstalling
Before you can install a newer version of IBM Lotus Sametime, you must uninstall
the currently deployed version.
About this task
Complete these tasks to uninstall Lotus Sametime components.
Removing a node from a cluster

Before uninstalling a Sametime server that is part of a cluster, use the cluster utility
to remove the server from the cluster.
Removing a Sametime Community Server from a cluster:

Before uninstalling a Sametime Community Server that is part of a cluster, use the
updateSTCluster utility to remove the server from the cluster.
Before you begin
About this task
Follow these steps to remove the Sametime Community Server from the cluster
administered with the Sametime System Console.
1. Working on the server you want to remove from the cluster, navigate to the
InstallLocation/console directory for the Deployment Manager profile.
2. If this is the first time you have run a utility on this server, open
console.properties file and provide the System Console Host name, port, User
Name and Password. Also, you can specify the log level, which is not
mandatory.
3. Verify that the values in the productConfig.properties file are correct.
4. Run the utility from the console directory you used in Step 1.
AIX, Linux, Solaris
updateSTCluster.sh -remove
Windows
updateSTCluster.bat -remove
5. When you are prompted, enter the name of the cluster you are updating.
The utility removes the Sametime Community Server from the cluster and
generates the ConsoleUtility.log file. It also deletes the console.pid file from the
console directory.
Removing a WebSphere Application Server node from a cluster:
Before uninstalling an IBM Lotus Sametime server that was clustered with an IBM
WebSphere Application Server network deployment, use the updateWASCluster
utility to remove the node from the cluster.
About this task
Removing a node from a cluster involves manually removing the nodes in the
Deployment Manager’s Integrated Solutions Console settings, verifying
configuration settings for the cluster, and then running a utility that updates
additional cluster settings to reflect the removal of the node.
1. Remove the node from the Deployment Manager:
Note: For additional information on removing a node from the Deployment

Manager, see the removeNode command in the WebSphere Application Server
7 information center. See Deleting specific cluster members for information on
removing a cluster member.
a. In the Deployment Manager’s Integrated Solutions Console, click System
administration → Nodes.
b. On the ″Nodes″ page, select the check box beside each node that you want
to remove.
c. At the topic of the table, click the Remove Node button.
If you cannot remove the node by clicking Remove Node, remove the node
from the configuration by clicking Force Delete.
d. Click OK.

e. Save your change by clicking the Save link in the ″Messages″ box at the top
of the page.
2. Update the console.properties file on the Deployment Manager:
a. On the Deployment Manager server, navigate to the install_root/IBM/
WebSphere/STgateway/console folder for the Deployment Manager profile.
Attention: The cluster’s Primary Node is installed on the same computer,
so be sure to use the Deployment Manager profile.
b. Open the console.properties file for editing.
c. Fill in values for the following settings:
SSCHostName Type the fully qualified host name of the Lotus Sametime
System Console server.
SSCHTTPPort Type the HTTP port used for the Lotus Sametime System
Console server if SSL is not enabled and the value for
SSCSSLEnabled is ″false.″

AboutThisProfile.txt file for the Ltus Sametime System Console
Application Server Profile and use the setting specified for the
″HTTP transport port.″ The default profile name is
STSCAppProfile.
SSCUserName Type the IBM WebSphere Application Server User ID that you
The default is wasadmin.
SSCPassword Type the IBM WebSphere Application Server password

3. Now open the productConfig.properties file (in the same folder) and verify
that all of the settings are correct, changing settings as needed before you save
and close the file.
4. Open a command window and run the following command:
v IBM AIX, Linux, or Solaris
updateWASCluster.sh -remove
v Microsoft Windows
updateWASCluster.bat -remove
5. When prompted by the utility, enter the name of the cluster from which you
are removing the node, and press Enter.
Results
This utility removes all nodes from the specified cluster’s settings and generates a
log file called ConsoleUtility.log, which it stores in the console/log directory.
Removing a server from the console

To remove an IBM Lotus Sametime server from the list of the Lotus Sametime
System Console’s managed servers, run the unregister utility on the server. When
you remove a server from the console, it can no longer be administered from the
console, but it does not have its own administration interface. The only way to
administer the server is by modifying configuration files and the database directly.
Because of these limitations, you should only unregister the server if you are
uninstalling, or performing some other activity that requires removal of the
product from the console.

About this task
This procedure works for the following Lotus Sametime servers: Community
Server, Proxy Server, and Meeting Server. A Sametime Community Server reverts
back to using legacy policies if you remove it from the console.
Note: To unregister a Lotus Sametime Gateway server, see Removing a Lotus

Sametime Gateway server from the console.
1. Working on the server you want to remove, navigate to the
InstallLocation/console directory.
Name and Password. Also you can specify the log level, which is not
mandatory.
4. If you are unregistering a Sametime Community Server or Meeting Server, start
the server. Otherwise, proceed to the next step.
5. Run the unregister utility:
v Sametime Community Server
AIX, Linux, Solaris
unregisterProductNode.sh
Windows
unregisterProductNode.bat
v Other servers
AIX, Linux, Solaris
unregisterWASProduct.sh
Windows
unregisterWASProduct.bat
The utility unregisters the server and generates the ConsoleUtility.log file,
storing it in the console/logs. If the unregistration is successful, the utility
deletes the console.pid file from the console directory.
Uninstalling DB2 and Sametime software with the Installation

Manager
Before you begin
Leave the DB2 server running, but stop any Sametime servers that you plan to
uninstall. For instructions, see “Command reference for starting and stopping
servers” on page 232.
About this task
Run the installer on the Sametime server to see the Uninstall option.
1. Run the Installation Manager.
/opt/IBM/InstallationManager/eclipse/IBMIM

Windows
Select Start → Programs → IBM Installation Manager → IBM Installation
Manager.
2. Choose the components to remove from the server. Click Next.
3. Click Uninstall.
4. (DB2) Remove all files in the /tmp or temp directory.
Results
When the uninstallation process is complete, the users and groups created during
install will be removed from the machine, but the home directories of the users
will remain. For more information about uninstalling DB2, see these topics in the
DB2 9.5 Information Center:
Uninstalling your DB2 product (Windows)
Uninstalling your DB2 product (Linux and UNIX)

Related tasks
“Manually removing WebSphere Application Server on AIX, Linux, Solaris, and
Windows” on page 248
You may need to remove WebSphere Application Server manually if it remains on
the system after Lotus Sametime fails to install or uninstall completely.
Manually removing DB2 and Sametime on AIX, Linux, Solaris, and Windows:
You can manually remove DB2 and Sametime components if either installation or
uninstallation processes do not complete successfully.
Before you begin
Stop the servers that you plan to uninstall. For instructions, see “Command
About this task
Follow these steps to remove DB2, Sametime, DB2 users, and data directories.
Follow all steps that apply to the software you installed on the machine.
1. Remove WebSphere Application Server services you created using the
wasservice command with the -remove switch.
2. Manually remove DB2 and the Install Manager from the operating system.
For example, on Windows, use the Control Panel, Add/Remove Programs
panel.
3. DB2 only: Manually remove db2users and groups created on the local server.
4. Remove these directories for DB2 and Installation Manager.
The directories below show the Windows path. They will differ on AIX, Linux,
and Solaris.
v c:\documents and settings\all users\application data\ibm\installation
manager
v c:\documents and settings\all users\application data\ibm\db2
v c:\documents and settings\all users\application data\ibm\db2history
v c:\documents and settings\db2admin
v c:\documents and settings\install user\application data\ibm\vshet

v c:\documents and settings\install user\application data\ibm\db2
5. Delete the remaining WebSphere Application Server and DB2 directories.
What to do next
For more information about uninstalling DB2, see these topics in the DB2 9.5
Information Center:
Uninstalling your DB2 product (Windows)
Uninstalling your DB2 product (Linux and UNIX)
Uninstalling a Lotus Sametime Community Server

Follow the instructions for your operating system to uninstall the Lotus Sametime
Community Server.
Uninstalling the Lotus Sametime Community Server on Windows:
To uninstall IBM Lotus Sametime Community Server from an IBM Lotus Domino
server using the Sametime Community Server uninstall program, all Lotus
Sametime Community Server files that were added to the Lotus Domino
installation are removed with the exception of files that were created while running
Lotus Sametime Community Server. Updates that were made to the address books
(including person documents, server documents, and changes to the Access
Control List) are not removed.
Before you begin
Before you uninstall the Lotus Sametime Community Server, it is always good
practice to back up any important files.
About this task
To completely remove Lotus Sametime Community Server, you must uninstall

Lotus Domino as well, and also both the Lotus directory and the Notes data
directories.
1. Stop the Domino (Sametime) server.
2. From the Microsoft Windows Start menu, select Settings > Control Panel >
Add/Remove Programs.
3. Select IBM Lotus Sametime 8.x from the list and click Add/Remove. Click Yes
when prompted to remove the Sametime server.
4. When the Windows uninstall program completes, click OK to exit the uninstall
program.
Uninstalling the Lotus Sametime Community Server on AIX, Linux, or Solaris:
To uninstall IBM Lotus Sametime Community Server from an IBM Lotus Domino
server using the Sametime Community Server uninstall program, all Lotus
Sametime Community Server files that were added to the Lotus Domino
installation are removed with the exception of files that were created while running
Lotus Sametime Community Server. Updates that were made to the address books
(including person documents, server documents, and changes to the Access
Control List) are not removed.
1. Stop the Domino (Sametime) server.

2. Switch to the root user.
3. Change to the following directory:
datadir/_uninstst
4. Start the uninstall using the following command:
./uninstaller.bin
Uninstalling Sametime Gateway

This topic covers instructions on how to uninstall the Lotus Sametime Gateway on
different operating systems. All files that were installed are removed, as well as
any shortcuts and registry entries.
About this task
Note: WebSphere Application Server, Sametime Gateway Profile, and Sametime

Gateway must be uninstalled before installing anew. If all components are not
removed, the VPD registry may determine that Sametime Gateway is still installed
and believe that you are trying to install a second instance of Sametime Gateway.
Removing a Lotus Sametime Gateway server from the console:
To remove an IBM Lotus Sametime Gateway server from the list of the Lotus
Sametime System Console’s managed servers, run the unregister utility on the
server. When you remove a server from the console, it can no longer be
administered from the console, but it does not have its own administration
interface. The only way to administer the server is by modifying configuration files
and the database directly. Because of these limitations, you should only unregister
the server if you are uninstalling, or performing some other activity that requires
removal of the product from the console.
InstallLocation/console directory.
theconsole.properties file and provide the System Console Host name, port,
User Name and Password. Also you can specify the log level, which is not
mandatory.
4. Unregister the server by running the following command:
v AIX, Linux, Solaris: unregisterWASProduct.sh
v Windows: unregisterWASProduct.bat
5. If you want to uninstall Lotus Sametime Gateway from the server, run the
following command:
v AIX, Linux, Solaris: unregisterWASProduct.sh -uninstall
v Windows: unregisterWASProduct.bat -uninstall
Results
storing it in the console/logs. If the unregistration is successful, the utility deletes
the console.pid file from the console directory.
Uninstalling Sametime Gateway on Windows:
This topic explains how to uninstall Lotus Sametime Gateway on Windows for a
single server or cluster.

Before you begin
Uninstalling Lotus Sametime Gateway automatically removes WebSphere

Application Server as well. If you are reinstalling Lotus Sametime Gateway, there’s
no need to uninstall DB2 first. If you need to uninstall DB2, uninstall it separately
according instructions in the DB2 Information Center at http://
publib.boulder.ibm.com/infocenter/db2luw/v8/index.jsp.
Note: WebSphere Application Server, the Sametime Gateway Profile, and Sametime
1. Shut down any servers that are running, including the Deployment Manager
and node agents if you have a cluster.
2. Open a command window and navigate to the following directory:
stgw_server_root/_uninst
3. Type the appropriate command to start the uninstall program:
v For GUI mode, type uninstaller.exe
v For console mode, type uninstaller.exe -console
4. Select the language you wish to use for the uninstall procedure and click OK.
The Welcome screen is displayed.
5. Click Next to proceed. The Lotus Sametime Gateway features screen is
displayed.
6. Select the check box for all available components/features and click Next. The
Uninstall summary screen is displayed.
7. Click Uninstall to begin the procedure. The progress is displayed on the
screen.
8. When the uninstall is complete, read the summary information and click
Finish to exit the wizard.
9. Remove all Lotus Sametime Gateway install folders from your computer.
10. If you are uninstalling a cluster of servers, repeat the preceding steps on each
node, running the uninstall utility as you would on a single server
deployment.
Uninstalling Sametime Gateway on AIX, Linux, and Solaris:
This topic explains how to uninstall a single server or cluster of IBM Lotus
Sametime Gateway servers on AIX, Linux, and Solaris operating systems.
Before you begin
Uninstalling Lotus Sametime Gateway automatically removes WebSphere

Application Server as well. If you are reinstalling Lotus Sametime Gateway, there’s
no need to uninstall DB2 first. If you need to uninstall DB2, uninstall it separately
according instructions in the DB2 Information Center at http://
publib.boulder.ibm.com/infocenter/db2luw/v9/index.jsp.
Note: WebSphere Application Server, the Sametime Gateway Profile, and Sametime
and node agents on each node.

2. Open a command window and navigate to the following directory:
stgw_server_root/_uninst
3. Execute the appropriate command:
v For GUI mode type./uninstaller.bin
v For Console mode type ./uninstaller.bin -console
displayed.
6. Select the check box for all available components/features and click Next. The
Uninstall summary screen is displayed.
7. Click Uninstall to begin the procedure. The progress is displayed on the
screen.
8. When the uninstall is complete, read the summary information and click
Finish to exit the wizard.
9. Remove all Lotus Sametime Gateway install folders from your computer.
node, running the uninstall utility as you would on a single server
deployment.
Manually removing WebSphere Application Server on AIX, Linux,

Solaris, and Windows
Before you begin
If after an attempted Sametime install or uninstall, you have many files and folders
left in app_server_root/profiles/profile_name or app_server_root/bin, run the
WebSphere Application Server uninstall program to remove the rest of the files.
Remove WebSphere Application Server only if it is not in use by any other server
on the system.
About this task
Stop all java processes. Then follow the steps in the WebSphere Application Server
7 Information Center for your platform to remove unneeded WebSphere
Application Server software from the system.
Uninstalling the WebSphere Application Server product
Installing on IBM i
complete basic server configuration.
This section contains information about system requirements, Lotus Sametime

prerequisites, server installation and required configuration tasks to do after
installation.

Related concepts
Preparing to install Lotus Sametime on IBM i

Follow these steps to prepare IBM i for Lotus Sametime server installations.
Preparing to create the Sametime database schemas and tables

on IBM i
The IBM Lotus Sametime System Console, Sametime Meeting Server, and the
Sametime Gateway Server use databases to store data. Verify that the schemas do
not already exist.
Before you begin
Decide on which system you will install the Sametime System Console, the
Sametime Meeting Server, the Sametime Gateway Server, and their databases. On
IBM i, they can all be on the same system or different systems. However, if you
plan to install either the Sametime System Console or the Meeting Server on IBM i,
both servers and the databases must be on IBM i.
About this task
The Sametime System Console requires two database schemas with these specific
names: SSC and POLICY. The Meeting server requires these two database schemas:
MTG and POLICY. The servers share the POLICY schema. Typically, you will
create all of the schemas on the same system.
A schema cannot be created on a particular system LPAR if an IBM i library

already exists with that name. Use these WRKLIB commands to determine if a
library already exists with these names.
WRKLIB SSC
WRKLIB POLICY
WRKLIB MTG
If there is such a library and it was not created by Sametime, you must resolve the
conflict by removing or renaming the libraries. Alternatively, the schemas can be
created on a different IBM i system LPAR.
Creating a user profile to own the database schemas on IBM i

Follow these steps to create a user profile to own the database schemas for the
Sametime System Console and the Sametime Meeting Server.
About this task
On the system where you plan to create the database schemas, create a user profile
to be the database owner. The profile that you create can have a user class of
*USER and does not require any special authorities
If you plan to create the schemas for the System Console and the Meeting Server
on the same system, use the same user profile for all of the schemas.

Verifying authority to install and set up Sametime on IBM i
The administrator who installs and sets up IBM Lotus Sametime must sign on to
the system with a user profile that has the required authorities. Before installing,
verify that the user profile you plan to use has the required special authorities.
About this task
The IBM i security officer has the required authorities to install and set up Lotus
Sametime. If you are not the security officer, use the Display User Profile
(DSPUSRPRF) command to determine if your user profile has the required
authorities by following these steps.
1. Type the following IBM i command:
DSPUSRPRF user_id
2. Press the PAGE DOWN key and look for the special authority field to display
the special authorities for the user profile. Verify that you have the necessary
authorities for installing the Sametime software.
v All object access (*ALLOBJ)
v Security administration (*SECADM)
3. Verify that you have the necessary authorities to add the Sametime Community
Server to an IBM i Domino Server.
v All object access (*ALLOBJ)
v System configuration (*IOSYSCFG)
v Job control (*JOBCTL)
Results
If your user profile does not have the required authorities, either ask the security
officer to install and set up the Lotus Sametime server or add the required
authorities to your user profile.
Installing the Lotus Sametime System Console

About this task
Preparing the console installation file on IBM i

Follow these steps to customize the response.properties file to prepare for installing
the Lotus Sametime System Console on IBM i.
Before you begin
You should have completed the preparation steps in ″Preparing to install Lotus
Sametime on IBM i.″
About this task
Skip the first two steps if you are installing from physical media.
1. Download the installation package if you have not already done so.

/MySametimePackages
2. Extract the installation files to the directory where you stored the installation
package.
a. From an IBM i command line, run the following command to start the
QShell Interpreter:
QSH
b. Run the cd shell command, specifying the fully qualified path to the
installation package directory; for example:
cd /MySametimePackages
c. Run the following cd shell command, specifying the name of the .tar file:
pax -r -C 819 -f name_of_installation_package
d. Press F3 to exit QSH.
3. Review the IBM International Program License Agreement and ensure that you
agree to its terms before proceeding. The agreement is stored in the licenses
subdirectory of the program image; for example:
/MySametimePackages/SametimeSystemConsole/IBMi/stii_ssc/licenses
For DVD:
/qopt/volume_ID/IBMi/stii_ssc/licenses
4. Navigate to the program image directory; for example:
/MySametimePackages/SametimeSystemConsole/IBMi/stii_ssc
For DVD:
/qopt/volume_ID/IBMi/stii_ssc
5. Make a copy of the ssc.default.response.properties file, using a name of your
choosing. Store the copy in a location on the system that the installation
program can access.
6. Customize your copy of the response.properties file with the settings
appropriate for your specific installation.
For the database.db.user.id and database.db.user.password settings in the properties
file, specify the user profile and password you created to be the owner of the
System Console database schemas.
Related tasks
“Preparing to install Lotus Sametime on IBM i” on page 249
Creating the System Console database schemas and tables on

IBM i
Run the script to create the database schema for the IBM Lotus Sametime System
Console on IBM i.

Before you begin
You should have prepared the console installation file as described in ″Preparing
the console installation file on IBM i.″
About this task
On the IBM i system where you will install the Sametime System Console, follow
these steps to create the database schema and tables:
1. Log in with a user profile that has *ALLOBJ and *SECADM special authorities.
These authorities are required to create the database schemas. The database
schemas will be created on the system specified in your copy of the
ssc.default.response.properties file and owned by the user profile specified in
the file.
2. From an IBM i command line, run the following command to start the QShell
Interpreter:
QSH
3. Run the cd shell command, specifying the fully qualified path to the installation
kit directory; for example:
cd /MySametimePackages/SametimeSystemConsole/IBMi/stii_ssc
For DVD:
cd /qopt/STCONSOLE/IBMi/stii_ssc/licenses
4. If the SSC schema does not already exist on the system, run the following shell
command to create the required database schemas and tables. The command
also creates the POLICY schema if it does not exist.
setupDB_ssc.sh -Dinstall.response.file=path_and_name_of_customized_response.properties_file
5. When the script completes, press F3 to exit QSH.
Results
If the database schema creation was not successful, look at the script log for more
information about what occurred during the attempt. Fix the problem, then try
running the script again. The script log is stored in the following location.
/QIBM/UserData/Lotus/stii/logs
The log name contains the date and time in this form:
ssc_dbsetupyyyymmdd_hhmm.log
For example, this log was created at 3:07 A.M. on December 15, 2009:
ssc_dbsetup_20091215_0307.log
Related tasks
Installing the console on IBM i

Run the install script to set up the IBM Lotus Sametime System Console on IBM i.

Before you begin
If you intend to install from a downloaded image, you should have downloaded
the console server installation package. For all installations, you should have
completed the preparation steps. The database schemas required for the System
Console (SSC and POLICY) should already exist.
About this task
Follow these steps to install the Sametime System Console and WebSphere
Application Server.
1. Log in using a profile with *ALLOBJ and *SECADM special authorities.
2. Use the WRKSYSVAL command to check the setting for the QVFYOBJRST system
value and change it if necessary. The setting must be 3 or lower to install the
Sametime software.
Interpreter:
QSH
For installing from DVD:
cd /qopt/volume_ID/IBMi/stii_ssc
5. Start the Sametime System Console installation with the following shell
command:
install_ssc.sh -Dinstall.response.file=path_and_name_of_customized_response.properties_file
When the script completes, a summary of the results is displayed. Make a note
of the URL for connecting to the Integrated Solutions Console. The ″Admin
port″ displayed is the port you must use when logging in to the system
console.
6. Press F3 to exit QSH.
Results
information about what occurred during the installation attempt. Fix the problem,
then try installing again. The installation logs are stored in the following location.
install_STCONSOLE_yyyymmdd_hhmm.log
install_STCONSOLE_20091215_0307.log

Related tasks
Increasing the WebSphere Application Server usage limit for

running Sametime on IBM i
Use the Change License Information command to allow an unlimited number of
users for the WebSphere Application Server installation. Changing the usage limit
in this manner is acceptable provided you are in compliance with the terms of
your Sametime license and are only using WebSphere Application Server for
running Sametime.
About this task
If you install more than one Sametime server that uses WebSphere Application
Server on the same system, this task only needs to be done once. Following the
recommended installation sequence, the first server that uses WebSphere
Application Server is the Sametime System Console. Other servers that use
WebSphere Application Server are the Sametime Meeting Server, Sametime Proxy
Server, and Sametime Gateway.
1. Sign on to the system with a user profile that has *ALLOBJ special authority.
2. From any IBM i command line, run the following command (on one line):
CHGLICINF PRDID(5733W70) LICTRM(V7) FEATURE(5102) USGLMT(*NOMAX) THRESHOLD(*USGLMT)
Results
The usage limit is changed to *NOMAX.
If the following message is displayed, type G.

CPA9E1B: Usage limit increase must be authorized.
Press help before replying (C G)
After you respond to the CPA9E1B message, you must respond to the same
message on the QSYSOPR message queue:
1. Run the DSPMSG QSYSOPR command to see the message in the QSYSOPR
message queue.
2. When the message is displayed, type G.
Logging in to the Lotus Sametime System Console

About this task

What to do next

Related tasks
Connecting to an LDAP server

Before you begin
already running.
About this task
steps:
continue.

Related concepts
Related tasks
Sametime prerequisite: Connecting to an LDAP server

Before you begin
About this task
2. Bind to LDAP.

name.
g. Click Next.
user interface.
c. Click Next.

names.
person.

user interfaces.
field.
Server.
c. Click Next.


user interfaces.
displayed.
c. Click Next.
process.
What to do next

Related tasks
Related reference
Installing a Lotus Sametime Community Server and

supporting software
First install a Lotus Sametime Community Server on a Domino platform. You must
have already connected the Sametime System Console to an LDAP server. After
installing a Lotus Sametime Community Server, you can install and set up optional
components, such as a multiplexer or integration with Microsoft Office.
Related concepts
Related tasks
Installing a Domino server

Install a Domino server and prepare the Domino environment before installing a
Lotus Sametime Community Server.
Before you begin
If you have never installed and set up a Lotus Domino server, it is strongly
recommended that you refer to the Lotus Domino documentation to get a full
understanding of how to install and set up a Domino server.
Preparing the TCP/IP Environment on IBM i:
Your Lotus Sametime Community Server must be configured to use one or more
specific TCP/IP addresses so that it will not attempt to share TCP/IP ports with
any other HTTP servers on your system.
About this task
This section guides you through the process of verifying your TCP/IP
configuration, making changes if necessary to resolve conflicts between servers,

and gathering the TCP/IP information that you will need to configure your
Sametime server.
Verifying host table entries for IBM i:
IBM Lotus Sametime provides a list of host table entries that are already defined
on your server.
About this task
To verify your host table entries, follow these steps:

1. From any IBM i command line, type the following command and press Enter:
CFGTCP
2. On the Configure TCP/IP display, select option 10 to work with TCP/IP Host
Table entries.
3. Record each host name and the corresponding TCP/IP address, as you may
need this information later.
4. If your Lotus Sametime deployment will support IPv6 addressing, make sure
that the IPv6 address is mapped to the server’s host name in this table. If you
will support both IPv4 and IPv6 addressing, then each format should be
mapped to the host name to ensure that connections of both types are enabled.
Verifying configuration of existing IBM i Domino servers:
IBM Lotus Sametime provides which TCP/IP addresses are currently being used
by your Domino servers.
About this task
Note: If you do not have any Domino servers configured on your system, you can
skip this section.
To determine which TCP/IP addresses are currently being used by your Domino
servers, follow these steps after verifying that you have started your Domino
servers.
1. From an IBM i command interface, sign on to your server.
2. Verify the current TCP/IP addresses for each Domino server by entering the
following command:
WRKDOMCSL servername
3. From the Domino Console display, type the following command and press
Enter:
sh port tcpip
4. Press F5 to refresh the screen.
v If the server is using only one TCP/IP address, you will see a specific
TCP/IP Local Address listed using port 1352. For example, 10.1.2.3:1352.
v If the server is using all active TCP/IP addresses, you will see *:1352
displayed as the Local Address rather than a particular TCP/IP address.
5. Record the results for each Domino server, as you will use this information
later.
Selecting a TCP/IP address for your IBM i Sametime server:

Determine which TCP/IP addresses are already defined on your system and
decide which address you will use for your IBM Lotus Sametime server. You will
also need to determine whether you need to define additional TCP/IP addresses to
avoid conflicts between servers.
About this task
Follow these steps to select a TCP/IP address for the server.

1. First determine which TCP/IP addresses are currently defined for your system.
v From any IBM i command line, type the following command and press
Enter:
CFGTCP
v On the Configure TCP/IP display, select option 1 to Work with TCP/IP
interfaces and display a list of the currently defined TCP/IP interfaces.
2. Verify that each of the TCP/IP addresses you recorded when you looked at the
Host Table or ran the ’sh port tcpip’ command is currently defined.
3. Verify that the system has enough TCP/IP addresses defined so that you can
assign at least one for the exclusive use of each of the following:
v Your Sametime server
v Each existing Domino server
v Each instance of the IBM HTTP server running on your system
4. Contact your network administrator to assign additional TCP/IP addresses and
host names if needed.
5. Ensure that the new host names are also added to your Domain Name Server
(DNS).
6. Select the TCP/IP address you will assign to your Sametime server.
7. Decide which TCP/IP addresses should be assigned to each existing Domino
server and each instance of the IBM HTTP server.
Record this information, as you will use it later to ensure that existing servers
are properly bound to specific IP addresses so that their port usage does not
conflict with your Sametime server.
Adding a TCP/IP address on IBM i:
To configure an additional TCP/IP address for IBM i, complete this task.
About this task
If you did not need to assign additional TCP/IP addresses, you can skip this topic.
CFGTCP
2. Select option 1 to work with TCP/IP interfaces.
3. On the Work with TCP/IP Interfaces display, type a 1 in the Opt column and
press Enter to add a TCP/IP interface.
4. On the Add TCP/IP Interface display, enter the following information:
Field Description
Internet Address Specify the TCP/IP address you want to

add. For example, enter 10.1.2.4.

Field Description
Line Description Specify the name of the line description for

your LAN adapter. For example, enter
TRNLINE.
Subnet Mask Specify the subnet mask that is appropriate

for your interface. For example, enter
255.255.255.0.
5. Press Enter to add the new interface and return to the Work with TCP/IP
Interfaces display.
6. To start an interface, type a 9 beside it and press Enter.
Updating the host table on IBM i:
Add an entry in the IBM i host table for your IBM Lotus Sametime server.
About this task
To add a host table entry for your Sametime server, follow these steps:
CFGTCP
2. Type 10 and press Enter to work with TCP/IP host table entries.
3. If one of the TCP/IP addresses that you selected is not listed in the Host Table,
follow these steps to add a new entry:
v Type a 1 in the Opt column next to the blank Internet Address and press
Enter to add a Host Table Entry.
v When the Add TCP/IP Host Table Entry display appears, enter the following
information:
Field Description
Internet Address Enter the TCP/IP address that you assigned
to the Domino server. For example, enter
10.1.2.4.
Host name Enter the fully qualified name of the
Domino server as the host name. For
example, enter stdom1.acme.com.
Note: Although you can add multiple host names for the same IP address,
make sure you list the fully qualified name for your Domino server first,
before any alternative short names.
v Press Enter to create the Host Table Entry.
4. Follow these steps to update an existing Host Table Entry:
Note: If the TCP/IP address you want to use is listed in the table, but the
corresponding Domino server is not listed as one of the possible host names for
that address, you must update the existing host table entry to include the
additional host name.
v Type a 2 in the Opt column next to the Internet Address and press Enter to
change the Host Table Entry.

v When the Change TCP/IP Host Table Entry display appears, you may need
to Page Down to view the currently defined list of host names.
v When you have displayed the last host name, enter a ’+’ in the ’+ for more
values’ prompt and press Enter.
v When the Specify More Values for Parameter HOSTNAME display appears,
replace an existing host name or one of the *SAME entries with the fully
qualified name of your Domino server (for example, stdom1.acme.com).
Note: The fully qualified name of your Domino server must be listed first in
this table.
v Press Enter to update the host name. Press Enter again to change the Host
Table Entry.
Note: You can remove a host name for an Internet Address by following the
above steps to update the Host Table Entry and replacing the host name with
*BLANK.
Updating the Domain Name Server for IBM i:
If you defined any additional host names, work with your TCP/IP administrator to
ensure that the new host names are added to your Lotus Domain Name Server
(DNS).
About this task
If you have configured TCP/IP to search the DNS before searching the host table,
you may need to make additional changes in your configuration. Follow these
steps to check your TCP/IP Configuration Properties:
CFGTCP
2. On the Configure TCP/IP display, type 12 and press Enter to change the
TCP/IP domain information.
3. On the Change TCP/IP Domain (CHGTCPDMN) display, look for the ″Host
name search priority″ setting.
If the value is *REMOTE, either change this value to *LOCAL or verify with
your network administrator that the fully qualified host name is the first value
listed in the DNS for the IP address associated with your Sametime server. The
fully qualified host name must be listed before any short names in order for
your Sametime server to function correctly.
If the value of this field is *LOCAL, you do not need to take any further action.
You already ensured that the fully qualified host name was listed first in your
local host table in an earlier step.
CAUTION:
If you change the ″Search order″ you must stop and restart TCP/IP for the
change to take effect.
4. If your Lotus Sametime deployment will support IPv6 addressing, make sure
that the IPv6 address is mapped to the server’s host name. If you will support
both IPv4 and IPv6 addressing, then each format should be mapped to the host
name to ensure that connections of both types are enabled.
5. Press F3 to exit.
Updating the configuration of existing IBM i Domino servers:

Ensure your existing Lotus Domino servers are correctly bound to the specific fully
qualified host names that you have assigned to them. This will prevent them from
conflicting with your Lotus Sametime Community Server. If necessary, you will
modify the existing Lotus Domino server settings to enable partitioning and
specify a unique fully qualified host name.
About this task
Even if you changed your server’s fully qualified host name by modifying the
server’s notes.ini file, the change may not have occurred in the server document.
This procedure updates both the server document and the notes.ini file.
1. Using a profile with the authorities listed in Chapter 1, end the Domino server,
if it is active, by typing the following command and pressing Enter:
ENDDOMSVR DOM1
where DOM1 is the name of the Domino server.
Note: Ending the Domino server may take a few minutes.

2. Change the Domino server settings by typing the following command and
pressing F4:
CHGDOMSVR DOM1
where DOM1 is the name of the Domino server.
3. In the Advanced services field, you should see *PARTITION or *ALL. If neither
value is specified, then specify *PARTITION.
4. In the Internet Address field, enter the fully qualified host name for this
Domino server.
5. Press Enter.
If the changes to the server settings were successful, the following message is
displayed:
Command CHGDOMSVR ended successfully.
6. Restart the Domino server by typing the following commands and pressing
Enter:
STRDOMSVR DOM1
Where DOM1 is the name of the Domino server.

7. Using a Domino Administrator Client, edit the server settings in the Server
Document so that the Domino HTTP server binds to the specific host name.
v Select the Configuration tab.
v In the left pane, click Server and select All Server Documents.
v Open the server document for the Domino server and click the Edit Server
button.
v Select the Internet Protocols tab, and then select the HTTP tab.
v In the Host name(s) field, verify the DNS name for the TCP/IP address that
you specified in the Change Domino Server command.
v In the Bind to host name field, select Enabled.
v Select the Ports tab, then select the Internet Ports tab, then select the Web
tab.
v Verify in the HTTP settings that the TCP/IP port has a port number
specified. The default port number is 80.
v Click Save and Close.

8. Stop and restart the Domino server.
9. When the Domino server has restarted, access it through a Notes client or a
Web browser to make sure it is still accessible using TCP/IP.
Updating the HTTP server configuration on IBM i:
Your Lotus Sametime Community Server will use the Lotus Domino HTTP server.
It is possible that you may have already configured IBM HTTP Server for IBM i on
your system for other applications. If so, then you must verify that each instance of
the HTTP server is bound to a specific TCP/IP address. This will prevent it from
conflicting with your Lotus Sametime server.
About this task
To change the HTTP server settings using commands, follow these steps:
1. If the HTTP server is currently running, type the following command on any
IBM i command line and press Enter to end it:
ENDTCPSVR SERVER(*HTTP)
2. Start the HTTP Administration server by typing the following command and
pressing Enter:
STRTCPSVR SERVER(*HTTP) HTTPSVR(*ADMIN)
3. Open the IBM HTTP server configurations page.
v Start your Web browser.
v Enter the following URL:
http://mysystem:2001
where mysystem is the name of your system.
v Click IBM Web Administration for IBM i.
v Select the Manage tab.
v Select the HTTP Servers tab.
4. Select a configuration from the menu at the top of the screen, and complete the
following items for each configured instance of the HTTP server:
v From the list on the left pane, select General Server Configuration.
v In the right pane, find the IP address and port table in the section called
Server IP address and ports to listen on.
v If one of the rows in the table has an asterisk (*) in the IP Address column,
then the server is listening on all IP addresses. Select that row. Replace the
asterisk (*) with the IP address for this server and click Continue.
v When finished updating the server IP address table, click Apply to save your
changes.
5. When each instance of the HTTP server is configured to use a specific IP
address, restart the HTTP servers by typing the following command and
pressing Enter:
STRTCPSVR SERVER(*HTTP)
Installing a Domino server:
Before you can install the Lotus Sametime Community Server, you must have
already installed an IBM Lotus Domino server.
Installing a Domino server in a new domain on IBM i:

Follow these steps to set up a Lotus Domino server in a new Lotus Domino
domain.
1. Launch the appropriate Domino wizard, depending on whether or not you
have already installed Domino:
v If you have not already installed Domino, launch the Domino InstallShield
Wizard from a Windows workstation by running the setup.exe file located
on the Domino product CD-ROM. Once you complete the installation, you
are given the option to launch the Domino Server Setup Wizard to configure
a Domino server.
v If you have already installed Domino, launch the Domino Server Setup
Wizard from a Windows workstation by running the domwzd.exe file located
on the Domino product CD-ROM.
2. Follow the instructions on each wizard display to configure the new Domino
server. Be sure to specify that you are configuring a Domino server in a new
domain. If you need help with a particular setting, click Help.
3. Configure the Domino server with the following settings specific to a Sametime
installation. Enter other values as needed.
Display Description
Server Name Enter the name of the new Domino server

where you will add Sametime. For example,
specify STDOM1.
Advanced server settings Specify Yes for Enable server partitioning to

allow multiple Domino servers to run on the
same system.
Domain Name Enter the name of the Domino domain. For

example, enter Acme.
Administrator’s Name and Password Specify the Domino administrator’s name.

This administrator will also be the Sametime
server administrator.
Specify a password for the Domino

Administrator.
Internet Services Select Web Browsers (HTTP services).
Sametime requires that you use the Domino

HTTP server.
Deselect Directory Services (LDAP

services).
Even if you plan to use an LDAP directory,

you should not run it on the same server
where you run Sametime.
Domino Network Settings Click Customize to view the Advanced

Network Settings.

Display Description
Advanced Network Settings Click the check box associated with the IP
address for this server. Ensure that only one
check box is selected.
You must edit the Host Name field and

replace the IP address with the fully
qualified Internet host name for this server.
Type over the IP address displayed in the
Host Name column and replace it with the
fully qualified host name for the server. For
example, STDOM1.ACME.COM. You must
press Enter for the change to take effect.
Also, type the fully qualified host name in

the field at the bottom of the display.
When finished, click OK and continue until

Domino server setup is complete.
Related tasks
“Adding a Domino server to an existing Domino domain on IBM i”
You can install or add a Lotus Domino server into an existing Lotus Domino
domain.
Adding a Domino server to an existing Domino domain on IBM i:
You can install or add a Lotus Domino server into an existing Lotus Domino
domain.
1. Register the additional server for your normal operating environment. You
must specify the following settings during registration:
v Store the server ID file that is created during registration somewhere on the
v Change the owner of the ID file to Qnotes by right-clicking the file in
iSeries® Navigator and selecting Permissions.
v Use the same network name as the first Lotus Domino server in the Lotus
Domino domain.
2. Launch the appropriate Domino wizard, depending on whether or not you
have already installed Domino:
v If you have not already installed Domino, launch the Domino InstallShield
Wizard from a Windows workstation by running the setup.exe file located
on the Domino product CD-ROM. Once you complete the installation, you
are given the option to launch the Domino Server Setup Wizard to configure
a Domino server.
v If you have already installed Domino, launch the Domino Server Setup
Wizard from a Windows workstation by running the domwzd.exe file located
on the Domino product CD-ROM.
3. Follow the instructions on each wizard display to complete the addition of the
new Domino server. Be sure to specify that you are configuring an additional
Domino server in an existing domain. If you need help with a particular
setting, click Help.
4. Configure the Domino server with the following settings:

Note: This table only documents settings that directly apply to this Sametime
installation. For settings that are not documented below, you can enter your
own values.
Display Description
Registered Name Provide the registered name of the

additional Domino server where you will
add Sametime. For example, specify
Sales1/Acme.
Advanced server settings Specify Yes for Enable server partitioning to

allow multiple Domino servers to run on the
same system.
Internet Services Select Web Browsers (HTTP services).
Sametime requires that you use the Domino

HTTP server.
Deselect Directory Services (LDAP

services).
Even if you plan to use an LDAP directory,

you should not run it on the same server
where you run Sametime.
Domino Network Settings Click Customize to view the Advanced

Network Settings.
Advanced Network Settings Click the check box associated with the IP
address for this server. Ensure that only one
check box is selected.
You must edit the Host Name field and

replace the IP address with the fully
qualified Internet host name for this server.
Type over the IP address displayed in the
Host Name column and replace it with the
fully qualified host name for the server. For
example, STDOM1.ACME.COM. You must
press Enter for the change to take effect.
Also, type the fully qualified host name in

the field at the bottom of the display.
When finished, click OK and continue until

Domino server setup is complete.
Related tasks
“Installing a Domino server in a new domain on IBM i” on page 266
domain.
Installing the Notes client and Domino administrative client:
To administer the Lotus Domino server, you must install and configure at least one
Microsoft Windows PC as the administration workstation.

Before you begin
Before you can install the Lotus Domino and Lotus Notes clients, you must have
installed and set up the Lotus Domino server.
About this task
Use the IBM Lotus Domino software that shipped with IBM Lotus Sametime to
install and configure the Lotus Domino Administrator and IBM Lotus Notes clients
on the administration workstation.
1. If you are installing from physical media, insert the Lotus Notes Client CD into
the PC you plan to use as the administrator’s workstation.
2. Start the installation wizard.
3. Follow the instructions on each panel of the Lotus Notes installation wizard,
selecting to install both the Lotus Domino Administrator and Lotus Notes
clients.
4. Copy the certifier ID and administrator ID files from the Domino data directory
of your Lotus Domino server to the Lotus Notes data directory of the
Administrator workstation. You can use File Transfer Protocol (FTP) or another
method, or you can let the initial communications between the server and
administration workstation copy the files for you automatically.
5. If necessary, start the Lotus Domino Server.
6. Open Lotus Notes.
7. Follow the instructions in the setup wizard to configure the Lotus Notes client.
If you have moved the certifier and administrator ID files to the PC you have
designated as your administration workstation, indicate the correct location
when asked. If you have not copied the ID files, simply provide the user
administrator name you specified during HTTP setup. You will be prompted
for the password for this ID. The ID files will be copied and stored on your
administration workstation for you automatically.
What to do next
When you have set up the Lotus Domino Administrator and Lotus Notes clients,
you are ready to begin preparing the Domino server for Lotus Sametime
installation
Verifying your Lotus Domino environment:
Verify your Lotus Domino server environment.
Verifying the Domino Server document settings:
After installing the Lotus Domino server and before installing Lotus Sametime
Community Server, you should edit the Lotus Domino server document to make
sure the fields are completed as described below.
About this task
Follow these steps to edit the server document.

1. Start the Domino server.

2. Open the Domino Administrator client and click the Configuration tab.

3. Expand the Server section and then click All Server Documents.
4. Open the Server document for the Domino server on which you are installing
Lotus Sametime. Use the table below to verify the appropriate values for the
fields in the Server document. Make changes to the document if necessary.

Basics tab
Fully qualified Internet host name This field is completed during the Domino
server install, and should contain the fully
qualified host name as known by the DNS
server.
In a test environment, the local hosts table

can be used as well as DNS.
address.
Load Internet configurations from Disabled

Server\Internet Sites documents
Directory assistance database name If a Directory Assistance database does not
already exist on the server, Sametime will
create one during server installation and this
field will be set to da.nsf
Directory Type Make sure this field says ″Primary Domino

Directory.″
If this field contains ″Configuration

Directory,″ shutdown the Domino server and
replicate names.nsf from a master server.
Master servers have a Directory Type of
Primary Domino Directory. If you are unsure
about a server, check the Directory Type
field in the Server document.
Security tab
Administrators This field is completed during the Domino

server install, and should contain the name
of the Sametime administrator. If not, click
the arrow to select a name from an address
book.
Internet authentication Default is ″Fewer name variations with

higher security″, the recommended setting
for tighter security.
Select More name variations with lower

security if Domino Directory authentication
is being used and you want users to be able
to use short names.

Access server Leave this field blank if possible. If you do

include entries, you must add the following
to the list of trusted directories:
Sametime Development/Lotus Notes

Companion Products
Run unrestricted methods and operations After you install the Sametime server, this
field should include these entries:
v The name of the server
v The name of the administrator
v Sametime Development/Lotus Notes
Companion Products
Note: If you have signed agents with an
additional signature, include that name here
as well.
Ports - Notes Network Ports tab
Port TCPIP
Note: This must be typed exactly as shown
in all uppercase letters or you will not be
able to add Lotus Sametime to this server.
Protocol TCP
Net Address The fully qualified host name for the

Domino server as known by the DNS server.

v The Host Name on the Internet
Protocols-HTTP tab specified below.
Commonly:
For example, stdom1.acme.com.

address.
Ports - Internet Ports - Web tab
TCP/IP port number 80 (or 8088 if tunneling is being used)
TCP/IP port status Enabled
Name & password Yes
Anonymous Yes
Internet Protocols - HTTP tab

Host name The fully qualified host name of the Domino

server as known by the DNS server.

v The Net Address on the Ports - Notes
Network Ports tab tab above
Commonly:
For example: stserver1.acme.com

Note: Normally, this CANNOT be a
numeric IP address. For AIX, Linux or
Solaris servers with multiple valid IP
addresses (multi-homed), enter all of the IP
addresses instead of the host name.
Bind to Host name Disable -- for Microsoft® Windows® servers;

also for IBM AIX®, Linux, and Solaris servers
when not using partitioned Domino servers
Enable -- for IBM i® servers; also for IBM

AIX®, Linux, and Solaris servers when using
partitioned Domino servers
Allow HTTP clients to browse databases Yes (enable) for portals, otherwise, not
necessary
Home URL This field is set to ″stcenter.nsf″ during

Lotus Sametime installation.
DSAPI filter file names If this field is set to NDOLEXTN (Domino

Offline Services), remove the value and
leave this field blank.
Internet Protocols - Domino Web Engine

tab
Session Authentication This field is set to Multiple Servers (SSO)

during Sametime installation.
If single sign on (SSO) is not being used,

you can change this to single-server.
Web SSO Configuration This field is set to LtpaToken during

Sametime installation.
Java servlet support Domino Servlet Manager
5. Click Save and Close, if you made changes.

6. Stop and restart the Domino server for the changes to take effect.

Related tasks
Verifying the Domino server is accessible:
Before installing IBM Lotus Sametime, verify that the IBM Lotus Domino server is
accessible from client workstations.
About this task
Test client access (using HTTP) to a Lotus Notes database hosted on your Lotus
Domino server.
Start a Web browser on the workstation and attempt to access names.nsf (or some
other convenient database) by entering the following address into the location bar:
If you have set names.nsf to be inaccessible from clients, test with a database that
clients can access.
http://hostname.yourco.com/names.nsf
If you can sign on using the server administrator ID and internet password to
view the contents of names.nsf, the Domino server is accessible and ready for
installation of Sametime.
Installing a community server on IBM i

Follow these instructions to install a new Lotus Sametime Community Server on
IBM i.
Preparing to install the community server from a downloaded image on IBM i:
Follow these steps to download the installation package for the Lotus Sametime
Community Server for IBM i. If you are installing from physical media, skip this
step.
Before you begin
You should have already installed Domino.
About this task
Follow these steps to download the installation package and create save files.
1. Download the installation package for the Sametime Community Server if you
have not already done so.
c. On your workstation, run the downloaded .exe file to extract the following
files:
v A short Readme document

v Q5724J23IM: IBM i binary save file containing the Sametime *BASE
option
v Q5724J23WC: IBM i binary save file containing Sametime option 1
(This file is included with Lotus Sametime Standard, but not with Lotus
Sametime Entry.)
Complete the remaining steps to transfer the save files from your
workstation to the system where you plan to install the Sametime
Community server.
2. Sign on to the system with a user profile that has *ALLOBJ and *SECADM
special authorities.
3. On any IBM i command line, run the following commands to create a library
and the required empty save files for the Sametime software. The second save
file, MYLIB/Q5724J23WC, is not needed for Sametime Entry.
CRTLIB MYLIB
CRTSAVF MYLIB/Q5724J23IM
CRTSAVF MYLIB/Q5724J23WC
4. Open a Windows Command Prompt session on your workstation and change
to the directory that contains the downloaded files. For example:
cd c:\mydir
5. Start an FTP session with your system and transfer the downloaded files to the
save files you created earlier. The second put command is not needed for
Sametime Entry. Use the same user profile that you used in step 2.
ftp [your IBM i server name or IP address]
username
password
bin
put Q5724J23IM MYLIB/Q5724J23IM (replace
put Q5724J23WC MYLIB/Q5724J23WC (replace
quit
The save files on your system now contain the Sametime Community Server
software.
Related tasks
Pre-accepting the Lotus Sametime software agreements on IBM i:
If you are installing IBM Lotus Sametime from physical media, it is highly
recommended that you display and accept the Lotus Sametime software
agreements before starting the installation.
About this task
If you do not pre-accept the software agreements, the installation process will
restore the product to the system, but then stop and wait for you to accept the
agreements before completing the installation. Skip this step if installing from a
downloaded image.
1. Insert the Lotus Sametime DVD into the optical drive of your system.
2. Enter the following command on an IBM i command line:
GO LICPGM
The Work with Licensed Programs display appears.

3. From the Work with Licensed Programs (LICPGM) menu, select option 5
(Prepare for install) and press Enter. The Prepare for Install display appears.
4. Type 1 in the option field next to Work with software agreements. Press Enter.
When the Work with Software Agreements display appears, you see all IBM
licensed programs that require software agreement acceptance and whether the
agreement has been accepted. Only licensed programs that are not yet installed
appear on this display. The software agreements for Lotus Sametime will not
appear in the list until you restore them from the DVD in a later step.
5. Press F22 (shift-F10) to restore the Software Agreements from the Lotus
Sametime DVD.
For the Device parameter, specify the name of your optical drive (For example,
OPT01). Press Enter to restore the Sametime software agreements to the system.
6. Once the Software agreements are restored, the following message is displayed:
Waiting for reply to message on message queue QSYSOPR.
You can sign on to another session to respond to the message or ask the system
operator to respond.
To view and respond to the message from another session:
v Enter the following command on an IBM i command line:
WRKMSGQ QSYSOPR
v Select option 5 to display the messages in the QSYSOPR message queue.
v Locate the following message in the queue:
Load the next volume in optical device OPT01. (X G)
v The Lotus Sametime software agreements have already been restored. If you
want to restore more software agreements from another DVD, insert the next
DVD and respond with G. When the software agreements have been
restored, the message is issued again. When you are done, respond to the
message with X.
7. The Work with software agreements display should now show the restored
licenses for products that are not yet installed.
v If you are using the DVD for the Entry version of Lotus Sametime, you will
see an entry for Licensed Program 5724J23, option *BASE.
v If you are using the DVD for Lotus Sametime Standard, you will see two
entries for Licensed Program 5724J23: one entry for *BASE and another entry
for Option 1.
8. For each entry for Licensed Program 5724J23, type 5 in the option field and
press Enter to display the Software Agreement. Then press F14 (Accept) to
accept the terms of the software agreement.
Note: In some unusual situations, the following message may be issued when
you attempt to display the Software Agreement:
CPDB6D6 - Software agreement documents are missing. If this occurs, repeat

step 5 to restore the Software Agreements again and continue with the
remaining steps in this procedure.
Running the community server installation program on IBM i:

Before you begin
You should have already installed Domino. If you intend to install from a
downloaded image, you should have downloaded the community server
installation package and created save files.
About this task
Use the IBM i command line to install the community server programs.
2. From the IBM i command line, run the appropriate command for installing
from a downloaded image or physical media.
Installing from a downloaded image
a. Use the RSTLICPGM command to install from the save files you created when
you downloaded the installation package.
This example uses the save files MYLIB/Q5724J23IM and MYLIB/Q5724J23WC.
(For Sametime Entry, the second RSTLICPGM command is not needed.)
RSTLICPGM LICPGM(5724J23) DEV(*SAVF) OPTION(*BASE) LNG(2924) SAVF(MYLIB/Q5724J23IM)
RSTLICPGM LICPGM(5724J23) DEV(*SAVF) OPTION(1) SAVF(MYLIB/Q5724J23WC)
b. When you are prompted to accept the Sametime software agreement, you
must accept it in order to continue.
Installing from physical media
Insert the Lotus Sametime disk in your system optical drive and use the LODRUN
command:LODRUN DEV(*OPT) DIR('/os400')
The system loads the Lotus Sametime programs to the appropriate libraries and
/QIBM directories. You will see status messages as the system installs the
software.
Related tasks
domain.
“Pre-accepting the Lotus Sametime software agreements on IBM i” on page 275
“Verifying authority to install and set up Sametime on IBM i” on page 250
The administrator who installs and sets up IBM Lotus Sametime must sign on to
the system with a user profile that has the required authorities. Before installing,
verify that the user profile you plan to use has the required special authorities.
“Downloading Lotus Sametime files for installation” on page 24
IBM enables users to download IBM Lotus Sametime installation kits from the
Passport Advantage Web site.
Verifying your IBM i library list:
While a single version of IBM Lotus Sametime supports multiple languages, the
Lotus Sametime language feature for the Sametime licensed program is packaged
using the English language feature code.
About this task
If the primary language of your system is not English, follow these steps to verify
that QSYS2924 is in your library list:
Note: If the primary language of your system is English, you do not need to
modify your library list.
1. From an IBM i command line, type the following command and press Enter:
WRKSYSVAL QSYSLIBL
2. On the Work with System Values display, type a 2 next to QSYSLIBL and press
Enter.
3. On the Change System Value display, check whether QSYS2924 is included in
the list. If it is listed, press F3 to exit. If it is not listed, proceed to step 4.
4. Type QSYS2924 next to Sequence Number 0 and press Enter.
5. Press F3 to exit.
6. If you changed the library list, sign off the system and sign back on to activate
the new library list.
Adding the Sametime Community Server to an IBM i Domino Server:
To set up a Lotus Sametime Community Server running on IBM i, provide the

necessary information, such as the directory type and ports.
About this task
Follow these steps to set up the Sametime Community Server.

1. Sign on to the system with a user profile that has *ALLOBJ, *IOSYSCFG, and
*JOBCTL special authorities.
2. Stop the Lotus Domino server.
3. On any IBM i command line, type the command ADDLSTDOM and press F4:
4. In the Domino server name field, type the name of the Domino server where
you will add Sametime.
5. In the Directory type field, select which type of directory Sametime will use.
You must select *LDAP if you want to use the Sametime System Console to
administer this server.
v If you chose *DOMINO, skip to the next step.
v If you chose *LDAP, the following fields are displayed so you can provide
the basic information that enables Sametime to connect to the LDAP server:
Table 29. LDAP fields
Field Description
Name Enter the name of the LDAP server that

Sametime will use.
Note: It is also possible to specify the
TCP/IP address, but this is not
recommended.
Port Enter the IP port that Sametime will use.

The default IP port for LDAP connections is
389.

Table 29. LDAP fields (continued)
Field Description
Bind distinguished name (DN) Enter the distinguished name of the LDAP
directory entry that the Sametime server will
use when binding to the LDAP directory.
This is an optional parameter. If not
specified, ensure the LDAP server is
configured appropriately for anonymous
access from a Sametime server.
Bind password If you specified a Bind distinguished name

(DN), enter the password associated with it.
Administrator name (DN) Enter the distinguished name of an LDAP
administrator who has authority to browse
the LDAP directory. It is used when
configuring policies. This parameter is
optional and defaults to the same value as
the Bind distinguished name.
6. In the HTTP Tunneling field, type either *YES or *NO and press Enter to
display additional parameters.
Note: This option enables Sametime clients that operate behind restrictive
firewalls to connect to the Sametime server and use the presence, chat,
screen-sharing, whiteboard, and broadcast features of Sametime.
7. Complete the following fields (you may need to press the Page Down key to
view these fields):
Field Description
HTTP server port If you chose to allow HTTP tunneling,

specify the port number on which the HTTP
server will listen. The default is 8088.
Event server port Enter the port on which the Event Server
service for this Sametime server should
listen.
Note: If you have more than one Sametime
server installed on the same logical partition
(LPAR) of your server, make sure the Event
Server port is unique for each Sametime
server.

Field Description
Token server port Enter the port on which the Authentication

Server service for this Sametime server
should listen.
Note: If you have more than one Sametime
server installed on the same logical partition
(LPAR) of your system, make sure the Token
server port is unique for each Sametime
server. Refer to the technote ″Verifying each
Sametime for IBM i server on system uses
unique ports″ for information on
determining which Sametime ports are
already in use. The technote is available at
the following url http://www-1.ibm.com/
support/docview.wss?rs=203
&uid=swg21212892.
Remote slide conversion When files are attached to a meeting,

Sametime Conversion Services is a feature
that automatically provides a bitmap
rendering so they can be shared in a
meeting as slides.
Accept the default of *NONE if you will not

host meetings on the Sametime Community
Server.
If you do plan to host meetings on the

Sametime Community Server, accept the
default of *NONE if you prefer to run
Conversion services as an integrated
function of your Sametime server or if you
plan to configure remote slide conversion at
a later time. Note: Running integrated
conversion services on IBM i requires that
the following products be installed:
v Portable Application Solutions
Environment (PASE), 5722SS1 or 5761SS1,
option 33
v OS/400® - Additional Fonts, 5722SS1 or
5761SS1, option 43
If you are ready to provide connection

information for a remote slide conversion
server, specify the fully qualified host name
or IP address of the Windows system where
you will install Sametime Conversion
Services.
8. Press F10 for additional parameters, then complete the following fields.
Field Description
Slide conversion port If you specified the name of a remote slide

conversion server, specify the port on which
the conversion server should listen for
connections from the Sametime server.

Field Description
Start Domino server Specify whether or not you want to have

this Sametime server start when the setup is
complete.
9. Press Enter to run the command.

As Sametime is added to the Domino server, you will see a console screen
that shows the progress of adding Sametime to a Domino server. When a
message is displayed that the addition of Sametime is complete, press Enter.
10. If you did not choose to start the server during setup, start the Domino and
Sametime Community Server now.
Results
The LDAP connection information is stored in a Directory Assistance database on

the Sametime Community server. This database is normally created by
ADDLSTDOM and named da.nsf. If a Directory Assistance database already exists
on the server, then Sametime does not create it and the database may be named
something else. The name of the Directory Assistance database can be found in the
server document (Basics tab).
The LDAP information you provided in this task only allows Sametime to connect
to the LDAP server. When you complete the LDAP configuration after installing
the Lotus Sametime Community Server, you will enable Sametime to search the
directory and authenticate Web browser users.
What to do next
If you did not provide the correct LDAP information in this task, your Sametime
server will be unable to connect to the LDAP server and Sametime will not start.
Usually, the underlying Domino server will start with errors but you can still
access the directory assistance database to make the necessary changes. Once you
have corrected the LDAP connection information, restart the server.
If the Sametime startup failures cause a more serious problem and you are not able
to access the Directory Assistance database, remove ″staddin2″ from the ″Tasks″ list
in the Sametime server’s notes.ini file, and restart the server. After making the
necessary configuration changes, put ″staddin2″ back in the ″Tasks″ list and restart
the Sametime server.
When you start the Sametime Community server it will automatically start an
XVFB server (X Virtual Frame Buffer) that is used when converting files for display
in meetings. If a Sametime Meeting Server is deployed on the same system as the
Community Server, the Meeting and Community servers will share the XVFB
server. If no meetings will be hosted on the system, you can prevent the
Community Server from starting the XVFB server by editing the meetingserver.ini
file in the server’s data directory and changing the ″DISPLAY=″ value to *NONE.
After saving the file, restart the Community Server.

Related tasks
“Starting Domino and a Sametime Community Server on IBM i” on page 422
Follow these instructions to start a Sametime Community Server on IBM i from an
IBM i command line.
Completing the LDAP configuration on IBM i

After installing the Lotus Sametime Community Server on IBM i, use the Sametime
Administration tool to provide the information that Sametime needs to search the
LDAP directory and authenticate Sametime users against entries in the LDAP
directory.
Before you begin
Start the Lotus Sametime Community Server.
Note: If you did not specify the correct LDAP connection information when you
configured the Sametime server, the server will not start. See “Adding the
Sametime Community Server to an IBM i Domino Server” on page 278 to correct
this before proceeding.
About this task
Follow these steps to complete the LDAP directory configuration for Domino.
1. Access the Sametime server by starting your Web browser and entering the
following URL:
http://serverhostname.domain:port/stcenter.nsf
Replace serverhostname.domain with your fully qualified server name and add
the port number if you determined it is not the default port number 80. You
must specify the server’s fully qualified host name; if you do not, you will be
able to access the Sametime Welcome Page, but you will not be able to log in.
For example: http://st85comm1.acme.com/stcenter.nsf
2. From the Sametime Welcome page, click Administer the Server.
3. At the login prompt, and specify the Domino server administrator ID and
password and click Enter.
4. In the Sametime Administration Tool, click LDAP Directory.
5. Enter the settings to enable your Sametime server to access the LDAP directory.
The settings should match the information you provided when you connected
the Sametime System Console to the LDAP server.
6. Click Save & Close.
7. Restart the Sametime server to enable your settings.
What to do next
From a Web browser, access the Sametime Welcome Page using the fully qualified
host name of the Sametime server. Verify that you can log in with a User ID and
password from the LDAP directory.

Related tasks
Related reference
“LDAP directory settings”
Specify settings that determine how IBM Lotus Sametime interoperates with your
LDAP directory.
LDAP directory settings:
LDAP directory.
The Sametime Administration Tool includes the LDAP Directory settings that
enable the Sametime server to operate as a client to an LDAP server. These settings
enable the Sametime server to search the LDAP directory on the LDAP server and
authenticate Sametime users against entries in the LDAP directory.
Note: After changing any LDAP settings, restart the Sametime server.
Connectivity settings
The Connectivity settings enable the administrator to provide the IP address and
ports the Sametime server uses when connecting to the LDAP server, and to
specify whether the Sametime server binds to the LDAP server as an anonymous
or authenticated user. These settings also enable the Sametime server to connect to
multiple LDAP servers, and to use SSL when connecting to the LDAP server.
Table 30. Connectivity settings for the LDAP directory
Field Description Comments
Host name or IP Select the IP address (or fully
address of the qualified DNS name) of the LDAP
LDAP server server for which you want to change
settings.
Position of this If you have configured the Sametime
server in the server to connect to multiple LDAP
search order servers, use this setting to specify
the order in which Sametime will
connect to the LDAP servers by
clicking a number to indicate the
priority of the currently selected
LDAP server.
Port Specify the port over which the The default port for LDAP
Sametime server connects to the access and recommended setting
specified LDAP server; use the port is TCP/IP port 389.
number on which the LDAP server
listens for TCP/IP connections.

Table 30. Connectivity settings for the LDAP directory (continued)
Administrator If you want the Sametime server to When designating an
distinguished bind to the LDAP server as an authenticated user, IBM Lotus
name, anonymous user, leave these fields software recommends that you
Administrator empty. create a unique directory entry
password that is used only for the purpose
If you want the Sametime server to of authenticating connections
bind to the LDAP server as an from the Sametime server to the
authenticated user, specify the LDAP server. After creating the
Distinguished name of an LDAP directory entry, you must ensure
directory entry that the Sametime this directory entry has at least
server uses when binding to the read access to the attributes of
LDAP directory, and then enter the the LDAP directory entries.
password associated with that user.
Use SSL to For tighter security, use SSL to If you choose to enable SSL, you
authenticate and encrypt the connections between the have several additional options,
encrypt the Sametime and LDAP servers. each of which requires
connection additional tasks. For more
between the information, see Enabling
Sametime server encryption between Lotus
and the LDAP Sametime and the LDAP server.
server
Adding another Sametime can connect to multiple If you add an LDAP server, you
LDAP server LDAP servers and can access one must additionally specify the
Port LDAP directory on each LDAP following settings:
server to which it connects. To add v a position for the server in the
an LDAP server, enter its host name search order in the Position
or IP address in this field, and the of this server in the search
port on which you want to connect order field
to the new LDAP server.
v the LDAP directory settings in
described in this topic
v a Directory Assistance
document that enables the
Sametime server to access the
LDAP server
If you no longer want the

Sametime server to access an
LDAP server, you can remove
the LDAP server from the list of
available servers in the Host
name or IP address of the
LDAP server field.
Basics settings
The Basics settings enable the administrator to specify the basic LDAP parameters
required to conduct searches for people, and for groups, in an LDAP directory.
Some of these parameters are also necessary for displaying the names of users in
Sametime user interfaces. The Basics settings include parameters that specify the
level of a directory from which a search begins, the scope of a search, and the
attributes of LDAP directory entries that define person and group names.

Table 31. Basics settings for the LDAP directory
Person settings:
Where to start Specify the base object of the The default setting of ″″ begins the
searching for directory (or level of the search from the root of the directory.
people directory) from which to start a Before accepting this default setting,
search for person entries in the be aware that some LDAP directory
LDAP directory. servers allow the ″″ value only for
searching the LDAP directory root
The default setting of ″″ begins DSE (Directory Server Entry, or entry
the search from the root of the with directory server properties) and
directory. only when the Scope for searching
for a person (discussed in the next
Also, searching from the root of row) is confined to One level below
an LDAP directory generally this setting.
results in a less efficient search
than specifying a specific base
object such as ou=west,
o=acme.
Suggested values for this setting

are:
v Microsoft Active Directory:
cn=users, dc=domain, dc=com
v Netscape Directory:
o=organizational unit (the
computer name)
v Microsoft Exchange 5.5
Directory: cn=Recipients,
ou=computername, o=domain
v Domino Directory:
o=organizational unit
v SecureWay™ Directory:
dc=domain, dc=com

Table 31. Basics settings for the LDAP directory (continued)
Scope for Specify how many LDAP Recursive: Assume theWhere to start
searching for a directory levels below the searching for people setting has the
person Where to start searching for value ″ou=west, o=acme″ and the
people setting to search when Scope for searching for a person
resolving a search for a person setting has the value ″recursive.″
entry. There are two available Now assume the user searches on the
settings: name ″John Smith.″ The search begins
v Recursive (default value) at the ou=west, o=acme directory
level and searches the entire subtree
Search the entire subtree of
of the directory beneath that level.
directory entries beneath the
Such a search might return the
Where to start searching for
following names, depending on the
people setting (or the base
organization of the directory:
object of the search).
v cn=John Smith, ou=managers,
v One level
ou=marketing, ou=west, o=acme
Search only the level
v cn=John Smith, ou=engineering,
immediately below the
ou=west, o=acme
people setting. v cn=John Smith, ou=west, o=acme
The search would fail to turn up the

following directory entries because
the Where to start searching for
people setting in this example begins
the search at the ou=west, o=acme
level of the directory:
v cn=John Smith, o=acme
ou=east, o=acme
One level: For example, assume the

Where to start searching for people
setting has the value ou=west,
o=acme and the Scope for searching
for a person″ setting has the value
″one level.″ Now assume the user
searches on the name ″John Smith.″
The search begins at the ou=west,
o=acme level and searches only one
directory level beneath that level.
v cn=John Smith, ou=west, o=acme
v cn=John Smithson, ou=west,
o=acme
The search would fail to find the

the entries are either more than one
level below the Where to start
searching for people setting, or are
not beneath that setting at all:
v cn=John Smith, ou=marketing,
ou=west, o=acme
ou=east, o=acme

The attribute of Specify the attribute of an Consider an LDAP person entry
the person entry LDAP directory person entry containing the following attributes:
that defines the that is used to display a user’s v cn: James Lock
person’s name name in the Sametime end-user
v givenname: James
interfaces (as the result of a
search or in a privacy or v sn: Lock
presence list). The value of this v mail: jlock@acme.com
setting can be any attribute of
the LDAP directory person In this example, if the The attribute
entry, such as cn (common of the person entry that defines the
name), sn (surname), person’s name setting is ″cn,″ the
givenname, or mail (e-mail search result displays the user’s name
address). as James Lock. If the setting is ″mail″,
the user’s name displays as
The suggested value for jlock@acme.com.
Microsoft Exchange 5.5 Note: You can also write a Java class
Directory, Microsoft Active to control the format of user names
Directory, Netscape Directory, returned from LDAP directory
Domino Directory servers, and searches. This capability is useful if
SecureWay servers is cn. you want user names to display in a
format that is not specified by an
LDAP directory entry attribute. For
more information, see Using Java
classes to customize LDAP directory
searches.
Attribute used to Sspecify the attribute of a This setting can specify any attribute
distinguish person entry that is used to of a person entry that can
between two differentiate between two users differentiate one person from another
similar person that have the same common person with the same name. An
names name (cn) attribute. example value for this setting is the
mail attribute, which contains the
Suggested values for this setting e-mail address of an LDAP directory
are: person entry.
Directory, Netscape Directory, To illustrate, assume that a search on
Domino Directory, SecureWay the name John Smith returns two
Directory: mail person entries with the common
name (cn) John Smith. Since the two
John Smiths will have different e-mail
user principal name
addresses, the mail attribute can be
displayed to enable the user to
determine which John Smith is the
correct one.
The object class Specify the attribute of a Sametime assumes that individual
used to determine directory entry that identifies users are represented by entries with
if an entry is a the entry as a person. a unique object class. Sametime
person compares the name of the object class
The suggested value for specified in this setting to the object
Microsoft Exchange 5.5 class values of each entry to decide
Directory, Microsoft Active whether the entry is a person or a
Directory, Netscape Directory, group. Enter the object class attribute
Domino Directory, and used for people in the LDAP schema
SecureWay Directory is of the LDAP directory in your
organizationalPerson. environment.

Attribute of a Specify the attribute of a person This setting is required by
person entry that entry that contains the user’s components of the Sametime server
defines a person’s e-mail address. that use the Session Initiation
e-mail address Protocol (SIP), such as the Sametime
Suggested values for this setting Gateway to connect to other instant
are: messaging services. SIP entities are
v Microsoft Exchange 5.5 identified by their e-mail addresses.
Directory, Netscape Directory,
Domino Directory, SecureWay
Directory: mail
user principal name
Group settings:
Where to start Specify the base object of the Before accepting the default setting
searching for directory (or level of the (″″), be aware that some LDAP
groups directory) from which to start a Directory servers allow the ″″ value
search for group entries in the only for searching the LDAP
LDAP directory. directory root DSE (Directory Server
Entry, or entry with directory server
The default setting of ″″ begins properties) and only when the search
the search from the root of the scope is confined to One level below
directory. the Where to start searching for
groups setting. Also, searching from
Suggested values for this setting the root of an LDAP directory
are: generally results in a less efficient
v Microsoft Active Directory : search than setting a specific base
cn=users, dc=domain, dc=com object (such as ou=west, o=acme) for
v Netscape Directory: the search.
computer name) The extent of the search for group
entries is further controlled by the
v Microsoft Exchange 5.5 Scope for searching for groups
Directory: cn=Recipients, setting, described in the next row.
v Domino Directory:
v SecureWay Directory:
dc=domain, dc=com

Scope for Specify how many levels below Recursive:
searching for the Where to start searching
groups for groups setting to search for Assume the Where to start searching
a group entry in the LDAP for groups setting has the value
directory. There are two ou=west, o=acme, and the Scope for
available settings: searching for groups setting has the
value ″recursive.″
v Recursive (default value)
Search the entire subtree of Now assume the user searches on the
directory entries beneath the name ″Marketing.″ The search begins
Where to start searching for at the ou=west, o=acme level and
people setting. searches the entire subtree of the
v One level directory beneath that level. Such a
search might return the following
group names, depending on the
people setting. v cn=Marketing, ou=Los Angeles,
ou=west, o=acme
The Search filter for resolving
v cn=Marketing, ou=San Diego,
group names setting (in the
ou=west, o=acme
“Search settings” on page 292
section) provides the search v cn=Marketing, ou=west, o=acme
filter that resolves the user’s
input (Marketing) to a specific The search would fail to turn up
group entry in the LDAP directory entries such as:
directory. v cn=Marketing, o=acme
v cn=Marketing, ou=Pittsburgh,
ou=east, o=acme
One level:
Assume the ″Where to start searching

for groups″ setting has the value
ou=west, o=acme, and the ″Scope for
searching for groups″ setting has the
value ″one level.″
Now assume the user searches on the

name Marketing. The search begins at
the ou=west, o=acme level and
searches only one level beneath that
level.
Such a search might locate a group

entry such as:
cn=Marketing, ou=west, o=acme
The search would fail to turn up a

directory entry such as:
cn=Marketing, ou=Los Angeles,

ou=west, o=acme

Attribute used to Specify the attribute of a group An example of a value for this setting
distinguish entry that is used to is the ″info″ attribute of an LDAP
between two differentiate between two group entry. In many LDAP
similar group groups that have the same directories, the ″info″ attribute
names common name (cn) attribute. contains descriptive information
about a group. For example, assume
Suggested values for this setting that a search on the name
are: ″Marketing″ returns two group
v Microsoft Exchange 5.5 entries with the common name
Directory: info Marketing. The information contained
v Netscape Directory, Domino in the info attribute (such as ″West
Directory, Microsoft Active region″ or ″East region″) of the group
Directory, SecureWay entry can be used to distinguish
Directory: description between the two groups.
The group object Specify the attribute of a In some situations, Sametime must
class used to directory entry that identifies determine whether a directory entry
determine if an the entry as a group. returned by a search is a person or
entry is a group group entry. Sametime assumes that
Enter the objectclass attribute groups are represented by entries
used for groups in the LDAP with a unique object class. Sametime
schema of the LDAP directory compares the name of the object class
in your environment. specified in this setting to the object
class values of each entry to decide
Suggested values for the setting whether the entry is a group or a
are: person.
group
groupOfUniqueNames
v Microsoft Exchange 5.5 and
Domino Directories:
groupOfNames
groupOfUniqueNames
Authentication settings
The Authentication settings ensure that Sametime users can be authenticated

against entries in an LDAP directory. The administrator must specify an LDAP
search filter that can resolve a name provided by a user to a Distinguished Name
(DN) in an LDAP directory. The Authentication settings also enable the
administrator to specify the field in the LDAP directory person entries that
contains the name of each user’s home Sametime server.
Note: The administrator must add a field to the person entries in the LDAP
directory to hold the name of each user’s home Sametime server, or use an existing
field in the person entries for this purpose.

Table 32. Authentication settings for the LDAP directory
Search filter to Specify the filter to use when To authenticate a user, Sametime
use when resolving the name (or text string) must know the distinguished
resolving a user provided by a user to a name of the user’s person entry
name to a distinguished name for in the LDAP directory.
distinguished authentication purposes.
name Consider the following default
The specific search filter used for this search filter in which the value
setting must be based on the schema ″%s″ is substituted for the string
of the LDAP directory the Sametime provided by the user when
server is accessing. logging in :
&(objectclass=
The default value is: organizationalPerson)
&(objectclass= (|(cn=%s)(givenname=%s)
organizationalPerson) (sn=%s)(mail=%s*)))
(|(cn=%s)(givenname=%s)(sn=%s)
(mail=%s*))) Note: You can find detailed
information on the syntax and
This filter is the suggested value for formatting of search filters at the
Microsoft Exchange 5.5, Microsoft following Web site:
Active Directory, Netscape Directory, http://
Domino Directory, and SecureWay developer.netscape.com/docs/
Directory servers. manuals/directory/41/ag/
Note: In some cases, for Microsoft find.htm#1046960
Active Directory it may be necessary
to substitute (user principal This filter first performs a search
name=%s*) for (mail=%s*) . for all entries of the type (or
object class) organizationalPerson.
The search filter then looks for
an exact match with either the
common name (cn), given name,
or surname (sn) attribute of the
person entry. If the search
locates a person entry with an
attribute value that matches the
text string provided by the user,
the Sametime server accesses the
person entry with that
distinguished name when
authenticating the user.

Table 32. Authentication settings for the LDAP directory (continued)
Home Sametime Specify the name of the field within The home Sametime server is
server the LDAP person entries that the Sametime server on which
contains the name of each user’s the preferences and data of a
home Sametime server. Community Services user are
saved. Users connect to the
home Sametime server for
presence and chat functionality.
If you have installed multiple
Sametime servers, each user’s
person entry in an LDAP
directory must contain a field in
which a user’s home Sametime
server can be specified. You can
either:
v Add a new field to the LDAP
directory to hold the name of
each user’s home Sametime
server. This added field must
appear in the person entry of
every Sametime user in the
LDAP directory.
v Use a field that already exists
in the person entries of each
Sametime user (such as the
e-mail address) for this
purpose.
Search settings
The Searching setting enables the administrator to specify the search filters
required to resolve the names of people and groups to specific entries in an LDAP
directory.

Table 33. Searching settings for the LDAP directory
Search filter for Specify the filter to use when To search for a user name, a
resolving person matching a name to person entries in Sametime end user enters a text
names the LDAP. string in the user interface of a
Sametime client. This setting
The default value is: defines the LDAP search filter
(&(objectclass= responsible for selecting a user
organizationalPerson)(|(cn=%s*) name from the LDAP directory.
(givenname=%s)(sn=%s)(mail=%s*))) The search filter matches the text
string provided by the user to
The Where to start searching for information contained within the
people and Scope for searching for attributes of LDAP directory
a person settings in the “Basics person entries.
settings” on page 284 section define
the level of the directory tree from Consider the following default
which the search begins and how search filter in which the value
much of the directory is searched. ″%s″ represents the text string
provided by the user:
(&(objectclass=
organizationalPerson)
(|(cn=%s*)(givenname=%s)
(sn=%s)(mail=%s*)))
Note: You can find detailed

formatting of search filters at the
following Web site:
http://developer.netscape.com/
docs/manuals/directory/41/ag/
find.htm#1046960
The default search filter first

looks for entries whose type (or
object class) is
organizationalPerson. The search
filter looks for a prefix match
(%s*) with an entry’s common
name, a complete match with an
entry’s given name, or a
complete match with the entry’s
surname attribute.
Using the default search filter, a

search on the person name
″James″ might return the
following directory entries
(provided that each directory
entry is of the objectclass
organizationalPerson).
v Jameson Sanders
v James Lock
v James Clark
v Henry James

Table 33. Searching settings for the LDAP directory (continued)
Search filter for Specify the filter to use when To search for a group name, a
resolving group matching a name to group entries in Sametime end user enters a text
(&(objectclass=groupOfNames) responsible for selecting the
(cn=%s*)) group name from an LDAP
directory. The search filter
The search filter used for resolving matches the text string provided
group names must be based on the by the user to values listed for
schema of your LDAP directory. The the attributes of the LDAP
suggested value for Microsoft directory group entries.
Exchange 5.5 and Domino directory Note: You can find detailed
servers is the default search filter. information on the syntax and
The other suggested values for this following Web site:
setting are: http://developer.netscape.com/
v Microsoft Active Directory: docs/manuals/directory/41/ag/
(&(objectclass=group)(cn=%s*)) find.htm#1046960
v Netscape Directory and SecureWay The default search filter first
Directory: looks for directory entries of the
(&(objectclass= type (or object class)
groupOfUniqueNames)(cn=%s*)) groupOfNames. The search filter
The Where to start searching for then looks for a prefix match
people and Scope for searching for (%s*) with the common name
a person settings in the “Basics (cn) attribute of the
settings” on page 284 section define groupOfNames entries.
the level of the directory tree from
which the search begins and how
search on the name ″Market″
much of the directory is searched.
might return the following group
entries from the directory
(provided that each entry also
has the groupOfNames object
class attribute):
v Marketing
v Marketers
v Markets
Note: If a single search filter is
not adequate to resolve group
searches in your environment,
you can create a custom Java
class that refines the group
search capabilities. This
capability is useful in
environments with complex
LDAP directory schemas. For
classes to customize LDAP
directory searches.

Policy search Specify a search filter to use when A policy allows you to restrict
filters resolving a user’s or group’s access to certain features of
membership in a policy, to determine Sametime when you use either
access right during authentication. the Domino LDAP or IBM
Directory Server for user
For Domino, you can use an empty management. The filters for
string (″″) if you don’t want to create searching for people and groups
a filter. The IBM Directory Server in Policy are similar to those
requires a non-empty value here; for used for searching for people
example: dc=teamspace,dc=com and groups in LDAP but are
designed to draw on information
stored in Domino or IBM
Directory Server.
Group Content settings
The Group Contents setting enable the administrator to specify the attribute of a
group entry that contains the names of group members.
Table 34. Group Contents settings for the LDAP directory
Field Description
Attribute in the Specify the name of the attribute in If an end user adds a group to a
group object the group entry that contains that presence list, privacy list, or a list
class that has the names of invidual people or that restricts meeting attendance,
names of the subgroups. Sametime must obtain the list of
group members members within the group so
Suggested values for this setting are: that individual members of the
v Microsoft Active Directory, group can be displayed. The
Microsoft Exchange 5.5 Directory, ″Attribute in the group object
and Domino Directory: member class that has the names of the
v Netscape Directory and IBM group members″ setting defines
Secureway Directory: the attribute within an LDAP
UniqueMember directory group entry that holds
the names of all members of the
group.
This setting assumes that the

LDAP directory schema uses a
single directory entry to
represent a group, and that
names of group members are
held in one attribute that
contains multiple values. This
assumption is true for Microsoft
Exchange 5.5, Microsoft Active
and Domino environments.
Add Administrator settings
The Add Administrator settings are used to enable additional administrators to

access the Sametime Administration Tool.

Note: Although you can use the Sametime Administration Tool to configure LDAP
settings, you must use the LDAP tool itself to person and group entries.
Table 35. Add Administrator settings for the LDAP directory
Administrator Specify the user name of each Only users that are entered in
Sametime Administrator. the LDAP directory on the
LDAP server can authenticate
with the Sametime server. A
Sametime administrator must
have a Person document in the
Domino Directory on the
Sametime Administration Tool.
The Administrator can

authenticate with the Sametime
Administration Client whether
he or she is in the Domino or in
the LDAP directory. However, if
the server is configured for
LDAP, then the Administrator
has to be registered in the LDAP
directory to receive access to the
Assign Users function of the
User Policy.
Access Control settings
The Access Control settings enable the administrator to work with Access Control
Lists.
Table 36. Access Control settings for the LDAP directory
User or Group Specify the name of a person or Registering groups in the Access
Name group entry in the LDAP directory Control List is more efficient
that should have access to Sametime than listing individual users
servers. because you can include more
users in less time, and can easily
When entering names in this field: update the individual group
v Use the fully qualified listings later.
distinguished name of the user or
group, but use forward slashes (/)
as delimiters instead of commas (,).
For example, use:
cn=John Smith/ou=managers/
ou=marketing/ou=west/o=acme
instead of:
cn=John Smith, ou=managers,
v You can use an asterisk (*) as a
wildcard character when entering
names. For example, entering
*/ou=West/o=Acme is equivalent
to entering all users in the
ou=West, o=Acme branch of the
directory to the ACL.

Registering a Community Server on IBM i with the System
Console
After installing a Lotus Sametime Community Server on IBM i, register it with the
Lotus Sametime System Console, so you can manage all of the Lotus Sametime
servers from a central location.
Before you begin
Make sure the following servers are ready for the registration task:
v The Lotus Sametime Community Server must be configured to use an LDAP
directory, and must be started.
v The LDAP server must be started, and must be connected to the Lotus Sametime
System Console.
About this task
details on each file. You may want to open each topic in a new browser tab or
1. Back up the console.properties and productConfig.properties files:
a. Navigate to the Community Server’s sametime_server_data_directory/
console directory.
b. Make back-up copies (using different names) of the console.properties and
2. Update the following values in the console.properties file and save the file.



Table 37. console.properties settings (continued)

The only required value in this file is
DepName: Provide a descriptive name for your deployment; it must be a
unique deployment name on the Lotus Sametime System Console.
4. Run the registerSTServerNode.sh registration utility:
QShell Interpreter: QSH
b. Navigate to the server’s console directory; for example: cd
/stserver/data/console.
c. Run the shell script to register the server: registerSTServerNode.sh
d. As the registration utility runs, you will be prompted to enter the following
information:
Location of notes.ini file Type the full path to the directory containing
the notes.ini file (for example,
/stserver/data), and press Enter.
Lotus Domino administrator user name This is the account that you created for
managing the Lotus Sametime Community
Server from the Community Server
Administration Tool. Type the Lotus Domino
administrator’s user name, and press Enter.
Lotus Domino administrator password Type the password associated with the Lotus
Domino administrator user account, and
press Enter.
e. When the registration script completes, press F3 to exit QSH.

The utility registers the server and generates a log file called
ConsoleUtility.log, storing it in the consoles/logs directory. If the
5. Modify the sametime.ini file:
a. Navigate to the Sametime data directory and open the sametime.ini file in
a text editor.
b. In the [Policy] section of the file, locate the following setting:
c. Move (do not copy) this line to the [Directory] section of the file.
6. Restart the Lotus Sametime Community Server.
After you restart the server, the SSCUserName and SSCPassword settings will be
removed from the console.properties file and replaced with a new
SSCEncodedAuthorization setting; for example:
SSCEncodedAuthorization=d2FzYWRtaW46MTIz

Enabling IPv6 support on a Lotus Sametime Community Server
Enabling support for IPv6 addressing on an IBM Lotus Sametime server involves
configuring settings for both Lotus Domino and Lotus Sametime.
Before you begin
Install Lotus Domino and a Lotus Sametime Community Server as described

earlier; these products must be installed before you can modify their configuration
settings.
addressing.
About this task
To enable support for IPv6 addressing on the Lotus Sametime Community Server,
modify the configuration settings for Lotus Domino and for Lotus Sametime as
explained in the following topics:
Configuring Lotus Domino to support IPv6 addressing:
The IBM Lotus Sametime Community Server is hosted on Lotus Domino. When
you enable support for IPv6 addressing on the Community Server, you must
additionally ensure that the underlying Lotus Domino server also supports IPv6.
Before you begin
Lotus Sametime supports IPv6 addressing only with Lotus Domino 8.0 or later. If
you use an earlier release of Lotus Domino, you must upgrade it to release 8.x
before you can configure it for IPv6 addressing.
About this task
The steps to enabling IPv6 support in Lotus Domino vary with the operating
system:
Configuring Lotus Domino for IPv6 addressing on IBM i:
Before an IBM Lotus Sametime server can support IPv6 addressing on IBM i, you
must configure IPv6 support for the Lotus Domino server on which it is hosted.
About this task

Domino to support IPv6 involves several steps, including adding configuration
settings to the notes.ini file for the Lotus Domino server. The steps for enabling
only IPv6 support are different from the steps for enabling support for both IPv4
and IPv6; follow the instructions in the appropriate topic:
Configuring Lotus Domino to support both IPv4 and IPv6 addressing on IBM i:

Before an IBM Lotus Sametime Community Server can support both IPv4 and IPv6
addressing on IBM i, you must configure support for both addressing protocols on
the Lotus Domino server where the Community Server is hosted.
Before you begin
About this task

Domino to additionally support IPv6 addressing involves several steps, including
adding configuration settings to the notes.ini file for the Lotus Domino server.
Domino″ in the Lotus Domino Administration information center.
1. Enable support for both IPv4 and IPv6 addresses in Lotus Domino by adding
the following settings to the notes.ini file:
tcp_enableipv6=1
2. If you want to be able to use a Lotus Notes client to access the server with an
IPv6 address, add the IPv6 information to the Domino server configuration by
running the CHGDOMSVR command as follows:
a. On any IBM i command line, type CHGDOMSVR and press F4 to display the
command prompt.
b. Specify the Lotus Domino server name and press Enter to display
additional parameters. Then page down to display the TCP/IP port options
prompt.
c. Type a plus sign (+) in the entry field that follows the prompt (as shown
below) and press Enter.
Log client session events . . . *SAME
TCP/IP port options: +
Communications port . . . . . *SAME
This displays the current TCP/IP port options.
d. Page down to display a second section, where you can enter information for
the additional TCP/IP port. Specify the following settings:
Communications port: TCPIPV6

Internet address: Specify the explicit IPv6 address (not the
host name).
Enable port: *YES
For the remaining parameters, specify the options of your choice, and then
press Enter.
e. Now press Enter to run the command.
f. Verify that the port options were updated in the notes.ini file to look like
this:
Ports=TCPIP,TCPIPV6
TCPIP=TCP,0,15,0,,12288
TCPIPV6=TCP,0,15,0,,12288
TCPIP_TcpIPaddress=0,Domino_server's_explicit_IPv4_address
TCPIPV6_TcpIPaddress=0,Domino_server's_explicit_IPv6_address

3. Verify that the server host table and the Domain Name Server use the server’s
IPv6 address. Both the IPv4 and IPv6 address should map to the same host
name.
You should have set these values when setting up your IBM i server before
installing Lotus Domino; for information, see the section Preparing the TCP/IP
environment on IBM i.
The contents of the Domain Name Server should be two DNS entries for the
host name of your Sametime server: one entry that maps the host name to the
IPv4 address and another that maps it to the IPv6 address.
5. Determine which IP address must be added to the HTTP hostname field in the
server document:
The choice of IP address depends on how the Domain Name Server resolves
the host name. To determine which IP address to add to the server document,
attempt to access the Lotus Sametime Community Server from a Web browser
using an IPv4 client:
http://Community_Server_host_name
v If you can access the server with the IPv4 client, update the Community
Server’s ″Server″ document in Lotus Domino by adding the IPv6 address (see
next step).
v If you cannot access the server with the IPv4 client, then update the
Community Server’s ″Server″ document in Lotus Domino by adding the IPv4
address (see next step).
6. Update the HTTP hostname field in the Community Server’s ″Server″
document:
a. On the Lotus Domino/Lotus Sametime server, start the Domino
Administrator client.
your Community Server’s name to open the corresponding ″Server″
document.
The fully qualified host name of the Community Server should already
appear in the HTTP hostname field.
d. Update the HTTP hostname field by pressing Enter (used as a delimiter)
and then adding the appropriate IP address as determined in the previous
step.
v If you were able to access the server with the IPv4 client, add the IPv6
address now.
v If you were not able to access the server with the IPv4 client, add the
IPv4 address now.
Attention: Do not add both the IPv6 and the IPv4 addresses.
7. Restart the HTTP service on the Lotus Domino server by running the following
command in the console:
tell http restart
8. Verify that you can access the Community Server using either an IPv4 or an
IPv6 client with the following URL:
http://Community_Server_host_name
Configuring Lotus Domino to support only IPv6 addressing on IBM i:

Before an IBM Lotus Sametime Community Server can support IPv6 addressing on
IBM i, you must configure IPv6 support for the Lotus Domino server on which it is
hosted.
Before you begin
About this task

Domino to support IPv6 addressing involves several steps, including adding
configuration settings to the notes.ini file for the Lotus Domino server.
Domino″ in the Lotus Domino Administration information center.
1. Enable support for IPv6 addresses in Lotus Domino by adding the following
settings to the notes.ini file:
tcp_enableipv6=1
2. Update the Domino TCP/IP port settings in the notes.ini file so they only
specify the IPv6 address, like this:
Ports=TCPIPV6
TCPIPV6=TCP,0,15,0,,12288
TCPIPV6_TcpIPaddress=0,Domino_server's_explicit_IPv6_address
3. Update the stcommsrvrtk.jar file in the Lotus Domino installation directory:
To support IPv6–only addressing for a Lotus Sametime Community Server
running on IBM i, you must replace the stcommsrvrtk.jar file with a newer
version. Run the following command, where ″8xx″ is the version of Lotus
Domino that you are using for your Community Server:
CPY OBJ('/QIBM/ProdData/LOTUS/sametime/stcommsrvrtk.jar')
TODIR('/QIBM/ProdData/LOTUS/domino8xx') REPLACE(*YES) OWNER(*KEEP)
For example, if your Community Server is running on a Domino 8.0.2 server,
run this command:
CPY OBJ('/QIBM/ProdData/LOTUS/sametime/stcommsrvrtk.jar')
TODIR('/QIBM/ProdData/LOTUS/domino802') REPLACE(*YES) OWNER(*KEEP)
4. Verify that the server host table and the Domain Name Server use the server’s
IPv6 address, which is mapped to the host name.
You should have set these values when setting up your IBM i server before
installing Lotus Domino; for information, see the section Preparing the TCP/IP
environment on IBM i.
6. Determine whether you need to add the IPv6 address to the HTTP hostname
field in the Community Server’s ″Server″ document in Lotus Domino:
This depends on how the Domain Name Server resolves the host name. To
determine whether you need to add the IPv6 address to the ″Server″ document,
attempt to access the Community Server from a Web browser using an IPv6
client:
http://Community_Server's_host_name
v If you do need to add the IPv6 address, continue with step 7; otherwise, skip
to step 8.

7. To add the IPv6 address to the HTTP hostname field in the server document,
complete the following substeps:
your Community Server’s name to open the corresponding ″Server″
document.
c. In the ″Server″ document, click Internet Protocols → HTTP.
The fully qualified host name of the Community Server should already
appear in the HTTP hostname field.
d. Update the HTTP hostname field by pressing Enter (used as a delimiter)
and then adding the IPv6 address to the field.
tell http restart
8. Verify that you can access the Community Server from a Web browser using an
IPv6 client:
http://Community_Server's_host_name
Configuring the Lotus Sametime Community Server to support IPv6

addressing:
Before you begin
Enable support for IPv6 addresses on the Lotus Domino server hosting this Lotus
addressing.
About this task
Follow the steps below to configure IPv6 support on the Lotus Sametime
Community Server:
1. Stop the Community Server.
2. Locate the sametime.ini file in the Lotus Sametime Community Server’s data
3. In the [Connectivity] section, add (or modify) the following statements:
VPS_HOST=Explicit_IP_address_of_this_server
UCM_LOCAL_IP=Explicit_IP_address_of_this_server
where:

protocols:
– If you support only IPv6 addressing, set this to ″6″ to disallow
IPv4–formatted addresses.
protocols but attempt to resolve addresses, using IPv4 protocol first.
v VPS_HOST specifies the explicit IP address of this Lotus Sametime Community
Server. Use the IP address that matches the setting in
v UCM_LOCAL_IP specifies the explicit IP address of this Lotus Sametime
server running on this computer.
server running on this computer; normally this is port 80.
4. In the [Config] section, add (or modify) the following statement:
STLINKS_HOST=Explicit_IP_address_of_this_server
where STLINKS_HOST specifies the explicit IP address of this Lotus Sametime
specify an IPv4–format address, but if you set that value to ″6″ then specify an
IPv6–format address.
Table 38. Accepted values for STLINKS_HOST
notation
notation
sametime.ini file:
v If this Lotus Sametime Community Server will support both IPv4 and IPv6
addressing:
VPMX_PORT=1533
VPHMX_PORT=8082
Where:
that follow it.

– VPMX_HOSTNAME specifies the addresses where the multiplexer residing on
this server handles Lotus Sametime client communications. (The
multiplexer was installed automatically as a part of the Lotus Sametime
Community Server; if you will additionally install a stand-alone
Community Mux, you will need to enable support for IPv6 addressing on
that server as well).
notation
notation
protocol.
– VPMX_PORT specifies the port on which the multiplexer residing on this
server listens for client connections, normally port 1533.
– VPHMX_HOSTNAME specifies the addresses where the multiplexer residing on
this server handles HTTP client communications.
notation
notation
protocol.
– VPHMX_PORT specifies the port on which the multiplexer residing on this
server listens for HTTP client connections, normally port 8082.
v If this Lotus Sametime Community Server will support only IPv6 addressing:
[Debug]
VPMX_HOSTNAME=::
VPMX_PORT=1533
VPHMX_HOSTNAME=::
VPHMX_PORT=8082
6. IBM i only: If you will support both IPv4 and IPv6 addressing, replace all of
the remaining Lotus Sametime Community Server host names in the
sametime.ini file with the correct IPv4 or IPv6 address, based on your address
preference as specified with the UCM_RESOLVE_PREFERRED_IP_VER setting.
For example:

of stserver1.acme.com to 2001:db8:85a3:0:0:8a2e:370:7334 (the
corresponding IPv6 address).
of stserver1.acme.com to 9.42.127.134 (the corresponding IPv4 address).
8. Start the Community Server.
What to do next
If your Lotus Sametime Community Server is hosted on a Linux SuSE server, you
will additionally need to edit the ststart script to enable support for IPv6
addressing in SuSE as described in the next topic.
Installing and setting up a separate Community Services

multiplexer
Installing and setting up a separate Community Services multiplexer involves the
following considerations and procedures. The multiplexer can be installed on AIX,
Linux, Solaris, and Windows and can also be connected to an IBM i deployment
through one of those platforms.
Planning to install a separate multiplexer for a single Sametime Community

Server:
Consider the requirements of the Community Server multiplexer machine before

installing it.
v Community Server multiplexer installation files are available for Windows, AIX,
Linux, and Solaris. A separate Community Server multiplexer cannot be installed
on IBM i. However, Sametime on IBM i supports the use of a separate
multiplexer installed on a Windows system.
v The minimum system requirements for the Community Server multiplexer
machine are the same as the system requirements for the core Sametime
Community Server.
v A machine that meets the minimum system requirements should be able to
handle approximately 20,000 simultaneous client connections.
v Testing indicates that machines with dual 1133 MHz CPUs and 2 GB of RAM
can handle approximately 30,000 simultaneous client connections.
v TCP/IP connectivity must be available between the Community Server
multiplexer machine and the Sametime Community Server. Port 1516 is the
default port for the connection from the Community Server multiplexer machine
to the Sametime Community Server.
Installing the Community Services multiplexer:
To deploy a stand-alone Community Services multiplexer, install it on a separate

computer.
About this task
Follow these steps to install the Community Services multiplexer:


click OK.
Before you begin
About this task
continue.
Mux Servers.
Related concepts
Related tasks

Before you begin
Community Servers.
respectively.
d. Click Save.
Configuring security for the multiplexer:
Update the CommunityConnectivity document in the stconfig.nsf database to

enable the Sametime Community Server to accept connections from the
Community Server multiplexer.
About this task
A Sametime Community Server only accepts connections from a Community

Services multiplexer that is listed in the ″CommunityTrustedIps″ field of a
″CommunityConnectivity″ document to prevent an unauthorized machine from
connecting to the Sametime Community Server.
1. Use a Lotus Notes client to open the stconfig.nsf database on the Sametime
Community Server.
2. Open the CommunityConnectivity document in the stconfig.nsf database by
double-clicking on the date associated with the document.
If the CommunityConnectivity document does not exist in the stconfig.nsf
database, you must create it. To create the CommunityConnectivity document,
choose Create → CommunityConnectivity from the menu bar in the stconfig.nsf
database.
3. In the ″CommunityTrustedIps″ field, enter the IP addresses of the Community
Services multiplexer machine(s). If you enter multiple addresses, separate each
address with a comma.
The IP addresses of SIP Connector machines associated with a Sametime
community are also entered in this field.
4. Save and close the CommunityConnectivity document.
Configuring the sametime.ini file for the multiplexer:

When the multiplexer is installed on a separate machine, the configuration of the
multiplexer is controlled by the settings in the sametime.ini file on the multiplexer
machine. Review the settings in the Sametime.ini file on the multiplexer machine
to confirm that they are appropriate for your site.
About this task
Notes about maximum user and server connections with a multiplexer:

v When the Community Services multiplexer is installed on a separate machine,
Community Services users do not connect to the Sametime server. Therefore, the
Maximum user and server connections to the Community Server setting in the
Sametime Administration Tool for the Sametime Community Server does not
apply. Use the VPMX_CAPACITY= parameter in the multiplexer’s sametime.ini
file to control the maximum number of connections.
v Multiplexer machines that meet the minimum system requirements can
successfully handle 20,000 connections. This value may vary depending on the
processing capabilities of the multiplexer machine. Multiplexer machines that
have dual 1133 MHz CPUs and 2GB of RAM can successfully handle as many as
30000 connections.
Follow these steps to confirm or change the settings for VPS_HOST, VPS_PORT,
and VPMX_CAPACITY, open the sametime.ini file on the Community Server
multiplexer machine.
1. Open a text editor on the Community Server multiplexer machine.
2. Open the Sametime.ini file located in the Sametime server installation directory
(the default directory in Windows is C:\program files\lotus\domino).
3. Confirm the host name (VPS_HOST) of the Sametime server to which the
Community Services multiplexer connects (specified during the Community
Services multiplexer installation and in the stconfig.nsf database.
4. Confirm the port (VPS_PORT) the Community Services multiplexer uses to
establish the connection with the Sametime server (default port 1516).
5. Confirm or change the maximum number of simultaneous connections allowed
to the multiplexer (VPMX_CAPACITY).
The default value is 20,000 connections:
VPMX_CAPACITY=20000
6. Save the sametime.ini file.
Configuring a stand-alone Community Mux for IPv6:
Configure settings to establish connectivity between an IBM Lotus Sametime server

and a stand-alone Lotus Sametime Community Mux when using IPv6 addressing.
About this task
Each Lotus Sametime server contains a local Community Services multiplexer

component. The multiplexer handles and maintain connections from Lotus
Sametime clients to the Community Services on the Lotus Sametime server. If your
multiplexer is hosted on the same server as Community Services, it was already
enabled for IPv6 support when you configured the Community Services.
If you installed a stand-alone Community Mux (hosted on a separate server), you

can enable IPv6 support as described below.
1. Stop the multiplexer.

2. Locate the sametime.ini file in the Sametime Community Mux installation
3. Add (or modify) the following statements to the [Connectivity] section within
the file:
Note: The first three settings must match the values used for the Lotus
Sametime server where Community Services are hosted; these values must use
the same IP protocol as well.
VPS_HOST=Explicit_IP_address_of_Sametime_server
UCM_LOCAL_IP=Explicit_IP_address_of_Community_Mux
where:
protocols:
protocols but attempt to resolve addresses using IPv4 protocol first.
– If you support only IPv6 addressing, set this to ″6″ -- this will still allow
both protocols, but will attempt to resolve addresses using IPv6 protocol
first in case your operating system is enabled for both IP protocols.
v VPS_HOST specifies the explicit IP address of the Lotus Sametime server to
which this Community Services multiplexer connects. This value must use
the format specified in UCM_RESOLVE_PREFERRED_IP_VER; for example if you
entered a ″4″ for that setting, then you must provide an IPv4–format IP
address here.
v UCM_LOCAL_IP specifies the explicit IP address of the Community Mux
machine (using dot notation for IPv4 protocol or colon notation for IPv6
protocol). This value must use the format specified in
UCM_RESOLVE_PREFERRED_IP_VER; for example if you entered a ″4″ for that
setting, then you must provide an IPv4–format IP address here.
server where Lotus Sametime is running.
server where Lotus Sametime is running; normally port 80.
sametime.ini file:
v If this Lotus Sametime server will support both IPv4 and IPv6 addressing:
VPMX_PORT=1533
VPHMX_PORT=8082
Where:
that follow it.
– VPMX_HOSTNAME specifies the addresses where this multiplexer serves Lotus
Sametime client communications.

Table 41. Accepted values for VPMX_HOSTNAME (continued)
notation
notation
protocol.
– VPMX_PORT specifies the port on which this multiplexer listens for client
connections, normally port 1533.
– VPHMX_HOSTNAME specifies the addresses where this multiplexer serves
HTTP client communications.
notation
notation
protocol.
– VPHMX_PORT specifies the port on which the stand-alone Community Mux
listens for HTTP client connections, normally port 8082.
v If this Lotus Sametime server will support only IPv6 addressing:
[Debug]
VPMX_HOSTNAME=::
VPMX_PORT=1533
VPHMX_HOSTNAME=::
VPHMX_PORT=8082
6. Restart the Community Mux so your changes can take effect.
Configuring client connectivity to the multiplexer:
After you have configured the Community Server multiplexer, give users the DNS
name of the multiplexer and instruct them to set up their Sametime Connect
preferences to connect to the multiplexer instead of the Sametime Community
Server.

About this task
Each user must update the Sametime Connect client with the DNS name of the
multiplexer. If you have deployed multiple Community Server multiplexers,
distribute users evenly among the machines. For example, with two multiplexers,
direct half of your users to use multiplexer 1 and the other half to use multiplexer
2.
1. Open Sametime Connect.
2. Choose File → Preferences → Server Communities.
3. In the Server Community field, type the DNS name of the Community Server
multiplexer machine, such as messaging.acme.com, as instructed by the
administrator.
Load-balancing client connections to multiplexers (optional):
Dynamically load-balancing connections to multiple Community Services

multiplexers is an optional procedure.
Set up load balancing in one of these ways:

v Set up a rotating DNS system to accomplish load balancing. Use rotating DNS to
associate the IP addresses of the Community Services multiplexer machines to a
single DNS name.
For example, associate the IP address of Community Services multiplexer
machine 1 (11.22.33.44) and Community Server multiplexer machine 2
(11.22.33.55) to the DNS name cscluster.sametime.com.
v Set up an IBM WebSphere Edge Server (Network Dispatcher) in front of the
Sametime servers that you intend to cluster. Use the WebSphere Edge Server
Network Dispatcher to distribute connections to the Community Services
multiplexer machines. See the documentation for the IBM WebSphere Edge
Server for more information.
Installing a Lotus Sametime Proxy Server

Sametime.
Preparing the proxy server installation file on IBM i

the Lotus Sametime Proxy Server on IBM i.
About this task

/MySametimePackages
package.
QShell Interpreter:
QSH
subdirectory of the program image:
/MySametimePackages/SametimeProxyServer/IBMi/stii_stp/licenses
For DVD:
/qopt/volume_id/IBMi/stii_stp/licenses
/MySametimePackages/SametimeProxyServer/IBMi/stii_stp
For DVD:
/qopt/volume_id/IBMi/stii_stp
5. Make a copy of the stp.default.response.properties file, using a name of your
program can access.
There are special considerations if you are planning to install both the
Sametime Meeting Server and the Sametime Proxy Server on the same system.
You will need to define a separate host name and IP address in addition to the
default system host name and IP address. After both servers have been
installed, you will be directed to update the Host Alias table for the Sametime
Proxy Server so that it does not use the same host name and IP address as the
Meeting Server. This is necessary for live names to work correctly in meeting
rooms.
Installing a proxy server on IBM i

Run the install script to set up the Lotus Sametime Proxy Server on IBM i.
Before you begin
the proxy server installation package. For all installations, you should have
completed the preparation steps.

About this task
Follow these steps to install the Lotus Sametime Proxy Server and WebSphere
Application Server.
Sametime software.
Interpreter:
QSH
4. Run the cd shell command, specifying the fully qualified path to the
installation kit directory; for example:
For DVD:
cd /qopt/volume_ID/IBMi/stii_stp
5. Start the installation with the following shell command:
install_stp.sh
-Dinstall.response.file=path_and_name_of_customized_response.properties_file
6. When the installation completes, press F3 to exit QSH.
Results
install_STPROXY_yyyymmdd_hhmm.log
install_STPROXY_20091215_0307.log
What to do next
If this is the first installation of WebSphere Application Server on this system,

follow steps for increasing the WebSphere Application Server usage limit. This task
needs to be done only once on a system.
If you have installed both the Sametime Meeting Server and the Sametime Proxy
Server on the same system, you must update the table of Host Aliases associated
with the Sametime Proxy Server’s default_host virtual host so that it does not use
the same host name and IP address as the Sametime Meeting Server. Follow the
steps in Deploying Sametime Proxy Server and Sametime Meeting Server on the
same machine.

Related tasks
Registering a non-clustered IBM i Sametime server with the

After installing a Lotus Sametime Community Server, Sametime Proxy Server, or
Sametime Meeting server on IBM i, register it with the Sametime System Console
to allow you to manage all Sametime servers from a central location.
Before you begin
Before you register the server, verify that you have completed the following tasks.
Sametime Community Server

v The community server must be configured to use an LDAP directory.
v The community server must be started.
v The LDAP server must be started.
v The LDAP server must be connected to the Sametime System Console.
Sametime Proxy Server

v The Community Server that the Proxy Server connects to must be registered
with the Sametime System Console.
Sametime Meeting Server

v The meeting server must be started.
v The Meeting Server database (STMS) must be connected to the Sametime System
Console.
About this task
Working from the Sametime server that you want to connect with the console,
follow these steps to update properties files and run the registration utility to
register the server with the console.
1. On the Sametime server you plan to register, navigate to the console directory.
v Community Server
The console directory is a subdirectory of the Sametime Community server
data directory.
v Proxy Server
/QIBM/UserData/Lotus/stii/STPROXY/STPROXY_date_time/console

The date and time indicate when the Proxy Server was installed.
v Meeting Server
/QIBM/UserData/Lotus/stii/STMeetings/STMEETINGS_date_time/console
The date and time indicate when the Meeting Server was installed.
2. In the console directory, make backup copies with different names of the
console.properties and productConfig.properties files.


4. Now update the productConfig.properties file with the values needed for the
server you are registering. Then save the file.
Required values not listed below are filled in automatically.
– DepName: Provide a descriptive name for your deployment. It must be a
unique deployment name on the Sametime System Console.
v Sametime Proxy Server
– WASPassword: Specify the password associated with the WASUserID.
v Sametime Meeting Server
– DBAppPassword: Specify the password associated with the database ID.
– LDAPBindPwd: Specify the password associated with the LDAPBindDN.
5. If you are registering a Sametime Community Server or Meeting Server, start
Interpreter:
QSH

7. Run the cd shell command, specifying the fully qualified path to the console
directory you used in Step 1.
8. Run the appropriate shell script to register the server:
registerSTServerNode.sh
When prompted, specify the following information:
– Full path to the Sametime Community server data directory where the
notes.ini file is located.
– The Community Server Administrator ID and password.
v Other servers
registerProduct.sh
9. When the registration script completes, press F3 to exit QSH.
10. On the Lotus Sametime Community Server, modify the sametime.ini file:
a text editor.
b. Find the [Policy] section of the file.
c. Move (do not copy) the line ST_DB_LDAP_ALLOW_SEARCH_ON_DN=1 to the
[Directory] section of the file.
d. Close and save the file.
e. Restart the server.
Verifying a proxy server installation on IBM i

About this task

index.jsp
Tip: To verify the HTTP port number being used by the Lotus Sametime Proxy
Server, open the AboutThisProfile.txt file for the Sametime Proxy Application
Server Profile and use the setting specified for the HTTP transport port. The
default profile name is STPAppProfile. On IBM i, look for the
AboutThisProfile.txt file in the following location /QIBM/UserData/Websphere/
AppServer/V7/SametimeWAS/profiles/STPAppProfile/logs/
AboutThisProfile.txt:

2. Log in to the Lotus Sametime Client and verify that you can create or view
contacts.

Related tasks

About this task
Server.
Servers.
Servers.
Add.
entered.
6. Click OK.
Installing a Lotus Sametime Meeting Server

Meeting Server.
Preparing the meeting server installation file on IBM i

the Lotus Sametime Meeting Server on IBM i.

Before you begin
About this task
/MySametimePackages
package.
QShell Interpreter:
QSH
/MySametimePackages/SametimeMeetingServer/IBMi/stii_stms/licenses
For DVD:
/qopt/volume_ID/IBMi/stii_stms/licenses
4. Navigate to the program image directory, for example:
/MySametimePackages/SametimeMeetingServer/IBMi/stii_stms
For DVD:
/qopt/volume_ID/IBMi/stii_stms
5. Make a copy of the stms.default.response.properties file, using a name of your
program can access.
Meeting Server database schemas.

Sametime Meeting Server. This is necessary for live names to work correctly in
meeting rooms.
Related tasks
Creating the Meeting Server database schemas and tables on

IBM i
Run the script to create the database schemas for the IBM Lotus Sametime Meeting
Server on IBM i.
Before you begin
You should have prepared the Meeting Server installation file as described in
″Preparing the Meeting Server installation file on IBM i.″
About this task
On the IBM i system that will install the Sametime Meeting Server, follow these
steps to create the database schema and tables:
stms.default.response.properties file and owned by the user profile specified in
the file.
Interpreter:
QSH
installation kit directory; for example
For DVD:
4. The POLICY schema is shared by the Meeting Server and the System Console.
If the POLICY schema already exists, the Meeting Server database setup script
will only create the MTG schema.
setupDB_stms.sh -Dinstall.response.file=path_and_name_of_customized_response.properties_file
Results

stms_dbsetup_yyyymmdd_hhmm.log
stms_dbsetup_20091215_0307.log
Related tasks
Installing a meeting server on IBM i

Run the database schema and install scripts to set up the Lotus Sametime Meeting
Server on IBM i.
Before you begin
the meeting server installation package. For all installations, you should have
completed the preparation steps. The database schemas required for the Meeting
Server (MTG and POLICY) should already exist.
About this task
Follow these steps to install the Lotus Sametime Meeting Server and WebSphere
Application Server.
Sametime software.
Interpreter:
QSH
For DVD:
cd /qopt/volume_ID/IBMi/stii_stms
5. Start the Meeting Server installation with the following shell command:
install_stms.sh -Dinstall.response.file=path_and_name_of_customized_response.properties_file
Results
install_STMEETINGS_yyyymmdd_hhmm.log

install_STMEETINGS_20091215_0307.log
What to do next

same machine.
Related tasks
Connecting to a DB2 database

Before you begin
About this task
steps:

Related tasks
Before you begin
About this task
field.
a different port.
connect to.
you changed it.
Gateway database

IBM i.
h. Click Finish.
Registering a non-clustered IBM i Sametime server with the

Before you begin



Console.
About this task

v Community Server
data directory.
v Proxy Server
v Meeting Server



Interpreter:
QSH
v Other servers
registerProduct.sh
a text editor.
Verifying a meeting server installation

successful.
About this task
room.
following URL:

Meeting Center.
Installing a Lotus Sametime Gateway server

Plan a deployment and install IBM DB2 and then one or more Lotus Sametime
Gateway servers.
Creating the Gateway database schemas and tables on IBM i

Before you install Lotus Sametime Gateway, you must create the DB2 database,
including tables and bufferpools, needed by Lotus Sametime Gateway. Sametime
Gateway stores community settings and custom properties in the database.
About this task
For a multi-server installation, you should perform the steps once on the IBM i
server where you want to host the data for Lotus Sametime Gateway. Afterwards,
when you install Lotus Sametime Gateway, you use the host name of that IBM i
server when specifying the server name on the database information panel of the
wizard.
On the IBM i system that will host your database, proceed as follows:
1. Create a user profile on the system that will be the owner of the schema
created for the Lotus Sametime Gateway data. The profile that you create can
have a user class of *USER, and will not require special authorities.
2. Log in as the profile that will be the owner of the schema.
image to a temporary directory \TMP\SametimeGateway and unzip the contents.
4. Locate a copy of \TMP\SametimeGateway\database\db2_iseries\createDbi5OS
and copy it to a temp directory in the IFS of the database server.
5. On the IBM i system, start a QSHELL session. From an IBM i command line,
type the command:
QSH
6. Change to the temp directory where you copied the file createDbi5OS and type
the following command:
createDbi5OS <schema name>
Where <schema name> is the name of the schema you would like Lotus
Sametime Gateway to use. The name must meet the requirements for a library
name in IBM i, and must not already be used. For example, STGW.

What to do next
You can now proceed with the Lotus Sametime Gateway installation.
Installing Sametime Gateway

Install an IBM Lotus Sametime Gateway server. This section provides procedures
for installing a single server and installing a cluster of servers. When installing a
cluster, you install a primary server, a Deployment Manager server, and at least
one additional server on its own machine. You can install the primary server and
Deployment Manager on the same machine, or each on its own machine.
Before you begin
The fully qualified domain name of the Lotus Sametime Gateway server must be
externally resolvable by the domain name server, and must not be set in the
″hosts″ file. Verify that this is true before installing the Lotus Sametime Gateway.
About this task
Unlike other Lotus Sametime components, the Lotus Sametime Gateway does not
install with a deployment plan created on the Lotus Sametime System Console.
Instead, you enter required information as you proceed through the installation
program. Once the installation is complete, you will register the Gateway with the
Lotus Sametime System Console; from then on, you will administer the Gateway
server from the System Console, just like all the other Lotus Sametime
components.
Installing a single Gateway server:
Choose to install a single Sametime Gateway server on Windows, AIX, Linux,

Solaris, or IBM i.
Installing a single server on IBM i:
To install Lotus Sametime Gateway on IBM i, you must first install WebSphere
Application Server. You can install more than one instance of Lotus Sametime
Gateway on a single IBM i system.
Installing WebSphere Application Server on IBM i:
Install WebSphere Application Server before you install Lotus Sametime Gateway.
After you install WebSphere Application Server, you can install more than one
instance of Lotus Sametime Gateway on a single IBM i system.
Before you begin
If WebSphere Application Server Network Deployment has been installed by

another Sametime product from the current release, you may use that WebSphere
Application Server installation for Sametime Gateway. You need *ALLOBJ and
*SECADM authorities to successfully complete the WebSphere Application Server
Network Deployment installation.
About this task


1. Create the temporary file folder /TMP/WASCD on a PC that can connect to the
IBM i system.
2. Copy the file part_number.zip to the temporary folder /TMP/WASCD
4. Extract all files to the temporary directory/TMP/WASCD. When you are done
5. Copy the ifpackage folder to the IFS of the IBM i system.
6. In the folder you copied to the IFS of the IBM i system, edit the file
ifpackage/WAS/responsefile.nd.txt
7. Accept the license to install. Read the comments in the file regarding License
Acceptance and then set the value of silentInstallLicenseAcceptance to true.
For example:
-OPT silentInstallLicenseAcceptance="true"
8. Change the following options in the file:
-OPT profileType="none"
-OPT installLocation="/QIBM/ProdData/WebSphere/AppServer/V7/SametimeWAS"
-OPT defaultProfileLocation="/QIBM/UserData/WebSphere/AppServer/V7/SametimeWAS"
9. Save the file. The rest of the install options in the file are correct for a default
installation.
10. To run the install, start a QSHELL session.
11. Navigate to the ifpackage/WAS directory.
12. Run the following command:
install -options responsefile.nd.txt
13. When the installation is successful, you will see a message such as this:
(Nov 29, 2007 5:19:59 AM), Process, com.ibm.ws.install.ni.ismp.actions.
ISMPLogSuccessMessageAction, msg1, INSTCONFSUCCESS.
install.ni.ismp.actions.ISMPLogSuccessMessageAction,
msg1, INSTCONFSUCCESS
What to do next

Installing a single Sametime Gateway server on IBM i:
Complete these steps to install a single Lotus Sametime Gateway server on IBM i.
If you need to create a cluster of Lotus Sametime Gateway servers later, follow the
procedure for installing a cluster of servers.
Before you begin
Before you begin, WebSphere Application Server must be installed. You need
*ALLOBJ and *SECADM authorities to successfully complete the Lotus Sametime
Gateway installation.


About this task
IBM i allows multiple instances of Lotus Sametime Gateway to be installed on a

single IBM i system. If a Lotus Sametime Gateway server is running while you
install a new Lotus Sametime Gateway server, the running server must be restarted
before you can use the Integrated Solutions Console to administer Lotus Sametime
Gateway.
image (part_number.exe) to a temporary directory such as c:\TMP.
2. Extract the contents of part_number.exe to the temporary directory c:\TMP.
3. Navigate to the folder: c:\TMP\SametimeGateway.
Important: If you are installing on an IPv6–enabled server, you must use the
second option below to install using the console.
installi5OS.bat
command:
install.sh -console

8. Select Standalone server, and then click Next.
9. See node, cell, and host name profile information provided by the installer. If
the supplied information is okay, click Next.
Option Description
acmeNode.

Option Description
server1.acme.com
Profile name Name of the WebSphere Application Server
profile that will be created and be installed
with the Lotus Sametime Gateway. For
example: STGW_Profile
Starting port IBM i supports running multiple profiles
and instances of WebSphere Application
Server at the same time; to avoid port
conflicts the profile created will not use the
default ports. Select a port range of 50
consecutive unused ports on your system,
and enter the first port number as your
starting port. For example: 10000.
;*!?"/<>|+&'`[]%^
12. Click Next to continue with the installation. The DB2 Database Properties
dialog is displayed.
Option Description
Host name The Fully qualified host name or TCP/IP
Schema name The name of the schema you created when
preparing the Lotus Sametime Gateway
environment. For example, STGW.
ID.

Option Description
Option Description
LDAP server.
password.
Option Description
v Bind password:
C@pital1

changes.
21. Read the summary and click Finish. To view the installation log, open the log
file at stgw_server_root\logs\installlog.txt
What to do next
You now have installed the server.
About this task
Server.
Servers.
Servers.
Add.

entered.
6. Click OK.
Starting a single server:
This section explains how to start a standalone Lotus Sametime Gateway server.
Skip these steps if you are setting up a cluster.
About this task
Single server configurations must have the Lotus Sametime Gateway server
running to access the Integrated Solutions Console, while a Lotus Sametime
Gateway cluster must have the Deployment Manager running to access the
Integrated Solutions Console. Do not start Lotus Sametime Gateway at this time if
you are creating a cluster of Lotus Sametime Gateway servers.
2. Navigate to the Lotus Sametime Gateway profile directory that contains
binaries: stgw_profile_root\bin
3. Type the following command to start Lotus Sametime Gateway. Note that
RTCGWServer is case-sensitive.
Windows
IBM i
Before you begin
About this task
steps:

Related tasks
Before you begin
About this task
field.
a different port.

connect to.
you changed it.
Gateway database
IBM i.
h. Click Finish.
Registering a new Gateway server on IBM i with the System Console:
After installing an IBM Lotus Sametime Gateway server on IBM i, register it with
the Lotus Sametime System Console, which allows you to manage all Lotus
Sametime servers from a central location.
Before you begin
which are described in the Installing on IBM i section of this information center.
started.
About this task
Working from the server that you want to connect with the console, follow these

1. Working on the Lotus Sametime Gateway server, navigate to the
/qibm/userdata/STGateway/ProfileName/console directory.
The ProfileName is the one you specified when you installed the Gateway.
and close the file.


4. Update the productConfig.properties file with the following values, and then
save and close the file.
Table 46. productConfig.properties settings
InstallType Specify ″Cell″ as the installation type since this is a
non-clustered server.
System Console.
NodeIP Specify the IP address of the server being registered.

Table 46. productConfig.properties settings (continued)
LDAPHost Specify the fully qualified host name (not the IP address)
of the LDAP server that was registered with the Lotus
LDAPPort Specify the port of the LDAP server that was registered
with the Lotus Sametime System Console.
LDAPBindDN Specify the Bind Distinguished Name of the LDAP
server that was registered with the Lotus Sametime
System Console.
LDAPBindPwd Specify the password associated with the LDAPBindDN
value.
LDAPBaseDN Specify the search base of the LDAP server that was
registered with the Lotus Sametime System Console.

b. Run the cd shell command, specifying the fully qualified path to the console
c. Run the shell script to register the server: registerProduct.sh
d. When the registration script completes, press F3 to exit QSH.
The utility registers the cluster, as well as each node, generating a log file
called ConsoleUtility.log and storing it in the consoles/logs directory. If
the registration is successful, a console.pid will also be generated.
6. Start Lotus Sametime Gateway server, if it is not already running.
Optional network configuration:
After you complete your IBM Lotus Sametime Gateway installation, you can
optionally modify some network configuration settings.
Using a different SIP return address:
In a single-server IBM Lotus Gateway deployment, you can optionally configure

the SIP return address to use the IBM WebSphere Application Server’s host name
address instead of the operating system’s host name address.
About this task
Outgoing SIP messages include a ″Contact″ field, which is used as the return
address for opening a new connection back to the sender. By default, the ″Contact″
value uses the operating system’s own host name address. If you wish, you can
assign the WebSphere Application Server’s host name address to this value instead.
If you do this, WebSphere Application Server stops listening for SIP messages on
all of the available operating system interfaces, and instead listens only on the
interface described by the new return address (its own host name address).
Specifying a different SIP return address is an optional procedure, and applies to

only single-server installations (clustered installations already use the WebSphere
Application Server’s host name address as the SIP return address).
4. Under ″Communications″, click Ports.
server1.acme.com
server1.acme.com
9. Restart the Lotus Sametime Gateway server.
Configuring network interface cards to simulate a NAT:
This optional procedure describes how to you can simulate a Network Address
Translator (NAT) to provide additional security by using two Network Interface
Cards (NICs), one for an internal IP address facing the Sametime community
server, and the other for an external IP address facing the Internet. This procedure
applies to standalone Sametime Gateway deployments only. If you use this
Console.
Before you begin
The procedure applies to single server installations only. If you have a cluster of
Sametime Gateway servers, and you want to set up two Network Interface Cards,
install the NICs on the proxy server node in the cluster. The proxy server node is
smart enough to handle incoming and outgoing addresses on two different IP
addresses without additional configuration.
About this task
Perform these steps to configure multiple NIC support in a single server

installation. When Sametime Gateway has two IP addresses, one external facing
and one internal facing, sometimes the Sametime Gateway sends subscribe
requests such that the external community is instructed to respond back to the
internal IP address. To ensure that Sametime Gateway sends the external IP
address instead of the internal IP, perform the following configuration steps:

4. Under Communications, click Ports.
6. In the Host field, type the external IP address; for example: 101.35.112.99
8. In the Host field, type the external IP address. For example: 101.35.112.99
9. Click Apply, then Save.
10. Restart the Sametime Gateway server.
Installing Gateway servers in a cluster:

About this task
Before you begin, upgrade existing Lotus Sametime Gateway servers to the current
release before you install new servers.
Except in the case of IBM i, the Lotus Sametime Gateway install wizard deploys
both WebSphere Application Server and the Lotus Sametime Gateway server
application in one installation.
Installing the Deployment Manager:
Install the Deployment Manager on its own machine, or on the same machine as
the primary node. Installing the Deployment Manager on the same machine as the
primary node provides the efficiency of multiple Java Virtual Machines and takes
advantage of a fast CPU. If you are installing the Deployment Manager on the
same machine with an existing primary node from a previous release, upgrade the
primary node to the present release before installing the Deployment Manager.

Installing the Deployment Manager on IBM i:
Install the Deployment Manager on IBM i by first installing WebSphere Application

Server on IBM i. After WebSphere Application Server is installed, you can install
multiple instances of Sametime Gateway on the same machine.
Before you begin
If WebSphere Application Server V6.1 Network Deployment has been installed for
use by a previous version of Lotus Sametime Gateway, use the procedure for
updating your installation of WebSphere Application Server V6.1 rather than the
steps for a new installation. You need *ALLOBJ and *SECADM authorities to
successfully complete the WebSphere Application Server Network Deployment
installation.
About this task

Note: Complete details on requirements for WebSphere Application Server

Network Deployment are available from: http://publib.boulder.ibm.com/
infocenter/wasinfo/v7r0/index.jsp
IBM i system.
2. Copy the file part_number.zip to the /TMP/WASCD folder.
7. Accept the licence to install. Read the comments in the file regarding Licence
For example:
installation.

What to do next

Installing the Deployment Manager for Sametime Gateway on IBM i:
Complete these steps to install the Deployment Manager server on IBM i. Install
the Deployment Manager on the same machine as the primary server, or on its
own machine.
Before you begin
Before you begin, create the database schema for Sametime Gateway and then
install the primary node.

About this task
image (part_number.exe) to a temporary directory such as /TMP.
2. Extract the contents of part_number.exe to the temporary directory /TMP.
3. Navigate to the folder: /TMP/SametimeGateway.
installi5OS.bat
command:
install.sh -console

8. Select Deployment Manager as the type of installation.
Server Configuration dialog is displayed.
10. Type the node name, cell name, host name, profile name, and starting port
value for the WebSphere Application Server as follows:
Option Description
acmeNode.
server1.acme.com
11. Click Next and create a user ID and password for logging into the Integrated
Gateway. The user ID must not exist in the LDAP directory. Passwords must
not contain accented characters or any of the following characters:
;*!?"/<>|+&'`[]%^

13. Type the required information for DB2 for IBM i as follows:
Option Description
server1.acme.com
Option Description
LDAP server.
password.
Option Description

v Bind password:
C@pital1
changes.
21. Read the summary and click Finish to complete the installation. To view the
installation log, click View log file or open the log file at
stgw_server_root\logs\installlog.txt
23. Navigate to the stgw_profile_root/bin directory.
./startManager dmgr
the cluster.
About this task
Server.

Servers.
Servers.
Add.
entered.
6. Click OK.
Installing the primary node:
Install a primary node for a cluster. You can install the primary node and the
Deployment Manager on the same machine. Installing the primary node on the
same machine as the Deployment Manager provides the efficiency of multiple Java
Virtual Machines and takes advantage of a fast CPU. If you are installing the
primary node on the same machine with an existing Deployment Manager from a
previous release, upgrade the Deployment Manager to the present release before
installing the primary node.
Installing the primary server on IBM i:
To install the primary server on IBM i, you must install WebSphere Application
Server first. After WebSphere Application Server is installed, you can install
Before you begin

installation.
About this task
Information on downloading packages for Lotus Sametime Gateway is located at

the following Web address:

IBM i system.
2. Copy the file part_number.zip to the temporary folder /TMP/WASCD
For example:
installation.
What to do next

Installing the primary node for Sametime Gateway on IBM i:
Complete these steps to install the primary Sametime Gateway node in a cluster on
IBM i.

Before you begin
Before you begin, install WebSphere Application Server. You need *ALLOBJ and
*SECADM authorities to successfully complete the Lotus Sametime Gateway
installation.

About this task

Gateway.
image (part_number.exe) to a temporary directory such as
c:\TMP\SametimeGateway.
2. Extract the contents of part_number.exe to the temporary directory
c:\TMP\SametimeGateway.
3. Navigate to the folder: c:\TMP\SametimeGateway.
installi5OS.bat
command:
install.sh -console


8. Select Primary node as the type of installation.
Option Description
acmeNode.
server1.acme.com
the Deployment Manager. The user ID must not exist in the LDAP directory.
characters:
;*!?"/<>|+&'`[]%^
Option Description
server1.acme.com

Option Description
14. Click Next to continue with the installation. The Lotus Sametime Gateway
summary dialog is displayed.
to make changes.
the wizard displays a message indicating the successful installation of Lotus
Sametime Gateway and WebSphere Application Server.
stgw_server_root\logs\installlog.txt
About this task
Server.
Servers.
Servers.

Add.
entered.
6. Click OK.
Federating the primary node into the cell on IBM i:
Add the primary node to the Deployment Manager’s cell on IBM i. Adding the
primary node to the cell allows a central point of administration for the network
step.
Before you begin

primary node are within five minutes of each other and set for the same
minutes.
3. Log in to the IBM i system where the Deployment Manager node is installed
as a user with administrative privileges.
4. On the IBM i command line, run the STRQSH (Start Qshell) command.
5. Navigate to the stgw_profile_root\bin directory for the Deployment Manager
profile.
6. Run the following command to obtain the SOAP_CONNECTOR_ADDRESS
port number. Make a note of the port number as you will need it to add
nodes to the cluster:
dspwasinst
7. Log in to the IBM i system, where the primary node is installed, with
9. Navigate to the stgw_profile_root\bin directory for the primary node profile.
Manager’s cell:
addNode DM_server_host_name DM_SOAP_port -includeapps
-username WAS_Admin_user_name_on_DM_on_DM -password WAS_Admin_password_on_DM
Where:

Manager.
v DM_SOAP_port is the port that the Deployment Manager’s SOAP port is
listening on.
v WAS_Admin_username_on_DM is the user ID of the WebSphere Application
v WAS_Admin_password_on_DM is the password associated with that
WebSphere Application Server administrator account on the Deployment
Manager.
For example:
and password. Wait for the operation to complete before proceeding. Look for
a success message similar to the following when complete:
can see changes.
What happens when you federate the primary node into the cell?:
When you federate the primary node into the Deployment Manager’s cell, the
primary node’s original configuration is backed up. This means that you can
remove the primary node from the Deployment Manager at a later time, and you
can restore the profile configuration to the state it was in before federation.
The primary node’s scope changes to include the Deployment Manager’s cell.
Before federation, the scope of the RTCGWServer was:
cell:<PrimaryCell>/node:<PrimaryNode>/server:RTCGWServer
After federation, the scope of the server is the following:

cell:<Deployment Manager Cell>/node:/<PrimaryNode>/server:RTCGWServer
When you federate, the Integrated Solutions Console of the primary node is
disabled because you will be using the Integrated Solutions Console from the
Deployment Manager. The primary node inherits all the cell level configuration
data from the Deployment Manager. Any information you can see through the
Deployment Manager’s Integrated Solutions Console is now stored in XML on the
primary node, so it is accessible from any application. The applications that were
installed to RTCGWServer are now included on the RTCGWServer in the
Deployment Manager’s cell. If you attempt to federate another node that contains
these same applications, they are excluded.
Because the LDAP configuration and your credentials as the WebSphere

Application Server administrative user in the Deployment Manager are defined at
the cell level, this data overwrites the security settings of the primary node. The
Deployment Manager’s settings apply to the primary node. If you remove the
primary node from the cell, the primary node’s original security configuration are
restored.

When you federate the primary server into the cell, a single server of Sametime
Gateway can be managed by a Deployment Manager. You can actually run a real
environment and configure your Sametime communities just as you would in a
standalone server environment. What is lacking is failover and load balancing
capabilities. In order to add those features, you need to add a secondary node and
create a cluster in the later steps.
Installing an additional server in a cluster:
Install a secondary node for the cluster. A cluster at a minimum contains a primary
server, a Deployment Manager, and at least one secondary node. Depending upon
your capacity requirements, install secondary nodes as needed.
About this task
Note: In this release, a Lotus Sametime Gateway cluster can support only two
nodes.
Installing an additional server on IBM i:
Install an additional server on IBM i by first installing WebSphere Application

Server on IBM i. After WebSphere Application Server is installed, you can install
Before you begin
installation.
About this task


IBM i system.
2. Copy the file part_number.zip to the /TMP/WASCD folder.

For example:
installation.
What to do next

Installing an additional server for Sametime Gateway on IBM i:
Install an additional server or secondary server on IBM i that will be part of a

cluster of Lotus Sametime Gateway servers.
Before you begin
Before you begin, install WebSphere Application Server on the machine. You need
*ALLOBJ and *SECADM authorities to successfully complete the Lotus Sametime
Gateway installation.

About this task

Gateway.

image (part_number.exe) to a temporary directory such as
2. Extract the contents of part_number.exe to the temporary directory
installi5OS.bat
command:
install.sh -console
Attention: If one or more of the domain addresses in your

environment (for example: WebSphere Application Server installation
host name, DB2 host name, or LDAP host name) refers to an
IPv6–format address, add the following option to your install command
to work around an IPv6–related issue with the installer:
8. Select Secondary node as the type of installation.
Option Description
acmeNode.

Option Description
server1.acme.com
;*!?"/<>|+&'`[]%^
Option Description
server1.acme.com
14. Click Next to continue with the installation. The Lotus Sametime Gateway
summary dialog is displayed.
to make changes.
the wizard displays a message indicating the successful installation of Lotus
Sametime Gateway and WebSphere Application Server.

installation log, open the log file at stgw_server_root\logs\installlog.txt
About this task
Server.
Servers.
Servers.
Add.
entered.
6. Click OK.

About this task

Federating a secondary node on IBM i into the cell:
Add the secondary node to the Deployment Manager’s cell on IBM i. Adding the
secondary node to the cell allows a central point of administration for the network
Before you begin

minutes.
2. Ping the Deployment Manager node from the secondary node to make sure
the Deployment Manager host name is resolvable.
with administrative privileges.
profile.
dspwasinst
7. Log into the secondary node.
9. Navigate to the stgw_profile_root\bin directory for the secondary node
profile.
10. Run the following command to add the secondary node to the Deployment
where:
Manager.
listening on.
For example:
addNode gateway_dm.acme.com 8880 -username wasadmin -password waspassword
12. For each additional IBM i secondary node, repeat the preceding steps.
profile.

Windows
IBM i
startServer.sh dmgr
What to do next
What is a network deployment?:
A network deployment is a distributed WebSphere environment. Unlike a

stand-alone environment that contains only one application server node, a network
deployment contains many application server nodes that can distribute the
workload of Lotus Sametime Gateway applications across several physical systems.
The purpose of a network deployment is to provide a topology that is scalable and
has load balancing and failover capabilities.
Typically, a network deployment contains one node per physical computer. This is
not a requirement. Nodes are logical groupings of application servers, so you can
have more than one node installed on a physical system. For performance reasons,
most installations have only one cluster member per node, since each cluster
member creates its own JVM footprint.
In a network deployment, all nodes are federated into the deployment manager’s
cell. This allows the deployment manager to do its purpose in life- Manage the
Deployment. A Deployment Manager is nothing more than a node that is
responsible for administering a cell. In Lotus Sametime Gateway, the only things
configured on the Deployment Manager node are a few minor cell level attributes,
and the Lotus Sametime Gateway administrative portlet plugin extensions. Lotus
Sametime Gateway application files all run on the cluster member application
servers.
The primary node is basically the same thing as a standalone node installation,
minus a few cell level configurations that will be trumped by the Deployment
Manager’s configuration. The primary node contains all the applications and
WebSphere Application Server components that are required to run Lotus
Sametime Gateway. When you install a primary node, you create a server instance
called RTCGWServer. This server instance is cloned for use with all secondary
nodes across the cluster. There can only be one primary Lotus Sametime Gateway
node installed in any network deployment, because applications can only be added
to the cell from one node. In the Lotus Sametime Gateway network deployment,
the primary node also configures the database server.
The secondary nodes are WebSphere Application Server placeholders that can run
additional cluster members (servers created as clones of the primary server). When
you install a secondary node for Lotus Sametime Gateway, the installation creates a
node and default server instance, as well as some node level WebSphere
Application Server attributes such as data sources, WebSphere variables, and
shared library definitions. A network deployment of Lotus Sametime Gateway can
contain as many secondary nodes as your environment needs.
Creating a cluster and proxy servers:
Create a Sametime Gateway cluster, install proxy servers, and then configure the
proxy servers to use the cluster. Set up node replication only if you need high
availability and failover, and then start the cluster.
About this task
Starting a cluster involves starting the Deployment Manager, starting the node
agents on all the nodes, and then starting the servers, including the proxy servers,
on each node.
Before you begin
About this task
(computer).

./configwizard.sh
Windows
configwizard.bat
IBM i
./configwizard.sh

for the database.
Windows
IBM i
startServer.sh dmgr
Primary Node:
./startNode.sh
Windows
startNode.bat
IBM i
startNode

in the table.

Before you begin
About this task
steps:
Related tasks
Before you begin
About this task

field.
a different port.
connect to.
you changed it.
Gateway database
IBM i.
h. Click Finish.
Creating Common Event Infrastructure data source for IBM i:
The Common Event Infrastructure data source must be manually created on IBM i
after running the configuration wizard to create a Sametime Gateway cluster. These
steps apply to clustered deployments only.
Before you begin

1. Log into the Integrated Solutions Console (http://localhost:9060/ibm/
console) and select Resources → JDBC → Data sources.
2. Set the scope to Cluster=SametimeGatewayCluster
3. Click New.
4. Type the data source name:
CommonEventInfrastructure_Bus
5. Type the JNDI name:
jdbc/com.ibm.ws.sib/SametimeGatewayCluster-CEI.DM_cell_name.BUS
Where DM_cell_name is the cell name of the Deployment Manager which is

input in the installation of the Deployment Manager.
6. Select the existing Event_DB2iSeries_JDBC_Provider and click Next.
7. Type the server name. This is the hostname of the IBM i system where your
database schema is located.
8. For the Component-managed auth alias, select:
DM_cell_name/SametimeGatewayCluster/EventAuthDataAliasDB2iSeries

9. Deselect CMP
10. Click Next.
11. Click Finish.
12. Click the data source you just created, CommonEventInfrastructure_Bus, to
see its properties.
13. Under Additional Properties, select Custom Properties.
14. Select the property named Libraries.
15. Set the Value to the name of the schema you are using for the Sametime
Gateway cluster.
16. Select OK.
17. Save your changes to the configuration.
18. Select Resources → JDBC → JDBCProviders .
19. Select the Event_DB2iSeries_JDBC_Provider.
20. Change the Class path to:
/QIBM/ProdData/OS400/jt400/lib/jt400Native.jar
21. Click OK and then Save to save your changes to the configuration.
Installing SIP and XMPP proxy servers:
SIP and XMPP proxy servers act as the initial point of entry for messages that flow
into and out of the enterprise. While you can install these proxy servers on an IBM
Lotus Sametime Gateway node, it is recommended that you install them on a
separate machine to isolate the proxy processing from the Lotus Sametime
Gateway cluster.
Before you begin
Expected state: DB2, LDAP, and Sametime Gateway servers are installed.

About this task
For network security, IBM recommends that you install the XMPP and SIP proxy
server node and the Sametime Gateway cluster in the network DMZ. Installing the
SIP proxy in the DMZ by itself is not a supported configuration because it places a
firewall device between that server and the Sametime Gateway cluster. All of these
components should be able to communicate freely which each other without
traversing through a firewall device.
Note: If you are upgrading from a previous version of Lotus Sametime Gateway,
you already have a SIP proxy server. If the SIP proxy server is on an existing
primary or secondary node, there is no need to upgrade the SIP proxy server.
However, if your SIP proxy server is installed on its own node, you must upgrade
WebSphere Application Server on that node to version 6.1.0.11. If you want your
cluster to be able to access Google Talk or other XMPP users, you must install an
XMPP proxy server.
Installing a SIP and XMPP proxy server on IBM i:
Before you begin
*ALLOBJ and *SECADM authorities to successfully complete the WebSphere
Application Server Network Deployment installation.

image (C17KCML.exe) to a temporary directory such as /TMP.
installi5OS.bat
command:
install.sh -console

8. Select SIP and XMPP proxy servers as the type of installation.

acmeNodePrimary.
server1.acme.com
example: STGW_Proxy_Profile
Starting Port IBM i supports running multiple profiles
12. Click Next to see the installation summary. You can review the installation
summary settings and, if necessary, click Back to make changes.
stgw_server_root/logs/installlog.txt

What to do next
federate the node in the next procedure, you then see the SIPProxyServer instance.
Proxy servers:
A proxy server acts as a surrogate for the Lotus Sametime Gateway servers within
the enterprise. The node that hosts the XMPP or SIP proxy server hosts the public
XMPP or SIP domain of the enterprise. The SIP proxy is capable of securing the
transport, using secure sockets layer (SSL), and the content, using various
authentication and authorization schemes.
A SIP proxy server facilitates automatic load balancing, affinity matching, and
failover for a cluster of Lotus Sametime Gateway servers. It’s also the preferred
place to configure the connection settings for external domains, since it directly
manages all such connections when in use. You must set up a cluster with at least
one node before creating a SIP proxy server. You can run a SIP proxy server on an
Lotus Sametime Gateway server node, or create a separate node, on which Lotus
Sametime Gateway is not installed, to be the SIP proxy server node.
After you set up a Lotus Sametime Gateway cluster and a SIP proxy server, you
can add external communities to Lotus Sametime Gateway. Lotus Sametime
Gateway prompts you for the relevant connection settings (host name, port
number, transport protocol), and then creates the SIP Uniform Resource Indicator
(URI). The SIP URI is sent to the SIP container in WebSphere Application Server
which sends it to the SIP proxy server to route the request to the appropriate
destination. There is no need to set the domain, host, port, or transport protocol in
the SIP proxy server as all this information is set in Lotus Sametime Gateway.
Multiple proxy servers
You can set up multiple proxy servers for load balancing, better Web response, and
high availability. WebSphere Application Server does not support the clustering of
SIP or XMPP proxy servers, but you can set up more than one proxy server in
front of an Lotus Sametime Gateway cluster. This configuration provides multiple
entry points into the Lotus Sametime Gateway cluster while providing workload
balancing. Multiple proxy server can be fronted by a simple IP sprayer, such as the
SIP Load Balancer component included in WebSphere Application Server that
handles IP spraying to multiple proxy servers. If a proxy server fails, the affinity is
to the container and not to the proxy itself so there is one less potential failure
along the message flow.
cluster.
Before you begin

About this task
Manager.
time zone.
other.
dspwasinst
Manager’s cell:
Windows
IBM i:
where:
Manager.
listening on.
For example:
console).
can see changes.

server.
Configuring a SIP proxy server:
Configure the Session Initiation Protocol (SIP) proxy server for a cluster of IBM
Lotus Sametime Gateway servers. There is no need to configure external domains
in the SIP proxy server; this is done through the Lotus Sametime Gateway
configuration.
Before you begin
Set up a cluster with at least one secondary node and install the SIP and XMPP
proxy servers on the same physical hardware as a Deployment Manager, primary
node, or secondary node, or install the proxy servers on separate hardware. The
SIP and XMPP installation creates a new profile for the SIP and XMPP proxy
servers.
About this task
After you finish setting up a SIP proxy server, you’ll have a port number. You
provide the port number in combination with the domain name of the node on
which the SIP proxy server runs to external servers to connect to your Lotus
Sametime Gateway.
Assigning the SIP proxy to work with the Lotus Sametime Gateway cluster:
Assign the SIP proxy server to function with the IBM Lotus Sametime Gateway
cluster.
1. In the Integrated Solutions Console, click Server Types → WebSphere proxy
servers.
2. In the ″WebSphere proxy servers″ page, click the SIPProxyServer link
corresponding to the proxy server you want to update.
3. Click SIP Proxy server settings → SIP Proxy settings.
4. From the drop down list, select the Lotus Lotus Sametime Gateway cluster.
5. Click OK then click Save, and then click OK again.
Configuring the SIP Proxy server to listen on ports 5060 and 5061:
Configure the IBM Lotus Sametime Gateway cluster’s SIP Proxy server to listen on
ports 5060 and 5061.
Before you begin
Configure a cluster of Lotus Sametime Gateway servers.
About this task
Public instant messaging providers require you to accept connections on ports 5060
and 5061, so you will need to confirm that the SIP Proxy server’s host name is
resolvable and is listening on these ports. If the cluster’s SIP Proxy server is
installed on a node that is already hosting Lotus Sametime Gateway, and the SIP
Proxy server is not already listening on ports 5060 and 5061, reconfigure the port
settings as follows:
1. Determine which ports the SIP Proxy server is currently listening on:

a. On the cluster’s Deployment Manager, log in to the Integrated Solutions
b. Click WebSphere proxy servers → SIPProxyServer → Ports.
c. Check the listening ports for the following names:
v PROXY_SIP_ADDRESS
v PROXY_SIPS_ADDRESS
If PROXY_SIP_ADDRESS listens on port 5060 and PROXY_SIPS_ADDRESS
listens on port 5061, you can skip the rest of this task. Otherwise, proceed to
the next step to change the port settings.
2. Determine whether any nodes share the IP address and host name with the SIP
Proxy server.
If another node shares the IP address and host name, change the default host
port settings for that node to avoid a conflict with the SIP Proxy server.
a. Still on the Deployment Manager, click System Administration → Nodes.
b. Check whether any nodes use the same IP address and host name as the
SIP Proxy server.
c. If a node does share the IP address and host name, check its port settings
for the following names:
v SIP_DEFAULTHOST
v SIP_DEFAULTHOST_SECURE
d. If SIP_DEFAULTHOST is not set to 5060 and SIP_DEFAULTHOST_SECURE
is not set to 5061, skip to step 3.
e. If ports 5060 and 5061 are already in use, change those settings now by
setting:
v SIP_DEFAULTHOST to port 5080
v SIP_DEFAULTHOST_SECURE to port 5081
f. Save your changes to the master configuration by clicking Save when
prompted.
3. Now reset the SIP ports on the SIP Proxy server to use ports 5060 and 5061:
a. On the Deployment Manager, click WebSphere proxy servers →
SIPProxyServer → Ports.
b. Change the port settings for the following names:
v PROXY_SIP_ADDRESS to port 5060
v PROXY_SIPS_ADDRESS to port 5061
c. Save your changes to the master configuration and synchronize the nodes in
the cluster:
WebSphere Application Server displays a message prompting you to save
changes to the master configuration. Select the Synchronize nodes option
before clicking the Save button.
Creating a virtual host for the SIP proxy:
Create virtual host definitions for ports 5060 and 5061.

1. To identify the SIP proxy port number in the proxy server table, click the name
of the SIP proxy server that you created.
2. Under Proxy Settings, select SIP proxy server settings → SIP Proxy server
transports.

3. Make a note of the port number defined for SIPS_PROXY_CHAIN. The port
number in combination with the domain name of the node on which the SIP
proxy server runs is needed for configuring external servers to connect to your
Lotus Lotus Sametime Gateway server.
4. Now move to the Environment section if the Integrated Solutions Console.
5. Click Virtual Hosts → default_host → Host Aliases → New.
6. Verify the virtual host definitions for 5060/5061. If the virtual host is not
defined, define the new alias as follows:
a. Add * to the Host Name field.
b. Add 5060 to the Port field.
c. Click OK.
d. Click Save.
The additional Virtual Host entry is needed if the default ports are not added
during installation. Port 5060, however, only covers non-TLS installs. For secure
setups, the following entry may also need to be added: *:5061
Create custom properties for the SIP proxy server:
Define custom properties that will instruct the SIP proxy server to return ″503
Service Unavailable″ when the server is down, rather than the default error ″404
Page not found.″
Create two custom properties for the new SIP Proxy server as follows:
The new properties will instruct the SIP Proxy server to return ″503 Service
Unavailable″ when the server is down, rather than the default error ″404 Page not
found.″
your_new_SIP_proxy.
2. Click SIP Proxy server settings → SIP Proxy settings → Custom properties.
Name lsnLookupFailureReasonPhrase
Value Service Unavailable
Name lsnLookupFailureResponseCode
Value 503
5. Click Save.
Tuning the SIP proxy:
This sections describes the steps for tuning a SIP proxy.
About this task
Tune the JVM garbage collection policy for the SIP proxy server as follows:
SIPProxyServer.
2. Perform the following instructions for each of the sip proxies in the list:
a. Select a proxy server by clicking it in the list.

b. Under Server Infrastructure, click Java and Process management → Process
Definition.
c. Under Additional Properties, click Java Virtual Machine.
d. In the Initial Heap Size field, enter 600.
e. In the Maximum Heap Size field, enter 600.
f. In the Generic JVM arguments field, enter the following value as one
continuous line :
-Xmo60m -Xgcpolicy:gencon -Xgc:noAdaptiveTenure,tenureAge=8,
stdGlobalCompactToSatisfyAllocate -Xtgc:parallel
g. Click OK, and click Save to save changes to the master configuration.
Configuring the Gateway cluster and SIP proxy for a NAT environment:
Configure a cluster of IBM Lotus Sametime Gateway servers to operate in a NAT

(Network Address Translation) environment.
Before you begin
Traversing a NAT environment is known issue in the SIP domain. There are several
ways to solve this issue, while some of them have been formed as IETF standard
(RPORT, STUN and ICE), others have been formed as proprietary solutions. So
what is the problem? Some of the SIP communication parameters contain the Fully
Qualified DNS Name (FQDN) or the IP address, and the port, but a SIP device
deployed in a NAT environment does not know how it will be seen from the
internet because the NAT device translates the IP address. The SIP message will
contain IP address and port – which are not accessible from the internet. There are
several paradigms to solve this issue:
v SIP Friendly NAT device – NAT devices that can analyze a SIP message and
then replace the IP address and ports listed inside of it. This solution does not
support encrypted SIP communication such as TLS.
v IETF Standard – a method using a standardized protocol such as RPORT, STUN,
or ICE.
Currently, the IBM WebSphere SIP infrastructure does not provide a solution to
this problem because it does not support any of the IETF standards. Therefore, any
SIP application deployed on WebSphere has to develop its own solution. The
solution provided here assumes that you have the following elements in your
deployment:
v A clustered environment, with one ore more clustered servers.
v A SIP proxy server federated to the cluster.
v All cluster members (including the SIP proxy server) are deployed within the
same subnet.
v A static NAT is defined in the NAT or firewall; the public IP address should be
mapped to the SIP proxy server’s internal IP address.
About this task
The following diagram illustrates the NAT environment that this solution was
designed for:

Limitations:
v Only static NAT is supported
v A single SIP proxy deployment was tested; a multiple-SIP proxy deployment
was never tested but can be applied with the same setting.
v Single-server deployment is not supported, but a clustered deployment which
contains only one server is supported.
1. Map a fully qualified domain name to the public IP address serving the Lotus
Sametime Gateway.
This FDQN will be used when registering the Gateway for provisioning with
Yahoo! and AOL, as well as in the SRV record used for communicating with
Google.
2. Install the SSL certificate.
The CN name for the certificate should be the one defined as FQDN mapped to
the public IP in step 2. For example, the diagram above uses the FQDN
gw.ibm.com. For information on requesting the certificate, see Creating a
certificate request.
3. Define a custom property to map the cluster FQDN for traversing the NAT:
Define a custom property to enable communications in a NAT (Network
Address Translation) environment. Traversing NAT is known issue for the SIP
domain; defining the ″FQDN″ custom property for Lotus Sametime Gateway is
a workaround for this issue. Before beginning, make sure the following
requirements have been satisfied:
v A static NAT should be defined in the NAT or Firewall (only static NATs are
supported).
v The public IP address should be mapped to the SIP proxy internal IP
address.
v A fully qualified domain name must be mapped to the public IP address
serving the Lotus Sametime Gateway.
This FDQN will be used when registering the Lotus Sametime Gateway for
provisioning with Yahoo! & AOL, as well as the SRV record used for
communicating with Google .

a. Log in to the Integrated Services Console as a Lotus Sametime Gateway
administrator.
b. Click System administration → Cell → Custom Properties.
c. Click New and enter information for the new custom property:
Name Type com.ibm.sametime.gateway.fqdn as the name of

the new property.
Value Type your fully qualified domain name.
Description Type a description of the new property.
d. Click Apply, and then click OK.

e. Perform a full synchronize with the nodes:
1) In the Deployment Manager’s Integrated Solutions Console, click
System administration → Nodes.
2) Click Full Resynchronize.
f. Restart all Lotus Sametime Gateway nodes.
For example, If you set the custom property to gw.ibm.com (and the port is set
to 5070), the INVITE SDP would look like this:
v=0
o=- 0 0 IN IP4 gw.ibm.com
s=session
c=IN IP4 gw.ibm.com
t=0 0
m=message 5070 sip null
4. Enable the SIP Proxy IP Sprayer:
a. In the Integrated Solutions Console, click Servers → Proxy Servers.
b. Select the SIP proxy server from the list.
c. Click SIP Proxy Server Settings → Enable SSL sprayer.
d. Apply the following settings:
v Enable SSL sprayer
v Set the SSL host to the FQDN (in our diagram gw.ibm.com)
v Set the port to 5061.
e. Restart the proxy and the Lotus Sametime Gateway server.
Configuring the XMPP proxy server:
Configure the XMPP proxy server to allow Google Talk, and other XMPP-based
instant messaging systems to flow to and from the Sametime Gateway.
Before you begin
Expected state: the SIP and XMPP proxy server node is installed and federated into
the cell. A Sametime cluster has been installed. The Deployment Manager is
started.
1. On the Deployment Manager node, log into the Integrated Solutions Console.
2. Click Servers → Application Servers and select the XMPPProxyServer from
the list.
3. Click Ports.
4. Click New to add a port.
5. Select User-defined Port .
6. Type XMPP_INTERNAL_PORT in the Specify port name field.

7. In the Host name field, type the IP address of the machine on which
XMPPProxyServer is installed.
8. In the Port field, type 5271.
A note about ports:
v XMPP_INTERNAL_PORT is used for listening to traffic from the proxy
server.
If the XMPPProxy and XMPPServer are running on the same physical
computer, they will attempt to listen to the same default value of
XMPP_INTERNAL_PORT which is 5271. As a result, the proxy will listen to
the incoming connections from the server, and the server will listen to the
proxy. In order to break this endless loop, set XMPP_INTERNAL_PORT to
another value for the proxy (for example, 5272).
v XMPP_SERVER_ADDRESS port is used on the proxy server itself to listen
to traffic from an external community.
The XMPP_SERVER_ADDRESS port (5269) is unrelated to the ″port 5269″
value that appeared on the XMPP community page when you created the
community. That community page port refers to the port that the external
community is listening on, and is used when Lotus Sametime Gateway
performs a DNS-SRV record lookup.
If you need to change a default port, click Application Servers → Server Name
and, under the ″Communications″ section, click Ports .
9. Click OK and Save.
10. In the Integrated Solutions Console, click System administration → Cell.
11. Under Additional properties, click Custom Properties, and click New.
12. Create Name and Value pairs for the Sametime Gateway cluster, XMPP proxy
node name, and XMPP proxy server name. Type the names and values as they
are spelled out in the table below. For XMPP proxy node name, substitute the
name of the node on which the XMPP proxy resides.
Name Value
STGW_CLUSTER_NAME SametimeGatewayCluster
XMPP_PROXY_NODENAME XMPP proxy node name
XMPP_PROXY_SERVERNAME XMPPProxyServer
13. Click Apply and Save after you type each pair. When you are done, you will
have a table that looks something like this:

Setting up node replication and failover for the cluster:
This optional procedure sets up node replication to provide high availability and
failover support for the cluster. If one member of the cluster goes down, other
nodes can continue to process the SIP request. Use this procedure only if you
require high availability and failover support.
Before you begin
Before you begin, you must install IBM Lotus Sametime Gateway on each node,
add the nodes to a cluster, and then start the cluster and the SIP proxy server.
About this task
Lotus Sametime Gateway offers a comprehensive high availability (HA) solution.

High availability means an environment that doesn’t have a single point of failure.
A SIP cluster that requires replication and failover can consist of many replication
domains, each of which contain a set of two servers. There is no limit set on the
number of servers in a cluster. For performance reasons, each replication domain
should contain two servers only. The replication domain should be set to the entire
domain, which means state is replicated to all servers in the replication domain.
The replication mode must be Both client and server. The distributed session for a
container must be set to Memory-to-memory replication.
1. Click Servers → clusters and verify that the Sametime Gateway cluster is started
and the status is green.
2. Click Servers → Proxy Servers and verify that the SIP proxy is started and the
status is green.
3. Click SIP proxy → SIP Proxy Server Settings → SIP proxy settings and verify
that the cluster in the drop down box is the same Sametime Gateway cluster
defined in the previous step.
4. Click Environment → Replication Domains , and then click New. Do not pick
the GatewayCache. This is the DynaCache used to propagate the configuration
across the cluster, and is not used for SIP session replication.
5. Type a name for the new replication domain.

6. Under Number of Replicas, select Entire Domain so that the SIP session is
replicated to all members in the domain, and click OK.
7. Click Servers → Application Servers, and then select a member of the cluster.
a. Under Container Settings, clickSession management.
b. Under Additional Properties, click Distributed environment settings.
c. Under Distributed sessions, click Memory-to-memory replication. The
distributed session option will become enabled once configured.
d. Under Replication domain, select the replication domain that you created in
previous steps.
e. In the Replication mode field, select Both client and server, then click OK,
and then clickSave. Memory to memory replication is now enabled for this
member of the cluster.
8. Repeat the previous step for each member of the cluster.
Starting a cluster:
When starting a cluster for the first time, you must start the Deployment Manager,
node agents, and then all Lotus Sametime Gateway servers in the cluster.
Before you begin
Before begin these steps, you must install Lotus Sametime Gateway on each node,
federate the nodes into the cell, run the Cluster Configuration Wizard, and then set
up SIP and XMPP proxy servers for your cluster.
About this task
In the steps that follow, you start the Deployment Manager in a command window
so that you can log in to the Integrated Solutions Console and complete the
remaining steps. After the Deployment Manager is started, you can view the
Integrated Solutions Console pages. However, you cannot view the Lotus
Sametime Gateway administration pages until you start at least one node agent
and the Lotus Sametime Gateway server on that node.
privileges.
3. If not already started, start the Deployment Manager with the following
command:
./startManager.sh
Windows
startManager.bat
IBM i
startManager
./startNode.sh

Windows
startNode.bat
IBM i
startNode
Stopping and starting the Deployment Manager:
This topic describes how to stop and start the Deployment Manager.
privileges.
3. Stop the Deployment Manager. Use the administrative user ID and password
that you created when you installed the Deployment Manager. Note that you
do not have to provide the username and password qualifiers in the command;
you can wait to be prompted and then enter your credentials. Type the
following commands:
./startManager.sh
Windows
startManager.bat
IBM i
startManager
Stopping and starting the node agents:
This topic describes how to stop and start the node agents. Typically, you stop and
start node a node agent by logging onto a node and running the stop node or start
node command. However, for convenience, you can restart all node agents from
the Deployment Manager node by using the Integrated Solutions Console only if
the node agents are running. If they are stopped, you must start the node agents
from nodes themselves.
3. Stop the node agent with the following command:
./stopNode.sh
Windows
stopNode.bat
IBM i
stopNode
./startNode.sh
Windows

startNode.bat
IBM i
startNode
the previous steps to stop and start the node agent on each node.
6. To restart node agents that are already running:
a. Make sure the Deployment Manager is running and log into the Integrated
Solutions Console on the Deployment Manager node.
Stopping and starting a cluster:
Complete these steps to stop and start a cluster of Sametime Gateway servers from
the Integrated Solutions Console.
Before you begin
Expected state: the Deployment Manager, node agents, and all servers in the
cluster are started.
About this task
You must restart the cluster when you add, delete, or change a community.
3. Select the Lotus Sametime Gateway cluster, and click Stop, and wait for the
cluster to stop.
5. Select the Lotus Sametime Gateway cluster, and click Start.
7. Select the SIP proxy server and click Start if it is not already started.
9. Select the XMPP proxy server and click Start if it is not already started.
Stopping and starting servers in a cluster:
This topic describes how to stop or start individual servers or nodes in a cluster.
2. Click Servers → Application Servers .
3. If you want to stop a server, select the application server’s check box and click
Stop.
4. If you want to start a server, select the application server’s check box and click
Start.
Stopping and starting a single server:
Complete these steps to stop and start a single Sametime Gateway server in a
single server environment.

2. Open a command window and navigate to the Lotus Sametime Gateway
profile directory that contains binaries: stgw_profile_root\bin
3. Type the following command to stop the Sametime Gateway server. Note that
RTCGWServer is case-sensitive, and that on all the stopserver commands, you are
prompted to enter your administrative user ID and password that you created.
v Windows:
stopserver.bat RTCGWServer
./stopserver.sh RTCGWServer
v IBM i:
stopServer RTCGWServer
4. Type the following command to start Lotus Sametime Gateway.
v Windows:
startserver.bat RTCGWServer
./startserver.sh RTCGWServer
v IBM i:
Starting the SIP and XMPP proxy servers:
The XMPP and SIP proxy server node is different from other Sametime Gateway
node installation types in that it contains more than one server. Based on the type
of traffic you expect to have in your environment (SIP or XMPP), you can start or
stop the appropriate proxy server instance on the node. This removes the need to
define a proxy server for each type of protocol. If you require the XMPP proxy
functionality only, then start the XMPPProxyServer only. If you need SIP proxy
functionality only, then start the SIPProxyServer only. If you need both, start both.
About this task

Table 47. Instant Messaging Systems and Proxy Servers
Instant Messaging System Proxy Server
Sametime SIP
AOL Instant Messenger SIP
Office Communications Server SIP
Yahoo! Messenger SIP
Google Talk XMPP
Before you start the SIP and XMPP proxy servers, you must add nodes to the
cluster, create the cluster, set up a SIP and XMPP proxy server, and then start the
cluster.
1. On the Deployment Manager node, log in to the Integrated Solutions Console.
2. Choose Servers → Clusters.
3. Verify that the cluster status is Started (shown with a green arrow).
5. Select the SIP proxy server and click Start.
6. Choose Servers → Applications servers.

7. Select the XMPP proxy server and click Start.
Registering a new Gateway cluster on IBM i with the System Console:
After installing the IBM Lotus Sametime Gateway cluster on IBM i, register it with
Before you begin
started.
About this task
Working from the Deployment Manager, follow these steps to update properties
files and run the registration utility to register the cluster with the console.
During this task you will edit the following files; click the file names below to see
details. You may want to open the topic in a new browser tab or window so you
can keep it open for reference:
1. Working on the Deployment Manager, navigate to the console directory:
/qibm/userdata/STGateway/ProfileName/console
Where the ProfileName is the one you specified when you installed the Gateway.
Note: If the Primary Node is installed on the same server as the Deployment
Manager, make sure you are working in the Deployment Manager’s profile.

Table 48. console.properties settings for the Deployment Manager (continued)


Manager.
System Console.
Manager.
Manager server:
a. Navigate to the /qibm/userdata/STGateway/IBM/WebSphere/AppServer/V7/
profiles/DMProfile/config/cells/DMCell/nodes/PNnode directory.

c. In the DepName setting, provide a descriptive name for Primary Node
System Console.
a. Navigate to the /qibm/userdata/STGateway/IBM/WebSphere/AppServer7/
profiles/DMProfile/config/cells/DMCell/nodes/SNnode directory.
c. In the DepName setting, provide a descriptive name for the Secondary Node
System Console.
a. Return to the Deployment Manager’s profile (the directory you used in Step
1).
b. From an IBM i command line, run the following command to start the
c. Run the cd shell command, specifying the fully qualified path to the console
d. Run the shell script to register the server: registerProduct.sh
e. When the utility prompts for the cluster’s name, type the name and press
Enter.
f. When the registration script completes, press F3 to exit QSH.
Performing a silent installation:
Performing a silent installation on IBM i:
Before you begin
You must install WebSphere Application Server separately before performing a

silent installation. The silent installation program must be run in QSH mode.


About this task
Sametime Gateway installation CD is a fully-documented response
file: installresponse.txt. Copy this file to the machine and edit it with values
1. From the installation media, copy and unzip the following Lotus Sametime
Gateway installation image to a temporary directory /TMP on the machine
where you will be installing Lotus Sametime Gateway:
C17KCML.exe
This step creates a folder: /TMP/SametimeGateway.

2. Copy the folder /TMP/SametimeGateway to the IFS of the IBM i system.
3. Start a QSHELL session.
4. Navigate to the /TMP/SametimeGateway folder.
install.sh -options-record response_file
where response_file is an absolute path to the response file to be generated.

install.sh -options-record /TMP/SametimeGateway/gatewayOptions.txt
6. If another Sametime Gateway installation exists on the system, you must allow
for the existence of more than one Sametime Gateway server by completing the
sub steps that follow:
a. Using a text editor, open the response file.
b. Search for the line starting with -V Coexist=.
c. If the line exists set the value to be -V Coexist="true". If the line does not
exist, add -V Coexist="true" to the bottom of the file.
d. Save and close the response file.
command window.
8. Type the following command to use the response file that you created:
install.sh -options response_file -silent
Results

About this task
Server.
Servers.
Servers.
Add.
entered.
6. Click OK.
Troubleshooting installation:
These steps help you troubleshoot installation problems by describing how you can
use a different tables pace name for the database and how you can clean your
system of previous installations.
About this task
Many installation problems are caused when the installer cannot locate the
database or when installing a new instance of Sametime Gateway and a previous
installation has not been completely removed from the system. The following steps
describe how to use a different table space in the database or clean your system of
previous installations.
1. Open the installation log file at stgw_server_root\logs\installlog.txt

2. If log reports an error in finding the DB2 database, check to make sure you are
using the table space name USERSPACE1. Sametime Gateway expects USERSPACE1
by default. To install using a different table space name, use the following
command when you run the installer:
install.bat -VTableSpaceName="tableSpaceName"
Where tableSpaceName is the name of the table space that you want the installer
to use.
3. To clean your system of previous installations, use the log to find the location
of the Install Shield Multiplatform (ISMP) database called the Vital Product
Database (VPD). For example, examine this log entry from Windows (formatted
to fit on the page):
(Nov 24, 2007 2:22:22 PM), stGwInstall,
com.ibm.rtc.gateway.install.CheckVPDRegistry, msg1,
using VPD registry at C:\Program Files\Common
Files\InstallShield\Universal\common\Gen2\_vpddb\vpd
The location of this registry varies from system to system. On windows, VPD is
usually found in the \Program Files\Common Files\InstallShield\Universal\
common\Gen2 folder. If a Sametime Gateway server is uninstalled, but an error
occurs and the product is not unregistered, the VPD shows that Sametime
Gateway is installed on the system. When a new installation is initiated, and a
previously installed Sametime Gateway server is detected, the installer prompts
you to upgrade or install a new version, or the installer forces you to install a
Deployment Manager server or a Primary Server on the same system. None of
these scenarios are desired because there are no Sametime Gateway servers
installed on the system.
4. Back up the Gen2 folder. Note that the VPD registry may be used by other
programs that are installed with InstallShield, so removing this registry may
interfere with other programs. It’s recommended that you do not remove the
Gen2 folder unless absolutely necessary.
5. Remove the original Gen2 folder.
6. If installing on Windows, delete the following left over files:
C:\Windows\.nifregistry
C:\Windows\vpd.properties
7. Start the installation again.
Configuring LDAP
Configure Sametime Gateway to use the LDAP directory used by the local
Sametime environment. If you did not connect to LDAP when you installed
Sametime Gateway, or you did connect to LDAP but now want to create a secure
connection, use these procedures. Sametime Gateway must look up names and
groups in the LDAP directory to grant users and groups access to external
communities.
About this task
Use Lotus Sametime Gateway with virtually any LDAP directory that is supported
by Lotus Sametime and the WebSphere Application Server environment. Lotus
Sametime Gateway deployment does not require changes to existing directory
structures. It’s recommended that you configure the same LDAP directory that is
used by the Sametime community server. You can use a separate LDAP directory,
but information between the two LDAP directories must be replicated and
identical.

Note: The use of an LDAP directory is not required for Lotus Sametime Gateway,
but it lets you implement an access control list (ACL) that controls which users
and groups can access, and be accessed from, external communities. If you do not
want to configure the use of an LDAP directory at this time, you can skip the
procedure. If you later decide to start using an LDAP directory for Lotus Sametime
Gateway, you can configure the interaction at that time.
Be sure to read the first topic below before setting up your LDAP directory:
LDAP and access to external and internal users:
Lotus Sametime Gateway works with the LDAP user registry used by your local
Sametime community so that you can assign local users permission to access
members in external and clearinghouse communities. For local users to chat with
and share presence with a member of an external community, two events must
happen: you must assign the local user to the external community and the external
community administrator must assign the external community member access to
your Sametime community.
You can use Lotus Sametime Gateway with virtually any LDAP directory that is
supported by Lotus Sametime or the WebSphere Application Server environment.
Lotus Sametime Gateway deployment does not require changes to existing
directory structures. When you configure WebSphere Application Server to use an
LDAP user registry, you are identifying to Lotus Sametime Gateway the LDAP
directory that houses members of the local Sametime community. As an
administrator, you look up names and groups in the LDAP directory and assign
them capabilities when accessing an external community.
Using LDAP, you can assign users and group to capabilities such as instant
messaging or presence or both when assigning users and groups access to an
external community. Lotus Sametime Gateway displays group names, user names
(short names), and user e-mail addresses. Groups do not have e-mail addresses.
Access to internal and external communities
When you assign a local user from your LDAP directory access to an external
community, you provide, at the local level, permission for that local user to
exchange instant messages with potentially all members of an external community.
You cannot give the user permission to subscribe to some members of the external
community because you cannot control who in the external community has access
to the local user. If the administrator in an external community assigns all
members in the external directory access to your local community, your local
Sametime user can subscribe to all members of the external community and all
external community members can subscribe to your user.
As an administrator, you cannot set access for external users because there is no
way for you to configure access in external directories. External users can only
have instant messaging and presence with the members of your local community
for whom you have assigned access. The only people who can be subscribed to by
external users are the users and groups who have been granted access by you.
For example, if local user John has not been granted access to external community,
and external user Mary subscribes to John’s presence, Mary will never receive a
response because local user John does not have the rights to send a response. Any
subscription requests from an external user is blocked by the Lotus Sametime

Gateway because the local user is not granted access to subscribe to the external
community.
Configuring LDAP for a single server:
IBM Lotus Sametime Gateway requires that IBM WebSphere Application Server be
configured to use a Lightweight Directory Access Protocol (LDAP) user registry
that contains members of the local Sametime community. Complete the following
steps if you did not create a connection to LDAP at installation, or you completed
a connection to LDAP but want to secure that connection over SSL.
Before you begin
Expected state: Administrative security is enabled. The Deployment Manager is

running.
1. If not already started, start Lotus Sametime Gateway:
a. Open a command window (QShell session on IBM i).
b. Navigate to the Lotus Sametime Gateway profile directory that contains
binaries: rtcgw_profile_root\bin
c. Type the following command. Note that RTCGWServer is case-sensitive.
Windows
IBM i
2. Ensure that the enterprise LDAP server is running.
3. Complete the following sub steps to connect to connect to LDAP over SSL,
otherwise skip this step. If the LDAP server is using a public certificate, then
you need to obtain the public root CA and import it. If your LDAP server is
using a self-signed certificate, then you simply import the self-signed
certificate.
a. From the Integrated Solutions Console, select Security → SSL Certificates
and key management, then select Key stores and certificates.
b. Click NodeDefaultTrustStore.
c. Click Signer certificates.
d. Click Add.
e. In the Alias field, type a description for the certificate, whether it’s
self-signed or a public CA.
f. In the File name field, type the path to the certificate file. For example,
c:\certname.cer.
g. Click Apply and then Save.
4. From the Integrated Solutions Console, select Security → Global Security.
5. Make sure the Enable administrative security and Enable application
security options are selected.
6. In the Available realm definitions, select Federated repositories.
7. Click Set as current.
8. Click Configure.
9. Click Add base entry to the Realm.
10. On the next screen, click Add Repository...

11. Type a logical name for the repository in the Repository Identifier field. The
identifer can be any value, as long as it’s unique within the cell.
12. Select the type of LDAP server to use from the Type list. If you have an IBM
Lotus Domino Version 7.0 server, select IBM Lotus Domino Version 6.5 as
your LDAP type.
13. Enter the fully qualified host name of the LDAP server in the Primary host
name field. You can enter either the IP address or domain name system (DNS)
name.
14. Enter the LDAP server port number in the Port field. The host name and the
port number represent the realm for this LDAP server in the WebSphere
Application Server cell. The default value is 389.
15. Optionally, enter the bind DN name in the Bind distinguished name field.
The bind distinguished name can be any user with read permission for the
directory server. The bind DN need not be the LDAP administrator. Leave this
field blank to connect to the LDAP server anonymously.
16. Optionally enter the password corresponding to the bind DN in the Bind
password field. Leave this field blank to connect to the LDAP server
anonymously.
17. Specify the Login properties when setting up the repository. The cn, uid, and
mail are common login property values. If your LDAP server uses a login
property other than uid, you must change the value to match your user prefix.
18. Click Apply, and then click Save.
19. In the Distinguished name of a base entry that uniquely identifies this set
of entries in the realm field, type the base DN of your choice such as
″o=myLDAPRealm″ or ″o=defaultWIMLDAPBasedRealm″. This DN is for
internal Websphere Application Server use only and is used to identify a set of
entries when returning search results.
20. In the Distinguished name of a base entry in this repository field, type the
DN of the base entry within the directory to begin searches. Leave this field
blank to start LDAP searches at the root of your LDAP repository, or if you
have a Domino LDAP, which always begins searches at the root of the
directory. An example of a DN for the base entry in a repository:
dc=IBM,dc=COM
22. Use a text editor and open wimconfig.xml. The directory path that follows is
all on one line but represented here on two lines for printing:
app_server_root\profiles\RTCGW_Profile
\config\cells\<cell_name>\wim\config\wimconfig.xml
The <cell_name> is the name of your cell.

23. Search for the following text:
<config:attributeConfiguration>
24. Below this line of text, add the following line if it does not exist:
<config:externalIdAttributes name="dominounid"/> , specifying the correct
value for your directory from the following list:
Domino LDAP: dominounid
IDS: ibm-entryuuid
Active Directory: objectguid
Novell eDirectory: guid
Sun ONE: nsuniqueid For example, if you have a Domino LDAP, your text
may look like this. Note that your text may be different.

<config:externalIdAttributes name="dominounid" />
<config:attributes name="userPassword" propertyName="password" />
<config:entityTypes>Group</config:entityTypes>
</config:attributes>
- <config:attributes name="cn" propertyName="cn">
<config:propertiesNotSupported name="businessAddress" />
</config:attributeConfiguration>
25. Now find the <config:repositories> element and add the following line to
the <config:attributeConfiguration> element block:
<config:externalIdAttributes name="<unique_attribute>"
syntax="<attribute_syntax>"/>
where <unique_attribute> is the unique LDAP attribute that you want to use
and <attribute_syntax> identifies the syntax. Include the syntax attribute
only if the syntax is something other than a type of string.
For example, to use a string called dominounid, edit the wimconfig.xml file to
include the following element:
<config:externalIdAttributes name="dominounid"/>
If the attribute was not a string, you would identify its syntax as well. For
example:
<config:externalIdAttributes name="GUID" syntax="octetString"/>
The following are some examples of commonly used unique attributes for
different some flavors of LDAP:
v Domino LDAP: dominounid
v IDS: ibm-entryuuid
v Active Directory: objectguid
v Novell eDirectory: guid
v Sun ONE: nsuniqueid
26. Save the file. Note: the dominounid attribute was introduced in Lotus
Domino 6.5.4 and 7.0. In some cases this attribute may not appear in the
schema database or on the Server Configuration document (LDAP tab). This
can occur when the administration server for the Domino domain is version
6.5.3 or lower. The Administration server controls the creation of the Schema
database, as well as which attributes are available for anonymous queries
through the Configuration document. To resolve the issue, the Administration
server should be upgraded to Domino version 6.5.4 or above. In addition,
while a particular Domino LDAP may not require to bind, binding is
necessary to retrieve the dominounid attribute. Any bind user would be
acceptable, read only is fine.
27. Stop and then restart the Lotus Sametime Gateway server:
a. Navigate to the directory that contains binaries: rtcgw_profile_root\bin
b. Type the following commands, depending on your operating system, to
stop and then start Lotus Sametime Gateway. You must use the user name
and password that you provided when you enabled administrative
security to stop the server. Wait for the stopserver command to finish
before executing the startserver command. Note that RTCGWServer is
case-sensitive.
./stopServer.sh RTCGWServer -username username -password password
Windows

stopServer.bat RTCGWServer -username username -password password
IBM i
stopServer RTCGWServer -username username -password password
28. log into the Integrated Solutions Console (http://localhost:9060/ibm/console).
29. Select Users and Groups → Manage Users.
30. Click Search to verify that you can search your LDAP directory. If your LDAP
functionality is enabled, you should see a list of users on the screen.
31. Click a user name and make sure you can see the user’s content. You can
verify group names as well.
32. Copy the script: stgw_server_root/config/adminscripts/rtcgw_vmm.jacl to
app_server_root/bin .
33. Open a separate command window and navigate to app_server_root/bin .
wsadmin -username username -password password -f rtcgw_vmm.jacl
Where username is the administrative user ID that you use to log into the
Integrated Solutions Console. You created this user ID when you installed
Lotus Sametime Gateway. For example:
wsadmin -username wasadmin -password gateway4u -f rtcgw_vmm.jacl
35. Stop and then restart the Lotus Sametime Gateway server:
a. Navigate to the directory that contains binaries: rtcgw_profile_root\bin
b. Type the following commands, depending on your operating system, to
stop and then start Lotus Sametime Gateway. You must use the user name
and password that you provided when you enabled administrative
security to stop the server. Wait for the stopserver command to finish
before executing the startserver command. Note that RTCGWServer is
case-sensitive.
./stopServer.sh RTCGWServer -username username -password password
Windows
stopServer.bat RTCGWServer -username username -password password
IBM i
stopServer RTCGWServer -username username -password password
36. The remaining optional steps apply to an LDAP server that is not a Domino
LDAP directory. By default, Sametime uses mail as the attribute in an LDAP
record to search for users. If your LDAP directory uses a different attribute,
you can change Sametime to use that attribute instead. For example, if you
want to change Sametime to instead use the attribute displayName, complete
the following steps:
a. Use a Lotus Notes client on the Sametime server to open the Sametime
Configuration database (stconfig.nsf).
b. Click File → Database → Open and select the Local server.
c. Select the Sametime Configuration database (stconfig.nsf).
d. Click Open.
e. In the right pane of the Configuration database, locate the LDAP server
entry in the Form Name column of the Configuration.

f. Each LDAP Server document is listed to the right and beneath the LDAP
Server entry under the Last Modified Date column. The date represents
the last time the LDAP server document was modified.
g. To open an LDAP Server document, double-click the date in the Last
Modified Date column that represents the document.
h. When the LDAP Server document opens, double-click the document to put
it in edit mode.
i. Search and replace mail with displayname.
Search filter for resolving person names:(&(objectclass=organizationalPerson)

(|(uid=%s*)(givenname=%s*)(sn=%s*)(mail=%s*)))
Search filter to use when resolving a user name to a distinguished name:
(&(objectclass=organizationalPerson)(|(uid=%s)(givenname=%s)(sn=%s)(mail=%s)))
"Attribute of the person entry that defines the person's e-mail address" mail
j. Save your changes and then restart the Domino server.

k. On the Lotus Sametime Gateway server that is connected to LDAP, use a
text editor and open the following file:
rtcgw_profile_root\config\cells\<cell_name>\wim\config\wimconfig.xml
l. Add the following line under the other configuration attributes:

<config:attributes name="displayName" propertyName="mail"/> For
example:
- <config:attributes name="cn" propertyName="displayName">
<config:attributes name="displayName" propertyName="mail"/>
m. Save the file.
n. Stop and restart the Lotus Sametime Gateway server.
Configuring LDAP for a cluster:
The IBM Lotus Sametime Gateway requires that IBM WebSphere Application
Server be configured to use the Lightweight Director Access Protocol (LDAP) user
registry that contains members of the local Sametime community. These steps
include information for setting up a connection to LDAP using a self-signed
certificate. Complete the following steps if you did not create a connection to
LDAP at installation, or you completed a connection to LDAP but want to secure
that connection over SSL.
Before you begin
Expected state: the Deployment Manager and node agents are started. The servers
are stopped. Administrative security is enabled.
privileges. Make sure you have an enterprise LDAP server that contains
members of the local Sametime community and the LDAP server is running.

2. Complete the following sub steps to connect to LDAP over SSL, otherwise
skip this step. If your LDAP server is using a public CA, then you need to
obtain the public root CA and import it. If your LDAP server is using a
self-signed certificate, then you simply import the self-signed certificate.
a. From the Integrated Solutions Console, select Security → SSL Certificates
and key management, then select Key stores and certificates.
b. Click CellDefaultTrustStore.
c. Click Signer certificates.
d. Click Add.
e. In the Alias field, type a description for the certificate, whether it’s
self-signed or a public CA.
f. In the File name field, type the path to the certificate file. For example,
c:\certname.cer.
g. Click Apply and then Save.
3. Select Security → Secure administration, applications, and infrastructure.
4. Make sure the Enable administrative security and Enable application
security options are selected.
5. In the Available realm definitions, select Federated repositories.
6. Click Set as current.
7. Click Configure.
8. Click Add base entry to the Realm...
9. On the next screen, click Add Repository...
10. Type a logical name for the repository in the Repository Identifier field. The
identifier can be any value, as long as it’s unique within the cell.
11. Select the type of LDAP server to use from the Type list. If you have a IBM
Lotus Domino Version 7.0 server, select IBM Lotus Domino Version 6.5 as your
LDAP type.
12. Enter the fully qualified host name of the LDAP server in the Primary Host
field. You can enter either the IP address or domain name system (DNS)
name.
13. Enter the LDAP server port number in the Port field. The host name and the
port number represent the realm for this LDAP server in the WebSphere
Application Server cell. The default value is 389.
14. Optionally, enter the bind DN name in the Bind distinguished name field.
The bind distinguished name can be any user with read permission for the
directory server. The bind DN need not be the LDAP administrator. Leave this
field blank to connect to the LDAP server anonymously.
15. Optionally, enter the password corresponding to the bind DN in the Bind
password field. Leave this field blank to connect to the LDAP server
anonymously.
16. Specify the Login properties when setting up the repository. The cn, uid, and
mail are common login property values. If your LDAP server uses a login
property other than uid, you must change the value to match your user prefix.
18. In the Distinguished name of a base entry that uniquely identifies this set
of entries in the realm field, type the base DN of your choice such as
″o=myLDAPRealm″ or ″o=defaultWIMLDAPBasedRealm″. This DN is for
internal Websphere Application Server use only and is used to identify a set of
entries when returning search results.

19. In the Distinguished name of a base entry in this repository field, type the
DN of the base entry within the directory to begin searches. Leave this field
blank to start LDAP searches at the root of your LDAP repository, or if you
have a Domino LDAP, which always begins searches at the root of the
directory. An example of a DN for the base entry in a repository:
dc=IBM,dc=COM
21. Log out of the Integrated Solutions Console.
22. On the Lotus Sametime Gateway server that is connected to LDAP, use a text
editor and open wimconfig.xml. The directory path that follows is all on one
line but represented here on two lines for printing:
The <cell_name> is the name of your cell.

23. Search for the following text:
24. Below this line of text, add the following line if it does not exist:
<config:externalIdAttributes name="dominounid"/> , specifying the correct
value for your directory from the following list:
Domino LDAP: dominounid
IDS: ibm-entryuuid
Active Directory: objectguid
Novell eDirectory: guid
Sun ONE: nsuniqueid For example, if you have a Domino LDAP, your text
may look like this. Note that your text may be different.
25. Now find the <con fig:repositories> element and add the following line to
the <config:attributeConfiguration> element block:
<config:externalIdAttributes name="<unique_attribute>"
syntax="<attribute_syntax>"/>
where <unique_attribute> is the unique LDAP attribute that you want to use
and <attribute_syntax> identifies the syntax. Include the syntax attribute
only if the syntax is something other than a type of string.
For example, to use a string called dominounid, edit the wimconfig.xml file to
include the following element:
<config:externalIdAttributes name="dominounid"/>
If the attribute was not a string, you would identify its syntax as well. For
example:
<config:externalIdAttributes name="GUID" syntax="octetString"/>
The following are some examples of commonly used unique attributes for
different some flavors of LDAP:
v Domino LDAP: dominounid

v IDS: ibm-entryuuid
v Active Directory: objectguid
v Novell eDirectory: guid
v Sun ONE: nsuniqueid
26. Save the file.
27. Navigate to the rtcgw_profile_root\bin directory.
28. Stop the Deployment Manager and wait for the command to finish, and then
restart the Deployment Manager. Use the user name and password that you
created when you enabled administrative security. Type the following
commands:
Windows
IBM i
startServer.sh dmgr
29. Synchronize your changes to all nodes in the cluster. Click System
Administration → Nodes
30. Select all nodes in the cluster, then click Full Resynchronize.
31. Restart the node agents.
console) on the Deployment Manager node.
32. Choose Servers → Clusters
33. Select the Lotus Sametime Gateway cluster and click Start. Verify that the
cluster status is started. (shown with a green arrow).
34. Select Users and Groups → Manage Users.
35. Click Search to verify that you can search your LDAP directory. If your LDAP
functionality is enabled, you should see a list of users on the screen.
36. Click a user name and make sure you can see the user’s content. You can
verify group names as well.
37. Copy the following script:
from:
stgw_server_root/config/adminscripts/rtcgw_vmm.jacl
to the Deployment Manager node:
app_server_root/bin
38. Open a command window and navigate to app_server_root/bin .
wsadmin -username username -password password -f rtcgw_vmm.jacl
Where username is the administrative user ID that you use to log into the
Integrated Solutions Console. You created this user ID when you installed
Lotus Sametime Gateway. For example:
wsadmin -username wasadmin -password gateway4u -f rtcgw_vmm.jacl
40. In the DB2 window on the Deployment Manager node, stop the Deployment
Manager and wait for the command to finish, and then restart the

Deployment Manager. Use the user name and password that you provided
when you enabled administrative security. Type the following commands:
./startManager.sh
Windows
startManager.bat
IBM i
startManager
41. Restart the node agents.
a. log into the Integrated Solutions Console (http://localhost:9060/ibm/
console) on the Deployment Manager node.
42. Choose Servers → Clusters
43. Select the Lotus Sametime Gateway cluster and click Start. Verify that the
cluster status is started. (shown with a green arrow).
44. The remaining optional steps apply to an LDAP server that is not a native
internal Domino directory. Complete these steps to change the default
attribute of the person entry that defines the person’s e-mail address in
app_server_root\profiles\RTCGW_Profile \config\cells\<cell_name>\wim\
config\wimconfig.xml. The default attribute is mail. If you want to change the
default attribute to displayName, complete the following steps:
a. Use a Lotus Notes client on the Sametime server to open the Sametime
Configuration database (stconfig.nsf).
b. Click File → Database → Open and select the Local server.
c. Select the Sametime Configuration database (stconfig.nsf).
d. Click Open.
e. In the right pane of the Configuration database, locate the LDAP server
entry in the Form Name column of the Configuration.
f. Each LDAP Server document is listed to the right and beneath the LDAP
Server entry under the Last Modified Date column. The date represents
the last time the LDAP server document was modified.
g. To open an LDAP Server document, double-click the date in the Last
Modified Date column that represents the document.
h. When the LDAP Server document opens, double-click the document to put
it in edit mode.
i. Search and replace mail with displayname.
Search filter for resolving person names:(&(objectclass=organizationalPerson)
(|(uid=%s*)(givenname=%s*)(sn=%s*)(mail=%s*)))
Search filter to use when resolving a user name to a distinguished name:
(&(objectclass=organizationalPerson)(|(uid=%s)(givenname=%s)(sn=%s)(mail=%s)))
"Attribute of the person entry that defines the person's e-mail address" mail
j. Save your changes and then restart the Domino server.
k. On the Lotus Sametime Gateway server that is connected to LDAP, use a
text editor and open the following file:

l. Add the following line under the other configuration attributes:
<config:attributes name="displayName" propertyName="mail"/> For
example:
<config:attributes name="cn" propertyName="displayName">
<config:attributes name="displayName" propertyName="mail"/>
<config:attributes name="cn" propertyName="cn">
m. Save the file. Note: the dominounid attribute was introduced in Lotus
Domino 6.5.4 and 7.0. In some cases this attribute may not appear in the
schema database or on the Server Configuration document (LDAP tab).
This can occur when the administration server for the Domino domain is
version 6.5.3 or lower. The Administration server controls the creation of
the Schema database, as well as which attributes are available for
anonymous queries through the Configuration document. To resolve the
issue, the Administration server should be upgraded to Domino version
6.5.4 or above. In addition, while a particular Domino LDAP may not
require to bind, binding is necessary to retrieve the dominounid attribute.
Any bind user would be acceptable, read only is fine.
n. Stop and restart the Deployment Manager, the node agents and Lotus
Sametime Gateway servers.
Results
You are now ready to set up SSL on a cluster.
Installing the WebSphere Application Server Update Installer

on IBM i
updates.
About this task
Follow these steps to download the update package and install the IBM Update
Installer, which is needed for installed software updates for WebSphere Application
Server. Extract the packages and run the Update Installer install program from the
workstation that you download the update package to. The Update Installer will
be remotely installed to your IBM i system.
1. Log in with the same user account used to install the Sametime software.
2. On the local system, create a directory to store the update files, such as
stwas_fixes.
3. Download the IBM Update Installer package if you have not already done so.

4. Extract the package to the local fixes directory you created.
5. In the UpdateInstallers subdirectory of the package you extracted, extract the
updateInstaller package for your platform.
6. Navigate to the directory where you extracted the Update Installer and run
the install program.
install.exe
7. The installation wizard initializes and displays the Welcome screen. Click Next
to continue.
8. The License agreement screen is displayed. Read the license agreement and
accept its terms. After you accept the licensing terms, the installation wizard
checks for a supported operating system and prerequisite patches. If you
encounter a problem such as not having the right prerequisite updates on
your system, cancel the installation, make the required changes, and restart
the installation.
9. The Installation directory screen is displayed. Specify the destination of the
installation root directory.
10. The Installation summary panel appears. Review the summary. Click Next to
begin the installation or click Back to make changes to previous panels.
11. The Installation results panel is displayed. Verify the success of the installer
program by examining the completion panel.
Installing WebSphere Application Server updates on IBM i

If you must install additional WebSphere Application Server software updates,
perform this step on each of the servers in your deployment running on
WebSphere Application Server.
Before you begin
To perform these steps, you must have already installed the WebSphere
Application Server Update Installer.
About this task
Follow these steps to install the WebSphere Application Server software updates
required for Sametime 8.5 servers as outlined in the Technote on the IBM Support
Site.
maintained as an IBM Technote at the following Web address:
1. Download the WebSphere Application Server updates package if you have not
already done so.

2. Extract the updates to a local directory such as stwas_fixes.
3. Use ftp or another convenient method to transfer the installation package to the
system where you plan to install the product. Store the file in an IFS directory
of your choosing; for example:
updateInstall_Home/maintenance
By default updateInstall_Home is the root directory of the Update Installer,

/QIBM/ProdData/WebSphere/UpdateInstaller/V7/UPDI.
4. Ensure that you stop all running processes as described in “Command
5. Open the document calledupdateInstall_Home/
os400_readme_updateinstaller.html.
Follow the instructions in ″Installing multiple maintenance packs with silent
install″ to install the update package.
6. After you install the update package, check the installation log to verify that
the install is successful. The log can be found at app_server_root/logs/update/
install/updatelog.txt.
7. Start the servers as described in “Command reference for starting and stopping
servers” on page 232.
Results
To verify which updates have been installed, run the versionInfo command from
the app_server_root/bin directory.
./versionInfo -maintenancePackages > version.txt
The command creates a text file that lists all the WebSphere Application Server
updates that have been installed on the system.
Related tasks
“Installing the WebSphere Application Server Update Installer on IBM i” on page
397
updates.
Deploying the Sametime client to users

The IBM Lotus Sametime Connect client or Lotus Sametime client embedded in
Notes have to be installed on users’ machines to use instant messaging and
meetings. This section gives you information about ways to install these clients.
Sametime Connect client considerations

There are several things you need to know before deploying the IBM Lotus
Sametime Connect client to your users.
About this task
The Lotus Sametime Connect client must be installed on a user’s workstation by

someone with administrative privileges on that computer. Before installing the
client, review the following changes for this release:
v Using Lotus Expeditor to install the Sametime client

If you will use Lotus Expeditor to push the client onto user workstations, be
aware of the following restrictions:
– Do not use non-ASCII characters in the name of the installation directory.
– Do not use long paths (instead create a profile that uses short paths).
– Do not use paths containing non-ISO-8859-1 characters.
These restrictions are discussed in the Lotus Expeditor information center.
v Internet passwords required
Internet passwords are required to log on to IBM Lotus Sametime connect.
Before using Lotus Sametime Connect, each user must have an Internet
password in their Person Document in the Domino Directory or stored in the
LDAP Directory. You may need to inform users of their Internet passwords.
v Supporting IPv6 addressing with the Connect client
Supporting the IPv6 protocol in a Lotus Sametime deployment requires you to
upgrade Lotus Sametime Connect clients to release 8.5 to ensure they can
communicate with Lotus Sametime servers that use IPv6 addresses.
If you support only IPv6 addressing, older clients will not generate error
messages but will appear ″broken″ to users because they cannot communicate
with the IPv6–enabled servers. To avoid lengthy investigations of problems
caused by attempts to use older clients with servers where only IPv6 addressing
is enabled, you should only use clients from release 8.0.2 or later.
If you support both IPv4 and IPv6 addressing, all Lotus Sametime clients can
communicate with the IPv6–enabled servers; just be sure to configure the servers
to listen for IPv4–format addresses as well as IPv6–format addresses.
The U.S. English spell check dictionary is installed automatically, but you can
install spell checker dictionaries for additional languages. The additional
dictionaries are provided as an update site on the client CD and downloaded
image in the optional-components/optional-components-update.zip file. See
“Adding optional features to already-installed clients” on page 209.
Enabling installation of optional client features such as Microsoft

Office Integration
clients.
Before you begin
For example, these optional features are not installed by default; to make them
available to your users, you must either update existing clients or customize the
installation package for new clients.
v Microsoft Office Integration features
v E-mail Integration features
Note: Microsoft Office Integration features are available only for clients running on
Windows.
The administrator decides which features to make available to clients, and which
method to use for installing the client. The following sections explain the available
options in more detail.

Editing the client installation file for a CD or download image:
Dictionaries.
About this task

features in installations from a CD or download image.
2. Open the install.xml file for the appropriate client operating system: Open the
file in a text editor.
v Windows
CD\sametimeclient.standalone\deploy\install.xml
3. Customize the install.xml file to remove the comment markers from any
optional features you wish to include in the install.

section.
5. Test a base install.
Original



Editing the client installation package for use on the Sametime Welcome page:
About this task
Complete these tasks to create a customized install.xml file and post it for users
to download using a link on the Sametime Welcome page:
Editing the client install file:
About this task

features in installations from the network.
1. Open the install manifest (the install.xml file) stored in the network-install
directory on the Sametime server:
v Windows server
– Windows client: C:\Program Files\lotus\domino\data\domino\html\
sametime\network-install\install\deploy\install.xml
v AIX, Linux, and Solaris servers
– Windows client: /local/notesdata/domino/html/sametime/network-
install/install/deploy/install.xml
v IBM i server
– Windows client: /STserver/domino/html/sametime/network-install/
install/deploy/install.xml
2. Edit both versions of install.xml to uncomment any optional features you
wish to include in the install.

section.
3. Save and close the files.

Original



Making the client installation package available from the Sametime Welcome page:
Perform the following steps to make the network client installer available for
installation from the Sametime Welcome page.
Before you begin
If you want to add any optional client features to the base install for all of your
users, see Enabling installation of optional client features such as Microsoft Office
Integration.
About this task
Note: If the Domino HTTP server has been configured to use SSL with a
self-signed test certificate, users will not be able to download the zip from the
Lotus Sametime Welcome page.
1. Copy the entire contents of the network-install directory from the Lotus
Sametime Connect Network Install Client CD or downloaded image to the
following location on the Sametime Community Server.
server_data_directory\domino\html\sametime\network-install
Note: There are placeholder files in the directory; you must replace them with
the real ones.
These are the default locations for the network-install directory:
Windows
c:\program files\lotus\domino\data\domino\html\sametime\network-install
/local/notesdata/domino/html/sametime/network-install
IBM i
/STserver/domino/html/sametime/network-install
in the deploy directory:

v \network-install\install\deploy
3. Update the installer URL information.
a. Open the \domino\html\sametime\network-install\applet\
download.properties file in a text editor.
b. Set the value of the installer.root.base property to match the correct URL for
the network-install directory on your Sametime server.
For example, if your Sametime server host name is stserver.com:
installer.root.base=http://stserver.com/sametime/network-install
c. Save your changes.
4. Use the ArchiveCreator tool to generate the installer archive zips for each
platform.
These zip files only include the base installer with the Expeditor/Eclipse
platform and the install manifest which can be customized for your
environment. This allows the user to download the zip file, extract it, and run
the installer, which provisions the Lotus Sametime features from the update site
included with the network-install directory.
Windows
bin directory
b. Run the ArchiveCreator tool (ArchiveCreator.bat).
bin directory
b. Run the ArchiveCreator tool (ArchiveCreator.sh).
IBM i
a. Run the following commands:
QSH
cd /server_data_directory/domino/html/sametime/network-install/bin
ArchiveCreator_i5OS.sh
b. Press F3 to Exit QSH.
Editing the installation package for the Lotus Notes embedded client:
Dictionaries. You can customize the installation package for the Lotus Sametime
client that is embedded in Lotus Notes on Microsoft Windows.
About this task
Follow these steps to use a customized install.addon.xml file that includes

optional features in the Lotus Notes embedded client installation package.
2. Extract the sametime.embedded.add-on.OS.yyyymmdd-hhss.zip archive file for
the appropriate client operating system.
v Windows
sametime.embedded.add-on.win.yyyymmdd-hhss.zip
where yyyymmdd-hhss displays a date and time; for example: 20091027-2140.

3. Open the deploy\install.addon.xml file for editing (this is one of the extracted
files).
4. Locate the section that starts with the following statement (near the end of the
file):
5. Remove the comment markers to enable desired features:
v By default, all of the features in this section are disabled because they are
commented out.
v You can enable any combination of features.
v You can enable any, or all, of these features by moving the comment markers
to the appropriate position.
v Make sure to comment entire features (from the opening <feature marker
through the closing /> marker.
v Begin a comment with this marker: 


For example, you may want to enable one or more Microsoft Office Integration
features for clients running on Windows:
Table 50. Microsoft Office Integration features available on Windows
Feature Description
com.ibm.collaboration.realtime.exchange
Provides automatic availability status updates in
Sametime livenames based on Microsoft Outlook
calendar entries.
com.ibm.collaboration.realtime.oi.sharepoint.feature
Provides awareness and instant messaging among
Lotus Sametime users who are using an Office
SharePoint site.
com.ibm.collaboration.realtime.oi.toolbar
Provides an action toolbar in Microsoft Outlook
containing Lotus Sametime instant messaging actions,
including access to the contact list, status, and location
information.
com.ibm.collaboration.realtime.oi.webConfTab
Provides the ability to reserve Sametime meetings from
the Sametime tab in Microsoft Outlook meetings.
com.ibm.collaboration.realtime.oi.smarttags
Provides Sametime instant messaging actions in the
Microsoft Office document Smart Tags menu and the
toolbar for Word, Excel, and PowerPoint.
6. Save and close the deploy\install.addon.xml file.

Example: Customized client install.addon.xml file for embedded client:
The install.addon.xml file is the installation manifest, which lists all features
shipped with the IBM Lotus Sametime embedded client for Lotus Notes. When
you uncomment the optional features in the list, they become part of the base
client install package.

Original
The set of optional features is enclosed in comment markers (all of the features are
within a single comment):
Note: Lines have been formatted here for readability because it is important to
make sure you move entire feature statements.
<feature id="com.ibm.rtc.meetings.feature" version="8.5.0.20091027-1957"
match="compatible" download-size="23446" size="23446" action="install"
shared="true" mergeaction="add"
version="1.0.0" match="greaterOrEqual" download-size="0" size="0"
action="uninstall" shared="true"

The first three optional features have been moved outside of the comment markers
and are now enabled for installation:
<feature id="com.ibm.rtc.meetings.feature"

version="1.0.0" match="greaterOrEqual" download-size="0"
size="0" action="uninstall" shared="true"


Adding optional features to already-installed clients:
The IBM Lotus Sametime client can be easily updated at any time after the initial
installation.
Before you begin
There are several reasons to install an update, including:

v To install optional features. Sametime ships with several optional features - these
are provided with the release but are not automatically installed.
v To install a new feature that you have purchased from a 3rd party or developed
yourself using the Sametime SDK.
v To install an update that Lotus has provided to fix an existing client feature.
A basic Eclipse update site is provided in the optional-components directory of the

standalone client install CD and downloaded image. It includes all of the optional
features distributed with Sametime, including Microsoft integration features and
spell checker dictionaries for various languages. You can make updates to this site
yourself to remove features you do not plan to distribute, to add your own
features, or to add fixes.
Three options are available for delivering updates to Sametime Connect client
users:
v Automatic Updates: Administrators can provision new or updated Sametime
features to their clients in a ″push″ mode so that all clients use the same set of

features. The push method enables the client to receive updates automatically
whenever he or she logs in to Sametime.
v Optional Updates: Administrators can also provide new Sametime features to
their clients as an option. With the optional method, the user is notified that
optional updates are available when logging in to Sametime. The user selects
which updates to install, if any.
Note: The optional update feature is the recommended approach for any
updates that are not required. If the optional site is configured before the initial
client install, it provides a seamless initial install experience. A user installs the
client, and is presented with a prompt to select optional features at first log in. It
requires less communication and manual interaction than the manual update
method.
v Manual Updates: Administrators either distribute update sites (zip or jar files)
or post them to a Web server, and provide the users with instructions for
manually installing the updates using the tools in the connect client.
About this task
Setting up automatic updates
To set up your server so that client updates are installed automatically, specify the
″Sametime update site URL″ on each of your Sametime servers.
Instant Messaging.
2. Locate the ″Sametime update site URL″ setting in the Instant Messaging section
of the policy.
3. Specify the URL for the update site where you will post required updates.
Updates of features from this site are required and will be installed
automatically; the client is not provided a choice. For Lotus Sametime 8.0
connect clients, you can specify more than one URL by separating them with
semi-colons or commas.
When the user logs in from the client, the client checks the Sametime update
site URL setting for the appropriate policy on the default Sametime server.
adminUpdatePolicyURL value. (The policy setting was not available prior to
Sametime 7.5.1.)
When the client logs in and connects to the specified update site, it silently
downloads all updated features it finds and installs them. Once installation is
complete, the user receives a textbox announcing that new updates have been
installed and that the user should restart the Sametime client. The user can
click the restart button or press a five-minute delay button. If the user is
involved in chats with other users, he or she can continue to delay restart for as
long as he wishes by continuing to press the restart button at five-minute
intervals. After the restart, the client checks again to see if there are more
updates, and if it finds none, the user is not interrupted again. This update
process takes place each time the user restarts his client and logs in.

Setting up optional updates
To set up your server so that your users are presented with a selection of optional
updates, specify the ″Sametime optional add-on site URLs″ on each of your
Sametime servers.
Instant Messaging.
2. Locate the ″Sametime optional add-on site URLs″ setting in the Instant
Messaging section of the policy.
3. Specify one or more URLs for update sites where you will post optional
updates.
optionalUpdatePolicyURL value. (The policy setting was not available prior to
Sametime 8.0.)
When the client logs in, it scans all of the optional update sites listed to find
any available updates that match the client configuration. If any updates are
found, the client displays a message alerting the user that updates are available
with an option to open the Update Manager (which is pre-populated with the
list of sites defined in the policy). The alert also allows the user to disable
further checking on startup. (This preference can also be set in the Contact List
preferences). From the Update Manager, the user can select which updates (if
any) they would like to install, then follow the instructions in the update
panels to accept the license(s) and complete the install. If any updates are
installed, the client will prompt the user to restart.
Manually installing updates
In Sametime Connect, the user can manually install updates by choosing Tools >
Plug-ins > Install plug-ins. The user can then:
1. Select Search for new features to install, and then click Next.
2. Add an update site:
v If remote, select Add Remote Location..., specify a name for the update site
and provide the URL for the site.
v If a local directory, select Add Folder Location..., and select the directory
where the update site exists.
v If a local archive, select Add Zip / Jar Location... and select the update site
archive.
For example, if you have access to the Standalone client install CD or
downloaded image, you can click New Archive Site.... Then navigate to the
optional-components directory and select optional-components-update-
site.zip.

3. Click OK to add the new update site, and then click Finish. After a short time,
the Update window appears
4. Expand the update site and select the updates you wish to install from the
available list. Then click Next.
5. You must agree to the license terms to continue.
6. In the next window, click Finish to install. Verify by clicking Install.
7. Restart the Client.
Installing the Sametime Connect client from a CD

installer CD or corresponding downloaded image.
Installing the Sametime Connect client from CD on Windows:
installer CD or corresponding downloaded image on a Microsoft Windows client.
Before you begin
If the installation has been customized to install Microsoft Office Integration

features, you must ensure that no Office or Outlook processes are running at the
time of the install. For more information, see the IBM Tech Note 1307607 at:
About this task
Follow these steps to install the Sametime Connect client on a Windows client.
1. If the Sametime Connect client is running, shut it down before attempting to
install the newer version.
2. Important: Make a back-up copy of the directory where the earlier version of
the client is installed, in case you need to revert to it.
3. Navigate to the root of the CD or downloaded image.
4. Double-click setup.exe to begin the installation.
If you have previous releases of the Connect client installed:
The default operation is to uninstall an existing client, but because the 8.5
client installs to a different directory, you can choose to retain the 7.5.x client
by running the new installation with a special flag, as follows:
setup.exe /v"STUNINSTALL75=0"
The 8.5 client installs to the same path as the 8.0.x client, you cannot retain
the older client when you install the 8.5 client; the new client will replace the
old client.
5. Enter the required information when prompted.
6. When the installation completes, launch the Sametime Connect client; by
default Sametime Connect is installed to C:\Program Files\IBM\Lotus\Sametime
Connect.
Configuring the silent install for Connect client:

You can enable the silent installation of the IBM Lotus Sametime Connect Client on
Windows using two files that are provided on the client standalone installer CD
and the associated downloaded image.
About this task
Copy the setup.bat and the silentinstall.ini files from the root of the CD or
download, and then update them to tailor the installer to your requirements.
Updating the setup.bat file
The batch file (setup.bat) contains several different commands that can be used to
perform different installation functions. Some of the commands are commented out
by default but can be uncommented and updated if the function is needed.
Detailed explanations are included in the setup.bat file.
v Uninstalling older, pre-7.5.x Sametime Connect clients
Three commands are provided to shutdown, uninstall, and cleanup an older,
pre-7.5.x installation of the connect client. These commands are commented-out
by default. If this functionality is needed, uncomment these lines and configure
the paths to the old Sametime install directory as needed for your environment.
v Several sample commands are provided for different methods of executing the
silent install.
– The first option executes the installer silently and uses a silentinstall.ini file to
preconfigure connection settings.
This is the default. If you choose to use one of the other methods, comment
out this command.
– The second option executes the installer silently and migrates the connection
settings from an existing, earlier (pre-7.5) version of Sametime.
This option does not use the silentinstall.ini file. If you choose to use this
method, uncomment this command.
– The third option executes the MSI version of the installer silently, using a
silentinstall.ini to preconfigure the connection settings. If you choose to use
this method, uncomment this command.
The commands in the setup.bat file contain several configuration parameters:

Table 51. Sametime Connect command line parameters
parameter description
install.log The name of the log file created by the
installer. The file is created in the same
directory as the installer.
INSTALLDIR={path} Full path to the desired installation directory
STSILENTINIFILE={name} Name of the silentinstall.ini file
STSILENTINSTALL=TRUE Must be TRUE for silent execution
STMIGRATESETTINGSPRE75CHK Instructs the installer to migrate connection
settings from an existing pre-7.5 version of
Sametime.
LAPAGREE= Set to YES to indicate acceptance of the
license agreement. This must be specified on
the command-line when the silentinstall.ini
file is not used. When silentinstall.ini is
used, LAPAGREE is set in that file.

Updating the silentinstall.ini file
The silentinstall.ini file contains configuration parameters for the Lotus Sametime
Connect client. The settings are used to pre-populate the community-config.xml file
with server connection information and other parameters required by the installer
for silent execution.
Table 52. silentinstall.ini file
LAPAGREE=NO You must change this parameter to YES to
indicate acceptance of the license agreement.
STSERVERNAME=stservername.domain.com Fully qualified host name of the Sametime
server. Normally this should be the same as
the home Sametime server specified in the
person document.
STCOMMUNITYNAME= Community name
YourCommunityName
STSERVERPORT=1533 Sametime Server IP Port number
STSENDKEEPALIVE=true Flag for sending keep alive signal.
STKEEPALIVETIME=60 Default is 60 seconds. Indicates how often to
check the connectivity between the client
and server, allowing timely notification if
disconnected.
STCONNECTIONTYPE75=direct Connection type
STPROXYHOST=Proxy port number (leave Proxy host name (leave blank if not used)
blank if not used)
STPROXYPORT= Proxy port number (leave blank if not used)
STRESOLVELOCALY75= Proxy resolves local flag (TRUE/FALSE)
STPROXYUSERNAME= Proxy user name (leave blank if not used)
STPROXYPASSWORD= Proxy password (leave blank if not used)

Table 52. silentinstall.ini file (continued)
STCOUNTRYLANG=en Specify one of the Language codes listed
below to set the language used by the
Sametime Connect client. If not specified,
the client machine’s default language will be
used.
v cs - Czech
v da - Danish
v de - German
v el - Greek
v en - English
v es - Spanish
v fi - Finnish
v fr - French
v hu - Hungarian
v it - Italian
v ja - Japanese
v ko - Korean
v nl - Dutch
v no - Norwegian
v pl - Polish
v pt - Portuguese (Portugal)
v pt_BR - Portuguese (Brazil)
v ru - Russian
v sv - Swedish
v tr - Turkish
v zh_CN - Chinese (simplified)
v zh_TW - Chinese (traditional)
STAUTHSERVERURL= Specifies the URL of the Auth Server for
SSO Token Login (leave blank if not used)
See Configuring the Sametime Connect

client for token login for additional
information.
STLOGINBYTOKEN=false Login By Token flag. TRUE/FALSE
STUSEAUTHSERVER=false Use Auth Server flag. TRUE/FALSE
STLOGINATSTARTUP=false Login at startup flag. TRUE/FALSE
STUNINSTALL75=1 Uninstall Sametime 7.5.x client flag:
1=uninstall 7.5.x client if found
0=leave 7.5.x client installed

STUNINSTALLPRE75=1 Uninstall Sametime clients older than release
7.5:
1=uninstall pre-7.5 client if found (default)
0=leave pre-7.5 client installed

Installing the Sametime Connect client from the network
Providing installation files on the network allows users to download the Lotus
Sametime Connect Client without CDs or download images.
Installing the Sametime Connect client from the network on Windows:
When network installation files are available, users can install Lotus Sametime
Connect from a Web browser on Windows.
in the \network-install\install\deploy directory:
2. Using a Web browser, open the Sametime Welcome page on your Sametime
server.
For example, if the fully qualified host name of your Sametime server is
stserver.com, you open http://stserver.com/stcenter.nsf.
3. Click Download Lotus Sametime Connect 8.5 Client to display the ″Welcome
to the IBM Lotus Sametime Connect 8.5 Client Download Site″ page.
4. Click Install Now to begin the download and installation process.
Once all files have been downloaded, the actual client installer will start.
Follow the instructions in the installer and enter the required information to
complete the installation.
Tip: If there are problems running the network client installer applet, or if you
want to install at a later time, you can select Save from the Welcome page
instead. This shows you a downloads page where you can select the operating
system of the installer you wish to save and follow the instructions for
downloading the installer for later use.
Installing the Sametime embedded client for Lotus Notes

Install the IBM Lotus Sametime embedded client to a Lotus Notes client.
Installing the embedded client on Windows:
Install the IBM Lotus Sametime embedded clients on a Lotus Notes client running
on Microsoft Windows.
About this task
The Lotus Sametime embedded client installs directly into the Lotus Notes
directory. If you have already installed a previous version of the embedded client,
it is upgraded to this new version.
1. Download the installation package for the Lotus Sametime embedded client if
you have not already done so.

2. Stop the Lotus Notes client.
3. Double-click the setup.exe file to begin installation:
a. Select a language and click Next.
b. Click Next as needed to proceed through the installation screen.
4. Verify the installation:
a. Help → About IBM Lotus Notes
b. Click Feature Details.
c. Verify that ″Sametime Application″ appears in the list of features with
″8.5.0″ at the beginning of its version information.
d. Close the dialog box.
Starting and stopping servers in a Lotus Sametime

deployment
Starting and stopping servers running on WebSphere Application

Server
Starting and stopping the Deployment Manager:
About this task
Before starting Lotus Sametime Servers, the Deployment Manager must be running
for each cell.
Windows only: You can also use the Start - Programs menu to use the Start and
Stop menu commands.
1. In a command window, navigate to the app_server_root/profiles/
DeploymentManagerName/bin directory for the Deployment Manager you want
to start:
2. Run the following command to start and stop the Deployment Manager:
./startManager.sh
./stopManager.sh dmgr -username admin_user -password admin_password
Windows
startManager.batstopManager.bat dmgr -username admin_user -password
admin_password
IBM i
startManager dmgr
stopManager dmgr -username admin_user -password admin_password.

Related tasks
Related reference
Starting the Lotus Sametime System Console:
Before you begin
Verify that the Deployment Manager is running for the cell.

1. In a command window, navigate to the local app_server_root/profiles/
STSCAppProfile profile directory and change to the bin directory:
./startNode.sh
Windows
startNode.bat
IBM i
startNode
What to do next

Related tasks
Related reference
Command reference for starting and stopping servers:

Table 53. Server command directories
Type Primary node Secondary node
Sametime System Console STSCAppProfile/bin STSCSNAppProfile/bin
Meeting Server STMAppProfile/bin STMSNAppProfile/bin
Proxy Server STPAppProfile/bin STPSNAppProfile/bin
Media Manager STMSAppProfile/bin STMSSNAppProfile/bin
Table 54. Start server commands for AIX, Linux, or Solaris
Type Commands
Sametime System Console ./startNode.sh
Meeting Server ./startNode.sh
./startServer.sh STMeetingHttpProxy
./startServer.sh STMeetingServer
Proxy Server ./startNode.sh
./startServer.sh STProxyServer
Media Manager ./startNode.sh
./startServer.sh STMediaServer
Table 55. Stop server commands for AIX, Linux, or Solaris

Type Commands
Sametime System Console ./stopServer.sh STConsoleServer

-password password
Meeting Server ./stopServer.sh STMeetingServer
./stopServer.sh STMeetingHttpProxy

-password password
Proxy Server ./stopServer.sh STProxyServer -username

-password password

Table 55. Stop server commands for AIX, Linux, or Solaris (continued)
Type Commands
Media Manager ./stopServer.sh STMediaServer -username

-password password
Windows
The Start Programs menu is also a convenient way to start and stop Sametime
Table 56. Start server commands for Windows
Server Commands
Sametime System Console startNode.bat
Meeting Server startNode.bat
startServer.bat STMeetingHttpProxy
startServer.bat STMeetingServer
Proxy Server startNode.bat
startServer.bat STProxyServer
Media Manager startNode.bat
startServer.bat STMediaServer
Table 57. Stop server commands for Windows

Server Commands
Sametime System Console stopServer.bat STConsoleServer -username

-password password
Meeting Server stopServer.bat STMeetingServer -username
stopServer.bat STMeetingHttpProxy

-password password
Proxy Server stopServer.bat STProxyServer -username

-password password

Table 57. Stop server commands for Windows (continued)
Server Commands
Media Manager stopServer.bat STMediaServer -username

-password password
IBM i
Table 58. Start server commands for IBM i
Server Commands
Sametime System Console startNode
Meeting Server startNode
startServer STMeetingHttpProxy
startServer STMeetingServer
Proxy Server startNode
startServer STProxyServer
Table 59. Stop server commands for IBM i

Server Commands
Sametime System Console stopServer STConsoleServer -username

password
Meeting Server stopServer STMeetingServer -username
username-password password
stopServer STMeetingHttpProxy -username


password
Proxy Server stopServer STProxyServer -username

password

Related tasks
Starting and stopping servers running on Lotus Domino

Starting and stopping a Sametime server on IBM i while Domino is running:
IBM Lotus Sametime on IBM i is installed on an IBM Lotus Domino server. You
can start and stop a Sametime server without starting and stopping the Domino
server from running.
About this task
1. On any IBM i, command line, enter the Work with Domino Console command
and press F4:
WRKDOMCSL
2. Enter the server name and press Enter.
v To start the Sametime service on a Domino server that is already running,
type this command:
load STADDIN2
v To stop the Sametime services without stopping the Domino server, type this
command:
tell STADDIN2 Quit
4. Periodically press F5 to refresh your screen and look for a message to confirm
that Sametime has started or stopped.
Starting and stopping Domino and a Sametime Community Server on IBM i:
Learn how to start and stop a Sametime Community Server running on IBM i.
Starting Domino and a Sametime Community Server on IBM i:
Follow these instructions to start a Sametime Community Server on IBM i from an

IBM i command line.
About this task
Follow these steps to start both Domino and a Sametime Community Server.
1. From any IBM i command line, run the following command:
WRKDOMSVR

2. On the Work with Domino Servers display, start the server by typing 1 in the
Opt column next to the Domino server where you added Sametime and press
Enter.
3. Press Enter to confirm your server selection.
4. Periodically press F5 to refresh your screen and wait for the Domino server
status to be *STARTED.
To confirm that all Sametime components have started, type 5 in the Opt
column next to the server and press Enter to display the Domino console. On
the Display Domino Console display, look for the message ″Sametime: Server
startup successful″ which indicates that all Sametime components have started.
You may need to press F5 periodically to refresh the screen until this message
is displayed.
Tip: You can also use IBM i Navigator to start the Sametime server by selecting
Network → Servers → Domino. Right-click on the Domino server where you
added Sametime and select Start.
Stopping Domino and a Sametime Community Server on IBM i:
Follow these instructions to stop a Lotus Sametime server on IBM i from an IBM i
command line.
About this task
Follow these steps to stop both Domino and a Sametime Community Server from
an IBM i command line.
1. From any IBM i command line, run the following command:
WRKDOMSVR
2. On the Work with Domino Servers display, stop the server by typing 6 in the
Opt column next to the Domino server where you added Sametime and press
Enter.
3. Press Enter to confirm your server selection.
4. Periodically press F5 to refresh your screen and wait for the Domino server
status to be *ENDED.
Tip: You can also use IBM i Navigator to stop the Sametime server by selecting
Network → Servers → Domino. Right-click on the Domino server where you
added Sametime and select Stop.
Uninstalling
Before you can install a newer version of IBM Lotus Sametime, you must uninstall
the currently deployed version.
About this task
Complete these tasks to uninstall Lotus Sametime components.
Removing a server from the console on IBM i


About this task
This procedure works for the following Lotus Sametime servers: Community
Server, Proxy Server, and Meeting Server. A Sametime Community Server reverts
back to using legacy policies if you remove it from the console.
Note: To unregister a Lotus Sametime Gateway server, see Removing a Lotus

Sametime Gateway server on IBM i from the console from the console.
1. Working on the server you want to remove, navigate to the console directory.
v Community Server
data directory.
v Proxy Server
v Meeting Server
3. If you are unregistering a Sametime Community Server or Meeting Server, start
Interpreter:
QSH
unregisterProductNode.sh
v Other servers
storing it in the console/logs. If the unregistration is successful, the utility
deletes the console.pid file from the console directory.
Removing the Sametime Community Server from an IBM i

Domino Server
You can remove Lotus Sametime files from a Lotus Domino server without
deleting the Lotus Sametime Community Server software from your system. Use
the RMVLSTDOM command to reverse the changes made when you ran the
ADDLSTDOM command after installing the Sametime Community Server.
About this task
When you remove Sametime Community Server from a Domino server, all files
related to Sametime that were added to the Domino server data directory or were

created while running Sametime components are removed. Updates that were
made to the Domino Directory, including person documents, server documents and
changes to the ACL are not removed. To remove Sametime from a Domino server,
follow these steps:
1. End the Domino server where you plan to remove Sametime.
2. On any IBM i command line, type the following command and press F4:
RMVLSTDOM
3. Enter the name of the Domino server where you want to remove Sametime and
press Enter.
4. When prompted, type a ″g″ to complete the Remove Sametime from a Domino
server command.
A message will appear indicating that Sametime has been removed.
5. Using the Domino Administrator Application, modify the Domino server
document by changing the Is this a Sametime server? field to No.
6. Delete any Sametime Connection documents between this Sametime server and
other Sametime servers.
7. Optional: If the Sametime Community Server used an LDAP directory, an
LDAP document for that server exists in the Directory Assistance database. You
may want to remove this and any other unnecessary documents from the
Directory Assistance database.
Results
The server is once again a Domino server.
If you want to delete the Sametime Community Server software from the system,
remove Sametime from your servers and then run the DLTLICPGM (Delete
Licensed Program) command.
v For Sametime Standard, delete 5724J23 option 1 and then delete 5724J23 *BASE.
v For Sametime Entry, delete 5724J23 *BASE.
Uninstalling IBM i Sametime servers running on WebSphere

Application Server
Run the uninstall scripts to uninstall the following components that are packaged
with Lotus Sametime: Lotus Sametime System Console, Lotus Sametime Proxy
Server, and Lotus Sametime Meeting Server.
Before you begin
Use the unregister utility to remove servers from the Sametime System Console
before uninstalling the Sametime software.
v Before uninstalling the Sametime System Console, unregister all servers
registered with the console, including the Community Server, Proxy Server,
Meeting Server, and Gateway.
v Before uninstalling a Meeting Server or Proxy Server, unregister the server from
the Sametime System Console.
About this task
Follow these steps to shut down the servers and run the uninstall scripts.
1. For the type of server you plan to uninstall, shut down the servers listed
below:

v Sametime System Console
Shut down the System Console Deployment Manager, the System Console
application server, and the associated node agent.
v Proxy Server
Shut down the Proxy Deployment Manager, the Sametime Proxy application
server, and the associated node agent.
v Meeting Server
Shut down the Meeting Deployment Manager, the Sametime Meeting
application server, and the associated node agent.
Interpreter:
QSH
3. Run the cd shell command, specifying the fully qualified path to the uninstall
directory for the server.
v Sametime System Console
cd /QIBM/UserData/Lotus/stii/STCONSOLE/STCONSOLE_date_time/
uninstallwhere date and time indicate when the system console was
installed.
v Proxy Server
cd /QIBM/UserData/Lotus/stii/STPROXY/STPROXY_date_time/uninstall
where date and time indicate when the proxy server was installed.
v Meeting Server
cd /QIBM/UserData/Lotus/stii/STMeetings/STMEETINGS_date_time/uninstall
where date and time indicate when the meeting server was installed.
4. Run the following shell command:
uninstall.sh
When the script completes, a summary of the results is displayed.
Results
If the uninstall was not successful, look at the log for more information. Fix the
problem, then try uninstalling again. The uninstall logs are stored in the following
location.
QIBM/UserData/Lotus/stii/logs
uninstall_ServerType_yyyymmdd_hhmm.log
For example, this log for uninstalling a meeting server was created at 3:07 A.M. on
December 15, 2009:
uninstall_STMEETINGS_20091215_0307.log
What to do next
When you have successfully uninstalled a server, there are other items associated
with Sametime that you may want to remove from the system.

v WebSphere Application Server installation
The WebSphere Application Server installation directory is typically shared by
all of the Sametime servers running on WebSphere Application Server. Do not
remove the WebSphere Application Server installation if there are any other
Sametime servers on the system that are still using it. The sample commands
below use the default installation directory.
To uninstall WebSphere Application Server, run the following QSH command:
/qibm/proddata/websphere/appserver/v7/sametimewas/uninstall/uninstall -silent
To remove the WebSphere Application Server data from the system, run the
following QSH commands:
rm -R /qibm/proddata/websphere/appserver/v7/sametimewas
rm -R /qibm/userdata/websphere/appserver/v7/sametimewas
v Sametime installation information
Remove installation information associated with the server you uninstalled in
one of these ways:
If you still have other Sametime servers on the system, you can remove the
installation information associated with the server that you uninstalled. Run the
following QSH command, specifying the appropriate date and time:
–
– Sametime System Console
rm -R /qibm/userdata/lotus/stii/STConsole/STConsole_date_time
– Proxy Server
rm -R /qibm/userdata/lotus/stii/STProxy/STProxy_date_time
– Meeting Server
rm -R /qibm/userdata/lotus/stii/STMeetings/STMEETINGS_date_time
If there are no other Sametime servers installed on the system, you can remove
all Sametime installation information, by running the following QSH command.
rm -R /qibm/userdata/lotus/stii
v Sametime databases
If you are certain that no other Sametime servers are still using the databases
used by the Meeting Server (MTG and POLICY) or the Sametime System
Console (STSC and POLICY), you can delete them. Remember that the POLICY
database is shared between the Meeting Server and the Sametime System
Console.
Related tasks
“Removing a server from the console on IBM i” on page 423
Uninstalling Sametime Gateway on IBM i

This topic explains how to uninstall a single server or cluster of IBM Lotus
Sametime Gateway servers running on IBM i.

About this task
On IBM i, the install and uninstall of WebSphere Application Server are separate
from Lotus Sametime Gateway. Uninstalling Lotus Sametime Gateway does not
affect the WebSphere Application Server installation. Complete details on
uninstalling WebSphere Application Server are available from the WebSphere
Application Server information center.
and node agents if you are uninstalling a cluster.
2. Start a QShell session.
3. Navigate to the following folder: stgw_server_root/_uninst
4. Type uninstalli5OS.sh
displayed.
7. Click Uninstall to begin the procedure. The progress is displayed on the screen.
8. When the uninstall is complete, read the summary information and click Finish
to exit the wizard.
node, running the uninstall utility as you would on a single server deployment.
Removing a Lotus Sametime Gateway server on IBM i from the console:
To remove an IBM Lotus Sametime Gateway server from the list of the Lotus
Sametime System Console’s managed servers, run the unregister utility on the
server. When you remove a server from the console, it can no longer be
administered from the console, but it does not have its own administration
interface. The only way to administer the server is by modifying configuration files
and the database directly. Because of these limitations, you should only unregister
the server if you are uninstalling, or performing some other activity that requires
removal of the product from the console.
/qibm/userdata/STGateway/ProfileName directory where ProfileName is the one
you specified when you installed the Gateway.
2. If this is the first time you have run a utility on this server, open the
Name and Password. Also you can specify the log level, which is not
mandatory.
4. Unregister the server by running the following command:
5. If you want to uninstall Lotus Sametime Gateway from the server, run the
following command: unregisterWASProduct.sh -uninstall
Results
storing it in the console/logs. If the unregistration is successful, the utility deletes
the console.pid file from the console directory.

Manually removing WebSphere Application Server on IBM i
Before you begin
If after an attempted Sametime install or uninstall, you have many files and folders
left in app_server_root/profiles/profile_name or app_server_root/bin, run the
WebSphere Application Server uninstall program to remove the rest of the files.
Remove WebSphere Application Server only if it is not in use by any other server
on the system.
About this task
Stop all java processes. Then follow the steps in the WebSphere Application Server
7 Information Center to remove unneeded WebSphere Application Server software
from the system.
Uninstalling the product on IBM i

Chapter 4. Migrating and upgrading
This section contains information about installing and configuring IBM Lotus
Sametime, while maintaining as much legacy data as possible, if you have used
previous versions of the product.
Upgrading Lotus Sametime

IBM Lotus Sametime 8.5 introduces many new features and components. You can
upgrade your existing Lotus Sametime servers in place; if you have meetings
enabled you can optionally add new components to your deployment.
Upgrading Lotus Sametime on AIX, Linux, Solaris, or Windows

Upgrade from previous releases of IBM Lotus Sametime on the IBM AIX, Linux,
Sun Solaris, or Microsoft Windows operating system.
About this task
You can upgrade from the following types of Lotus Sametime deployments:
v Lotus Sametime (release 7.5.1)
v Lotus Sametime Instant Messaging Limited Use (release 8.0, 8.0.1, and 8.0.2)
v Lotus Sametime Entry (release 8.0, 8.0.1, and 8.0.2)
v Lotus Sametime Standard (release 8.0, 8.0.1, and 8.0.2)
The upgrade process is the same for all servers up to a point; if you have meetings
enabled on your server there will be additional tasks to complete if you want to
migrate existing meetings to a new Lotus Sametime 8.5 Meeting Server.
Note: If you have a cluster of Lotus Sametime servers, you must upgrade all
servers in the cluster. A cluster cannot support servers running different releases of
Lotus Sametime.
Upgrading Lotus Sametime servers on AIX, Linux, Solaris, and

Windows
Upgrade one or more IBM Lotus Sametime servers running on IBM AIX, Linux,
Sun Solaris, or Microsoft Windows.
Disabling cluster replication:
Before you begin to an IBM Lotus Sametime server, you must disable cluster
replication to avoid sending or receiving configuration changes while preparing for
the upgrade.
About this task
If you have a cluster of servers, you must upgrade every server in the cluster. To
avoid sending or receiving configuration changes while you are preparing to
upgrade, disable cluster replication for all servers in the cluster. For more

information, see Disabling cluster replication for an entire server in the Lotus
Domino and Notes information center.
Removing meeting rooms from Enterprise Meeting Server:
If you have meeting services enabled on your IBM Lotus Sametime server and you
clustered the meeting rooms with Lotus Sametime Enterprise Meeting Server, you
must remove those servers from Enterprise Meeting Server before upgrading them.
About this task
Lotus Sametime 8.5 does not support the use of Lotus Sametime Enterprise
Meeting Server. Instead, you deploy one or more Lotus Sametime 8.5 Meeting
Servers and optionally cluster them using an IBM WebSphere network deployment.
Then you can set up URL redirects from your upgraded Lotus Sametime servers to
the new Meeting Servers so that when a user clicks a link to create or attend a
meeting on an upgraded server, the link is automatically redirected to the new
Meeting Server.
If you do not wish to install the Lotus Sametime 8.5 Meeting Server yet, you can
still create and host meetings on the upgraded server, but you cannot cluster the
meeting rooms.
Upgrading the Lotus Sametime server on AIX, Linux, Solaris, or Windows:
After you have completed the preliminary steps to prepare the environment,
upgrade each of your IBM Lotus Sametime servers.
About this task
If you are upgrading a cluster, be sure to upgrade each of the servers in the cluster
(and register each server with the Lotus Sametime System Console) before you
configure the cluster and register the cluster itself.
Checking for supported releases for Lotus Domino and Lotus Sametime:
Before upgrading to IBM Lotus Sametime 8.5, determine whether you first need to
upgrade your Lotus Domino and your operating system releases. You also need to
determine whether your current level of Lotus Sametime is supported by the Lotus
Sametime 8.5 upgrade process.
About this task
Follow these steps to ensure that the server you intend to upgrade is running on a
supported level of the operating system and that the current releases of Lotus
Domino and Lotus Sametime are supported by the upgrade process. If the server
includes an unsupported release of any product, you must complete an interim
upgrade to a supported product.
1. Check the operating system level on the computer where Lotus Sametime is
installed.
Make sure that your currently installed server releases, and product releases,
are all supported on the new operating system level. For information on system
requirements, see the Detailed System Requirements.
2. Check the Lotus Domino release on the server to be upgraded.

Lotus Sametime 8.5 requires Lotus Domino release 8.0 or later. Before installing
a newer release of Lotus Sametime to upgrade a Lotus Sametime server, verify
that host Lotus Domino server is at a supported level.
If your Lotus Sametime server is running on a version of Lotus Domino earlier
than 8.0, you must upgrade the Lotus Domino server to a supported version
before installing Lotus Sametime 8.5. The Lotus Sametime upgrade will fail for
any server that is not running a supported release of Lotus Domino, and can
only be corrected by upgrading the level of Lotus Domino and reinstalling
Lotus Sametime.
If the server is running Lotus Domino 8.0 or later, continue to the next step.
Otherwise, install a supported level of Lotus Domino before proceeding. For
details, see Installing a Lotus Sametime Community Server and supporting
software.
3. Check the Lotus Sametime release on the server to be upgraded.
Lotus Sametime 8.5 supports direct upgrades from Lotus Sametime 7.5.1 or
later. If your server is running an earlier release of Lotus Sametime, you must
complete an interim upgrade to one of the following releases of Lotus
Sametime: 7.5.1, 8.0, 8.0.1, or 8.0.2; then you can upgrade that release of Lotus
Sametime directly to release 8.5,
Backing up the Lotus Sametime data:
Before installing a new release of IBM Lotus Sametime you should back up all
important server data.
Before you begin
When upgrading Lotus Sametime on Microsoft Windows, IBM AIX, Linux or

Solaris, the install program provides the option of preserving your existing Lotus
Sametime data, which includes meeting information, contact lists and configuration
settings, or overwriting this information.
The IBM i installation program always preserves the Lotus Sametime data on
existing servers. If you do not want to preserve the Lotus Sametime data, remove
Lotus Sametime from the server with the RMVLSTDOM command before
installing the new release. After the installation completes, run the ADDLSTDOM
command to add Lotus ametime to the server again.
About this task
When backing up your Lotus Sametime data, include the following information:
Table 60. Lotus Sametime server data to back up
Data to back up Comments
names.nsf This is optional if you can replicate from
another Domino server. After upgrading to
Lotus Sametime 8.5, you will need to convert
the native Domino Directory to use LDAP
format in order to register the server with the
notes.ini Back up this file for possible reference after
upgrade.
da.nsf Back up this file if you are using directory
assistance.
Chapter 4. Migrating and upgrading 433

Table 60. Lotus Sametime server data to back up (continued)
vpuserinfo.nsf This contains user storage and privacy
information, such as contacts lists. If you
upgrade from a release earlier than 7.5, you will
need to upgrade the design on this database.
sametime.ini, It is not necessary to backup these files on IBM
stconfig.nsf i as they are saved automatically during the
upgrade process. The original sametime.ini and
stconfig.nsf files are saved in a subdirectory
of the server data directory. The name of the
subdirectory is STprevious_versionBU. For
example, the subdirectory name is ST751BU if
you upgraded from Sametime 7.5.1, and ST80BU
if you upgraded from Sametime 8.0.
All customized data files, templates or
applications (.ntf, .mdm, .scr, .bmp,
.mac, .smi, .tbl)
All ID files, desktop.dsk, and
pubnames.ntf
meetingserver.ini (Lotus Sametime Standard only) It is not
necessary to back up this file on IBM i because
it is saved automatically during the upgrade
process; the original meetingserver.ini file is
saved in the server data directory as
meetingserver.bak.
All recorded meeting files (.rap) (Lotus Sametime Standard only)
Upgrading the Lotus Sametime server application:
After you have verified that your server is running a supported version of IBM
Lotus Domino as well as a version of Lotus Sametime that can be upgraded
directly, upgrade the Lotus Sametime server application by installing the newer
release on top of it.
Before you begin
Complete any pending reboot actions you may have from installing other
applications. Make sure that all applications on the server computer (including the
Domino Server Administrator and the Web browser) are closed. All Domino
services must be stopped. Otherwise, you might corrupt any shared files and the
installation program might not run properly.
About this task
The Lotus Sametime 8.5 Community Server installs directly over the existing Lotus
Sametime server and uses the existing version of Lotus Domino.
Sametime server.
permissive.

3. Download the Sametime Community Server installation package if you have
not already done so.
Sametime and open the Server folder. Start the installation program by
running one of the following commands:
AIX
./setupaix.bin
Linux
./setuplinux.bin
Solaris
./setupsolaris.bin
Windows
setupwin32.exe
5. Select the language to use for the installation and click OK.
6. At the Welcome screen, click Next.
7. At the Licenses screen, click the I accept both the IBM and the non-IBM
terms option and click Next.
8. Select the option to install without the Lotus Sametime System Console. Click
Next.
9. Server Host Name.
Provide the fully qualified host name for this Lotus Sametime Community
Server. Do not use an IP address or the host’s short name.
10. Connect to Domino Server.
Enter the existing Domino administrator’s user ID and password, and then
click Next.
Use the common-name portion of the ID (not the hierarchical name that
includes slashes). The Sametime System Console validates the administrator
credentials on the Domino server.
11. Slide Conversion.
Do one of the following:

Select Use the Sametime server to host the slide conversion feature on the
current server, and then click Next.
Select Use Sametime slide conversion server to host the slide conversion
feature on a different Community Server, provide the host name and port to
connect to that server, and then click Next.
Select the user directory to be used with the Sametime Community Server,
13. HTTP Tunneling.
To allow Sametime clients to make HTTP-tunneled connections on port 80 to a
server with a single IP address, click Enable HTTP Tunneling, and then click
Next.
Selecting this feature increases the possibility that users in restrictive network
environments can exchange data in chats on a Sametime Community Server
that is extended to the Internet.
installation.
16. If prompted, click Finish to reboot the system.
Migrating data from pre-7.5 releases of Lotus Sametime:
The format for storing IBM Lotus Sametime user privacy information changed in
release 7.5. If you are upgrading from a release prior to 7.5, complete these tasks to
migrate user privacy information to the new format.
Upgrading the vpuserinfo.nsf template:
As part of upgrading IBM Lotus Sametime, you will need to replace the design of
the vpuserinfo.nsf database.
About this task
As part of a product upgrade, you will need to replace the design of the
vpuserinfo.nsf database with the stuserin.ntf template:
1. Start the Lotus Notes client.
2. Click File → Application → Open.
3. Select the Community Server you upgraded (select ″Local″ for the current
server).
4. Select the Configuration folder.
5. In the file name field, type vpuserinfo.nsf and then click Open.
6. Once the database is open, click File → Application → Replace Design.
7. Select the newly installed Lotus Sametime Community Server as the template
server, and then click the Show advanced templates option to locate the
″Sametime User Information″ (stuserin.ntf) template.
8. Click the stuserin.ntf template to select it, and then click Replace to update
the database’s design to match the template.
9. When you have finished, you can exit the Lotus Notes client.
Migrating user privacy information:

If you are upgrading from a version of IBM Lotus Sametime earlier than release
7.5, you will need to migrate privacy information to the newer format.
Before you begin
The format for storing privacy information changed in Lotus Sametime 7.5. If you
are upgrading from a release prior to 7.5, and your users have stored privacy
information (″Who can see me″) from the earlier release, then you need to migrate
this information by running a utility after upgrading. If the information is not
migrated, privacy information from the earlier release appears to be lost after
upgrading.
Note: There is no need to run this utility unless you have upgraded from a release
prior to 7.5 and your users have stored privacy data from the earlier release.
Considerations:
v If you delay running the utility, users may create additional privacy data on the
upgraded server. In this situation, the new data is stored in addition to the
existing data and it is not predictable which privacy record will be used.
Running the upgrade utility will not solve the problem. If necessary, the
administrator can manually delete one of the privacy records from
vpuserinfo.nsf.
v If you have multiple Lotus Sametime servers within a single community (but
have not configured them as a Community Services cluster), each of the servers
maintains a separate version of vpuserinfo.nsf. It is highly recommended that
you run the upgrade utility on each of the servers in the community
immediately after upgrading it to the new Lotus Sametime Community Server.
v If you have clustered the Lotus Sametime servers to support server failover and
load balancing, it is best to upgrade all of the servers at the same time, if
possible. Immediately run the upgrade utility on just one of the Lotus Sametime
servers in the cluster and allow the vpuserinfo.nsf updates to replicate to the
other servers.
v If it is not possible to upgrade all of the servers in the cluster at the same time,
consider advising your users to avoid creating additional privacy data until all
of the servers have been upgraded. If users who are connected to a server
running a release prior to 7.5 create new privacy data, it will be stored in the
older format. This may conflict with privacy data that has already been migrated
to the newer format. More than one privacy record for a user and conflicts
between the records can cause unexpected results. Running the upgrade utility
again will not solve the problem. If necessary, the administrator can manually
delete one of the privacy records from vpuserinfo.nsf.
v The time required to run the utility depends on the size of vpuserinfo.nsf . For
example, running the utility for a 2 GB vpuserinfo.nsf file may take 30 minutes.
v When the utility runs, two files are created in the Sametime server data
directory:
– vpuserinfo.nsf (time stamp): backup copy of vpuserinfo.nsf before it was
modified by the utility
– vpuserinfo.nsf.log (time stamp): log of activity which occurred when the
utility ran
Running the privacy migration utility on Windows:

Run the privacy migration utility to migrate user privacy information that was
stored prior to IBM Lotus Sametime 7.5 to the new format. An optional parameter
allows you to migrate privacy data for only a specified subset of your Lotus
Sametime users.
Before you begin
This example assumes the default Domino installation directory (c:\Program

Files\Lotus\Domino).
Example
1. If you intend to migrate privacy information for only a specified subset of your
Sametime users, create a text file containing the names of the users. For
example, create a text file called upgrade_util_filter.txt and save it in the
Domino installation directory or another accessible location. The file should
have each user specified on a separate line in the following format:
CN=John Smith/O=Acme
CN=Jane Doe/O=Acme
CN=Sally Brown/O=Acme
2. Stop the Sametime server
3. Open a Windows command prompt
c:\program files\lotus\Domino> upgrade_util.cmd
<sametime_server_data_directory> [<upgrade_util_filter_file>] (where
″c:\program files\lotus\Domino″ is the directory where the Domino server is
installed).
v If you do not specify the server data directory (the first parameter shown
above), the SametimeDirectory entry in the sametime.ini file is used.
v If you do not specify the upgrade util filter file (the second parameter shown
above), the UpgradeUtilFilter entry in the sametime.ini file is used.
v If there is no such entry in the sametime.ini, no filter will be used, meaning
migrating privacy information of all Sametime users.
Note: If you intend to use the <upgrade_util_filter_file> parameter, it should

be the second parameter, meaning you should also specify the
<sametime_server_data_directory> parameter.
5. Check the vpuserinfo.nsf.log file which has the latest time stamp to verify
that the utility ran successfully.
Running the privacy migration utility on AIX, Linux or Solaris:
stored prior to IBM Lotus Sametime 7.5 to the new format. to migrate privacy
information from AIX, Solaris, or Linux to the new format. An optional parameter
Sametime users.
Example
To run the utility after upgrading to Sametime 8, follow these steps:

example, create a text file called upgrade_util_filter.txt and save it in the server

data directory or another accessible location. The file should have each user
specified on a separate line in the following format:
CN=Jane Doe/O=Acme
2. Change directory to the data directory.
3. Make the script executable by running the following command.
- chmod u+x upgrade_util.sh
4. Stop the Sametime server.
5. Run the upgrade utility as the user defined for your Domino and Sametime
deployment, typically ″notes″:
upgrade_util.sh <domino_program_directory>
<sametime_server_data_directory> [ <upgrade_util_filter_file> ]
v The first two parameters should be specified, and the last parameter is
optional.
v If you do not specify the upgrade util filter file (the third parameter shown
above), the UpgradeUtilFilter entry in the sametime.ini file is used.
v If there is no such entry in the sametime.ini, no filter will be used, meaning
migrating privacy information of all Sametime users.
6. Check the vpuserinfo.nsf.log file which has the latest time stamp to verify that
the utility ran successfully.
Enabling cluster replication:
After all of the servers in the IBM Lotus Sametime cluster have been upgraded,
you can enable cluster replication once again to ensure that the servers are sharing
configuration information.
About this task
If you saved each server’s data during the upgrade, your previous cluster settings
still exist and you just need to enable replication among the servers. For more
information, see Replicating with all servers in a cluster in the Lotus Domino and
Notes information center.
If you did not save server data during the upgrade, you may need to recreate the
cluster as described in Clustering Lotus Sametime Community Servers in this
information center. You will need to return to this upgrade section after completing
the cluster configuration, so you may want to open the link in a separate browser
tab or window so you do not lose your place.
Upgrading a stand-alone Community Mux:
If your previous IBM Lotus Sametime deployment included a stand-alone

Community Mux, you can upgrade the multiplexer to release 8.5.
Before you begin
This task only applies to a stand-alone Community Mux; the multiplexer that
installs directly on the Lotus Sametime server was upgraded automatically when
you upgraded that server.

About this task
Lotus Sametime 8.5 supports a stand-alone Community Mux installed with an

earlier version of the product; however if you plan to support IPv6 addressing in
your deployment, you must upgrade the Community Mux (IPv6 addressing was
introduced in Lotus Sametime 8.0.2).
If you have more than one stand-alone Community Mux, upgrade all of them:
click OK.
Upgrading a remote Conversion Server:
If your IBM Lotus Sametime deployment includes a remote conversion server and
you will continue to host meetings on one or more upgraded Lotus Sametime
servers, you should upgrade the conversion server as well.
About this task
Your Sametime server may already be configured to use a particular conversion

server and port number. If you used a remote conversion server in a previous
release of Sametime, the configuration was migrated during the upgrade. You may
have specified the configuration when you installed Sametime or when you added
Sametime to a Domino server (i5/OS). Verify that the information is correct, or
update the server configuration.
1. On the upgraded Lotus Sametime server, verify the conversion server
configuration:
a. Open the stconvservices.properties file, which is located in the Sametime
server data stconversion subdirectory.
b. Check the value for RemoteConversionURL setting:
v If no remote conversion server has been configured, the setting looks like:
#RemoteConversionURL=http://conversions1.ibm.com:8081;
http://conversions2.ibm.com:8081/servlet/stconversion
v When one remote conversion server is configured, the # is absent at the
start of the line, the server name is correct, and everything between the
semicolon and the end of the line is deleted. For example:
RemoteConversionURL=http://stconv.acme.com:19610/servlet/stconversion
Note the port number (19610 in the example) to use when you run the

v If more than one conversion server is configured, there is no # sign, and
data for each server is separated by a semicolon. For example:
RemoteConversionURL=http://stconv1.acme.com:19610/servlet/stconversion;
http://stconv2.acme.com:8081/servlet/stconversion
Find the entry for the conversion server that you plan to install, and note
the port number.
c. Save and close the file.
d. If you updated the file, restart the Lotus Sametime server now.
2. Upgrade the remote conversion server:
The Lotus Sametime Conversion Services installation program is located in the
Lotus Sametime 8.5 Community Server package.
a. Move to the computer hosting the remote conversion server that you will
upgrade.
b. Download the conversion server installation program or insert the CD
containing it, and start the installation.
c. Select a language for the installer, and click Next.
d. Select the option to install Sametime Conversion Services, and click Next.
e. Follow the prompts presented to complete the installation.
f. When you are prompted for the port on which the conversion service will
listen, specify the port number you noted when you verified the Sametime
server configuration in Step 1.
g. If you installed Conversion Services on Microsoft Windows 2000, restart the
server.
h. If your users will be posting documents that contain text for languages
other than English, verify that the locale for your Conversion Server is set
appropriately.
Results
The conversion services component starts automatically when you restart the
server. To start the conversion services manually, click Start > Administrative tools
> Services.
Upgrading a stand-alone Reflector:
Audio and video services provided by the IBM Lotus Sametime Reflector will not
be available in this release to assist client-to-Sametime client audio/video
communication.
About this task
The Lotus Sametime Reflector is a server application that helps to establish

audio/video sessions between Lotus Sametime clients across a firewall. This initial
release of Lotus Sametime 8.5 does not include a Reflector component; the service
may appear to be running, but will not function. In this release, the Lotus
Sametime 8.5 client can only establish audio and video connections with other
Lotus Sametime 8.5 clients.
Release 8.5 audio/video services can co-exist with release 7.5.x and 8.0.x
audio/video services, with the following restrictions:
v The 8.5 client cannot establish an audio or video call with 7.5.x or 8.0.x clients

client
v The 8.5 client cannot use the Lotus Sametime Reflector
Next steps:
After you have completed an upgrade of one or more IBM Lotus Sametime
servers, the instant messaging, awareness, and presence features are ready to use.
If your previous deployment included the online meetings feature, you can either
use them on the upgraded server (as in previous releases) or migrate meetings to
the Lotus Sametime 8.5 Meeting Server.
About this task
If your Lotus Sametime server does not have the online meetings feature enabled,
or meetings are enabled but you intend to continue creating and hosting them on
the upgraded servers, then your upgrade is complete and you are ready to begin
using Lotus Sametime 8.5.
You only need to continue to next upgrade section if your Lotus Sametime server
has the online meetings feature enabled and you want to migrate them to the new
Lotus Sametime 8.5 Meeting Server. To migrate meetings, you will need to set up
an LDAP directory (if you are currently using native Domino authentication),
install new Lotus Sametime 8.5 components, and then set up URL redirects from
the upgraded servers to one or more newly installed Meeting Servers. All of these
tasks are discussed in detail in the next section.
Expanding the deployment to host meetings on a Lotus

If you have upgraded one or more IBM Lotus Sametime servers and have the
meetings feature enabled, you can choose to migrate the meetings to a Lotus
Sametime 8.5 Meeting Server and take advantage of new features such as
persistent meeting rooms.
About this task
This section applies only to deployments where the upgraded servers have online
meetings enabled and you want to migrate them to the new Lotus Sametime 8.5
Meeting Server. To migrate meetings, you will need to set up an LDAP directory,
tasks are discussed in detail in this section.
Note: This section discusses installing new Lotus Sametime 8.5 components.
Information on topics such as configuration, administration, tuning, and
troubleshooting appears elsewhere in this information center.
Replacing the Domino Directory with an LDAP directory:
If you configured IBM Lotus Sametime to use a native IBM Lotus Domino
ddirectory for user authentication in a previous release, you must convert the
directory to LDAP format for use with Lotus Sametime 8.5.

About this task
Lotus Sametime 8.5 requires the use of an LDAP directory for user authentication.
Rather than installing a new LDAP directory, you can convert your existing Lotus
Domino Directory to LDAP format. Complete this task before installing the Lotus
Sametime System Console for the new deployment.
Shutting down the Sametime services while keeping the Domino services active:
To replace the Domino directory with an LDAP directory, shut down the Sametime
services while you make configuration changes on the Sametime server.
About this task
You must leave the Domino server running so you can access Domino databases
on the server.
2. In the Domino server console, type the following command:
For Windows, AIX, Linus, and Solaris servers:
Tell STADDIN Quit
For IBM i servers:
Tell STADDIN2 Quit
Creating a Directory Assistance database:
Setting up Directory Assistance enables Web browser users to authenticate against

entries in the LDAP directory when accessing databases on the Lotus Sametime
server that require basic password authentication. Sametime Connect clients do not
require Directory Assistance.
About this task
Because Lotus Sametime uses Directory Assistance to access an LDAP server, you
must ensure that a Directory Assistance database exists on the Sametime server
either by creating a new database or replicating an existing one. Use the same
process to set up Directory Assistance for a Sametime server as you would for a
Domino server without Sametime.
Follow these steps to create a new Directory Assistance database.

1. Open a Lotus Notes client.
2. Choose File → Database → New.
3. Select the Sametime server (or select the Local server if you are running
Sametime on a Windows server and you opened the Notes client on the
server).
4. Create the Directory Assistance database on the server using the template
DA50.NTF. Provide a database name and file name (for example, da.nsf) for the
Directory Assistance database.
What to do next
To replicate a database instead of creating a new one, create a new replica of the
Directory Assistance database on the Sametime server. Then create a Connection
document to schedule replication of the database. See your Domino server
administration documentation for information on replication.

Identifying the Directory Assistance database on the Sametime server:
After you have ensured that a Directory Assistance database exists on the
Sametime server, you must identify the Directory Assistance database on the
Sametime server.
About this task
Enter the database filename in the ″Directory Assistance database name″ field in
the Basics section of the Sametime server’s Server document.
1. From a Notes client, choose File → Database → Open.
2. Select the Sametime server (or select the Local server if you are running
Sametime on a Windows server and you opened the Notes client on the
server).
3. Select the Domino directory (names.nsf) and click Open.
4. Select Server → Servers to open the Servers view.
5. Double-click the name of the Sametime server to open the Server document.
6. If necessary, select the Basics tab of the Server document.
7. Click Edit Server.
8. In the ″Directory Assistance database name″ field, enter the filename (for
example, da.nsf) of the Directory Assistance database.
Creating a Directory Assistance document:
The Directory Assistance database on the Sametime server must contain a

Directory Assistance document that enables the Sametime server to access the
LDAP server.
About this task
Follow these steps to create the Directory Assistance document for the LDAP
server. You can change the suggested values shown below as required by your
environment.
1. From the Notes client, open the Directory Assistance database (usually named
da.nsf) on the Sametime server.
2. Click Add Directory Assistance.
3. In the Basics tab, make these settings:
Setting Value
Domain type Select LDAP.
Domain name Enter any descriptive name; the name must be

different from any other in Directory Assistance.
Do not use the Domino domain name.
Company name Enter the name of your company.
Search order The suggested value is 1. The search order specifies

the order this directory is searched relative to other
directories in Directory Assistance.

Setting Value
Make this domain available to: Both Notes clients and LDAP clients choices are
checked by default
Group authorization The suggested setting is Yes. This setting enables

Directory Assistance to examine the contents of
groups in the LDAP directory. This capability is
necessary if you enter the name of a group defined
in the LDAP directory in the ACL of a database on
Nested group expansion The suggested setting is Yes. This setting enables
Directory Assistance to examine the content of an
LDAP directory group that is a member of another
LDAP directory group. This capability is also used
when an LDAP directory group name is entered in
the ACL of a database on the Sametime server.
Enabled Set to Yes to enable Directory Assistance for the

LDAP Directory.
4. Select the Naming contexts (Rules) tab. Configure Rule 1 as needed for your
Domino environment. The suggested values for Rule 1 are as follows:
v The OrgUnit1, OrgUnit2, OrgUnit3, OrgUnit4, Organization, and Country
fields should all contain an asterisk. Using all asterisks in this setting ensures
that all entries in the LDAP directory can be searched and authenticated.
v The ″Enabled″ and ″Trusted for Credentials″ fields should both be set to
″Yes.″
5. Select the LDAP tab. The LDAP tab contains the following settings:
Setting Value
Hostname The host name for the LDAP server (for example,
ldap.acme.com).
Optional Authentication Credential: Binding parameters to the LDAP server.
If entries exist in the ″Administrator distinguished

name″ and ″Administrator password″ fields in the
LDAP Directory-Connectivity settings of the
Sametime Administration Tool, the Sametime server
binds to the LDAP server as an authenticated user.
If there are no entries in the ″Administrator

distinguished name″ or ″Administrator password″
fields, the Sametime server binds to the LDAP
server as an anonymous user.
Username Complete this field if you want your Sametime

server to bind to the LDAP server as an
authenticated user. Otherwise, leave this field
empty. Suggested values for Microsoft Active
Directory server are: cn=qadmin, cn=users,
dc=ubq-qa, dc=com

Setting Value
Password Complete this field if you want your Sametime

server to bind to the LDAP server as an
authenticated user. Otherwise, leave this field
empty. Enter the password for the Username
specified above.
Base DN for search Specify a search base. A search base defines where
in the directory tree a search should start.
Suggestions for this setting are:
Domino directory - An example value is

″O=DomainName,″ where ″DomainName″ is the
Lotus Notes domain (for example O=Acme).
Microsoft Exchange 5.5 directory - An example

value is ″CN= recipients,
OU=ServerName,O=NTDomainName,″ where
ServerName is the Windows server name and
NTDomainName is the Windows NT® Domain (for
example, CN=recipients,OU=Acmeserver1,
O=NTAcmedomain).
The Microsoft Exchange 5.5 example above

assumes that the directory is using the default
directory schema. If you have changed the schema
of the Microsoft Exchange 5.5 directory, the entry in
the Base DN for search field must reflect the new
schema.
Microsoft Active Directory - An example value is

″CN=users, DC=DomainName, DC=com.″
Netscape LDAP directory - Use the format O=

followed by the organizational unit that was
specified during the Netscape server setup. If you
are uncertain about this entry, use the
administrative features of the Netscape server to
determine the appropriate entry.
Channel encryption Select None. For information on using Secure

Sockets Layer (SSL) to encrypt the connection
between the Sametime server and the LDAP server,
see Use SSL to authenticate and encrypt the
connection between the Sametime server and the
LDAP server.
Port Enter the port number used to connect to the

LDAP server. The default setting is port 389.
Accept expired SSL certificates Choose the option that suits your environment
SSL protocol version Choose the option that suits your environment
Verify server name with remote Choose the option that suits your environment’
server’s certificate
Advanced options

Setting Value
Timeout The suggested setting is 60 seconds. This setting

specifies the maximum number of seconds allowed
for a search of the LDAP directory.
Maximum number of entries returned The suggested setting is 100. This setting specifies
the maximum number of names the LDAP server
will return for the name searched. If the LDAP
server also has a maximum setting, the lower
setting takes precedence.
De-reference alias on search Choose the option that suits your environment,
usually set to ’Never.″
Preferred mail format Depends upon the directory; the options are
Internet mail address and Notes mail address
Attribute to be used as Notes Should always be blank
Distinguished Name
Type of search filter to use Options are standard, Active Directory or custom;
depends upon your directory. Most often ’standard’
is used. If you use Active Directory, choose AD,
and if you want complete control over how
directory assistance searches the directory, choose
’custom.’ There is additional ’hover-over’ help with
each option: custom, AD, and standard.
6. Click Save & Close. The warning message notifies you that your connection
does not include SSL settings; you can ignore the warning and continue with
the procedure.
Creating an LDAP document in the Configuration database:
The LDAP document in the Configuration database holds the LDAP Directory
settings that enable Lotus Sametime to search and authenticate against entries in
the LDAP directory.
About this task
Follow these steps to create an LDAP document in the Configuration database on

1. Use a Lotus Notes client to open the Sametime Configuration database
(stconfig.nsf) on the Sametime server.
2. Select Create → LDAPServer.
A document opens that contains the LDAP administration settings.
Choose File → Save to save the LDAP document.
3. Close the LDAP document and close the Lotus Notes client.
Renaming or editing Domino files to convert to using an LDAP directory:
When you convert an IBM Lotus Domino Directory with an LDAP directory, you
must also change configuration files to reference the directory using LDAP format.

About this task
Perform the procedure that corresponds to the operating system on which the
Lotus Sametime server is running.
Copying and renaming .DLL files on Windows:
When you convert the IBM Lotu sDomino Directory to LDAP format, you must
also copy and rename .DLL files for use with the LDAP directory.
About this task
If your Lotus Sametime server runs on the Microsoft Windows operating system,
perform this procedure:
1. On the Lotus Sametime server, create a working directory to copy files to so
that you can rename them.
2. Copy the ″STAuthenticationLdap.dll″ from the directory C:\Program
Files\Lotus\Domino\Directory BB\Ldap to the working directory.
3. In the working directory, rename the ″STAuthenticationLdap.dll″ file to
″STAuthentication.dll.″
4. Copy the renamed ″STAuthentication.dll″ file to the C:\Program
Files\Lotus\Domino or $installeddir\Lotus\Domino.
Note Copying the ″STAuthentication.dll″ file to the C:\Program
Files\Lotus\Domino or $installeddir\Lotus\Domino will overwrite an
existing file of the same name.
5. Copy the file ″STGroupsLdap.dll″ from the directory C:\Program
6. Rename the ″STGroupsLdap.dll″ file to ″STGroups.dll.″
7. Copy the renamed STGroups.dll file to the C:\Sametime directory.
Note Copying the ″STGroups.dll″ file to the C:\Sametime directory will
overwrite an existing file of the same name.
8. Copy the file ″STResolveLdap.dll″ from the directory C:\Program
9. Rename the ″STResolveLdap.dll″ file to ″STResolve.dll.″
10. Copy the renamed ″STResolve.dll″ file to the C:\Program
Note Copying the ″STResolve.dll″ file to the C:\Sametime directory will
overwrite an existing file of the same name.
11. Copy the ″StBrowseLdap.dll″ file from the directory C:\Program
12. Rename the ″StBrowseLdap.dll″ file to ″StBrowse.dll.″
13. Copy the renamed STBrowse.dll file to the C:\Program Files\Lotus\Domino
or $installeddir\Lotus\Domino.
14. Copy the ″StDirectoryListLDAP.sym″ file from the directory C:\Program
15. Rename the ″StDirectoryListLDAP.sym″ file to ″StDirectoryList.sym.″
16. Copy the renamed StDirectoryList.sym file to the C:\Program
17. Copy the ″StLdap.dll″ file from the directory C:\Program
Files\Lotus\Domino\Directory BB\Ldap to C:\Program Files\Lotus\Domino

18. Copy the ″stLdap.ini″ file from the directory C:\Program
Files\Lotus\Domino\Directory BB\Ldap to C:\Program Files\Lotus\Domino
Editing the sametime.ini file on AIX, Linux, and Solaris:
When you convert the IBM Lotus Domino Directory to LDAP format, you must
edit the sametime.ini file to indicate that an LDAP directory will now be used.
About this task
If your Lotus Sametime server runs on IBM AIX, Linux, or Solaris, perform this
procedure to edit the sametime.ini file in the Sametime server installation
directory. You must change the DirectoryType parameter from ″Domino″ to
″LDAP″ in the sametime.ini file.
1. Use a text editor to open the sametime.ini file located in the Sametime server
installation directory (for example, root/lotus/domino).
2. In the [CONFIG] section of the sametime.ini file edit the DirectoryType=
parameter so that it specifies LDAP as shown below:
DirectoryType=LDAP
3. Save and close the sametime.ini file.
Specifying LDAP as the directory type in the Sametime.ini file:
Edit the sametime.ini file to replace the Domino Directory with an LDAP directory.
1. Use a text editor to open the sametime.ini file located in the Sametime server
data directory.
2. In the [Directory] section of the sametime.ini file, edit the DirectoryType=
parameter so that it specifies LDAP as shown below:
DirectoryType=LDAP
Changing names to an LDAP format:
Run the Name Change task to ensure that the user and group names that are
stored in the vpuserinfo.nsf database on the Sametime server are converted from
the native Domino directory name format to an LDAP directory format.
About this task
Running the name conversion utility updates Lotus Sametime Community Server
user or group names with the latest directory changes. The name conversion utility
uses a comma-separated value list that you compile to change names, delete
names, or convert all names from Domino to Domino LDAP formatted names.
Users create a contact list, a privacy list, and an alert-me-when list in the IBM
Lotus Sametime Connect client by selecting user names or group names from the
Domino or Domino LDAP directory that is used with the IBM Lotus Sametime
Community server. These contact, privacy, alert-me-when lists are stored in the
user information database (vpuserinfo.nsf) on Lotus Sametime Community servers.
When a user starts the Lotus Sametime Connect client, the lists are downloaded
from the database to update the lists stored on the client’s local computer

You do not need to run the name conversion utility when you add new users or
groups to the Domino or LDAP directory.
Run the name conversion utility manually on a stand-alone Lotus Sametime

Community server, or on a server in a cluster which will replicate the change
throughout the cluster.
Note: Be sure to stop the Domino server before you run the name conversion
utility.
Configuring LDAP:
Specify the LDAP Directory settings that enable the Sametime server to search the
LDAP directory on the LDAP server and authenticate Sametime users against
entries in the LDAP directory.
About this task
Configuring the LDAP Directory settings requires previous experience with LDAP;
in particular you will need to know the following information:
v The structure (directory tree) of the LDAP directory the Sametime server will
access
v The schema of Person and Group entries in the LDAP directory
v How to construct LDAP search filters to access the attributes of Person and
Group entries in the LDAP directory
1. In the Sametime server home page, click Administer the Server.
2. Click LDAP Directory.
3. Enter the settings to enable your LDAP directory to access Sametime servers.
4. Click Save.
Updating search settings for policies:
Replace the Notes policy key in sametime.ini with a key for the LDAP directory
and verify that the search filter settings are correct for the LDAP server.
About this task
To switch from the Domino directory to an LDAP configuration, make the

following changes:
1. Stop the Sametime Policy service.
2. In the Policy section of the Sametime.ini file, replace the key:
POLICY_DIRECTORY_BB_IMPL=com.ibm.sametime.policy.directorybb.notes.DirNotesBlackBox
with this key:

POLICY_DIRECTORY_BB_IMPL=com.ibm.sametime.policy.directorybb.ldap.DirLdapBlackBox
3. Save the Sametime.ini file.

4. Click Administer the Server.
5. In the navigation pane, click LDAP Directory → Searching.
The top two search filter settings are for LDAP, and the lower two search filter
settings are for Policy.
6. Verify that the LDAP Server document holds the proper values for the
BaseMembership and GroupMembership fields.

The most effective policy search through the LDAP Directory may be using a
memberOf attribute. In this case, the Policy filter field contains this attribute
name, so if your LDAP Server provides the memberOf attribute, you should
know how to configure the use of this feature.
7. Save stconfig.nsf.
8. Using the ″tell http restart″ command in the Domino console, restart the
Domino HTTP server.
9. Restart the Sametime Policy service.
Reconfiguring the UserInfo servlet after switching from Domino to LDAP:
The UserInfo servlet must be reconfigured after switching from Domino to LDAP
to enable the Business Card to work.
About this task
To reconfigure the UserInfo servlet, follow these steps:

1. Open UserInfoConfig.xml in a text editor and replace all its contents with the
following, then save the file:
<UserInformation>
<ReadStConfigUpdates value="true"/>
<Resources>
<Storage type="LDAP">
<StorageDetails HostName="hera.haifa.ibm.com" Port="389" UserName=""
Password="" SslEnabled="false" SslPort="636" BaseDN="" Scope="2"
SearchFilter="
(&(objectclass=organizationalPerson)(|(cn=%s)(givenname=%s)(sn=%s)
(mail=%s)))"/>


<SslProperties KeyStorePath="" KeyStorePassword=""/>
<Details>
<Detail Id="MailAddress" FieldName="mail" Type="text/plain"/>
<Detail Id="Name" FieldName="cn" Type="text/plain"/>
<Detail Id="Title" FieldName="title" Type="text/plain"/>
<Detail Id="Location" FieldName="postalAddress" Type="text/plain"/>
<Detail Id="Telephone" FieldName="telephoneNumber" Type="text/plain"/>
<Detail Id="Company" FieldName="ou" Type="text/plain" />
<Detail Id="Photo" FieldName="jpegPhoto" Type="image/jpeg" />
</Details>
</Storage>
</Resources>
<ParamsSets>
<Set SetId="0" params="MailAddress,Name,Title,Location,Telephone,Photo,Company"/>
<Set SetId="1" params="MailAddress,Name,Title,Location,Telephone,Photo,Company"/>
</ParamsSets>
<BlackBoxConfiguration>
<BlackBox type="LDAP" name="com.ibm.sametime.userinfo.userinfobb.UserInfoLdapBB"
MaxInstances="5" />
</BlackBoxConfiguration>
</UserInformation>
2. Open the Sametime server home page and log in as an administrator.
3. Click Administer the server.
4. Click Configuration → Business Card.
5. Choose the attributes to display in user business cards:
v Photo
v Name
v Company
v E-mail address
v Telephone
v Address or location
v Title

6. Click Update.
7. Stop and restart Domino and Lotus Sametime.
Installing DB2 on Linux and Windows:
Before you begin
The DB2 installation provided with Lotus Sametime supports Linux 32-bit systems
and Windows 32-bit or 64-bit systems. If you have a 64-bit Linux system, either
install DB2 for Windows or install DB2 on a 32-bit Linux system instead. IBM i
includes DB2.
About this task
If you are running in a production environment, install DB2 on a separate

machine. In a pilot environment, you can install DB2 on the same machine on
which you plan to install Lotus Sametime System Console.
a. Log in as root on the Linux RedHat server where you will install DB2.
permissive.
as root (Linux).
3. Download the Sametime DB2 installation package if you have not already
done so.
4. Navigate to the folder where you extracted the files. Start the installation
program by running one of the following commands from the disk 1 folder:
Linux
./launchpad.sh
Windows
launchpad.exe
dropdown list.

6. Click Install IBM DB2 and click Install IBM DB2.
7. Leave the defaults selected and click Next.
If Installation Manager is already installed, the selection is dimmed.
9. At the next screen, accept the default locations.
Click Next.
10. At the next screen, accept the default location for the package group.
Click Next.
11. Select Create a new package group and accept the default location.
Click Next.
12. Confirm that all available features are selected, then click Next.
13. Create a new DB2 Application User ID that does not exist on the system. Then
supply a password that meets the operating system password policy
requirements as well as any additional requirements imposed by your
company. Confirm the password.
For information about passwords, see the Password Rules topic in the DB2
information center.
Important: This user cannot previously exist on the system. This user will be
created as a local operating system user during the DB2 installation process; if
your organization does not allow creation of local operating system users for
security reasons, exit this installer and install DB2 v9.5 using a different
package. This installer will not check to see if the user already exists.
Make a note of the DB2 Application User name and password. This user has
database administration authority and you will supply the name and
password when you install the Lotus Sametime System Console and when
you connect to DB2 databases later.
Then click Next.
installation.
The installation may take up to 20 minutes to install. You will receive
confirmation when it is complete.
Results
If the installation fails, click View Log File for more information. Logs are stored
Linux
Windows 2008
Windows 2003

What to do next
“Creating a database for the Lotus Sametime System Console on AIX, Linux,
Solaris, and Windows” on page 59
Setting up the Lotus Sametime System Console:
A new IBM Lotus Sametime 8.5 deployment uses a system console as the central
point for administering servers; all new Lotus Sametime 8.5 components must
connect to the console. Set up the Lotus Sametime System Console and its
prerequisite components before you install a Lotus Sametime 8.5 Meeting Server.
About this task
Setting up the Lotus Sametime System Console involves creating a database to

store console data, connecting the console to existing servers, and creating policy
settings on the console.
Installing the Lotus Sametime System Console:
About this task
Creating a database for the Lotus Sametime System Console on AIX, Linux, Solaris, and
Windows:
Before installing the Lotus Sametime System Console, create a database to store its
data.
Before you begin
Make sure you have installed DB2. If you previously created a System Console
database and want to run the script again to create a database of the same name,
use the DB2 DROP DATABASE command first to delete all user data and log files,
as well as any back/restore history for the original database. Also note that
uninstalling DB2 does not remove the data and log files.
About this task
create the database for the Lotus Sametime System Console.
during DB2 installation if you are not already logged in.
Linux and Windows: Now proceed to Step 3.
AIX and Solaris: Now proceed to Step 2.
2. Download the DB2 installation package if you have not already done so.

folder:
./createSCDb.sh STSC
Windows
createSCDb.bat STSC
Replace ″STSC″ in the command if you want to choose a different database
5. Close the command window.
Windows
Click Start → Programs → IBM DB2 → installed_DB2_instance → General
Administration Tools → Control Center.
Related tasks
Installing the console on AIX, Linux, Solaris, and Windows:
Run the install program to set up the Lotus Sametime System Console on AIX,
Linux, Solaris, or Windows.
Before you begin
Ensure that your DB2 server is installed and running with the db2start command,
and that the Lotus Sametime System Console database has been created.
work as well.)

About this task
Follow these steps to install the Lotus Sametime System Console.

a. Log in as root on the Linux RedHat server where you will install the
permissive.
3. Download the Sametime System Console installation package if you have not
already done so.
AIX, Linux, Solaris
./launchpad.sh
Windows
launchpad.exe
dropdown list.
6. Click Install IBM Lotus Sametime System Console and click Launch IBM
Lotus Sametime System Console 8.5 installation.
7. Leave the defaults selected to install IBM Installation Manager, Version 1.3.x
and IBM Sametime System Console server, Version 8.5.x. Click Next.
Note: If IBM Installation Manager is already installed on the system, its

selection will be dimmed.
8. At the Licenses screen, click I accept the terms in the license agreements and
click Next.
9. Accept the location for shared installation files and click Next.
10. Select Create a new package group. Accept the installation directory. Then
click Next.

11. Verify that IBM Sametime System Console server 8.5.x is selected as the
feature to install and click Next.
12. At the Common Configurations screen, verify the cell, node, and host name.
The Lotus Sametime System Console is a Deployment Manager and
administers a cell and any nodes federated into the cell for other Sametime
servers. In a production environment, the servers are in one geographic region
and in a pilot environment, the servers are all installed on one machine.
v Cell: This is the name of the WebSphere cell that will be created for the
System Console, such as systemNameSSCCell.
v Node: This is the name of the WebSphere node that will run the Sametime
applications in the Sametime System Console. It will be federated into the
cell during the installation process.
v Host Name: Use the fully qualified DNS name of the server you are
installing the Sametime System Console on. Make sure this DNS name is
resolvable from other servers you will be installing products on. Do not use
an IP address, a short host name, or localhost.
13. Create the WebSphere Application Server User ID user name and password,
then confirm the password.
This user will be created in a WebSphere local file system repository and does
not exist on the operating system or in an LDAP directory. It will be used to
administer the Sametime System Console server.
Make a note of the ID and password because you will need them later for
additional product installations and configuration. It will also be used to
administer the Sametime System Console server. Click Next.
14. At the Configure DB2 for the System Console screen, provide information for
connecting to the Sametime System Console database. Then click Next.
v Host Name: Use the fully qualified domain name of the server where you
installed DB2. Do not use an IP address or a short host name.
v The Port field shows the default port of 50000. Accept the default unless
you specified a different port during DB2 installation or your server is
using a different port.
availability. Check the /etc/services file on the DB2 server to verify the port
number being used.
v Database Name for the System Console/Policy: Enter the name of the
database you want to connect to. If you used the recommended name when
you created the Sametime System Console, the name is STSC.
v Application user ID: Enter the name of the database administrator you
created when installing DB2. The default is db2admin.
v Application password: Supply the password that you created when you
installed DB2, such as db2password.
15. Click Validate.
16. When the button label changes to Validated, click Next.
If the database connection is not successful, use the dbverify.log to debug the
problem. The log can be found in the temp directory for your operating
system.
/tmp
Windows
%TEMP%

installation.
Results
After a successful installation, the three components that are needed to run the
console start automatically: the Deployment Manager, the node agent, and the
Sametime System Console server. These must always be started before you can use
the system console.
Windows 2008
Windows 2003
SSC connection log:

What to do next

Related tasks
243
Logging in to the Lotus Sametime System Console:
About this task

What to do next

Related tasks
Connecting to an LDAP server:
Before you begin
already running.
About this task
steps:
continue.

Related concepts
Related tasks
Sametime prerequisite: Connecting to an LDAP server:
Before you begin
About this task
2. Bind to LDAP.

name.
g. Click Next.
user interface.

c. Click Next.
names.
person.

user interfaces.
field.

Table 62. Person Attributes (continued)
Server.
c. Click Next.

user interfaces.
displayed.
c. Click Next.

process.
What to do next
Related tasks
Related reference
Before you begin
About this task
continue.
Mux Servers.

Related concepts
Related tasks
Before you begin
Community Servers.
respectively.
d. Click Save.
Registering an upgraded Community Server with the System Console:
After upgrading an IBM Lotus Sametime server to a Lotus Sametime Community

Server on IBM AIX, Linux, Sun Solaris, or Microsoft Windows, register it with the
Lotus Sametime System Console, so you can manage all of the Lotus Sametime
servers from a central location. If you upgraded a cluster, you must register each
individual server before registering the cluster.
Before you begin
v The upgraded Lotus Sametime Community Server must be configured to use an
LDAP directory, and must be started.

System Console.
About this task
details on each file. You may want to pen each topic in a new browser tab or
1. If you enabled SSL encryption on the previous version of the Lotus Sametime
server, complete these substeps on the upgraded server:
If SSL is not enabled, skip this step.
a. Locate the directory where the SSL certificate is stored and note the path
(for example, C:\server.cer).
b. Navigate to the directory where Java is installed.
For example, on Microsoft Windows: C:\Lotus\Domino\JVM\bin.
c. Open a command window and run the following command:
keytool -import -alias serverSSL -file "C:\server.cer" -keystore ../lib/security/cacerts
-storepass changeit -noprompt
where C:\server.cer represents the path where the SSL certificate is stored.
a. Navigate to the Community Server’s Sametime console directory:
v AIX, Linux, Solaris: The console directory is under the Community
Server data directory; for example: /opt/IBM/domino85/notesdata/console
v Windows: The console directory is under the Domino directory; for
example: C:\Lotus\Domino\console

For example, on Windows the file is stored at:

C:/IBM/WebSphere/AppServer/profiles/
AppServerProfile/logs/AboutThisProfile.txt


System Console.
NodeHostName Provide the fully qualified host name for the
Community Server that is being registered.
5. Now register the server:

a. Run the registration utility with the following command:
v AIX, Linux, Solaris: registerSTServerNode.sh
v Windows: registerSTServerNode.bat
b. As the registration utility runs, you will be prompted to enter the following
information:
Cluster name Type the name you created when you

configured the cluster, and press Enter.
Location of notes.ini file This is the user name and password that
you use to manage the upgraded Lotus
Sametime Community Server from the
Community Server Administration Tool.
Type the full path to the directory containing
the notes.ini file, and press Enter. For
example, on Windows: C:\Lotus\Domino
Lotus Domino administrator user name This is the account that you use to manage
the upgraded Lotus Sametime Community
press Enter.

Registering an upgraded Community Servers cluster with the System Console:
After upgrading an IBM Lotus Sametime cluster to a Lotus Sametime Community

Server cluster on IBM AIX, Linux, Sun Solaris, or Microsoft Windows, register the
cluster with the Lotus Sametime System Console, so you can manage all of the
Lotus Sametime servers from a central location.
Before you begin
Make sure of each these servers is ready for the cluster registration task:
v Each of the upgraded Lotus Sametime Community Servers in the cluster must
be registered with the Lotus Sametime System Console, and must be started.
System Console.
1. Verify that each of the servers in the cluster has been registered with the Lotus
2. Run the registration utility using the command in the scenario below that best
applies to your deployment:
v The deployment includes a stand-alone Community Mux that was not added
to the cluster as a member, but works with the cluster (so the cluster
members refer to this server’s host name):
– AIX, Linux, Solaris: registerSTCluster.sh -external
– Windows: registerSTCluster.bat -external
v The deployment includes a stand-alone rotating DNS server that was not
added to the cluster as a member, but works with the cluster (so the cluster
v The deployment includes a stand-alone load balancer that was not added to
the cluster as a member, but works with the cluster (so the cluster members
refer to this server’s host name):
v None of the above:
– AIX, Linux, Solaris: registerSTCluster.sh
– Windows: registerSTCluster.bat
3. As the registration utility runs, you will be prompted to enter the following
information:

Location of notes.ini file This is the user name and password that
you use to manage the upgraded Lotus
Sametime Community Server from the
Community Server Administration Tool.
Type the full path to the directory containing
the notes.ini file, and press Enter. For
example, on Windows: C:\Lotus\Domino

press Enter.
and storing it in the console/logs directory.
Migrating user policies:
In IBM Lotus Sametime 8.5, user policies are administrated through the Lotus
Sametime System Console. After you have upgraded Lotus Sametime servers from
a previous release and set up a new Lotus Sametime 8.5 System Console, migrate
user policies from the Community Server to the System Console.
About this task
The methods for creating and storing policies in previous releases of Lotus
Sametime are very different from the methods used in release 8.5, and there are no
utilities available to migrate the data automatically. If you want to transfer existing
user policies to the new releases, you need to review them on the Lotus Sametime
Community Server, note them down, and then recreate them on the Lotus
Sametime System Console as described in the following topics:
Copying policies from the Lotus Sametime Community Server:
On the upgraded IBM Lotus Sametime Community Server, review existing policy
settings and copy them down so you can recreate them in the Lotus Sametime
System Console. If you upgraded multiple non-clustered servers, copy the settings
from each if they are different. If you upgraded a cluster, you only need the
settings from one of the cluster members.
About this task
If you want to recreate your current set of policies on the system console in the
Lotus Sametime 8.5 deployment, copy the settings from the upgraded server:
1. Open a browser and navigate to the Lotus Sametime Community Server
containing the policies you need to record:
Type the following address:
http://host_name/servlet/auth/admin
where host_name is the fully qualified host name of the server; for example:
http://commsvr1.acme.com/servlet/auth/admin
2. From the Lotus Sametime home page, click Administer the Server.
3. Log in as the Lotus Sametime administrator.
4. In the navigation pane, click Policies.
5. Copy all your existing policy settings.
Recreating legacy policies on the Lotus Sametime System Console:

Create new policy settings on the IBM Lotus Sametime System Console to reflect
the settings in your previous deployment.
About this task
There is no automatic migration of policies from the Sametime Administration Tool

to the Lotus Sametime System Console. You must create new policy settings
manually because Sametime Administration Tool policies do not map one-to-one to
policies in the Lotus Sametime System Console.
Managing users with policies:
All IBM Lotus Sametime users are automatically assigned to default policies.
Sametime Instant Messaging, Meetings, and Media Services each has a default
policy to be applied to users. You can create additional user policies, and assign
users and groups to these policies.
About this task
When a user authenticates, Lotus Sametime applies a default policy if no other

policy can be found for that user. You can create new policies that grant or limit
access to features, and assign users to these policies. Users can be assigned to more
than one policy. If a user belongs to more than one policy, then Lotus Sametime
uses the policy weight to determine policy precedence. Custom policies can be
designed for specific groups in the company, and the default policy can be
inherited or assigned. Meetings policy changes take effect immediately, while
Instant Messaging and Media Services policy changes take effect within an hour.
There is also an anonymous policy that is assigned by default to users who have
not authenticated, and unauthenticated users always receive this policy.
Note: If your deployment includes the Lotus Sametime System Console, you must
manage policies there because all settings made in the legacy Sametime
Administration Tool (STCenter.nsf) are ignored. This includes the override all
feature, as well. Moreover, there is no automatic migration of policies from the
Sametime Administration Tool to the Lotus Sametime System Console. You must
do this manually because Sametime Administration Tool policies do not map
one-to-one to policies in the Lotus Sametime System Console.
Finding policies associated with a user:
You can find all the policies associated with a user for all the IBM Lotus Sametime
products to which the user has access.
2. Click Sametime System Console.
3. Click Manage Policies.
4. Click any user Lotus Sametime component. It does not matter which
component that you select, because your search results display all the policies
for all the Sametime components to which the user has access.
v Instant Messaging
v Meetings
v Media Manager
5. Click Find Active Policies.

6. Select the criterion for the user for which you want to find the associated
policies in the Search by field.
v User ID
v Name
v E-mail address
7. Enter the entire or partial user ID, e-mail address, or name of the user or
group in the Search for field If you enter partial information, use an asterisk
as a wild card character for missing or incomplete information. For example,
type sm* for all names starting with sm.
8. Select the number of listings in the search results in the Maximum results
field.
9. Click Search. The results display the users that match your search criteria.
10. Select a name in the results table, and then click Find Active Policies to show
the policies for that user.
11. Click Done.
Creating new user policies:
You can create user policies, and assign users and groups to these policies.
About this task
You can set policy for users to have access to specific IBM Lotus Sametime
features, depending upon their level of need. For example, the maximum size for a
file being transferred is set by default at 1 megabyte to help manage traffic over
the server(s); however, if you have a group that routinely transfers large files for
business reasons, you can create a new policy specifically for those users and set
the maximum size of files that they can send to a much higher number.
4. Click the Lotus Sametime product for which you want to create a policy.
v Instant Messaging
v Meetings
v Media Manager
5. Click New.
6. Enter a name to use to identify the policy in the Policy Name field.
7. Specify the features that you want to enable or disable for the users or groups
that you will assign to this policy. Some instant messaging features are flagged
with IC characters after the field label. This flag indicates that a feature is only
available for installed clients. The feature is not available to browser clients.
8. Click OK.
Results
Tip: You can follow these same basic steps to delete or edit a policy. Delete a
policy by selecting the policy and then click the Delete button. Edit a policy by
clicking the policy name. You cannot delete the anonymous or default policies, but
you can edit them. If you edit a policy, you cannot change the policy ID. To do
this, you must make a copy of the policy by selecting it and clicking Duplicate,

then you can enter a new ID in the copy. Before you delete the original, be sure to
reassign the users and groups to the copy and give it the proper policy weight.
What to do next
You can now assign users and groups to this policy.
Assign users and groups to policies:
You can assign users and groups to specific user polices to grant or limit access to
features in IBM Lotus Sametime.
About this task
You cannot assign users to the default or anonymous policies. Authenticated users
are automatically assigned to the default policies. Unauthenticated users are
assigned to anonymous policies.
4. Click the Lotus Sametime component with the policy to which you want to
assign a user or a group.
v Instant Messaging
v Meetings
v Media Manager
5. Select a policy name from the list, and click Assign.
6. Click Add Users or Add Groups.
At this point you could remove a user from a policy, by selecting the user in
the list and then clicking Remove.
7. Select the criterion for searching for the user or group that you want to add to
the policy in the Search by field.
v User ID
v Name
v E-mail address
8. Enter user ID, e-mail address, or name or partial name with wildcard
characters (asterisks) of the user or group in the Search for field
9. Select the number of listings on each search results page in the Maximum
results field.
10. Click Search. The results display the DN, display name, and e-mail address of
the users that matched your search.
11. Select a user and click Assign.
12. Click Done.
Sametime Instant Messaging user policy settings:
You can grant or limit access to features in IBM Lotus Sametime Instant Messaging
by enabling or disabling various policies for users. Policy changes take effect
immediately.
All unauthenticated users have the anonymous policy, Sametime Instant Messaging
Anonymous Policy, applied to them. For authenticated users, the Lotus Sametime

searches for a user ID or group match, and then applies the highest weighted
policy. If there is no match, then the default policy, Sametime Instant Messaging
Default Policy, is applied.
Table 67. Chat
Sametime Instant Sametime Instant
Messaging Default Messaging
Setting Purpose Policy Anonymous Policy
User must set this Users must log in to Selected Selected
community as the this community
default server before they can log in
community to other
communities. This
setting does not
apply to browser
users.
Allow user to add If this is checked, Selected Not selected
multiple server community
communities preferences and
menus are available
to users. This setting
does not apply to
browser users.
Allow user to add Allowing users to Not selected Not selected
external users using connect to external
Sametime Gateway communities such as
communities AIM, Yahoo, OCS,
and Google Talk. If
this policy is not
allowed, the check
box and text for
adding external users
by e-mail address is
not available in
clients.
Allow user to save If this is enabled, Selected Not selected
chat transcripts users see the
File-Save option in
the chat window.
Chat history
capabilities are
available. This setting
does not apply to
browser users.

Table 67. Chat (continued)
Automatically save This is not valid Selected Not selected
chat transcripts unless Allow user to
save chat transcripts
is selected. If this is
not selected, then
users do not see
preferences for chat
history or the chat
history viewer in
their clients. This
setting does not
apply to browser
users. This setting
does not apply to
browser users.
Maximum days to If Allow to 365 0
save automatically automatically save
saved chat chat transcripts is
transcripts: selected , then a
value must be
entered in this field.
Users cannot set a
larger value in their
clients than the one
specified here. This
setting does not
apply to browser
users.
Limit contact list size This limits the Not selected Not selected
number of contacts
that users can enter
in their contact lists.
Contacts If Limit contact list 500 500
size is selected, then
a value must be
Specify the number
of contacts that users
can enter in their
contact lists.
Allow all Sametime If this is not selected, Not selected Not selected
Connect features to some Lotus
be used with Sametime Connect
integrated clients features do not
display when Lotus
Sametime is
integrated with other
products. This setting
does not apply to
browser users.

Allow mobile client This feature lets users Selected Selected
deploy Lotus
Sametime awareness
and chat features
mobile device.
Sametime update site Provides a URL updates.sametime.ibm.com
Blank.
URL: where users can
retrieve updates to
features for the Lotus
Sametime Connect
client. This setting
does not apply to
browser users.
Table 68. Image Settings

Allow custom Allows all actions on Selected Not Selected
emoticons the preferences
palette: new, import,
export, add picture,
add palettes. This
setting does not
apply to browser
users.
Allow screen capture Allows pasting and Selected Not Selected
and images right- click copying
of image and screen
captures. This setting
does not apply to
browser users.
Set maximum image This setting Includes Not selected Not Selected
size for custom images pasted inline
emoticons, screen through the palette
captures, and inline emoticons, cut and
images paste, screen
captures, and print
screen. It does not
include images sent
through file transfer.
This setting does not
apply to browser
users.

Table 68. Image Settings (continued)
KB If Set maximum 500 0
image size for
custom emoticons,
screen captures, and
inline images is
selected, then a value
must be entered in
this field. Users sees
a message if the they
attempt to send a file
that is larger than the
specified size. This
setting does not
apply to browser
users.
Table 69. File Transfer

Allow user to Allows user to Selected. Not selected
transfer files transfer files to other
users. This setting
does not apply to
browser users.
Maximum file Limits the size of the 1000 0
transfer in Kilobytes file that can be
transferred by the
specified value. In
kilobytes. This setting
does not apply to
browser users.
Allow client-to-client Allows users to Selected Not selected
file transfer transfer files without
passing the files
through the Lotus
Sametime server.
These files are not
logged. This setting
does not apply to
browser users.
Use exclude file Limits the types of Not selected. Not selected
types transfer list files that users can
transfer. This setting
does not apply to
browser users.

Table 69. File Transfer (continued)
Types to exclude If Use exclude file exe, com, bat Blank
from transfer. Type types transfer list is
the three-letter selected , then a
extension of each file value must be
type, separated by a entered in this field.
comma or semicolon: Type the three-letter
extension of each file
type, separated by a
comma or semicolon.
Accepts bmp, gif, txt,
pdf, sxi, sxc, sxw file
extensions. Comma
separated, values,
and spaces are
acceptable. This
setting does not
apply to browser
users.
Table 70. Plugin Management

Allow user to install Allows users to Selected Selected
plug-in install plugins and
updates from the
Lotus Sametime
Connect Tools →
Plug-ins menu. This
setting does not
apply to browser
users.
Sametime optional If no value is Blank. Type the URLs Blank.
plug-in site URLs. specified, then the separated by a
Type the URLs Check for Optional comma or semicolon
separated by a Features item on the
comma or semicolon: Tools → Plug-ins
menu not valid. This
setting does not
apply to browser
users.
Meetings user policy settings:
You can grant or limit access to features in meetings by enabling or disabling

various policies for users. Policy changes take effect immediately.
All unauthenticated IBM Lotus Sametime users have the anonymous policy,
Sametime Meetings Anonymous Policy, applied to them. For authenticated users,
Lotus Sametime searches for a user ID or group match, and then applies the
highest weighted policy. If there is no match the default policy, Sametime Meetings
Default Policy is applied.

Lotus Sametime does not allow anonymous users to create meeting rooms.
Therefore, any policy that is related to authenticated users or the ability to create
meeting rooms, does not apply to anonymous users.
Note: Although Lotus Sametime Classic meetings are still managed on the server
itself, you can set user policy for Sametime Classic meetings on the Meetings
policy tab in the Sametime Classic Meetings section.
Table 71. General Meeting Settings
Sametime Meetings Sametime Meetings
Setting Purpose Default Policy Anonymous Policy
Maximum persistent Users are limited to 100 0
meeting rooms this creating this number
user can own of meeting rooms per
user. When this limit
is reached or set to
zero, users cannot
create more meeting
rooms.
Allow user to create If not selected, user Selected Not selected
instant does not see the
(nonpersistent) capabilities for
meeting rooms creating instant
meetings. User can,
still see the
capabilities for using
an existing room.
Automatically If not selected the Selected Not selected
connect to meeting user must manually
server when logging connect to each
into Sametime meeting room server
Connect to view the meetings
there. This setting is
stored with the client,
so that changes in the
policy do not take
effect until after the
next time the user
logs in to the server.
apply to browser
users.
Allow searching of If not selected, users Selected Not selected
meeting rooms can attend meeting
rooms only with a
direct URL. The
meeting room
manager interface
never shows. Only
affects browser users.

Table 71. General Meeting Settings (continued)
Allow searching of If selected, the Not selected Not selected
hidden meeting interface allows the
rooms user to explicitly
search for hidden
meeting rooms by
exact name. If not
selected, the interface
for searching for
hidden meeting
rooms does not
appear, and hidden
meeting rooms are
never returned in
search results.
Show ″Scheduled Determines whether Selected Not selected
Meetings″ view to show the
″Scheduled Meetings″
view in the shelf.
apply to browser
users.
Allow meetings to be Allows users to Selected Not selected
recorded record meetings for
rooms they have
created. This setting
does not apply to
browser users.
Allow meeting Allow users to Selected Selected
content to be download content
downloaded from the meeting
library.
Meeting room group Hidden - Users Interactive Interactive
chats cannot see or create
group chats.
Read-only - Users
can only read what
others have typed
into the group chat.
Interactive - Users
can type and read
group chats.
Table 72. Meeting Room Library

Maximum file upload Maximum file upload 50 0
size, in Megabytes size in megabytes.
Users cannot upload
a larger file into the
library.

Table 72. Meeting Room Library (continued)
Maximum total size Maximum total size 200 0
of library in in megabytes of all
Megabytes files that library can
hold . If the size limit
is reached, or if the
value is zero, then
users can not upload
files to library
Table 73. Screen Sharing

Feature list Purpose Default Policy Anonymous Policy
Allow screen sharing Disabled - Users Entire screen, frame, Entire screen, frame,
cannot share screens and applications and applications
or applications.
Share an application
- Users can share a
specific application.
No other applications
or their desktops are
shared.
Entire screen, frame,

and applications -
Users share their
whole screen
including any
applications that they
open on their
screens.
Allow user to control Allow others to Selected Not selected
another user’s shared control a user’s
screen shared screen. Any
participant can make
changes to the shared
information. This
setting does not
apply to browser
users.
Allow peer-to-peer Whenever this user Selected Not selected
application sharing hosts screen sharing,
peer-to-peer can be
used by any viewers
that support it.
Enforce bandwidth Any time the user Not selected Not selected
limitations. hosts sharing, the
experience is limited
by the value
specified in the
Maximum bandwidth
size

Table 73. Screen Sharing (continued)
Maximum bandwidth This is not used 500 500
size, in Kilobytes per unless ″Enforce
second: bandwidth
limitations″ is
selected.
Table 74. Sametime Classic Meetings.

Allow users to create Lets users start a Selected Not selected
instant meetings and meeting from the
breakout sessions. contact list, from an
existing chat, and
from within a
meeting (breakout
session).
Allow Sametime IP No Does not allow No No
audio and video in use of Sametime
instant meetings and Internet Protocol
breakout sessions. audio and video in
instant meetings and
breakout sessions.
IP audio only Allow

use of Sametime
Internet Protocol
audio but not video
in instant meetings
and breakout
sessions.
IP video only Allows

use of Sametime
Internet Protocol
video but not audio
in instant meetings
and breakout
sessions.
Allow participation Allows participants Selected Not selected
in meeting room in the meeting to use
chats. the chat window to
communicate with
any other participant
in the meeting.

Table 74. Sametime Classic Meetings (continued).
Allow screen sharing No - Users cannot Entire screen, frame,
share screens or and applications
applications.
Application only -
Users can share a
shared.

and applications -
Users share their
whole screen
including any
open on their
screens.
information. This
setting does not
apply to browser
users.
Media Manager user policy settings:
You can grant or limit access to media features in by enabling or disabling various
policies for users. Policy changes take effect immediately.
All unauthenticated users will have the anonymous policy Media Manager
policy. If there is no match the default policy, Media Manager Default Policy is
applied.
Table 75. Telephony, Audio, and Video
Media Manager Media Manager
Allow access to Allows outside Not selected Not selected
third-party service vendors to provide
provider capabilities audio and video for
from contact lists, instant messages and
instant messages, and instant meetings.
meetings This setting does not
apply to browser
meetings.

Table 75. Telephony, Audio, and Video (continued)
Allow changes to If not selected, user Selected Selected
preferred numbers cannot add telephony
devices. This gives
the administrator
control over the
devices that can
make or receive calls
in the system. ″Allow
access to third-party
service provider
capabilities from
contact lists, instant
messages, and
meetings″ must be
selected to specify
this setting.
Voice and video Allows users to use Audio and video Audio and video
capabilities available computer audio and
through the video in instant
Sametime Media messages and instant
Server: meetings. Choices
are:
v None
v Audio only
v Audio and video

apply to browser
users.
Table 76. Sametime Unified Telephony

Allow changes to the If this setting is not Selected Selected
permanent call selected a lock
routing rule appears next to this
rule in the user’s
preferences. ″Allow
service provider
capabilities from
messages, and
meetings″ must be
selected to specify
this setting.

apply to browser
users.

Table 76. Sametime Unified Telephony (continued)
Allow use of Allows users to add Selected Selected
″Offline″ status in their own devices to
call routing rules. make and receive
calls. ″Allow access
to third-party service
provider capabilities
from contact lists,
instant messages, and
meetings″ must be
selected to specify
this setting.

apply to browser
users.
Changing a user policy’s weight:
IBM Lotus Sametime products implement user policies that have higher weights
over policies with lower weights. You can change the weight of policies.
About this task
User policies in Lotus Sametime have weights. A policy’s weight determines

whether or not its attributes take precedence over the attributes of other policies.
For a given user or group assigned two or more policies, Lotus Sametime
implements the policy with the highest weight. Anonymous policies always have
the lowest weight; default policies have the next lowest weight. For authenticated
users, Lotus Sametime searches for an exact ID match, and then applies the highest
weighted policy. If there is no match for the user ID in any policy, the Lotus
Sametime applies the highest weighted group match. If no group matches are
found, the default policy applied. You can change the weight of policies by moving
them up and down the policy list of a Lotus Sametime product.
4. Click the Lotus Sametime component with the policy with the weight that you
want to change.
v Instant Messaging
v Meetings
v Media Manager
5. Select a Policy ID from the list, and click Move Up or Move Down. Moving the
policy up increases its wight; moving the policy down decreases its weight. You
cannot change the weight of a default or and anonymous policy.
Installing a Lotus Sametime Proxy Server:

Sametime.
Preparing to install a Lotus Sametime Proxy Server:
Proxy Server by pre-populating values required for installation.
Before you begin
About this task
If you have not already opened the Install Lotus Sametime Proxy Server guided
4. Click Sametime Guided Activities → Install Sametime Proxy Server.
Related tasks
Guided activity: Preparing to install a Lotus Sametime Proxy Server:
Before you begin
The following servers must be installed and running:

v LDAP server
v Lotus Sametime System Console
v Lotus Sametime Community Server, installed using a deployment plan created
on the System Console
About this task
be used when you run the installation program for Lotus Sametime Proxy Server.
In the Install Sametime Proxy Server portlet, click Create a New Deployment
Plan, and then click Next.
2. Deployment Name.
a. Give the deployment plan a unique, recognizable name, which will be
shown only in the Sametime System Console, and then click Next.

stProxy_primary. You can include multibyte characters, symbols, and spaces
b. Click Existing Sametime Community Server, select the Lotus Sametime
Community Server to which you want to connect the Lotus Sametime Proxy
Server, and then click Next.
Production use:
Manager for a Lotus Sametime Proxy Server cluster, there is no need to install a
Lotus Sametime Proxy Server with the Deployment Manager option.
the Lotus Sametime Proxy Server.
Application Server administrator on the Sametime Proxy Server, and then
click Next.
directory.
What to do next
“Installing a proxy server on AIX, Linux, Solaris, or Windows” on page 102
Installing a proxy server on AIX, Linux, Solaris, or Windows:
Sametime Proxy Server.
Before you begin
You should have already created a deployment plan for the Lotus Sametime Proxy
Server and started the Lotus Sametime System Console server. If you are logged
continuing.
work as well).

About this task
Sametime server.
permissive.
3. Download the installation package if you have not already done so. This
installation uses SametimeProxyServer.zip.
AIX, Linux, Solaris
./launchpad.sh
Windows
launchpad.exe
dropdown list.
6. Click Install IBM Lotus Sametime Proxy Server and click Launch IBM Lotus
Sametime Proxy Server 8.5 installation.
7. Select the packages you want to install and click Next.
Next.

10. Select IBM Lotus Sametime Proxy Server as the feature to install and select
Use Lotus Sametime System Console to install. Click Next.
11. At the WebSphere Profile settings screen, supply values for connecting to the
v Host Name: Provide the Host Name for the Lotus Sametime System
Console. The Host Name was determined when you installed the Lotus
connection.
System Console.
installation.
15. Select the Lotus Sametime Proxy Server deployment plan you created earlier
with the Lotus Sametime System Console guided activity. Then click Next.
installation.
Results
Windows 2008
Windows 2003
SSC connection log:


What to do next

Related tasks
“Guided activity: Preparing to install a Lotus Sametime Proxy Server” on page 101
243
Verifying a proxy server installation on AIX, Linux, Solaris, or Windows:
About this task

index.jsp
Tip: To verify the port number being used by the Lotus Sametime Proxy
Server, log in the Lotus Sametime System Console. In the WebSphere
Application Server administrative console, click Servers → WebSphere
application servers → STProxyServer → ports → WC_defaulthost to find the port
number.
2. Verify that you can create or view contacts.
Related tasks
About this task

Server.
Servers.
Servers.
Add.
entered.
6. Click OK.
Installing the FIPS Server:
IBM Lotus Sametime supports the U.S. government-defined security requirements

for cryptographic modules known as FIPS 140-2 (Federal Information Processing
Standard 140-2). Installing the FIPS Server is only necessary if your Lotus
Sametime deployment must be FIPS-compliant; otherwise, it is optional.
Before you begin
You should have already installed the IBM Lotus Sametime Server Console and the
Lotus Sametime Proxy Server.
About this task
To maintain FIPS 140-compliance for all data exchanged between clients and Lotus
Sametime Community Servers, you must install the FIPS Server on the Lotus
Sametime Proxy Server to accept data on behalf of Lotus Sametime Community
Servers.
If you want to administer the FIPS Server from the Sametime Systems Console,
you must install the FIPS administration portlet before you install the FIPS Server.
The FIPS administration portlet can connect to the FIPS Server only if the it has
been installed on the Lotus Sametime Proxy Server, and you must always restart

the Lotus Sametime Proxy Server if you make any configuration changes using the
administration portlet. You cannot have multiple FIPS Servers running on the same
machine.
If you do not install the FIPS administration portlet, you can manage the FIPS
Server using information in FIPS Support for IBM Lotus Sametime 8.
1. Install the FIPS administration portlet into the Sametime System Console of
the Integrated Solutions Console. Go to WebSphere\STSCServerCell\
optionalConsoleApps\fips.proxyadmin and install the portlet using the
instructions in the readme.txt.
2. Copy sametimefipsproxy.war from setup\STIPLaunchpad\disk1\FIPSProxy on
the image disk to your local drive.
3. Log in to the Integrated Solutions Console on the machine where you are
installing the FIPS Server.
4. Click Applications → Application Types → Websphere Enterprise
Applications.
5. On the Enterprise Applications page, click Install. .
6. Under Path to the new application, browse to the sametimefipsproxy.war file.
Keep the default settings to install the server, and then click Next
7. Enter the context root that you want for the FIPS Server.
8. Click Finish and save the configuration.
9. Restart the Lotus Sametime Proxy Server to automatically start the FIPS
Server.
11. Click Sametime System Console → Sametime Servers → FIPS Proxy Servers.
You can only edit data for FIPS if the FIPS war is running on the installed
server. Make sure that your FIPS Server is running in order to administer it.
Note: Currently, You cannot administer the per-node configuration or vertical

clustering of FIPS on the Sametime System Console.
12. Click the FIPS Server that you installed.
13. Enter a fully qualified inbound host name and port and an outbound host
name and port to which FIPS connects, and then click OK.
14. Restart the Lotus Sametime Proxy Server again to automatically start the FIPS
Server.
Setting up a Lotus Sametime Meeting Server:
Before you can migrate meetings from an upgraded IBM Lotus Sametime server,
you must install a Lotus Sametime Meeting Server and then set up URL redirects
from the upgraded server to the Lotus Sametime Meeting Server.
Installing a Lotus Sametime Meeting Server:
Meeting Server.
Creating a database for the Lotus Sametime Meeting Server on AIX, Linux, Solaris, and
Windows:
Before installing the Lotus Sametime Meeting Server on AIX, Linux, Solaris, and
Windows, create a database to store its data.

Before you begin
If you previously created a Meeting Server database and want to run the script
again to create a database of the same name, use the DB2 DROP DATABASE
command to delete all user data and log files, as well as any back/restore history
for the original database. Also note that uninstalling DB2 does not remove the data
and log files.
About this task
create the database for the Lotus Sametime Meeting Server.
during DB2 installation.
folder:
./createMeetingDb.sh STMS
Windows
createMeetingDb.bat STMS
Replace ″STMS″ in the command if you want to choose a different database
4. Close the DB2 command window.
Windows:
Click Start → Programs → IBM DB2 → General Administration Tools → Control
Center.
Related tasks
Before you begin

About this task
steps:
Related tasks
Before you begin
About this task

field.
a different port.
connect to.
you changed it.
Gateway database
IBM i.
h. Click Finish.
Preparing to install a Lotus Sametime Meeting Server:
Meeting Server by pre-populating values required for installation.
Before you begin
About this task
If you have not already opened the Install Lotus Sametime Meeting Server guided
4. Click Sametime Guided Activities → Install Sametime Meeting Server.
Related tasks
Guided activity: Preparing to install a Lotus Sametime Meeting Server:
Before you begin
You have set up an IBM DB2 database and an LDAP server, and have run the
guided activities for connecting to the DB2 database and to the LDAP server.
About this task
Meeting Server.
In the Install Sametime Meeting Server portlet, click Create a New
2. Deployment Name.
stMeeting_primary. You can include multibyte characters, symbols, and spaces
Production use:
Manager for a Lotus Sametime Meeting Server cluster, there is no need to
install a Lotus Sametime Meeting Server with the Deployment Manager option.
the Lotus Sametime Meeting Server.
Application Server administrator on the Sametime Meeting Server, and then
click Next.
directory.
5. Choose a database for this deployment.

Select the Lotus Sametime Meeting Server database that you configured with
the Lotus Sametime System Console activity, and then click Next.
If you used the recommended name when you created the Sametime Meeting
Server database, the name is STMS.
Select the LDAP directory that you configured with the Lotus Sametime System
What to do next
“Installing a meeting server on AIX, Linux, Solaris, or Windows” on page 119
Installing a meeting server on AIX, Linux, Solaris, or Windows:
Sametime Meeting Server.
Before you begin
Meeting Server and started the Lotus Sametime System Console server. If you are
logged into the Sametime System Console, log out and close the browser before
continuing.
work as well).
About this task
Sametime server.
permissive.
3. Download the Meeting Server installation package if you have not already
done so.

AIX, Linux, Solaris
./launchpad.sh
Windows
launchpad.exe
dropdown list.
6. Click Install IBM Lotus Sametime Meeting Server and click Launch IBM
Lotus Sametime Meeting Server 8.5 installation.
Next.
10. Select IBM Lotus Sametime Meeting Server 8.5.0 as the feature to install and
select Use Lotus Sametime System Console to install. Click Next.
11. At the Common Configurations screen, supply values for connecting to the
v Host Name: Provide the fully qualified domain name in the Host Name
connection.
System Console.
installation.

15. Select the Lotus Sametime Meeting Server deployment plan you created
Next.
installation.
18. Click Finish when the installation process is complete.
Results
Windows 2008
Windows 2003
SSC connection log:

What to do next
Related tasks
“Starting and stopping servers running on WebSphere Application Server” on page
230
243
successful.

About this task
room.
following URL:
Meeting Center.
Setting up URL redirects to migrate meetings:
After you install the new IBM Lotus Sametime 8.5 Meeting Server, you are ready
to migrate meetings. Rather than transfer meeting schedules and associated data
from the legacy server to the new server, you will set up URL redirects that
automatically link users to the appropriate meeting room on the new server.
Configuring the upgraded server to issue redirects to a Meeting Server:
Configure an upgraded IBM Lotus Sametime server to issue a redirect to a URL

hosted on the new Lotus Sametime 8.5 Meeting Server.
About this task
You can complete this task on the following servers:

v One or more upgraded Lotus Sametime 8.5 servers with meetings
v One or more pre-8.5 Lotus Sametime server with meetings enabled
v Multiple pre-8.5 Lotus Sametime servers (with meetings enabled) that are
clustered with the Lotus Sametime Enterprise Meeting Server
Lotus Sametime 8.5 does not directly support the Lotus Sametime Enterprise
Meeting Server, so you cannot cluster upgraded Lotus Sametime 8.5 meeting rooms
as in previous releases. However, you can set up URL redirects from pre-8.5
servers that are clustered with the Lotus Sametime Enterprise Meeting Server.
1. Enable redirects on the Lotus Sametime Community Mux:
a. Open the sametime.ini file on the server where the Community Mux is
hosted.

On AIX, Linux, Windows, and Solaris, the sametime.ini file is stored in the
Sametime server installation directory; for example on Microsoft Windows,
the default path is: C:\program files\lotus\domino. On IBM i, the
sametime.ini file is stored in the Sametime server data directory.
If the Community Mux is local, use the Lotus Sametime server’s own
sametime.ini file. If you deployed a stand-alone Community Mux, open the
sametime.ini file on that server.
b. Add the following statement to the [Config] section of the file:
VPMX_HTTP_REDIRECT_ENABLE_RELATIVE=0
c. Close and save the file.
d. Restart the stand-alone Community Mux so the change can take effect.
For a local Community Mux, there’s no need to restart the Lotus Sametime
server yet, as you will do that when you complete the redirect task.
e. If you deployed multiple stand-alone Community Mux servers, repeat this
process on each one.
2. On the upgraded Lotus Sametime server, establish a redirect to the new
Meeting Server:
a. Log in to a Lotus Notes client.
b. Click File → Application → Open.
c. In the Server field, select the Lotus Sametime server where you want to
enable the redirect.
Click Local to select the current server.
d. Locate and select the ″Domino Directory″ (names.nsf), and then click Open.
e. In the Domino Directory, click Configuration → Servers → All Server
Documents.
f. In the list of servers, select the Lotus Sametime server where you want to
create the URL redirect.
g. On the tool bar, click Web → Create URL/Mapping Redirection.
A new page appears, where you can create the redirection/mapping
information.
h. On the ″Basics″ tab, click URL → Redirection URL.
i. On the ″Mapping″ tab, fill in the Incoming URL path and Redirection URL
string fields as follows:
The redirection documents can be added in stages, depending on which part
of the Lotus Sametime user interface should be redirected. Use the type of
redirect that best suits your needs:
Table 77. URL redirect options for various user scenarios
Purpose Incoming URL path Redirection URL
Allow users to attend /stconf.nsf/frmConference* [http://host_name/
previously scheduled stmeetings/*]
meetings on the upgraded
Lotus Sametime server, but
have all new meetings
created as rooms on the
Lotus Sametime 8.5 Meeting
Server.

Table 77. URL redirect options for various user scenarios (continued)
Only redirect users that /stcenter.nsf* [http://host_name/
access the Welcome page in stmeetings/*]
the meeting center on the
upgraded Lotus Sametime
server.
Redirect URL that lead /stconf.nsf/meeting/* [http://host_name/
directly to individual stmeetings/migration.jsp?mid=*]
meetings.
Redirect all other URL paths /stconf.nsf* [http://host_name/
in stconf.nsf to the new stmeetings/*]
Meeting Server.
Redirect invited server URLs. /stconf.nsf/ [http://
For each invited server, the WebLookupMeeting? invited_server_host_name/
redirect document needs to OpenAgent&mid=* stmeetings/migration.jsp?mid=*]
be directed at a single Lotus
where the rooms will be
created. This avoids creating
additional rooms on different
Meeting Servers each time a
redirect from the invited
server is encountered.
j. Save your changes and close the Domino Directory.

k. Repeat this process for every upgraded Lotus Sametime server that you
want to redirect to a new Meeting Server.
Configuring the Meeting Server to accept redirects from the upgraded Lotus Sametime
server:
Configure an IBM Lotus Sametime Meeting Server to accept URL redirects from an
upgraded Lotus Sametime server or from a Lotus Sametime Enterprise Meeting
Server cluster.
About this task
Establishing URL redirect to a Lotus Sametime Meeting Server uses the REST API
provided by the Lotus Sametime Online Meeting Toolkit (included in the Lotus
Sametime Software Development Kit). The Meeting Server uses the Online Meeting
Toolkit to transfer meeting data from the upgraded Lotus Sametime server to the
new Meeting Server.
The enable the redirect, the new Meeting Server must be configured to be
associated the with URL of a particular Lotus Sametime server.


1. Log in to the Lotus Sametime System Console as the Sametime administrator.
2. Click Sametime Servers → Sametime Meeting Servers.
3. In the ″Meeting Servers″ list, click the name of the server that will accept
redirects from a particular Lotus Sametime server.
4. Click the Server Configuration tab.
5. Click Edit.
6. Type restapi.migrationUrl as the name of the new configuration key.
7. Now assign one of the following values to the key, depending on whether the
Lotus Sametime server is clustered with Lotus Sametime Enterprise Meeting
Server:
v Lotus Sametime server (non-clustered): http://host_name/servlet/meeting/
v Lotus Sametime Enterprise Meeting Server (cluster): http://host_name/iwc/
sametime/meeting/
For host_name, supply the Lotus Sametime server’s fully qualified host name;
for example: ststd1.acme.com
8. Click OK.
Expanding the deployment with optional 8.5 components:
After you have upgraded your IBM Lotus Sametime deployment and migrated
meetings to the new Lotus Sametime Meeting Server, you may want to integrate
additional components into your deployment.
About this task
The following components are not required for upgrading a Lotus Sametime server
and migrating meetings, but provide additional capabilities to a Lotus Sametime
deployment:
v Lotus Sametime Media Manager: Provides audio and video features for instant
messaging and online meetings.
For more information, see Planning a Lotus Sametime Media Manager
installation.
v Lotus Sametime Gateway: Provides instant messaging with external
communities, including:
– Lotus Sametime communities deployed outside of your firewall
– AOL Instant Messenger
– Google Talk
– Yahoo Messenger
For more information, see Planning a Lotus Sametime Gateway installation.
Upgrading Lotus Sametime on IBM i

Upgrade from previous releases of IBM Lotus Sametime on the IBM i operating
system.
About this task

Lotus Sametime.
Upgrading Lotus Sametime servers on IBM i

Upgrade one or more IBM Lotus Sametime servers running on IBM i.
Upgrading Lotus Sametime on IBM i:
Upgrade from previous releases of IBM Lotus Sametime on the IBM i operating
system.
About this task
Lotus Sametime.
Disabling cluster replication:
Before you begin to an IBM Lotus Sametime server, you must disable cluster
replication to avoid sending or receiving configuration changes while preparing for
the upgrade.
About this task
If you have a cluster of servers, you must upgrade every server in the cluster. To
avoid sending or receiving configuration changes while you are preparing to
upgrade, disable cluster replication for all servers in the cluster. For more
information, see Disabling cluster replication for an entire server in the Lotus
Domino and Notes information center.
Removing meeting rooms from Enterprise Meeting Server:
If you have meeting services enabled on your IBM Lotus Sametime server and you
clustered the meeting rooms with Lotus Sametime Enterprise Meeting Server, you
must remove those servers from Enterprise Meeting Server before upgrading them.

About this task
Lotus Sametime 8.5 does not support the use of Lotus Sametime Enterprise
Meeting Server. Instead, you deploy one or more Lotus Sametime 8.5 Meeting
Servers and optionally cluster them using an IBM WebSphere network deployment.
Then you can set up URL redirects from your upgraded Lotus Sametime servers to
the new Meeting Servers so that when a user clicks a link to create or attend a
meeting on an upgraded server, the link is automatically redirected to the new
Meeting Server.
If you do not wish to install the Lotus Sametime 8.5 Meeting Server yet, you can
still create and host meetings on the upgraded server, but you cannot cluster the
meeting rooms.
Upgrading the Lotus Sametime server on IBM i:
After you have completed the preliminary steps to prepare the environment,
upgrade each of your IBM Lotus Sametime servers.
About this task
If you are upgrading a cluster, be sure to upgrade each of the servers in the cluster
(and register each server with the Lotus Sametime System Console) before you
configure the cluster and register the cluster itself.
Checking for supported releases for Lotus Domino and Lotus Sametime on IBM i:
Before upgrading to IBM Lotus Sametime 8.5, determine whether you first need to
upgrade your Lotus Domino and your operating system releases. You also need to
determine whether your current level of Lotus Sametime is supported by the Lotus
Sametime 8.5 upgrade process.
About this task
Follow these steps to ensure that the server you intend to upgrade is running on a
supported level of the operating system and that the current releases of Lotus
Domino and Lotus Sametime are supported by the upgrade process. If the server
includes an unsupported release of any product, you must complete an interim
upgrade to a supported product.
1. Check the operating system level on the computer where Lotus Sametime is
installed.
You must upgrade to at least IBM i 5.4 before installing Lotus Sametime 8.5.
IBM i 5.4 or later is required for Lotus Sametime 8.5 and IBM i 6.1 is required
for supporting IPv6 addressing.
Consider other Lotus Domino servers and related Lotus products that may be
running on the same system in your upgrade plans. Make sure that your
currently installed server releases, and product releases, are all supported on
the new operating system level. For up-to-date details about which
combinations of Domino, Sametime, and other Lotus Domino related product
releases are supported on current IBM i releases, see the Lotus Software for
IBM i Compatibility Guide.
For information on Lotus Sametime 8.5 system requirements, see the Detailed
System Requirements.
2. Check the Lotus Domino release on the server to be upgraded.

Lotus Sametime 8.5 requires Lotus Domino release 8.0 or later. Before installing
a newer release of Lotus Sametime to upgrade a Lotus Sametime server, verify
that each Lotus Domino server hosting Lotus Sametime is at a supported level.
If your Lotus Sametime server is running on a version of Lotus Domino earlier
than 8.0, you must upgrade the Lotus Domino server to a supported version
before installing Lotus Sametime 8.5. The Lotus Sametime upgrade will fail for
any server that is not running a supported release of Lotus Domino, and can
only be corrected by upgrading the level of Lotus Domino and reinstalling
Lotus Sametime.
If the server is running Lotus Domino 8 or later, continue to the next step.
Otherwise, install a supported level of Lotus Domino and run the UPDDOMSVR
command to update each Lotus Domino server hosting Lotus Sametime before
proceeding.
3. Check the Lotus Sametime release on the server to be upgraded.
Lotus Sametime 8.5 supports direct upgrades from Lotus Sametime 7.5.1 or
later. If your server is running an earlier release of Lotus Sametime, you must
complete an interim upgrade to one of the following releases of Lotus
Sametime: 7.5.1, 8.0, 8.0.1, or 8.0.2; then you can upgrade that release of Lotus
Sametime directly to release 8.5,
Backing up the Lotus Sametime data:
Before installing a new release of IBM Lotus Sametime you should back up all
important server data.
Before you begin
When upgrading Lotus Sametime on Microsoft Windows, IBM AIX, Linux or

Solaris, the install program provides the option of preserving your existing Lotus
Sametime data, which includes meeting information, contact lists and configuration
settings, or overwriting this information.
The IBM i installation program always preserves the Lotus Sametime data on
existing servers. If you do not want to preserve the Lotus Sametime data, remove
Lotus Sametime from the server with the RMVLSTDOM command before
installing the new release. After the installation completes, run the ADDLSTDOM
command to add Lotus ametime to the server again.
About this task
When backing up your Lotus Sametime data, include the following information:
Table 78. Lotus Sametime server data to back up
names.nsf This is optional if you can replicate from
another Domino server. After upgrading to
Lotus Sametime 8.5, you will need to convert
the native Domino Directory to use LDAP
format in order to register the server with the
notes.ini Back up this file for possible reference after
upgrade.
da.nsf Back up this file if you are using directory
assistance.

Table 78. Lotus Sametime server data to back up (continued)
vpuserinfo.nsf This contains user storage and privacy
information, such as contacts lists. If you
upgrade from a release earlier than 7.5, you will
need to upgrade the design on this database.
sametime.ini, It is not necessary to backup these files on IBM
stconfig.nsf i as they are saved automatically during the
upgrade process. The original sametime.ini and
stconfig.nsf files are saved in a subdirectory
of the server data directory. The name of the
subdirectory is STprevious_versionBU. For
example, the subdirectory name is ST751BU if
you upgraded from Sametime 7.5.1, and ST80BU
if you upgraded from Sametime 8.0.
All customized data files, templates or
applications (.ntf, .mdm, .scr, .bmp,
.mac, .smi, .tbl)
All ID files, desktop.dsk, and
pubnames.ntf
meetingserver.ini (Lotus Sametime Standard only) It is not
necessary to back up this file on IBM i because
it is saved automatically during the upgrade
process; the original meetingserver.ini file is
saved in the server data directory as
meetingserver.bak.
All recorded meeting files (.rap) (Lotus Sametime Standard only)
Pre-accepting the Lotus Sametime software agreements on IBM i:
About this task
If you do not pre-accept the software agreements, the installation process will
restore the product to the system, but then stop and wait for you to accept the
agreements before completing the installation. Skip this step if installing from a
downloaded image.
1. Insert the Lotus Sametime DVD into the optical drive of your system.
2. Enter the following command on an IBM i command line:
GO LICPGM
The Work with Licensed Programs display appears.
3. From the Work with Licensed Programs (LICPGM) menu, select option 5
(Prepare for install) and press Enter. The Prepare for Install display appears.
4. Type 1 in the option field next to Work with software agreements. Press Enter.
When the Work with Software Agreements display appears, you see all IBM
licensed programs that require software agreement acceptance and whether the
agreement has been accepted. Only licensed programs that are not yet installed
appear on this display. The software agreements for Lotus Sametime will not
appear in the list until you restore them from the DVD in a later step.

5. Press F22 (shift-F10) to restore the Software Agreements from the Lotus
Sametime DVD.
For the Device parameter, specify the name of your optical drive (For example,
OPT01). Press Enter to restore the Sametime software agreements to the system.
6. Once the Software agreements are restored, the following message is displayed:
Waiting for reply to message on message queue QSYSOPR.
You can sign on to another session to respond to the message or ask the system
operator to respond.
To view and respond to the message from another session:
v Enter the following command on an IBM i command line:
WRKMSGQ QSYSOPR
v Select option 5 to display the messages in the QSYSOPR message queue.
v Locate the following message in the queue:
Load the next volume in optical device OPT01. (X G)
v The Lotus Sametime software agreements have already been restored. If you
want to restore more software agreements from another DVD, insert the next
DVD and respond with G. When the software agreements have been
restored, the message is issued again. When you are done, respond to the
message with X.
7. The Work with software agreements display should now show the restored
licenses for products that are not yet installed.
v If you are using the DVD for the Entry version of Lotus Sametime, you will
see an entry for Licensed Program 5724J23, option *BASE.
v If you are using the DVD for Lotus Sametime Standard, you will see two
entries for Licensed Program 5724J23: one entry for *BASE and another entry
for Option 1.
8. For each entry for Licensed Program 5724J23, type 5 in the option field and
press Enter to display the Software Agreement. Then press F14 (Accept) to
accept the terms of the software agreement.
Note: In some unusual situations, the following message may be issued when
you attempt to display the Software Agreement:
CPDB6D6 - Software agreement documents are missing. If this occurs, repeat

step 5 to restore the Software Agreements again and continue with the
remaining steps in this procedure.
Upgrading the Lotus Sametime server application on IBM i:
Run the installation program on the computer where you plan to upgrade an IBM
Lotus Sametime server.
About this task
Use the IBM i command line to install the Lotus Sametime Community Server.
1. Make sure you have backed up the recommended files to a directory outside of
your Sametime directory structure or to physical media before proceeding.
2. Sign on to your server with a user profile that has the *ALLOBJ and *SECADM
special authorities
3. Stop the IBM Lotus Domino server that will run Sametime. Stop all existing
Lotus Sametime servers.

4. From the IBM i command line, run the appropriate command for installing
from a downloaded image or physical media.
Installing from a downloaded image
a. Make sure that you have downloaded the community server installation
package and created save files.
b. Use the RSTLICPGM command to install from the save files you created when
you downloaded the installation package.
This example uses the save files MYLIB/Q5724J23IM and MYLIB/Q5724J23WC.
RSTLICPGM LICPGM(5724J23) DEV(*SAVF) OPTION(*BASE) LNG(2924) SAVF(MYLIB/Q5724J23IM)
RSTLICPGM LICPGM(5724J23) DEV(*SAVF) OPTION(1) SAVF(MYLIB/Q5724J23WC)
c. When you are prompted to accept the Sametime software agreement, you
must accept it in order to continue.
Installing from physical media
a. Make sure you have pre-accepted the license agreement as explained in the
previous task.
b. Insert the Lotus Sametime disk in your system optical drive and use the
LODRUN command:
LODRUN DEV(*OPT) DIR('/os400')
The system loads the Lotus Sametime programs to the appropriate libraries and
/QIBM directories. You will see status messages as the system installs the
software.
Results
All of your existing Lotus Sametime servers are upgraded during the install
process. Check the job log to verify that all of your Lotus Sametime servers were
upgraded successfully. You should see the following message for each Lotus
Sametime server that was successfully upgraded on your system:
Upgrade successful for Lotus Sametime server server_name
What to do next
Refresh the design of your Lotus Sametime databases by either waiting for the
nightly Design server task to run or by forcing an immediate refresh with the LOAD
DESIGN command, as described in the following steps.
1. On any IBM i command line, type the following command and press Enter:
WRKDOMCSL
2. On the ″Work with Domino Console″ display, type the name of your Lotus
Sametime server and press Enter.
3. At the command prompt, type the following Lotus Domino subcommand and
press Enter:
LOAD DESIGN
Related tasks
“Starting and stopping Domino and a Sametime Community Server on IBM i” on
page 422
Learn how to start and stop a Sametime Community Server running on IBM i.
domain.
Migrating data from pre-7.5 releases of Lotus Sametime:

The format for storing IBM Lotus Sametime user privacy information changed in
release 7.5. If you are upgrading from a release prior to 7.5, complete these tasks to
migrate user privacy information to the new format.
Upgrading the vpuserinfo.nsf template:
As part of upgrading IBM Lotus Sametime, you will need to replace the design of
the vpuserinfo.nsf database.
About this task
As part of a product upgrade, you will need to replace the design of the
vpuserinfo.nsf database with the stuserin.ntf template:
1. Start the Lotus Notes client.
2. Click File → Application → Open.
3. Select the Community Server you upgraded (select ″Local″ for the current
server).
4. Select the Configuration folder.
5. In the file name field, type vpuserinfo.nsf and then click Open.
6. Once the database is open, click File → Application → Replace Design.
7. Select the newly installed Lotus Sametime Community Server as the template
server, and then click the Show advanced templates option to locate the
″Sametime User Information″ (stuserin.ntf) template.
8. Click the stuserin.ntf template to select it, and then click Replace to update
the database’s design to match the template.
9. When you have finished, you can exit the Lotus Notes client.
Running the privacy migration utility on IBM i:
stored prior to IBM Lotus Sametime 7.5 to the new format. An optional parameter
Sametime users.
About this task
To run the privacy information migration utility after upgrading Lotus Sametime,
follow these steps:
example, create a text file called upgrade_util_filter.txt and save it in your
Sametime server data directory or another accessible location. The file should
have each user specified on a separate line in the following format:
CN=Jane Doe/O=Acme
2. Stop the Sametime server.
3. From any IBM i command line, start the QShell Interpreter:
QSH
4. Run the following shell command:
cd <sametime_server_data_directory>

5. To migrate privacy information for all of your Sametime users, run the
following shell command:
upgrade_privacy <sametime_server_data_directory>
To migrate privacy information for a specified subset of your Sametime users,

run the following shell command:
upgrade_privacy <sametime_server_data_directory> <upgrade_util_filter_file>
6. Check the vpuserinfo.nsf<time_stamp>.log file that has the latest time stamp to
verify that the utility ran successfully. You can exit the QShell session and
browse for the file, or run the following shell command to display the contents:
cat vpuserinfo*.log
Enabling cluster replication:
After all of the servers in the IBM Lotus Sametime cluster have been upgraded,
you can enable cluster replication once again to ensure that the servers are sharing
configuration information.
About this task
If you saved each server’s data during the upgrade, your previous cluster settings
still exist and you just need to enable replication among the servers. For more
information, see Replicating with all servers in a cluster in the Lotus Domino and
Notes information center.
If you did not save server data during the upgrade, you may need to recreate the
cluster as described in Clustering Lotus Sametime Community Servers in this
information center. You will need to return to this upgrade section after completing
the cluster configuration, so you may want to open the link in a separate browser
tab or window so you do not lose your place.
Upgrading a stand-alone Community Mux:
If your previous IBM Lotus Sametime deployment included a stand-alone

Community Mux, you can upgrade the multiplexer to release 8.5.
Before you begin
This task only applies to a stand-alone Community Mux; the multiplexer that
installs directly on the Lotus Sametime server was upgraded automatically when
you upgraded that server.
About this task
Lotus Sametime 8.5 supports a stand-alone Community Mux installed with an

earlier version of the product; however if you plan to support IPv6 addressing in
your deployment, you must upgrade the Community Mux (IPv6 addressing was
introduced in Lotus Sametime 8.0.2).
If you have more than one stand-alone Community Mux, upgrade all of them:
click OK.

Upgrading a remote Conversion Server:
If your IBM Lotus Sametime deployment includes a remote conversion server and
you will continue to host meetings on one or more upgraded Lotus Sametime
servers, you should upgrade the conversion server as well.
About this task
Your Sametime server may already be configured to use a particular conversion

server and port number. If you used a remote conversion server in a previous
release of Sametime, the configuration was migrated during the upgrade. You may
have specified the configuration when you installed Sametime or when you added
Sametime to a Domino server (i5/OS). Verify that the information is correct, or
update the server configuration.
1. On the upgraded Lotus Sametime server, verify the conversion server
configuration:
a. Open the stconvservices.properties file, which is located in the Sametime
server data stconversion subdirectory.
b. Check the value for RemoteConversionURL setting:
v If no remote conversion server has been configured, the setting looks like:
#RemoteConversionURL=http://conversions1.ibm.com:8081;
http://conversions2.ibm.com:8081/servlet/stconversion
v When one remote conversion server is configured, the # is absent at the
start of the line, the server name is correct, and everything between the
semicolon and the end of the line is deleted. For example:
RemoteConversionURL=http://stconv.acme.com:19610/servlet/stconversion
Note the port number (19610 in the example) to use when you run the
v If more than one conversion server is configured, there is no # sign, and
data for each server is separated by a semicolon. For example:
RemoteConversionURL=http://stconv1.acme.com:19610/servlet/stconversion;
http://stconv2.acme.com:8081/servlet/stconversion
Find the entry for the conversion server that you plan to install, and note
the port number.
c. Save and close the file.
d. If you updated the file, restart the Lotus Sametime server now.
2. Upgrade the remote conversion server:
The Lotus Sametime Conversion Services installation program is located in the
Lotus Sametime 8.5 Community Server package.

a. Move to the computer hosting the remote conversion server that you will
upgrade.
b. Download the conversion server installation program or insert the CD
containing it, and start the installation.
c. Select a language for the installer, and click Next.
d. Select the option to install Sametime Conversion Services, and click Next.
e. Follow the prompts presented to complete the installation.
f. When you are prompted for the port on which the conversion service will
listen, specify the port number you noted when you verified the Sametime
server configuration in Step 1.
g. If you installed Conversion Services on Microsoft Windows 2000, restart the
server.
h. If your users will be posting documents that contain text for languages
other than English, verify that the locale for your Conversion Server is set
appropriately.
Results
The conversion services component starts automatically when you restart the
server. To start the conversion services manually, click Start > Administrative tools
> Services.
Upgrading a stand-alone Reflector:
Audio and video services provided by the IBM Lotus Sametime Reflector will not
be available in this release to assist client-to-Sametime client audio/video
communication.
About this task
The Lotus Sametime Reflector is a server application that helps to establish

audio/video sessions between Lotus Sametime clients across a firewall. This initial
release of Lotus Sametime 8.5 does not include a Reflector component; the service
may appear to be running, but will not function. In this release, the Lotus
Sametime 8.5 client can only establish audio and video connections with other
Lotus Sametime 8.5 clients.
Release 8.5 audio/video services can co-exist with release 7.5.x and 8.0.x
audio/video services, with the following restrictions:
v The 8.5 client cannot establish an audio or video call with 7.5.x or 8.0.x clients
client
v The 8.5 client cannot use the Lotus Sametime Reflector
Next steps:
After you have completed an upgrade of one or more IBM Lotus Sametime
servers, the instant messaging, awareness, and presence features are ready to use.
If your previous deployment included the online meetings feature, you can either
use them on the upgraded server (as in previous releases) or migrate meetings to
the Lotus Sametime 8.5 Meeting Server.

About this task
If your Lotus Sametime server does not have the online meetings feature enabled,
or meetings are enabled but you intend to continue creating and hosting them on
the upgraded servers, then your upgrade is complete and you are ready to begin
using Lotus Sametime 8.5.
You only need to continue to next upgrade section if your Lotus Sametime server
has the online meetings feature enabled and you want to migrate them to the new
Lotus Sametime 8.5 Meeting Server. To migrate meetings, you will need to set up
an LDAP directory (if you are currently using native Domino authentication),
tasks are discussed in detail in the next section.
Expanding the deployment to host meetings on a Lotus

If you have upgraded one or more IBM Lotus Sametime servers and have the
meetings feature enabled, you can choose to migrate the meetings to a Lotus
Sametime 8.5 Meeting Server and take advantage of new features such as
persistent meeting rooms.
About this task
This section applies only to deployments where the upgraded servers have online
meetings enabled and you want to migrate them to the new Lotus Sametime 8.5
Meeting Server. To migrate meetings, you will need to set up an LDAP directory,
tasks are discussed in detail in this section.
Note: This section discusses installing new Lotus Sametime 8.5 components.
Information on topics such as configuration, administration, tuning, and
troubleshooting appears elsewhere in this information center.
Migrating a Domino Directory to LDAP format on IBM i:
If your existing Sametime server is using a native IBM Lotus Domino Directory for
user authentication, you will need to convert it to use LDAP protocol so that it can
be registered with the Lotus Sametime System Console.
Before you begin
Previous releases of Lotus Sametime allowed the use of the native Lotus Domino
Directory for user authentication. In release 8.5, the Lotus Sametime System
Console requires access to an LDAP directory, so if you want to register your
Community Server with the System Console, you must migrate the Lotus Domino
Directory to LDAP format. For more information, see Planning for an LDAP
directory and the ″Directory considerations″ section of Planning a Community
Server installation for more information.
Note: If you migrate convert the existing Lotus Domino Directory to LDAP format,
the directory can no longer be hosted on the same Lotus Domino server as the
Community Server.

About this task
Follow these steps to migrate the Lotus Domino directory to LDAP format.
1. Shut down the Lotus Sametime services but keep the Lotus Domino services
active as described in Starting and stopping a Sametime server on IBM i while
Domino is running.
2. Specify LDAP connection information on IBM i.
3. Start the Lotus Sametime server.
4. Run the name change task.
5. Configure the LDAP Directory settings in the LDAP document using a Lotus
Notes client or the Sametime Administration Tool.
Note: The Connectivity section should already be completed. Verify that the
information in the other sections is correct: Basics, Authentication, Searching,
and Group Contents. If necessary, update them for your LDAP directory.
6. Restart the Lotus Sametime server.
What to do next
Next, you may need to complete these additional tasks to complete the
configuration of your converted LDAP directory:
Changing LDAP connection information for servers on IBM i:

About this task
Follow these steps to re-configure an IBM i Sametime server to connect to an

LDAP directory instead of a Domino directory:
1. On any IBM i command line, type the following and press F4:
CHGLSTDOM
2. On the ″Change Sametime on Domino″ display, set Directory Type to *LDAP
and press Enter.
3. Complete the following fields describing your LDAP server:
Option Description
Name Enter the name or TCP/IP address of the
LDAP server that Sametime will use. It is
also possible to specify the TCP/IP address,
but this is not recommended.
Port Enter the IP port that Sametime will use.
The default IP port for LDAP connections is
389.
Bind distinguished name (DN) Enter the distinguished name of the LDAP
directory entry that the Sametime server will
use when binding to the LDAP directory.
This is an optional parameter. If not
specified, you must ensure the LDAP server
is configured appropriately for anonymous
access from a Sametime server.
Bind password If you specified a Bind distinguished name
(DN), enter the password associated with it.

Option Description
Administrator name (DN) Enter the distinguished name of an LDAP
administrator who has authority to browse
the LDAP directory. It is used when
configuring policies. This parameter is
optional and defaults to the same value as
the Bind distinguished name.
4. Press Enter to run the command.
Note: If your server is enabled for both IPv4 and IPv6 addressing, you must
manually update the sametime.ini file so that ″VPS HOST=″ is set to an
explicit IP address, rather than the host name, after running the CHGLSTDOM
command.
Related tasks
“Configuring the Lotus Sametime Community Server to support IPv6 addressing”
on page 303
Configuring the LDAP Directory settings:
Specify the LDAP Directory settings that enable the Sametime server to search the
LDAP directory on the LDAP server and authenticate Sametime users against
entries in the LDAP directory.
Before you begin
Configuring the LDAP Directory settings requires previous experience with LDAP;
in particular you will need to know the following information:
v The structure (directory tree) of the LDAP directory the Sametime server will
access
v The schema of Person and Group entries in the LDAP directory
v How to construct LDAP search filters to access the attributes of Person and
Group entries in the LDAP directory
About this task
You must configure the LDAP Directory settings on the LDAP document in the
Configuration database to ensure that the Sametime server can search and
authenticate against entries in the LDAP directory. Use the Sametime
Administration Tool to enter LDAP Directory settings; the tool then writes the
values to the LDAP document in the Sametime Configuration database
(stconfig.nsf) and updates the Directory Assistance database.
To configure the LDAP settings using the Sametime Administration Tool:

1. In the Sametime server home page, click Administer the server.
2. Click LDAP Directory.
3. Enter the settings to enable your LDAP directory to access Sametime servers.
For descriptions of the settings, see LDAP directory settings

LDAP directory settings:
LDAP directory.
The Sametime Administration Tool includes the LDAP Directory settings that
enable the Sametime server to operate as a client to an LDAP server. These settings
enable the Sametime server to search the LDAP directory on the LDAP server and
authenticate Sametime users against entries in the LDAP directory.
Note: After changing any LDAP settings, restart the Sametime server.
Connectivity settings
The Connectivity settings enable the administrator to provide the IP address and
ports the Sametime server uses when connecting to the LDAP server, and to
specify whether the Sametime server binds to the LDAP server as an anonymous
or authenticated user. These settings also enable the Sametime server to connect to
multiple LDAP servers, and to use SSL when connecting to the LDAP server.
Table 79. Connectivity settings for the LDAP directory
Host name or IP Select the IP address (or fully
address of the qualified DNS name) of the LDAP
LDAP server server for which you want to change
settings.
Position of this If you have configured the Sametime
server in the server to connect to multiple LDAP
search order servers, use this setting to specify
the order in which Sametime will
connect to the LDAP servers by
clicking a number to indicate the
priority of the currently selected
LDAP server.
Port Specify the port over which the The default port for LDAP
Sametime server connects to the access and recommended setting
specified LDAP server; use the port is TCP/IP port 389.
number on which the LDAP server
listens for TCP/IP connections.
Administrator If you want the Sametime server to When designating an
distinguished bind to the LDAP server as an authenticated user, IBM Lotus
name, anonymous user, leave these fields software recommends that you
Administrator empty. create a unique directory entry
password that is used only for the purpose
If you want the Sametime server to of authenticating connections
bind to the LDAP server as an from the Sametime server to the
authenticated user, specify the LDAP server. After creating the
Distinguished name of an LDAP directory entry, you must ensure
directory entry that the Sametime this directory entry has at least
server uses when binding to the read access to the attributes of
LDAP directory, and then enter the the LDAP directory entries.
password associated with that user.

Table 79. Connectivity settings for the LDAP directory (continued)
Use SSL to For tighter security, use SSL to If you choose to enable SSL, you
authenticate and encrypt the connections between the have several additional options,
encrypt the Sametime and LDAP servers. each of which requires
connection additional tasks. For more
between the information, see Enabling
Sametime server encryption between Lotus
and the LDAP Sametime and the LDAP server.
server
Adding another Sametime can connect to multiple If you add an LDAP server, you
LDAP server LDAP servers and can access one must additionally specify the
Port LDAP directory on each LDAP following settings:
server to which it connects. To add v a position for the server in the
an LDAP server, enter its host name search order in the Position
or IP address in this field, and the of this server in the search
port on which you want to connect order field
to the new LDAP server.
v the LDAP directory settings in
described in this topic
v a Directory Assistance
document that enables the
LDAP server
If you no longer want the

Sametime server to access an
LDAP server, you can remove
the LDAP server from the list of
available servers in the Host
name or IP address of the
LDAP server field.
Basics settings
The Basics settings enable the administrator to specify the basic LDAP parameters
required to conduct searches for people, and for groups, in an LDAP directory.
Some of these parameters are also necessary for displaying the names of users in
Sametime user interfaces. The Basics settings include parameters that specify the
level of a directory from which a search begins, the scope of a search, and the
attributes of LDAP directory entries that define person and group names.
Table 80. Basics settings for the LDAP directory
Person settings:

Where to start Specify the base object of the The default setting of ″″ begins the
searching for directory (or level of the search from the root of the directory.
people directory) from which to start a Before accepting this default setting,
search for person entries in the be aware that some LDAP directory
LDAP directory. servers allow the ″″ value only for
searching the LDAP directory root
The default setting of ″″ begins DSE (Directory Server Entry, or entry
the search from the root of the with directory server properties) and
directory. only when the Scope for searching
for a person (discussed in the next
Also, searching from the root of row) is confined to One level below
an LDAP directory generally this setting.
results in a less efficient search
than specifying a specific base
object such as ou=west,
o=acme.
Suggested values for this setting

are:
cn=users, dc=domain, dc=com
computer name)
Directory: cn=Recipients,
v Domino Directory:
dc=domain, dc=com

Scope for Specify how many LDAP Recursive: Assume theWhere to start
searching for a directory levels below the searching for people setting has the
person Where to start searching for value ″ou=west, o=acme″ and the
people setting to search when Scope for searching for a person
resolving a search for a person setting has the value ″recursive.″
entry. There are two available Now assume the user searches on the
settings: name ″John Smith.″ The search begins
v Recursive (default value) at the ou=west, o=acme directory
level and searches the entire subtree
Search the entire subtree of
of the directory beneath that level.
directory entries beneath the
people setting (or the base
object of the search).
v cn=John Smith, ou=managers,
v One level
ou=west, o=acme
people setting. v cn=John Smith, ou=west, o=acme
The search would fail to turn up the

the Where to start searching for
people setting in this example begins
the search at the ou=west, o=acme
level of the directory:
v cn=John Smith, o=acme
ou=east, o=acme
One level: For example, assume the

Where to start searching for people
setting has the value ou=west,
o=acme and the Scope for searching
for a person″ setting has the value
″one level.″ Now assume the user
searches on the name ″John Smith.″
The search begins at the ou=west,
o=acme level and searches only one
directory level beneath that level.
v cn=John Smith, ou=west, o=acme
v cn=John Smithson, ou=west,
o=acme
The search would fail to find the

the entries are either more than one
level below the Where to start
searching for people setting, or are
not beneath that setting at all:
v cn=John Smith, ou=marketing,
ou=west, o=acme
ou=east, o=acme

The attribute of Specify the attribute of an Consider an LDAP person entry
the person entry LDAP directory person entry containing the following attributes:
that defines the that is used to display a user’s v cn: James Lock
person’s name name in the Sametime end-user
v givenname: James
interfaces (as the result of a
search or in a privacy or v sn: Lock
presence list). The value of this v mail: jlock@acme.com
setting can be any attribute of
the LDAP directory person In this example, if the The attribute
entry, such as cn (common of the person entry that defines the
name), sn (surname), person’s name setting is ″cn,″ the
givenname, or mail (e-mail search result displays the user’s name
address). as James Lock. If the setting is ″mail″,
the user’s name displays as
The suggested value for jlock@acme.com.
Microsoft Exchange 5.5 Note: You can also write a Java class
Directory, Microsoft Active to control the format of user names
Directory, Netscape Directory, returned from LDAP directory
Domino Directory servers, and searches. This capability is useful if
SecureWay servers is cn. you want user names to display in a
format that is not specified by an
LDAP directory entry attribute. For
classes to customize LDAP directory
searches.
Attribute used to Sspecify the attribute of a This setting can specify any attribute
distinguish person entry that is used to of a person entry that can
between two differentiate between two users differentiate one person from another
similar person that have the same common person with the same name. An
names name (cn) attribute. example value for this setting is the
mail attribute, which contains the
Suggested values for this setting e-mail address of an LDAP directory
are: person entry.
Directory, Netscape Directory, To illustrate, assume that a search on
Domino Directory, SecureWay the name John Smith returns two
Directory: mail person entries with the common
name (cn) John Smith. Since the two
John Smiths will have different e-mail
user principal name
addresses, the mail attribute can be
displayed to enable the user to
determine which John Smith is the
correct one.
The object class Specify the attribute of a Sametime assumes that individual
used to determine directory entry that identifies users are represented by entries with
if an entry is a the entry as a person. a unique object class. Sametime
person compares the name of the object class
The suggested value for specified in this setting to the object
Microsoft Exchange 5.5 class values of each entry to decide
Directory, Microsoft Active whether the entry is a person or a
Directory, Netscape Directory, group. Enter the object class attribute
Domino Directory, and used for people in the LDAP schema
SecureWay Directory is of the LDAP directory in your
organizationalPerson. environment.

Attribute of a Specify the attribute of a person This setting is required by
person entry that entry that contains the user’s components of the Sametime server
defines a person’s e-mail address. that use the Session Initiation
e-mail address Protocol (SIP), such as the Sametime
Suggested values for this setting Gateway to connect to other instant
are: messaging services. SIP entities are
v Microsoft Exchange 5.5 identified by their e-mail addresses.
Domino Directory, SecureWay
Directory: mail
user principal name
Group settings:
Where to start Specify the base object of the Before accepting the default setting
searching for directory (or level of the (″″), be aware that some LDAP
groups directory) from which to start a Directory servers allow the ″″ value
search for group entries in the only for searching the LDAP
LDAP directory. directory root DSE (Directory Server
Entry, or entry with directory server
The default setting of ″″ begins properties) and only when the search
the search from the root of the scope is confined to One level below
directory. the Where to start searching for
groups setting. Also, searching from
Suggested values for this setting the root of an LDAP directory
are: generally results in a less efficient
v Microsoft Active Directory : search than setting a specific base
cn=users, dc=domain, dc=com object (such as ou=west, o=acme) for
v Netscape Directory: the search.
computer name) The extent of the search for group
entries is further controlled by the
v Microsoft Exchange 5.5 Scope for searching for groups
Directory: cn=Recipients, setting, described in the next row.
v Domino Directory:
dc=domain, dc=com

Scope for Specify how many levels below Recursive:
searching for the Where to start searching
groups for groups setting to search for Assume the Where to start searching
a group entry in the LDAP for groups setting has the value
directory. There are two ou=west, o=acme, and the Scope for
available settings: searching for groups setting has the
value ″recursive.″
v Recursive (default value)
Search the entire subtree of Now assume the user searches on the
directory entries beneath the name ″Marketing.″ The search begins
Where to start searching for at the ou=west, o=acme level and
people setting. searches the entire subtree of the
v One level directory beneath that level. Such a
search might return the following
group names, depending on the
people setting. v cn=Marketing, ou=Los Angeles,
ou=west, o=acme
The Search filter for resolving
v cn=Marketing, ou=San Diego,
group names setting (in the
ou=west, o=acme
“Search settings” on page 525
section) provides the search v cn=Marketing, ou=west, o=acme
filter that resolves the user’s
input (Marketing) to a specific The search would fail to turn up
group entry in the LDAP directory entries such as:
directory. v cn=Marketing, o=acme
v cn=Marketing, ou=Pittsburgh,
ou=east, o=acme
One level:
Assume the ″Where to start searching

for groups″ setting has the value
ou=west, o=acme, and the ″Scope for
searching for groups″ setting has the
value ″one level.″
Now assume the user searches on the

name Marketing. The search begins at
the ou=west, o=acme level and
searches only one level beneath that
level.
Such a search might locate a group

entry such as:
cn=Marketing, ou=west, o=acme
The search would fail to turn up a

directory entry such as:
cn=Marketing, ou=Los Angeles,

ou=west, o=acme

Attribute used to Specify the attribute of a group An example of a value for this setting
distinguish entry that is used to is the ″info″ attribute of an LDAP
between two differentiate between two group entry. In many LDAP
similar group groups that have the same directories, the ″info″ attribute
names common name (cn) attribute. contains descriptive information
about a group. For example, assume
Suggested values for this setting that a search on the name
are: ″Marketing″ returns two group
v Microsoft Exchange 5.5 entries with the common name
Directory: info Marketing. The information contained
v Netscape Directory, Domino in the info attribute (such as ″West
Directory, Microsoft Active region″ or ″East region″) of the group
Directory, SecureWay entry can be used to distinguish
Directory: description between the two groups.
The group object Specify the attribute of a In some situations, Sametime must
class used to directory entry that identifies determine whether a directory entry
determine if an the entry as a group. returned by a search is a person or
entry is a group group entry. Sametime assumes that
Enter the objectclass attribute groups are represented by entries
used for groups in the LDAP with a unique object class. Sametime
schema of the LDAP directory compares the name of the object class
in your environment. specified in this setting to the object
class values of each entry to decide
Suggested values for the setting whether the entry is a group or a
are: person.
group
groupOfUniqueNames
v Microsoft Exchange 5.5 and
Domino Directories:
groupOfNames
groupOfUniqueNames
Authentication settings
The Authentication settings ensure that Sametime users can be authenticated

against entries in an LDAP directory. The administrator must specify an LDAP
search filter that can resolve a name provided by a user to a Distinguished Name
(DN) in an LDAP directory. The Authentication settings also enable the
administrator to specify the field in the LDAP directory person entries that
contains the name of each user’s home Sametime server.
Note: The administrator must add a field to the person entries in the LDAP
directory to hold the name of each user’s home Sametime server, or use an existing
field in the person entries for this purpose.

Table 81. Authentication settings for the LDAP directory
Search filter to Specify the filter to use when To authenticate a user, Sametime
use when resolving the name (or text string) must know the distinguished
resolving a user provided by a user to a name of the user’s person entry
name to a distinguished name for in the LDAP directory.
distinguished authentication purposes.
name Consider the following default
The specific search filter used for this search filter in which the value
setting must be based on the schema ″%s″ is substituted for the string
of the LDAP directory the Sametime provided by the user when
server is accessing. logging in :
&(objectclass=
The default value is: organizationalPerson)
&(objectclass= (|(cn=%s)(givenname=%s)
organizationalPerson) (sn=%s)(mail=%s*)))
(|(cn=%s)(givenname=%s)(sn=%s)
(mail=%s*))) Note: You can find detailed
This filter is the suggested value for formatting of search filters at the
Microsoft Exchange 5.5, Microsoft following Web site:
Active Directory, Netscape Directory, http://
Domino Directory, and SecureWay developer.netscape.com/docs/
Directory servers. manuals/directory/41/ag/
Note: In some cases, for Microsoft find.htm#1046960
Active Directory it may be necessary
to substitute (user principal This filter first performs a search
name=%s*) for (mail=%s*) . for all entries of the type (or
object class) organizationalPerson.
The search filter then looks for
an exact match with either the
common name (cn), given name,
or surname (sn) attribute of the
person entry. If the search
locates a person entry with an
attribute value that matches the
text string provided by the user,
the Sametime server accesses the
person entry with that
distinguished name when
authenticating the user.

Table 81. Authentication settings for the LDAP directory (continued)
Home Sametime Specify the name of the field within The home Sametime server is
server the LDAP person entries that the Sametime server on which
contains the name of each user’s the preferences and data of a
home Sametime server. Community Services user are
saved. Users connect to the
home Sametime server for
presence and chat functionality.
If you have installed multiple
Sametime servers, each user’s
person entry in an LDAP
directory must contain a field in
which a user’s home Sametime
server can be specified. You can
either:
v Add a new field to the LDAP
directory to hold the name of
each user’s home Sametime
server. This added field must
appear in the person entry of
every Sametime user in the
LDAP directory.
v Use a field that already exists
in the person entries of each
Sametime user (such as the
e-mail address) for this
purpose.
Search settings
The Searching setting enables the administrator to specify the search filters
required to resolve the names of people and groups to specific entries in an LDAP
directory.

Table 82. Searching settings for the LDAP directory
Search filter for Specify the filter to use when To search for a user name, a
resolving person matching a name to person entries in Sametime end user enters a text
(&(objectclass= responsible for selecting a user
organizationalPerson)(|(cn=%s*) name from the LDAP directory.
(givenname=%s)(sn=%s)(mail=%s*))) The search filter matches the text
string provided by the user to
The Where to start searching for information contained within the
people and Scope for searching for attributes of LDAP directory
a person settings in the “Basics person entries.
settings” on page 517 section define
the level of the directory tree from Consider the following default
which the search begins and how search filter in which the value
much of the directory is searched. ″%s″ represents the text string
provided by the user:
(&(objectclass=
organizationalPerson)
(|(cn=%s*)(givenname=%s)
(sn=%s)(mail=%s*)))
Note: You can find detailed

following Web site:
http://developer.netscape.com/
docs/manuals/directory/41/ag/
find.htm#1046960
The default search filter first

looks for entries whose type (or
object class) is
organizationalPerson. The search
filter looks for a prefix match
(%s*) with an entry’s common
name, a complete match with an
entry’s given name, or a
complete match with the entry’s
surname attribute.

search on the person name
″James″ might return the
following directory entries
(provided that each directory
entry is of the objectclass
organizationalPerson).
v Jameson Sanders
v James Lock
v James Clark
v Henry James

Search filter for Specify the filter to use when To search for a group name, a
resolving group matching a name to group entries in Sametime end user enters a text
(&(objectclass=groupOfNames) responsible for selecting the
(cn=%s*)) group name from an LDAP
directory. The search filter
The search filter used for resolving matches the text string provided
group names must be based on the by the user to values listed for
schema of your LDAP directory. The the attributes of the LDAP
suggested value for Microsoft directory group entries.
Exchange 5.5 and Domino directory Note: You can find detailed
servers is the default search filter. information on the syntax and
The other suggested values for this following Web site:
setting are: http://developer.netscape.com/
v Microsoft Active Directory: docs/manuals/directory/41/ag/
(&(objectclass=group)(cn=%s*)) find.htm#1046960
v Netscape Directory and SecureWay The default search filter first
Directory: looks for directory entries of the
(&(objectclass= type (or object class)
groupOfUniqueNames)(cn=%s*)) groupOfNames. The search filter
The Where to start searching for then looks for a prefix match
people and Scope for searching for (%s*) with the common name
a person settings in the “Basics (cn) attribute of the
settings” on page 517 section define groupOfNames entries.
the level of the directory tree from
which the search begins and how
search on the name ″Market″
much of the directory is searched.
might return the following group
entries from the directory
(provided that each entry also
has the groupOfNames object
class attribute):
v Marketing
v Marketers
v Markets
Note: If a single search filter is
not adequate to resolve group
searches in your environment,
you can create a custom Java
class that refines the group
search capabilities. This
capability is useful in
environments with complex
LDAP directory schemas. For
classes to customize LDAP
directory searches.

Policy search Specify a search filter to use when A policy allows you to restrict
filters resolving a user’s or group’s access to certain features of
membership in a policy, to determine Sametime when you use either
access right during authentication. the Domino LDAP or IBM
Directory Server for user
For Domino, you can use an empty management. The filters for
string (″″) if you don’t want to create searching for people and groups
a filter. The IBM Directory Server in Policy are similar to those
requires a non-empty value here; for used for searching for people
example: dc=teamspace,dc=com and groups in LDAP but are
designed to draw on information
stored in Domino or IBM
Directory Server.
Group Content settings
The Group Contents setting enable the administrator to specify the attribute of a
group entry that contains the names of group members.
Table 83. Group Contents settings for the LDAP directory
Field Description
Attribute in the Specify the name of the attribute in If an end user adds a group to a
group object the group entry that contains that presence list, privacy list, or a list
class that has the names of invidual people or that restricts meeting attendance,
names of the subgroups. Sametime must obtain the list of
group members members within the group so
Suggested values for this setting are: that individual members of the
v Microsoft Active Directory, group can be displayed. The
Microsoft Exchange 5.5 Directory, ″Attribute in the group object
and Domino Directory: member class that has the names of the
v Netscape Directory and IBM group members″ setting defines
Secureway Directory: the attribute within an LDAP
UniqueMember directory group entry that holds
the names of all members of the
group.
This setting assumes that the

LDAP directory schema uses a
single directory entry to
represent a group, and that
names of group members are
held in one attribute that
contains multiple values. This
assumption is true for Microsoft
Exchange 5.5, Microsoft Active
and Domino environments.
Add Administrator settings
The Add Administrator settings are used to enable additional administrators to

access the Sametime Administration Tool.

Note: Although you can use the Sametime Administration Tool to configure LDAP
settings, you must use the LDAP tool itself to person and group entries.
Table 84. Add Administrator settings for the LDAP directory
Administrator Specify the user name of each Only users that are entered in
Sametime Administrator. the LDAP directory on the
LDAP server can authenticate
with the Sametime server. A
Sametime administrator must
have a Person document in the
Domino Directory on the
Sametime Administration Tool.
The Administrator can

authenticate with the Sametime
Administration Client whether
he or she is in the Domino or in
the LDAP directory. However, if
the server is configured for
LDAP, then the Administrator
has to be registered in the LDAP
directory to receive access to the
Assign Users function of the
User Policy.
Access Control settings
The Access Control settings enable the administrator to work with Access Control
Lists.
Table 85. Access Control settings for the LDAP directory
User or Group Specify the name of a person or Registering groups in the Access
Name group entry in the LDAP directory Control List is more efficient
that should have access to Sametime than listing individual users
servers. because you can include more
users in less time, and can easily
When entering names in this field: update the individual group
v Use the fully qualified listings later.
distinguished name of the user or
group, but use forward slashes (/)
as delimiters instead of commas (,).
For example, use:
cn=John Smith/ou=managers/
ou=marketing/ou=west/o=acme
instead of:
cn=John Smith, ou=managers,
v You can use an asterisk (*) as a
wildcard character when entering
names. For example, entering
*/ou=West/o=Acme is equivalent
to entering all users in the
ou=West, o=Acme branch of the
directory to the ACL.

Setting up the Lotus Sametime System Console:
A new IBM Lotus Sametime 8.5 deployment uses a system console as the central
point for administering servers; all new Lotus Sametime 8.5 components must
connect to the console. Set up the Lotus Sametime System Console and its
prerequisite components before you install a Lotus Sametime 8.5 Meeting Server.
About this task
Setting up the Lotus Sametime System Console involves creating a database to

store console data, connecting the console to existing servers, and creating policy
settings on the console.
Installing the Lotus Sametime System Console:
About this task
Preparing the console installation file on IBM i:
the Lotus Sametime System Console on IBM i.
Before you begin
About this task
/MySametimePackages
package.

QShell Interpreter:
QSH
subdirectory of the program image; for example:
/MySametimePackages/SametimeSystemConsole/IBMi/stii_ssc/licenses
For DVD:
/qopt/volume_ID/IBMi/stii_ssc/licenses
For DVD:
/qopt/volume_ID/IBMi/stii_ssc
5. Make a copy of the ssc.default.response.properties file, using a name of your
program can access.
System Console database schemas.
Related tasks
Creating the System Console database schemas and tables on IBM i:
Run the script to create the database schema for the IBM Lotus Sametime System
Console on IBM i.
Before you begin
You should have prepared the console installation file as described in ″Preparing
the console installation file on IBM i.″
About this task
On the IBM i system where you will install the Sametime System Console, follow
these steps to create the database schema and tables:
ssc.default.response.properties file and owned by the user profile specified in
the file.

Interpreter:
QSH
cd /MySametimePackages/SametimeSystemConsole/IBMi/stii_ssc
For DVD:
cd /qopt/STCONSOLE/IBMi/stii_ssc/licenses
4. If the SSC schema does not already exist on the system, run the following shell
command to create the required database schemas and tables. The command
also creates the POLICY schema if it does not exist.
setupDB_ssc.sh -Dinstall.response.file=path_and_name_of_customized_response.properties_file
Results
ssc_dbsetupyyyymmdd_hhmm.log
ssc_dbsetup_20091215_0307.log
Related tasks
Installing the console on IBM i:
Run the install script to set up the IBM Lotus Sametime System Console on IBM i.
Before you begin
the console server installation package. For all installations, you should have
completed the preparation steps. The database schemas required for the System
Console (SSC and POLICY) should already exist.
About this task
Follow these steps to install the Sametime System Console and WebSphere
Application Server.
Sametime software.

Interpreter:
QSH
For installing from DVD:
cd /qopt/volume_ID/IBMi/stii_ssc
5. Start the Sametime System Console installation with the following shell
command:
install_ssc.sh -Dinstall.response.file=path_and_name_of_customized_response.properties_file
When the script completes, a summary of the results is displayed. Make a note
of the URL for connecting to the Integrated Solutions Console. The ″Admin
port″ displayed is the port you must use when logging in to the system
console.
Results
install_STCONSOLE_yyyymmdd_hhmm.log
install_STCONSOLE_20091215_0307.log
Related tasks
Increasing the WebSphere Application Server usage limit for running Sametime on IBM
i:
Use the Change License Information command to allow an unlimited number of

users for the WebSphere Application Server installation. Changing the usage limit
in this manner is acceptable provided you are in compliance with the terms of
your Sametime license and are only using WebSphere Application Server for
running Sametime.
About this task
If you install more than one Sametime server that uses WebSphere Application
Server on the same system, this task only needs to be done once. Following the
recommended installation sequence, the first server that uses WebSphere
Application Server is the Sametime System Console. Other servers that use
WebSphere Application Server are the Sametime Meeting Server, Sametime Proxy
Server, and Sametime Gateway.

1. Sign on to the system with a user profile that has *ALLOBJ special authority.
2. From any IBM i command line, run the following command (on one line):
CHGLICINF PRDID(5733W70) LICTRM(V7) FEATURE(5102) USGLMT(*NOMAX) THRESHOLD(*USGLMT)
Results
The usage limit is changed to *NOMAX.
If the following message is displayed, type G.

CPA9E1B: Usage limit increase must be authorized.
Press help before replying (C G)
After you respond to the CPA9E1B message, you must respond to the same
message on the QSYSOPR message queue:
1. Run the DSPMSG QSYSOPR command to see the message in the QSYSOPR
message queue.
2. When the message is displayed, type G.
Logging in to the Lotus Sametime System Console:
About this task
What to do next

Related tasks
Connecting to an LDAP server:
Before you begin
already running.
About this task
steps:
continue.
Related concepts
Related tasks
Sametime prerequisite: Connecting to an LDAP server:

Before you begin
About this task
2. Bind to LDAP.
name.
g. Click Next.
user interface.
c. Click Next.
names.

Table 86. Search Filter (continued)
person.

user interfaces.
field.
Server.
c. Click Next.

Table 88. Search Filter (continued)

user interfaces.
displayed.
c. Click Next.
process.
What to do next

Related tasks
Related reference
Before you begin
About this task
continue.
Mux Servers.
Related concepts
Related tasks

Before you begin
Community Servers.
respectively.
d. Click Save.
Registering an upgraded Community Server on IBM i with the System Console:
After upgrading an IBM Lotus Sametime server to a Lotus Sametime Community

Server on IBM i, register it with the Lotus Sametime System Console, so you can
manage all of the Lotus Sametime servers from a central location. If you upgraded
a cluster, you must register each individual server before registering the cluster.
Before you begin
v The upgraded Lotus Sametime Community Server must be configured to use an
LDAP directory, and must be started.
System Console.
About this task
details on each file. You may want to open each topic in a new browser tab or
1. If you enabled SSL encryption on the previous version of the Lotus Sametime
server, complete these substeps on the upgraded server:
If SSL is not enabled, skip this step.
a. Locate the directory where the SSL certificate is stored and note the path
(for example, /stserver/server.cer).
b. From an IBM i command line, run the following command to start the
QShell Interpreter: QSH.
c. Run the following shell command to navigate to the directory where Java is
installed:
cd /QOpenSys/QIBM/ProdData/JavaVM/jdk50/32bit/jre/bin
d. Now run the following command (on a single line) to import the SSL
certificate:
keytool -import -alias certificate_name -file file_containing_certificate
-storepass changeit -keystore ../lib/security/cacerts
e. Press F3 to exit QShell.
a. Navigate to the Community Server’s sametime_server_data_directory/
console directory.



The only required value in this file is
DepName: Provide a descriptive name for your deployment; it must be a
unique deployment name on the Lotus Sametime System Console.
5. Run the registerSTServerNode.sh registration utility:

b. Navigate to the server’s console directory; for example: cd
/stserver/data/console.
c. Run the shell script to register the server: registerSTServerNode.sh
information:
Location of notes.ini file Type the full path to the directory containing
the notes.ini file (for example,
press Enter.

The utility registers the server and generates a log file called
ConsoleUtility.log, storing it in the consoles/logs directory. If the
6. Modify the sametime.ini file:
a text editor.
b. In the [Policy] section of the file, locate the following setting:
c. Move (do not copy) this line to the [Directory] section of the file.
Registering an upgraded Community Server cluster on IBM i with the System

Console:
After upgrading a cluster of IBM Lotus Sametime servers on IBM i, register the
cluster with the Lotus Sametime System Console so you can manage all of the
Lotus Sametime servers from a central location.
Before you begin
Make sure of each these servers is ready for the cluster registration task:
v Each of the upgraded Lotus Sametime Community Servers in the cluster must
be registered with the Lotus Sametime System Console, and must be started.
System Console.
1. Verify that each of the servers in the cluster has been registered with the Lotus

2. Complete the following steps for each server in the cluster to verify each server
document’s Net Address field:
a. From a Lotus Notes client, open the Server document for the Lotus
Sametime Community Server you are working on.
b. Click the Ports tab.
c. Click the Notes Network Ports tab and check the Net Address field:
This field should contain the fully qualified host name of the current Lotus
Sametime Community Server. If the field contains an IP address change it
now.
d. Click Save if you made a change, and then click Close to close the Server
document.
e. If you changed the Server document, restart the server.
f. Remember to repeat this task for every server in the cluster.
3. Now run the registerSTCluster.sh registration utility from one of the servers
in the cluster:
b. Navigate to the server’s sametime_server_data_directory/console
directory; for example: cd /stserver/data/console.
c. Run the shell script using the command in the scenario below that best
applies to your deployment:
v The deployment includes a stand-alone Community Mux that was not
added to the cluster as a member, but works with the cluster (so the
cluster members refer to this server’s host name):
registerSTCluster.sh -external
v The deployment includes a stand-alone rotating DNS server that was not
added to the cluster as a member, but works with the cluster (so the
cluster members refer to this server’s host name):
v The deployment includes a stand-alone load balancer that was not added
to the cluster as a member, but works with the cluster (so the cluster
v None of the above:
registerSTCluster.sh
information:

Location of notes.ini file Type the full path to the Sametime
Community Server data directory containing
notes.ini file (for example,

press Enter.

The utility registers the cluster, generating a log file called
ConsoleUtility.log and storing it in the consoles/logs directory.
4. Restart the Lotus Sametime Community Server where you ran the registration
utility.
Migrating user policies:
In IBM Lotus Sametime 8.5, user policies are administrated through the Lotus
Sametime System Console. After you have upgraded Lotus Sametime servers from
a previous release and set up a new Lotus Sametime 8.5 System Console, migrate
user policies from the Community Server to the System Console.
About this task
The methods for creating and storing policies in previous releases of Lotus
Sametime are very different from the methods used in release 8.5, and there are no
utilities available to migrate the data automatically. If you want to transfer existing
user policies to the new releases, you need to review them on the Lotus Sametime
Community Server, note them down, and then recreate them on the Lotus
Sametime System Console as described in the following topics:
Copying policies from the Lotus Sametime Community Server:
On the upgraded IBM Lotus Sametime Community Server, review existing policy
settings and copy them down so you can recreate them in the Lotus Sametime
System Console. If you upgraded multiple non-clustered servers, copy the settings
from each if they are different. If you upgraded a cluster, you only need the
settings from one of the cluster members.
About this task
If you want to recreate your current set of policies on the system console in the
Lotus Sametime 8.5 deployment, copy the settings from the upgraded server:
1. Open a browser and navigate to the Lotus Sametime Community Server
containing the policies you need to record:
Type the following address:
http://host_name/servlet/auth/admin
where host_name is the fully qualified host name of the server; for example:
http://commsvr1.acme.com/servlet/auth/admin
2. From the Lotus Sametime home page, click Administer the Server.
3. Log in as the Lotus Sametime administrator.
4. In the navigation pane, click Policies.
5. Copy all your existing policy settings.
Recreating legacy policies on the Lotus Sametime System Console:
Create new policy settings on the IBM Lotus Sametime System Console to reflect
the settings in your previous deployment.

About this task
There is no automatic migration of policies from the Sametime Administration Tool

to the Lotus Sametime System Console. You must create new policy settings
manually because Sametime Administration Tool policies do not map one-to-one to
policies in the Lotus Sametime System Console.
Managing users with policies:
All IBM Lotus Sametime users are automatically assigned to default policies.
Sametime Instant Messaging, Meetings, and Media Services each has a default
policy to be applied to users. You can create additional user policies, and assign
users and groups to these policies.
About this task
When a user authenticates, Lotus Sametime applies a default policy if no other

policy can be found for that user. You can create new policies that grant or limit
access to features, and assign users to these policies. Users can be assigned to more
than one policy. If a user belongs to more than one policy, then Lotus Sametime
uses the policy weight to determine policy precedence. Custom policies can be
designed for specific groups in the company, and the default policy can be
inherited or assigned. Meetings policy changes take effect immediately, while
Instant Messaging and Media Services policy changes take effect within an hour.
There is also an anonymous policy that is assigned by default to users who have
not authenticated, and unauthenticated users always receive this policy.
Note: If your deployment includes the Lotus Sametime System Console, you must
manage policies there because all settings made in the legacy Sametime
Administration Tool (STCenter.nsf) are ignored. This includes the override all
feature, as well. Moreover, there is no automatic migration of policies from the
Sametime Administration Tool to the Lotus Sametime System Console. You must
do this manually because Sametime Administration Tool policies do not map
one-to-one to policies in the Lotus Sametime System Console.
Finding policies associated with a user:
You can find all the policies associated with a user for all the IBM Lotus Sametime
products to which the user has access.
4. Click any user Lotus Sametime component. It does not matter which
component that you select, because your search results display all the policies
for all the Sametime components to which the user has access.
v Instant Messaging
v Meetings
v Media Manager
5. Click Find Active Policies.
6. Select the criterion for the user for which you want to find the associated
policies in the Search by field.
v User ID

v Name
v E-mail address
7. Enter the entire or partial user ID, e-mail address, or name of the user or
group in the Search for field If you enter partial information, use an asterisk
as a wild card character for missing or incomplete information. For example,
type sm* for all names starting with sm.
8. Select the number of listings in the search results in the Maximum results
field.
9. Click Search. The results display the users that match your search criteria.
10. Select a name in the results table, and then click Find Active Policies to show
the policies for that user.
11. Click Done.
Creating new user policies:
You can create user policies, and assign users and groups to these policies.
About this task
You can set policy for users to have access to specific IBM Lotus Sametime
features, depending upon their level of need. For example, the maximum size for a
file being transferred is set by default at 1 megabyte to help manage traffic over
the server(s); however, if you have a group that routinely transfers large files for
business reasons, you can create a new policy specifically for those users and set
the maximum size of files that they can send to a much higher number.
4. Click the Lotus Sametime product for which you want to create a policy.
v Instant Messaging
v Meetings
v Media Manager
5. Click New.
6. Enter a name to use to identify the policy in the Policy Name field.
7. Specify the features that you want to enable or disable for the users or groups
that you will assign to this policy. Some instant messaging features are flagged
with IC characters after the field label. This flag indicates that a feature is only
available for installed clients. The feature is not available to browser clients.
8. Click OK.
Results
Tip: You can follow these same basic steps to delete or edit a policy. Delete a
policy by selecting the policy and then click the Delete button. Edit a policy by
clicking the policy name. You cannot delete the anonymous or default policies, but
you can edit them. If you edit a policy, you cannot change the policy ID. To do
this, you must make a copy of the policy by selecting it and clicking Duplicate,
then you can enter a new ID in the copy. Before you delete the original, be sure to
reassign the users and groups to the copy and give it the proper policy weight.

What to do next
You can now assign users and groups to this policy.
Assign users and groups to policies:
You can assign users and groups to specific user polices to grant or limit access to
features in IBM Lotus Sametime.
About this task
You cannot assign users to the default or anonymous policies. Authenticated users
are automatically assigned to the default policies. Unauthenticated users are
assigned to anonymous policies.
4. Click the Lotus Sametime component with the policy to which you want to
assign a user or a group.
v Instant Messaging
v Meetings
v Media Manager
5. Select a policy name from the list, and click Assign.
6. Click Add Users or Add Groups.
At this point you could remove a user from a policy, by selecting the user in
the list and then clicking Remove.
7. Select the criterion for searching for the user or group that you want to add to
the policy in the Search by field.
v User ID
v Name
v E-mail address
8. Enter user ID, e-mail address, or name or partial name with wildcard
characters (asterisks) of the user or group in the Search for field
9. Select the number of listings on each search results page in the Maximum
results field.
10. Click Search. The results display the DN, display name, and e-mail address of
the users that matched your search.
11. Select a user and click Assign.
12. Click Done.
Sametime Instant Messaging user policy settings:
You can grant or limit access to features in IBM Lotus Sametime Instant Messaging
by enabling or disabling various policies for users. Policy changes take effect
immediately.
All unauthenticated users have the anonymous policy, Sametime Instant Messaging
policy. If there is no match, then the default policy, Sametime Instant Messaging
Default Policy, is applied.

Table 91. Chat
User must set this Users must log in to Selected Selected
community as the this community
default server before they can log in
community to other
communities. This
setting does not
apply to browser
users.
Allow user to add If this is checked, Selected Not selected
multiple server community
communities preferences and
menus are available
to users. This setting
does not apply to
browser users.
Allow user to add Allowing users to Not selected Not selected
external users using connect to external
Sametime Gateway communities such as
communities AIM, Yahoo, OCS,
and Google Talk. If
this policy is not
allowed, the check
box and text for
adding external users
by e-mail address is
not available in
clients.
Allow user to save If this is enabled, Selected Not selected
chat transcripts users see the
File-Save option in
the chat window.
Chat history
capabilities are
available. This setting
does not apply to
browser users.
Automatically save This is not valid Selected Not selected
chat transcripts unless Allow user to
save chat transcripts
is selected. If this is
not selected, then
users do not see
preferences for chat
history or the chat
history viewer in
their clients. This
setting does not
apply to browser
users. This setting
does not apply to
browser users.

Maximum days to If Allow to 365 0
save automatically automatically save
saved chat chat transcripts is
transcripts: selected , then a
value must be
Users cannot set a
larger value in their
clients than the one
specified here. This
setting does not
apply to browser
users.
Limit contact list size This limits the Not selected Not selected
number of contacts
that users can enter
in their contact lists.
Contacts If Limit contact list 500 500
size is selected, then
a value must be
Specify the number
of contacts that users
can enter in their
contact lists.
Allow all Sametime If this is not selected, Not selected Not selected
Connect features to some Lotus
be used with Sametime Connect
integrated clients features do not
display when Lotus
Sametime is
integrated with other
products. This setting
does not apply to
browser users.
Allow mobile client This feature lets users Selected Selected
deploy Lotus
Sametime awareness
and chat features
mobile device.
Sametime update site Provides a URL updates.sametime.ibm.com
Blank.
URL: where users can
retrieve updates to
features for the Lotus
Sametime Connect
client. This setting
does not apply to
browser users.

Table 92. Image Settings
Allow custom Allows all actions on Selected Not Selected
emoticons the preferences
palette: new, import,
export, add picture,
add palettes. This
setting does not
apply to browser
users.
Allow screen capture Allows pasting and Selected Not Selected
and images right- click copying
of image and screen
captures. This setting
does not apply to
browser users.
Set maximum image This setting Includes Not selected Not Selected
size for custom images pasted inline
emoticons, screen through the palette
captures, and inline emoticons, cut and
images paste, screen
captures, and print
screen. It does not
include images sent
through file transfer.
apply to browser
users.
KB If Set maximum 500 0
image size for
custom emoticons,
screen captures, and
inline images is
selected, then a value
must be entered in
this field. Users sees
a message if the they
attempt to send a file
that is larger than the
specified size. This
setting does not
apply to browser
users.
Table 93. File Transfer

Allow user to Allows user to Selected. Not selected
transfer files transfer files to other
users. This setting
does not apply to
browser users.

Table 93. File Transfer (continued)
Maximum file Limits the size of the 1000 0
transfer in Kilobytes file that can be
transferred by the
specified value. In
kilobytes. This setting
does not apply to
browser users.
Allow client-to-client Allows users to Selected Not selected
file transfer transfer files without
passing the files
through the Lotus
Sametime server.
These files are not
logged. This setting
does not apply to
browser users.
Use exclude file Limits the types of Not selected. Not selected
types transfer list files that users can
transfer. This setting
does not apply to
browser users.
Types to exclude If Use exclude file exe, com, bat Blank
from transfer. Type types transfer list is
the three-letter selected , then a
extension of each file value must be
type, separated by a entered in this field.
comma or semicolon: Type the three-letter
extension of each file
type, separated by a
comma or semicolon.
Accepts bmp, gif, txt,
pdf, sxi, sxc, sxw file
extensions. Comma
separated, values,
and spaces are
acceptable. This
setting does not
apply to browser
users.
Table 94. Plugin Management

Allow user to install Allows users to Selected Selected
plug-in install plugins and
updates from the
Lotus Sametime
Connect Tools →
Plug-ins menu. This
setting does not
apply to browser
users.

Table 94. Plugin Management (continued)
Sametime optional If no value is Blank. Type the URLs Blank.
plug-in site URLs. specified, then the separated by a
Type the URLs Check for Optional comma or semicolon
separated by a Features item on the
comma or semicolon: Tools → Plug-ins
menu not valid. This
setting does not
apply to browser
users.
Meetings user policy settings:
You can grant or limit access to features in meetings by enabling or disabling

various policies for users. Policy changes take effect immediately.
All unauthenticated IBM Lotus Sametime users have the anonymous policy,
Sametime Meetings Anonymous Policy, applied to them. For authenticated users,
Lotus Sametime searches for a user ID or group match, and then applies the
highest weighted policy. If there is no match the default policy, Sametime Meetings
Default Policy is applied.
Lotus Sametime does not allow anonymous users to create meeting rooms.
Therefore, any policy that is related to authenticated users or the ability to create
meeting rooms, does not apply to anonymous users.
Note: Although Lotus Sametime Classic meetings are still managed on the server
itself, you can set user policy for Sametime Classic meetings on the Meetings
policy tab in the Sametime Classic Meetings section.
Table 95. General Meeting Settings
Maximum persistent Users are limited to 100 0
meeting rooms this creating this number
user can own of meeting rooms per
user. When this limit
is reached or set to
zero, users cannot
create more meeting
rooms.
Allow user to create If not selected, user Selected Not selected
instant does not see the
(nonpersistent) capabilities for
meeting rooms creating instant
meetings. User can,
still see the
capabilities for using
an existing room.

Automatically If not selected the Selected Not selected
connect to meeting user must manually
server when logging connect to each
into Sametime meeting room server
Connect to view the meetings
there. This setting is
stored with the client,
so that changes in the
policy do not take
effect until after the
next time the user
logs in to the server.
apply to browser
users.
Allow searching of If not selected, users Selected Not selected
meeting rooms can attend meeting
rooms only with a
direct URL. The
meeting room
manager interface
never shows. Only
affects browser users.
Allow searching of If selected, the Not selected Not selected
hidden meeting interface allows the
rooms user to explicitly
search for hidden
meeting rooms by
exact name. If not
selected, the interface
for searching for
hidden meeting
rooms does not
appear, and hidden
meeting rooms are
never returned in
search results.
Show ″Scheduled Determines whether Selected Not selected
Meetings″ view to show the
″Scheduled Meetings″
view in the shelf.
apply to browser
users.
Allow meetings to be Allows users to Selected Not selected
recorded record meetings for
rooms they have
created. This setting
does not apply to
browser users.
Allow meeting Allow users to Selected Selected
content to be download content
downloaded from the meeting
library.

Meeting room group Hidden - Users Interactive Interactive
chats cannot see or create
group chats.
Read-only - Users
can only read what
others have typed
into the group chat.
Interactive - Users
can type and read
group chats.
Table 96. Meeting Room Library

Maximum file upload Maximum file upload 50 0
size, in Megabytes size in megabytes.
Users cannot upload
a larger file into the
library.
Maximum total size Maximum total size 200 0
of library in in megabytes of all
Megabytes files that library can
hold . If the size limit
is reached, or if the
value is zero, then
users can not upload
files to library
Table 97. Screen Sharing

Allow screen sharing Disabled - Users Entire screen, frame, Entire screen, frame,
cannot share screens and applications and applications
or applications.
Share an application
- Users can share a
shared.

and applications -
Users share their
whole screen
including any
open on their
screens.

Table 97. Screen Sharing (continued)
information. This
setting does not
apply to browser
users.
Allow peer-to-peer Whenever this user Selected Not selected
application sharing hosts screen sharing,
peer-to-peer can be
used by any viewers
that support it.
Enforce bandwidth Any time the user Not selected Not selected
limitations. hosts sharing, the
experience is limited
by the value
specified in the
Maximum bandwidth
size
Maximum bandwidth This is not used 500 500
size, in Kilobytes per unless ″Enforce
second: bandwidth
limitations″ is
selected.
Table 98. Sametime Classic Meetings.

Allow users to create Lets users start a Selected Not selected
instant meetings and meeting from the
breakout sessions. contact list, from an
existing chat, and
from within a
meeting (breakout
session).

Table 98. Sametime Classic Meetings (continued).
Allow Sametime IP No Does not allow No No
audio and video in use of Sametime
instant meetings and Internet Protocol
breakout sessions. audio and video in
instant meetings and
breakout sessions.
IP audio only Allow

use of Sametime
Internet Protocol
audio but not video
in instant meetings
and breakout
sessions.
IP video only Allows

use of Sametime
Internet Protocol
video but not audio
in instant meetings
and breakout
sessions.
Allow participation Allows participants Selected Not selected
in meeting room in the meeting to use
chats. the chat window to
communicate with
any other participant
in the meeting.
Allow screen sharing No - Users cannot Entire screen, frame,
share screens or and applications
applications.
Application only -
Users can share a
shared.

and applications -
Users share their
whole screen
including any
open on their
screens.
information. This
setting does not
apply to browser
users.

Media Manager user policy settings:
You can grant or limit access to media features in by enabling or disabling various
policies for users. Policy changes take effect immediately.
All unauthenticated users will have the anonymous policy Media Manager
policy. If there is no match the default policy, Media Manager Default Policy is
applied.
Table 99. Telephony, Audio, and Video
Allow access to Allows outside Not selected Not selected
third-party service vendors to provide
provider capabilities audio and video for
from contact lists, instant messages and
instant messages, and instant meetings.
meetings This setting does not
apply to browser
meetings.
Allow changes to If not selected, user Selected Selected
preferred numbers cannot add telephony
devices. This gives
the administrator
control over the
devices that can
make or receive calls
in the system. ″Allow
service provider
capabilities from
messages, and
meetings″ must be
selected to specify
this setting.
Voice and video Allows users to use Audio and video Audio and video
capabilities available computer audio and
through the video in instant
Sametime Media messages and instant
Server: meetings. Choices
are:
v None
v Audio only
v Audio and video

apply to browser
users.

Table 100. Sametime Unified Telephony
Allow changes to the If this setting is not Selected Selected
permanent call selected a lock
routing rule appears next to this
rule in the user’s
preferences. ″Allow
service provider
capabilities from
messages, and
meetings″ must be
selected to specify
this setting.

apply to browser
users.
Allow use of Allows users to add Selected Selected
″Offline″ status in their own devices to
call routing rules. make and receive
calls. ″Allow access
to third-party service
provider capabilities
from contact lists,
instant messages, and
meetings″ must be
selected to specify
this setting.

apply to browser
users.
Changing a user policy’s weight:
IBM Lotus Sametime products implement user policies that have higher weights
over policies with lower weights. You can change the weight of policies.
About this task
User policies in Lotus Sametime have weights. A policy’s weight determines

whether or not its attributes take precedence over the attributes of other policies.
For a given user or group assigned two or more policies, Lotus Sametime
implements the policy with the highest weight. Anonymous policies always have
the lowest weight; default policies have the next lowest weight. For authenticated
users, Lotus Sametime searches for an exact ID match, and then applies the highest
weighted policy. If there is no match for the user ID in any policy, the Lotus
Sametime applies the highest weighted group match. If no group matches are
found, the default policy applied. You can change the weight of policies by moving
them up and down the policy list of a Lotus Sametime product.

4. Click the Lotus Sametime component with the policy with the weight that you
want to change.
v Instant Messaging
v Meetings
v Media Manager
5. Select a Policy ID from the list, and click Move Up or Move Down. Moving the
policy up increases its wight; moving the policy down decreases its weight. You
cannot change the weight of a default or and anonymous policy.
Installing a Lotus Sametime Proxy Server:
Sametime.
Preparing the proxy server installation file on IBM i:
the Lotus Sametime Proxy Server on IBM i.
About this task
/MySametimePackages
package.
QShell Interpreter:
QSH

/MySametimePackages/SametimeProxyServer/IBMi/stii_stp/licenses
For DVD:
/qopt/volume_id/IBMi/stii_stp/licenses
For DVD:
/qopt/volume_id/IBMi/stii_stp
5. Make a copy of the stp.default.response.properties file, using a name of your
program can access.
Meeting Server. This is necessary for live names to work correctly in meeting
rooms.
Installing a proxy server on IBM i:
Run the install script to set up the Lotus Sametime Proxy Server on IBM i.
Before you begin
the proxy server installation package. For all installations, you should have
completed the preparation steps.
About this task
Follow these steps to install the Lotus Sametime Proxy Server and WebSphere
Application Server.
Sametime software.
Interpreter:
QSH
For DVD:
cd /qopt/volume_ID/IBMi/stii_stp
5. Start the installation with the following shell command:

install_stp.sh
-Dinstall.response.file=path_and_name_of_customized_response.properties_file
6. When the installation completes, press F3 to exit QSH.
Results
install_STPROXY_yyyymmdd_hhmm.log
install_STPROXY_20091215_0307.log
What to do next

same machine.
Related tasks
Registering a non-clustered IBM i Sametime server with the Lotus Sametime System
Console:

Before you begin



Console.
About this task
v Community Server
data directory.
v Proxy Server
v Meeting Server



Interpreter:
QSH

v Other servers
registerProduct.sh
a text editor.
Verifying a proxy server installation on IBM i:
About this task

index.jsp
Tip: To verify the HTTP port number being used by the Lotus Sametime Proxy
Server, open the AboutThisProfile.txt file for the Sametime Proxy Application
Server Profile and use the setting specified for the HTTP transport port. The
default profile name is STPAppProfile. On IBM i, look for the
AboutThisProfile.txt file in the following location /QIBM/UserData/Websphere/
AppServer/V7/SametimeWAS/profiles/STPAppProfile/logs/
AboutThisProfile.txt:

2. Log in to the Lotus Sametime Client and verify that you can create or view
contacts.
Related tasks
About this task

Server.
Servers.
Servers.
Add.
entered.
6. Click OK.
Setting up a Lotus Sametime Meeting Server:
Before you can migrate meetings from an upgraded IBM Lotus Sametime server,
you must install a Lotus Sametime Meeting Server and then set up URL redirects
from the upgraded server to the Lotus Sametime Meeting Server.
Installing a Lotus Sametime Meeting Server:
Meeting Server.
Preparing the meeting server installation file on IBM i:
the Lotus Sametime Meeting Server on IBM i.
Before you begin
About this task

/MySametimePackages
package.
QShell Interpreter:
QSH
/MySametimePackages/SametimeMeetingServer/IBMi/stii_stms/licenses
For DVD:
/qopt/volume_ID/IBMi/stii_stms/licenses
4. Navigate to the program image directory, for example:
For DVD:
5. Make a copy of the stms.default.response.properties file, using a name of your
program can access.
Meeting Server database schemas.
Sametime Meeting Server. This is necessary for live names to work correctly in
meeting rooms.

Related tasks
Creating the Meeting Server database schemas and tables on IBM i:
Run the script to create the database schemas for the IBM Lotus Sametime Meeting
Server on IBM i.
Before you begin
You should have prepared the Meeting Server installation file as described in
″Preparing the Meeting Server installation file on IBM i.″
About this task
On the IBM i system that will install the Sametime Meeting Server, follow these
steps to create the database schema and tables:
stms.default.response.properties file and owned by the user profile specified in
the file.
Interpreter:
QSH
installation kit directory; for example
For DVD:
4. The POLICY schema is shared by the Meeting Server and the System Console.
If the POLICY schema already exists, the Meeting Server database setup script
will only create the MTG schema.
setupDB_stms.sh -Dinstall.response.file=path_and_name_of_customized_response.properties_file
Results
stms_dbsetup_yyyymmdd_hhmm.log
stms_dbsetup_20091215_0307.log

Related tasks
Installing a meeting server on IBM i:
Run the database schema and install scripts to set up the Lotus Sametime Meeting
Server on IBM i.
Before you begin
the meeting server installation package. For all installations, you should have
completed the preparation steps. The database schemas required for the Meeting
Server (MTG and POLICY) should already exist.
About this task
Follow these steps to install the Lotus Sametime Meeting Server and WebSphere
Application Server.
Sametime software.
Interpreter:
QSH
For DVD:
cd /qopt/volume_ID/IBMi/stii_stms
5. Start the Meeting Server installation with the following shell command:
install_stms.sh -Dinstall.response.file=path_and_name_of_customized_response.properties_file
Results
install_STMEETINGS_yyyymmdd_hhmm.log
install_STMEETINGS_20091215_0307.log

What to do next

same machine.
Related tasks
Before you begin
About this task
steps:
Related tasks

Before you begin
About this task
field.
a different port.
connect to.
you changed it.
Gateway database

IBM i.
h. Click Finish.
Registering a non-clustered IBM i Sametime server with the Lotus Sametime System
Console:

Before you begin



Console.
About this task

v Community Server
data directory.
v Proxy Server
v Meeting Server



Interpreter:
QSH
v Other servers
registerProduct.sh
a text editor.
successful.
About this task
room.
following URL:

Meeting Center.
Setting up URL redirects to migrate meetings:
After you install the new IBM Lotus Sametime 8.5 Meeting Server, you are ready
to migrate meetings. Rather than transfer meeting schedules and associated data
from the legacy server to the new server, you will set up URL redirects that
automatically link users to the appropriate meeting room on the new server.
Configuring the upgraded server to issue redirects to a Meeting Server:
Configure an upgraded IBM Lotus Sametime server to issue a redirect to a URL

hosted on the new Lotus Sametime 8.5 Meeting Server.
About this task

1. Enable redirects on the Lotus Sametime Community Mux:
a. Open the sametime.ini file on the server where the Community Mux is
hosted.
On AIX, Linux, Windows, and Solaris, the sametime.ini file is stored in the
Sametime server installation directory; for example on Microsoft Windows,
the default path is: C:\program files\lotus\domino. On IBM i, the
sametime.ini file is stored in the Sametime server data directory.
If the Community Mux is local, use the Lotus Sametime server’s own
sametime.ini file. If you deployed a stand-alone Community Mux, open the
sametime.ini file on that server.
b. Add the following statement to the [Config] section of the file:
VPMX_HTTP_REDIRECT_ENABLE_RELATIVE=0
c. Close and save the file.
d. Restart the stand-alone Community Mux so the change can take effect.
For a local Community Mux, there’s no need to restart the Lotus Sametime
server yet, as you will do that when you complete the redirect task.
e. If you deployed multiple stand-alone Community Mux servers, repeat this
process on each one.
2. On the upgraded Lotus Sametime server, establish a redirect to the new
Meeting Server:

a. Log in to a Lotus Notes client.
b. Click File → Application → Open.
c. In the Server field, select the Lotus Sametime server where you want to
enable the redirect.
Click Local to select the current server.
d. Locate and select the ″Domino Directory″ (names.nsf), and then click Open.
e. In the Domino Directory, click Configuration → Servers → All Server
Documents.
f. In the list of servers, select the Lotus Sametime server where you want to
create the URL redirect.
g. On the tool bar, click Web → Create URL/Mapping Redirection.
A new page appears, where you can create the redirection/mapping
information.
h. On the ″Basics″ tab, click URL → Redirection URL.
i. On the ″Mapping″ tab, fill in the Incoming URL path and Redirection URL
string fields as follows:
The redirection documents can be added in stages, depending on which part
of the Lotus Sametime user interface should be redirected. Use the type of
redirect that best suits your needs:
Table 103. URL redirect options for various user scenarios
Allow users to attend /stconf.nsf/frmConference* [http://host_name/
previously scheduled stmeetings/*]
meetings on the upgraded
Lotus Sametime server, but
have all new meetings
created as rooms on the
Lotus Sametime 8.5 Meeting
Server.
Only redirect users that /stcenter.nsf* [http://host_name/
access the Welcome page in stmeetings/*]
the meeting center on the
upgraded Lotus Sametime
server.
Redirect URL that lead /stconf.nsf/meeting/* [http://host_name/
directly to individual stmeetings/migration.jsp?mid=*]
meetings.
Redirect all other URL paths /stconf.nsf* [http://host_name/
in stconf.nsf to the new stmeetings/*]
Meeting Server.
Redirect invited server URLs. /stconf.nsf/ [http://
For each invited server, the WebLookupMeeting? invited_server_host_name/
redirect document needs to OpenAgent&mid=* stmeetings/migration.jsp?mid=*]
be directed at a single Lotus
where the rooms will be
created. This avoids creating
additional rooms on different
Meeting Servers each time a
redirect from the invited
server is encountered.
j. Save your changes and close the Domino Directory.

k. Repeat this process for every upgraded Lotus Sametime server that you
want to redirect to a new Meeting Server.
Configuring the Meeting Server to accept redirects from the upgraded Lotus Sametime
server:
Configure an IBM Lotus Sametime Meeting Server to accept URL redirects from an
upgraded Lotus Sametime server or from a Lotus Sametime Enterprise Meeting
Server cluster.
About this task
Establishing URL redirect to a Lotus Sametime Meeting Server uses the REST API
provided by the Lotus Sametime Online Meeting Toolkit (included in the Lotus
Sametime Software Development Kit). The Meeting Server uses the Online Meeting
Toolkit to transfer meeting data from the upgraded Lotus Sametime server to the
new Meeting Server.
The enable the redirect, the new Meeting Server must be configured to be
associated the with URL of a particular Lotus Sametime server.

1. Log in to the Lotus Sametime System Console as the Sametime administrator.
2. Click Sametime Servers → Sametime Meeting Servers.
3. In the ″Meeting Servers″ list, click the name of the server that will accept
redirects from a particular Lotus Sametime server.
4. Click the Server Configuration tab.
5. Click Edit.
6. Type restapi.migrationUrl as the name of the new configuration key.
7. Now assign one of the following values to the key, depending on whether the
Lotus Sametime server is clustered with Lotus Sametime Enterprise Meeting
Server:
v Lotus Sametime server (non-clustered): http://host_name/servlet/meeting/
v Lotus Sametime Enterprise Meeting Server (cluster): http://host_name/iwc/
sametime/meeting/
For host_name, supply the Lotus Sametime server’s fully qualified host name;
for example: ststd1.acme.com
8. Click OK.
Expanding the deployment with optional 8.5 components:
After you have upgraded your IBM Lotus Sametime deployment and migrated
meetings to the new Lotus Sametime Meeting Server, you may want to integrate
additional components into your deployment.

About this task
The following components are not required for upgrading a Lotus Sametime server
and migrating meetings, but provide additional capabilities to a Lotus Sametime
deployment:
v Lotus Sametime Media Manager: Provides audio and video features for instant
messaging and online meetings.
For more information, see Planning a Lotus Sametime Media Manager
installation.
v Lotus Sametime Gateway: Provides instant messaging with external
communities, including:
– Lotus Sametime communities deployed outside of your firewall
– AOL Instant Messenger
– Google Talk
– Yahoo Messenger
For more information, see Planning a Lotus Sametime Gateway installation.
Upgrading Lotus Sametime Gateway

Upgrade IBM Lotus Sametime Gateway and IBM WebSphere Application Server
from any previous release.
Before you begin
When upgrading to release 8.5, you must upgrade the WebSphere Application
Server as well as the Lotus Sametime Gateway software. IBM DB2 does not require
upgrading, but you will need to run scripts that update the database schema.
Upgrade WebSphere Application server and Lotus Sametime Gateway to release

8.5 by installing them directly over your earlier version. If you have multiple
instances of Lotus Sametime Gateway installed on a single computer, you must
upgrade each instance in turn.
About this task
Lotus Sametime 8.5 Gateway can upgrade directly only from release 8.0.2; if you
are using an earlier release of the Gateway, you must either upgrade to release
8.0.2 or install release 8.5 as a new deployment.
Backing up data: It is recommended that you take a complete snapshot of the

environment prior to upgrading (for example, create a ghost image, pull out a
mirrored disk (RAID-1) before starting, or creating a VMWare snapshot). If a full
backup of this sort is not available, then a rollback from an upgrade failure might
not be possible. To help expedite a new fresh install (in case of an unrecoverable
upgrade failure) backup the following directories, prior to the upgrade:
v Linux:
/opt/IBM/WebSphere
/opt/.ibm/
v Windows:
\Program Files\IBM\WebSphere\

Preserving certificates: You can preserve your CA certificates that you had signed
and used on the old installation as long as you are using the same host name.
When upgrading the server, certificates are automatically preserved for you.
Upgrading clusters: When upgrading a cluster, you must know the cluster name
when you upgrade the Deployment Manager server. To view the cluster name in
the Integrated Solutions Console, click Servers → Clusters . The default cluster
name in Sametime Gateway is RTCGW_Cluster.
Before you upgrade the product software, you will need to remove the cluster and
then remove all nodes from the Deployment Manager. After you have upgraded all
instances of the product, you will recreate the cluster.
Upgrading the DB2 server

The edition of IBM DB2 that is used in this release IBM Lotus Sametime is not
compatible with the edition used in earlier releases, so you should not upgrade the
DB2 server used by your Lotus Sametime Gateway deployment.
About this task
Previous releases of Lotus Sametime Gateway used the Enterprise edition of the
DB2 database server. This release of Lotus Sametime uses the Limited Use edition;
you cannot migrate from the Enterprise edition to the Limited Use edition.
If you are upgrading your Lotus Sametime Gateway deployment, you should
retain your existing DB2 installation for it. The new installation program will
upgrade the database schema automatically; when the upgrade is complete, the
database will be ready for use.
Note: You will still need to install DB2 9.5 Limited Use edition for the Lotus
Sametime System Console and the Lotus Sametime Meeting Server, but an
upgraded Lotus Sametime Gateway server cannot use it.
Upgrading Lotus Sametime Gateway servers

Upgrade an existing IBM Lotus Sametime Gateway stand-alone or clustered server.
Backing up the Sametime Gateway environment

IBM recommends that you back up your IBM Lotus Sametime Gateway
environment before you start the upgrade process.
About this task
For each Lotus Sametime Gateway server, run a server file system cold backup, so
that the whole file system can be rolled back in case the upgrade fails. There is no
option to backup and rollback specific directories; the whole file system should be
backed up. If Lotus Sametime Gateway is installed on a Virtual Machine, you can
take a snapshot before continuing any farther.
Upgrading a stand-alone Lotus Sametime Gateway server

Upgrading a stand-alone IBM Lotus Sametime Gateway server requires upgrading
the IBM WebSphere Application Server application as well as the Lotus Sametime
Gateway application. The installation program upgrades both applications to the
newest version. After you have finished upgrading the server, you will need to
register it with the Lotus Sametime System Console so it can be administered from
that central location.

About this task
When the installation program installs the newer version of WebSphere

Application Server on a computer, it overwrites most of the previous version;
however, it leaves the AppServer directory intact and creates a new AppServer7
directory. This is because the original AppServer directory is still needed on an
upgraded server, for the following reasons:
v Not all profiles on a server will necessarily be upgraded to Lotus Sametime
release 8.5, and the AppServer directory is still needed for those profiles that are
not being upgraded.
v Of the profiles that are upgraded, the active profile will exist under AppServer7
but there will still be a backup profile under the original AppServer directory.
v Once a server is upgrade to release 8.5, all server administration operations must
be performed underneath the AppServer7/profiles/Profile_Name tree.
Upgrading all profiles on a Lotus Sametime Gateway server:
Upgrading an existing Lotus Sametime Gateway server involves upgrading the

IBM WebSphere Application Server as well as the IBM Lotus Sametime Gateway
server for every instance of the product that is installed on the computer.
Upgrading a Windows server:
Upgrade IBM Lotus Sametime Gateway on Microsoft Windows server. The

installation wizard upgrades both Lotus Sametime Gateway and IBM WebSphere
Application Server to the latest versions.
Before you begin
Stop all instances of Lotus Sametime Gateway and WebSphere Application Server
on the current computer.
About this task
Upgrade all Lotus Sametime Gateway instances in your deployment. If a server

has multiple instances of the Gateway, you must upgrade every instance separately
(this is likely to be the case when you upgrade a cluster). Each upgrade will
require you to run the Gateway installation program again, specifying the target
instance to be upgraded during each run. Note that the server hosting a cluster’s
Deployment Manager also hosts the Primary Node; it is important to make sure
you upgrade the Deployment Manager first; then when you upgrade the Primary
Node, you specify that profile’s install path instead.
When you are finished upgrading, your server will contain WebSphere Application
Server Network Deployment 7 and Lotus Sametime Gateway 8.5.
The Lotus Sametime Download document lists the part numbers for each
software component and explains how to download them.

6. In the \TMP folder, create a subfolder called SametimeGateway.
7. Extract the files in part_number.exe into the \TMP\SametimeGateway folder.

11. Select Upgrade an existing instance of Sametime Gateway.
12. On the same panel, review the location of the Sametime Gateway instance to
upgrade. If the location is okay, click Next.
Application Server installation files from the CD, and click Next.
Do not use quotation marks. This directory should contain the WAS and JDK
the subdirectory. For example: use C:\TMP\WASCD\ifpackage but do not use
C:\TMP\WASCD\ifpackage\WAS or C:\TMP\WASCD\ifpackage\JDK.
Important: If you are upgrading the server that contains the Deployment
Manager and the Primary Node for a cluster, you must upgrade the
Deployment Manager first to ensure proper functionality.
14. If you are upgrading the Deployment Manager server, type the name of the
existing cluster. Tip: To obtain the cluster name from the Integrated Solutions
Console, click Servers → Clusters. The default cluster name is RTCGW_Cluster.
Option Description
Port Port number on the database server
(typically 50000).

Option Description
ID.
16. Review the installation summary settings and, if necessary, click Back to make
changes.
17. Click Install to begin copying files.
A progress screen is displayed and the activity is logged to the Lotus
Sametime Gateway log file. The upgrade process is in two stages. The first
stage upgrades Sametime Gateway and takes 5 to 20 minutes. The second
stage upgrades WebSphere Application Server and takes another 15 to 20
minutes to complete.
When the upgrades are complete, the wizard displays a message indicating a
successful installation.
18. Read the summary and click Finish.
stgw_server_root\logs\installlog.txt.
Upgrading an AIX, Linux, or Solaris server:
Upgrade IBM Lotus Sametime Gateway on IBM AIX, Linux, or Sun Solaris
Windows server. The installation wizard upgrades both Lotus Sametime Gateway
and IBM WebSphere Application Server to the latest versions.
Before you begin
About this task


6. In the /TMP directory, create a subdirectory called SametimeGateway.
7. Uncompress the following file into the /TMP/SametimeGateway directory:
commands:

Application Server installation files from the CD.

example: use /TMP/WASCD/ifpackage but do not use /TMP/WASCD/ifpackage/WAS
or /TMP/WASCD/ifpackage/JDK.
Option Description
(typically 50001).
ID.
changes.
stgw_server_root/logs/installlog.txt.

Upgrading a Lotus Sametime Gateway server on IBM i:
Upgrading an IBM Lotus Sametime Gateway server on IBM i is a two-step process.

First you must upgrade the previous version of IBM WebSphere Application
Server, and then you upgrade Lotus Sametime Gateway on the same computer.
Upgrading WebSphere Application Server on IBM i:
Upgrade IBM WebSphere Application Server on IBM i before you upgrade IBM
Lotus Sametime Gateway. The installation wizard upgrades WebSphere Application
Server to the latest version.
Before you begin
You must have *ALLOBJ and *SECADM authorities to successfully complete the
upgrade.
About this task

1. Create the temporary file folder /TMP/WASCD on a computer that can connect to
the IBM i system.
2. Copy the file part_number.zip to the temporary folder /TMP/WASCD.
For example:
8. Set the option installType to installAndPatch. For example:
-OPT installType="installAndPatch"
9. Set the option installLocation to the location of the WebSphere Application
Server to be updated. For example:

-OPT installLocation="/QIBM/ProdData/WebSphere/AppServer/V61/ND"
10. Save the file.
12. Before running the install to update the product, the classes directory from the
installation location must be removed. You can do this by issuing a move (mv)
command.
/QIBM/ProdData/WebSphere/AppServer/V61/ND/classes /tmp/was_classes
Upgrading Lotus Sametime Gateway on IBM i:
Upgrade IBM Lotus Sametime Gateway on an IBM i server. The installation wizard
upgrades Lotus Sametime Gateway to the latest version.
Before you begin
Upgrade IBM WebSphere Application Server on this computer before attempting to

upgrade Lotus Sametime Gateway.
Stop all instances of Lotus Sametime Gateway on the current computer.
upgrade.
About this task

Gateway.


3. Extract the contents of part_number.exe to the /TMP/SametimeGateway
directory.
installi5OS.bat
command:
install.sh -console

6. Select the language for the installation and click OK. The Lotus Sametime
Gateway Welcome screen is displayed. If you are installing in wizard mode,
you can launch the Lotus Sametime Information Center from this panel. Click
Next to continue with the installation.
Select the appropriate radio button option to accept the license agreement if
8. Select Upgrade an existing instance of Sametime Gateway. The installation
wizard displays the location of the installed Sametime Gateway server on this
machine. Change the location of the existing Sametime Gateway server to the
stgw_server_root of the server you’d like to upgrade, if necessary, then click
Next.
cluster to which Lotus Sametime Gateway belongs.
Tip: To obtain the cluster name from the Integrated Solutions Console, click
Servers → Clusters . The default cluster name is RTCGW_Cluster.

Option Description
server1.acme.com
ID.
changes.
Sametime Gateway log file. This upgrade takes about 10 to 20 minutes to
complete.
When the upgrade is complete, the wizard displays a message indicating a
To view the installation log, open the log file at stgw_server_root\logs\
installlog.txt .
Registering the upgraded server with the Lotus Sametime System Console:
After you have upgraded an IBM Lotus Sametime Gateway server, you must
register it with the Lotus Sametime System Console so you can administer the
Gateway from the console.
Registering an upgraded Gateway server with the System Console:
After upgrading an IBM Lotus Sametime Gateway server on IBM AIX, Linux, Sun

Before you begin
started.
About this task
Working from the server that you want to connect to the console, follow these
details on each file. You may want to open the topic in a new browser tab or
1. On the Lotus Sametime Gateway server, navigate to the stgw_server_root/IBM/
2. In the console directory, make backup copies (using different names) of the
and close the file.

AboutThisProfile.txt file for the Lotus Sametime System
For example, on Windows the path is:


System Console.
System Console.
value.
5. Set the application server path in the registration utility:

a. Navigate to the stgw_server_root/IBM/WebSphere/STgateway/console
directory and open a command window.
b. Open the registerProduct.sh file for editing.
c. Locate the following statement:
SET PATH=../../WebSphere/AppServer/java/bin
d. Change it to reflect IBM WebSphere Application Server version 7:
SET PATH=../../WebSphere/AppServer7/java/bin
6. Run the register command from the console directory you used in Step 1:
7. Start the Lotus Sametime Gateway server, if it is not already running.
Registering an upgraded Gateway server on IBM i with the System Console:

After upgrading an IBM Lotus Sametime Gateway server on IBM i, register it with
Before you begin
started.
About this task
Working from the server that you want to connect with the console, follow these
1. Working on the Lotus Sametime Gateway server, navigate to the
/qibm/userdata/STGateway/ProfileName/console directory.
The ProfileName is the one you specified when you installed the Gateway.
2. In the console directory, make backup copies (using different names) of the
and close the file.



4. Update the productConfig.properties file with the following values, and then
save and close the file.
Table 107. configProduct.properties settings
System Console.
System Console.
value.
5. Now run the registerProduct.sh registration utility:

d. When the registration script completes, press F3 to exit QSH.
The utility registers the server, generating a log file called
ConsoleUtility.log and storing it in the consoles/logs directory. If the
6. Start Lotus Sametime Gateway server, if it is not already running.

Upgrading a cluster of Lotus Sametime Gateway servers
Upgrading a cluster of IBM Lotus Sametime Gateway server requires you to
remove all nodes from the cluster before upgrading each instance of the Lotus
Sametime Gateway server on every node. The installation program upgrades the
IBM WebSphere Application Server and the Lotus Sametime Gateway applications
to the newest version. After you have finished upgrading the nodes, you will need
to recreate the cluster by federating the nodes to the Deployment Manager. Finally,
you will register the cluster with the Lotus Sametime System Console so it can be
administered from that central location.
About this task
When the installation program installs the newer version of WebSphere

Application Server on a node, it overwrites most of the previous version; however,
it leaves the AppServer directory intact and creates a new AppServer7 directory.
This is because the original AppServer directory is still needed on an upgraded
server, for the following reasons:
v Not all profiles on a server will necessarily be upgraded to Lotus Sametime
release 8.5, and the AppServer directory is still needed for those profiles that are
not being upgraded.
v Of the profiles that are upgraded, the active profile will exist under AppServer7
(on IBM i, AppServer/V7), but there will still be a backup profile under the
original AppServer directory.
v Once a server is upgrade to release 8.5, all server administration operations must
be performed underneath the AppServer7/profiles/Profile_Name tree (on IBM i,
the AppServer/V7/profiles/Profile_Name tree).
Make sure you upgrade the following servers in your cluster:

v Deployment Manager
v Primary Node
v Secondary Node (release 8.5 supports only one Secondary Node in a Lotus
Sametime Gateway cluster)
v SIP proxy server
v XMPP proxy server
Removing the Lotus Sametime Gateway nodes from the cluster:
Before you can upgrade the instances of IBM Lotus Sametime Gateway in a
clustered deployment, you must remove the nodes from the cluster. IBM
WebSphere is installed during the product upgrade, but it cannot be upgraded on
a node that is federated to the cluster’s Deployment Manager. After you complete
the upgrade for every node in the cluster, you will by federate the nodes to the
Deployment Manager.
About this task
Removing nodes from the Lotus Sametime Gateway cluster involves manually
removing the nodes in the Deployment Manager’s Integrated Solutions Console
settings, and then running a utility that updates additional settings for you.
1. Log in to the Deployment Manager’s Integrated Solutions Console as the IBM
2. Stop the cluster that you want to upgrade:

Because the SIP proxy server and the XMPP proxy server function as part of
the cluster, you need to stop them as well.
a. Click Servers → Clusters.
b. In the clusters table, click the check box next to the cluster’s name, and
then click the Stop button at the top of the table.
Wait for the cluster’s status to update before proceeding.
c. Now click Servers → Proxy servers.
d. In the proxy servers table, click the check box next to the SIP proxy server
associated with the cluster, and then click the Stop button at the top of the
table.
e. Finally, click Servers → Application servers.
f. In the application servers table, click the check box next to the XMPP proxy
server associated with the cluster, and then click the Stop button at the top
of the table.
3. Delete that old cluster:
a. Click Servers → Clusters → WebSphere Application Server Clusters.
b. In the clusters table, click the check box in front of the old cluster, and
then click the Delete button at the top of the table.
c. Click OK.
d. Save the change by clicking Save in the ″Messages″ box at the top of the
page.
4. Now delete all ″Sametime Gateway″ WebSphere Enterprise Applications:
a. Click Applications → Application Types → WebSphere enterprise
applications.
b. In the applications table, click the check box for every Sametime Gateway
application.
Important: Do not delete the ivtApp and query applications.

c. Click OK.
d. Save the change by clicking Save in the ″Messages″ box at the top of the
page.
5. Now remove nodes:
6. Still working on the Deployment Manager, click System administration →
Nodes.
7. On the ″Nodes″ page, select the check box beside each node that you want to
remove.
If you are upgrading, remove all nodes.
8. At the topic of the table, click the Remove Node button.
If you cannot remove the nodes by clicking Remove Node, remove the node
from the configuration by clicking Force Delete.
9. Click OK.
10. Save your change by clicking the Save link in the ″Messages″ box at the top of
the page.
Upgrading all profiles on a Lotus Sametime Gateway server:
Upgrading an existing Lotus Sametime Gateway server involves upgrading the

IBM WebSphere Application Server as well as the IBM Lotus Sametime Gateway
server for every instance of the product that is installed on the computer.

Upgrading a Windows server:
Upgrade IBM Lotus Sametime Gateway on Microsoft Windows server. The

installation wizard upgrades both Lotus Sametime Gateway and IBM WebSphere
Application Server to the latest versions.
Before you begin
About this task

6. In the \TMP folder, create a subfolder called SametimeGateway.
7. Extract the files in part_number.exe into the \TMP\SametimeGateway folder.


Application Server installation files from the CD, and click Next.
Do not use quotation marks. This directory should contain the WAS and JDK
the subdirectory. For example: use C:\TMP\WASCD\ifpackage but do not use
C:\TMP\WASCD\ifpackage\WAS or C:\TMP\WASCD\ifpackage\JDK.
Option Description
(typically 50000).
ID.
changes.

stgw_server_root\logs\installlog.txt.
Upgrading an AIX, Linux, or Solaris server:
Upgrade IBM Lotus Sametime Gateway on IBM AIX, Linux, or Sun Solaris
Windows server. The installation wizard upgrades both Lotus Sametime Gateway
and IBM WebSphere Application Server to the latest versions.
Before you begin
About this task

7. Uncompress the following file into the /TMP/SametimeGateway directory:

commands:

Application Server installation files from the CD.
example: use /TMP/WASCD/ifpackage but do not use /TMP/WASCD/ifpackage/WAS
or /TMP/WASCD/ifpackage/JDK.
Option Description
(typically 50001).

Option Description
ID.
changes.
stgw_server_root/logs/installlog.txt.
Upgrading a Lotus Sametime Gateway server on IBM i:
Upgrading an IBM Lotus Sametime Gateway server on IBM i is a two-step process.

First you must upgrade the previous version of IBM WebSphere Application
Server, and then you upgrade Lotus Sametime Gateway on the same computer.
Upgrading WebSphere Application Server on IBM i:
Upgrade IBM WebSphere Application Server on IBM i before you upgrade IBM
Lotus Sametime Gateway. The installation wizard upgrades WebSphere Application
Server to the latest version.
Before you begin
upgrade.
About this task


1. Create the temporary file folder /TMP/WASCD on a computer that can connect to
the IBM i system.
2. Copy the file part_number.zip to the temporary folder /TMP/WASCD.
For example:
8. Set the option installType to installAndPatch. For example:
-OPT installType="installAndPatch"
9. Set the option installLocation to the location of the WebSphere Application
Server to be updated. For example:
-OPT installLocation="/QIBM/ProdData/WebSphere/AppServer/V61/ND"
10. Save the file.
12. Before running the install to update the product, the classes directory from the
installation location must be removed. You can do this by issuing a move (mv)
command.
/QIBM/ProdData/WebSphere/AppServer/V61/ND/classes /tmp/was_classes
Upgrading Lotus Sametime Gateway on IBM i:
Upgrade IBM Lotus Sametime Gateway on an IBM i server. The installation wizard
upgrades Lotus Sametime Gateway to the latest version.

Before you begin
Upgrade IBM WebSphere Application Server on this computer before attempting to

upgrade Lotus Sametime Gateway.
Stop all instances of Lotus Sametime Gateway on the current computer.
upgrade.
About this task

Gateway.

3. Extract the contents of part_number.exe to the /TMP/SametimeGateway
directory.
installi5OS.bat
command:
install.sh -console

6. Select the language for the installation and click OK. The Lotus Sametime
Gateway Welcome screen is displayed. If you are installing in wizard mode,
you can launch the Lotus Sametime Information Center from this panel. Click
Next to continue with the installation.
Select the appropriate radio button option to accept the license agreement if
8. Select Upgrade an existing instance of Sametime Gateway. The installation
wizard displays the location of the installed Sametime Gateway server on this
machine. Change the location of the existing Sametime Gateway server to the
stgw_server_root of the server you’d like to upgrade, if necessary, then click
Next.
cluster to which Lotus Sametime Gateway belongs.
Tip: To obtain the cluster name from the Integrated Solutions Console, click
Servers → Clusters . The default cluster name is RTCGW_Cluster.
Option Description
server1.acme.com
ID.

Option Description
changes.
Sametime Gateway log file. This upgrade takes about 10 to 20 minutes to
complete.
When the upgrade is complete, the wizard displays a message indicating a
To view the installation log, open the log file at stgw_server_root\logs\
installlog.txt .
Re-installing the Gateway administration portlet:
During the Deployment Manager upgrade process, the IBM Lotus Sametime
Gateway administration portlet is removed and must be manually re-installed. This
task is needed only if your configuration includes a Deployment Manager, SIP, and
XMPP proxy servers on the same operating system; otherwise, skip this task.
Re-installing the Gateway administration portlet on the Deployment Manager:
task is needed only if your configuration includes a Deployment Manager, a SIP
proxy server, and an XMPP proxy server installed on the same computer;
otherwise, skip this task.
Before you begin
Upgrade the Deployment Manager, the Primary Node, the Secondary node, the SIP
proxy server, and the XMPP server.
About this task
During the Deployment Manager upgrade process, the Lotus Sametime Gateway
administration portlet is removed. Complete these steps on the Deployment
Manager to re-install the portlet:
2. Open the wasadmin console:
a. Navigate to the following directory: stgw_server_root/IBM/WebSphere/
AppServer7/profiles/DMProfile/bin.
b. Run the wasadmin file to open the console:
v Windows: wsadmin.bat -conntype NONE
v AIX, Linux, Solaris: ./wsadmin.sh -conntype NONE
3. In the wasadmin console, execute the following commands:

$AdminApp update isclite modulefile {-operation delete -contenturi RTCAdminPortlet.war}
$AdminConfig save
quit
4. Now delete the following file: AppServer7/systemApps/isclite.ear/
RTCAdminPortlet.war
5. Now copy a file to replace the one you just deleted:
Copy this file:
AppServer7/profiles/RTCGW_Profile/installableApps/RTCAdminPortlet.war
and paste it in:

AppServer7/systemApps/isclite.ear/
6. Open the wasadmin console again:
a. Navigate to the following directory: stgw_server_root/IBM/WebSphere/
AppServer7/profiles/DMProfile/bin.
b. Run the wasadmin file to open the console:
v Windows: wsadmin.bat -conntype NONE
v AIX, Linux, Solaris: ./wsadmin.sh -conntype NONE
7. In the wsadmin console, execute the following commands:
$AdminApp update isclite modulefile {-operation add -contents "WAS_home/systemApps
/isclite.ear/RTCAdminPortlet.war" -contenturi RTCAdminPortlet.war -usedefaultbindings
-server dmgr -preCompileJSPs -contextroot /ibm/RTCGW -MapWebModToVH {{.* .* admin_host}}}
$AdminConfig save
quit
where WAS_home is the absolute path to the WebSphere Application Server
install directory.
8. Restart the Deployment Manager.
Re-installing the Gateway administration portlet on the Deployment Manager on IBM i:
task is needed only if your configuration includes a Deployment Manager, a SIP
proxy server, and an XMPP proxy server installed on the same computer;
otherwise, skip this task.
Before you begin
Upgrade the Deployment Manager, the Primary Node, the Secondary node, the SIP
proxy server, and the XMPP server.
About this task
During the Deployment Manager upgrade process, the Lotus Sametime Gateway
administration portlet is removed. Complete these steps on the Deployment
Manager to re-install the portlet:
2. Open the wasadmin console:
a. Navigate to the following directory: /qibm/userdata/STGateway/IBM/
WebSphere/AppServer/V7/profiles/DMProfile.

b. Run the wasadmin file to open the console: wsadmin.sh -conntype NONE
3. In the wasadmin console, execute the following commands:
$AdminApp update isclite modulefile {-operation delete -contenturi RTCAdminPortlet.war}
$AdminConfig save
quit
4. Now delete the following file: AppServer/V7/systemApps/isclite.ear/
RTCAdminPortlet.war
5. Now copy a file to replace the one you just deleted:
Copy this file:
AppServer/V7/profiles/RTCGW_Profile/installableApps/RTCAdminPortlet.war
and paste it in:

AppServer/V7/systemApps/isclite.ear/
6. Open the wasadmin console again:
a. Navigate to the following directory: /qibm/userdata/STGateway/IBM/
WebSphere/AppServer/V7/profiles/DMProfile.
b. Run the wasadmin file to open the console: wsadmin.sh -conntype NONE
7. In the wsadmin console, execute the following commands ($AdminApp should
be on one line. It has been formatted to fit this page.):
$AdminApp update isclite modulefile {-operation add -contents
"WAS_home/systemApps/isclite.ear/RTCAdminPortlet.war"
-contenturi RTCAdminPortlet.war -usedefaultbindings -server dmgr
-preCompileJSPs -contextroot /ibm/RTCGW -MapWebModToVH {{.* .* admin_host}}}
$AdminConfig save
quit
where WAS_home is the absolute path to the WebSphere Application Server
install directory.
8. Restart the Deployment Manager.
Federating the primary node into the cell on Windows:
Add the primary node to the Deployment Manager’s cell. Adding the primary
step.
Before you begin
About this task


stgw_profile_root\bin directory. If the Deployment Manager and the primary
node are installed on the same machine, the default profile directory is
RTCGW_Profile1 (not RTCGW_Profile).
Manager’s cell:
example:
addNode.bat gateway_dm.acme.com 8879 -includeapps
and password.
Wait for the operation to complete before proceeding. Look for a success
message similar to the following when complete:
can see changes.
Federating the primary node into the cell on AIX, Linux, and Solaris:
Add the primary node to the Deployment Manager’s cell on AIX, Linux, or Solaris
platforms. Adding the primary node to the cell allows a central point of
administration for the network deployment by using the Deployment Manager’s
Integrated Solutions Console. You will not be able log into the primary node’s
Integrated Solutions Console after this step.
Before you begin

stgw_profile_root/bin directory.
Manager’s cell:
./addNode.sh DM_hostname DM_port_number -includeapps
example:
./addNode.sh gateway_dm.acme.com 8879 -includeapps

can see changes.
Federating the primary node into the cell on IBM i:
Add the primary node to the Deployment Manager’s cell on IBM i. Adding the
primary node to the cell allows a central point of administration for the network
step.
Before you begin

primary node are within five minutes of each other and set for the same
minutes.
as a user with administrative privileges.
profile.
dspwasinst
7. Log in to the IBM i system, where the primary node is installed, with
9. Navigate to the stgw_profile_root\bin directory for the primary node profile.
Manager’s cell:
addNode DM_server_host_name DM_SOAP_port -includeapps
-username WAS_Admin_user_name_on_DM_on_DM -password WAS_Admin_password_on_DM
Where:
Manager.
v DM_SOAP_port is the port that the Deployment Manager’s SOAP port is
listening on.

v WAS_Admin_username_on_DM is the user ID of the WebSphere Application
v WAS_Admin_password_on_DM is the password associated with that
WebSphere Application Server administrator account on the Deployment
Manager.
For example:
can see changes.

About this task
Federating a secondary node on Windows into the cell:
Add a secondary node to the Deployment Manager’s cell. Adding secondary nodes
to the cell allows a central point of administration for the network deployment by
using the Deployment Manager’s Integrated Solutions Console.
Before you begin

minutes.
3. On the secondary node, open a command window and navigate to the
addNode.bat DM_hostname DM_port_number
example:
addNode.bat gateway_dm.acme.com 8879

6. For each additional secondary node, repeat the preceding steps.
stopManager
startManager
What to do next
Federating a secondary node on AIX, Linux, and Solaris into the cell:
Add a secondary node to the Deployment Manager’s cell. Adding a secondary

Before you begin

minutes.
3. On secondary node, open a command window and navigate to the
./addNode.sh DM_hostname DM_port_number
example:
./addNode.sh gateway_dm.acme.com 8879
6. For each additional AIX, Linux, or Solaris secondary node, repeat the preceding
steps.
7. Restart the Deployment Manager by typing the following commands on the
Deployment Manager machine. Wait for the first command to finish before
starting the Deployment Manager:
./stopManager.sh
./startManager.sh

What to do next
Federating a secondary node on IBM i into the cell:
Add the secondary node to the Deployment Manager’s cell on IBM i. Adding the
secondary node to the cell allows a central point of administration for the network
Before you begin

minutes.
2. Ping the Deployment Manager node from the secondary node to make sure
the Deployment Manager host name is resolvable.
with administrative privileges.
profile.
dspwasinst
7. Log into the secondary node.
9. Navigate to the stgw_profile_root\bin directory for the secondary node
profile.
10. Run the following command to add the secondary node to the Deployment
where:
Manager.
listening on.
For example:
addNode gateway_dm.acme.com 8880 -username wasadmin -password waspassword

12. For each additional IBM i secondary node, repeat the preceding steps.
profile.
Windows
IBM i
startServer.sh dmgr
What to do next
Before you begin
About this task
(computer).

./configwizard.sh
Windows
configwizard.bat
IBM i
./configwizard.sh

for the database.
Windows
IBM i
startServer.sh dmgr
Primary Node:
./startNode.sh
Windows
startNode.bat
IBM i
startNode


in the table.
Creating an environment variable with the installation path on each node:
After you run the upgrade wizard on members of a Lotus Sametime Gateway
cluster, you must create an environment variable on each node that references the
Lotus Sametime Gateway installation path on that node.
Before you begin
Expected state: The Deployment Manager and nodes are upgraded. All Lotus
Lotus Sametime Gateway servers are stopped, all node agents are stopped, and the
Deployment Manager is stopped.
About this task
This procedure is required for upgraded nodes in a cluster only.

1. Log into the Deployment Manager node as a user with administrative
privileges.
3. Start the Deployment Manager by typing the following command:
./startManager.sh
Windows
startManager.bat
IBM i
startManager
4. Start the nodeagents by logging in to one of the Lotus Sametime Gateway
nodes.
IBM AIX, Linux, and Solaris
./startNode.sh
Microsoft Windows
startNode.bat
IBM i
startNode
8. On the Deployment Manager, log in to the Integrated Solutions Console.
9. Click Environment → WebSphere Variables.
10. Under Scope, choose the primary node in the cluster from the list. In the
following example, the primary node is the first node circled in red, and the
secondary node is the second node circled in red
11. Click New.

12. In the Name field, type GATEWAY_INSTALL_ROOT
13. In the Value field, type the absolute path to the Lotus Sametime Gateway
installation location for the node you selected in the scope list. For example:
c:\WebSphere\STgateway
14. Click OK and then Save.
15. Repeat the preceding steps to create an environment variable for each
secondary node in the cluster.
16. Stop and restart the Deployment Manager.
17. Stop and restart the node agents.
18. Start the servers.
Results
Because you are upgrading members of an existing cluster, there is no need to

create a new cluster.
Registering the upgraded cluster with the Lotus Sametime System Console:
After you finish creating the cluster of IBM Lotus Sametime Gateway servers,
register the cluster with the Lotus Sametime System Console so you administer it
from there. Register the cluster as a whole; during the process, individual nodes
are registered automatically.
Registering an upgraded Gateway cluster with the System Console:
After upgrading an IBM Lotus Sametime Gateway cluster on IBM AIX, Linux, Sun
Before you begin

started.
About this task
Working from the cluster’s Deployment Manager, follow these steps to update
properties files and run the registration utility to register the cluster with the
System Console.
1. On the Deployment Manager, navigate to the stgw_server_root/IBM/
Note: If a cluster’s Primary Node is installed on the same server as the

Deployment Manager, make sure you are working in the Deployment
Manager’s profile.

For example, on Windows the path is:


Manager.
Table 109. productConfig.properties settings for the Deployment Manager
InstallType Specify ″DM″ because you are working in the
Deployment Manager’s profile right now.
System Console.
System Console.
value.
Manager.
Manager server:
DMProfile/config/cells/DMCell/nodes/PNnode directory.
Note: If the Primary Node is hosted on another server and a copy of this
file is not available under the Primary Node’s profile on the Deployment

Manager, you will need to copy it from the other server and place it into
the Primary Node’s profile. On the separate Primary Node server, this file is
stored in: stgw_server_root/IBM/WebSphere/STGWServerCell/console/
productConfig.properties
c. Update the file with the following values:
Table 110. productConfig.properties settings for the Primary Node
InstallType Specify ″PN″ because you are now working in the
Primary Node’s profile.
System Console.
System Console.
value.
DMProfile/config/cells/DMCell/nodes/SNnode directory.
Note: If the Secondary Node is hosted on another server and a copy of this
file is not available under the Secondary Node’s profile on the Deployment
the Secondary Node’s profile. On the separate Secondary Node server, this
file is stored in: stgw_server_root/IBM/WebSphere/STGWServerCell/console/
productConfig.properties

Table 111. productConfig.properties settings for the Secondary Node
InstallType Specify ″SN″ because you are now working in the
Secondary Node’s profile.
System Console.
System Console.
value.
7. Set the application server path in the registration utility:
a. Navigate back to the Deployment Manager’s /qibm/userdata/STGateway/
ProfileName/console directory used in Step 1.
b. Open a command window.
c. Locate the registerProduct.sh file and open it for editing.
d. Locate the following statement:
SET PATH=../../WebSphere/AppServer/java/bin
e. Change it to reflect IBM WebSphere Application Server version 7:
SET PATH=../../WebSphere/AppServer7/java/bin
f. Save and close the file.
8. Now run the registration utility:
a. Navigate to the Deployment Manager’s profile (the directory you used in
Step 1).
b. Run the registration utility for your operating system:
c. When prompted for the cluster’s name, type the name you assigned the
cluster when you created it, and press Enter.

The utility registers the cluster, as well as each node, generating a log file called
ConsoleUtility.log and storing it in the console/logs directory. If the
Registering an upgraded Gateway cluster on IBM i with the System Console:
After upgrading an IBM Lotus Sametime Gateway cluster on IBM i, register it with
Before you begin
started.
About this task
Working from the Deployment Manager, follow these steps to update properties
files and run the registration utility to register the cluster with the console.
1. Working on the Deployment Manager, navigate to the console directory:
/qibm/userdata/STGateway/ProfileName/console
Where the ProfileName is the one you specified when you installed the
Gateway.
Note: If the Primary Node is installed on the same server as the Deployment
Manager, make sure you are working in the Deployment Manager’s profile.



Manager.
InstallType Specify ″DM″ because you are working in the
Deployment Manager’s profile right now.
System Console.

Table 113. configProduct.properties settings for the Deployment Manager (continued)
System Console.
value.
Manager.
Manager server:
profiles/DMProfile/config/cells/DMCell/nodes/PNnode directory.
Note: If the Primary Node is hosted on another server and a copy of this
file is not available under the Primary Node’s profile on the Deployment
the Primary Node’s profile. On the separate Primary Node server, this file is
stored in: /qibm/userdata/STGateway/IBM/WebSphere/STGWServerCell/
console/productConfig.properties
Table 114. configProduct.properties settings for the Primary Node
InstallType Specify ″PN″ because you are now working in the
Primary Node’s profile.
System Console.
System Console.
value.

Table 114. configProduct.properties settings for the Primary Node (continued)
profiles/DMProfile/config/cells/DMCell/nodes/SNnode directory.
Note: If the Secondary Node is hosted on another server and a copy of this
file is not available under the Secondary Node’s profile on the Deployment
the Secondary Node’s profile. On the separate Secondary Node server, this
file is stored in: /qibm/userdata/STGateway/IBM/WebSphere/STGWServerCell/
console/productConfig.properties
Table 115. configProduct.properties settings for the Secondary Node
InstallType Specify ″SN″ because you are now working in the
Secondary Node’s profile.
System Console.
System Console.
value.

7. Now run the registration utility:
d. When prompted for the cluster’s name, type the name you assigned the
cluster when you created it, and press Enter.
Upgrading the SIP and XMPP proxy server:
If the SIP and XMPP proxy server is on an existing Primary Node or Secondary
Node in the IBM Lotus Sametime Gateway cluster, it will be upgraded
automatically when you upgrade the IBM WebSphere Application Server running
on that node. If your SIP and XMPP proxy server is installed on its own node, you
must upgrade WebSphere Application Server on that node.
About this task
The instructions for upgrading a SIP and XMPP proxy server are the same as for
installing it. If you have a SIP proxy server but not an XMPP proxy server, you still
use the same instructions for installation and upgrade.
Installing a SIP and XMPP proxy server on Windows:
for messages that flow into and out your enterprise. Install the proxy servers for
both standalone or network deployment installations of Sametime Gateway. IBM
recommends that you install a SIP and XMPP proxy server on its own node.
About this task
The XMPP and SIP proxy server node installation creates a WebSphere Application
Server node with two application servers installed. One server is a generic SIP
proxy server provided by WebSphere Application Server, and the other is a
standard application server onto which is installed the XMPP proxy application.
The node does not function until it is federated into a Sametime Gateway cell.

6. Extract the files in part_number.exe to the \TMP\SametimeGateway folder.
7. Navigate to the\TMP\SametimeGateway folder.

11. If you are installing the proxy server on its own computer instead of on an
existing Sametime Gateway node, complete the following sub steps:
a. Select SIP and XMPP proxy servers, and then click Next.
\TMP\WASCD\ifpackage but do not use \TMP\WASCD\ifpackage\WAS or
\TMP\WASCD\ifpackage\JDK.
12. If you are installing the proxy servers on an existing Sametime Gateway node,
the installation wizard recognizes that an instance of Sametime Gateway is on
the same machine. The new installation for the proxy servers adds a profile to
WebSphere Application Server. Click Next.
Option Description
acmeNodeProxy.

Option Description
proxy.acme.com
15. If you are installing the proxy servers on their own machine, you now see the
default directory path where Lotus Sametime Gateway will be installed. To
change the location, click Browse and select a desired location, or type a new
path.
changes.
What to do next
Installing a SIP and XMPP proxy server on AIX, Linux, or Solaris:
About this task

1. Create the temporary file folder /TMP/WASCD .

folder.
6. Unzip the following file:
This step creates the folder /TMP/SametimeGateway.

7.
12. Select SIP and XMPP proxy servers, and then click Next.
13. If you are installing the proxy servers on their own machine, complete the
following sub steps:
a. The WebSphere Application Server installation directory dialog is
b. Click Next to continue with the installation. The WebSphere Application
14. If you are not installing the proxy servers on their own machine, the
same machine. The new installation for the SIP and XMPP proxy servers adds
a profile to WebSphere Application Server. Click Next, and then click Next
again.
node names you used when installing other Sametime Gateway servers.

Choose a unique node name and cell name for this installation. If the supplied
Option Description
acmeNodeProxy.
server1.acme.com
Gateway. Use the credentials that you created when you installed the
Deployment Manager. The user ID must not exist in the LDAP directory.
characters:
;*!?"/<>|+&'`[]%^
17. Click Next. If you are installing the proxy servers on their own machine, you
now see the default directory path where Lotus Sametime Gateway will be
installed. To change the location, click Browse and select a desired location, or
type a new path.
changes.
What to do next
Installing a SIP and XMPP proxy server on IBM i:

Before you begin
*ALLOBJ and *SECADM authorities to successfully complete the WebSphere
Application Server Network Deployment installation.

image (C17KCML.exe) to a temporary directory such as /TMP.
installi5OS.bat
command:
install.sh -console
8. Select SIP and XMPP proxy servers as the type of installation.

acmeNodePrimary.

server1.acme.com
example: STGW_Proxy_Profile
Starting Port IBM i supports running multiple profiles
12. Click Next to see the installation summary. You can review the installation
summary settings and, if necessary, click Back to make changes.
stgw_server_root/logs/installlog.txt
What to do next
federate the node in the next procedure, you then see the SIPProxyServer instance.
cluster.
Before you begin

About this task
Manager.
time zone.
other.
dspwasinst
Manager’s cell:
Windows
IBM i:
where:
Manager.
listening on.
For example:
console).
can see changes.

server.
Recreating the SIP proxy server:
After you upgrade and federate the SIP proxy server, it will fail to start. Correct
this problem by deleting the SIP proxy server and recreating it manually.
Before you begin
Upgrade the SIP proxy server by installing the new version of IBM WebSphere
Application Server, and then federate the SIP proxy server to the cell.
About this task

1. On the cluster’s Deployment Manager, log into the Integrated Solutions
2. Click Servers → Server Types → Websphere Proxy Servers.
3. In the proxy servers table, click the checkbox next to the SIP proxy server, and
then click the Delete button at the top of the table.
4. Click OK.
5. Save the change by clicking the Save link in the ″Messages″ box at the top of
the page.
6. Now click Servers → Server Types → Websphere Proxy Servers again.
7. Click the New button at the top of the proxy servers table.
8. In the dialog box, select the node where the SIP proxy server was previously
installed.
9. Type a name for the new server (for example, SipProxyServer), and then click
Next.
10. Deselect HTTP, and then click Next.
11. Select the default server template, and then click Next.
12. Review the summary, and then click Finish.
13. Save the change by clicking the Save link in the ″Messages″ box at the top of
the page.
Upgrading Sametime clients

Use the information in this section to help users upgrade their Sametime Connect
or Notes Embedded 8.0.2 clients to this release.
About this task
It is not necessary to uninstall existing client software before upgrading to the

Lotus Sametime 8.5 Connect client; you can install the new client directly over the
existing version.
Considerations for upgrading the Sametime Connect client

There are several things you need to know before users upgrade the IBM Lotus
Sametime Connect client.

About this task
Before upgrading the Sametime Connect client, note the following changes for this
release:
v Client packaging for Sametime 8.5
Prior to release 8, the client installer consisted of a fully self-contained
executable for each supported platform; the installer packaging changed in Lotus
Sametime 8. Now, Lotus Sametime 8.5 uses the same client packaging
methodology as previous Sametime 8.0.x releases.
v Preferences
The location of the workspace does not change for this release. There is no
special preference migration required when upgrading from previous Sametime
8.0.x releases.
Platform Path Example

Windows user.home/Application C:/Documents and Settings/joe/
Data/Lotus/Sametime Application Data/Lotus/Sametime
v Upgrading the Connect client on Windows

When upgrading from an 8.0.x client, the existing install location is presented as
a read-only text box. The only option is to upgrade the client instance in the
existing location.
When installing on a Windows machine that already has an existing 7.5.x
version of Sametime Connect installed, the existing program directory for 7.5.x
should not be used for the upgrade installation because the default installation
directory for this release is different from the default location used for 7.5.x. Do
not manually change the installation directory to install into an existing 7.5.x
location. This will result in a nonfunctioning installation, because the installer
will by default attempt to remove 7.5.x at the end of the install. When 7.5.x is
removed, its installation directory is cleaned up, which will also remove the
newly installed files.
Retiring older Sametime clients

Maintaining a flexible login policy during a migration to a new release of IBM
Lotus Sametime is especially important in environments that include a large
number of older Lotus Sametime clients. Immediately enforcing a minimum client
version can result in a high volume of users experiencing login problems.
You can configure how servers respond to login requests from older client
versions.T he sametime.ini and STsecurity.ini files provides settings that enable you
to perform the following tasks:
Specifying the minimum allowed client version

Each IBM Lotus Sametime Community Server is configured to allow logins from a
minimum client version.
About this task
By default, the Lotus Sametime Community Server allows all logins. To specify a
different minimum level, you must change the value of the
ST_MINIMAL_CLIENT_VERSION setting in the sametime.ini file. After you
specify a minimum version, you can then specify other settings to control how the
server responds to login requests from client versions earlier than the specified

minimum version. All servers in the community must have the same
ST_MINIMAL_CLIENT_VERSION or they cannot communicate with one another.
For a list of client types, see Technote 1114318 on the IBM Lotus Support Web site
at http://www.ibm.com/support/docview.wss?uid=swg21114318.
1. Open the sametime.ini file in a text editor. By default the file is located in the
Lotus Sametime Community Server installation folder, for example,
C:\Lotus\Domino\Sametime.ini.
2. In the [Config] section of the sametime.ini file, specify the minimum Lotus
Sametime client version that can log in to the server by providing one of the
following values for the ST_MINIMAL_CLIENT_VERSION setting:
Table 116. Client versions
Value Lotus Sametime client version
0 Allows logins for all clients regardless of
version (Default)
7000 Lotus Sametime 7.0
7501 Lotus Sametime 7.5.01
8000 Lotus Sametime 8
The client version correlates to the version of the product, and the value is
logged in stlog.nsf.
Allowing logins from clients that do not conform to the minimum

level
By default, the IBM Lotus Sametime Community Server automatically logs out
users who attempt to connect from clients of versions earlier than the specified
minimum. To allow users with earlier clients to continue to access the server
during the transition to the new server version, you can configure the server to
allow logins from client versions earlier than the specified minimum.
About this task
Maintaining a flexible login policy is especially important in environments that

include a large number of older Lotus Sametime clients. In such an environment,
immediately enforcing a minimum client version can result in a high volume of
help desk calls. To avoid locking users out of Sametime, give users several weeks
to upgrade and use the ST_FORCE_LOGOUT_OLD_CLIENT_VERSION setting to
enable servers to continue to accept logins from earlier client versions. After the
deadline for upgrading passes, change the value of the setting to block logins from
clients that do not meet the minimum security level.
The ST_FORCE_LOGOUT_OLD_CLIENT_VERSION setting determines whether or

not users of old clients are allowed to stay logged in to the community. By default,

when this setting is true (a value of 1), old client versions are disconnected. When
the setting is false (a value of 0), the users of old clients remain online an usually a
message is sent to them.
Note: The VP_SECURITY_ALLOW_USER setting was renamed

ST_FORCE_LOGOUT_OLD_CLIENT_VERSION in Lotus Sametime 8.5. In order to
smooth migration, ST_FORCE_LOGOUT_OLD_CLIENT_VERSION overrides
VP_SECURITY_ALLOW_USER from prior versions. If it is not present, then its
default value will be 1 and VP_SECURITY_ALLOW_USER or its own default value
takes affect.
1. Open the sametime.ini file in a text editor. By default the file is located in the
Sametime installation folder, for example, C:\Lotus\Domino\Sametime.ini.
2. In the [Config] section of the sametime.ini file, specify whether to allow logins
from clients earlier than the minimum allowed version by providing one of the
following values for the ST_FORCE_LOGOUT_OLD_CLIENT_VERSION
setting:
v 0 - Allows logins from all clients, regardless of version.
v 1 - This default setting, rejects login attempts from clients of versions earlier
than allowed by the ST_MINIMAL_CLIENT_VERSION setting.
Configuring the server to send announcements to clients that do

not conform to the minimum version
You can use the ST_OLD_CLIENT_VERSION_WARNING_MESSAGE setting in the
STSecurity.ini file to provide additional information to users who attempt to log in
to the server from Sametime clients running versions earlier than what is allowed
by the specified version level.
About this task
The ST_OLD_CLIENT_VERSION_WARNING_MESSAGE setting configures the

server to automatically respond to login requests from clients that do not conform
to the server’s minimum version level by sending an announcement containing
specified text. The message you specify functions as either a warning message or a
disconnection notification, depending on whether the value of the
ST_MINIMAL_CLIENT_VERSION setting allows logins from earlier clients. If the
ST_MINIMAL_CLIENT_VERSION setting allows logins, use the text of the
message to warn users that they need to upgrade and to explain how to obtain
and install the client upgrade. If the ST_MINIMAL_CLIENT_VERSION setting
does not allows logins, use the text of the message to explain why login was
denied.
Note the following before you configure the settings in the STSecurity.ini file:
v All platforms - Double-byte characters are not allowed in the message text or
sender name.
v All platforms - If you want to use accented characters (for example, Æ,é,ä,ñ) in
the message text or sender name, you should use Notepad on a Windows client
or server to edit the file. When you finish making your changes with Notepad,
save the STSecurity.ini file as a UTF-8 file (select File-Save As And specify UTF-8
as the Encoding option, then save the file).
v IBM i platform only - It is recommended that you map a network drive to make
the STSecurity.ini file on the server accessible from your workstation. Then you
can run Notepad from your workstation and update the file directly on your

IBM i server. (By default, the file is located in the Sametime installation folder,
for example, C:\Lotus\Domino\STSecurity.ini).
Alternatively, you can copy the file from the IBM i server to your client
workstation using any convenient means (for example, dragging and dropping
from IBM i Navigator or FTP), edit the file on your workstation using Notepad,
and then copy the updated file back to the server.
v IBM i platform only - When you have updated the file on your IBM i server,
ensure that the file is owned by QNOTES. To update the file ownership, run the
following command:
CHGOWN OBJ('server_data_directory/stsecurity.ini') NEWOWN(QNOTES)
Use the following procedure to configure the server to send an announcement to

users who attempt to log in from client versions earlier than the specified
minimum.
1. Use a text editor to open the STSecurity.ini file. By default the file is located in
the Sametime installation folder, for example, C:\Lotus\Domino\STSecurity.ini.
Value Description
null (Default) Do not send an announcement.
text Specifies the text of the announcement that is sent in

response to login requests from clients that do not
conform to the server’s security level.
The ST_FORCE_LOGOUT_OLD_CLIENT_VERSION
setting determines whether or not users of old clients are
allowed to stay logged in to the community. By default,
when this setting is true (a value of 1), old client versions
are disconnected. When the setting is false (a value of 0),
the users of old clients remain online an usually a
message is sent to them.
If the ST_FORCE_LOGOUT_OLD_CLIENT_VERSION
setting is set to 0 (allow logins from client versions earlier
than the specified minimum), and you provide a value for
ST_OLD_CLIENT_VERSION_WARNING_MESSAGE, the
text you provide serves as a warning message. The server
allows the login and then sends the specified text. You can
use the message to provide users with information on
upgrading. For example, you can include an address that
specifies the location of a download site. After receiving
the announcement with the address link, users can click
the address link to open the link location.
Note: The VP_SECURITY_ALLOW_USER setting was
renamed ST_FORCE_LOGOUT_OLD_CLIENT_VERSION
in Lotus Sametime 8.5. In order to smooth migration,
ST_FORCE_LOGOUT_OLD_CLIENT_VERSION overrides
VP_SECURITY_ALLOW_USER from prior versions. If it is
not present, then its default value will be 1 and
VP_SECURITY_ALLOW_USER or its own default value
takes affect.
To include non-ASCII characters in the message text, save

the STSecurity.ini file in UTF-8 format.

Configuring the pause in the server before sending an announcement:
Follow these steps to configure the pause in the IBM Sametime Community Server
before sending announcement to clients that do not conform to the minimum client
version level.
About this task
By default, the server waits one second before sending the announcement to users
who attempt to log in to the server from IBM Lotus Sametime clients running
versions earlier than what is allowed by the specified minimum version level. This
pause is needed since the full initialization time for some client versions is longer
than the others, and without the pause the announcement would reach the client
before it could handle it.
In case some users that should get the announcement do not receive it, the pause
can be extended to more than one second.
1. Use a text editor to open the sametime.ini file. By default the file is located in
the Lotus Sametime installation folder, for example, C:\Lotus\Domino\
sametime.ini.
2. In the [Config] section in sametime.ini specify the number of milliseconds that
the sever waits before sending the announcement in the
VP_SECURITY_PAUSE_INTERVAL setting.
Installing the new Lotus Sametime client

To upgrade the IBM Lotus Sametime 8.5 Connect or Lotus Sametime 8.5 embedded
client, you can install the newer version directly over the existing version.
About this task
For detailed instructions on installing the Lotus Sametime Connect or Lotus

Sametime embedded client, see Deploying the Sametime client to users.

Notices
This information was developed for products and services offered in the U.S.A.
IBM may not offer the products, services, or features discussed in this document in
other countries. Consult your local IBM representative for information on the
products and services currently available in your area. Any reference to an IBM
product, program, or service is not intended to state or imply that only that IBM
product, program, or service may be used. Any functionally equivalent product,
program, or service that does not infringe any IBM intellectual property right may
be used instead. However, it is the user’s responsibility to evaluate and verify the
operation of any non-IBM product, program, or service.
IBM may have patents or pending patent applications covering subject matter
described in this document. The furnishing of this document does not grant you
any license to these patents. You can send license inquiries, in writing, to:
IBM Director of Licensing

IBM Corporation
North Castle Drive
Armonk, NY 10504-1785
U.S.A.
For license inquiries regarding double-byte (DBCS) information, contact the IBM
Intellectual Property Department in your country or send inquiries, in writing, to:
Intellectual Property Licensing

Legal and Intellectual Property Law
IBM Japan Ltd.
1623-14, Shimotsuruma, Yamato-shi
Kanagawa 242-8502 Japan
The following paragraph does not apply to the United Kingdom or any other
country where such provisions are inconsistent with local law:
INTERNATIONAL BUSINESS MACHINES CORPORATION PROVIDES THIS
PUBLICATION “AS IS” WITHOUT WARRANTY OF ANY KIND, EITHER
EXPRESS OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
WARRANTIES OF NON-INFRINGEMENT, MERCHANTABILITY OR FITNESS
FOR A PARTICULAR PURPOSE. Some states do not allow disclaimer of express or
implied warranties in certain transactions, therefore, this statement may not apply
to you.
This information could include technical inaccuracies or typographical errors.

Changes are periodically made to the information herein; these changes will be
incorporated in new editions of the publication. IBM may make improvements
and/or changes in the product(s) and/or the program(s) described in this
publication at any time without notice.
Any references in this information to non-IBM Web sites are provided for
convenience only and do not in any manner serve as an endorsement of those Web
sites. The materials at those Web sites are not part of the materials for this IBM
product and use of those Web sites is at your own risk.

IBM may use or distribute any of the information you supply in any way it
believes appropriate without incurring any obligation to you.
Licensees of this program who wish to have information about it for the purpose
of enabling: (i) the exchange of information between independently created
programs and other programs (including this one) and (ii) the mutual use of the
information which has been exchanged, should contact:
IBM Corporation
Software Interoperability Coordinator, Department 49XA
3605 Highway 52 N
Rochester, MN 55901
U.S.A.
Such information may be available, subject to appropriate terms and conditions,

including in some cases, payment of a fee.
The licensed program described in this information and all licensed material
available for it are provided by IBM under terms of the IBM Customer Agreement,
IBM International Program License Agreement, or any equivalent agreement
between us.
Any performance data contained herein was determined in a controlled

environment. Therefore, the results obtained in other operating environments may
vary significantly. Some measurements may have been made on development-level
systems and there is no guarantee that these measurements will be the same on
generally available systems. Furthermore, some measurements may have been
estimated through extrapolation. Actual results may vary. Users of this document
should verify the applicable data for their specific environment.
Information concerning non-IBM products was obtained from the suppliers of

those products, their published announcements or other publicly available sources.
IBM has not tested those products and cannot confirm the accuracy of
performance, compatibility or any other claims related to non-IBM products.
Questions on the capabilities of non-IBM products should be addressed to the
suppliers of those products.
All statements regarding IBM’s future direction or intent are subject to change or
withdrawal without notice, and represent goals and objectives only.
All IBM prices shown are IBM’s suggested retail prices, are current and are subject
to change without notice. Dealer prices may vary.
This information is for planning purposes only. The information herein is subject to
change before the products described become available.
This information contains examples of data and reports used in daily business
operations. To illustrate them as completely as possible, the examples include the
names of individuals, companies, brands, and products. All of these names are
fictitious and any similarity to the names and addresses used by an actual business
enterprise is entirely coincidental.
COPYRIGHT LICENSE:
This information contains sample application programs in source language, which

illustrate programming techniques on various operating platforms. You may copy,

modify, and distribute these sample programs in any form without payment to
IBM, for the purposes of developing, using, marketing or distributing application
programs conforming to the application programming interface for the operating
platform for which the sample programs are written. These examples have not
been thoroughly tested under all conditions. IBM, therefore, cannot guarantee or
imply reliability, serviceability, or function of these programs. The sample
programs are provided ″AS IS″, without warranty of any kind. IBM shall not be
liable for any damages arising out of your use of the sample programs.
Each copy or any portion of these sample programs or any derivative work, must
include a copyright notice as follows:
© (your company name) (year). Portions of this code are derived from IBM Corp.
Sample Programs. © Copyright IBM Corp. _enter the year or years_. All rights
reserved.
If you are viewing this information softcopy, the photographs and color
illustrations may not appear.
Trademarks
These terms are trademarks of International Business Machines Corporation in the
United States, other countries, or both:
IBM
AIX
DB2
DB2 Universal Database Domino
Domino
Domino Designer
Domino Directory
i5/OS
Lotus
Lotus Notes
Notes
OS/400
Sametime
WebSphere
AOL is a registered trademark of AOL LLC in the United States, other countries, or
both.
AOL Instant Messenger is a trademark of AOL LLC in the United States, other
countries, or both.
Google Talk is a trademark of Google, Inc, in the United States, other countries, or
both.
Yahoo! is a registered trademark of Yahoo, Inc. in the United States, other

countries, or both.
Yahoo! Messenger is a trademark of Yahoo, Inc. in the United States, other

countries, or both.
Java and all Java-based trademarks are trademarks of Sun Microsystems, Inc. in the
United States, other countries, or both.
Notices 639
Microsoft, and Windows are registered trademarks of Microsoft Corporation in the
United States, other countries, or both.
Intel and Pentium are trademarks or registered trademarks of Intel Corporation or

its subsidiaries in the United States, other countries, or both.
Linux is a trademark of Linus Torvalds in the United States, other countries, or

both.
Other company, product, or service names may be trademarks or service marks of

others.

Printed in USA
SC23-5987-04

Lotus Sametime Version 8.5

Uploaded by

Document Information

Original Description:

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Lotus Sametime Version 8.5

Uploaded by

Copyright:

Available Formats

Lotus Sametime

Version 8.5

Lotus Sametime 8.5

Version 8.5

Lotus Sametime 8.5

© Copyright IBM Corp. 1996, 2009 iii

Accessibility features for Lotus Sametime

The Lotus Sametime Information Center is accessibility-enabled. The accessibility

© Copyright IBM Corp. 1996, 2009 1

Related accessibility information

IBM and accessibility

What’s new in Lotus Sametime 8.5?

Unified communications consolidate various synchronous communications

2 Lotus Sametime: Installation and Administration Guide Part 1

This release also continues to focus on enhancing Sametime as a platform, making

What is Lotus Sametime?

Members of the Lotus Sametime community use collaborative activities such as

Awareness – Lotus Sametime awareness technology lets members who have

Connect to public IM networks – Lotus Sametime provides for connectivity to

Emoticons – Lotus Sametime includes emotionally-expressive icons such as smiley

4 Lotus Sametime: Installation and Administration Guide Part 1

File transfer – Users can send files.

Polling– A user can poll members of a group to provide brief feedback to

Policy– Users can be assigned access to different features in Instant Messaging,

Lotus Sametime Standard and Lotus Sametime Entry

Available with Lotus Available with Lotus

Lotus Sametime server architecture

6 Lotus Sametime: Installation and Administration Guide Part 1

In a production environment, install the console on a dedicated machine. The

Lotus Sametime Community Server

Basic functionality supported by the server includes:

8 Lotus Sametime: Installation and Administration Guide Part 1

Lotus Sametime Proxy Server

The Proxy Server is responsible for the following activities:

Lotus Sametime Media Manager

The Lotus Sametime Media Manager uses three components. In a pilot

If security is turned on, use SSL to allow servers to communicate.

Lotus Sametime Meeting Server

Lotus Sametime Gateway

Lotus Sametime Gateway is delivered with out-of-the-box functionality, such as

How Gateway connections work

10 Lotus Sametime: Installation and Administration Guide Part 1

Lotus Sametime Gateway follows these steps to deliver an instant message to

Lotus Sametime clients

Integrating Lotus Sametime with Microsoft Office applications

The administrator decides which features to make available to clients. If you

Lotus Sametime Advanced and Lotus Sametime Unified

12 Lotus Sametime: Installation and Administration Guide Part 1

Lotus Sametime Advanced update sites.

Meeting features in Connect versus Web clients

Features Connect client Web client

14 Lotus Sametime: Installation and Administration Guide Part 1

16 Lotus Sametime: Installation and Administration Guide Part 1

18 Lotus Sametime: Installation and Administration Guide Part 1

20 Lotus Sametime: Installation and Administration Guide Part 1

22 Lotus Sametime: Installation and Administration Guide Part 1

Skills needed for Sametime administration

WebSphere Application Server configuration and maintenance

View performance information about server and application components

WAS proxy, SIP, and HTTP servers

Use problem determination tools and log files to troubleshoot problems

Resources for information:

WebSphere Application Server application management